Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Agent


  • Please log in to reply
13 replies to this topic

#1 tdamlo

tdamlo

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 26 August 2012 - 09:08 PM

I have Malwarebytes installed and I keep finding a reoccurring trojan file. C:\\Windows\svchost.exe it comes up as a memory process and a file. I'm running windows 7 64bit and I recently installed a clean install of windows 7 but the trojan is still there. any input is much appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:33 PM

Posted 26 August 2012 - 09:19 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 27 August 2012 - 06:55 PM

18:50:47.0309 3996 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:50:47.0840 3996 ============================================================
18:50:47.0840 3996 Current date / time: 2012/08/27 18:50:47.0840
18:50:47.0840 3996 SystemInfo:
18:50:47.0840 3996
18:50:47.0840 3996 OS Version: 6.1.7601 ServicePack: 1.0
18:50:47.0840 3996 Product type: Workstation
18:50:47.0840 3996 ComputerName: TYLER-PC
18:50:47.0840 3996 UserName: Hanler
18:50:47.0840 3996 Windows directory: C:\Windows
18:50:47.0840 3996 System windows directory: C:\Windows
18:50:47.0840 3996 Running under WOW64
18:50:47.0840 3996 Processor architecture: Intel x64
18:50:47.0840 3996 Number of processors: 4
18:50:47.0840 3996 Page size: 0x1000
18:50:47.0840 3996 Boot type: Normal boot
18:50:47.0840 3996 ============================================================
18:50:50.0632 3996 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:50:50.0648 3996 ============================================================
18:50:50.0648 3996 \Device\Harddisk0\DR0:
18:50:50.0648 3996 MBR partitions:
18:50:50.0648 3996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:50:50.0648 3996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x387E9800
18:50:50.0648 3996 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3884D800, BlocksNum 0x1B04800
18:50:50.0648 3996 ============================================================
18:50:50.0663 3996 C: <-> \Device\Harddisk0\DR0\Partition2
18:50:50.0991 3996 D: <-> \Device\Harddisk0\DR0\Partition3
18:50:50.0991 3996 ============================================================
18:50:50.0991 3996 Initialize success
18:50:50.0991 3996 ============================================================
18:52:34.0827 1888 ============================================================
18:52:34.0827 1888 Scan started
18:52:34.0827 1888 Mode: Manual; TDLFS;
18:52:34.0827 1888 ============================================================
18:52:37.0853 1888 ================ Scan system memory ========================
18:52:37.0853 1888 System memory - ok
18:52:37.0853 1888 ================ Scan services =============================
18:52:37.0994 1888 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:52:38.0009 1888 1394ohci - ok
18:52:38.0041 1888 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:52:38.0041 1888 ACPI - ok
18:52:38.0056 1888 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:52:38.0056 1888 AcpiPmi - ok
18:52:38.0290 1888 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:38.0306 1888 AdobeFlashPlayerUpdateSvc - ok
18:52:38.0353 1888 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:52:38.0368 1888 adp94xx - ok
18:52:38.0399 1888 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:52:38.0399 1888 adpahci - ok
18:52:38.0431 1888 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:52:38.0431 1888 adpu320 - ok
18:52:38.0462 1888 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:52:38.0477 1888 AeLookupSvc - ok
18:52:38.0509 1888 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys
18:52:38.0524 1888 AFD - ok
18:52:38.0571 1888 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:52:38.0571 1888 agp440 - ok
18:52:38.0618 1888 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:52:38.0618 1888 ALG - ok
18:52:38.0633 1888 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:52:38.0633 1888 aliide - ok
18:52:38.0696 1888 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:52:38.0696 1888 AMD External Events Utility - ok
18:52:38.0758 1888 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:52:38.0758 1888 amdide - ok
18:52:38.0836 1888 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:52:38.0836 1888 AmdK8 - ok
18:52:38.0883 1888 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:52:38.0883 1888 AmdPPM - ok
18:52:38.0914 1888 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:52:38.0914 1888 amdsata - ok
18:52:38.0961 1888 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:52:38.0961 1888 amdsbs - ok
18:52:38.0992 1888 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:52:38.0992 1888 amdxata - ok
18:52:39.0086 1888 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:52:39.0101 1888 AppID - ok
18:52:39.0133 1888 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:52:39.0148 1888 AppIDSvc - ok
18:52:39.0179 1888 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:52:39.0179 1888 Appinfo - ok
18:52:39.0273 1888 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:52:39.0335 1888 arc - ok
18:52:39.0507 1888 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:52:39.0554 1888 arcsas - ok
18:52:39.0616 1888 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:39.0616 1888 AsyncMac - ok
18:52:39.0663 1888 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:52:39.0663 1888 atapi - ok
18:52:40.0022 1888 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:52:40.0225 1888 atikmdag - ok
18:52:40.0271 1888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:52:40.0287 1888 AudioEndpointBuilder - ok
18:52:40.0303 1888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:52:40.0318 1888 AudioSrv - ok
18:52:40.0349 1888 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:52:40.0349 1888 AxInstSV - ok
18:52:40.0381 1888 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:52:40.0396 1888 b06bdrv - ok
18:52:40.0427 1888 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:52:40.0427 1888 b57nd60a - ok
18:52:40.0474 1888 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:52:40.0474 1888 BDESVC - ok
18:52:40.0505 1888 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:52:40.0505 1888 Beep - ok
18:52:40.0568 1888 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:52:40.0583 1888 BFE - ok
18:52:40.0630 1888 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:52:40.0646 1888 BITS - ok
18:52:40.0661 1888 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:52:40.0661 1888 blbdrive - ok
18:52:40.0708 1888 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:52:40.0708 1888 bowser - ok
18:52:40.0739 1888 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:52:40.0739 1888 BrFiltLo - ok
18:52:40.0755 1888 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:52:40.0755 1888 BrFiltUp - ok
18:52:40.0802 1888 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:52:40.0817 1888 Browser - ok
18:52:40.0849 1888 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:52:40.0849 1888 Brserid - ok
18:52:40.0864 1888 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:52:40.0864 1888 BrSerWdm - ok
18:52:40.0880 1888 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:52:40.0880 1888 BrUsbMdm - ok
18:52:40.0895 1888 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:52:40.0895 1888 BrUsbSer - ok
18:52:40.0911 1888 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:52:40.0911 1888 BTHMODEM - ok
18:52:40.0958 1888 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:52:40.0958 1888 bthserv - ok
18:52:40.0989 1888 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:52:40.0989 1888 cdfs - ok
18:52:41.0005 1888 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:52:41.0020 1888 cdrom - ok
18:52:41.0051 1888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:52:41.0051 1888 CertPropSvc - ok
18:52:41.0051 1888 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:52:41.0051 1888 circlass - ok
18:52:41.0083 1888 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:52:41.0083 1888 CLFS - ok
18:52:41.0192 1888 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:41.0192 1888 clr_optimization_v2.0.50727_32 - ok
18:52:41.0239 1888 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:52:41.0239 1888 clr_optimization_v2.0.50727_64 - ok
18:52:41.0473 1888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:41.0473 1888 clr_optimization_v4.0.30319_32 - ok
18:52:41.0644 1888 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:52:41.0660 1888 clr_optimization_v4.0.30319_64 - ok
18:52:41.0691 1888 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:41.0707 1888 CmBatt - ok
18:52:41.0738 1888 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:52:41.0738 1888 cmdide - ok
18:52:41.0785 1888 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
18:52:41.0785 1888 CNG - ok
18:52:41.0816 1888 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:52:41.0816 1888 Compbatt - ok
18:52:41.0831 1888 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:52:41.0831 1888 CompositeBus - ok
18:52:41.0863 1888 COMSysApp - ok
18:52:41.0894 1888 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:52:41.0894 1888 crcdisk - ok
18:52:41.0941 1888 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:52:41.0941 1888 CryptSvc - ok
18:52:42.0003 1888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:52:42.0019 1888 DcomLaunch - ok
18:52:42.0081 1888 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:52:42.0081 1888 defragsvc - ok
18:52:42.0112 1888 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:52:42.0112 1888 DfsC - ok
18:52:42.0175 1888 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:52:42.0190 1888 Dhcp - ok
18:52:42.0237 1888 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:52:42.0237 1888 discache - ok
18:52:42.0253 1888 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:52:42.0253 1888 Disk - ok
18:52:42.0299 1888 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:52:42.0299 1888 Dnscache - ok
18:52:42.0393 1888 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:52:42.0393 1888 dot3svc - ok
18:52:42.0440 1888 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:52:42.0440 1888 DPS - ok
18:52:42.0549 1888 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:52:42.0549 1888 drmkaud - ok
18:52:42.0596 1888 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:52:42.0611 1888 DXGKrnl - ok
18:52:42.0658 1888 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:52:42.0658 1888 EapHost - ok
18:52:42.0767 1888 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:52:42.0877 1888 ebdrv - ok
18:52:42.0908 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
18:52:42.0908 1888 EFS - ok
18:52:42.0986 1888 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:52:43.0001 1888 ehRecvr - ok
18:52:43.0017 1888 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:52:43.0017 1888 ehSched - ok
18:52:43.0079 1888 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:52:43.0095 1888 elxstor - ok
18:52:43.0111 1888 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:52:43.0111 1888 ErrDev - ok
18:52:43.0157 1888 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:52:43.0173 1888 EventSystem - ok
18:52:43.0204 1888 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:52:43.0204 1888 exfat - ok
18:52:43.0235 1888 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:52:43.0235 1888 fastfat - ok
18:52:43.0282 1888 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:52:43.0298 1888 Fax - ok
18:52:43.0345 1888 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:52:43.0345 1888 fdc - ok
18:52:43.0376 1888 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:52:43.0376 1888 fdPHost - ok
18:52:43.0391 1888 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:52:43.0391 1888 FDResPub - ok
18:52:43.0407 1888 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:52:43.0423 1888 FileInfo - ok
18:52:43.0423 1888 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:52:43.0423 1888 Filetrace - ok
18:52:43.0438 1888 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:52:43.0438 1888 flpydisk - ok
18:52:43.0469 1888 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:52:43.0469 1888 FltMgr - ok
18:52:43.0547 1888 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
18:52:43.0579 1888 FontCache - ok
18:52:43.0625 1888 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:52:43.0625 1888 FontCache3.0.0.0 - ok
18:52:43.0657 1888 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:52:43.0672 1888 FsDepends - ok
18:52:43.0703 1888 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:52:43.0703 1888 Fs_Rec - ok
18:52:43.0750 1888 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:52:43.0750 1888 fvevol - ok
18:52:43.0781 1888 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:52:43.0781 1888 gagp30kx - ok
18:52:43.0828 1888 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:52:43.0844 1888 gpsvc - ok
18:52:43.0875 1888 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:52:43.0875 1888 hcw85cir - ok
18:52:43.0922 1888 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:52:43.0937 1888 HdAudAddService - ok
18:52:43.0953 1888 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:52:43.0969 1888 HDAudBus - ok
18:52:43.0969 1888 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:52:43.0969 1888 HidBatt - ok
18:52:44.0000 1888 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:52:44.0000 1888 HidBth - ok
18:52:44.0015 1888 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:52:44.0015 1888 HidIr - ok
18:52:44.0062 1888 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:52:44.0062 1888 hidserv - ok
18:52:44.0078 1888 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:52:44.0093 1888 HidUsb - ok
18:52:44.0125 1888 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:52:44.0125 1888 hkmsvc - ok
18:52:44.0156 1888 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:52:44.0156 1888 HomeGroupListener - ok
18:52:44.0187 1888 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:52:44.0187 1888 HomeGroupProvider - ok
18:52:44.0203 1888 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:52:44.0203 1888 HpSAMD - ok
18:52:44.0234 1888 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:52:44.0249 1888 HTTP - ok
18:52:44.0265 1888 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:52:44.0265 1888 hwpolicy - ok
18:52:44.0296 1888 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:52:44.0296 1888 i8042prt - ok
18:52:44.0312 1888 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:52:44.0327 1888 iaStorV - ok
18:52:44.0577 1888 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:52:44.0764 1888 IconMan_R - ok
18:52:45.0076 1888 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:52:45.0092 1888 idsvc - ok
18:52:45.0123 1888 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:52:45.0123 1888 iirsp - ok
18:52:45.0170 1888 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:52:45.0185 1888 IKEEXT - ok
18:52:45.0232 1888 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:52:45.0232 1888 intelide - ok
18:52:45.0263 1888 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:52:45.0263 1888 intelppm - ok
18:52:45.0295 1888 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:52:45.0295 1888 IPBusEnum - ok
18:52:45.0310 1888 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:52:45.0310 1888 IpFilterDriver - ok
18:52:45.0357 1888 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:52:45.0373 1888 iphlpsvc - ok
18:52:45.0373 1888 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:52:45.0388 1888 IPMIDRV - ok
18:52:45.0388 1888 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:52:45.0388 1888 IPNAT - ok
18:52:45.0419 1888 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:52:45.0419 1888 IRENUM - ok
18:52:45.0435 1888 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:52:45.0435 1888 isapnp - ok
18:52:45.0466 1888 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:52:45.0466 1888 iScsiPrt - ok
18:52:45.0482 1888 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:52:45.0482 1888 kbdclass - ok
18:52:45.0497 1888 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:52:45.0497 1888 kbdhid - ok
18:52:45.0529 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
18:52:45.0529 1888 KeyIso - ok
18:52:45.0575 1888 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:52:45.0575 1888 KSecDD - ok
18:52:45.0591 1888 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:52:45.0591 1888 KSecPkg - ok
18:52:45.0622 1888 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:52:45.0622 1888 ksthunk - ok
18:52:45.0685 1888 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:52:45.0700 1888 KtmRm - ok
18:52:45.0747 1888 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:52:45.0747 1888 LanmanServer - ok
18:52:45.0794 1888 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:52:45.0794 1888 LanmanWorkstation - ok
18:52:45.0841 1888 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:52:45.0841 1888 lltdio - ok
18:52:45.0872 1888 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:52:45.0887 1888 lltdsvc - ok
18:52:45.0919 1888 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:52:45.0934 1888 lmhosts - ok
18:52:45.0950 1888 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:52:45.0950 1888 LSI_FC - ok
18:52:45.0981 1888 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:52:45.0981 1888 LSI_SAS - ok
18:52:45.0997 1888 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:52:45.0997 1888 LSI_SAS2 - ok
18:52:46.0012 1888 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:52:46.0012 1888 LSI_SCSI - ok
18:52:46.0028 1888 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:52:46.0028 1888 luafv - ok
18:52:46.0059 1888 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:52:46.0059 1888 Mcx2Svc - ok
18:52:46.0075 1888 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:52:46.0075 1888 megasas - ok
18:52:46.0106 1888 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:52:46.0106 1888 MegaSR - ok
18:52:46.0153 1888 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:52:46.0153 1888 MMCSS - ok
18:52:46.0184 1888 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:52:46.0184 1888 Modem - ok
18:52:46.0199 1888 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:52:46.0199 1888 monitor - ok
18:52:46.0246 1888 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:52:46.0246 1888 mouclass - ok
18:52:46.0262 1888 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:52:46.0262 1888 mouhid - ok
18:52:46.0277 1888 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:52:46.0277 1888 mountmgr - ok
18:52:46.0324 1888 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:52:46.0340 1888 MozillaMaintenance - ok
18:52:46.0371 1888 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:52:46.0387 1888 MpFilter - ok
18:52:46.0402 1888 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:52:46.0402 1888 mpio - ok
18:52:46.0527 1888 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKsl5cd2b748 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9269699-52F4-4F98-93A0-2927F08E1CED}\MpKsl5cd2b748.sys
18:52:46.0527 1888 MpKsl5cd2b748 - ok
18:52:46.0574 1888 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:52:46.0574 1888 mpsdrv - ok
18:52:46.0636 1888 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:52:46.0652 1888 MpsSvc - ok
18:52:46.0667 1888 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:52:46.0683 1888 MRxDAV - ok
18:52:46.0699 1888 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:52:46.0714 1888 mrxsmb - ok
18:52:46.0745 1888 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:52:46.0745 1888 mrxsmb10 - ok
18:52:46.0777 1888 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:52:46.0777 1888 mrxsmb20 - ok
18:52:46.0823 1888 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:52:46.0823 1888 msahci - ok
18:52:46.0839 1888 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:52:46.0839 1888 msdsm - ok
18:52:46.0870 1888 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:52:46.0870 1888 MSDTC - ok
18:52:46.0886 1888 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:52:46.0886 1888 Msfs - ok
18:52:46.0901 1888 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:52:46.0901 1888 mshidkmdf - ok
18:52:46.0917 1888 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:52:46.0917 1888 msisadrv - ok
18:52:46.0948 1888 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:52:46.0948 1888 MSiSCSI - ok
18:52:46.0964 1888 msiserver - ok
18:52:46.0995 1888 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:52:46.0995 1888 MSKSSRV - ok
18:52:47.0089 1888 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:52:47.0089 1888 MsMpSvc - ok
18:52:47.0104 1888 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:52:47.0104 1888 MSPCLOCK - ok
18:52:47.0135 1888 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:52:47.0135 1888 MSPQM - ok
18:52:47.0151 1888 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:52:47.0167 1888 MsRPC - ok
18:52:47.0182 1888 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:52:47.0182 1888 mssmbios - ok
18:52:47.0198 1888 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:52:47.0198 1888 MSTEE - ok
18:52:47.0229 1888 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:52:47.0229 1888 MTConfig - ok
18:52:47.0245 1888 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:52:47.0245 1888 Mup - ok
18:52:47.0276 1888 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:52:47.0291 1888 napagent - ok
18:52:47.0338 1888 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:52:47.0338 1888 NativeWifiP - ok
18:52:47.0432 1888 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:52:47.0447 1888 NDIS - ok
18:52:47.0479 1888 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:52:47.0479 1888 NdisCap - ok
18:52:47.0494 1888 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:52:47.0494 1888 NdisTapi - ok
18:52:47.0510 1888 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:52:47.0525 1888 Ndisuio - ok
18:52:47.0525 1888 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:52:47.0541 1888 NdisWan - ok
18:52:47.0541 1888 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:52:47.0541 1888 NDProxy - ok
18:52:47.0572 1888 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:52:47.0572 1888 NetBIOS - ok
18:52:47.0603 1888 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:52:47.0603 1888 NetBT - ok
18:52:47.0635 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
18:52:47.0635 1888 Netlogon - ok
18:52:47.0681 1888 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:52:47.0681 1888 Netman - ok
18:52:47.0713 1888 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:52:47.0713 1888 netprofm - ok
18:52:47.0759 1888 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:47.0759 1888 NetTcpPortSharing - ok
18:52:47.0806 1888 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:52:47.0806 1888 nfrd960 - ok
18:52:47.0837 1888 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:52:47.0837 1888 NisDrv - ok
18:52:47.0853 1888 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:52:47.0869 1888 NisSrv - ok
18:52:47.0915 1888 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:52:47.0915 1888 NlaSvc - ok
18:52:47.0931 1888 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:52:47.0931 1888 Npfs - ok
18:52:47.0962 1888 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:52:47.0962 1888 nsi - ok
18:52:47.0978 1888 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:52:47.0978 1888 nsiproxy - ok
18:52:48.0025 1888 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:52:48.0056 1888 Ntfs - ok
18:52:48.0087 1888 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:52:48.0087 1888 Null - ok
18:52:48.0103 1888 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:52:48.0103 1888 nvraid - ok
18:52:48.0118 1888 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:52:48.0118 1888 nvstor - ok
18:52:48.0134 1888 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:52:48.0134 1888 nv_agp - ok
18:52:48.0165 1888 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:52:48.0165 1888 ohci1394 - ok
18:52:48.0212 1888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:52:48.0212 1888 p2pimsvc - ok
18:52:48.0243 1888 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:52:48.0243 1888 p2psvc - ok
18:52:48.0259 1888 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:52:48.0259 1888 Parport - ok
18:52:48.0290 1888 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:52:48.0290 1888 partmgr - ok
18:52:48.0321 1888 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:52:48.0321 1888 PcaSvc - ok
18:52:48.0352 1888 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:52:48.0368 1888 pci - ok
18:52:48.0368 1888 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:52:48.0368 1888 pciide - ok
18:52:48.0399 1888 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:52:48.0399 1888 pcmcia - ok
18:52:48.0399 1888 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:52:48.0415 1888 pcw - ok
18:52:48.0430 1888 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:52:48.0446 1888 PEAUTH - ok
18:52:48.0524 1888 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:52:48.0524 1888 PerfHost - ok
18:52:48.0586 1888 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:52:48.0617 1888 pla - ok
18:52:48.0680 1888 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:52:48.0680 1888 PlugPlay - ok
18:52:48.0711 1888 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:52:48.0711 1888 PNRPAutoReg - ok
18:52:48.0742 1888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:52:48.0742 1888 PNRPsvc - ok
18:52:48.0789 1888 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:52:48.0805 1888 PolicyAgent - ok
18:52:48.0836 1888 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:52:48.0851 1888 Power - ok
18:52:48.0883 1888 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:52:48.0883 1888 PptpMiniport - ok
18:52:48.0898 1888 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:52:48.0898 1888 Processor - ok
18:52:48.0945 1888 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
18:52:48.0945 1888 ProfSvc - ok
18:52:48.0961 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
18:52:48.0961 1888 ProtectedStorage - ok
18:52:48.0992 1888 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:52:49.0007 1888 Psched - ok
18:52:49.0054 1888 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:52:49.0085 1888 ql2300 - ok
18:52:49.0101 1888 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:52:49.0101 1888 ql40xx - ok
18:52:49.0148 1888 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:52:49.0148 1888 QWAVE - ok
18:52:49.0179 1888 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:52:49.0179 1888 QWAVEdrv - ok
18:52:49.0195 1888 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:52:49.0195 1888 RasAcd - ok
18:52:49.0241 1888 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:52:49.0241 1888 RasAgileVpn - ok
18:52:49.0257 1888 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:52:49.0273 1888 RasAuto - ok
18:52:49.0288 1888 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:52:49.0288 1888 Rasl2tp - ok
18:52:49.0319 1888 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:52:49.0335 1888 RasMan - ok
18:52:49.0351 1888 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:52:49.0366 1888 RasPppoe - ok
18:52:49.0366 1888 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:52:49.0366 1888 RasSstp - ok
18:52:49.0413 1888 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:52:49.0413 1888 rdbss - ok
18:52:49.0444 1888 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:52:49.0444 1888 rdpbus - ok
18:52:49.0460 1888 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:52:49.0460 1888 RDPCDD - ok
18:52:49.0491 1888 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:52:49.0491 1888 RDPENCDD - ok
18:52:49.0507 1888 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:52:49.0507 1888 RDPREFMP - ok
18:52:49.0569 1888 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:52:49.0569 1888 RDPWD - ok
18:52:49.0616 1888 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:52:49.0616 1888 rdyboost - ok
18:52:49.0647 1888 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:52:49.0647 1888 RemoteAccess - ok
18:52:49.0678 1888 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:52:49.0694 1888 RemoteRegistry - ok
18:52:49.0725 1888 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:52:49.0725 1888 RpcEptMapper - ok
18:52:49.0756 1888 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:52:49.0756 1888 RpcLocator - ok
18:52:49.0788 1888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:52:49.0803 1888 RpcSs - ok
18:52:49.0834 1888 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:52:49.0850 1888 RSPCIESTOR - ok
18:52:49.0897 1888 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:52:49.0897 1888 rspndr - ok
18:52:49.0944 1888 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:52:49.0944 1888 RTL8167 - ok
18:52:49.0990 1888 [ 508D997A5E9F400FADE6C85251BF13DF ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
18:52:49.0990 1888 RTL8192Ce - ok
18:52:50.0037 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
18:52:50.0037 1888 SamSs - ok
18:52:50.0068 1888 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:52:50.0162 1888 sbp2port - ok
18:52:50.0193 1888 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:52:50.0209 1888 SCardSvr - ok
18:52:50.0240 1888 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:52:50.0240 1888 scfilter - ok
18:52:50.0287 1888 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:52:50.0302 1888 Schedule - ok
18:52:50.0334 1888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:52:50.0334 1888 SCPolicySvc - ok
18:52:50.0396 1888 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:52:50.0396 1888 SDRSVC - ok
18:52:50.0443 1888 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:52:50.0443 1888 secdrv - ok
18:52:50.0474 1888 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:52:50.0474 1888 seclogon - ok
18:52:50.0490 1888 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:52:50.0505 1888 SENS - ok
18:52:50.0536 1888 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:52:50.0552 1888 SensrSvc - ok
18:52:50.0583 1888 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:52:50.0583 1888 Serenum - ok
18:52:50.0614 1888 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:52:50.0614 1888 Serial - ok
18:52:50.0630 1888 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:52:50.0630 1888 sermouse - ok
18:52:50.0661 1888 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:52:50.0677 1888 SessionEnv - ok
18:52:50.0677 1888 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:52:50.0677 1888 sffdisk - ok
18:52:50.0692 1888 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:52:50.0692 1888 sffp_mmc - ok
18:52:50.0708 1888 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:52:50.0708 1888 sffp_sd - ok
18:52:50.0724 1888 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:52:50.0724 1888 sfloppy - ok
18:52:50.0755 1888 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:52:50.0755 1888 SharedAccess - ok
18:52:50.0817 1888 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:52:50.0833 1888 ShellHWDetection - ok
18:52:50.0864 1888 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:52:50.0864 1888 SiSRaid2 - ok
18:52:50.0864 1888 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:52:50.0864 1888 SiSRaid4 - ok
18:52:50.0911 1888 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:52:50.0911 1888 Smb - ok
18:52:50.0973 1888 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:52:50.0973 1888 SNMPTRAP - ok
18:52:50.0989 1888 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:52:50.0989 1888 spldr - ok
18:52:51.0067 1888 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:52:51.0082 1888 Spooler - ok
18:52:51.0238 1888 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:52:51.0285 1888 sppsvc - ok
18:52:51.0301 1888 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:52:51.0301 1888 sppuinotify - ok
18:52:51.0348 1888 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:52:51.0363 1888 srv - ok
18:52:51.0379 1888 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:52:51.0379 1888 srv2 - ok
18:52:51.0426 1888 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:52:51.0426 1888 srvnet - ok
18:52:51.0488 1888 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:52:51.0488 1888 SSDPSRV - ok
18:52:51.0488 1888 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:52:51.0504 1888 SstpSvc - ok
18:52:51.0566 1888 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:52:51.0582 1888 STacSV - ok
18:52:51.0597 1888 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:52:51.0597 1888 stexstor - ok
18:52:51.0628 1888 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:52:51.0628 1888 STHDA - ok
18:52:51.0691 1888 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:52:51.0706 1888 stisvc - ok
18:52:51.0738 1888 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:52:51.0738 1888 swenum - ok
18:52:51.0769 1888 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:52:51.0784 1888 swprv - ok
18:52:51.0894 1888 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:52:51.0909 1888 SynTP - ok
18:52:52.0018 1888 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:52:52.0050 1888 SysMain - ok
18:52:52.0081 1888 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:52:52.0081 1888 TabletInputService - ok
18:52:52.0112 1888 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:52:52.0112 1888 TapiSrv - ok
18:52:52.0143 1888 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:52:52.0143 1888 TBS - ok
18:52:52.0252 1888 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:52:52.0284 1888 Tcpip - ok
18:52:52.0393 1888 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:52:52.0408 1888 TCPIP6 - ok
18:52:52.0455 1888 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:52:52.0455 1888 tcpipreg - ok
18:52:52.0471 1888 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:52:52.0471 1888 TDPIPE - ok
18:52:52.0502 1888 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:52:52.0502 1888 TDTCP - ok
18:52:52.0533 1888 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:52:52.0533 1888 tdx - ok
18:52:52.0533 1888 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:52:52.0533 1888 TermDD - ok
18:52:52.0580 1888 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:52:52.0596 1888 TermService - ok
18:52:52.0611 1888 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:52:52.0611 1888 Themes - ok
18:52:52.0627 1888 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:52:52.0627 1888 THREADORDER - ok
18:52:52.0658 1888 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:52:52.0658 1888 TrkWks - ok
18:52:52.0705 1888 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:52:52.0705 1888 TrustedInstaller - ok
18:52:52.0736 1888 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:52:52.0736 1888 tssecsrv - ok
18:52:52.0736 1888 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:52:52.0736 1888 TsUsbFlt - ok
18:52:52.0767 1888 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:52:52.0767 1888 TsUsbGD - ok
18:52:52.0798 1888 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:52:52.0798 1888 tunnel - ok
18:52:52.0814 1888 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:52:52.0814 1888 uagp35 - ok
18:52:52.0830 1888 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:52:52.0845 1888 udfs - ok
18:52:52.0876 1888 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:52:52.0876 1888 UI0Detect - ok
18:52:52.0892 1888 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:52:52.0892 1888 uliagpkx - ok
18:52:52.0908 1888 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:52:52.0908 1888 umbus - ok
18:52:52.0923 1888 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:52:52.0923 1888 UmPass - ok
18:52:52.0939 1888 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:52:52.0954 1888 upnphost - ok
18:52:52.0970 1888 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:52:52.0970 1888 usbccgp - ok
18:52:53.0001 1888 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:52:53.0001 1888 usbcir - ok
18:52:53.0017 1888 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:52:53.0017 1888 usbehci - ok
18:52:53.0032 1888 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:52:53.0032 1888 usbhub - ok
18:52:53.0048 1888 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:52:53.0048 1888 usbohci - ok
18:52:53.0048 1888 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:52:53.0048 1888 usbprint - ok
18:52:53.0064 1888 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:52:53.0064 1888 USBSTOR - ok
18:52:53.0079 1888 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:52:53.0079 1888 usbuhci - ok
18:52:53.0126 1888 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:52:53.0126 1888 usbvideo - ok
18:52:53.0188 1888 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:52:53.0188 1888 UxSms - ok
18:52:53.0204 1888 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
18:52:53.0204 1888 VaultSvc - ok
18:52:53.0235 1888 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:52:53.0251 1888 vdrvroot - ok
18:52:53.0282 1888 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:52:53.0282 1888 vds - ok
18:52:53.0313 1888 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:52:53.0313 1888 vga - ok
18:52:53.0313 1888 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:52:53.0313 1888 VgaSave - ok
18:52:53.0329 1888 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:52:53.0329 1888 vhdmp - ok
18:52:53.0344 1888 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:52:53.0344 1888 viaide - ok
18:52:53.0344 1888 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:52:53.0360 1888 volmgr - ok
18:52:53.0376 1888 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:52:53.0376 1888 volmgrx - ok
18:52:53.0391 1888 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:52:53.0391 1888 volsnap - ok
18:52:53.0407 1888 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:52:53.0407 1888 vsmraid - ok
18:52:53.0469 1888 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:52:53.0500 1888 VSS - ok
18:52:53.0532 1888 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:52:53.0532 1888 vwifibus - ok
18:52:53.0563 1888 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:52:53.0563 1888 vwififlt - ok
18:52:53.0594 1888 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:52:53.0594 1888 W32Time - ok
18:52:53.0625 1888 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:52:53.0625 1888 WacomPen - ok
18:52:53.0641 1888 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:52:53.0641 1888 WANARP - ok
18:52:53.0641 1888 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:52:53.0656 1888 Wanarpv6 - ok
18:52:53.0734 1888 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:52:53.0781 1888 wbengine - ok
18:52:53.0812 1888 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:52:53.0812 1888 WbioSrvc - ok
18:52:53.0828 1888 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:52:53.0844 1888 wcncsvc - ok
18:52:53.0859 1888 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:52:53.0859 1888 WcsPlugInService - ok
18:52:53.0875 1888 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:52:53.0875 1888 Wd - ok
18:52:53.0906 1888 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:52:53.0922 1888 Wdf01000 - ok
18:52:53.0937 1888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:52:53.0937 1888 WdiServiceHost - ok
18:52:53.0953 1888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:52:53.0953 1888 WdiSystemHost - ok
18:52:54.0000 1888 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:52:54.0000 1888 WebClient - ok
18:52:54.0031 1888 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:52:54.0046 1888 Wecsvc - ok
18:52:54.0046 1888 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:52:54.0062 1888 wercplsupport - ok
18:52:54.0093 1888 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:52:54.0093 1888 WerSvc - ok
18:52:54.0140 1888 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:52:54.0140 1888 WfpLwf - ok
18:52:54.0156 1888 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:52:54.0156 1888 WIMMount - ok
18:52:54.0171 1888 WinDefend - ok
18:52:54.0187 1888 WinHttpAutoProxySvc - ok
18:52:54.0280 1888 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:52:54.0296 1888 Winmgmt - ok
18:52:54.0390 1888 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:52:54.0421 1888 WinRM - ok
18:52:54.0483 1888 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:52:54.0499 1888 Wlansvc - ok
18:52:54.0530 1888 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:52:54.0530 1888 WmiAcpi - ok
18:52:54.0561 1888 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:52:54.0561 1888 wmiApSrv - ok
18:52:54.0592 1888 WMPNetworkSvc - ok
18:52:54.0639 1888 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:52:54.0655 1888 WPCSvc - ok
18:52:54.0670 1888 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:52:54.0670 1888 WPDBusEnum - ok
18:52:54.0717 1888 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:52:54.0717 1888 ws2ifsl - ok
18:52:54.0733 1888 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:52:54.0733 1888 wscsvc - ok
18:52:54.0748 1888 WSearch - ok
18:52:54.0889 1888 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:52:54.0951 1888 wuauserv - ok
18:52:54.0982 1888 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:52:54.0982 1888 WudfPf - ok
18:52:55.0014 1888 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:52:55.0014 1888 WUDFRd - ok
18:52:55.0045 1888 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:52:55.0045 1888 wudfsvc - ok
18:52:55.0076 1888 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:52:55.0076 1888 WwanSvc - ok
18:52:55.0092 1888 ================ Scan global ===============================
18:52:55.0107 1888 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:52:55.0154 1888 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
18:52:55.0248 1888 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
18:52:55.0357 1888 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:52:55.0419 1888 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:52:55.0435 1888 [Global] - ok
18:52:55.0435 1888 ================ Scan MBR ==================================
18:52:55.0450 1888 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:52:55.0450 1888 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:52:55.0513 1888 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:52:55.0513 1888 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:52:55.0731 1888 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:52:55.0731 1888 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:52:55.0731 1888 ================ Scan VBR ==================================
18:52:55.0762 1888 [ DE2AAF72D7B93ADEF1E582F76E3680AD ] \Device\Harddisk0\DR0\Partition1
18:52:55.0762 1888 \Device\Harddisk0\DR0\Partition1 - ok
18:52:55.0809 1888 [ 3B242F8FC0E9D45632FC888BC8B89222 ] \Device\Harddisk0\DR0\Partition2
18:52:55.0809 1888 \Device\Harddisk0\DR0\Partition2 - ok
18:52:55.0856 1888 [ DE81483E4F60288EF3F47515D0CC4B49 ] \Device\Harddisk0\DR0\Partition3
18:52:55.0856 1888 \Device\Harddisk0\DR0\Partition3 - ok
18:52:55.0856 1888 ============================================================
18:52:55.0856 1888 Scan finished
18:52:55.0856 1888 ============================================================
18:52:55.0887 1156 Detected object count: 2
18:52:55.0887 1156 Actual detected object count: 2

#4 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 27 August 2012 - 07:12 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 18:56:51
-----------------------------
18:56:51.920 OS Version: Windows x64 6.1.7601 Service Pack 1
18:56:51.920 Number of processors: 4 586 0x503
18:56:51.920 ComputerName: TYLER-PC UserName: Hanler
18:56:57.053 Initialize success
18:58:27.387 AVAST engine defs: 12082800
18:59:18.353 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:59:18.368 Disk 0 Vendor: TOSHIBA_MK5076GSX GS001C Size: 476940MB BusType: 11
18:59:18.368 Device \Driver\atapi -> MajorFunction fffffa80049835e8
18:59:18.415 Disk 0 MBR read successfully
18:59:18.415 Disk 0 MBR scan
18:59:18.509 Disk 0 Windows 7 default MBR code
18:59:18.509 Disk 0 MBR hidden
18:59:18.524 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:59:18.587 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462803 MB offset 409600
18:59:18.649 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13833 MB offset 948230144
18:59:18.774 Disk 0 scanning C:\Windows\system32\drivers
18:59:43.781 Service scanning
19:00:06.026 Service MpKsl5cd2b748 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9269699-52F4-4F98-93A0-2927F08E1CED}\MpKsl5cd2b748.sys **LOCKED** 32
19:00:42.374 Modules scanning
19:00:42.390 Disk 0 trace - called modules:
19:00:42.406 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80049835e8]<<
19:00:42.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004443060]
19:00:42.421 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80041dd420]
19:00:42.437 \Driver\atapi[0xfffffa800437b9f0] -> IRP_MJ_CREATE -> 0xfffffa80049835e8
19:00:47.881 AVAST engine scan C:\Windows
19:00:54.636 AVAST engine scan C:\Windows\system32
19:07:10.753 File: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b68-0 **HIDDEN**
19:07:11.891 AVAST engine scan C:\Windows\system32\drivers
19:07:41.140 AVAST engine scan C:\Users\Hanler
19:08:31.232 AVAST engine scan C:\ProgramData
19:08:49.686 Scan finished successfully
19:10:04.957 Disk 0 MBR has been saved successfully to "C:\Users\Hanler\Desktop\MBR.dat"
19:10:04.972 The log file has been saved successfully to "C:\Users\Hanler\Desktop\aswMBR.txt"

#5 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 27 August 2012 - 09:14 PM

eset scanner found no threats.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:33 PM

Posted 27 August 2012 - 09:48 PM

Run TDSSkiller again

8:52:55.0513 1888 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)-CURE it

18:52:55.0731 1888 \Device\Harddisk0\DR0 - detected TDSS File System (1)-DELETE IT


Post the TDSSkiller log

Restart the PC and run ASWMBR again and post the new one

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 06:19 PM

18:14:28.0430 3660 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:14:28.0929 3660 ============================================================
18:14:28.0929 3660 Current date / time: 2012/08/28 18:14:28.0929
18:14:28.0929 3660 SystemInfo:
18:14:28.0929 3660
18:14:28.0929 3660 OS Version: 6.1.7601 ServicePack: 1.0
18:14:28.0929 3660 Product type: Workstation
18:14:28.0929 3660 ComputerName: TYLER-PC
18:14:28.0929 3660 UserName: Hanler
18:14:28.0929 3660 Windows directory: C:\Windows
18:14:28.0929 3660 System windows directory: C:\Windows
18:14:28.0929 3660 Running under WOW64
18:14:28.0929 3660 Processor architecture: Intel x64
18:14:28.0929 3660 Number of processors: 4
18:14:28.0929 3660 Page size: 0x1000
18:14:28.0929 3660 Boot type: Normal boot
18:14:28.0929 3660 ============================================================
18:14:30.0832 3660 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:14:30.0848 3660 ============================================================
18:14:30.0848 3660 \Device\Harddisk0\DR0:
18:14:30.0848 3660 MBR partitions:
18:14:30.0848 3660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:14:30.0848 3660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x387E9800
18:14:30.0848 3660 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3884D800, BlocksNum 0x1B04800
18:14:30.0848 3660 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
18:14:30.0848 3660 ============================================================
18:14:30.0879 3660 C: <-> \Device\Harddisk0\DR0\Partition2
18:14:30.0910 3660 D: <-> \Device\Harddisk0\DR0\Partition3
18:14:30.0926 3660 G: <-> \Device\Harddisk0\DR0\Partition4
18:14:30.0926 3660 ============================================================
18:14:30.0926 3660 Initialize success
18:14:30.0926 3660 ============================================================
18:15:24.0808 2252 ============================================================
18:15:24.0808 2252 Scan started
18:15:24.0808 2252 Mode: Manual; TDLFS;
18:15:24.0808 2252 ============================================================
18:15:25.0167 2252 ================ Scan system memory ========================
18:15:25.0167 2252 System memory - ok
18:15:25.0167 2252 ================ Scan services =============================
18:15:25.0308 2252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:15:25.0323 2252 1394ohci - ok
18:15:25.0354 2252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:15:25.0354 2252 ACPI - ok
18:15:25.0386 2252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:15:25.0386 2252 AcpiPmi - ok
18:15:25.0542 2252 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:25.0542 2252 AdobeFlashPlayerUpdateSvc - ok
18:15:25.0604 2252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:15:25.0620 2252 adp94xx - ok
18:15:25.0635 2252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:15:25.0651 2252 adpahci - ok
18:15:25.0666 2252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:15:25.0666 2252 adpu320 - ok
18:15:25.0713 2252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:15:25.0713 2252 AeLookupSvc - ok
18:15:25.0776 2252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:15:25.0791 2252 AFD - ok
18:15:25.0838 2252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:15:25.0838 2252 agp440 - ok
18:15:25.0885 2252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:15:25.0885 2252 ALG - ok
18:15:25.0900 2252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:15:25.0900 2252 aliide - ok
18:15:25.0947 2252 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:15:25.0947 2252 AMD External Events Utility - ok
18:15:25.0994 2252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:15:25.0994 2252 amdide - ok
18:15:26.0025 2252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:15:26.0025 2252 AmdK8 - ok
18:15:26.0056 2252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:15:26.0056 2252 AmdPPM - ok
18:15:26.0072 2252 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:15:26.0088 2252 amdsata - ok
18:15:26.0103 2252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:15:26.0119 2252 amdsbs - ok
18:15:26.0134 2252 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:15:26.0134 2252 amdxata - ok
18:15:26.0166 2252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:15:26.0166 2252 AppID - ok
18:15:26.0212 2252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:15:26.0212 2252 AppIDSvc - ok
18:15:26.0228 2252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:15:26.0228 2252 Appinfo - ok
18:15:26.0259 2252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:15:26.0259 2252 arc - ok
18:15:26.0290 2252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:15:26.0290 2252 arcsas - ok
18:15:26.0322 2252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:15:26.0322 2252 AsyncMac - ok
18:15:26.0322 2252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:15:26.0322 2252 atapi - ok
18:15:26.0509 2252 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:15:26.0634 2252 atikmdag - ok
18:15:26.0680 2252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:15:26.0696 2252 AudioEndpointBuilder - ok
18:15:26.0712 2252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:15:26.0727 2252 AudioSrv - ok
18:15:26.0774 2252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:15:26.0774 2252 AxInstSV - ok
18:15:26.0821 2252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:15:26.0821 2252 b06bdrv - ok
18:15:26.0883 2252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:15:26.0883 2252 b57nd60a - ok
18:15:26.0930 2252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:15:26.0930 2252 BDESVC - ok
18:15:26.0946 2252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:15:26.0961 2252 Beep - ok
18:15:27.0008 2252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:15:27.0024 2252 BFE - ok
18:15:27.0070 2252 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:15:27.0102 2252 BITS - ok
18:15:27.0117 2252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:15:27.0117 2252 blbdrive - ok
18:15:27.0180 2252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:15:27.0226 2252 bowser - ok
18:15:27.0258 2252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:15:27.0258 2252 BrFiltLo - ok
18:15:27.0273 2252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:15:27.0273 2252 BrFiltUp - ok
18:15:27.0320 2252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:15:27.0382 2252 Browser - ok
18:15:27.0414 2252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:15:27.0414 2252 Brserid - ok
18:15:27.0429 2252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:15:27.0429 2252 BrSerWdm - ok
18:15:27.0429 2252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:15:27.0429 2252 BrUsbMdm - ok
18:15:27.0445 2252 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:15:27.0445 2252 BrUsbSer - ok
18:15:27.0460 2252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:15:27.0460 2252 BTHMODEM - ok
18:15:27.0492 2252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:15:27.0507 2252 bthserv - ok
18:15:27.0507 2252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:15:27.0523 2252 cdfs - ok
18:15:27.0554 2252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:15:27.0554 2252 cdrom - ok
18:15:27.0585 2252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:15:27.0585 2252 CertPropSvc - ok
18:15:27.0616 2252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:15:27.0616 2252 circlass - ok
18:15:27.0632 2252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:15:27.0648 2252 CLFS - ok
18:15:27.0741 2252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:15:27.0741 2252 clr_optimization_v2.0.50727_32 - ok
18:15:27.0772 2252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:15:27.0772 2252 clr_optimization_v2.0.50727_64 - ok
18:15:27.0975 2252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:15:27.0975 2252 clr_optimization_v4.0.30319_32 - ok
18:15:28.0147 2252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:15:28.0147 2252 clr_optimization_v4.0.30319_64 - ok
18:15:28.0194 2252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:15:28.0194 2252 CmBatt - ok
18:15:28.0225 2252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:15:28.0225 2252 cmdide - ok
18:15:28.0287 2252 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:15:28.0303 2252 CNG - ok
18:15:28.0318 2252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:15:28.0318 2252 Compbatt - ok
18:15:28.0334 2252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:15:28.0334 2252 CompositeBus - ok
18:15:28.0350 2252 COMSysApp - ok
18:15:28.0396 2252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:15:28.0412 2252 crcdisk - ok
18:15:28.0474 2252 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:15:28.0474 2252 CryptSvc - ok
18:15:28.0521 2252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:15:28.0537 2252 DcomLaunch - ok
18:15:28.0568 2252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:15:28.0584 2252 defragsvc - ok
18:15:28.0615 2252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:15:28.0615 2252 DfsC - ok
18:15:28.0646 2252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:15:28.0646 2252 Dhcp - ok
18:15:28.0677 2252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:15:28.0677 2252 discache - ok
18:15:28.0693 2252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:15:28.0693 2252 Disk - ok
18:15:28.0755 2252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:15:28.0818 2252 Dnscache - ok
18:15:28.0849 2252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:15:28.0864 2252 dot3svc - ok
18:15:28.0880 2252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:15:28.0880 2252 DPS - ok
18:15:28.0911 2252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:15:28.0927 2252 drmkaud - ok
18:15:28.0974 2252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:15:28.0989 2252 DXGKrnl - ok
18:15:29.0005 2252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:15:29.0020 2252 EapHost - ok
18:15:29.0114 2252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:15:29.0145 2252 ebdrv - ok
18:15:29.0192 2252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:15:29.0192 2252 EFS - ok
18:15:29.0270 2252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:15:29.0286 2252 ehRecvr - ok
18:15:29.0301 2252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:15:29.0317 2252 ehSched - ok
18:15:29.0364 2252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:15:29.0364 2252 elxstor - ok
18:15:29.0379 2252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:15:29.0395 2252 ErrDev - ok
18:15:29.0442 2252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:15:29.0442 2252 EventSystem - ok
18:15:29.0473 2252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:15:29.0473 2252 exfat - ok
18:15:29.0488 2252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:15:29.0488 2252 fastfat - ok
18:15:29.0535 2252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:15:29.0551 2252 Fax - ok
18:15:29.0582 2252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:15:29.0582 2252 fdc - ok
18:15:29.0629 2252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:15:29.0629 2252 fdPHost - ok
18:15:29.0644 2252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:15:29.0644 2252 FDResPub - ok
18:15:29.0660 2252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:15:29.0676 2252 FileInfo - ok
18:15:29.0691 2252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:15:29.0691 2252 Filetrace - ok
18:15:29.0707 2252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:15:29.0707 2252 flpydisk - ok
18:15:29.0722 2252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:15:29.0722 2252 FltMgr - ok
18:15:29.0785 2252 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
18:15:29.0800 2252 FontCache - ok
18:15:29.0847 2252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:15:29.0847 2252 FontCache3.0.0.0 - ok
18:15:29.0878 2252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:15:29.0878 2252 FsDepends - ok
18:15:29.0941 2252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:15:29.0941 2252 Fs_Rec - ok
18:15:29.0956 2252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:15:29.0972 2252 fvevol - ok
18:15:29.0988 2252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:15:30.0003 2252 gagp30kx - ok
18:15:30.0050 2252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:15:30.0066 2252 gpsvc - ok
18:15:30.0081 2252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:15:30.0081 2252 hcw85cir - ok
18:15:30.0144 2252 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:15:30.0144 2252 HdAudAddService - ok
18:15:30.0175 2252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:15:30.0175 2252 HDAudBus - ok
18:15:30.0175 2252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:15:30.0190 2252 HidBatt - ok
18:15:30.0206 2252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:15:30.0206 2252 HidBth - ok
18:15:30.0237 2252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:15:30.0237 2252 HidIr - ok
18:15:30.0253 2252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:15:30.0268 2252 hidserv - ok
18:15:30.0300 2252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:15:30.0300 2252 HidUsb - ok
18:15:30.0315 2252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:15:30.0315 2252 hkmsvc - ok
18:15:30.0346 2252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:15:30.0346 2252 HomeGroupListener - ok
18:15:30.0378 2252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:15:30.0393 2252 HomeGroupProvider - ok
18:15:30.0409 2252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:15:30.0409 2252 HpSAMD - ok
18:15:30.0456 2252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:15:30.0471 2252 HTTP - ok
18:15:30.0487 2252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:15:30.0487 2252 hwpolicy - ok
18:15:30.0518 2252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:15:30.0518 2252 i8042prt - ok
18:15:30.0534 2252 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:15:30.0549 2252 iaStorV - ok
18:15:30.0705 2252 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:15:30.0721 2252 IconMan_R - ok
18:15:30.0783 2252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:15:30.0799 2252 idsvc - ok
18:15:30.0830 2252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:15:30.0830 2252 iirsp - ok
18:15:30.0877 2252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:15:30.0892 2252 IKEEXT - ok
18:15:30.0939 2252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:15:30.0939 2252 intelide - ok
18:15:30.0970 2252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:15:30.0970 2252 intelppm - ok
18:15:31.0002 2252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:15:31.0002 2252 IPBusEnum - ok
18:15:31.0017 2252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:15:31.0017 2252 IpFilterDriver - ok
18:15:31.0048 2252 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:15:31.0064 2252 iphlpsvc - ok
18:15:31.0080 2252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:15:31.0080 2252 IPMIDRV - ok
18:15:31.0080 2252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:15:31.0095 2252 IPNAT - ok
18:15:31.0111 2252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:15:31.0111 2252 IRENUM - ok
18:15:31.0142 2252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:15:31.0142 2252 isapnp - ok
18:15:31.0158 2252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:15:31.0158 2252 iScsiPrt - ok
18:15:31.0189 2252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:15:31.0189 2252 kbdclass - ok
18:15:31.0204 2252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:15:31.0204 2252 kbdhid - ok
18:15:31.0220 2252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:15:31.0220 2252 KeyIso - ok
18:15:31.0267 2252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:15:31.0267 2252 KSecDD - ok
18:15:31.0298 2252 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:15:31.0314 2252 KSecPkg - ok
18:15:31.0345 2252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:15:31.0345 2252 ksthunk - ok
18:15:31.0376 2252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:15:31.0392 2252 KtmRm - ok
18:15:31.0438 2252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:15:31.0438 2252 LanmanServer - ok
18:15:31.0485 2252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:15:31.0485 2252 LanmanWorkstation - ok
18:15:31.0548 2252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:15:31.0548 2252 lltdio - ok
18:15:31.0579 2252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:15:31.0579 2252 lltdsvc - ok
18:15:31.0626 2252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:15:31.0626 2252 lmhosts - ok
18:15:31.0657 2252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:15:31.0657 2252 LSI_FC - ok
18:15:31.0672 2252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:15:31.0672 2252 LSI_SAS - ok
18:15:31.0688 2252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:15:31.0688 2252 LSI_SAS2 - ok
18:15:31.0688 2252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:15:31.0704 2252 LSI_SCSI - ok
18:15:31.0735 2252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:15:31.0735 2252 luafv - ok
18:15:31.0750 2252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:15:31.0766 2252 Mcx2Svc - ok
18:15:31.0782 2252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:15:31.0782 2252 megasas - ok
18:15:31.0797 2252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:15:31.0797 2252 MegaSR - ok
18:15:31.0813 2252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:15:31.0828 2252 MMCSS - ok
18:15:31.0844 2252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:15:31.0844 2252 Modem - ok
18:15:31.0860 2252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:15:31.0860 2252 monitor - ok
18:15:31.0891 2252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:15:31.0891 2252 mouclass - ok
18:15:31.0906 2252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:15:31.0906 2252 mouhid - ok
18:15:31.0922 2252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:15:31.0922 2252 mountmgr - ok
18:15:31.0969 2252 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:15:31.0969 2252 MozillaMaintenance - ok
18:15:32.0000 2252 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:15:32.0016 2252 MpFilter - ok
18:15:32.0031 2252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:15:32.0047 2252 mpio - ok
18:15:32.0062 2252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:15:32.0062 2252 mpsdrv - ok
18:15:32.0109 2252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:15:32.0125 2252 MpsSvc - ok
18:15:32.0156 2252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:15:32.0156 2252 MRxDAV - ok
18:15:32.0203 2252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:15:32.0250 2252 mrxsmb - ok
18:15:32.0296 2252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:15:32.0343 2252 mrxsmb10 - ok
18:15:32.0390 2252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:15:32.0437 2252 mrxsmb20 - ok
18:15:32.0452 2252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:15:32.0452 2252 msahci - ok
18:15:32.0468 2252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:15:32.0468 2252 msdsm - ok
18:15:32.0499 2252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:15:32.0499 2252 MSDTC - ok
18:15:32.0515 2252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:15:32.0530 2252 Msfs - ok
18:15:32.0530 2252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:15:32.0546 2252 mshidkmdf - ok
18:15:32.0546 2252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:15:32.0546 2252 msisadrv - ok
18:15:32.0577 2252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:15:32.0593 2252 MSiSCSI - ok
18:15:32.0593 2252 msiserver - ok
18:15:32.0624 2252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:15:32.0640 2252 MSKSSRV - ok
18:15:32.0718 2252 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:15:32.0718 2252 MsMpSvc - ok
18:15:32.0733 2252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:15:32.0733 2252 MSPCLOCK - ok
18:15:32.0764 2252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:15:32.0764 2252 MSPQM - ok
18:15:32.0796 2252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:15:32.0796 2252 MsRPC - ok
18:15:32.0811 2252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:15:32.0811 2252 mssmbios - ok
18:15:32.0827 2252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:15:32.0827 2252 MSTEE - ok
18:15:32.0842 2252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:15:32.0842 2252 MTConfig - ok
18:15:32.0858 2252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:15:32.0858 2252 Mup - ok
18:15:32.0889 2252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:15:32.0905 2252 napagent - ok
18:15:32.0936 2252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:15:32.0952 2252 NativeWifiP - ok
18:15:33.0014 2252 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:15:33.0045 2252 NDIS - ok
18:15:33.0061 2252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:15:33.0061 2252 NdisCap - ok
18:15:33.0076 2252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:15:33.0076 2252 NdisTapi - ok
18:15:33.0092 2252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:15:33.0092 2252 Ndisuio - ok
18:15:33.0108 2252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:15:33.0108 2252 NdisWan - ok
18:15:33.0123 2252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:15:33.0123 2252 NDProxy - ok
18:15:33.0123 2252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:15:33.0123 2252 NetBIOS - ok
18:15:33.0154 2252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:15:33.0170 2252 NetBT - ok
18:15:33.0186 2252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:15:33.0186 2252 Netlogon - ok
18:15:33.0232 2252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:15:33.0248 2252 Netman - ok
18:15:33.0279 2252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:15:33.0295 2252 netprofm - ok
18:15:33.0326 2252 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:15:33.0326 2252 NetTcpPortSharing - ok
18:15:33.0373 2252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:15:33.0373 2252 nfrd960 - ok
18:15:33.0404 2252 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:15:33.0404 2252 NisDrv - ok
18:15:33.0435 2252 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:15:33.0435 2252 NisSrv - ok
18:15:33.0482 2252 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:15:33.0498 2252 NlaSvc - ok
18:15:33.0513 2252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:15:33.0513 2252 Npfs - ok
18:15:33.0529 2252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:15:33.0529 2252 nsi - ok
18:15:33.0560 2252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:15:33.0560 2252 nsiproxy - ok
18:15:33.0622 2252 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:15:33.0638 2252 Ntfs - ok
18:15:33.0654 2252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:15:33.0654 2252 Null - ok
18:15:33.0669 2252 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:15:33.0685 2252 nvraid - ok
18:15:33.0685 2252 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:15:33.0700 2252 nvstor - ok
18:15:33.0716 2252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:15:33.0716 2252 nv_agp - ok
18:15:33.0732 2252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:15:33.0732 2252 ohci1394 - ok
18:15:33.0778 2252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:15:33.0778 2252 p2pimsvc - ok
18:15:33.0825 2252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:15:33.0841 2252 p2psvc - ok
18:15:33.0856 2252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:15:33.0856 2252 Parport - ok
18:15:33.0903 2252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:15:33.0903 2252 partmgr - ok
18:15:33.0934 2252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:15:33.0950 2252 PcaSvc - ok
18:15:33.0981 2252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:15:33.0981 2252 pci - ok
18:15:33.0997 2252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:15:33.0997 2252 pciide - ok
18:15:34.0012 2252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:15:34.0028 2252 pcmcia - ok
18:15:34.0028 2252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:15:34.0028 2252 pcw - ok
18:15:34.0075 2252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:15:34.0090 2252 PEAUTH - ok
18:15:34.0168 2252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:15:34.0168 2252 PerfHost - ok
18:15:34.0246 2252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:15:34.0278 2252 pla - ok
18:15:34.0340 2252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:15:34.0356 2252 PlugPlay - ok
18:15:34.0371 2252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:15:34.0371 2252 PNRPAutoReg - ok
18:15:34.0402 2252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:15:34.0402 2252 PNRPsvc - ok
18:15:34.0449 2252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:15:34.0449 2252 PolicyAgent - ok
18:15:34.0496 2252 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:15:34.0496 2252 Power - ok
18:15:34.0527 2252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:15:34.0543 2252 PptpMiniport - ok
18:15:34.0558 2252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:15:34.0558 2252 Processor - ok
18:15:34.0621 2252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:15:34.0683 2252 ProfSvc - ok
18:15:34.0699 2252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:15:34.0699 2252 ProtectedStorage - ok
18:15:34.0730 2252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:15:34.0730 2252 Psched - ok
18:15:34.0792 2252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:15:34.0824 2252 ql2300 - ok
18:15:34.0855 2252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:15:34.0855 2252 ql40xx - ok
18:15:34.0886 2252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:15:34.0902 2252 QWAVE - ok
18:15:34.0917 2252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:15:34.0917 2252 QWAVEdrv - ok
18:15:34.0933 2252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:15:34.0933 2252 RasAcd - ok
18:15:34.0980 2252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:15:34.0980 2252 RasAgileVpn - ok
18:15:35.0011 2252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:15:35.0011 2252 RasAuto - ok
18:15:35.0026 2252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:15:35.0042 2252 Rasl2tp - ok
18:15:35.0073 2252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:15:35.0089 2252 RasMan - ok
18:15:35.0104 2252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:15:35.0104 2252 RasPppoe - ok
18:15:35.0120 2252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:15:35.0120 2252 RasSstp - ok
18:15:35.0151 2252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:15:35.0167 2252 rdbss - ok
18:15:35.0182 2252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:15:35.0182 2252 rdpbus - ok
18:15:35.0214 2252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:15:35.0214 2252 RDPCDD - ok
18:15:35.0245 2252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:15:35.0245 2252 RDPENCDD - ok
18:15:35.0245 2252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:15:35.0245 2252 RDPREFMP - ok
18:15:35.0292 2252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:15:35.0338 2252 RDPWD - ok
18:15:35.0370 2252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:15:35.0385 2252 rdyboost - ok
18:15:35.0416 2252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:15:35.0416 2252 RemoteAccess - ok
18:15:35.0463 2252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:15:35.0463 2252 RemoteRegistry - ok
18:15:35.0494 2252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:15:35.0494 2252 RpcEptMapper - ok
18:15:35.0526 2252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:15:35.0541 2252 RpcLocator - ok
18:15:35.0557 2252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:15:35.0572 2252 RpcSs - ok
18:15:35.0604 2252 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:15:35.0604 2252 RSPCIESTOR - ok
18:15:35.0650 2252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:15:35.0650 2252 rspndr - ok
18:15:35.0697 2252 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:15:35.0697 2252 RTL8167 - ok
18:15:35.0744 2252 [ 508D997A5E9F400FADE6C85251BF13DF ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
18:15:35.0760 2252 RTL8192Ce - ok
18:15:35.0791 2252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:15:35.0791 2252 SamSs - ok
18:15:35.0806 2252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:15:35.0806 2252 sbp2port - ok
18:15:35.0838 2252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:15:35.0838 2252 SCardSvr - ok
18:15:35.0869 2252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:15:35.0869 2252 scfilter - ok
18:15:35.0916 2252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:15:35.0931 2252 Schedule - ok
18:15:35.0947 2252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:15:35.0947 2252 SCPolicySvc - ok
18:15:35.0978 2252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:15:35.0978 2252 SDRSVC - ok
18:15:36.0009 2252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:15:36.0009 2252 secdrv - ok
18:15:36.0040 2252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:15:36.0040 2252 seclogon - ok
18:15:36.0056 2252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:15:36.0072 2252 SENS - ok
18:15:36.0103 2252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:15:36.0103 2252 SensrSvc - ok
18:15:36.0134 2252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:15:36.0134 2252 Serenum - ok
18:15:36.0165 2252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:15:36.0165 2252 Serial - ok
18:15:36.0181 2252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:15:36.0196 2252 sermouse - ok
18:15:36.0228 2252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:15:36.0243 2252 SessionEnv - ok
18:15:36.0243 2252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:15:36.0243 2252 sffdisk - ok
18:15:36.0259 2252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:15:36.0259 2252 sffp_mmc - ok
18:15:36.0259 2252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:15:36.0259 2252 sffp_sd - ok
18:15:36.0274 2252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:15:36.0274 2252 sfloppy - ok
18:15:36.0290 2252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:15:36.0306 2252 SharedAccess - ok
18:15:36.0337 2252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:15:36.0352 2252 ShellHWDetection - ok
18:15:36.0384 2252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:15:36.0384 2252 SiSRaid2 - ok
18:15:36.0384 2252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:15:36.0399 2252 SiSRaid4 - ok
18:15:36.0430 2252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:15:36.0430 2252 Smb - ok
18:15:36.0477 2252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:15:36.0477 2252 SNMPTRAP - ok
18:15:36.0493 2252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:15:36.0493 2252 spldr - ok
18:15:36.0540 2252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:15:36.0555 2252 Spooler - ok
18:15:36.0649 2252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:15:36.0696 2252 sppsvc - ok
18:15:36.0711 2252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:15:36.0711 2252 sppuinotify - ok
18:15:36.0774 2252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:15:36.0820 2252 srv - ok
18:15:36.0852 2252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:15:36.0883 2252 srv2 - ok
18:15:36.0914 2252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:15:36.0945 2252 srvnet - ok
18:15:36.0992 2252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:15:36.0992 2252 SSDPSRV - ok
18:15:37.0008 2252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:15:37.0023 2252 SstpSvc - ok
18:15:37.0101 2252 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:15:37.0101 2252 STacSV - ok
18:15:37.0117 2252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:15:37.0117 2252 stexstor - ok
18:15:37.0164 2252 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:15:37.0164 2252 STHDA - ok
18:15:37.0210 2252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:15:37.0226 2252 stisvc - ok
18:15:37.0242 2252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:15:37.0242 2252 swenum - ok
18:15:37.0288 2252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:15:37.0304 2252 swprv - ok
18:15:37.0382 2252 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:15:37.0398 2252 SynTP - ok
18:15:37.0476 2252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:15:37.0491 2252 SysMain - ok
18:15:37.0507 2252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:15:37.0522 2252 TabletInputService - ok
18:15:37.0538 2252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:15:37.0554 2252 TapiSrv - ok
18:15:37.0569 2252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:15:37.0569 2252 TBS - ok
18:15:37.0678 2252 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:15:37.0710 2252 Tcpip - ok
18:15:37.0741 2252 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:15:37.0756 2252 TCPIP6 - ok
18:15:37.0788 2252 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:15:37.0788 2252 tcpipreg - ok
18:15:37.0819 2252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:15:37.0819 2252 TDPIPE - ok
18:15:37.0850 2252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:15:37.0866 2252 TDTCP - ok
18:15:37.0881 2252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:15:37.0881 2252 tdx - ok
18:15:37.0897 2252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:15:37.0897 2252 TermDD - ok
18:15:37.0944 2252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:15:37.0975 2252 TermService - ok
18:15:37.0990 2252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:15:37.0990 2252 Themes - ok
18:15:38.0022 2252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:15:38.0022 2252 THREADORDER - ok
18:15:38.0037 2252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:15:38.0037 2252 TrkWks - ok
18:15:38.0100 2252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:15:38.0100 2252 TrustedInstaller - ok
18:15:38.0131 2252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:15:38.0131 2252 tssecsrv - ok
18:15:38.0146 2252 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:15:38.0146 2252 TsUsbFlt - ok
18:15:38.0162 2252 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:15:38.0162 2252 TsUsbGD - ok
18:15:38.0209 2252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:15:38.0209 2252 tunnel - ok
18:15:38.0224 2252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:15:38.0224 2252 uagp35 - ok
18:15:38.0256 2252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:15:38.0271 2252 udfs - ok
18:15:38.0302 2252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:15:38.0318 2252 UI0Detect - ok
18:15:38.0334 2252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:15:38.0349 2252 uliagpkx - ok
18:15:38.0365 2252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:15:38.0365 2252 umbus - ok
18:15:38.0380 2252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:15:38.0380 2252 UmPass - ok
18:15:38.0412 2252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:15:38.0427 2252 upnphost - ok
18:15:38.0443 2252 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:38.0443 2252 usbccgp - ok
18:15:38.0458 2252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:15:38.0474 2252 usbcir - ok
18:15:38.0474 2252 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:15:38.0474 2252 usbehci - ok
18:15:38.0490 2252 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:15:38.0490 2252 usbhub - ok
18:15:38.0505 2252 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:15:38.0505 2252 usbohci - ok
18:15:38.0521 2252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:15:38.0521 2252 usbprint - ok
18:15:38.0536 2252 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:15:38.0536 2252 USBSTOR - ok
18:15:38.0552 2252 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:15:38.0552 2252 usbuhci - ok
18:15:38.0599 2252 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:15:38.0599 2252 usbvideo - ok
18:15:38.0630 2252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:15:38.0646 2252 UxSms - ok
18:15:38.0661 2252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:15:38.0661 2252 VaultSvc - ok
18:15:38.0692 2252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:15:38.0692 2252 vdrvroot - ok
18:15:38.0739 2252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:15:38.0755 2252 vds - ok
18:15:38.0770 2252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:15:38.0770 2252 vga - ok
18:15:38.0786 2252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:15:38.0786 2252 VgaSave - ok
18:15:38.0802 2252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:15:38.0817 2252 vhdmp - ok
18:15:38.0817 2252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:15:38.0833 2252 viaide - ok
18:15:38.0833 2252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:15:38.0833 2252 volmgr - ok
18:15:38.0864 2252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:15:38.0864 2252 volmgrx - ok
18:15:38.0880 2252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:15:38.0880 2252 volsnap - ok
18:15:38.0895 2252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:15:38.0895 2252 vsmraid - ok
18:15:38.0958 2252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:15:38.0989 2252 VSS - ok
18:15:39.0004 2252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:15:39.0004 2252 vwifibus - ok
18:15:39.0020 2252 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:15:39.0020 2252 vwififlt - ok
18:15:39.0051 2252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:15:39.0051 2252 W32Time - ok
18:15:39.0067 2252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:15:39.0067 2252 WacomPen - ok
18:15:39.0114 2252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:15:39.0114 2252 WANARP - ok
18:15:39.0129 2252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:15:39.0129 2252 Wanarpv6 - ok
18:15:39.0238 2252 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:15:39.0254 2252 WatAdminSvc - ok
18:15:39.0332 2252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:15:39.0348 2252 wbengine - ok
18:15:39.0363 2252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:15:39.0363 2252 WbioSrvc - ok
18:15:39.0379 2252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:15:39.0379 2252 wcncsvc - ok
18:15:39.0394 2252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:15:39.0410 2252 WcsPlugInService - ok
18:15:39.0426 2252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:15:39.0426 2252 Wd - ok
18:15:39.0441 2252 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:15:39.0457 2252 Wdf01000 - ok
18:15:39.0488 2252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:15:39.0504 2252 WdiServiceHost - ok
18:15:39.0504 2252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:15:39.0504 2252 WdiSystemHost - ok
18:15:39.0535 2252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:15:39.0550 2252 WebClient - ok
18:15:39.0566 2252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:15:39.0566 2252 Wecsvc - ok
18:15:39.0582 2252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:15:39.0582 2252 wercplsupport - ok
18:15:39.0597 2252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:15:39.0613 2252 WerSvc - ok
18:15:39.0628 2252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:15:39.0628 2252 WfpLwf - ok
18:15:39.0644 2252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:15:39.0644 2252 WIMMount - ok
18:15:39.0660 2252 WinDefend - ok
18:15:39.0675 2252 WinHttpAutoProxySvc - ok
18:15:39.0738 2252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:15:39.0738 2252 Winmgmt - ok
18:15:39.0816 2252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:15:39.0847 2252 WinRM - ok
18:15:39.0894 2252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:15:39.0909 2252 Wlansvc - ok
18:15:39.0940 2252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:15:39.0940 2252 WmiAcpi - ok
18:15:39.0987 2252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:15:39.0987 2252 wmiApSrv - ok
18:15:40.0018 2252 WMPNetworkSvc - ok
18:15:40.0050 2252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:15:40.0065 2252 WPCSvc - ok
18:15:40.0081 2252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:15:40.0081 2252 WPDBusEnum - ok
18:15:40.0112 2252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:15:40.0112 2252 ws2ifsl - ok
18:15:40.0143 2252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:15:40.0143 2252 wscsvc - ok
18:15:40.0159 2252 WSearch - ok
18:15:40.0252 2252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:15:40.0284 2252 wuauserv - ok
18:15:40.0315 2252 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:15:40.0315 2252 WudfPf - ok
18:15:40.0346 2252 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:15:40.0346 2252 WUDFRd - ok
18:15:40.0377 2252 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:15:40.0377 2252 wudfsvc - ok
18:15:40.0408 2252 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:15:40.0408 2252 WwanSvc - ok
18:15:40.0424 2252 ================ Scan global ===============================
18:15:40.0440 2252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:15:40.0486 2252 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:15:40.0564 2252 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:15:40.0596 2252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:15:40.0627 2252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:15:40.0642 2252 [Global] - ok
18:15:40.0642 2252 ================ Scan MBR ==================================
18:15:40.0658 2252 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:15:41.0376 2252 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:15:41.0376 2252 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:15:41.0376 2252 ================ Scan VBR ==================================
18:15:41.0407 2252 [ DE2AAF72D7B93ADEF1E582F76E3680AD ] \Device\Harddisk0\DR0\Partition1
18:15:41.0407 2252 \Device\Harddisk0\DR0\Partition1 - ok
18:15:41.0422 2252 [ 3B242F8FC0E9D45632FC888BC8B89222 ] \Device\Harddisk0\DR0\Partition2
18:15:41.0422 2252 \Device\Harddisk0\DR0\Partition2 - ok
18:15:41.0454 2252 [ DE81483E4F60288EF3F47515D0CC4B49 ] \Device\Harddisk0\DR0\Partition3
18:15:41.0454 2252 \Device\Harddisk0\DR0\Partition3 - ok
18:15:41.0469 2252 [ 95994943AC1ED846BE579D31E99DF75B ] \Device\Harddisk0\DR0\Partition4
18:15:41.0469 2252 \Device\Harddisk0\DR0\Partition4 - ok
18:15:41.0469 2252 ============================================================
18:15:41.0469 2252 Scan finished
18:15:41.0469 2252 ============================================================
18:15:41.0485 3936 Detected object count: 1
18:15:41.0485 3936 Actual detected object count: 1

#8 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 06:38 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-28 18:26:41
-----------------------------
18:26:41.587 OS Version: Windows x64 6.1.7601 Service Pack 1
18:26:41.587 Number of processors: 4 586 0x503
18:26:41.587 ComputerName: TYLER-PC UserName: Hanler
18:26:42.991 Initialize success
18:26:58.123 AVAST engine defs: 12082800
18:27:02.085 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:27:02.101 Disk 0 Vendor: TOSHIBA_MK5076GSX GS001C Size: 476940MB BusType: 11
18:27:02.116 Disk 0 MBR read successfully
18:27:02.116 Disk 0 MBR scan
18:27:02.147 Disk 0 Windows XP default MBR code
18:27:02.163 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:27:02.257 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462803 MB offset 409600
18:27:02.335 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13833 MB offset 948230144
18:27:02.428 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
18:27:02.693 Disk 0 scanning C:\Windows\system32\drivers
18:27:22.973 Service scanning
18:28:16.450 Modules scanning
18:28:16.466 Disk 0 trace - called modules:
18:28:16.481 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:28:16.497 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800442b060]
18:28:16.513 3 CLASSPNP.SYS[fffff8800197a43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80041c7060]
18:28:18.010 AVAST engine scan C:\Windows
18:28:23.174 AVAST engine scan C:\Windows\system32
18:33:29.480 AVAST engine scan C:\Windows\system32\drivers
18:33:47.842 AVAST engine scan C:\Users\Hanler
18:35:09.633 AVAST engine scan C:\ProgramData
18:35:27.604 Scan finished successfully
18:36:57.491 Disk 0 MBR has been saved successfully to "C:\Users\Hanler\Desktop\MBR.dat"
18:36:57.507 The log file has been saved successfully to "C:\Users\Hanler\Desktop\aswMBR.txt"

#9 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 06:50 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Hanler (administrator) on 28-08-2012 at 18:48:47
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tyler-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : midco.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : midco.net
Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : AC-81-12-99-BD-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6806:9012:19ff:b1a7%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 28, 2012 6:21:11 PM
Lease Expires . . . . . . . . . . : Tuesday, September 04, 2012 6:21:11 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 313295122
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-C5-F3-51-10-1F-74-BD-2C-10
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 10-1F-74-BD-2C-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.midco.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : midco.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:18bd:c51:e723:550f(Preferred)
Link-local IPv6 Address . . . . . : fe80::18bd:c51:e723:550f%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4000:800::100e
74.125.227.105
74.125.227.97
74.125.227.100
74.125.227.110
74.125.227.103
74.125.227.98
74.125.227.96
74.125.227.102
74.125.227.104
74.125.227.101
74.125.227.99


Pinging google.com [74.125.227.97] with 32 bytes of data:
Reply from 74.125.227.97: bytes=32 time=63ms TTL=48
Reply from 74.125.227.97: bytes=32 time=60ms TTL=48

Ping statistics for 74.125.227.97:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 63ms, Average = 61ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=129ms TTL=42
Reply from 98.138.253.109: bytes=32 time=97ms TTL=43

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 129ms, Average = 113ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...ac 81 12 99 bd a5 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
11...10 1f 74 bd 2c 10 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.105 281
192.168.0.105 255.255.255.255 On-link 192.168.0.105 281
192.168.0.255 255.255.255.255 On-link 192.168.0.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:18bd:c51:e723:550f/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::18bd:c51:e723:550f/128
On-link
12 281 fe80::6806:9012:19ff:b1a7/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/28/2012 06:22:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2012 05:49:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 09:42:30 PM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (08/27/2012 09:25:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 07:07:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 07:06:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 06:45:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2012 08:52:41 PM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (08/26/2012 08:39:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2012 07:40:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/28/2012 06:21:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/28/2012 06:21:00 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/28/2012 06:21:00 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/28/2012 05:48:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/28/2012 05:48:47 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/28/2012 05:48:47 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/27/2012 09:29:43 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/27/2012 09:29:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (08/27/2012 09:25:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/27/2012 09:24:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (08/28/2012 06:22:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2012 05:49:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 09:42:30 PM) (Source: Windows Backup)(User: )
Description: There is not enough free space on the backup storage location to back up the data. (0x80780048)

Error: (08/27/2012 09:25:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 07:07:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hanler\Downloads\esetsmartinstaller_enu.exe

Error: (08/27/2012 07:06:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hanler\Downloads\esetsmartinstaller_enu.exe

Error: (08/27/2012 06:45:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2012 08:52:41 PM) (Source: Windows Backup)(User: )
Description: There is not enough free space on the backup storage location to back up the data. (0x80780048)

Error: (08/26/2012 08:39:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2012 07:40:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
HP Product Detection (Version: 11.14.0004)
IDT Audio (Version: 1.0.6341.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Realtek Ethernet Controller Driver (Version: 7.40.126.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
REALTEK Wireless LAN Driver (Version: 1.00.11.0706)
Synaptics Pointing Device Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3834.9 MB
Available physical RAM: 2244.02 MB
Total Pagefile: 7668 MB
Available Pagefile: 6038.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.3 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:451.96 GB) (Free:424.21 GB) NTFS
2 Drive d: () (Fixed) (Total:13.51 GB) (Free:3.89 GB) NTFS
4 Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\TYLER-PC

Administrator Guest Hanler
Tyler


**** End of log ****

#10 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 06:54 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Hanler (administrator) on 28-08-2012 at 18:53:41
Running from "C:\Users\Hanler\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:33 PM

Posted 28 August 2012 - 07:01 PM

18:15:41.0376 2252 \Device\Harddisk0\DR0 ( TDSS File System ) - warning


Run TDSSkiller again and delete this

ADWARE CLEANER log?

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#12 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 07:11 PM

# AdwCleaner v1.801 - Logfile created 08/28/2012 at 18:57:38
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Hanler - TYLER-PC
# Boot Mode : Normal
# Running from : C:\Users\Hanler\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Hanler\AppData\Roaming\Mozilla\Firefox\Profiles\nbjjmk6w.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [734 octets] - [28/08/2012 18:57:38]

########## EOF - C:\AdwCleaner[S1].txt - [861 octets] ##########

#13 tdamlo

tdamlo
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 28 August 2012 - 07:29 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.28.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hanler :: TYLER-PC [administrator]

8/28/2012 7:12:42 PM
mbam-log-2012-08-28 (19-12-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 188455
Time elapsed: 2 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




It's beginning to look like a clean bill of health.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:33 PM

Posted 28 August 2012 - 08:20 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


??




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users