Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with trojan "psw.onlinegames3.awvt"


  • Please log in to reply
4 replies to this topic

#1 ValiantWinter

ValiantWinter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:10 AM

Posted 29 September 2012 - 09:06 PM

Hi everyone.

This is my first post here. Several days ago, while I was out of town (my computer had been left on) it started going to BSoD with various errors at 10-30 minute intervals. Initially, I thought it was a driver error, so I updated my drivers. After some frustration, I decided it was time to reformat my C drive anyway. Did so, installed XP SP2 on the hard drive. It went to BSoD once, then I downloaded the new AVG 2013, updated it then ran a scan. It found "psw.onlinegames3.awvt", which it 'healed'. My computer has not blue-screened since then and exhibits no other symptoms. All was well for a day, then it just re-detected "psw.onlinegames3.awvt" and 'healed' it again. I'd like to deal with this before it gets out of hand again. Any help would be appreciated :)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 AM

Posted 29 September 2012 - 09:10 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ValiantWinter

ValiantWinter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:10 AM

Posted 29 September 2012 - 10:08 PM

Hi narenxp.

Not sure what the posting etiquette is on this forum, or whether I should bbcode my logs or anything.

Here is the log from TDSSKiller:
12:13:05.0562 3776  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:13:06.0312 3776  ============================================================
12:13:06.0312 3776  Current date / time: 2012/09/30 12:13:06.0312
12:13:06.0312 3776  SystemInfo:
12:13:06.0312 3776  
12:13:06.0312 3776  OS Version: 5.1.2600 ServicePack: 2.0
12:13:06.0312 3776  Product type: Workstation
12:13:06.0312 3776  ComputerName: NICHOLAS-FAMILY
12:13:06.0312 3776  UserName: Nicholas Family
12:13:06.0312 3776  Windows directory: C:\WINDOWS
12:13:06.0312 3776  System windows directory: C:\WINDOWS
12:13:06.0312 3776  Processor architecture: Intel x86
12:13:06.0312 3776  Number of processors: 2
12:13:06.0312 3776  Page size: 0x1000
12:13:06.0312 3776  Boot type: Normal boot
12:13:06.0312 3776  ============================================================
12:13:07.0500 3776  Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
12:13:07.0515 3776  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:13:07.0515 3776  ============================================================
12:13:07.0515 3776  \Device\Harddisk0\DR0:
12:13:07.0515 3776  MBR partitions:
12:13:07.0515 3776  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
12:13:07.0515 3776  \Device\Harddisk1\DR1:
12:13:07.0515 3776  MBR partitions:
12:13:07.0515 3776  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
12:13:07.0515 3776  ============================================================
12:13:07.0562 3776  D: <-> \Device\Harddisk1\DR1\Partition1
12:13:07.0578 3776  C: <-> \Device\Harddisk0\DR0\Partition1
12:13:07.0578 3776  ============================================================
12:13:07.0578 3776  Initialize success
12:13:07.0578 3776  ============================================================
12:13:09.0859 3956  ============================================================
12:13:09.0859 3956  Scan started
12:13:09.0859 3956  Mode: Manual; 
12:13:09.0859 3956  ============================================================
12:13:11.0593 3956  ================ Scan system memory ========================
12:13:11.0593 3956  System memory - ok
12:13:11.0593 3956  ================ Scan services =============================
12:13:11.0765 3956  Abiosdsk - ok
12:13:11.0765 3956  abp480n5 - ok
12:13:11.0812 3956  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:13:11.0812 3956  ACPI - ok
12:13:11.0828 3956  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:13:11.0828 3956  ACPIEC - ok
12:13:11.0890 3956  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:13:11.0890 3956  AdobeFlashPlayerUpdateSvc - ok
12:13:11.0906 3956  adpu160m - ok
12:13:11.0937 3956  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:13:11.0937 3956  aec - ok
12:13:11.0968 3956  [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:13:11.0968 3956  AFD - ok
12:13:11.0968 3956  Aha154x - ok
12:13:11.0968 3956  aic78u2 - ok
12:13:11.0968 3956  aic78xx - ok
12:13:11.0984 3956  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:13:11.0984 3956  Alerter - ok
12:13:12.0000 3956  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
12:13:12.0000 3956  ALG - ok
12:13:12.0000 3956  AliIde - ok
12:13:12.0015 3956  amsint - ok
12:13:12.0281 3956  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:13:12.0296 3956  Apple Mobile Device - ok
12:13:12.0343 3956  [ E592751036C1D0A74EC3E57302A03745 ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
12:13:12.0343 3956  AppleCharger - ok
12:13:12.0359 3956  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
12:13:12.0359 3956  AppleChargerSrv - ok
12:13:12.0359 3956  AppMgmt - ok
12:13:12.0359 3956  asc - ok
12:13:12.0375 3956  asc3350p - ok
12:13:12.0375 3956  asc3550 - ok
12:13:13.0046 3956  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:13:13.0046 3956  aspnet_state - ok
12:13:13.0093 3956  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:13:13.0093 3956  AsyncMac - ok
12:13:13.0156 3956  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:13:13.0156 3956  atapi - ok
12:13:13.0156 3956  Atdisk - ok
12:13:13.0328 3956  [ 6A5614F785DEEA2C17DA494B5198355C ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
12:13:13.0328 3956  Ati HotKey Poller - ok
12:13:13.0515 3956  [ 5CB8B6775285F2F908C3F810EAB78500 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:13:13.0546 3956  ati2mtag - ok
12:13:13.0593 3956  [ 924971A182E07463765EF9FA8876F24F ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
12:13:13.0593 3956  AtiHDAudioService - ok
12:13:13.0593 3956  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:13:13.0593 3956  Atmarpc - ok
12:13:13.0625 3956  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:13:13.0625 3956  AudioSrv - ok
12:13:13.0640 3956  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:13:13.0640 3956  audstub - ok
12:13:13.0906 3956  [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
12:13:13.0937 3956  AVGIDSAgent - ok
12:13:13.0953 3956  [ 9E42E8B6BB7FD68F840003A9FC8F24C8 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
12:13:13.0953 3956  AVGIDSDriver - ok
12:13:13.0968 3956  [ CB77A9743A033E33F8409D235C683D99 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
12:13:13.0968 3956  AVGIDSHX - ok
12:13:13.0984 3956  [ 240F106B07CD9B522E2CD9E621618367 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
12:13:13.0984 3956  AVGIDSShim - ok
12:13:14.0000 3956  [ 7023142C545896D3538C9D36DDC57406 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
12:13:14.0000 3956  Avgldx86 - ok
12:13:14.0015 3956  [ 87E88A36279C8E5869270CC87F5BB7CD ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
12:13:14.0015 3956  Avglogx - ok
12:13:14.0031 3956  [ DACC0743F5313045D5CCA23F8A7CDF68 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
12:13:14.0031 3956  Avgmfx86 - ok
12:13:14.0031 3956  [ B8392B63D795A3DE866793220D3559EF ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
12:13:14.0031 3956  Avgrkx86 - ok
12:13:14.0031 3956  [ 69A4DF4CD2A15AACC0E8D2005D6A04BA ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
12:13:14.0046 3956  Avgtdix - ok
12:13:14.0062 3956  [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
12:13:14.0062 3956  avgwd - ok
12:13:14.0093 3956  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:13:14.0093 3956  Beep - ok
12:13:14.0109 3956  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
12:13:14.0125 3956  BITS - ok
12:13:14.0203 3956  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:13:14.0218 3956  Bonjour Service - ok
12:13:14.0250 3956  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
12:13:14.0250 3956  Browser - ok
12:13:14.0265 3956  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:13:14.0265 3956  cbidf2k - ok
12:13:14.0281 3956  cd20xrnt - ok
12:13:14.0281 3956  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:13:14.0281 3956  Cdaudio - ok
12:13:14.0296 3956  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:13:14.0296 3956  Cdfs - ok
12:13:14.0328 3956  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:13:14.0328 3956  Cdrom - ok
12:13:14.0328 3956  Changer - ok
12:13:14.0343 3956  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:13:14.0343 3956  CiSvc - ok
12:13:14.0343 3956  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:13:14.0343 3956  ClipSrv - ok
12:13:14.0375 3956  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:13:14.0375 3956  clr_optimization_v2.0.50727_32 - ok
12:13:14.0421 3956  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:13:14.0421 3956  clr_optimization_v4.0.30319_32 - ok
12:13:14.0421 3956  CmdIde - ok
12:13:14.0437 3956  COMSysApp - ok
12:13:14.0437 3956  Cpqarray - ok
12:13:14.0468 3956  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:13:14.0468 3956  CryptSvc - ok
12:13:14.0468 3956  dac2w2k - ok
12:13:14.0468 3956  dac960nt - ok
12:13:14.0500 3956  [ 5C83A4408604F737717AB96371201680 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:13:14.0500 3956  DcomLaunch - ok
12:13:14.0500 3956  [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:13:14.0500 3956  Dhcp - ok
12:13:14.0515 3956  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:13:14.0515 3956  Disk - ok
12:13:14.0515 3956  dmadmin - ok
12:13:14.0531 3956  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:13:14.0546 3956  dmboot - ok
12:13:14.0546 3956  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:13:14.0546 3956  dmio - ok
12:13:14.0593 3956  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:13:14.0593 3956  dmload - ok
12:13:14.0609 3956  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:13:14.0625 3956  dmserver - ok
12:13:14.0640 3956  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:13:14.0640 3956  DMusic - ok
12:13:14.0640 3956  [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:13:14.0640 3956  Dnscache - ok
12:13:14.0640 3956  dpti2o - ok
12:13:14.0656 3956  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:13:14.0656 3956  drmkaud - ok
12:13:14.0671 3956  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:13:14.0671 3956  ERSvc - ok
12:13:14.0687 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog        C:\WINDOWS\system32\services.exe
12:13:14.0687 3956  Eventlog - ok
12:13:14.0687 3956  [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem     C:\WINDOWS\system32\es.dll
12:13:14.0687 3956  EventSystem - ok
12:13:14.0703 3956  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:13:14.0703 3956  Fastfat - ok
12:13:14.0718 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:13:14.0718 3956  FastUserSwitchingCompatibility - ok
12:13:14.0734 3956  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
12:13:14.0734 3956  Fdc - ok
12:13:14.0750 3956  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:13:14.0750 3956  Fips - ok
12:13:14.0750 3956  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
12:13:14.0750 3956  Flpydisk - ok
12:13:14.0765 3956  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:13:14.0765 3956  FltMgr - ok
12:13:14.0812 3956  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:13:14.0812 3956  FontCache3.0.0.0 - ok
12:13:14.0812 3956  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:13:14.0812 3956  Fs_Rec - ok
12:13:14.0812 3956  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:13:14.0812 3956  Ftdisk - ok
12:13:14.0828 3956  gdrv - ok
12:13:14.0859 3956  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:13:14.0859 3956  GEARAspiWDM - ok
12:13:14.0890 3956  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:13:14.0890 3956  Gpc - ok
12:13:14.0906 3956  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:13:14.0906 3956  HDAudBus - ok
12:13:14.0921 3956  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:13:14.0921 3956  helpsvc - ok
12:13:14.0937 3956  [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:13:14.0937 3956  HidServ - ok
12:13:14.0953 3956  [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:13:14.0953 3956  hidusb - ok
12:13:14.0953 3956  hpn - ok
12:13:14.0968 3956  [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:13:14.0968 3956  HTTP - ok
12:13:14.0984 3956  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:13:14.0984 3956  HTTPFilter - ok
12:13:15.0000 3956  i2omgmt - ok
12:13:15.0000 3956  i2omp - ok
12:13:15.0015 3956  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
12:13:15.0015 3956  i8042prt - ok
12:13:15.0046 3956  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:13:15.0046 3956  idsvc - ok
12:13:15.0046 3956  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:13:15.0062 3956  Imapi - ok
12:13:15.0093 3956  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:13:15.0093 3956  ImapiService - ok
12:13:15.0093 3956  ini910u - ok
12:13:15.0109 3956  IntelIde - ok
12:13:15.0109 3956  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:13:15.0109 3956  intelppm - ok
12:13:15.0125 3956  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:13:15.0125 3956  Ip6Fw - ok
12:13:15.0156 3956  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:13:15.0156 3956  IpFilterDriver - ok
12:13:15.0156 3956  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:13:15.0156 3956  IpInIp - ok
12:13:15.0187 3956  [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:13:15.0187 3956  IpNat - ok
12:13:15.0234 3956  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:13:15.0250 3956  iPod Service - ok
12:13:15.0265 3956  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:13:15.0265 3956  IPSec - ok
12:13:15.0296 3956  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:13:15.0296 3956  IRENUM - ok
12:13:15.0328 3956  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:13:15.0328 3956  isapnp - ok
12:13:15.0453 3956  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:13:15.0453 3956  JavaQuickStarterService - ok
12:13:15.0468 3956  [ 74EDCEA4B299583267DEEF08F34146F6 ] KaraokeService  C:\WINDOWS\system32\KaraokeSer.exe
12:13:15.0468 3956  KaraokeService - ok
12:13:15.0484 3956  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:13:15.0484 3956  Kbdclass - ok
12:13:15.0500 3956  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:13:15.0500 3956  kbdhid - ok
12:13:15.0500 3956  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:13:15.0500 3956  kmixer - ok
12:13:15.0515 3956  [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:13:15.0515 3956  KSecDD - ok
12:13:15.0531 3956  [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c             C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
12:13:15.0531 3956  L1c - ok
12:13:15.0546 3956  [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:13:15.0546 3956  lanmanserver - ok
12:13:15.0546 3956  [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:13:15.0562 3956  lanmanworkstation - ok
12:13:15.0562 3956  lbrtfdc - ok
12:13:15.0562 3956  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:13:15.0578 3956  LmHosts - ok
12:13:15.0578 3956  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:13:15.0578 3956  Messenger - ok
12:13:15.0593 3956  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:13:15.0593 3956  mnmdd - ok
12:13:15.0625 3956  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:13:15.0625 3956  mnmsrvc - ok
12:13:15.0625 3956  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:13:15.0625 3956  Modem - ok
12:13:15.0625 3956  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:13:15.0640 3956  Mouclass - ok
12:13:15.0640 3956  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:13:15.0640 3956  mouhid - ok
12:13:15.0656 3956  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:13:15.0656 3956  MountMgr - ok
12:13:15.0656 3956  mraid35x - ok
12:13:15.0656 3956  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:13:15.0656 3956  MRxDAV - ok
12:13:15.0671 3956  [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:13:15.0671 3956  MRxSmb - ok
12:13:15.0687 3956  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:13:15.0703 3956  MSDTC - ok
12:13:15.0703 3956  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:13:15.0703 3956  Msfs - ok
12:13:15.0703 3956  MSIServer - ok
12:13:15.0734 3956  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:13:15.0734 3956  MSKSSRV - ok
12:13:15.0750 3956  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:13:15.0750 3956  MSPCLOCK - ok
12:13:15.0765 3956  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:13:15.0765 3956  MSPQM - ok
12:13:15.0781 3956  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:13:15.0781 3956  mssmbios - ok
12:13:15.0781 3956  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:13:15.0781 3956  Mup - ok
12:13:15.0796 3956  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:13:15.0796 3956  NDIS - ok
12:13:15.0812 3956  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:13:15.0812 3956  NdisTapi - ok
12:13:15.0828 3956  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:13:15.0828 3956  Ndisuio - ok
12:13:15.0828 3956  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:13:15.0828 3956  NdisWan - ok
12:13:15.0843 3956  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:13:15.0843 3956  NDProxy - ok
12:13:15.0843 3956  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:13:15.0843 3956  NetBIOS - ok
12:13:15.0859 3956  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:13:15.0859 3956  NetBT - ok
12:13:15.0875 3956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:13:15.0875 3956  NetDDE - ok
12:13:15.0875 3956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:13:15.0875 3956  NetDDEdsdm - ok
12:13:15.0890 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:13:15.0890 3956  Netlogon - ok
12:13:15.0906 3956  [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman          C:\WINDOWS\System32\netman.dll
12:13:15.0906 3956  Netman - ok
12:13:15.0953 3956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:13:15.0953 3956  NetTcpPortSharing - ok
12:13:15.0984 3956  [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:13:15.0984 3956  Nla - ok
12:13:15.0984 3956  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:13:15.0984 3956  Npfs - ok
12:13:16.0000 3956  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:13:16.0000 3956  Ntfs - ok
12:13:16.0015 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:13:16.0015 3956  NtLmSsp - ok
12:13:16.0031 3956  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:13:16.0031 3956  NtmsSvc - ok
12:13:16.0046 3956  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:13:16.0046 3956  Null - ok
12:13:16.0078 3956  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:13:16.0078 3956  NwlnkFlt - ok
12:13:16.0078 3956  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:13:16.0078 3956  NwlnkFwd - ok
12:13:16.0093 3956  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:13:16.0109 3956  Parport - ok
12:13:16.0109 3956  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:13:16.0109 3956  PartMgr - ok
12:13:16.0125 3956  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:13:16.0187 3956  ParVdm - ok
12:13:16.0203 3956  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:13:16.0203 3956  PCI - ok
12:13:16.0203 3956  PCIDump - ok
12:13:16.0218 3956  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:13:16.0218 3956  PCIIde - ok
12:13:16.0234 3956  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:13:16.0296 3956  Pcmcia - ok
12:13:16.0296 3956  PDCOMP - ok
12:13:16.0312 3956  PDFRAME - ok
12:13:16.0312 3956  PDRELI - ok
12:13:16.0312 3956  PDRFRAME - ok
12:13:16.0312 3956  perc2 - ok
12:13:16.0328 3956  perc2hib - ok
12:13:16.0359 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:13:16.0359 3956  PlugPlay - ok
12:13:16.0375 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:13:16.0375 3956  PolicyAgent - ok
12:13:16.0375 3956  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:13:16.0375 3956  PptpMiniport - ok
12:13:16.0375 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:13:16.0375 3956  ProtectedStorage - ok
12:13:16.0390 3956  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:13:16.0390 3956  PSched - ok
12:13:16.0390 3956  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:13:16.0390 3956  Ptilink - ok
12:13:16.0390 3956  ql1080 - ok
12:13:16.0390 3956  Ql10wnt - ok
12:13:16.0406 3956  ql12160 - ok
12:13:16.0406 3956  ql1240 - ok
12:13:16.0406 3956  ql1280 - ok
12:13:16.0421 3956  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:13:16.0421 3956  RasAcd - ok
12:13:16.0437 3956  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:13:16.0437 3956  RasAuto - ok
12:13:16.0437 3956  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:13:16.0437 3956  Rasl2tp - ok
12:13:16.0453 3956  [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:13:16.0453 3956  RasMan - ok
12:13:16.0453 3956  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:13:16.0468 3956  RasPppoe - ok
12:13:16.0468 3956  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:13:16.0468 3956  Raspti - ok
12:13:16.0484 3956  [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:13:16.0484 3956  Rdbss - ok
12:13:16.0484 3956  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:13:16.0484 3956  RDPCDD - ok
12:13:16.0562 3956  [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:13:16.0562 3956  RDPWD - ok
12:13:16.0578 3956  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:13:16.0593 3956  RDSessMgr - ok
12:13:16.0593 3956  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:13:16.0593 3956  redbook - ok
12:13:16.0625 3956  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:13:16.0625 3956  RemoteAccess - ok
12:13:16.0656 3956  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:13:16.0656 3956  RpcLocator - ok
12:13:16.0671 3956  [ 5C83A4408604F737717AB96371201680 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:13:16.0687 3956  RpcSs - ok
12:13:16.0703 3956  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:13:16.0703 3956  RSVP - ok
12:13:16.0718 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:13:16.0718 3956  SamSs - ok
12:13:16.0734 3956  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:13:16.0734 3956  SCardSvr - ok
12:13:16.0750 3956  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:13:16.0765 3956  Schedule - ok
12:13:16.0765 3956  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:13:16.0765 3956  Secdrv - ok
12:13:16.0781 3956  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:13:16.0781 3956  seclogon - ok
12:13:16.0796 3956  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
12:13:16.0796 3956  SENS - ok
12:13:16.0812 3956  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:13:16.0812 3956  serenum - ok
12:13:16.0812 3956  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:13:16.0812 3956  Serial - ok
12:13:16.0828 3956  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:13:16.0843 3956  Sfloppy - ok
12:13:16.0843 3956  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:13:16.0843 3956  SharedAccess - ok
12:13:16.0859 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:13:16.0859 3956  ShellHWDetection - ok
12:13:16.0859 3956  Simbad - ok
12:13:16.0859 3956  Sparrow - ok
12:13:16.0890 3956  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:13:16.0890 3956  splitter - ok
12:13:16.0890 3956  [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:13:16.0906 3956  Spooler - ok
12:13:16.0921 3956  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:13:16.0921 3956  sr - ok
12:13:16.0937 3956  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:13:16.0937 3956  srservice - ok
12:13:16.0937 3956  [ 20B7E396720353E4117D64D9DCB926CA ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:13:16.0937 3956  Srv - ok
12:13:16.0953 3956  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:13:16.0953 3956  SSDPSRV - ok
12:13:16.0984 3956  [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:13:16.0984 3956  stisvc - ok
12:13:16.0984 3956  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:13:16.0984 3956  swenum - ok
12:13:17.0000 3956  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:13:17.0000 3956  swmidi - ok
12:13:17.0000 3956  SwPrv - ok
12:13:17.0015 3956  symc810 - ok
12:13:17.0015 3956  symc8xx - ok
12:13:17.0015 3956  sym_hi - ok
12:13:17.0015 3956  sym_u3 - ok
12:13:17.0031 3956  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:13:17.0031 3956  sysaudio - ok
12:13:17.0046 3956  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:13:17.0046 3956  SysmonLog - ok
12:13:17.0062 3956  [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:13:17.0062 3956  TapiSrv - ok
12:13:17.0078 3956  [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:13:17.0093 3956  Tcpip - ok
12:13:17.0093 3956  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:13:17.0093 3956  TDPIPE - ok
12:13:17.0140 3956  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:13:17.0140 3956  TDTCP - ok
12:13:17.0156 3956  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:13:17.0156 3956  TermDD - ok
12:13:17.0171 3956  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:13:17.0171 3956  TermService - ok
12:13:17.0187 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:13:17.0187 3956  Themes - ok
12:13:17.0187 3956  TosIde - ok
12:13:17.0187 3956  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:13:17.0203 3956  TrkWks - ok
12:13:17.0203 3956  TuneUp.UtilitiesSvc - ok
12:13:17.0203 3956  TuneUpUtilitiesDrv - ok
12:13:17.0218 3956  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:13:17.0218 3956  Udfs - ok
12:13:17.0218 3956  ultra - ok
12:13:17.0234 3956  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:13:17.0234 3956  Update - ok
12:13:17.0234 3956  [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:13:17.0250 3956  upnphost - ok
12:13:17.0250 3956  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
12:13:17.0250 3956  UPS - ok
12:13:17.0265 3956  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:13:17.0265 3956  usbccgp - ok
12:13:17.0281 3956  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:13:17.0281 3956  usbehci - ok
12:13:17.0296 3956  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:13:17.0296 3956  usbhub - ok
12:13:17.0312 3956  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:13:17.0312 3956  USBSTOR - ok
12:13:17.0312 3956  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:13:17.0328 3956  usbuhci - ok
12:13:17.0328 3956  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:13:17.0328 3956  VgaSave - ok
12:13:17.0375 3956  [ 108432C0BC68DA4355B0F5AB2B2B01F8 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
12:13:17.0390 3956  VIAHdAudAddService - ok
12:13:17.0390 3956  ViaIde - ok
12:13:17.0406 3956  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:13:17.0406 3956  VolSnap - ok
12:13:17.0437 3956  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
12:13:17.0437 3956  VSS - ok
12:13:17.0468 3956  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
12:13:17.0468 3956  W32Time - ok
12:13:17.0468 3956  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:13:17.0468 3956  Wanarp - ok
12:13:17.0484 3956  WDICA - ok
12:13:17.0500 3956  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:13:17.0500 3956  wdmaud - ok
12:13:17.0500 3956  [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:13:17.0515 3956  WebClient - ok
12:13:17.0562 3956  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:13:17.0562 3956  winmgmt - ok
12:13:17.0593 3956  [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
12:13:17.0593 3956  WmdmPmSN - ok
12:13:17.0609 3956  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:13:17.0609 3956  WmiApSrv - ok
12:13:17.0687 3956  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:13:17.0687 3956  WPFFontCache_v0400 - ok
12:13:17.0734 3956  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:13:17.0734 3956  wscsvc - ok
12:13:17.0734 3956  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:13:17.0734 3956  wuauserv - ok
12:13:17.0750 3956  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:13:17.0750 3956  WZCSVC - ok
12:13:17.0765 3956  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:13:17.0765 3956  xmlprov - ok
12:13:17.0781 3956  ================ Scan global ===============================
12:13:17.0781 3956  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
12:13:17.0796 3956  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
12:13:17.0812 3956  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
12:13:17.0828 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\WINDOWS\system32\services.exe
12:13:17.0828 3956  [Global] - ok
12:13:17.0828 3956  ================ Scan MBR ==================================
12:13:17.0828 3956  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:13:18.0000 3956  \Device\Harddisk0\DR0 - ok
12:13:18.0015 3956  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:13:18.0250 3956  \Device\Harddisk1\DR1 - ok
12:13:18.0250 3956  ================ Scan VBR ==================================
12:13:18.0250 3956  [ F0081C7478C20B94B073AA632D36341E ] \Device\Harddisk0\DR0\Partition1
12:13:18.0265 3956  \Device\Harddisk0\DR0\Partition1 - ok
12:13:18.0265 3956  [ F16452934BDFC37BDA412CDA821D0842 ] \Device\Harddisk1\DR1\Partition1
12:13:18.0265 3956  \Device\Harddisk1\DR1\Partition1 - ok
12:13:18.0265 3956  ============================================================
12:13:18.0265 3956  Scan finished
12:13:18.0265 3956  ============================================================
12:13:18.0265 2056  Detected object count: 0
12:13:18.0265 2056  Actual detected object count: 0

Here is the log from aswMBR:

12:13:05.0562 3776  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:13:06.0312 3776  ============================================================
12:13:06.0312 3776  Current date / time: 2012/09/30 12:13:06.0312
12:13:06.0312 3776  SystemInfo:
12:13:06.0312 3776  
12:13:06.0312 3776  OS Version: 5.1.2600 ServicePack: 2.0
12:13:06.0312 3776  Product type: Workstation
12:13:06.0312 3776  ComputerName: NICHOLAS-FAMILY
12:13:06.0312 3776  UserName: Nicholas Family
12:13:06.0312 3776  Windows directory: C:\WINDOWS
12:13:06.0312 3776  System windows directory: C:\WINDOWS
12:13:06.0312 3776  Processor architecture: Intel x86
12:13:06.0312 3776  Number of processors: 2
12:13:06.0312 3776  Page size: 0x1000
12:13:06.0312 3776  Boot type: Normal boot
12:13:06.0312 3776  ============================================================
12:13:07.0500 3776  Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
12:13:07.0515 3776  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:13:07.0515 3776  ============================================================
12:13:07.0515 3776  \Device\Harddisk0\DR0:
12:13:07.0515 3776  MBR partitions:
12:13:07.0515 3776  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
12:13:07.0515 3776  \Device\Harddisk1\DR1:
12:13:07.0515 3776  MBR partitions:
12:13:07.0515 3776  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
12:13:07.0515 3776  ============================================================
12:13:07.0562 3776  D: <-> \Device\Harddisk1\DR1\Partition1
12:13:07.0578 3776  C: <-> \Device\Harddisk0\DR0\Partition1
12:13:07.0578 3776  ============================================================
12:13:07.0578 3776  Initialize success
12:13:07.0578 3776  ============================================================
12:13:09.0859 3956  ============================================================
12:13:09.0859 3956  Scan started
12:13:09.0859 3956  Mode: Manual; 
12:13:09.0859 3956  ============================================================
12:13:11.0593 3956  ================ Scan system memory ========================
12:13:11.0593 3956  System memory - ok
12:13:11.0593 3956  ================ Scan services =============================
12:13:11.0765 3956  Abiosdsk - ok
12:13:11.0765 3956  abp480n5 - ok
12:13:11.0812 3956  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:13:11.0812 3956  ACPI - ok
12:13:11.0828 3956  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:13:11.0828 3956  ACPIEC - ok
12:13:11.0890 3956  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:13:11.0890 3956  AdobeFlashPlayerUpdateSvc - ok
12:13:11.0906 3956  adpu160m - ok
12:13:11.0937 3956  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:13:11.0937 3956  aec - ok
12:13:11.0968 3956  [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:13:11.0968 3956  AFD - ok
12:13:11.0968 3956  Aha154x - ok
12:13:11.0968 3956  aic78u2 - ok
12:13:11.0968 3956  aic78xx - ok
12:13:11.0984 3956  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:13:11.0984 3956  Alerter - ok
12:13:12.0000 3956  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
12:13:12.0000 3956  ALG - ok
12:13:12.0000 3956  AliIde - ok
12:13:12.0015 3956  amsint - ok
12:13:12.0281 3956  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:13:12.0296 3956  Apple Mobile Device - ok
12:13:12.0343 3956  [ E592751036C1D0A74EC3E57302A03745 ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
12:13:12.0343 3956  AppleCharger - ok
12:13:12.0359 3956  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
12:13:12.0359 3956  AppleChargerSrv - ok
12:13:12.0359 3956  AppMgmt - ok
12:13:12.0359 3956  asc - ok
12:13:12.0375 3956  asc3350p - ok
12:13:12.0375 3956  asc3550 - ok
12:13:13.0046 3956  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:13:13.0046 3956  aspnet_state - ok
12:13:13.0093 3956  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:13:13.0093 3956  AsyncMac - ok
12:13:13.0156 3956  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:13:13.0156 3956  atapi - ok
12:13:13.0156 3956  Atdisk - ok
12:13:13.0328 3956  [ 6A5614F785DEEA2C17DA494B5198355C ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
12:13:13.0328 3956  Ati HotKey Poller - ok
12:13:13.0515 3956  [ 5CB8B6775285F2F908C3F810EAB78500 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:13:13.0546 3956  ati2mtag - ok
12:13:13.0593 3956  [ 924971A182E07463765EF9FA8876F24F ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
12:13:13.0593 3956  AtiHDAudioService - ok
12:13:13.0593 3956  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:13:13.0593 3956  Atmarpc - ok
12:13:13.0625 3956  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:13:13.0625 3956  AudioSrv - ok
12:13:13.0640 3956  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:13:13.0640 3956  audstub - ok
12:13:13.0906 3956  [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
12:13:13.0937 3956  AVGIDSAgent - ok
12:13:13.0953 3956  [ 9E42E8B6BB7FD68F840003A9FC8F24C8 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
12:13:13.0953 3956  AVGIDSDriver - ok
12:13:13.0968 3956  [ CB77A9743A033E33F8409D235C683D99 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
12:13:13.0968 3956  AVGIDSHX - ok
12:13:13.0984 3956  [ 240F106B07CD9B522E2CD9E621618367 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
12:13:13.0984 3956  AVGIDSShim - ok
12:13:14.0000 3956  [ 7023142C545896D3538C9D36DDC57406 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
12:13:14.0000 3956  Avgldx86 - ok
12:13:14.0015 3956  [ 87E88A36279C8E5869270CC87F5BB7CD ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
12:13:14.0015 3956  Avglogx - ok
12:13:14.0031 3956  [ DACC0743F5313045D5CCA23F8A7CDF68 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
12:13:14.0031 3956  Avgmfx86 - ok
12:13:14.0031 3956  [ B8392B63D795A3DE866793220D3559EF ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
12:13:14.0031 3956  Avgrkx86 - ok
12:13:14.0031 3956  [ 69A4DF4CD2A15AACC0E8D2005D6A04BA ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
12:13:14.0046 3956  Avgtdix - ok
12:13:14.0062 3956  [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
12:13:14.0062 3956  avgwd - ok
12:13:14.0093 3956  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:13:14.0093 3956  Beep - ok
12:13:14.0109 3956  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
12:13:14.0125 3956  BITS - ok
12:13:14.0203 3956  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:13:14.0218 3956  Bonjour Service - ok
12:13:14.0250 3956  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
12:13:14.0250 3956  Browser - ok
12:13:14.0265 3956  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:13:14.0265 3956  cbidf2k - ok
12:13:14.0281 3956  cd20xrnt - ok
12:13:14.0281 3956  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:13:14.0281 3956  Cdaudio - ok
12:13:14.0296 3956  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:13:14.0296 3956  Cdfs - ok
12:13:14.0328 3956  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:13:14.0328 3956  Cdrom - ok
12:13:14.0328 3956  Changer - ok
12:13:14.0343 3956  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:13:14.0343 3956  CiSvc - ok
12:13:14.0343 3956  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:13:14.0343 3956  ClipSrv - ok
12:13:14.0375 3956  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:13:14.0375 3956  clr_optimization_v2.0.50727_32 - ok
12:13:14.0421 3956  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:13:14.0421 3956  clr_optimization_v4.0.30319_32 - ok
12:13:14.0421 3956  CmdIde - ok
12:13:14.0437 3956  COMSysApp - ok
12:13:14.0437 3956  Cpqarray - ok
12:13:14.0468 3956  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:13:14.0468 3956  CryptSvc - ok
12:13:14.0468 3956  dac2w2k - ok
12:13:14.0468 3956  dac960nt - ok
12:13:14.0500 3956  [ 5C83A4408604F737717AB96371201680 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:13:14.0500 3956  DcomLaunch - ok
12:13:14.0500 3956  [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:13:14.0500 3956  Dhcp - ok
12:13:14.0515 3956  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:13:14.0515 3956  Disk - ok
12:13:14.0515 3956  dmadmin - ok
12:13:14.0531 3956  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:13:14.0546 3956  dmboot - ok
12:13:14.0546 3956  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:13:14.0546 3956  dmio - ok
12:13:14.0593 3956  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:13:14.0593 3956  dmload - ok
12:13:14.0609 3956  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:13:14.0625 3956  dmserver - ok
12:13:14.0640 3956  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:13:14.0640 3956  DMusic - ok
12:13:14.0640 3956  [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:13:14.0640 3956  Dnscache - ok
12:13:14.0640 3956  dpti2o - ok
12:13:14.0656 3956  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:13:14.0656 3956  drmkaud - ok
12:13:14.0671 3956  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:13:14.0671 3956  ERSvc - ok
12:13:14.0687 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog        C:\WINDOWS\system32\services.exe
12:13:14.0687 3956  Eventlog - ok
12:13:14.0687 3956  [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem     C:\WINDOWS\system32\es.dll
12:13:14.0687 3956  EventSystem - ok
12:13:14.0703 3956  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:13:14.0703 3956  Fastfat - ok
12:13:14.0718 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:13:14.0718 3956  FastUserSwitchingCompatibility - ok
12:13:14.0734 3956  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
12:13:14.0734 3956  Fdc - ok
12:13:14.0750 3956  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:13:14.0750 3956  Fips - ok
12:13:14.0750 3956  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
12:13:14.0750 3956  Flpydisk - ok
12:13:14.0765 3956  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:13:14.0765 3956  FltMgr - ok
12:13:14.0812 3956  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:13:14.0812 3956  FontCache3.0.0.0 - ok
12:13:14.0812 3956  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:13:14.0812 3956  Fs_Rec - ok
12:13:14.0812 3956  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:13:14.0812 3956  Ftdisk - ok
12:13:14.0828 3956  gdrv - ok
12:13:14.0859 3956  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:13:14.0859 3956  GEARAspiWDM - ok
12:13:14.0890 3956  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:13:14.0890 3956  Gpc - ok
12:13:14.0906 3956  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:13:14.0906 3956  HDAudBus - ok
12:13:14.0921 3956  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:13:14.0921 3956  helpsvc - ok
12:13:14.0937 3956  [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:13:14.0937 3956  HidServ - ok
12:13:14.0953 3956  [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:13:14.0953 3956  hidusb - ok
12:13:14.0953 3956  hpn - ok
12:13:14.0968 3956  [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:13:14.0968 3956  HTTP - ok
12:13:14.0984 3956  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:13:14.0984 3956  HTTPFilter - ok
12:13:15.0000 3956  i2omgmt - ok
12:13:15.0000 3956  i2omp - ok
12:13:15.0015 3956  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
12:13:15.0015 3956  i8042prt - ok
12:13:15.0046 3956  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:13:15.0046 3956  idsvc - ok
12:13:15.0046 3956  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:13:15.0062 3956  Imapi - ok
12:13:15.0093 3956  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:13:15.0093 3956  ImapiService - ok
12:13:15.0093 3956  ini910u - ok
12:13:15.0109 3956  IntelIde - ok
12:13:15.0109 3956  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:13:15.0109 3956  intelppm - ok
12:13:15.0125 3956  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:13:15.0125 3956  Ip6Fw - ok
12:13:15.0156 3956  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:13:15.0156 3956  IpFilterDriver - ok
12:13:15.0156 3956  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:13:15.0156 3956  IpInIp - ok
12:13:15.0187 3956  [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:13:15.0187 3956  IpNat - ok
12:13:15.0234 3956  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:13:15.0250 3956  iPod Service - ok
12:13:15.0265 3956  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:13:15.0265 3956  IPSec - ok
12:13:15.0296 3956  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:13:15.0296 3956  IRENUM - ok
12:13:15.0328 3956  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:13:15.0328 3956  isapnp - ok
12:13:15.0453 3956  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:13:15.0453 3956  JavaQuickStarterService - ok
12:13:15.0468 3956  [ 74EDCEA4B299583267DEEF08F34146F6 ] KaraokeService  C:\WINDOWS\system32\KaraokeSer.exe
12:13:15.0468 3956  KaraokeService - ok
12:13:15.0484 3956  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:13:15.0484 3956  Kbdclass - ok
12:13:15.0500 3956  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:13:15.0500 3956  kbdhid - ok
12:13:15.0500 3956  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:13:15.0500 3956  kmixer - ok
12:13:15.0515 3956  [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:13:15.0515 3956  KSecDD - ok
12:13:15.0531 3956  [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c             C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
12:13:15.0531 3956  L1c - ok
12:13:15.0546 3956  [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:13:15.0546 3956  lanmanserver - ok
12:13:15.0546 3956  [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:13:15.0562 3956  lanmanworkstation - ok
12:13:15.0562 3956  lbrtfdc - ok
12:13:15.0562 3956  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:13:15.0578 3956  LmHosts - ok
12:13:15.0578 3956  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:13:15.0578 3956  Messenger - ok
12:13:15.0593 3956  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:13:15.0593 3956  mnmdd - ok
12:13:15.0625 3956  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:13:15.0625 3956  mnmsrvc - ok
12:13:15.0625 3956  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:13:15.0625 3956  Modem - ok
12:13:15.0625 3956  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:13:15.0640 3956  Mouclass - ok
12:13:15.0640 3956  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:13:15.0640 3956  mouhid - ok
12:13:15.0656 3956  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:13:15.0656 3956  MountMgr - ok
12:13:15.0656 3956  mraid35x - ok
12:13:15.0656 3956  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:13:15.0656 3956  MRxDAV - ok
12:13:15.0671 3956  [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:13:15.0671 3956  MRxSmb - ok
12:13:15.0687 3956  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:13:15.0703 3956  MSDTC - ok
12:13:15.0703 3956  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:13:15.0703 3956  Msfs - ok
12:13:15.0703 3956  MSIServer - ok
12:13:15.0734 3956  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:13:15.0734 3956  MSKSSRV - ok
12:13:15.0750 3956  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:13:15.0750 3956  MSPCLOCK - ok
12:13:15.0765 3956  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:13:15.0765 3956  MSPQM - ok
12:13:15.0781 3956  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:13:15.0781 3956  mssmbios - ok
12:13:15.0781 3956  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:13:15.0781 3956  Mup - ok
12:13:15.0796 3956  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:13:15.0796 3956  NDIS - ok
12:13:15.0812 3956  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:13:15.0812 3956  NdisTapi - ok
12:13:15.0828 3956  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:13:15.0828 3956  Ndisuio - ok
12:13:15.0828 3956  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:13:15.0828 3956  NdisWan - ok
12:13:15.0843 3956  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:13:15.0843 3956  NDProxy - ok
12:13:15.0843 3956  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:13:15.0843 3956  NetBIOS - ok
12:13:15.0859 3956  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:13:15.0859 3956  NetBT - ok
12:13:15.0875 3956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:13:15.0875 3956  NetDDE - ok
12:13:15.0875 3956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:13:15.0875 3956  NetDDEdsdm - ok
12:13:15.0890 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:13:15.0890 3956  Netlogon - ok
12:13:15.0906 3956  [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman          C:\WINDOWS\System32\netman.dll
12:13:15.0906 3956  Netman - ok
12:13:15.0953 3956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:13:15.0953 3956  NetTcpPortSharing - ok
12:13:15.0984 3956  [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:13:15.0984 3956  Nla - ok
12:13:15.0984 3956  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:13:15.0984 3956  Npfs - ok
12:13:16.0000 3956  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:13:16.0000 3956  Ntfs - ok
12:13:16.0015 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:13:16.0015 3956  NtLmSsp - ok
12:13:16.0031 3956  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:13:16.0031 3956  NtmsSvc - ok
12:13:16.0046 3956  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:13:16.0046 3956  Null - ok
12:13:16.0078 3956  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:13:16.0078 3956  NwlnkFlt - ok
12:13:16.0078 3956  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:13:16.0078 3956  NwlnkFwd - ok
12:13:16.0093 3956  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:13:16.0109 3956  Parport - ok
12:13:16.0109 3956  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:13:16.0109 3956  PartMgr - ok
12:13:16.0125 3956  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:13:16.0187 3956  ParVdm - ok
12:13:16.0203 3956  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:13:16.0203 3956  PCI - ok
12:13:16.0203 3956  PCIDump - ok
12:13:16.0218 3956  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:13:16.0218 3956  PCIIde - ok
12:13:16.0234 3956  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:13:16.0296 3956  Pcmcia - ok
12:13:16.0296 3956  PDCOMP - ok
12:13:16.0312 3956  PDFRAME - ok
12:13:16.0312 3956  PDRELI - ok
12:13:16.0312 3956  PDRFRAME - ok
12:13:16.0312 3956  perc2 - ok
12:13:16.0328 3956  perc2hib - ok
12:13:16.0359 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:13:16.0359 3956  PlugPlay - ok
12:13:16.0375 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:13:16.0375 3956  PolicyAgent - ok
12:13:16.0375 3956  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:13:16.0375 3956  PptpMiniport - ok
12:13:16.0375 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:13:16.0375 3956  ProtectedStorage - ok
12:13:16.0390 3956  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:13:16.0390 3956  PSched - ok
12:13:16.0390 3956  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:13:16.0390 3956  Ptilink - ok
12:13:16.0390 3956  ql1080 - ok
12:13:16.0390 3956  Ql10wnt - ok
12:13:16.0406 3956  ql12160 - ok
12:13:16.0406 3956  ql1240 - ok
12:13:16.0406 3956  ql1280 - ok
12:13:16.0421 3956  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:13:16.0421 3956  RasAcd - ok
12:13:16.0437 3956  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:13:16.0437 3956  RasAuto - ok
12:13:16.0437 3956  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:13:16.0437 3956  Rasl2tp - ok
12:13:16.0453 3956  [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:13:16.0453 3956  RasMan - ok
12:13:16.0453 3956  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:13:16.0468 3956  RasPppoe - ok
12:13:16.0468 3956  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:13:16.0468 3956  Raspti - ok
12:13:16.0484 3956  [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:13:16.0484 3956  Rdbss - ok
12:13:16.0484 3956  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:13:16.0484 3956  RDPCDD - ok
12:13:16.0562 3956  [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:13:16.0562 3956  RDPWD - ok
12:13:16.0578 3956  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:13:16.0593 3956  RDSessMgr - ok
12:13:16.0593 3956  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:13:16.0593 3956  redbook - ok
12:13:16.0625 3956  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:13:16.0625 3956  RemoteAccess - ok
12:13:16.0656 3956  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:13:16.0656 3956  RpcLocator - ok
12:13:16.0671 3956  [ 5C83A4408604F737717AB96371201680 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:13:16.0687 3956  RpcSs - ok
12:13:16.0703 3956  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:13:16.0703 3956  RSVP - ok
12:13:16.0718 3956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:13:16.0718 3956  SamSs - ok
12:13:16.0734 3956  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:13:16.0734 3956  SCardSvr - ok
12:13:16.0750 3956  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:13:16.0765 3956  Schedule - ok
12:13:16.0765 3956  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:13:16.0765 3956  Secdrv - ok
12:13:16.0781 3956  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:13:16.0781 3956  seclogon - ok
12:13:16.0796 3956  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
12:13:16.0796 3956  SENS - ok
12:13:16.0812 3956  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:13:16.0812 3956  serenum - ok
12:13:16.0812 3956  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:13:16.0812 3956  Serial - ok
12:13:16.0828 3956  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:13:16.0843 3956  Sfloppy - ok
12:13:16.0843 3956  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:13:16.0843 3956  SharedAccess - ok
12:13:16.0859 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:13:16.0859 3956  ShellHWDetection - ok
12:13:16.0859 3956  Simbad - ok
12:13:16.0859 3956  Sparrow - ok
12:13:16.0890 3956  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:13:16.0890 3956  splitter - ok
12:13:16.0890 3956  [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:13:16.0906 3956  Spooler - ok
12:13:16.0921 3956  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:13:16.0921 3956  sr - ok
12:13:16.0937 3956  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:13:16.0937 3956  srservice - ok
12:13:16.0937 3956  [ 20B7E396720353E4117D64D9DCB926CA ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:13:16.0937 3956  Srv - ok
12:13:16.0953 3956  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:13:16.0953 3956  SSDPSRV - ok
12:13:16.0984 3956  [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:13:16.0984 3956  stisvc - ok
12:13:16.0984 3956  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:13:16.0984 3956  swenum - ok
12:13:17.0000 3956  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:13:17.0000 3956  swmidi - ok
12:13:17.0000 3956  SwPrv - ok
12:13:17.0015 3956  symc810 - ok
12:13:17.0015 3956  symc8xx - ok
12:13:17.0015 3956  sym_hi - ok
12:13:17.0015 3956  sym_u3 - ok
12:13:17.0031 3956  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:13:17.0031 3956  sysaudio - ok
12:13:17.0046 3956  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:13:17.0046 3956  SysmonLog - ok
12:13:17.0062 3956  [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:13:17.0062 3956  TapiSrv - ok
12:13:17.0078 3956  [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:13:17.0093 3956  Tcpip - ok
12:13:17.0093 3956  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:13:17.0093 3956  TDPIPE - ok
12:13:17.0140 3956  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:13:17.0140 3956  TDTCP - ok
12:13:17.0156 3956  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:13:17.0156 3956  TermDD - ok
12:13:17.0171 3956  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:13:17.0171 3956  TermService - ok
12:13:17.0187 3956  [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:13:17.0187 3956  Themes - ok
12:13:17.0187 3956  TosIde - ok
12:13:17.0187 3956  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:13:17.0203 3956  TrkWks - ok
12:13:17.0203 3956  TuneUp.UtilitiesSvc - ok
12:13:17.0203 3956  TuneUpUtilitiesDrv - ok
12:13:17.0218 3956  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:13:17.0218 3956  Udfs - ok
12:13:17.0218 3956  ultra - ok
12:13:17.0234 3956  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:13:17.0234 3956  Update - ok
12:13:17.0234 3956  [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:13:17.0250 3956  upnphost - ok
12:13:17.0250 3956  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
12:13:17.0250 3956  UPS - ok
12:13:17.0265 3956  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:13:17.0265 3956  usbccgp - ok
12:13:17.0281 3956  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:13:17.0281 3956  usbehci - ok
12:13:17.0296 3956  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:13:17.0296 3956  usbhub - ok
12:13:17.0312 3956  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:13:17.0312 3956  USBSTOR - ok
12:13:17.0312 3956  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:13:17.0328 3956  usbuhci - ok
12:13:17.0328 3956  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:13:17.0328 3956  VgaSave - ok
12:13:17.0375 3956  [ 108432C0BC68DA4355B0F5AB2B2B01F8 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
12:13:17.0390 3956  VIAHdAudAddService - ok
12:13:17.0390 3956  ViaIde - ok
12:13:17.0406 3956  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:13:17.0406 3956  VolSnap - ok
12:13:17.0437 3956  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
12:13:17.0437 3956  VSS - ok
12:13:17.0468 3956  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
12:13:17.0468 3956  W32Time - ok
12:13:17.0468 3956  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:13:17.0468 3956  Wanarp - ok
12:13:17.0484 3956  WDICA - ok
12:13:17.0500 3956  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:13:17.0500 3956  wdmaud - ok
12:13:17.0500 3956  [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:13:17.0515 3956  WebClient - ok
12:13:17.0562 3956  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:13:17.0562 3956  winmgmt - ok
12:13:17.0593 3956  [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
12:13:17.0593 3956  WmdmPmSN - ok
12:13:17.0609 3956  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:13:17.0609 3956  WmiApSrv - ok
12:13:17.0687 3956  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:13:17.0687 3956  WPFFontCache_v0400 - ok
12:13:17.0734 3956  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:13:17.0734 3956  wscsvc - ok
12:13:17.0734 3956  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:13:17.0734 3956  wuauserv - ok
12:13:17.0750 3956  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:13:17.0750 3956  WZCSVC - ok
12:13:17.0765 3956  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:13:17.0765 3956  xmlprov - ok
12:13:17.0781 3956  ================ Scan global ===============================
12:13:17.0781 3956  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
12:13:17.0796 3956  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
12:13:17.0812 3956  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
12:13:17.0828 3956  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\WINDOWS\system32\services.exe
12:13:17.0828 3956  [Global] - ok
12:13:17.0828 3956  ================ Scan MBR ==================================
12:13:17.0828 3956  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:13:18.0000 3956  \Device\Harddisk0\DR0 - ok
12:13:18.0015 3956  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:13:18.0250 3956  \Device\Harddisk1\DR1 - ok
12:13:18.0250 3956  ================ Scan VBR ==================================
12:13:18.0250 3956  [ F0081C7478C20B94B073AA632D36341E ] \Device\Harddisk0\DR0\Partition1
12:13:18.0265 3956  \Device\Harddisk0\DR0\Partition1 - ok
12:13:18.0265 3956  [ F16452934BDFC37BDA412CDA821D0842 ] \Device\Harddisk1\DR1\Partition1
12:13:18.0265 3956  \Device\Harddisk1\DR1\Partition1 - ok
12:13:18.0265 3956  ============================================================
12:13:18.0265 3956  Scan finished
12:13:18.0265 3956  ============================================================
12:13:18.0265 2056  Detected object count: 0
12:13:18.0265 2056  Actual detected object count: 0

And ESET is still running. Will post when it finishes.

#4 ValiantWinter

ValiantWinter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:10 AM

Posted 29 September 2012 - 10:33 PM

Ok, here is the log from ESET:

D:\Installers\daemon4123-lite.exe	Win32/Adware.Toolbar.Shopper application	cleaned by deleting - quarantined
D:\Installers\flstudio_8.0_install.exe	probably a variant of Win32/Delf.LQXDKYX trojan	cleaned by deleting - quarantined
D:\Installers\MsgPlusLive-485.exe	a variant of Win32/MessengerPlus application	cleaned by deleting - quarantined


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 AM

Posted 01 October 2012 - 03:31 AM

ASWMBR log?


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it . For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users