Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Generic29.DFS & Random Blue Screens


  • Please log in to reply
37 replies to this topic

#1 JoshIsKorean

JoshIsKorean

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 11:49 AM

Hello,I am currently using a Windows 7 and found a Trojan Horse Generic29.DFS on my computer that refuses to be removed after trying to "remove it" through AVG. I also have the issue of random blue screens throughout the day (this started about a week ago) and each blue screen code has been about drivers being out of date (B8, 0A, 1E, F7, etc.), but when I look over my windows update log & look for new updates, my computer should be up to date on drivers. I also don't have a system restore date on my computer that goes back past the 18th and that is when the blue screens--if my memory serves me correctly--started.

Could someone help?

P.S. I've tried reading some other posts on the Trojan Horse Generic29.DFS and tried running some scans, but my computer blue screened in the middle of some... So, I'm on safe mode at the moment.

P.P.S.
I'm following the steps on this thread:

http://www.bleepingcomputer.com/forums/topic464287.html

Edited by hamluis, 22 August 2012 - 12:32 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 11:53 AM

This is a TDSSKiller Log


09:10:20.0090 6764 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
09:10:21.0066 6764 ============================================================
09:10:21.0066 6764 Current date / time: 2012/08/22 09:10:21.0066
09:10:21.0066 6764 SystemInfo:
09:10:21.0066 6764
09:10:21.0066 6764 OS Version: 6.1.7601 ServicePack: 1.0
09:10:21.0066 6764 Product type: Workstation
09:10:21.0066 6764 ComputerName: JOSH-PC
09:10:21.0066 6764 UserName: Josh
09:10:21.0066 6764 Windows directory: C:\Windows
09:10:21.0066 6764 System windows directory: C:\Windows
09:10:21.0066 6764 Running under WOW64
09:10:21.0066 6764 Processor architecture: Intel x64
09:10:21.0066 6764 Number of processors: 4
09:10:21.0066 6764 Page size: 0x1000
09:10:21.0066 6764 Boot type: Normal boot
09:10:21.0066 6764 ============================================================
09:10:36.0105 6764 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:10:36.0275 6764 ============================================================
09:10:36.0275 6764 \Device\Harddisk0\DR0:
09:10:36.0303 6764 MBR partitions:
09:10:36.0303 6764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706000
09:10:36.0303 6764 ============================================================
09:10:36.0803 6764 C: <-> \Device\Harddisk0\DR0\Partition1
09:10:37.0126 6764 ============================================================
09:10:37.0126 6764 Initialize success
09:10:37.0126 6764 ============================================================
09:11:20.0497 4432 ============================================================
09:11:20.0497 4432 Scan started
09:11:20.0497 4432 Mode: Manual;
09:11:20.0497 4432 ============================================================
09:11:26.0843 4432 ================ Scan system memory ========================
09:11:26.0843 4432 System memory - ok
09:11:26.0844 4432 ================ Scan services =============================
09:11:27.0735 4432 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:11:27.0836 4432 1394ohci - ok
09:11:28.0043 4432 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:11:28.0084 4432 ACPI - ok
09:11:28.0178 4432 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:11:28.0201 4432 AcpiPmi - ok
09:11:28.0521 4432 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:11:28.0542 4432 AdobeARMservice - ok
09:11:30.0152 4432 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:11:30.0196 4432 AdobeFlashPlayerUpdateSvc - ok
09:11:30.0329 4432 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:11:30.0349 4432 adp94xx - ok
09:11:30.0441 4432 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:11:30.0452 4432 adpahci - ok
09:11:30.0518 4432 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:11:30.0541 4432 adpu320 - ok
09:11:30.0594 4432 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:11:30.0597 4432 AeLookupSvc - ok
09:11:30.0910 4432 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:11:30.0949 4432 AFD - ok
09:11:30.0991 4432 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:11:31.0001 4432 agp440 - ok
09:11:31.0028 4432 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:11:31.0051 4432 ALG - ok
09:11:31.0106 4432 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:11:31.0122 4432 aliide - ok
09:11:31.0181 4432 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:11:31.0231 4432 amdide - ok
09:11:31.0385 4432 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:11:31.0422 4432 AmdK8 - ok
09:11:31.0475 4432 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:11:31.0478 4432 AmdPPM - ok
09:11:31.0551 4432 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:11:31.0554 4432 amdsata - ok
09:11:31.0589 4432 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:11:31.0600 4432 amdsbs - ok
09:11:31.0654 4432 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:11:31.0655 4432 amdxata - ok
09:11:31.0738 4432 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:11:31.0769 4432 AppID - ok
09:11:31.0887 4432 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:11:31.0902 4432 AppIDSvc - ok
09:11:32.0783 4432 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:11:32.0785 4432 Appinfo - ok
09:11:33.0393 4432 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:11:33.0659 4432 Apple Mobile Device - ok
09:11:33.0808 4432 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
09:11:33.0825 4432 AppleCharger - ok
09:11:33.0893 4432 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
09:11:33.0895 4432 AppleChargerSrv - ok
09:11:33.0974 4432 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:11:33.0981 4432 arc - ok
09:11:34.0012 4432 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:11:34.0043 4432 arcsas - ok
09:11:34.0972 4432 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:11:35.0281 4432 aspnet_state - ok
09:11:35.0319 4432 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:11:35.0330 4432 AsyncMac - ok
09:11:35.0386 4432 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:11:35.0386 4432 atapi - ok
09:11:35.0531 4432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:11:35.0555 4432 AudioEndpointBuilder - ok
09:11:35.0588 4432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:11:35.0591 4432 AudioSrv - ok
09:11:36.0805 4432 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
09:11:36.0873 4432 AVGIDSAgent - ok
09:11:36.0938 4432 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:11:36.0952 4432 AVGIDSDriver - ok
09:11:37.0017 4432 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
09:11:37.0035 4432 AVGIDSFilter - ok
09:11:37.0073 4432 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
09:11:37.0080 4432 AVGIDSHA - ok
09:11:37.0339 4432 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
09:11:37.0371 4432 Avgldx64 - ok
09:11:37.0398 4432 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
09:11:37.0400 4432 Avgmfx64 - ok
09:11:37.0529 4432 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
09:11:37.0548 4432 Avgrkx64 - ok
09:11:37.0642 4432 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
09:11:37.0657 4432 Avgtdia - ok
09:11:37.0731 4432 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
09:11:37.0754 4432 avgwd - ok
09:11:37.0863 4432 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:11:37.0888 4432 AxInstSV - ok
09:11:38.0069 4432 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:11:38.0152 4432 b06bdrv - ok
09:11:38.0445 4432 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:11:38.0471 4432 b57nd60a - ok
09:11:39.0400 4432 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:11:39.0434 4432 BDESVC - ok
09:11:39.0552 4432 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:11:39.0560 4432 Beep - ok
09:11:39.0970 4432 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:11:40.0251 4432 BITS - ok
09:11:40.0289 4432 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:11:40.0305 4432 blbdrive - ok
09:11:40.0812 4432 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:11:40.0849 4432 Bonjour Service - ok
09:11:40.0922 4432 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:11:40.0944 4432 bowser - ok
09:11:41.0054 4432 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:11:41.0071 4432 BrFiltLo - ok
09:11:41.0118 4432 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:11:41.0132 4432 BrFiltUp - ok
09:11:41.0294 4432 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:11:41.0336 4432 Browser - ok
09:11:41.0473 4432 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:11:41.0509 4432 Brserid - ok
09:11:41.0637 4432 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:11:41.0641 4432 BrSerWdm - ok
09:11:41.0692 4432 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:11:41.0714 4432 BrUsbMdm - ok
09:11:41.0764 4432 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:11:41.0795 4432 BrUsbSer - ok
09:11:41.0847 4432 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:11:41.0881 4432 BTHMODEM - ok
09:11:42.0046 4432 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:11:42.0071 4432 bthserv - ok
09:11:42.0195 4432 [ 55913573C41CF091F93A1AC07965EA7E ] busenum C:\Windows\system32\DRIVERS\SteelBus64.sys
09:11:42.0220 4432 busenum - ok
09:11:42.0299 4432 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:11:42.0341 4432 cdfs - ok
09:11:42.0489 4432 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:11:42.0530 4432 cdrom - ok
09:11:42.0922 4432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:11:42.0955 4432 CertPropSvc - ok
09:11:43.0007 4432 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:11:43.0051 4432 circlass - ok
09:11:43.0243 4432 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:11:43.0283 4432 CLFS - ok
09:11:43.0748 4432 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:11:43.0940 4432 clr_optimization_v2.0.50727_32 - ok
09:11:44.0393 4432 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:11:44.0783 4432 clr_optimization_v2.0.50727_64 - ok
09:11:46.0455 4432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:11:47.0431 4432 clr_optimization_v4.0.30319_32 - ok
09:11:47.0489 4432 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:11:47.0574 4432 clr_optimization_v4.0.30319_64 - ok
09:11:47.0674 4432 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:11:47.0691 4432 CmBatt - ok
09:11:47.0721 4432 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:11:47.0728 4432 cmdide - ok
09:11:47.0964 4432 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:11:48.0014 4432 CNG - ok
09:11:48.0040 4432 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:11:48.0064 4432 Compbatt - ok
09:11:48.0134 4432 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:11:48.0169 4432 CompositeBus - ok
09:11:48.0195 4432 COMSysApp - ok
09:11:48.0283 4432 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:11:48.0289 4432 crcdisk - ok
09:11:48.0457 4432 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:11:48.0468 4432 CryptSvc - ok
09:11:48.0552 4432 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:11:48.0560 4432 dc3d - ok
09:11:48.0768 4432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:11:48.0774 4432 DcomLaunch - ok
09:11:48.0833 4432 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:11:48.0840 4432 defragsvc - ok
09:11:48.0888 4432 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:11:48.0901 4432 DfsC - ok
09:11:48.0988 4432 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:11:48.0991 4432 Dhcp - ok
09:11:49.0069 4432 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:11:49.0137 4432 discache - ok
09:11:49.0268 4432 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:11:49.0282 4432 Disk - ok
09:11:49.0387 4432 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:11:49.0433 4432 Dnscache - ok
09:11:49.0501 4432 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:11:49.0530 4432 dot3svc - ok
09:11:49.0624 4432 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:11:49.0665 4432 DPS - ok
09:11:49.0729 4432 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:11:49.0743 4432 drmkaud - ok
09:11:50.0053 4432 dump_wmimmc - ok
09:11:50.0317 4432 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:11:50.0354 4432 DXGKrnl - ok
09:11:50.0454 4432 EagleX64 - ok
09:11:50.0590 4432 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:11:50.0603 4432 EapHost - ok
09:11:51.0546 4432 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:11:51.0592 4432 ebdrv - ok
09:11:51.0705 4432 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:11:51.0741 4432 EFS - ok
09:11:52.0198 4432 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:11:52.0222 4432 ehRecvr - ok
09:11:52.0760 4432 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:11:52.0814 4432 ehSched - ok
09:11:52.0992 4432 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:11:53.0018 4432 elxstor - ok
09:11:53.0113 4432 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:11:53.0240 4432 ErrDev - ok
09:11:53.0379 4432 [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
09:11:53.0505 4432 EtronHub3 - ok
09:11:53.0576 4432 [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
09:11:53.0629 4432 EtronXHCI - ok
09:11:53.0872 4432 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:11:53.0897 4432 EventSystem - ok
09:11:54.0031 4432 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:11:54.0048 4432 exfat - ok
09:11:54.0120 4432 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:11:54.0127 4432 fastfat - ok
09:11:54.0462 4432 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:11:54.0495 4432 Fax - ok
09:11:54.0547 4432 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:11:54.0587 4432 fdc - ok
09:11:54.0607 4432 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:11:54.0621 4432 fdPHost - ok
09:11:54.0637 4432 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:11:54.0666 4432 FDResPub - ok
09:11:54.0715 4432 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:11:54.0750 4432 FileInfo - ok
09:11:54.0844 4432 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:11:54.0879 4432 Filetrace - ok
09:11:54.0935 4432 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:11:54.0942 4432 flpydisk - ok
09:11:55.0178 4432 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:11:55.0195 4432 FltMgr - ok
09:11:55.0733 4432 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:11:55.0775 4432 FontCache - ok
09:11:55.0924 4432 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:11:56.0053 4432 FontCache3.0.0.0 - ok
09:11:56.0166 4432 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:11:56.0174 4432 FsDepends - ok
09:11:56.0330 4432 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:11:56.0375 4432 fssfltr - ok
09:11:56.0986 4432 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:11:57.0042 4432 fsssvc - ok
09:11:57.0151 4432 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:11:57.0243 4432 Fs_Rec - ok
09:11:57.0542 4432 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:11:57.0635 4432 fvevol - ok
09:11:57.0779 4432 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:11:57.0790 4432 gagp30kx - ok
09:11:57.0826 4432 gdrv - ok
09:11:58.0144 4432 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:11:58.0189 4432 GEARAspiWDM - ok
09:11:58.0426 4432 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:11:58.0457 4432 gpsvc - ok
09:11:58.0830 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:11:58.0867 4432 gupdate - ok
09:11:59.0040 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:11:59.0041 4432 gupdatem - ok
09:11:59.0111 4432 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:11:59.0123 4432 hcw85cir - ok
09:11:59.0620 4432 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:11:59.0667 4432 HdAudAddService - ok
09:11:59.0713 4432 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:11:59.0733 4432 HDAudBus - ok
09:11:59.0749 4432 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:11:59.0780 4432 HidBatt - ok
09:11:59.0813 4432 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:11:59.0831 4432 HidBth - ok
09:11:59.0915 4432 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:11:59.0930 4432 HidIr - ok
09:11:59.0990 4432 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:12:00.0005 4432 hidserv - ok
09:12:00.0130 4432 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:12:00.0147 4432 HidUsb - ok
09:12:00.0202 4432 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:12:00.0224 4432 hkmsvc - ok
09:12:00.0262 4432 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:12:00.0271 4432 HomeGroupListener - ok
09:12:00.0361 4432 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:12:00.0411 4432 HomeGroupProvider - ok
09:12:00.0487 4432 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:12:00.0536 4432 HpSAMD - ok
09:12:00.0905 4432 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:12:00.0932 4432 HTTP - ok
09:12:00.0981 4432 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:12:01.0029 4432 hwpolicy - ok
09:12:01.0092 4432 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:12:01.0106 4432 i8042prt - ok
09:12:01.0258 4432 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:12:01.0273 4432 iaStorV - ok
09:12:01.0682 4432 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:12:01.0820 4432 idsvc - ok
09:12:01.0932 4432 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:12:01.0946 4432 iirsp - ok
09:12:02.0275 4432 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:12:02.0284 4432 IKEEXT - ok
09:12:03.0694 4432 [ 2CC2F7C5990BB76767038F4B16D17A56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:12:03.0782 4432 IntcAzAudAddService - ok
09:12:03.0796 4432 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:12:03.0807 4432 intelide - ok
09:12:03.0977 4432 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:12:04.0049 4432 intelppm - ok
09:12:04.0111 4432 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:12:04.0154 4432 IPBusEnum - ok
09:12:04.0204 4432 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:04.0226 4432 IpFilterDriver - ok
09:12:04.0309 4432 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:12:04.0329 4432 IPMIDRV - ok
09:12:04.0404 4432 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:12:04.0460 4432 IPNAT - ok
09:12:04.0838 4432 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:12:04.0852 4432 iPod Service - ok
09:12:05.0039 4432 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:12:05.0071 4432 IRENUM - ok
09:12:05.0122 4432 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:12:05.0173 4432 isapnp - ok
09:12:05.0379 4432 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:12:05.0401 4432 iScsiPrt - ok
09:12:05.0510 4432 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:12:05.0524 4432 kbdclass - ok
09:12:05.0663 4432 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:12:05.0682 4432 kbdhid - ok
09:12:05.0723 4432 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:12:05.0723 4432 KeyIso - ok
09:12:05.0847 4432 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:12:05.0921 4432 KSecDD - ok
09:12:06.0110 4432 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:12:06.0119 4432 KSecPkg - ok
09:12:06.0200 4432 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:12:06.0213 4432 ksthunk - ok
09:12:06.0503 4432 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:12:06.0535 4432 KtmRm - ok
09:12:06.0654 4432 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:12:06.0660 4432 LanmanServer - ok
09:12:06.0742 4432 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:12:06.0745 4432 LanmanWorkstation - ok
09:12:06.0858 4432 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:12:06.0859 4432 lltdio - ok
09:12:06.0988 4432 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:12:07.0019 4432 lltdsvc - ok
09:12:07.0176 4432 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:12:07.0203 4432 lmhosts - ok
09:12:07.0333 4432 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:12:07.0365 4432 LSI_FC - ok
09:12:07.0441 4432 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:12:07.0480 4432 LSI_SAS - ok
09:12:07.0501 4432 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:12:07.0518 4432 LSI_SAS2 - ok
09:12:07.0600 4432 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:12:07.0623 4432 LSI_SCSI - ok
09:12:07.0644 4432 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:12:07.0660 4432 luafv - ok
09:12:07.0751 4432 [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
09:12:07.0812 4432 lvpopf64 - ok
09:12:07.0914 4432 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
09:12:07.0936 4432 LVRS64 - ok
09:12:09.0207 4432 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
09:12:09.0280 4432 LVUVC64 - ok
09:12:09.0347 4432 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:12:09.0351 4432 Mcx2Svc - ok
09:12:09.0407 4432 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:12:09.0455 4432 megasas - ok
09:12:09.0552 4432 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:12:09.0578 4432 MegaSR - ok
09:12:09.0624 4432 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:12:09.0666 4432 MEIx64 - ok
09:12:09.0747 4432 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:12:09.0771 4432 MMCSS - ok
09:12:09.0787 4432 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:12:09.0789 4432 Modem - ok
09:12:09.0875 4432 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:12:09.0877 4432 monitor - ok
09:12:09.0990 4432 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:12:10.0005 4432 mouclass - ok
09:12:10.0142 4432 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:12:10.0144 4432 mouhid - ok
09:12:10.0198 4432 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:12:10.0224 4432 mountmgr - ok
09:12:10.0427 4432 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:12:10.0441 4432 MozillaMaintenance - ok
09:12:10.0480 4432 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:12:10.0482 4432 mpio - ok
09:12:10.0502 4432 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:12:10.0522 4432 mpsdrv - ok
09:12:10.0638 4432 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:12:10.0645 4432 MRxDAV - ok
09:12:10.0708 4432 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:12:10.0726 4432 mrxsmb - ok
09:12:10.0776 4432 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:12:10.0787 4432 mrxsmb10 - ok
09:12:10.0866 4432 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:12:10.0929 4432 mrxsmb20 - ok
09:12:10.0996 4432 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:12:11.0009 4432 msahci - ok
09:12:11.0165 4432 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:12:11.0175 4432 MSCamSvc - ok
09:12:11.0225 4432 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:12:11.0267 4432 msdsm - ok
09:12:11.0318 4432 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:12:11.0389 4432 MSDTC - ok
09:12:11.0443 4432 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:12:11.0461 4432 Msfs - ok
09:12:12.0263 4432 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:12:12.0284 4432 mshidkmdf - ok
09:12:12.0303 4432 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:12:12.0310 4432 msisadrv - ok
09:12:12.0360 4432 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:12:12.0420 4432 MSiSCSI - ok
09:12:12.0423 4432 msiserver - ok
09:12:12.0489 4432 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:12:12.0532 4432 MSKSSRV - ok
09:12:12.0599 4432 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:12:12.0609 4432 MSPCLOCK - ok
09:12:12.0693 4432 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:12:12.0703 4432 MSPQM - ok
09:12:12.0811 4432 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:12:12.0851 4432 MsRPC - ok
09:12:12.0924 4432 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:12:12.0959 4432 mssmbios - ok
09:12:12.0998 4432 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:12:13.0010 4432 MSTEE - ok
09:12:13.0065 4432 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:12:13.0075 4432 MTConfig - ok
09:12:13.0149 4432 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:12:13.0160 4432 Mup - ok
09:12:13.0276 4432 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:12:13.0290 4432 napagent - ok
09:12:13.0362 4432 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:12:13.0386 4432 NativeWifiP - ok
09:12:13.0760 4432 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:12:14.0022 4432 NDIS - ok
09:12:14.0168 4432 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:12:14.0216 4432 NdisCap - ok
09:12:14.0256 4432 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:12:14.0284 4432 NdisTapi - ok
09:12:14.0322 4432 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:12:14.0354 4432 Ndisuio - ok
09:12:14.0397 4432 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:12:14.0406 4432 NdisWan - ok
09:12:14.0449 4432 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:12:14.0451 4432 NDProxy - ok
09:12:14.0672 4432 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:12:14.0715 4432 NetBIOS - ok
09:12:14.0755 4432 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:12:14.0809 4432 NetBT - ok
09:12:14.0855 4432 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:12:14.0855 4432 Netlogon - ok
09:12:14.0967 4432 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:12:15.0007 4432 Netman - ok
09:12:15.0087 4432 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:12:15.0280 4432 NetMsmqActivator - ok
09:12:15.0330 4432 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:12:15.0331 4432 NetPipeActivator - ok
09:12:15.0599 4432 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:12:15.0633 4432 netprofm - ok
09:12:15.0666 4432 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:12:15.0667 4432 NetTcpActivator - ok
09:12:15.0701 4432 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:12:15.0702 4432 NetTcpPortSharing - ok
09:12:15.0741 4432 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:12:15.0743 4432 nfrd960 - ok
09:12:15.0838 4432 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:12:15.0868 4432 NlaSvc - ok
09:12:15.0927 4432 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:12:15.0950 4432 Npfs - ok
09:12:15.0988 4432 npggsvc - ok
09:12:15.0991 4432 NPPTNT2 - ok
09:12:16.0059 4432 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:12:16.0158 4432 nsi - ok
09:12:16.0256 4432 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:12:16.0315 4432 nsiproxy - ok
09:12:16.0762 4432 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:12:16.0793 4432 Ntfs - ok
09:12:16.0917 4432 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
09:12:16.0948 4432 NuidFltr - ok
09:12:16.0975 4432 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:12:16.0987 4432 Null - ok
09:12:17.0123 4432 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:12:17.0224 4432 NVHDA - ok
09:12:20.0823 4432 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:12:21.0019 4432 nvlddmkm - ok
09:12:21.0093 4432 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:12:21.0096 4432 nvraid - ok
09:12:21.0169 4432 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:12:21.0185 4432 nvstor - ok
09:12:21.0461 4432 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:12:21.0476 4432 nvsvc - ok
09:12:21.0954 4432 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:12:21.0973 4432 nvUpdatusService - ok
09:12:21.0991 4432 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:12:21.0994 4432 nv_agp - ok
09:12:22.0208 4432 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:12:22.0220 4432 odserv - ok
09:12:22.0825 4432 [ D99D7854F2D03463C82B2BB2D8C43ABC ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
09:12:22.0856 4432 OfficeSvc - ok
09:12:22.0918 4432 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:12:22.0930 4432 ohci1394 - ok
09:12:23.0051 4432 [ F148101BFA4C8F2D0CD123483A989DC4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:23.0101 4432 ose - ok
09:12:24.0354 4432 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:12:24.0404 4432 osppsvc - ok
09:12:24.0530 4432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:12:24.0574 4432 p2pimsvc - ok
09:12:25.0850 4432 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:12:25.0868 4432 p2psvc - ok
09:12:25.0954 4432 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:12:25.0971 4432 Parport - ok
09:12:26.0266 4432 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:12:26.0312 4432 partmgr - ok
09:12:26.0410 4432 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:12:26.0445 4432 PcaSvc - ok
09:12:26.0594 4432 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:12:26.0611 4432 pci - ok
09:12:26.0630 4432 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:12:26.0631 4432 pciide - ok
09:12:26.0664 4432 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:12:26.0687 4432 pcmcia - ok
09:12:26.0749 4432 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:12:26.0780 4432 pcw - ok
09:12:26.0948 4432 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:12:26.0967 4432 PEAUTH - ok
09:12:28.0672 4432 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:12:28.0679 4432 PerfHost - ok
09:12:29.0137 4432 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:12:29.0176 4432 pla - ok
09:12:29.0279 4432 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:12:29.0294 4432 PlugPlay - ok
09:12:29.0343 4432 PnkBstrA - ok
09:12:29.0391 4432 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:12:29.0404 4432 PNRPAutoReg - ok
09:12:29.0451 4432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:12:29.0454 4432 PNRPsvc - ok
09:12:29.0518 4432 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
09:12:29.0519 4432 Point64 - ok
09:12:29.0645 4432 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:12:29.0665 4432 PolicyAgent - ok
09:12:29.0716 4432 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:12:29.0731 4432 Power - ok
09:12:29.0792 4432 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:12:29.0832 4432 PptpMiniport - ok
09:12:29.0905 4432 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:12:29.0932 4432 Processor - ok
09:12:29.0988 4432 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:12:30.0020 4432 ProfSvc - ok
09:12:30.0071 4432 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:12:30.0072 4432 ProtectedStorage - ok
09:12:30.0268 4432 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:12:30.0283 4432 Psched - ok
09:12:30.0636 4432 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:12:30.0673 4432 ql2300 - ok
09:12:30.0783 4432 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:12:30.0792 4432 ql40xx - ok
09:12:31.0613 4432 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:12:31.0642 4432 QWAVE - ok
09:12:31.0684 4432 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:12:31.0749 4432 QWAVEdrv - ok
09:12:32.0273 4432 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
09:12:32.0275 4432 RapiMgr - ok
09:12:32.0378 4432 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:12:32.0398 4432 RasAcd - ok
09:12:32.0543 4432 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:12:32.0565 4432 RasAgileVpn - ok
09:12:32.0603 4432 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:12:32.0779 4432 RasAuto - ok
09:12:33.0004 4432 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:12:33.0080 4432 Rasl2tp - ok
09:12:33.0211 4432 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:12:33.0260 4432 RasMan - ok
09:12:33.0348 4432 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:12:33.0355 4432 RasPppoe - ok
09:12:33.0421 4432 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:12:33.0424 4432 RasSstp - ok
09:12:33.0550 4432 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:12:33.0588 4432 rdbss - ok
09:12:33.0625 4432 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:12:33.0662 4432 rdpbus - ok
09:12:33.0806 4432 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:12:33.0831 4432 RDPCDD - ok
09:12:33.0988 4432 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:12:34.0045 4432 RDPENCDD - ok
09:12:34.0158 4432 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:12:34.0183 4432 RDPREFMP - ok
09:12:34.0302 4432 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:12:34.0323 4432 RDPWD - ok
09:12:34.0383 4432 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:12:34.0469 4432 rdyboost - ok
09:12:34.0556 4432 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:12:34.0574 4432 RemoteAccess - ok
09:12:34.0697 4432 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:12:34.0720 4432 RemoteRegistry - ok
09:12:34.0767 4432 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:12:34.0785 4432 RpcEptMapper - ok
09:12:34.0841 4432 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:12:34.0907 4432 RpcLocator - ok
09:12:35.0100 4432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:12:35.0102 4432 RpcSs - ok
09:12:35.0169 4432 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:12:35.0181 4432 rspndr - ok
09:12:35.0463 4432 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:12:35.0478 4432 RTL8167 - ok
09:12:35.0643 4432 [ E13D43901EC079280A2A9BAD9A2CCDA7 ] SAlphamHid C:\Windows\system32\DRIVERS\SAlpham64.sys
09:12:35.0663 4432 SAlphamHid - ok
09:12:35.0735 4432 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:12:35.0786 4432 SamSs - ok
09:12:35.0876 4432 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:12:35.0918 4432 sbp2port - ok
09:12:36.0136 4432 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:12:36.0162 4432 SCardSvr - ok
09:12:36.0211 4432 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:12:36.0247 4432 scfilter - ok
09:12:36.0845 4432 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:12:36.0897 4432 Schedule - ok
09:12:37.0003 4432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:12:37.0004 4432 SCPolicySvc - ok
09:12:37.0217 4432 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:12:37.0260 4432 SDRSVC - ok
09:12:37.0414 4432 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:12:37.0443 4432 secdrv - ok
09:12:37.0514 4432 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:12:37.0559 4432 seclogon - ok
09:12:37.0653 4432 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:12:37.0686 4432 SENS - ok
09:12:37.0804 4432 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:12:37.0834 4432 SensrSvc - ok
09:12:37.0878 4432 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:12:37.0889 4432 Serenum - ok
09:12:37.0922 4432 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:12:37.0930 4432 Serial - ok
09:12:37.0964 4432 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:12:37.0981 4432 sermouse - ok
09:12:38.0105 4432 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:12:38.0273 4432 SessionEnv - ok
09:12:38.0989 4432 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:12:39.0001 4432 sffdisk - ok
09:12:39.0028 4432 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:12:39.0030 4432 sffp_mmc - ok
09:12:39.0053 4432 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:12:39.0066 4432 sffp_sd - ok
09:12:39.0192 4432 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:12:39.0230 4432 sfloppy - ok
09:12:39.0761 4432 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:12:39.0871 4432 ShellHWDetection - ok
09:12:39.0934 4432 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:12:40.0031 4432 SiSRaid2 - ok
09:12:40.0069 4432 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:12:40.0094 4432 SiSRaid4 - ok
09:12:40.0330 4432 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:12:40.0375 4432 Smb - ok
09:12:40.0457 4432 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:12:40.0479 4432 SNMPTRAP - ok
09:12:40.0556 4432 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:12:40.0571 4432 spldr - ok
09:12:40.0668 4432 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:12:45.0832 4432 Spooler - ok
09:12:47.0010 4432 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:12:47.0092 4432 sppsvc - ok
09:12:47.0198 4432 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:12:47.0218 4432 sppuinotify - ok
09:12:47.0388 4432 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:12:47.0424 4432 srv - ok
09:12:47.0589 4432 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:12:47.0605 4432 srv2 - ok
09:12:47.0697 4432 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:12:47.0720 4432 srvnet - ok
09:12:47.0804 4432 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:12:47.0831 4432 SSDPSRV - ok
09:12:47.0889 4432 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:12:47.0910 4432 SstpSvc - ok
09:12:48.0054 4432 Steam Client Service - ok
09:12:48.0513 4432 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:12:48.0552 4432 Stereo Service - ok
09:12:48.0597 4432 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:12:48.0617 4432 stexstor - ok
09:12:48.0881 4432 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:12:48.0915 4432 stisvc - ok
09:12:49.0016 4432 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:12:49.0076 4432 swenum - ok
09:12:49.0234 4432 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:12:49.0255 4432 swprv - ok
09:12:49.0970 4432 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:12:49.0989 4432 SysMain - ok
09:12:50.0018 4432 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:12:50.0033 4432 TabletInputService - ok
09:12:50.0160 4432 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:12:50.0201 4432 TapiSrv - ok
09:12:50.0281 4432 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:12:50.0316 4432 TBS - ok
09:12:50.0837 4432 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:12:50.0857 4432 Tcpip - ok
09:12:51.0262 4432 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:12:51.0478 4432 TCPIP6 - ok
09:12:51.0650 4432 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:12:51.0750 4432 tcpipreg - ok
09:12:51.0861 4432 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:12:51.0904 4432 TDPIPE - ok
09:12:52.0048 4432 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:12:52.0113 4432 TDTCP - ok
09:12:52.0210 4432 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:12:52.0233 4432 tdx - ok
09:12:53.0570 4432 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:12:53.0711 4432 TeamViewer7 - ok
09:12:53.0899 4432 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:12:53.0929 4432 TermDD - ok
09:12:54.0270 4432 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:12:54.0306 4432 TermService - ok
09:12:54.0366 4432 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:12:54.0392 4432 Themes - ok
09:12:54.0448 4432 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:12:54.0501 4432 THREADORDER - ok
09:12:54.0616 4432 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:12:54.0659 4432 TrkWks - ok
09:12:55.0030 4432 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:12:55.0086 4432 TrustedInstaller - ok
09:12:55.0170 4432 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:12:55.0192 4432 tssecsrv - ok
09:12:55.0317 4432 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:12:55.0341 4432 TsUsbFlt - ok
09:12:55.0454 4432 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:12:55.0493 4432 tunnel - ok
09:12:55.0623 4432 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:12:55.0644 4432 uagp35 - ok
09:12:55.0827 4432 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:12:55.0876 4432 udfs - ok
09:12:56.0001 4432 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:12:56.0065 4432 UI0Detect - ok
09:12:56.0172 4432 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:12:56.0208 4432 uliagpkx - ok
09:12:56.0267 4432 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:12:56.0292 4432 umbus - ok
09:12:56.0340 4432 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:12:56.0350 4432 UmPass - ok
09:12:56.0466 4432 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:12:56.0510 4432 upnphost - ok
09:12:56.0679 4432 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:12:56.0724 4432 usbaudio - ok
09:12:56.0808 4432 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:12:56.0846 4432 usbccgp - ok
09:12:56.0892 4432 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:12:56.0956 4432 usbcir - ok
09:12:57.0022 4432 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:12:57.0045 4432 usbehci - ok
09:12:57.0249 4432 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:12:57.0267 4432 usbhub - ok
09:12:57.0365 4432 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:12:57.0368 4432 usbohci - ok
09:12:57.0442 4432 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:12:57.0490 4432 usbprint - ok
09:12:57.0558 4432 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:12:57.0586 4432 usbscan - ok
09:12:57.0638 4432 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:12:57.0678 4432 USBSTOR - ok
09:12:57.0744 4432 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:12:57.0785 4432 usbuhci - ok
09:12:57.0967 4432 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
09:12:58.0011 4432 usb_rndisx - ok
09:12:58.0082 4432 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:12:58.0104 4432 UxSms - ok
09:12:58.0156 4432 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:12:58.0187 4432 VaultSvc - ok
09:12:58.0240 4432 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:12:58.0262 4432 vdrvroot - ok
09:12:58.0627 4432 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:12:58.0665 4432 vds - ok
09:12:58.0777 4432 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:12:58.0862 4432 vga - ok
09:12:58.0923 4432 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:12:59.0293 4432 VgaSave - ok
09:12:59.0414 4432 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:12:59.0440 4432 vhdmp - ok
09:12:59.0502 4432 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:12:59.0519 4432 viaide - ok
09:12:59.0550 4432 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:12:59.0574 4432 volmgr - ok
09:12:59.0771 4432 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:12:59.0795 4432 volmgrx - ok
09:12:59.0913 4432 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:12:59.0930 4432 volsnap - ok
09:13:00.0056 4432 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:13:00.0074 4432 vsmraid - ok
09:13:00.0796 4432 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:13:00.0841 4432 VSS - ok
09:13:00.0891 4432 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:13:00.0914 4432 vwifibus - ok
09:13:01.0656 4432 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys
09:13:01.0717 4432 VX1000 - ok
09:13:01.0878 4432 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:13:01.0909 4432 W32Time - ok
09:13:01.0992 4432 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:13:02.0036 4432 WacomPen - ok
09:13:02.0137 4432 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:13:02.0177 4432 WANARP - ok
09:13:02.0192 4432 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:13:02.0192 4432 Wanarpv6 - ok
09:13:02.0757 4432 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:13:02.0952 4432 WatAdminSvc - ok
09:13:03.0569 4432 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:13:03.0604 4432 wbengine - ok
09:13:03.0792 4432 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:13:03.0824 4432 WbioSrvc - ok
09:13:04.0211 4432 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
09:13:04.0226 4432 WcesComm - ok
09:13:04.0399 4432 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:13:04.0426 4432 wcncsvc - ok
09:13:04.0589 4432 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:13:04.0628 4432 WcsPlugInService - ok
09:13:04.0777 4432 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:13:04.0806 4432 Wd - ok
09:13:05.0084 4432 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:13:05.0113 4432 Wdf01000 - ok
09:13:05.0183 4432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:13:05.0208 4432 WdiServiceHost - ok
09:13:05.0258 4432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:13:05.0259 4432 WdiSystemHost - ok
09:13:05.0327 4432 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:13:05.0348 4432 WebClient - ok
09:13:05.0492 4432 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:13:05.0513 4432 Wecsvc - ok
09:13:05.0550 4432 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:13:05.0553 4432 wercplsupport - ok
09:13:05.0667 4432 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:13:05.0789 4432 WerSvc - ok
09:13:05.0835 4432 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:13:05.0874 4432 WfpLwf - ok
09:13:05.0925 4432 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:13:05.0938 4432 WIMMount - ok
09:13:05.0941 4432 WinHttpAutoProxySvc - ok
09:13:06.0441 4432 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:13:06.0468 4432 Winmgmt - ok
09:13:07.0260 4432 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:13:07.0355 4432 WinRM - ok
09:13:07.0576 4432 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:13:07.0614 4432 WinUsb - ok
09:13:07.0907 4432 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:13:07.0944 4432 Wlansvc - ok
09:13:08.0429 4432 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:13:08.0497 4432 wlcrasvc - ok
09:13:09.0589 4432 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:13:09.0654 4432 wlidsvc - ok
09:13:09.0927 4432 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:13:09.0945 4432 WmiAcpi - ok
09:13:10.0039 4432 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:13:10.0105 4432 wmiApSrv - ok
09:13:10.0195 4432 WMPNetworkSvc - ok
09:13:10.0805 4432 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
09:13:10.0884 4432 WMZuneComm - ok
09:13:10.0974 4432 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:13:11.0016 4432 WPCSvc - ok
09:13:11.0095 4432 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:13:11.0149 4432 WPDBusEnum - ok
09:13:11.0330 4432 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:13:11.0421 4432 ws2ifsl - ok
09:13:11.0424 4432 WSearch - ok
09:13:12.0536 4432 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:13:12.0586 4432 wuauserv - ok
09:13:12.0602 4432 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:13:12.0621 4432 WudfPf - ok
09:13:12.0800 4432 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:12.0849 4432 WUDFRd - ok
09:13:12.0955 4432 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:13:12.0981 4432 wudfsvc - ok
09:13:13.0117 4432 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:13:13.0260 4432 WwanSvc - ok
09:13:17.0061 4432 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
09:13:17.0304 4432 ZuneNetworkSvc - ok
09:13:17.0746 4432 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
09:13:17.0788 4432 ZuneWlanCfgSvc - ok
09:13:17.0910 4432 ================ Scan global ===============================
09:13:17.0983 4432 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:13:18.0491 4432 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:13:18.0719 4432 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:13:18.0834 4432 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:13:19.0208 4432 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:13:19.0440 4432 [Global] - ok
09:13:19.0440 4432 ================ Scan MBR ==================================
09:13:19.0563 4432 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:13:19.0563 4432 Suspicious mbr (Forged): \Device\Harddisk0\DR0
09:13:19.0906 4432 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
09:13:19.0906 4432 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
09:13:19.0906 4432 ================ Scan VBR ==================================
09:13:19.0963 4432 [ 36DEBE9E1513C81161F04BA2320AC8B7 ] \Device\Harddisk0\DR0\Partition1
09:13:20.0039 4432 \Device\Harddisk0\DR0\Partition1 - ok
09:13:20.0039 4432 ============================================================
09:13:20.0039 4432 Scan finished
09:13:20.0039 4432 ============================================================
09:13:20.0046 3272 Detected object count: 1
09:13:20.0046 3272 Actual detected object count: 1
09:14:56.0241 3272 \Device\Harddisk0\DR0\# - copied to quarantine
09:14:56.0436 3272 \Device\Harddisk0\DR0 - copied to quarantine
09:15:05.0999 3272 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
09:15:06.0382 3272 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
09:15:07.0259 3272 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
09:15:08.0134 3272 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
09:15:10.0792 3272 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
09:15:13.0913 3272 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
09:15:13.0969 3272 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
09:15:14.0005 3272 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
09:15:14.0264 3272 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
09:15:14.0840 3272 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
09:15:15.0508 3272 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
09:15:15.0589 3272 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
09:15:15.0639 3272 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
09:15:15.0790 3272 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
09:15:16.0480 3272 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
09:15:16.0988 3272 \Device\Harddisk0\DR0 - ok
09:15:17.0629 3272 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

Edited by JoshIsKorean, 22 August 2012 - 11:54 AM.


#3 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 11:55 AM

Here's this thing...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 09:11:03
-----------------------------
09:11:03.737 OS Version: Windows x64 6.1.7601 Service Pack 1
09:11:03.737 Number of processors: 4 586 0x2A07
09:11:03.738 ComputerName: JOSH-PC UserName: Josh
09:12:44.345 Initialize success
09:13:12.072 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-5
09:13:12.073 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
09:13:12.074 Device \Driver\atapi -> MajorFunction fffffa8004eb45e8
09:13:12.102 Disk 0 MBR read successfully
09:13:12.104 Disk 0 MBR scan
09:13:12.106 Disk 0 Windows 7 default MBR code
09:13:12.107 Disk 0 MBR hidden
09:13:12.189 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953868 MB offset 63
09:13:12.326 Disk 0 scanning C:\Windows\system32\drivers
09:14:51.848 Service scanning
09:16:37.094 Service 11196256 C:\Windows\system32\drivers\40943250.sys **HIDDEN**
09:18:40.836 Modules scanning
09:18:40.880 Disk 0 trace - called modules:
09:18:40.883 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8009ec90d0]<<82660610.sys >>UNKNOWN [0xfffffa8004eb45e8]<<
09:18:41.209 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046da060]
09:18:41.212 3 CLASSPNP.SYS[fffff8800197843f] -> nt!IofCallDriver -> [0xfffffa8004238580]
09:18:41.215 5 ACPI.sys[fffff88000e1a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa80044f5060]
09:18:41.224 \Driver\atapi[0xfffffa8004675e70] -> IRP_MJ_CREATE -> 0xfffffa8004eb45e8
09:18:41.230 Scan finished successfully
09:24:01.827 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
09:24:01.830 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR.txt"

Edited by JoshIsKorean, 22 August 2012 - 12:04 PM.


#4 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 11:59 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Josh (administrator) on 22-08-2012 at 09:58:32
Running from "C:\Users\Josh\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#5 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 12:01 PM

I currently have a FULL Malwarebytes Anti-Malware scan and ESET Online Scanner running and will post more information as I get more.

#6 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 12:03 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Josh (administrator) on 22-08-2012 at 10:02:07
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Josh-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-CE-4A-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6d85:2d66:f153:5250%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 22, 2012 9:40:20 AM
Lease Expires . . . . . . . . . . : Wednesday, August 29, 2012 9:40:19 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 236744549
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-14-20-83-1C-6F-65-CE-4A-0B
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
0.0.0.0
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{232881D7-CDDB-4081-B841-E4DD5DDA429F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:801::1006
173.194.33.2
173.194.33.3
173.194.33.4
173.194.33.9
173.194.33.6
173.194.33.14
173.194.33.8
173.194.33.7
173.194.33.5
173.194.33.1
173.194.33.0


Pinging google.com [173.194.33.5] with 32 bytes of data:
Reply from 173.194.33.5: bytes=32 time=31ms TTL=55
Reply from 173.194.33.5: bytes=32 time=29ms TTL=55

Ping statistics for 173.194.33.5:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 31ms, Average = 30ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=717ms TTL=46
Reply from 98.139.183.24: bytes=32 time=677ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 677ms, Maximum = 717ms, Average = 697ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...1c 6f 65 ce 4a 0b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.105 276
192.168.0.105 255.255.255.255 On-link 192.168.0.105 276
192.168.0.255 255.255.255.255 On-link 192.168.0.105 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.105 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.105 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::6d85:2d66:f153:5250/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/22/2012 09:18:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: DownloadAcceleratorSetup.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x156c
Faulting application start time: 0xDownloadAcceleratorSetup.exe0
Faulting application path: DownloadAcceleratorSetup.exe1
Faulting module path: DownloadAcceleratorSetup.exe2
Report Id: DownloadAcceleratorSetup.exe3

Error: (08/20/2012 10:17:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: LoLLauncher.exe, version: 0.0.0.0, time stamp: 0x4f15f44a
Faulting module name: LoLLauncher.exe, version: 0.0.0.0, time stamp: 0x4f15f44a
Exception code: 0xc0000005
Fault offset: 0x0020ef4d
Faulting process id: 0x19d0
Faulting application start time: 0xLoLLauncher.exe0
Faulting application path: LoLLauncher.exe1
Faulting module path: LoLLauncher.exe2
Report Id: LoLLauncher.exe3

Error: (08/20/2012 00:46:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jscript9.dll, version: 9.0.8112.16448, time stamp: 0x4fecf3f0
Exception code: 0xc0000005
Fault offset: 0x000b90f1
Faulting process id: 0xf38
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/19/2012 10:53:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 1.0.0.145, time stamp: 0x50258d8c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00060000
Faulting process id: 0x21fc
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (08/19/2012 03:19:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jvm.dll, version: 20.6.0.1, time stamp: 0x4f2cd3a4
Exception code: 0xc0000005
Fault offset: 0x0005e4e2
Faulting process id: 0x1be4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/19/2012 02:03:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jvm.dll, version: 20.6.0.1, time stamp: 0x4f2cd3a4
Exception code: 0xc0000005
Fault offset: 0x0005e4e2
Faulting process id: 0xf34
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/19/2012 11:13:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jscript9.dll, version: 9.0.8112.16448, time stamp: 0x4fecf3f0
Exception code: 0xc0000005
Fault offset: 0x000b90f1
Faulting process id: 0xb04
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/19/2012 01:14:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16448, time stamp: 0x4fecfb0e
Exception code: 0xc0000005
Fault offset: 0x001d9b56
Faulting process id: 0xee4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/19/2012 01:11:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: aim.exe, version: 7.5.12.6, time stamp: 0x4f4e8a39
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x808
Faulting application start time: 0xaim.exe0
Faulting application path: aim.exe1
Faulting module path: aim.exe2
Report Id: aim.exe3

Error: (08/19/2012 00:41:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jscript9.dll, version: 9.0.8112.16447, time stamp: 0x4fc9cfc6
Exception code: 0xc0000005
Fault offset: 0x000adc5d
Faulting process id: 0x80
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (08/22/2012 09:40:36 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/22/2012 09:40:36 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (08/22/2012 09:40:36 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/22/2012 09:40:34 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 09:40:28 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/22/2012 09:40:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AppleCharger
Avgldx64
Avgmfx64
discache
spldr
Wanarpv6

Error: (08/22/2012 09:40:20 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 09:40:20 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 09:40:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/22/2012 09:40:21 AM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80003507405)C:\Windows\Minidump\082212-49421-01.dmp082212-49421-01


Microsoft Office Sessions:
=========================
Error: (02/16/2012 03:06:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11403 seconds with 4140 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIM 7
Alien Swarm
AOL Messaging Toolbar
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bonjour (Version: 3.0.0.10)
Borderlands GOTY Edition (Version: 1.4.0)
CCleaner (Version: 3.13)
Counter-Strike: Source
D3DX10 (Version: 15.4.2368.0902)
Day of Defeat: Source
Deus Ex: Human Revolution
Diablo III (Version: 1.0.4.11327)
Download Updater (AOL LLC)
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.98)
Fallout 3 (Version: 1.00.0000)
Fallout New Vegas
FoxTab PDF Converter
Fraps
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
ijji - Gunz
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Just Cause 2
Katawa Shoujo
League of Legends (Version: 1.3)
Left 4 Dead 2
LolMatches Client (Version: 0.1.0.0)
LOLReplay (Version: 0.7.9.31)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mass Effect 2
Mass Effect™ 3 (Version: 1.01.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 1.2.0241)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 365 Home Premium Preview - en-us (Version: 15.0.4128.1019)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.4111.0525)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mumble 1.2.3 (Version: 1.2.3)
Nexon Game Manager
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4128.1019)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4128.1019)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
OpenOffice.org 3.3 (Version: 3.3.9567)
Pando Media Booster (Version: 2.3.6.0)
Pandora Saga: Weapons of Balance
REACTOR (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6307)
Saints Row: The Third
Shattered Galaxy (Version: 1.85)
Skype™ 5.5 (Version: 5.5.119)
StarCraft II (Version: 1.4.4.22418)
Steam (Version: 1.0.0.0)
SteelSeries Engine (Version: 2.2.927.31327)
Super Monday Night Combat
Team Fortress 2
TeamViewer 7 (Version: 7.0.12541)
Trine
Trine 2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
World of Warcraft (Version: 4.3.0.15005)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 4079.12 MB
Available physical RAM: 2040.14 MB
Total Pagefile: 8156.43 MB
Available Pagefile: 6257.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.58 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:728.83 GB) NTFS

========================= Users: ========================================

User accounts for \\JOSH-PC

Administrator Guest Josh
UpdatusUser


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:28 PM

Posted 22 August 2012 - 12:50 PM

Restart the PC ,run ASWMBR again and post the log

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

#8 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 03:54 PM

C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_09.10.21\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Josh\AppData\Local\Temp\ICReinstall_DownloadAcceleratorSetup.exe a variant of Win32/InstallCore.AN application cleaned by deleting - quarantined
C:\Users\Josh\AppData\Local\Temp\Addons\3AD37AEB\zugo.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Josh\AppData\Local\Temp\Addons\91496FF5\zugo.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Josh\AppData\Local\Temp\DM\Installer_for_AVG-Anti-Virus-Free-Edition-2012_008186\ExecIwantThis.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Josh\AppData\Local\Temp\is357113909\FunmoodsLatest.exe a variant of Win32/Toolbar.Funmoods application cleaned by deleting - quarantined
C:\Users\Josh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\784c9ede-5fdfeed3 multiple threats deleted - quarantined
C:\Users\Josh\Downloads\DownloadAcceleratorSetup.exe a variant of Win32/InstallCore.AN application cleaned by deleting - quarantined
C:\Users\Josh\Downloads\SoftonicDownloader_for_gamespy-arcade.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\Josh\Downloads\SoftonicDownloader_for_ultraiso.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Users\Josh\Downloads\VideoPerformerSetup.exe a variant of Win32/InstallBrain.A application cleaned by deleting - quarantined
C:\Windows\Installer\{edb35ccc-c9e3-21f2-ba66-95a0ec2631be}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{edb35ccc-c9e3-21f2-ba66-95a0ec2631be}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{edb35ccc-c9e3-21f2-ba66-95a0ec2631be}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{edb35ccc-c9e3-21f2-ba66-95a0ec2631be}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\Installer\{edb35ccc-c9e3-21f2-ba66-95a0ec2631be}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined

#9 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 04:13 PM

I rebooted my computer after finishing my Malware Full scan and my ESET scan and decided to try using my computer in 'normal mode.' However, as soon as the computer turned on and I got to post my ESET log, my computer blue screened with code 1E. Afterwards, I turned off/on my PC and tried going on 'normal mode' two more times. This time, I got the blue screen error with code 0A both times. So, now I'm back on safe mode ASWMBR/scanning malware again.

#10 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 04:20 PM

New ASWMBR Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 14:13:45
-----------------------------
14:13:45.817 OS Version: Windows x64 6.1.7601 Service Pack 1
14:13:45.817 Number of processors: 4 586 0x2A07
14:13:45.817 ComputerName: JOSH-PC UserName: Josh
14:15:14.075 Initialize success
14:15:22.679 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-a
14:15:22.680 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
14:15:22.681 Device \Driver\atapi -> MajorFunction fffffa80052145e8
14:15:22.707 Disk 0 MBR read successfully
14:15:22.708 Disk 0 MBR scan
14:15:22.709 Disk 0 Windows 7 default MBR code
14:15:22.711 Disk 0 MBR hidden
14:15:22.740 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953868 MB offset 63
14:15:22.875 Disk 0 scanning C:\Windows\system32\drivers
14:16:17.801 Service scanning
14:18:04.325 Modules scanning
14:18:04.325 Disk 0 trace - called modules:
14:18:04.326 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80052145e8]<<
14:18:04.326 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004717060]
14:18:04.326 3 CLASSPNP.SYS[fffff8800195543f] -> nt!IofCallDriver -> [0xfffffa8004497cf0]
14:18:04.326 5 ACPI.sys[fffff88000f967a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-a[0xfffffa80044a9060]
14:18:04.326 \Driver\atapi[0xfffffa800507ae70] -> IRP_MJ_CREATE -> 0xfffffa80052145e8
14:18:04.326 Scan finished successfully
14:19:26.666 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
14:19:26.676 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR log.txt"

#11 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 04:30 PM

Not sure if you want to see this:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.22.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Josh :: JOSH-PC [administrator]

8/22/2012 2:10:17 PM
mbam-log-2012-08-22 (14-10-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222301
Time elapsed: 8 minute(s), 54 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 1672 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

#12 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 04:43 PM

Narenxp, thanks for all the help you've given me thus far. I'd like to address another problem as well (sorry for having so many problems).

I found out that my windows firewall isn't up and running. So, I tried turning it on but I was given a pop-up that says "Windows Firewall can't change some of your settings. Error code 0x80070424."

Then I tried opening up the advanced settings on my windows firewall and I got this message:

There was an error opening the Windows Firewall with Advanced Security snap-in.
The Windows Firewall with Advanced Security snap-in failed to load. Restart the Windows Firewall service on the computer that you are managing. Error code: 0x6D9.

If it isn't a bother to you, could you also help me fix this?

#13 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 04:50 PM

I ran Malwarebytes Anti-Malware again (trying to run scans until I get a clean log).

After running the scan, rebooting my pc and running the scan again, I seem to have these infections not being removed. Here is a picture of the infection detected.

http://imgur.com/oB8bI

& here is the Malwarebytes log after this scan:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.22.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Josh :: JOSH-PC [administrator]

8/22/2012 2:37:02 PM
mbam-log-2012-08-22 (14-37-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223379
Time elapsed: 7 minute(s), 49 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 4812 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Edited by JoshIsKorean, 22 August 2012 - 04:57 PM.


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:28 PM

Posted 22 August 2012 - 04:56 PM

Download a new copy of tdsskiller,scan it and post the new log

#15 JoshIsKorean

JoshIsKorean
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 22 August 2012 - 05:04 PM

I've scanned again and this popped up so I chose the cure option (hopefully this was the right thing to do).
http://imgur.com/najrc (picture of what popped up)

Also, here is the new log.


14:59:52.0068 3364 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
14:59:52.0643 3364 ============================================================
14:59:52.0643 3364 Current date / time: 2012/08/22 14:59:52.0643
14:59:52.0643 3364 SystemInfo:
14:59:52.0643 3364
14:59:52.0643 3364 OS Version: 6.1.7601 ServicePack: 1.0
14:59:52.0643 3364 Product type: Workstation
14:59:52.0643 3364 ComputerName: JOSH-PC
14:59:52.0643 3364 UserName: Josh
14:59:52.0643 3364 Windows directory: C:\Windows
14:59:52.0643 3364 System windows directory: C:\Windows
14:59:52.0643 3364 Running under WOW64
14:59:52.0643 3364 Processor architecture: Intel x64
14:59:52.0643 3364 Number of processors: 4
14:59:52.0643 3364 Page size: 0x1000
14:59:52.0643 3364 Boot type: Normal boot
14:59:52.0643 3364 ============================================================
14:59:55.0931 3364 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:59:55.0943 3364 ============================================================
14:59:55.0943 3364 \Device\Harddisk0\DR0:
14:59:55.0959 3364 MBR partitions:
14:59:55.0960 3364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706000
14:59:55.0960 3364 ============================================================
14:59:56.0035 3364 C: <-> \Device\Harddisk0\DR0\Partition1
14:59:56.0035 3364 ============================================================
14:59:56.0036 3364 Initialize success
14:59:56.0036 3364 ============================================================
14:59:58.0709 3428 ============================================================
14:59:58.0709 3428 Scan started
14:59:58.0709 3428 Mode: Manual;
14:59:58.0709 3428 ============================================================
15:00:08.0175 7076 ============================================================
15:00:08.0175 7076 Scan started
15:00:08.0175 7076 Mode: Manual;
15:00:08.0175 7076 ============================================================
15:00:09.0196 7076 ================ Scan system memory ========================
15:00:09.0196 7076 System memory - ok
15:00:09.0196 7076 ================ Scan services =============================
15:00:11.0213 7076 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:00:11.0223 7076 1394ohci - ok
15:00:11.0340 7076 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:00:11.0353 7076 ACPI - ok
15:00:11.0391 7076 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:00:11.0404 7076 AcpiPmi - ok
15:00:11.0652 7076 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:00:11.0686 7076 AdobeARMservice - ok
15:00:12.0753 7076 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:00:12.0777 7076 AdobeFlashPlayerUpdateSvc - ok
15:00:12.0987 7076 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:00:13.0010 7076 adp94xx - ok
15:00:13.0187 7076 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:00:13.0213 7076 adpahci - ok
15:00:13.0264 7076 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:00:13.0278 7076 adpu320 - ok
15:00:13.0368 7076 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:00:13.0388 7076 AeLookupSvc - ok
15:00:13.0561 7076 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:00:13.0652 7076 AFD - ok
15:00:13.0741 7076 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:00:13.0757 7076 agp440 - ok
15:00:13.0795 7076 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:00:13.0803 7076 ALG - ok
15:00:13.0873 7076 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:00:13.0909 7076 aliide - ok
15:00:13.0939 7076 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:00:13.0977 7076 amdide - ok
15:00:14.0085 7076 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:00:14.0101 7076 AmdK8 - ok
15:00:14.0192 7076 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:00:14.0208 7076 AmdPPM - ok
15:00:14.0301 7076 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:00:14.0307 7076 amdsata - ok
15:00:14.0387 7076 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:00:14.0404 7076 amdsbs - ok
15:00:14.0453 7076 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:00:14.0478 7076 amdxata - ok
15:00:14.0587 7076 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:00:14.0604 7076 AppID - ok
15:00:14.0720 7076 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:00:14.0749 7076 AppIDSvc - ok
15:00:14.0879 7076 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:00:14.0893 7076 Appinfo - ok
15:00:15.0159 7076 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:00:15.0263 7076 Apple Mobile Device - ok
15:00:15.0524 7076 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:00:15.0575 7076 AppleCharger - ok
15:00:15.0758 7076 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:00:15.0782 7076 AppleChargerSrv - ok
15:00:15.0864 7076 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:00:15.0886 7076 arc - ok
15:00:15.0951 7076 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:00:15.0984 7076 arcsas - ok
15:00:16.0746 7076 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:00:16.0813 7076 aspnet_state - ok
15:00:16.0869 7076 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:00:16.0882 7076 AsyncMac - ok
15:00:16.0928 7076 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:00:16.0928 7076 atapi - ok
15:00:17.0169 7076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:00:17.0186 7076 AudioEndpointBuilder - ok
15:00:17.0259 7076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:00:17.0262 7076 AudioSrv - ok
15:00:18.0771 7076 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
15:00:18.0827 7076 AVGIDSAgent - ok
15:00:19.0002 7076 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:00:19.0039 7076 AVGIDSDriver - ok
15:00:19.0181 7076 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
15:00:19.0200 7076 AVGIDSFilter - ok
15:00:19.0253 7076 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
15:00:19.0265 7076 AVGIDSHA - ok
15:00:19.0424 7076 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
15:00:19.0436 7076 Avgldx64 - ok
15:00:19.0545 7076 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
15:00:19.0584 7076 Avgmfx64 - ok
15:00:19.0932 7076 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
15:00:19.0953 7076 Avgrkx64 - ok
15:00:20.0084 7076 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
15:00:20.0130 7076 Avgtdia - ok
15:00:20.0296 7076 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
15:00:20.0335 7076 avgwd - ok
15:00:20.0490 7076 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:00:20.0508 7076 AxInstSV - ok
15:00:20.0733 7076 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:00:20.0757 7076 b06bdrv - ok
15:00:20.0934 7076 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:00:20.0970 7076 b57nd60a - ok
15:00:21.0164 7076 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:00:21.0221 7076 BDESVC - ok
15:00:21.0382 7076 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:00:21.0416 7076 Beep - ok
15:00:21.0908 7076 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:00:21.0930 7076 BITS - ok
15:00:21.0988 7076 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:00:21.0997 7076 blbdrive - ok
15:00:22.0322 7076 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:00:22.0335 7076 Bonjour Service - ok
15:00:22.0447 7076 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:00:22.0469 7076 bowser - ok
15:00:22.0513 7076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:00:22.0527 7076 BrFiltLo - ok
15:00:22.0544 7076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:00:22.0568 7076 BrFiltUp - ok
15:00:22.0678 7076 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:00:22.0698 7076 Browser - ok
15:00:22.0884 7076 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:00:22.0905 7076 Brserid - ok
15:00:23.0038 7076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:00:23.0069 7076 BrSerWdm - ok
15:00:23.0159 7076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:00:23.0210 7076 BrUsbMdm - ok
15:00:23.0280 7076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:00:23.0293 7076 BrUsbSer - ok
15:00:23.0322 7076 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:00:23.0331 7076 BTHMODEM - ok
15:00:23.0571 7076 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:00:23.0597 7076 bthserv - ok
15:00:23.0678 7076 [ 55913573C41CF091F93A1AC07965EA7E ] busenum C:\Windows\system32\DRIVERS\SteelBus64.sys
15:00:23.0689 7076 busenum - ok
15:00:23.0798 7076 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:00:23.0808 7076 cdfs - ok
15:00:23.0952 7076 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:00:23.0996 7076 cdrom - ok
15:00:24.0165 7076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:00:24.0191 7076 CertPropSvc - ok
15:00:24.0250 7076 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:00:24.0261 7076 circlass - ok
15:00:24.0335 7076 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:00:24.0366 7076 CLFS - ok
15:00:24.0552 7076 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:00:24.0584 7076 clr_optimization_v2.0.50727_32 - ok
15:00:24.0766 7076 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:00:24.0812 7076 clr_optimization_v2.0.50727_64 - ok
15:00:25.0686 7076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:00:25.0745 7076 clr_optimization_v4.0.30319_32 - ok
15:00:25.0901 7076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:00:26.0255 7076 clr_optimization_v4.0.30319_64 - ok
15:00:26.0293 7076 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:00:26.0294 7076 CmBatt - ok
15:00:26.0315 7076 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:00:26.0326 7076 cmdide - ok
15:00:26.0418 7076 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:00:26.0431 7076 CNG - ok
15:00:26.0452 7076 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:00:26.0459 7076 Compbatt - ok
15:00:26.0546 7076 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:00:26.0560 7076 CompositeBus - ok
15:00:26.0590 7076 COMSysApp - ok
15:00:26.0645 7076 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:00:26.0654 7076 crcdisk - ok
15:00:26.0724 7076 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:00:26.0734 7076 CryptSvc - ok
15:00:26.0848 7076 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:00:26.0942 7076 dc3d - ok
15:00:27.0370 7076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:00:27.0396 7076 DcomLaunch - ok
15:00:27.0678 7076 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:00:27.0812 7076 defragsvc - ok
15:00:27.0937 7076 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:00:27.0955 7076 DfsC - ok
15:00:28.0286 7076 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:00:28.0310 7076 Dhcp - ok
15:00:28.0333 7076 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:00:28.0386 7076 discache - ok
15:00:28.0458 7076 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:00:28.0489 7076 Disk - ok
15:00:28.0588 7076 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:00:28.0610 7076 Dnscache - ok
15:00:28.0675 7076 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:00:28.0690 7076 dot3svc - ok
15:00:28.0764 7076 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:00:28.0778 7076 DPS - ok
15:00:28.0836 7076 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:00:28.0857 7076 drmkaud - ok
15:00:29.0119 7076 dump_wmimmc - ok
15:00:29.0556 7076 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:00:29.0585 7076 DXGKrnl - ok
15:00:29.0645 7076 EagleX64 - ok
15:00:29.0689 7076 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:00:29.0699 7076 EapHost - ok
15:00:30.0302 7076 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:00:30.0347 7076 ebdrv - ok
15:00:30.0457 7076 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:00:30.0482 7076 EFS - ok
15:00:30.0859 7076 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:00:30.0887 7076 ehRecvr - ok
15:00:30.0940 7076 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:00:30.0949 7076 ehSched - ok
15:00:31.0165 7076 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:00:31.0213 7076 elxstor - ok
15:00:31.0251 7076 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:00:31.0289 7076 ErrDev - ok
15:00:31.0377 7076 [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
15:00:31.0393 7076 EtronHub3 - ok
15:00:31.0466 7076 [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
15:00:31.0486 7076 EtronXHCI - ok
15:00:31.0597 7076 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:00:31.0605 7076 EventSystem - ok
15:00:31.0743 7076 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:00:31.0785 7076 exfat - ok
15:00:31.0836 7076 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:00:31.0860 7076 fastfat - ok
15:00:32.0158 7076 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:00:32.0169 7076 Fax - ok
15:00:32.0197 7076 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:00:32.0214 7076 fdc - ok
15:00:32.0266 7076 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:00:32.0280 7076 fdPHost - ok
15:00:32.0329 7076 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:00:32.0342 7076 FDResPub - ok
15:00:32.0382 7076 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:00:32.0395 7076 FileInfo - ok
15:00:32.0412 7076 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:00:32.0419 7076 Filetrace - ok
15:00:32.0436 7076 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:00:32.0451 7076 flpydisk - ok
15:00:32.0573 7076 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:00:32.0604 7076 FltMgr - ok
15:00:32.0862 7076 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:00:32.0886 7076 FontCache - ok
15:00:32.0946 7076 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:00:32.0961 7076 FontCache3.0.0.0 - ok
15:00:32.0981 7076 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:00:32.0995 7076 FsDepends - ok
15:00:33.0079 7076 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:00:33.0114 7076 fssfltr - ok
15:00:33.0682 7076 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:00:33.0712 7076 fsssvc - ok
15:00:33.0750 7076 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:00:33.0792 7076 Fs_Rec - ok
15:00:33.0901 7076 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:00:33.0932 7076 fvevol - ok
15:00:34.0005 7076 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:00:34.0026 7076 gagp30kx - ok
15:00:34.0093 7076 gdrv - ok
15:00:34.0280 7076 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:00:34.0342 7076 GEARAspiWDM - ok
15:00:34.0685 7076 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:00:34.0734 7076 gpsvc - ok
15:00:35.0031 7076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:00:35.0040 7076 gupdate - ok
15:00:35.0134 7076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:00:35.0135 7076 gupdatem - ok
15:00:35.0196 7076 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:00:35.0214 7076 hcw85cir - ok
15:00:35.0360 7076 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:00:35.0401 7076 HdAudAddService - ok
15:00:35.0434 7076 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:00:35.0445 7076 HDAudBus - ok
15:00:35.0470 7076 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:00:35.0490 7076 HidBatt - ok
15:00:35.0534 7076 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:00:35.0568 7076 HidBth - ok
15:00:35.0669 7076 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:00:35.0686 7076 HidIr - ok
15:00:35.0769 7076 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:00:35.0794 7076 hidserv - ok
15:00:35.0876 7076 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:00:35.0909 7076 HidUsb - ok
15:00:35.0998 7076 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:00:36.0033 7076 hkmsvc - ok
15:00:36.0155 7076 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:00:36.0175 7076 HomeGroupListener - ok
15:00:36.0214 7076 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:00:36.0249 7076 HomeGroupProvider - ok
15:00:36.0324 7076 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:00:36.0333 7076 HpSAMD - ok
15:00:36.0597 7076 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:00:36.0644 7076 HTTP - ok
15:00:36.0677 7076 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:00:36.0684 7076 hwpolicy - ok
15:00:36.0764 7076 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:00:36.0801 7076 i8042prt - ok
15:00:36.0887 7076 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:00:36.0900 7076 iaStorV - ok
15:00:37.0145 7076 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:00:37.0236 7076 idsvc - ok
15:00:37.0264 7076 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:00:37.0290 7076 iirsp - ok
15:00:37.0630 7076 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:00:37.0665 7076 IKEEXT - ok
15:00:38.0421 7076 [ 2CC2F7C5990BB76767038F4B16D17A56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:00:38.0456 7076 IntcAzAudAddService - ok
15:00:38.0491 7076 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:00:38.0518 7076 intelide - ok
15:00:38.0572 7076 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:00:38.0586 7076 intelppm - ok
15:00:38.0624 7076 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:00:38.0633 7076 IPBusEnum - ok
15:00:38.0667 7076 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:00:38.0680 7076 IpFilterDriver - ok
15:00:38.0705 7076 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:00:38.0741 7076 IPMIDRV - ok
15:00:38.0800 7076 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:00:38.0835 7076 IPNAT - ok
15:00:39.0262 7076 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:00:39.0277 7076 iPod Service - ok
15:00:39.0336 7076 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:00:39.0358 7076 IRENUM - ok
15:00:39.0403 7076 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:00:39.0419 7076 isapnp - ok
15:00:39.0505 7076 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:00:39.0542 7076 iScsiPrt - ok
15:00:39.0600 7076 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:00:39.0608 7076 kbdclass - ok
15:00:39.0678 7076 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:00:39.0707 7076 kbdhid - ok
15:00:39.0729 7076 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:00:39.0730 7076 KeyIso - ok
15:00:39.0854 7076 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:00:40.0273 7076 KSecDD - ok
15:00:40.0424 7076 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:00:40.0470 7076 KSecPkg - ok
15:00:40.0506 7076 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:00:40.0511 7076 ksthunk - ok
15:00:40.0675 7076 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:00:40.0700 7076 KtmRm - ok
15:00:40.0839 7076 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:00:40.0873 7076 LanmanServer - ok
15:00:40.0957 7076 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:00:40.0965 7076 LanmanWorkstation - ok
15:00:41.0114 7076 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:00:41.0146 7076 lltdio - ok
15:00:41.0260 7076 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:00:41.0264 7076 lltdsvc - ok
15:00:41.0349 7076 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:00:41.0362 7076 lmhosts - ok
15:00:41.0439 7076 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:00:41.0924 7076 LSI_FC - ok
15:00:42.0028 7076 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:00:42.0101 7076 LSI_SAS - ok
15:00:42.0179 7076 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:00:42.0186 7076 LSI_SAS2 - ok
15:00:42.0253 7076 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:00:42.0265 7076 LSI_SCSI - ok
15:00:42.0314 7076 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:00:42.0336 7076 luafv - ok
15:00:42.0511 7076 [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
15:00:42.0568 7076 lvpopf64 - ok
15:00:42.0708 7076 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
15:00:42.0737 7076 LVRS64 - ok
15:00:45.0227 7076 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
15:00:45.0286 7076 LVUVC64 - ok
15:00:45.0400 7076 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:00:45.0480 7076 Mcx2Svc - ok
15:00:45.0848 7076 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:00:45.0908 7076 megasas - ok
15:00:46.0074 7076 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:00:46.0144 7076 MegaSR - ok
15:00:46.0239 7076 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:00:46.0386 7076 MEIx64 - ok
15:00:46.0445 7076 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:00:46.0488 7076 MMCSS - ok
15:00:46.0527 7076 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:00:46.0549 7076 Modem - ok
15:00:46.0581 7076 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:00:46.0611 7076 monitor - ok
15:00:46.0796 7076 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:00:46.0818 7076 mouclass - ok
15:00:46.0931 7076 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:00:46.0938 7076 mouhid - ok
15:00:47.0128 7076 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:00:47.0206 7076 mountmgr - ok
15:00:47.0663 7076 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:00:47.0701 7076 MozillaMaintenance - ok
15:00:47.0737 7076 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:00:47.0846 7076 mpio - ok
15:00:47.0970 7076 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:00:47.0997 7076 mpsdrv - ok
15:00:48.0123 7076 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:00:48.0141 7076 MRxDAV - ok
15:00:48.0309 7076 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:00:48.0327 7076 mrxsmb - ok
15:00:48.0423 7076 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:00:48.0431 7076 mrxsmb10 - ok
15:00:48.0466 7076 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:00:48.0483 7076 mrxsmb20 - ok
15:00:48.0588 7076 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:00:48.0624 7076 msahci - ok
15:00:48.0778 7076 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:00:48.0820 7076 MSCamSvc - ok
15:00:48.0887 7076 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:00:49.0031 7076 msdsm - ok
15:00:49.0068 7076 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:00:49.0070 7076 MSDTC - ok
15:00:49.0259 7076 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:00:49.0272 7076 Msfs - ok
15:00:49.0308 7076 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:00:49.0363 7076 mshidkmdf - ok
15:00:49.0424 7076 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:00:49.0501 7076 msisadrv - ok
15:00:49.0684 7076 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:00:49.0712 7076 MSiSCSI - ok
15:00:49.0714 7076 msiserver - ok
15:00:49.0792 7076 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:00:49.0812 7076 MSKSSRV - ok
15:00:49.0902 7076 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:00:49.0935 7076 MSPCLOCK - ok
15:00:49.0972 7076 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:00:49.0981 7076 MSPQM - ok
15:00:50.0145 7076 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:00:50.0170 7076 MsRPC - ok
15:00:50.0203 7076 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:00:50.0213 7076 mssmbios - ok
15:00:50.0276 7076 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:00:50.0307 7076 MSTEE - ok
15:00:50.0344 7076 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:00:50.0375 7076 MTConfig - ok
15:00:50.0403 7076 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:00:50.0444 7076 Mup - ok
15:00:50.0638 7076 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:00:50.0695 7076 napagent - ok
15:00:50.0884 7076 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:00:50.0905 7076 NativeWifiP - ok
15:00:51.0353 7076 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:00:51.0404 7076 NDIS - ok
15:00:51.0462 7076 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:00:51.0477 7076 NdisCap - ok
15:00:51.0526 7076 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:00:51.0578 7076 NdisTapi - ok
15:00:51.0658 7076 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:00:51.0673 7076 Ndisuio - ok
15:00:51.0751 7076 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:00:51.0763 7076 NdisWan - ok
15:00:51.0826 7076 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:00:51.0876 7076 NDProxy - ok
15:00:51.0967 7076 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:00:51.0992 7076 NetBIOS - ok
15:00:52.0572 7076 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:00:52.0595 7076 NetBT - ok
15:00:52.0637 7076 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:00:52.0645 7076 Netlogon - ok
15:00:52.0947 7076 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:00:52.0977 7076 Netman - ok
15:00:53.0185 7076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:00:53.0543 7076 NetMsmqActivator - ok
15:00:53.0558 7076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:00:53.0559 7076 NetPipeActivator - ok
15:00:53.0900 7076 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:00:53.0934 7076 netprofm - ok
15:00:53.0962 7076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:00:53.0962 7076 NetTcpActivator - ok
15:00:54.0113 7076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:00:54.0114 7076 NetTcpPortSharing - ok
15:00:54.0161 7076 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:00:54.0172 7076 nfrd960 - ok
15:00:54.0318 7076 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:00:54.0350 7076 NlaSvc - ok
15:00:54.0405 7076 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:00:54.0447 7076 Npfs - ok
15:00:54.0480 7076 npggsvc - ok
15:00:54.0483 7076 NPPTNT2 - ok
15:00:54.0545 7076 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:00:54.0555 7076 nsi - ok
15:00:54.0610 7076 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:00:54.0661 7076 nsiproxy - ok
15:00:55.0364 7076 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:00:55.0413 7076 Ntfs - ok
15:00:55.0800 7076 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
15:00:55.0837 7076 NuidFltr - ok
15:00:55.0883 7076 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:00:55.0920 7076 Null - ok
15:00:56.0045 7076 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:00:56.0056 7076 NVHDA - ok
15:01:00.0147 7076 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:01:00.0304 7076 nvlddmkm - ok
15:01:00.0486 7076 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:01:00.0590 7076 nvraid - ok
15:01:00.0741 7076 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:01:00.0770 7076 nvstor - ok
15:01:01.0145 7076 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:01:01.0157 7076 nvsvc - ok
15:01:01.0797 7076 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:01:01.0897 7076 nvUpdatusService - ok
15:01:02.0084 7076 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:01:02.0136 7076 nv_agp - ok
15:01:02.0640 7076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:01:02.0782 7076 odserv - ok
15:01:03.0540 7076 [ D99D7854F2D03463C82B2BB2D8C43ABC ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
15:01:03.0555 7076 OfficeSvc - ok
15:01:03.0590 7076 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:01:03.0601 7076 ohci1394 - ok
15:01:03.0759 7076 [ F148101BFA4C8F2D0CD123483A989DC4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:01:03.0801 7076 ose - ok
15:01:05.0256 7076 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:01:07.0140 7076 osppsvc - ok
15:01:07.0335 7076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:01:07.0347 7076 p2pimsvc - ok
15:01:07.0511 7076 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:01:07.0571 7076 p2psvc - ok
15:01:07.0662 7076 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:01:07.0690 7076 Parport - ok
15:01:07.0717 7076 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:01:07.0732 7076 partmgr - ok
15:01:07.0791 7076 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:01:07.0807 7076 PcaSvc - ok
15:01:07.0909 7076 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:01:07.0915 7076 pci - ok
15:01:07.0940 7076 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:01:07.0974 7076 pciide - ok
15:01:08.0164 7076 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:01:08.0187 7076 pcmcia - ok
15:01:08.0217 7076 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:01:08.0265 7076 pcw - ok
15:01:08.0490 7076 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:01:08.0511 7076 PEAUTH - ok
15:01:11.0117 7076 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:01:11.0142 7076 PerfHost - ok
15:01:11.0540 7076 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:01:11.0589 7076 pla - ok
15:01:11.0821 7076 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:01:11.0849 7076 PlugPlay - ok
15:01:11.0935 7076 PnkBstrA - ok
15:01:12.0051 7076 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:01:12.0085 7076 PNRPAutoReg - ok
15:01:12.0150 7076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:01:12.0152 7076 PNRPsvc - ok
15:01:12.0235 7076 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:01:12.0258 7076 Point64 - ok
15:01:12.0454 7076 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:01:12.0472 7076 PolicyAgent - ok
15:01:12.0595 7076 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:01:12.0614 7076 Power - ok
15:01:12.0717 7076 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:01:12.0732 7076 PptpMiniport - ok
15:01:12.0788 7076 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:01:12.0844 7076 Processor - ok
15:01:13.0006 7076 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:01:13.0030 7076 ProfSvc - ok
15:01:13.0087 7076 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:01:13.0088 7076 ProtectedStorage - ok
15:01:13.0303 7076 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:01:13.0378 7076 Psched - ok
15:01:13.0963 7076 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:01:13.0998 7076 ql2300 - ok
15:01:14.0130 7076 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:01:14.0157 7076 ql40xx - ok
15:01:14.0288 7076 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:01:14.0311 7076 QWAVE - ok
15:01:14.0360 7076 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:01:14.0372 7076 QWAVEdrv - ok
15:01:14.0818 7076 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:01:14.0840 7076 RapiMgr - ok
15:01:14.0880 7076 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:01:14.0911 7076 RasAcd - ok
15:01:15.0061 7076 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:01:15.0107 7076 RasAgileVpn - ok
15:01:15.0161 7076 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:01:15.0195 7076 RasAuto - ok
15:01:15.0307 7076 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:01:15.0324 7076 Rasl2tp - ok
15:01:15.0410 7076 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:01:15.0439 7076 RasMan - ok
15:01:15.0576 7076 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:01:15.0611 7076 RasPppoe - ok
15:01:15.0699 7076 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:01:15.0756 7076 RasSstp - ok
15:01:15.0967 7076 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:01:16.0004 7076 rdbss - ok
15:01:16.0135 7076 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:01:16.0143 7076 rdpbus - ok
15:01:16.0208 7076 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:01:16.0234 7076 RDPCDD - ok
15:01:16.0291 7076 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:01:16.0320 7076 RDPENCDD - ok
15:01:16.0427 7076 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:01:16.0479 7076 RDPREFMP - ok
15:01:16.0596 7076 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:01:16.0644 7076 RDPWD - ok
15:01:16.0760 7076 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:01:16.0847 7076 rdyboost - ok
15:01:17.0331 7076 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:01:17.0345 7076 RemoteAccess - ok
15:01:17.0465 7076 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:01:17.0505 7076 RemoteRegistry - ok
15:01:18.0013 7076 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:01:18.0046 7076 RpcEptMapper - ok
15:01:18.0262 7076 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:01:18.0284 7076 RpcLocator - ok
15:01:18.0620 7076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:01:18.0622 7076 RpcSs - ok
15:01:18.0681 7076 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:01:18.0700 7076 rspndr - ok
15:01:19.0045 7076 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:01:19.0068 7076 RTL8167 - ok
15:01:19.0171 7076 [ E13D43901EC079280A2A9BAD9A2CCDA7 ] SAlphamHid C:\Windows\system32\DRIVERS\SAlpham64.sys
15:01:19.0195 7076 SAlphamHid - ok
15:01:19.0222 7076 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:01:19.0223 7076 SamSs - ok
15:01:19.0329 7076 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:01:19.0366 7076 sbp2port - ok
15:01:19.0474 7076 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:01:19.0484 7076 SCardSvr - ok
15:01:19.0549 7076 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:01:19.0584 7076 scfilter - ok
15:01:20.0185 7076 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:01:20.0200 7076 Schedule - ok
15:01:20.0266 7076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:01:20.0267 7076 SCPolicySvc - ok
15:01:20.0364 7076 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:01:20.0375 7076 SDRSVC - ok
15:01:20.0462 7076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:01:20.0481 7076 secdrv - ok
15:01:20.0579 7076 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:01:20.0590 7076 seclogon - ok
15:01:20.0684 7076 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:01:20.0732 7076 SENS - ok
15:01:20.0810 7076 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:01:20.0832 7076 SensrSvc - ok
15:01:20.0884 7076 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:01:20.0907 7076 Serenum - ok
15:01:20.0995 7076 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:01:21.0049 7076 Serial - ok
15:01:21.0244 7076 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:01:21.0271 7076 sermouse - ok
15:01:21.0327 7076 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:01:21.0351 7076 SessionEnv - ok
15:01:21.0383 7076 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:01:21.0391 7076 sffdisk - ok
15:01:21.0439 7076 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:01:21.0448 7076 sffp_mmc - ok
15:01:21.0480 7076 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:01:21.0485 7076 sffp_sd - ok
15:01:21.0561 7076 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:01:21.0658 7076 sfloppy - ok
15:01:21.0791 7076 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:01:21.0805 7076 ShellHWDetection - ok
15:01:21.0831 7076 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:01:21.0884 7076 SiSRaid2 - ok
15:01:21.0908 7076 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:01:21.0972 7076 SiSRaid4 - ok
15:01:22.0061 7076 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:01:22.0085 7076 Smb - ok
15:01:22.0172 7076 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:01:22.0187 7076 SNMPTRAP - ok
15:01:22.0213 7076 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:01:22.0222 7076 spldr - ok
15:01:22.0457 7076 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:01:22.0488 7076 Spooler - ok
15:01:23.0856 7076 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:01:23.0906 7076 sppsvc - ok
15:01:23.0971 7076 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:01:24.0112 7076 sppuinotify - ok
15:01:24.0454 7076 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:01:24.0463 7076 srv - ok
15:01:24.0590 7076 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:01:24.0607 7076 srv2 - ok
15:01:24.0676 7076 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:01:24.0694 7076 srvnet - ok
15:01:24.0795 7076 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:01:24.0828 7076 SSDPSRV - ok
15:01:24.0877 7076 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:01:24.0896 7076 SstpSvc - ok
15:01:24.0977 7076 Steam Client Service - ok
15:01:25.0305 7076 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:01:25.0338 7076 Stereo Service - ok
15:01:25.0429 7076 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:01:25.0445 7076 stexstor - ok
15:01:25.0610 7076 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:01:25.0649 7076 stisvc - ok
15:01:25.0723 7076 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:01:25.0733 7076 swenum - ok
15:01:25.0976 7076 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:01:26.0002 7076 swprv - ok
15:01:26.0988 7076 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:01:27.0017 7076 SysMain - ok
15:01:27.0064 7076 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:01:27.0093 7076 TabletInputService - ok
15:01:27.0144 7076 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:01:27.0155 7076 TapiSrv - ok
15:01:27.0202 7076 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:01:27.0219 7076 TBS - ok
15:01:27.0858 7076 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:01:27.0894 7076 Tcpip - ok
15:01:28.0240 7076 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:01:28.0247 7076 TCPIP6 - ok
15:01:28.0274 7076 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:01:28.0281 7076 tcpipreg - ok
15:01:28.0319 7076 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:01:28.0352 7076 TDPIPE - ok
15:01:28.0399 7076 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:01:28.0417 7076 TDTCP - ok
15:01:28.0486 7076 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:01:28.0525 7076 tdx - ok
15:01:29.0426 7076 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:01:29.0466 7076 TeamViewer7 - ok
15:01:29.0554 7076 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:01:29.0577 7076 TermDD - ok
15:01:29.0837 7076 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:01:29.0866 7076 TermService - ok
15:01:29.0938 7076 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:01:29.0955 7076 Themes - ok
15:01:30.0003 7076 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:01:30.0004 7076 THREADORDER - ok
15:01:30.0072 7076 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:01:30.0094 7076 TrkWks - ok
15:01:30.0257 7076 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:01:30.0300 7076 TrustedInstaller - ok
15:01:30.0345 7076 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:01:30.0456 7076 tssecsrv - ok
15:01:30.0584 7076 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:01:30.0603 7076 TsUsbFlt - ok
15:01:30.0662 7076 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:01:30.0687 7076 tunnel - ok
15:01:30.0715 7076 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:01:30.0736 7076 uagp35 - ok
15:01:30.0853 7076 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:01:30.0895 7076 udfs - ok
15:01:30.0935 7076 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:01:30.0963 7076 UI0Detect - ok
15:01:31.0007 7076 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:01:31.0036 7076 uliagpkx - ok
15:01:31.0094 7076 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:01:31.0127 7076 umbus - ok
15:01:31.0192 7076 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:01:31.0237 7076 UmPass - ok
15:01:31.0360 7076 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:01:31.0408 7076 upnphost - ok
15:01:31.0514 7076 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:01:31.0528 7076 usbaudio - ok
15:01:31.0577 7076 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:01:31.0585 7076 usbccgp - ok
15:01:31.0636 7076 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:01:31.0681 7076 usbcir - ok
15:01:31.0725 7076 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:01:31.0734 7076 usbehci - ok
15:01:31.0802 7076 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:01:31.0814 7076 usbhub - ok
15:01:31.0836 7076 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:01:31.0851 7076 usbohci - ok
15:01:31.0896 7076 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:01:31.0915 7076 usbprint - ok
15:01:31.0988 7076 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:01:32.0012 7076 usbscan - ok
15:01:32.0142 7076 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:01:32.0146 7076 USBSTOR - ok
15:01:32.0728 7076 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:01:32.0746 7076 usbuhci - ok
15:01:32.0935 7076 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:01:32.0971 7076 usb_rndisx - ok
15:01:33.0141 7076 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:01:33.0165 7076 UxSms - ok
15:01:33.0198 7076 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:01:33.0199 7076 VaultSvc - ok
15:01:33.0258 7076 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:01:33.0274 7076 vdrvroot - ok
15:01:33.0485 7076 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:01:33.0541 7076 vds - ok
15:01:33.0654 7076 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:01:33.0688 7076 vga - ok
15:01:33.0726 7076 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:01:33.0735 7076 VgaSave - ok
15:01:33.0810 7076 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:01:33.0830 7076 vhdmp - ok
15:01:33.0882 7076 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:01:33.0892 7076 viaide - ok
15:01:33.0922 7076 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:01:33.0937 7076 volmgr - ok
15:01:34.0060 7076 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:01:34.0108 7076 volmgrx - ok
15:01:34.0252 7076 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:01:34.0281 7076 volsnap - ok
15:01:34.0348 7076 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:01:34.0391 7076 vsmraid - ok
15:01:35.0157 7076 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:01:35.0188 7076 VSS - ok
15:01:35.0229 7076 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:01:35.0269 7076 vwifibus - ok
15:01:35.0986 7076 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys
15:01:36.0029 7076 VX1000 - ok
15:01:36.0126 7076 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:01:36.0145 7076 W32Time - ok
15:01:36.0214 7076 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:01:36.0268 7076 WacomPen - ok
15:01:36.0360 7076 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:01:36.0382 7076 WANARP - ok
15:01:36.0409 7076 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:01:36.0410 7076 Wanarpv6 - ok
15:01:36.0913 7076 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:01:36.0965 7076 WatAdminSvc - ok
15:01:37.0328 7076 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:01:37.0346 7076 wbengine - ok
15:01:37.0419 7076 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:01:37.0434 7076 WbioSrvc - ok
15:01:37.0781 7076 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:01:37.0796 7076 WcesComm - ok
15:01:37.0860 7076 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:01:37.0867 7076 wcncsvc - ok
15:01:37.0917 7076 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:01:37.0937 7076 WcsPlugInService - ok
15:01:38.0023 7076 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:01:38.0040 7076 Wd - ok
15:01:38.0200 7076 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:01:38.0227 7076 Wdf01000 - ok
15:01:38.0280 7076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:01:38.0306 7076 WdiServiceHost - ok
15:01:38.0332 7076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:01:38.0333 7076 WdiSystemHost - ok
15:01:38.0447 7076 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:01:38.0507 7076 WebClient - ok
15:01:38.0564 7076 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:01:38.0580 7076 Wecsvc - ok
15:01:38.0597 7076 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:01:38.0607 7076 wercplsupport - ok
15:01:38.0639 7076 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:01:38.0652 7076 WerSvc - ok
15:01:38.0667 7076 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:01:38.0687 7076 WfpLwf - ok
15:01:38.0708 7076 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:01:38.0739 7076 WIMMount - ok
15:01:38.0742 7076 WinHttpAutoProxySvc - ok
15:01:39.0204 7076 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:01:39.0216 7076 Winmgmt - ok
15:01:39.0812 7076 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:01:39.0851 7076 WinRM - ok
15:01:40.0068 7076 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:01:40.0086 7076 WinUsb - ok
15:01:40.0408 7076 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:01:40.0460 7076 Wlansvc - ok
15:01:40.0680 7076 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:01:40.0681 7076 wlcrasvc - ok
15:01:41.0435 7076 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:01:41.0478 7076 wlidsvc - ok
15:01:41.0607 7076 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:01:41.0619 7076 WmiAcpi - ok
15:01:41.0669 7076 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:01:41.0680 7076 wmiApSrv - ok
15:01:41.0760 7076 WMPNetworkSvc - ok
15:01:42.0247 7076 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
15:01:42.0268 7076 WMZuneComm - ok
15:01:42.0323 7076 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:01:42.0347 7076 WPCSvc - ok
15:01:42.0420 7076 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:01:42.0445 7076 WPDBusEnum - ok
15:01:42.0498 7076 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:01:42.0525 7076 ws2ifsl - ok
15:01:42.0527 7076 WSearch - ok
15:01:43.0146 7076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:01:43.0175 7076 wuauserv - ok
15:01:43.0223 7076 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:01:43.0247 7076 WudfPf - ok
15:01:43.0397 7076 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:01:43.0429 7076 WUDFRd - ok
15:01:43.0485 7076 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:01:43.0520 7076 wudfsvc - ok
15:01:43.0623 7076 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:01:43.0650 7076 WwanSvc - ok
15:01:45.0628 7076 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
15:01:45.0705 7076 ZuneNetworkSvc - ok
15:01:45.0851 7076 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
15:01:45.0866 7076 ZuneWlanCfgSvc - ok
15:01:45.0936 7076 ================ Scan global ===============================
15:01:46.0022 7076 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:01:46.0173 7076 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:01:46.0191 7076 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:01:46.0226 7076 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:01:46.0353 7076 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:01:46.0367 7076 [Global] - ok
15:01:46.0367 7076 ================ Scan MBR ==================================
15:01:46.0394 7076 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:01:46.0394 7076 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:01:46.0519 7076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:01:46.0519 7076 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:01:46.0519 7076 ================ Scan VBR ==================================
15:01:46.0586 7076 [ 36DEBE9E1513C81161F04BA2320AC8B7 ] \Device\Harddisk0\DR0\Partition1
15:01:46.0625 7076 \Device\Harddisk0\DR0\Partition1 - ok
15:01:46.0625 7076 ============================================================
15:01:46.0625 7076 Scan finished
15:01:46.0625 7076 ============================================================
15:01:47.0195 0408 Detected object count: 1
15:01:47.0208 0408 Actual detected object count: 1
15:03:15.0884 0408 \Device\Harddisk0\DR0\# - copied to quarantine
15:03:15.0913 0408 \Device\Harddisk0\DR0 - copied to quarantine
15:03:17.0914 0408 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:03:18.0058 0408 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:03:18.0182 0408 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
15:03:18.0322 0408 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
15:03:18.0632 0408 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:03:18.0718 0408 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:03:18.0778 0408 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:03:18.0796 0408 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:03:18.0850 0408 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:03:18.0916 0408 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:03:18.0927 0408 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:03:18.0928 0408 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:03:18.0938 0408 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:03:18.0939 0408 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:03:18.0989 0408 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
15:03:19.0005 0408 \Device\Harddisk0\DR0 - ok
15:03:19.0028 0408 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users