Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if infected, ALT Tab Problem


  • This topic is locked This topic is locked
37 replies to this topic

#1 bytecross

bytecross

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 21 September 2012 - 11:31 PM

I recently downloaded a microsoft office to my computer from my schools website. Not sure if that was the reason though. Whenever I use a full screen program it seems to alt tab me back to the desktop every 5-10 minutes. I removed my keyboard to make sure it wasn't the problem and happened even when I went away for a few minutes to test it out. I used malwarebytes and CA Antivirus and found a backdoor and a trojan and removed them. I'm still having the alt tab problem and I'm unsure what it is. It doesnt alt tab while i'm on a broswer though.

Edited by bytecross, 21 September 2012 - 11:31 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:46 AM

Posted 22 September 2012 - 08:36 AM

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download update and do a quick scan with malwarebytes and superantispyware


http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

REmove all that each of the programs above find and reboot.
Post the logs.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.
http://download.sysinternals.com/files/Autoruns.zip

#3 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 22 September 2012 - 02:15 PM

Not to offend you, but I would prefer someone that is not in the "Members" group to direct me, It's just a paranoia I have, especially when im downloading things. I've had things done some of my computers previously in a different place.

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:46 AM

Posted 22 September 2012 - 02:22 PM

:thumbup2: Good luck Although I am a member of staff on two other forums. Have a nice day. :)

#5 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 22 September 2012 - 02:35 PM

Thanks for your response anyway, you too.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:46 AM

Posted 25 September 2012 - 07:58 AM

Do you have a restore point before you installed microsoft OFFICE?

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 26 September 2012 - 12:40 PM

12:42:07.0765 6656 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:42:08.0201 6656 ============================================================
12:42:08.0201 6656 Current date / time: 2012/09/26 12:42:08.0201
12:42:08.0201 6656 SystemInfo:
12:42:08.0201 6656
12:42:08.0201 6656 OS Version: 6.1.7601 ServicePack: 1.0
12:42:08.0201 6656 Product type: Workstation
12:42:08.0202 6656 ComputerName: WILLIE-PC
12:42:08.0202 6656 UserName: Willie
12:42:08.0202 6656 Windows directory: C:\Windows
12:42:08.0202 6656 System windows directory: C:\Windows
12:42:08.0202 6656 Running under WOW64
12:42:08.0202 6656 Processor architecture: Intel x64
12:42:08.0202 6656 Number of processors: 4
12:42:08.0202 6656 Page size: 0x1000
12:42:08.0202 6656 Boot type: Normal boot
12:42:08.0202 6656 ============================================================
12:42:11.0097 6656 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:42:11.0113 6656 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:42:11.0116 6656 ============================================================
12:42:11.0116 6656 \Device\Harddisk0\DR0:
12:42:11.0121 6656 MBR partitions:
12:42:11.0121 6656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:42:11.0121 6656 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
12:42:11.0121 6656 \Device\Harddisk1\DR1:
12:42:11.0122 6656 MBR partitions:
12:42:11.0122 6656 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
12:42:11.0122 6656 ============================================================
12:42:11.0210 6656 C: <-> \Device\Harddisk0\DR0\Partition2
12:42:11.0217 6656 F: <-> \Device\Harddisk1\DR1\Partition1
12:42:11.0217 6656 ============================================================
12:42:11.0218 6656 Initialize success
12:42:11.0218 6656 ============================================================
12:42:24.0542 3108 ============================================================
12:42:24.0542 3108 Scan started
12:42:24.0542 3108 Mode: Manual; TDLFS;
12:42:24.0542 3108 ============================================================
12:42:26.0341 3108 ================ Scan system memory ========================
12:42:26.0341 3108 System memory - ok
12:42:26.0341 3108 ================ Scan services =============================
12:42:26.0776 3108 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:42:26.0779 3108 1394ohci - ok
12:42:26.0792 3108 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:42:26.0822 3108 ACPI - ok
12:42:26.0925 3108 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:42:26.0935 3108 AcpiPmi - ok
12:42:27.0032 3108 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:42:27.0033 3108 AdobeARMservice - ok
12:42:27.0206 3108 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:42:27.0208 3108 AdobeFlashPlayerUpdateSvc - ok
12:42:27.0241 3108 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:42:27.0255 3108 adp94xx - ok
12:42:27.0367 3108 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:42:27.0542 3108 adpahci - ok
12:42:27.0652 3108 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:42:27.0790 3108 adpu320 - ok
12:42:27.0885 3108 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:42:27.0888 3108 AeLookupSvc - ok
12:42:27.0941 3108 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:42:27.0946 3108 AFD - ok
12:42:27.0963 3108 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:42:27.0973 3108 agp440 - ok
12:42:28.0412 3108 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
12:42:28.0413 3108 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
12:42:28.0419 3108 Akamai ( HiddenFile.Multi.Generic ) - warning
12:42:28.0420 3108 Akamai - detected HiddenFile.Multi.Generic (1)
12:42:28.0434 3108 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:42:28.0441 3108 ALG - ok
12:42:28.0469 3108 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:42:28.0478 3108 aliide - ok
12:42:28.0523 3108 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:42:28.0529 3108 AMD External Events Utility - ok
12:42:28.0583 3108 AMD FUEL Service - ok
12:42:28.0588 3108 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:42:28.0599 3108 amdide - ok
12:42:28.0656 3108 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
12:42:28.0666 3108 amdiox64 - ok
12:42:28.0703 3108 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:42:28.0760 3108 AmdK8 - ok
12:42:28.0888 3108 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:42:29.0033 3108 amdkmdag - ok
12:42:29.0074 3108 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:42:29.0080 3108 amdkmdap - ok
12:42:29.0186 3108 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:42:29.0188 3108 AmdPPM - ok
12:42:29.0264 3108 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:42:29.0305 3108 amdsata - ok
12:42:29.0376 3108 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:42:29.0559 3108 amdsbs - ok
12:42:29.0593 3108 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:42:29.0595 3108 amdxata - ok
12:42:29.0699 3108 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:42:29.0700 3108 AODDriver4.01 - ok
12:42:29.0792 3108 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:42:29.0793 3108 AODDriver4.1 - ok
12:42:29.0884 3108 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:42:29.0905 3108 AppID - ok
12:42:30.0148 3108 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:42:30.0243 3108 AppIDSvc - ok
12:42:30.0361 3108 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:42:30.0401 3108 Appinfo - ok
12:42:30.0490 3108 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:42:30.0517 3108 arc - ok
12:42:30.0545 3108 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:42:30.0605 3108 arcsas - ok
12:42:30.0682 3108 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:42:30.0690 3108 AsIO - ok
12:42:30.0775 3108 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:42:30.0776 3108 AsyncMac - ok
12:42:30.0815 3108 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:42:30.0816 3108 atapi - ok
12:42:30.0923 3108 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:42:30.0933 3108 AtiHDAudioService - ok
12:42:31.0041 3108 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:42:31.0043 3108 AtiPcie - ok
12:42:31.0184 3108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:42:31.0216 3108 AudioEndpointBuilder - ok
12:42:31.0246 3108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:42:31.0255 3108 AudioSrv - ok
12:42:31.0336 3108 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:42:31.0376 3108 AxInstSV - ok
12:42:31.0524 3108 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:42:31.0640 3108 b06bdrv - ok
12:42:31.0735 3108 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:42:31.0854 3108 b57nd60a - ok
12:42:32.0096 3108 [ 328E794278CC30CA7C06E346A18B1ABC ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
12:42:32.0098 3108 BCUService - ok
12:42:32.0175 3108 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:42:32.0211 3108 BDESVC - ok
12:42:32.0302 3108 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:42:32.0346 3108 Beep - ok
12:42:32.0503 3108 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:42:32.0561 3108 BFE - ok
12:42:32.0713 3108 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:42:32.0793 3108 BITS - ok
12:42:32.0858 3108 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:42:32.0925 3108 blbdrive - ok
12:42:33.0027 3108 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:42:33.0030 3108 bowser - ok
12:42:33.0098 3108 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:42:33.0144 3108 BrFiltLo - ok
12:42:33.0171 3108 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:42:33.0214 3108 BrFiltUp - ok
12:42:33.0288 3108 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:42:33.0297 3108 Browser - ok
12:42:33.0378 3108 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:42:33.0506 3108 Brserid - ok
12:42:33.0557 3108 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:42:33.0599 3108 BrSerWdm - ok
12:42:33.0676 3108 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:42:33.0705 3108 BrUsbMdm - ok
12:42:33.0772 3108 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:42:33.0782 3108 BrUsbSer - ok
12:42:33.0814 3108 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:42:33.0824 3108 BTHMODEM - ok
12:42:33.0831 3108 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:42:33.0845 3108 bthserv - ok
12:42:33.0876 3108 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
12:42:33.0887 3108 BVRPMPR5a64 - ok
12:42:33.0940 3108 [ F972074401A1111BD3362D755F71DD6C ] CAAMSvc C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\caamsvc.exe
12:42:33.0942 3108 CAAMSvc - ok
12:42:33.0985 3108 [ E4333E47A1205787F65ACF4F7309F0DC ] CaCCProvSP C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
12:42:33.0987 3108 CaCCProvSP - ok
12:42:34.0024 3108 [ E0F7E8B3EC79DB2A191B42FCC06F17E6 ] CAISafe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
12:42:34.0026 3108 CAISafe - ok
12:42:34.0059 3108 [ 34998631AF25EDB1BB58F6215F729F89 ] ccSchedulerSVC C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
12:42:34.0061 3108 ccSchedulerSVC - ok
12:42:34.0079 3108 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:34.0090 3108 cdfs - ok
12:42:34.0127 3108 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:42:34.0138 3108 cdrom - ok
12:42:34.0166 3108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:34.0182 3108 CertPropSvc - ok
12:42:34.0197 3108 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:42:34.0208 3108 circlass - ok
12:42:34.0236 3108 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:42:34.0249 3108 CLFS - ok
12:42:34.0297 3108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:34.0313 3108 clr_optimization_v2.0.50727_32 - ok
12:42:34.0370 3108 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:42:34.0380 3108 clr_optimization_v2.0.50727_64 - ok
12:42:34.0467 3108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:34.0469 3108 clr_optimization_v4.0.30319_32 - ok
12:42:34.0514 3108 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:42:34.0516 3108 clr_optimization_v4.0.30319_64 - ok
12:42:34.0541 3108 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:42:34.0553 3108 CmBatt - ok
12:42:34.0570 3108 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:34.0581 3108 cmdide - ok
12:42:34.0616 3108 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:34.0622 3108 CNG - ok
12:42:34.0657 3108 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:42:34.0668 3108 Compbatt - ok
12:42:34.0693 3108 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:34.0793 3108 CompositeBus - ok
12:42:34.0818 3108 COMSysApp - ok
12:42:34.0871 3108 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:42:34.0881 3108 crcdisk - ok
12:42:34.0920 3108 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:34.0935 3108 CryptSvc - ok
12:42:34.0966 3108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:35.0047 3108 DcomLaunch - ok
12:42:35.0076 3108 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:35.0104 3108 defragsvc - ok
12:42:35.0137 3108 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:35.0148 3108 DfsC - ok
12:42:35.0181 3108 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:42:35.0197 3108 dg_ssudbus - ok
12:42:35.0233 3108 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:35.0258 3108 Dhcp - ok
12:42:35.0269 3108 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:42:35.0272 3108 discache - ok
12:42:35.0285 3108 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:42:35.0288 3108 Disk - ok
12:42:35.0312 3108 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:35.0338 3108 Dnscache - ok
12:42:35.0372 3108 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:35.0405 3108 dot3svc - ok
12:42:35.0431 3108 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:42:35.0457 3108 DPS - ok
12:42:35.0490 3108 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:35.0499 3108 drmkaud - ok
12:42:35.0522 3108 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
12:42:35.0530 3108 DrvAgent64 - ok
12:42:35.0574 3108 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:42:35.0577 3108 dtsoftbus01 - ok
12:42:35.0621 3108 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:35.0636 3108 DXGKrnl - ok
12:42:35.0640 3108 EagleX64 - ok
12:42:35.0661 3108 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:42:35.0688 3108 EapHost - ok
12:42:35.0851 3108 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:42:35.0897 3108 ebdrv - ok
12:42:35.0919 3108 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:42:35.0964 3108 EFS - ok
12:42:36.0006 3108 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:36.0017 3108 ehRecvr - ok
12:42:36.0031 3108 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:42:36.0037 3108 ehSched - ok
12:42:36.0059 3108 [ D38A883309E04B9FBFFE1ACA60EA3BBF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
12:42:36.0063 3108 ElRawDisk - ok
12:42:36.0085 3108 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:42:36.0101 3108 elxstor - ok
12:42:36.0122 3108 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:36.0133 3108 ErrDev - ok
12:42:36.0161 3108 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:42:36.0194 3108 EventSystem - ok
12:42:36.0211 3108 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:36.0225 3108 exfat - ok
12:42:36.0240 3108 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:36.0254 3108 fastfat - ok
12:42:36.0297 3108 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:42:36.0335 3108 Fax - ok
12:42:36.0350 3108 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:42:36.0381 3108 fdc - ok
12:42:36.0398 3108 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:36.0427 3108 fdPHost - ok
12:42:36.0453 3108 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:36.0481 3108 FDResPub - ok
12:42:36.0494 3108 FileDisk - ok
12:42:36.0506 3108 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:36.0509 3108 FileInfo - ok
12:42:36.0524 3108 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:36.0535 3108 Filetrace - ok
12:42:36.0551 3108 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:42:36.0563 3108 flpydisk - ok
12:42:36.0574 3108 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:36.0580 3108 FltMgr - ok
12:42:36.0611 3108 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:42:36.0650 3108 FontCache - ok
12:42:36.0701 3108 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:42:36.0702 3108 FontCache3.0.0.0 - ok
12:42:36.0727 3108 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:36.0738 3108 FsDepends - ok
12:42:36.0768 3108 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:36.0771 3108 Fs_Rec - ok
12:42:36.0801 3108 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:36.0806 3108 fvevol - ok
12:42:36.0826 3108 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:42:36.0838 3108 gagp30kx - ok
12:42:36.0902 3108 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:36.0993 3108 gpsvc - ok
12:42:37.0133 3108 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:37.0135 3108 gupdate - ok
12:42:37.0226 3108 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:37.0227 3108 gupdatem - ok
12:42:37.0296 3108 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:42:37.0308 3108 gusvc - ok
12:42:37.0338 3108 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:37.0349 3108 hcw85cir - ok
12:42:37.0412 3108 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:37.0481 3108 HdAudAddService - ok
12:42:37.0507 3108 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:37.0511 3108 HDAudBus - ok
12:42:37.0515 3108 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:42:37.0527 3108 HidBatt - ok
12:42:37.0543 3108 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:42:37.0555 3108 HidBth - ok
12:42:37.0567 3108 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:42:37.0579 3108 HidIr - ok
12:42:37.0594 3108 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:42:37.0633 3108 hidserv - ok
12:42:37.0662 3108 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:42:37.0666 3108 HidUsb - ok
12:42:37.0691 3108 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:37.0742 3108 hkmsvc - ok
12:42:37.0768 3108 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:37.0815 3108 HomeGroupListener - ok
12:42:37.0844 3108 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:37.0916 3108 HomeGroupProvider - ok
12:42:37.0957 3108 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:37.0968 3108 HpSAMD - ok
12:42:37.0998 3108 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:38.0008 3108 HTTP - ok
12:42:38.0044 3108 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:38.0048 3108 hwpolicy - ok
12:42:38.0075 3108 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:42:38.0089 3108 i8042prt - ok
12:42:38.0114 3108 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:38.0131 3108 iaStorV - ok
12:42:38.0172 3108 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:42:38.0190 3108 idsvc - ok
12:42:38.0233 3108 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:42:38.0246 3108 iirsp - ok
12:42:38.0271 3108 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:38.0314 3108 IKEEXT - ok
12:42:38.0363 3108 [ F5872A11EB4F6DB170D636CD4E53CA9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:42:38.0389 3108 IntcAzAudAddService - ok
12:42:38.0421 3108 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:38.0433 3108 intelide - ok
12:42:38.0487 3108 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:38.0499 3108 intelppm - ok
12:42:38.0582 3108 [ 440A02FA25BE8DCCD2103D820036EDA1 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
12:42:38.0589 3108 ioloSystemService - ok
12:42:38.0630 3108 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:38.0671 3108 IPBusEnum - ok
12:42:38.0708 3108 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:38.0721 3108 IpFilterDriver - ok
12:42:38.0753 3108 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:42:38.0795 3108 iphlpsvc - ok
12:42:38.0810 3108 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:38.0815 3108 IPMIDRV - ok
12:42:38.0831 3108 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:38.0844 3108 IPNAT - ok
12:42:38.0863 3108 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:38.0875 3108 IRENUM - ok
12:42:38.0884 3108 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:38.0896 3108 isapnp - ok
12:42:38.0911 3108 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:38.0928 3108 iScsiPrt - ok
12:42:38.0941 3108 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:42:38.0954 3108 kbdclass - ok
12:42:39.0005 3108 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:42:39.0017 3108 kbdhid - ok
12:42:39.0021 3108 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:42:39.0067 3108 KeyIso - ok
12:42:39.0097 3108 [ 77481D3753F6DCB0A499C3A01460DC00 ] KmxAgent C:\Windows\system32\DRIVERS\kmxagent.sys
12:42:39.0110 3108 KmxAgent - ok
12:42:39.0126 3108 [ C30A499E4A05FA7C1B2B1325953F12D4 ] KmxAMRT C:\Windows\system32\DRIVERS\KmxAMRT.sys
12:42:39.0132 3108 KmxAMRT - ok
12:42:39.0167 3108 [ 2896919A9E5A4DC267A2D916F75D2346 ] KmxCF C:\Windows\system32\DRIVERS\KmxCF.sys
12:42:39.0173 3108 KmxCF - ok
12:42:39.0184 3108 [ 2FA4CB9DCA3ED83583659670F3B40916 ] KmxCfg C:\Windows\system32\DRIVERS\kmxcfg.sys
12:42:39.0197 3108 KmxCfg - ok
12:42:39.0217 3108 [ EB0576050B2A618563CAA3ECBF19F2EF ] KmxFile C:\Windows\system32\DRIVERS\KmxFile.sys
12:42:39.0229 3108 KmxFile - ok
12:42:39.0253 3108 [ 87DA5AFC8950EC34D0CDDF3438370727 ] KmxFilter C:\Windows\system32\DRIVERS\KmxFilter.sys
12:42:39.0265 3108 KmxFilter - ok
12:42:39.0274 3108 [ 15260D1B5BB6BA8E5079E758FCE88207 ] KmxFw C:\Windows\system32\DRIVERS\kmxfw.sys
12:42:39.0280 3108 KmxFw - ok
12:42:39.0293 3108 [ EEF33889A80990C70595457A5C97EE09 ] KmxSbx C:\Windows\system32\DRIVERS\KmxSbx.sys
12:42:39.0298 3108 KmxSbx - ok
12:42:39.0326 3108 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:42:39.0333 3108 KSecDD - ok
12:42:39.0363 3108 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:42:39.0369 3108 KSecPkg - ok
12:42:39.0378 3108 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:42:39.0391 3108 ksthunk - ok
12:42:39.0456 3108 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:42:39.0516 3108 KtmRm - ok
12:42:39.0537 3108 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:42:39.0616 3108 LanmanServer - ok
12:42:39.0651 3108 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:42:39.0748 3108 LanmanWorkstation - ok
12:42:39.0765 3108 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:42:39.0771 3108 lltdio - ok
12:42:39.0798 3108 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:42:39.0891 3108 lltdsvc - ok
12:42:39.0912 3108 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:42:39.0960 3108 lmhosts - ok
12:42:40.0267 3108 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:42:40.0290 3108 LSI_FC - ok
12:42:40.0358 3108 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:42:40.0371 3108 LSI_SAS - ok
12:42:40.0388 3108 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:42:40.0402 3108 LSI_SAS2 - ok
12:42:40.0410 3108 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:42:40.0425 3108 LSI_SCSI - ok
12:42:40.0451 3108 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:42:40.0456 3108 luafv - ok
12:42:40.0508 3108 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:42:40.0592 3108 Mcx2Svc - ok
12:42:40.0642 3108 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:42:40.0685 3108 megasas - ok
12:42:40.0722 3108 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:42:40.0827 3108 MegaSR - ok
12:42:40.0924 3108 Microsoft SharePoint Workspace Audit Service - ok
12:42:40.0964 3108 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:42:41.0014 3108 MMCSS - ok
12:42:41.0041 3108 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:42:41.0076 3108 Modem - ok
12:42:41.0165 3108 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:42:41.0171 3108 monitor - ok
12:42:41.0191 3108 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:42:41.0204 3108 mouclass - ok
12:42:41.0217 3108 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:42:41.0222 3108 mouhid - ok
12:42:41.0248 3108 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:42:41.0254 3108 mountmgr - ok
12:42:41.0372 3108 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:42:41.0443 3108 MozillaMaintenance - ok
12:42:41.0461 3108 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:42:41.0480 3108 mpio - ok
12:42:41.0493 3108 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:42:41.0499 3108 mpsdrv - ok
12:42:41.0538 3108 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:42:41.0599 3108 MpsSvc - ok
12:42:41.0632 3108 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:42:41.0646 3108 MRxDAV - ok
12:42:41.0675 3108 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:42:41.0681 3108 mrxsmb - ok
12:42:41.0715 3108 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:42:41.0723 3108 mrxsmb10 - ok
12:42:41.0752 3108 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:42:41.0758 3108 mrxsmb20 - ok
12:42:41.0791 3108 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:42:41.0810 3108 msahci - ok
12:42:41.0848 3108 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:42:42.0045 3108 msdsm - ok
12:42:42.0057 3108 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:42:42.0112 3108 MSDTC - ok
12:42:42.0137 3108 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:42:42.0150 3108 Msfs - ok
12:42:42.0154 3108 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:42:42.0168 3108 mshidkmdf - ok
12:42:42.0189 3108 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:42:42.0196 3108 msisadrv - ok
12:42:42.0221 3108 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:42:42.0263 3108 MSiSCSI - ok
12:42:42.0266 3108 msiserver - ok
12:42:42.0281 3108 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:42:42.0294 3108 MSKSSRV - ok
12:42:42.0307 3108 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:42:42.0321 3108 MSPCLOCK - ok
12:42:42.0325 3108 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:42:42.0339 3108 MSPQM - ok
12:42:42.0371 3108 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:42:42.0381 3108 MsRPC - ok
12:42:42.0395 3108 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:42:42.0401 3108 mssmbios - ok
12:42:42.0419 3108 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:42:42.0433 3108 MSTEE - ok
12:42:42.0437 3108 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:42:42.0451 3108 MTConfig - ok
12:42:42.0467 3108 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:42:42.0477 3108 MTsensor - ok
12:42:42.0498 3108 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:42:42.0505 3108 Mup - ok
12:42:42.0538 3108 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:42:42.0609 3108 napagent - ok
12:42:42.0626 3108 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:42:42.0635 3108 NativeWifiP - ok
12:42:42.0671 3108 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:42:42.0685 3108 NDIS - ok
12:42:42.0696 3108 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:42:42.0711 3108 NdisCap - ok
12:42:42.0721 3108 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:42:42.0736 3108 NdisTapi - ok
12:42:42.0768 3108 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:42:42.0775 3108 Ndisuio - ok
12:42:42.0808 3108 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:42:42.0823 3108 NdisWan - ok
12:42:42.0850 3108 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:42:42.0864 3108 NDProxy - ok
12:42:42.0877 3108 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:42:42.0891 3108 NetBIOS - ok
12:42:42.0925 3108 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:42:42.0933 3108 NetBT - ok
12:42:42.0941 3108 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:42:42.0992 3108 Netlogon - ok
12:42:43.0035 3108 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:42:43.0108 3108 Netman - ok
12:42:43.0123 3108 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:42:43.0184 3108 netprofm - ok
12:42:43.0203 3108 [ D66596DB0A0739A89C25B590CE36D628 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:42:43.0223 3108 netr28x - ok
12:42:43.0242 3108 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:42:43.0251 3108 NetTcpPortSharing - ok
12:42:43.0271 3108 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:42:43.0285 3108 nfrd960 - ok
12:42:43.0299 3108 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:42:43.0357 3108 NlaSvc - ok
12:42:43.0364 3108 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:42:43.0379 3108 Npfs - ok
12:42:43.0418 3108 npggsvc - ok
12:42:43.0436 3108 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:42:43.0499 3108 nsi - ok
12:42:43.0538 3108 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:42:43.0544 3108 nsiproxy - ok
12:42:43.0643 3108 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:42:43.0663 3108 Ntfs - ok
12:42:43.0674 3108 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:42:43.0689 3108 Null - ok
12:42:43.0707 3108 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:42:43.0722 3108 nusb3hub - ok
12:42:43.0739 3108 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:42:43.0753 3108 nusb3xhc - ok
12:42:43.0785 3108 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:42:43.0800 3108 nvraid - ok
12:42:43.0818 3108 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:42:43.0834 3108 nvstor - ok
12:42:43.0861 3108 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:42:43.0877 3108 nv_agp - ok
12:42:43.0907 3108 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:42:43.0923 3108 ohci1394 - ok
12:42:43.0982 3108 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:42:43.0994 3108 ose - ok
12:42:44.0124 3108 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:42:44.0178 3108 osppsvc - ok
12:42:44.0220 3108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:42:44.0288 3108 p2pimsvc - ok
12:42:44.0312 3108 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:42:44.0379 3108 p2psvc - ok
12:42:44.0395 3108 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:42:44.0410 3108 Parport - ok
12:42:44.0430 3108 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:42:44.0437 3108 partmgr - ok
12:42:44.0453 3108 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:42:44.0520 3108 PcaSvc - ok
12:42:44.0536 3108 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:42:44.0544 3108 pci - ok
12:42:44.0556 3108 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:42:44.0563 3108 pciide - ok
12:42:44.0586 3108 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:42:44.0604 3108 pcmcia - ok
12:42:44.0653 3108 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
12:42:44.0670 3108 pcouffin - ok
12:42:44.0682 3108 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:42:44.0689 3108 pcw - ok
12:42:44.0702 3108 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:42:44.0713 3108 PEAUTH - ok
12:42:44.0753 3108 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:42:44.0789 3108 PerfHost - ok
12:42:44.0840 3108 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:42:44.0923 3108 pla - ok
12:42:44.0949 3108 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:42:45.0037 3108 PlugPlay - ok
12:42:45.0055 3108 PnkBstrA - ok
12:42:45.0058 3108 PnkBstrB - ok
12:42:45.0068 3108 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:42:45.0137 3108 PNRPAutoReg - ok
12:42:45.0143 3108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:42:45.0210 3108 PNRPsvc - ok
12:42:45.0238 3108 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:42:45.0245 3108 Point64 - ok
12:42:45.0260 3108 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:42:45.0302 3108 PolicyAgent - ok
12:42:45.0320 3108 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:42:45.0411 3108 Power - ok
12:42:45.0510 3108 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:42:45.0526 3108 PptpMiniport - ok
12:42:45.0544 3108 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:42:45.0559 3108 Processor - ok
12:42:45.0592 3108 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:42:45.0664 3108 ProfSvc - ok
12:42:45.0673 3108 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:42:45.0719 3108 ProtectedStorage - ok
12:42:45.0776 3108 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:42:45.0784 3108 Psched - ok
12:42:45.0903 3108 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:42:45.0933 3108 ql2300 - ok
12:42:45.0956 3108 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:42:45.0972 3108 ql40xx - ok
12:42:46.0028 3108 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:42:46.0101 3108 QWAVE - ok
12:42:46.0134 3108 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:42:46.0150 3108 QWAVEdrv - ok
12:42:46.0171 3108 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:42:46.0210 3108 RasAcd - ok
12:42:46.0308 3108 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:42:46.0317 3108 RasAgileVpn - ok
12:42:46.0329 3108 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:42:46.0437 3108 RasAuto - ok
12:42:46.0461 3108 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:42:46.0477 3108 Rasl2tp - ok
12:42:46.0507 3108 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:42:46.0582 3108 RasMan - ok
12:42:46.0590 3108 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:42:46.0605 3108 RasPppoe - ok
12:42:46.0612 3108 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:42:46.0627 3108 RasSstp - ok
12:42:46.0644 3108 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:42:46.0751 3108 rdbss - ok
12:42:46.0785 3108 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:42:46.0837 3108 rdpbus - ok
12:42:46.0855 3108 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:42:46.0863 3108 RDPCDD - ok
12:42:46.0876 3108 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:42:46.0884 3108 RDPENCDD - ok
12:42:46.0891 3108 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:42:46.0899 3108 RDPREFMP - ok
12:42:46.0926 3108 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:42:46.0943 3108 RDPWD - ok
12:42:46.0980 3108 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:42:46.0990 3108 rdyboost - ok
12:42:47.0015 3108 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:42:47.0069 3108 RemoteAccess - ok
12:42:47.0084 3108 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:42:47.0161 3108 RemoteRegistry - ok
12:42:47.0176 3108 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:42:47.0246 3108 RpcEptMapper - ok
12:42:47.0260 3108 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:42:47.0308 3108 RpcLocator - ok
12:42:47.0344 3108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:42:47.0420 3108 RpcSs - ok
12:42:47.0453 3108 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:42:47.0461 3108 rspndr - ok
12:42:47.0500 3108 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:42:47.0519 3108 RTL8167 - ok
12:42:47.0523 3108 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:42:47.0568 3108 SamSs - ok
12:42:47.0588 3108 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:42:47.0605 3108 sbp2port - ok
12:42:47.0625 3108 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:42:47.0704 3108 SCardSvr - ok
12:42:47.0733 3108 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:42:47.0761 3108 scfilter - ok
12:42:48.0052 3108 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:42:48.0175 3108 Schedule - ok
12:42:48.0200 3108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:42:48.0210 3108 SCPolicySvc - ok
12:42:48.0237 3108 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:42:48.0312 3108 SDRSVC - ok
12:42:48.0334 3108 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:42:48.0342 3108 secdrv - ok
12:42:48.0381 3108 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:42:48.0458 3108 seclogon - ok
12:42:48.0471 3108 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:42:48.0546 3108 SENS - ok
12:42:48.0555 3108 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:42:48.0635 3108 SensrSvc - ok
12:42:48.0643 3108 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:42:48.0659 3108 Serenum - ok
12:42:48.0665 3108 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:42:48.0682 3108 Serial - ok
12:42:48.0704 3108 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:42:48.0721 3108 sermouse - ok
12:42:48.0761 3108 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:42:48.0844 3108 SessionEnv - ok
12:42:48.0861 3108 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:42:48.0877 3108 sffdisk - ok
12:42:48.0893 3108 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:42:48.0910 3108 sffp_mmc - ok
12:42:48.0916 3108 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:42:48.0932 3108 sffp_sd - ok
12:42:48.0942 3108 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:42:48.0959 3108 sfloppy - ok
12:42:48.0988 3108 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:42:49.0037 3108 SharedAccess - ok
12:42:49.0070 3108 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:42:49.0151 3108 ShellHWDetection - ok
12:42:49.0167 3108 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:42:49.0185 3108 SiSRaid2 - ok
12:42:49.0199 3108 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:42:49.0215 3108 SiSRaid4 - ok
12:42:49.0267 3108 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:42:49.0268 3108 SkypeUpdate - ok
12:42:49.0272 3108 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:42:49.0289 3108 Smb - ok
12:42:49.0309 3108 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:42:49.0386 3108 SNMPTRAP - ok
12:42:49.0390 3108 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:42:49.0398 3108 spldr - ok
12:42:49.0435 3108 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:42:49.0517 3108 Spooler - ok
12:42:49.0583 3108 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:42:49.0689 3108 sppsvc - ok
12:42:49.0704 3108 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:42:49.0785 3108 sppuinotify - ok
12:42:49.0808 3108 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:42:49.0820 3108 srv - ok
12:42:49.0852 3108 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:42:49.0864 3108 srv2 - ok
12:42:49.0874 3108 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:42:49.0883 3108 srvnet - ok
12:42:49.0915 3108 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:42:49.0997 3108 SSDPSRV - ok
12:42:50.0031 3108 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:42:50.0113 3108 SstpSvc - ok
12:42:50.0151 3108 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
12:42:50.0169 3108 ssudmdm - ok
12:42:50.0181 3108 Steam Client Service - ok
12:42:50.0196 3108 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:42:50.0211 3108 stexstor - ok
12:42:50.0249 3108 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:42:50.0345 3108 stisvc - ok
12:42:50.0367 3108 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:42:50.0383 3108 swenum - ok
12:42:50.0408 3108 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:42:50.0501 3108 swprv - ok
12:42:50.0557 3108 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:42:50.0657 3108 SysMain - ok
12:42:50.0685 3108 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:42:50.0776 3108 TabletInputService - ok
12:42:50.0791 3108 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:42:50.0884 3108 TapiSrv - ok
12:42:50.0895 3108 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:42:50.0980 3108 TBS - ok
12:42:51.0038 3108 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:42:51.0062 3108 Tcpip - ok
12:42:51.0083 3108 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:42:51.0098 3108 TCPIP6 - ok
12:42:51.0129 3108 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:42:51.0137 3108 tcpipreg - ok
12:42:51.0157 3108 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:42:51.0173 3108 TDPIPE - ok
12:42:51.0191 3108 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:42:51.0208 3108 TDTCP - ok
12:42:51.0244 3108 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:42:51.0261 3108 tdx - ok
12:42:51.0272 3108 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:42:51.0288 3108 TermDD - ok
12:42:51.0317 3108 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:42:51.0408 3108 TermService - ok
12:42:51.0420 3108 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:42:51.0506 3108 Themes - ok
12:42:51.0528 3108 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:42:51.0577 3108 THREADORDER - ok
12:42:51.0598 3108 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:42:51.0683 3108 TrkWks - ok
12:42:51.0737 3108 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:42:51.0742 3108 TrustedInstaller - ok
12:42:51.0770 3108 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:42:51.0787 3108 tssecsrv - ok
12:42:51.0796 3108 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:42:51.0827 3108 TsUsbFlt - ok
12:42:51.0910 3108 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:42:51.0920 3108 tunnel - ok
12:42:52.0089 3108 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:42:52.0150 3108 uagp35 - ok
12:42:52.0247 3108 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:42:52.0453 3108 udfs - ok
12:42:52.0499 3108 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:42:52.0589 3108 UI0Detect - ok
12:42:52.0603 3108 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:42:52.0621 3108 uliagpkx - ok
12:42:52.0644 3108 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:42:52.0670 3108 umbus - ok
12:42:52.0750 3108 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:42:52.0771 3108 UmPass - ok
12:42:52.0881 3108 [ AF950F62E5FC72FFDB7363F72600B21C ] UmxEngine C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
12:42:52.0885 3108 UmxEngine - ok
12:42:52.0909 3108 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:42:53.0000 3108 upnphost - ok
12:42:53.0031 3108 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
12:42:53.0048 3108 usbccgp - ok
12:42:53.0067 3108 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:42:53.0084 3108 usbcir - ok
12:42:53.0105 3108 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:42:53.0121 3108 usbehci - ok
12:42:53.0132 3108 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:42:53.0152 3108 usbhub - ok
12:42:53.0169 3108 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:42:53.0187 3108 usbohci - ok
12:42:53.0202 3108 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:42:53.0219 3108 usbprint - ok
12:42:53.0245 3108 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:42:53.0262 3108 USBSTOR - ok
12:42:53.0267 3108 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:42:53.0283 3108 usbuhci - ok
12:42:53.0286 3108 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:42:53.0374 3108 UxSms - ok
12:42:53.0389 3108 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:42:53.0435 3108 VaultSvc - ok
12:42:53.0455 3108 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:42:53.0464 3108 vdrvroot - ok
12:42:53.0502 3108 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:42:53.0640 3108 vds - ok
12:42:53.0744 3108 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:42:53.0762 3108 vga - ok
12:42:53.0781 3108 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:42:53.0799 3108 VgaSave - ok
12:42:53.0816 3108 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:42:53.0977 3108 vhdmp - ok
12:42:54.0019 3108 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:42:54.0056 3108 viaide - ok
12:42:54.0111 3108 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:42:54.0150 3108 volmgr - ok
12:42:54.0205 3108 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:42:54.0256 3108 volmgrx - ok
12:42:54.0359 3108 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:42:54.0406 3108 volsnap - ok
12:42:54.0515 3108 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:42:54.0678 3108 vsmraid - ok
12:42:54.0731 3108 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:42:54.0839 3108 VSS - ok
12:42:54.0845 3108 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:42:54.0863 3108 vwifibus - ok
12:42:54.0873 3108 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:42:54.0922 3108 vwififlt - ok
12:42:54.0997 3108 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:42:55.0098 3108 W32Time - ok
12:42:55.0113 3108 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:42:55.0133 3108 WacomPen - ok
12:42:55.0151 3108 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:42:55.0169 3108 WANARP - ok
12:42:55.0172 3108 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:42:55.0181 3108 Wanarpv6 - ok
12:42:55.0220 3108 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:42:55.0241 3108 WatAdminSvc - ok
12:42:55.0286 3108 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:42:55.0401 3108 wbengine - ok
12:42:55.0455 3108 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:42:55.0562 3108 WbioSrvc - ok
12:42:55.0582 3108 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:42:55.0683 3108 wcncsvc - ok
12:42:55.0694 3108 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:42:55.0814 3108 WcsPlugInService - ok
12:42:55.0830 3108 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:42:55.0848 3108 Wd - ok
12:42:55.0906 3108 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:42:55.0920 3108 Wdf01000 - ok
12:42:55.0938 3108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:42:56.0030 3108 WdiServiceHost - ok
12:42:56.0033 3108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:42:56.0127 3108 WdiSystemHost - ok
12:42:56.0166 3108 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:42:56.0325 3108 WebClient - ok
12:42:56.0357 3108 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:42:56.0451 3108 Wecsvc - ok
12:42:56.0471 3108 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:42:56.0578 3108 wercplsupport - ok
12:42:56.0597 3108 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:42:56.0698 3108 WerSvc - ok
12:42:56.0706 3108 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:42:56.0723 3108 WfpLwf - ok
12:42:56.0734 3108 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:42:56.0751 3108 WIMMount - ok
12:42:56.0759 3108 WinDefend - ok
12:42:56.0837 3108 [ 2A58BD824D13AA6471894E75A5BAC141 ] WinExtManager C:\Windows\SysWOW64\mdmcls32.exe
12:42:56.0872 3108 WinExtManager - ok
12:42:56.0875 3108 WinHttpAutoProxySvc - ok
12:42:56.0919 3108 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:42:56.0933 3108 Winmgmt - ok
12:42:56.0983 3108 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:42:57.0108 3108 WinRM - ok
12:42:57.0146 3108 [ DD6E468A1FE2E7BACF50C3839A925A42 ] WinSvchostManagerSrv C:\Windows\SysWOW64\cfgmig32.exe
12:42:57.0151 3108 WinSvchostManagerSrv - ok
12:42:57.0167 3108 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:42:57.0185 3108 WinUsb - ok
12:42:57.0214 3108 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:42:57.0316 3108 Wlansvc - ok
12:42:57.0613 3108 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:42:57.0624 3108 wlidsvc - ok
12:42:57.0680 3108 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:42:57.0690 3108 WmiAcpi - ok
12:42:57.0757 3108 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:42:57.0828 3108 wmiApSrv - ok
12:42:57.0833 3108 WMPNetworkSvc - ok
12:42:57.0858 3108 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:42:57.0967 3108 WPCSvc - ok
12:42:58.0004 3108 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:42:58.0113 3108 WPDBusEnum - ok
12:42:58.0122 3108 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:42:58.0140 3108 ws2ifsl - ok
12:42:58.0150 3108 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:42:58.0253 3108 wscsvc - ok
12:42:58.0259 3108 WSearch - ok
12:42:58.0495 3108 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:42:58.0628 3108 wuauserv - ok
12:42:58.0662 3108 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:42:58.0672 3108 WudfPf - ok
12:42:58.0714 3108 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:42:58.0866 3108 WUDFRd - ok
12:42:58.0921 3108 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:42:59.0021 3108 wudfsvc - ok
12:42:59.0095 3108 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:42:59.0201 3108 WwanSvc - ok
12:42:59.0262 3108 X6va005 - ok
12:42:59.0307 3108 X6va008 - ok
12:42:59.0314 3108 ================ Scan global ===============================
12:42:59.0334 3108 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:42:59.0378 3108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:42:59.0483 3108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:42:59.0621 3108 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:42:59.0724 3108 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:42:59.0802 3108 [Global] - ok
12:42:59.0803 3108 ================ Scan MBR ==================================
12:42:59.0815 3108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:42:59.0815 3108 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:42:59.0857 3108 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:42:59.0857 3108 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:43:01.0100 3108 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:43:01.0100 3108 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:43:01.0103 3108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:43:01.0166 3108 \Device\Harddisk1\DR1 - ok
12:43:01.0166 3108 ================ Scan VBR ==================================
12:43:01.0169 3108 [ BB931B9C5C0AEAAAAA3427644CCA7140 ] \Device\Harddisk0\DR0\Partition1
12:43:01.0170 3108 \Device\Harddisk0\DR0\Partition1 - ok
12:43:01.0182 3108 [ D59B5F2F307D34190C25BA30C49B2AC2 ] \Device\Harddisk0\DR0\Partition2
12:43:01.0183 3108 \Device\Harddisk0\DR0\Partition2 - ok
12:43:01.0186 3108 [ BA89AFA8D2DC0F4E204A4D7CE99E61D9 ] \Device\Harddisk1\DR1\Partition1
12:43:01.0187 3108 \Device\Harddisk1\DR1\Partition1 - ok
12:43:01.0188 3108 ============================================================
12:43:01.0188 3108 Scan finished
12:43:01.0188 3108 ============================================================
12:43:01.0199 6076 Detected object count: 3
12:43:01.0199 6076 Actual detected object count: 3
12:43:17.0931 6076 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
12:43:17.0931 6076 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
12:43:18.0384 6076 \Device\Harddisk0\DR0\# - copied to quarantine
12:43:18.0388 6076 \Device\Harddisk0\DR0 - copied to quarantine
12:43:18.0414 6076 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:43:18.0418 6076 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:43:18.0427 6076 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:43:18.0436 6076 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:43:18.0441 6076 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:43:18.0446 6076 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:43:18.0452 6076 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:43:18.0459 6076 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:43:18.0467 6076 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:43:18.0475 6076 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:43:18.0483 6076 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:43:18.0492 6076 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:43:18.0494 6076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
12:43:18.0495 6076 \Device\Harddisk0\DR0 - ok
12:43:23.0007 6076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
12:43:23.0007 6076 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:43:23.0007 6076 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#8 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 26 September 2012 - 12:59 PM

when I ran the avast, I clicked save log when the scan and FixMBR got lit back up, but nothing popped up in the log, it only says the save was successfully saved to Desktop. Not sure if i did it too early.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:46 AM

Posted 26 September 2012 - 01:05 PM

when I ran the avast, I clicked save log when the scan and FixMBR got lit back up, but nothing popped up in the log, it only says the save was successfully saved to Desktop. Not sure if i did it too early.


Log is on the desktop

#10 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 26 September 2012 - 06:21 PM

No, i checked the desktop and i opened the file, but it gave me the same stuff that was on the avast program, it said the save was successful and the information of the desktop. (i.e. that it's a intel and the computers name and such.) The whole thing spanned only 5 lines. Not like the TDSS which was like 100+ lines.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:46 AM

Posted 26 September 2012 - 06:23 PM

No problem,run TDSSkiller once again and make sure to select DELETE

12:43:23.0007 6076 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the new log

Run ESET online scanner and post the log

Edited by narenxp, 26 September 2012 - 06:23 PM.


#12 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 28 September 2012 - 01:56 AM

It seems like i just went backwards. I did the TDSSkiller scan once again and deleted the TDSS file system. I got a blue screen of death and now the computer wont boot past the bios.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:46 AM

Posted 28 September 2012 - 03:55 AM

Did TDSSkiller find rootkit in the second scan?

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Can you get to this screen?

#14 bytecross

bytecross
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 28 September 2012 - 10:46 AM

No, the options i get on the BIOS screen are Boot Menu,Bios Set up, Display BIOS Post Message, and EZ Flash 2. Once i past the screen with available options, I get to a black screen with a blinking line

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:46 AM

Posted 28 September 2012 - 11:16 AM

Insert your windows 7 DVD,press any key on bootup

Click on REPAIR YOUR COMPUTER.Can you boot into recovery console now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users