Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Frustrated Ukash things


  • Please log in to reply
6 replies to this topic

#1 CarolineL

CarolineL

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 01 October 2012 - 10:03 AM

I am usually fine at these sort of things (despite being female!) but have recently been utterly confounded by what appears to be a dreaded virus called Ukash. I have tried everything I have come across to get rid of it but all roads apparently lead to dodgy software downloads and I therefore thus remain... clueless.

Rebooted into safe mode, and all my anti virus things say all is good !

It obviously goes beyond my obviously overblown self perceived computer skills *sobs*. Can anyone help ? Thanks (and Grrrrr) :)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 01 October 2012 - 10:18 AM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 CarolineL

CarolineL
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 01 October 2012 - 11:24 AM

[InfectedObject]
Verdict: TDSS File System
Name: \Device\Harddisk0\DR0
[InfectedFile]
Name: mbr
Size: 440
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: bid
Size: 37
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: affid
Size: 4
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: boot
Size: 1427
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: cmd32
Size: 32768
File time: 0000/00/00 00:00:00.0000

[InfectedFile]
Name: cmd64
Size: 24576
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: dbg32
Size: 6656
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: dbg64
Size: 9088
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: drv32
Size: 45056
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: drv64
Size: 47104
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: ldr32
Size: 6144
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: ldr64
Size: 5632
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: subid
Size: 8
File time: 0000/00/00 00:00:00.0000

[InfectedFile]
Name: info
Size: 80
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: com32
Size: 184320
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: bbr232
Size: 90112
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: serf232
Size: 90112
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: bbr_conf
Size: 120238
File time: 0000/00/00 00:00:00.0000
[InfectedFile]
Name: serf_conf
Size: 886
File time: 0000/00/00 00:00:00.0000

Part one from TDSSKiller is this what you need ? Thank you :) Doing the rest now. Caroline.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 01 October 2012 - 11:28 AM

Do not edit the log.Post the complete log :)

#5 CarolineL

CarolineL
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 01 October 2012 - 11:32 AM

Ahem. OK. Is this it ? God, I am worse than I thought ! TDSSkiller is here, aswMBR to follow !


17:14:40.0140 1432 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:14:40.0281 1432 ============================================================
17:14:40.0281 1432 Current date / time: 2012/10/01 17:14:40.0281
17:14:40.0281 1432 SystemInfo:
17:14:40.0281 1432
17:14:40.0281 1432 OS Version: 5.1.2600 ServicePack: 3.0
17:14:40.0281 1432 Product type: Workstation
17:14:40.0281 1432 ComputerName: PATCHWORK1
17:14:40.0281 1432 UserName: Admin
17:14:40.0281 1432 Windows directory: C:\WINDOWS
17:14:40.0281 1432 System windows directory: C:\WINDOWS
17:14:40.0281 1432 Processor architecture: Intel x86
17:14:40.0281 1432 Number of processors: 1
17:14:40.0281 1432 Page size: 0x1000
17:14:40.0281 1432 Boot type: Safe boot with network
17:14:40.0281 1432 ============================================================
17:14:45.0875 1432 Drive \Device\Harddisk0\DR0 - Size: 0xE51424000 (57.27 Gb), SectorSize: 0x200, Cylinders: 0x1D34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:14:45.0890 1432 ============================================================
17:14:45.0890 1432 \Device\Harddisk0\DR0:
17:14:45.0890 1432 MBR partitions:
17:14:45.0890 1432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7285D34
17:14:45.0890 1432 ============================================================
17:14:45.0937 1432 C: <-> \Device\Harddisk0\DR0\Partition1
17:14:46.0328 1432 ============================================================
17:14:46.0328 1432 Initialize success
17:14:46.0328 1432 ============================================================
17:14:55.0625 1504 ============================================================
17:14:55.0625 1504 Scan started
17:14:55.0625 1504 Mode: Manual; TDLFS;
17:14:55.0625 1504 ============================================================
17:14:57.0078 1504 ================ Scan system memory ========================
17:14:57.0078 1504 System memory - ok
17:14:57.0078 1504 ================ Scan services =============================
17:14:57.0265 1504 24383151 - ok
17:14:57.0328 1504 24383152 - ok
17:14:57.0375 1504 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
17:14:57.0375 1504 61883 - ok
17:14:57.0406 1504 Abiosdsk - ok
17:14:57.0421 1504 abp480n5 - ok
17:14:57.0500 1504 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:14:57.0515 1504 ACPI - ok
17:14:57.0562 1504 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:14:57.0562 1504 ACPIEC - ok
17:14:57.0625 1504 ADILOADER - ok
17:14:57.0640 1504 adiusbaw - ok
17:14:57.0765 1504 [ 4BC381316F422F3A5D5A957D3AA2224E ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:14:57.0765 1504 Adobe LM Service - ok
17:14:57.0828 1504 adpu160m - ok
17:14:57.0890 1504 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
17:14:57.0890 1504 aeaudio - ok
17:14:57.0968 1504 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:14:57.0968 1504 aec - ok
17:14:58.0031 1504 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
17:14:58.0031 1504 Afc - ok
17:14:58.0078 1504 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:14:58.0078 1504 AFD - ok
17:14:58.0125 1504 Aha154x - ok
17:14:58.0156 1504 aic78u2 - ok
17:14:58.0171 1504 aic78xx - ok
17:14:58.0250 1504 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:14:58.0250 1504 Alerter - ok
17:14:58.0296 1504 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
17:14:58.0296 1504 ALG - ok
17:14:58.0328 1504 AliIde - ok
17:14:58.0375 1504 [ D7E6DE8F676CF3A387F75E9AB404F7A4 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:14:58.0375 1504 AmdK8 - ok
17:14:58.0406 1504 amsint - ok
17:14:58.0593 1504 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:14:58.0703 1504 Apple Mobile Device - ok
17:14:58.0796 1504 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:14:58.0796 1504 AppMgmt - ok
17:14:58.0843 1504 aqpxk6y.sys - ok
17:14:58.0921 1504 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:14:58.0921 1504 Arp1394 - ok
17:14:58.0937 1504 asc - ok
17:14:58.0968 1504 asc3350p - ok
17:14:59.0000 1504 asc3550 - ok
17:14:59.0109 1504 [ 33C171DE483EE145F31234D93B078919 ] ASInsHelp C:\WINDOWS\system32\drivers\AsInsHelp32.sys
17:14:59.0125 1504 ASInsHelp - ok
17:14:59.0171 1504 [ C959989E2CE8DA9BDE8CAFDDBA84BADF ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
17:14:59.0171 1504 AsIO - ok
17:14:59.0265 1504 [ 7B44F870FC2DA172C5367D9E3F96F553 ] ASKService C:\Program Files\AskBarDis\bar\bin\AskService.exe
17:14:59.0281 1504 ASKService - ok
17:14:59.0359 1504 [ 367621CB272A8D9E7D910388916D5737 ] ASKUpgrade C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
17:14:59.0359 1504 ASKUpgrade - ok
17:14:59.0421 1504 [ 71356A1370739E25375A1D17B6AE318F ] aslm75 C:\WINDOWS\system32\drivers\aslm75.sys
17:14:59.0421 1504 aslm75 - ok
17:14:59.0531 1504 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:14:59.0609 1504 aspnet_state - ok
17:14:59.0656 1504 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:14:59.0671 1504 AsyncMac - ok
17:14:59.0687 1504 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:14:59.0687 1504 atapi - ok
17:14:59.0703 1504 Atdisk - ok
17:14:59.0765 1504 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:14:59.0781 1504 Atmarpc - ok
17:14:59.0828 1504 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:14:59.0828 1504 AudioSrv - ok
17:14:59.0875 1504 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:14:59.0875 1504 audstub - ok
17:14:59.0921 1504 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
17:14:59.0921 1504 Avc - ok
17:14:59.0968 1504 [ E625773D7B950842D582F713656859C0 ] AVCSTRM C:\WINDOWS\system32\DRIVERS\avcstrm.sys
17:14:59.0968 1504 AVCSTRM - ok
17:15:00.0046 1504 [ DB338A6BD3976904EB0F8343F51E64EB ] avg8wd C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
17:15:00.0062 1504 avg8wd - ok
17:15:00.0125 1504 [ BC12F2404BB6F2B6B2FF3C4C246CB752 ] AvgLdx86 C:\WINDOWS\System32\Drivers\avgldx86.sys
17:15:00.0125 1504 AvgLdx86 - ok
17:15:00.0156 1504 [ 5903D729D4F0C5BCA74123C96A1B29E0 ] AvgMfx86 C:\WINDOWS\System32\Drivers\avgmfx86.sys
17:15:00.0156 1504 AvgMfx86 - ok
17:15:00.0250 1504 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:15:00.0250 1504 Beep - ok
17:15:00.0296 1504 [ 94A5E2424BC8B94D02F88DEA0702246B ] bfturboh C:\WINDOWS\system32\drivers\bfturboh.sys
17:15:00.0296 1504 bfturboh - ok
17:15:00.0406 1504 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
17:15:00.0468 1504 BITS - ok
17:15:00.0515 1504 [ 5FF9A3F3476D726AE62DA82D5DA94C36 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
17:15:00.0515 1504 BlueletAudio - ok
17:15:00.0546 1504 [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
17:15:00.0546 1504 BlueletSCOAudio - ok
17:15:00.0687 1504 [ 2072720F0848312C40E01C2AEC8ED439 ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
17:15:00.0765 1504 BlueSoleil Hid Service - ok
17:15:00.0921 1504 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:15:01.0031 1504 Bonjour Service - ok
17:15:01.0156 1504 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
17:15:01.0156 1504 Browser - ok
17:15:01.0203 1504 [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
17:15:01.0203 1504 BT - ok
17:15:01.0265 1504 [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
17:15:01.0265 1504 Btcsrusb - ok
17:15:01.0328 1504 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:15:01.0328 1504 BthEnum - ok
17:15:01.0390 1504 [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys
17:15:01.0406 1504 BTHidEnum - ok
17:15:01.0468 1504 [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys
17:15:01.0468 1504 BTHidMgr - ok
17:15:01.0546 1504 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
17:15:01.0546 1504 BTHMODEM - ok
17:15:01.0578 1504 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:15:01.0578 1504 BthPan - ok
17:15:01.0625 1504 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
17:15:01.0625 1504 BTHPORT - ok
17:15:01.0671 1504 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\WINDOWS\System32\bthserv.dll
17:15:01.0687 1504 BthServ - ok
17:15:01.0734 1504 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:15:01.0734 1504 BTHUSB - ok
17:15:01.0781 1504 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:15:01.0781 1504 cbidf2k - ok
17:15:01.0859 1504 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:15:01.0859 1504 CCDECODE - ok
17:15:01.0906 1504 cd20xrnt - ok
17:15:01.0984 1504 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:15:01.0984 1504 Cdaudio - ok
17:15:02.0015 1504 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:15:02.0015 1504 Cdfs - ok
17:15:02.0031 1504 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:15:02.0031 1504 Cdrom - ok
17:15:02.0062 1504 Changer - ok
17:15:02.0109 1504 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:15:02.0109 1504 CiSvc - ok
17:15:02.0171 1504 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:15:02.0171 1504 ClipSrv - ok
17:15:02.0218 1504 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:02.0406 1504 clr_optimization_v2.0.50727_32 - ok
17:15:02.0421 1504 CmdIde - ok
17:15:02.0453 1504 COMSysApp - ok
17:15:02.0531 1504 Cpqarray - ok
17:15:02.0625 1504 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:15:02.0640 1504 CryptSvc - ok
17:15:02.0656 1504 dac2w2k - ok
17:15:02.0703 1504 dac960nt - ok
17:15:02.0781 1504 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:15:02.0796 1504 DcomLaunch - ok
17:15:02.0843 1504 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:15:02.0859 1504 Dhcp - ok
17:15:02.0906 1504 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:15:02.0906 1504 Disk - ok
17:15:02.0937 1504 dmadmin - ok
17:15:03.0000 1504 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:15:03.0031 1504 dmboot - ok
17:15:03.0078 1504 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:15:03.0078 1504 dmio - ok
17:15:03.0140 1504 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:15:03.0140 1504 dmload - ok
17:15:03.0187 1504 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:15:03.0187 1504 dmserver - ok
17:15:03.0265 1504 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:15:03.0265 1504 DMusic - ok
17:15:03.0328 1504 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:15:03.0328 1504 Dnscache - ok
17:15:03.0375 1504 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:15:03.0375 1504 Dot3svc - ok
17:15:03.0406 1504 dpti2o - ok
17:15:03.0453 1504 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:15:03.0468 1504 drmkaud - ok
17:15:03.0515 1504 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:15:03.0515 1504 EapHost - ok
17:15:03.0562 1504 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:15:03.0562 1504 ERSvc - ok
17:15:03.0625 1504 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
17:15:03.0625 1504 Eventlog - ok
17:15:03.0671 1504 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
17:15:03.0687 1504 EventSystem - ok
17:15:03.0734 1504 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:15:03.0734 1504 Fastfat - ok
17:15:03.0781 1504 [ 3ACBC73531DEDD69837FE73B1623D49C ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
17:15:03.0796 1504 fasttx2k - ok
17:15:03.0859 1504 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:15:03.0859 1504 FastUserSwitchingCompatibility - ok
17:15:03.0921 1504 [ B1C303E17FB9D46E87A98E4BA6769685 ] Fayn80r2uup C:\WINDOWS\system32\drivers\mouhid.sys
17:15:03.0921 1504 Fayn80r2uup - ok
17:15:03.0953 1504 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:15:03.0953 1504 Fdc - ok
17:15:04.0015 1504 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:15:04.0015 1504 Fips - ok
17:15:04.0078 1504 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:15:04.0078 1504 Flpydisk - ok
17:15:04.0156 1504 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:15:04.0156 1504 FltMgr - ok
17:15:04.0234 1504 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:15:04.0250 1504 FontCache3.0.0.0 - ok
17:15:04.0281 1504 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:15:04.0281 1504 Fs_Rec - ok
17:15:04.0343 1504 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:15:04.0343 1504 Ftdisk - ok
17:15:04.0406 1504 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
17:15:04.0406 1504 gagp30kx - ok
17:15:04.0453 1504 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:15:04.0453 1504 gameenum - ok
17:15:04.0500 1504 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:15:04.0500 1504 GEARAspiWDM - ok
17:15:04.0546 1504 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
17:15:04.0546 1504 giveio - ok
17:15:04.0609 1504 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:15:04.0609 1504 Gpc - ok
17:15:04.0671 1504 [ 7B90BE6811334CAA9243B89F3D3FEE1A ] GT680x C:\WINDOWS\system32\Drivers\gt680x.sys
17:15:04.0687 1504 GT680x - ok
17:15:04.0781 1504 [ AA821B41953B8765239FC49242C66972 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:15:04.0796 1504 gusvc - ok
17:15:04.0875 1504 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:15:04.0875 1504 helpsvc - ok
17:15:04.0937 1504 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:15:04.0937 1504 HidServ - ok
17:15:04.0968 1504 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:15:04.0968 1504 HidUsb - ok
17:15:05.0015 1504 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:15:05.0015 1504 hkmsvc - ok
17:15:05.0031 1504 hpn - ok
17:15:05.0093 1504 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:15:05.0093 1504 HTTP - ok
17:15:05.0140 1504 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:15:05.0140 1504 HTTPFilter - ok
17:15:05.0171 1504 i2omgmt - ok
17:15:05.0203 1504 i2omp - ok
17:15:05.0250 1504 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:15:05.0250 1504 i8042prt - ok
17:15:05.0343 1504 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:15:05.0406 1504 idsvc - ok
17:15:05.0484 1504 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:15:05.0484 1504 Imapi - ok
17:15:05.0531 1504 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:15:05.0531 1504 ImapiService - ok
17:15:05.0578 1504 ini910u - ok
17:15:05.0625 1504 IntelIde - ok
17:15:05.0671 1504 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:15:05.0671 1504 Ip6Fw - ok
17:15:05.0703 1504 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:15:05.0703 1504 IpInIp - ok
17:15:05.0796 1504 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:15:05.0796 1504 IpNat - ok
17:15:05.0984 1504 [ 8E5E5A8CC84DA3F683E3BBC045138D52 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:15:06.0140 1504 iPod Service - ok
17:15:06.0187 1504 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:15:06.0187 1504 IPSec - ok
17:15:06.0234 1504 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:15:06.0234 1504 IRENUM - ok
17:15:06.0296 1504 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:15:06.0296 1504 isapnp - ok
17:15:06.0328 1504 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
17:15:06.0328 1504 Iviaspi - ok
17:15:06.0437 1504 [ 09417134F248DFCEEA15C72BCC87F592 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
17:15:06.0546 1504 JavaQuickStarterService - ok
17:15:06.0578 1504 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:15:06.0578 1504 Kbdclass - ok
17:15:06.0640 1504 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:15:06.0640 1504 kbdhid - ok
17:15:06.0671 1504 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:15:06.0687 1504 kmixer - ok
17:15:06.0734 1504 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:15:06.0734 1504 KSecDD - ok
17:15:06.0796 1504 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:15:06.0796 1504 lanmanserver - ok
17:15:06.0859 1504 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:15:06.0859 1504 lanmanworkstation - ok
17:15:06.0906 1504 lbrtfdc - ok
17:15:06.0984 1504 [ A249F60C0EBFA1941ED0E486700D3228 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
17:15:06.0984 1504 LexBceS - ok
17:15:07.0062 1504 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:15:07.0062 1504 LmHosts - ok
17:15:07.0203 1504 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
17:15:07.0203 1504 McComponentHostService - ok
17:15:07.0265 1504 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:15:07.0265 1504 Messenger - ok
17:15:07.0328 1504 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:15:07.0328 1504 mnmdd - ok
17:15:07.0359 1504 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:15:07.0359 1504 mnmsrvc - ok
17:15:07.0437 1504 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:15:07.0437 1504 Modem - ok
17:15:07.0468 1504 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:15:07.0468 1504 Mouclass - ok
17:15:07.0484 1504 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:15:07.0500 1504 mouhid - ok
17:15:07.0531 1504 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:15:07.0531 1504 MountMgr - ok
17:15:07.0546 1504 mraid35x - ok
17:15:07.0578 1504 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:15:07.0593 1504 MRxDAV - ok
17:15:07.0640 1504 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:15:07.0656 1504 MRxSmb - ok
17:15:07.0718 1504 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:15:07.0718 1504 MSDTC - ok
17:15:07.0781 1504 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
17:15:07.0781 1504 MSDV - ok
17:15:07.0796 1504 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:15:07.0812 1504 Msfs - ok
17:15:07.0828 1504 MSIServer - ok
17:15:07.0875 1504 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:15:07.0875 1504 MSKSSRV - ok
17:15:07.0906 1504 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:15:07.0906 1504 MSPCLOCK - ok
17:15:07.0953 1504 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:15:07.0953 1504 MSPQM - ok
17:15:08.0031 1504 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:15:08.0031 1504 mssmbios - ok
17:15:08.0093 1504 [ 5C3F9BDF4DB23B75306388FC26A0A8E5 ] MSTAPE C:\WINDOWS\system32\DRIVERS\mstape.sys
17:15:08.0093 1504 MSTAPE - ok
17:15:08.0125 1504 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:15:08.0125 1504 MSTEE - ok
17:15:08.0187 1504 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
17:15:08.0187 1504 ms_mpu401 - ok
17:15:08.0250 1504 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:15:08.0250 1504 Mup - ok
17:15:08.0312 1504 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:15:08.0312 1504 NABTSFEC - ok
17:15:08.0375 1504 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:15:08.0375 1504 napagent - ok
17:15:08.0453 1504 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:15:08.0453 1504 NDIS - ok
17:15:08.0484 1504 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:15:08.0500 1504 NdisIP - ok
17:15:08.0546 1504 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:15:08.0546 1504 NdisTapi - ok
17:15:08.0593 1504 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:15:08.0593 1504 Ndisuio - ok
17:15:08.0625 1504 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:15:08.0625 1504 NdisWan - ok
17:15:08.0687 1504 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:15:08.0687 1504 NDProxy - ok
17:15:08.0734 1504 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:15:08.0734 1504 NetBIOS - ok
17:15:08.0781 1504 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:15:08.0781 1504 NetBT - ok
17:15:08.0875 1504 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
17:15:08.0875 1504 NetDDE - ok
17:15:08.0906 1504 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:15:08.0906 1504 NetDDEdsdm - ok
17:15:08.0953 1504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:15:08.0953 1504 Netlogon - ok
17:15:09.0015 1504 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
17:15:09.0015 1504 Netman - ok
17:15:09.0078 1504 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:15:09.0078 1504 NetTcpPortSharing - ok
17:15:09.0109 1504 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:15:09.0125 1504 NIC1394 - ok
17:15:09.0171 1504 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
17:15:09.0187 1504 Nla - ok
17:15:09.0218 1504 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:15:09.0218 1504 Npfs - ok
17:15:09.0312 1504 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:15:09.0328 1504 Ntfs - ok
17:15:09.0375 1504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:15:09.0375 1504 NtLmSsp - ok
17:15:09.0437 1504 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:15:09.0453 1504 NtmsSvc - ok
17:15:09.0484 1504 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:15:09.0484 1504 Null - ok
17:15:09.0656 1504 [ 29B9163A6D9C486DCAEFED190130ACB0 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:15:09.0781 1504 nv - ok
17:15:09.0843 1504 [ AA78C4677E06CFD4FE048718EE7F6332 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:15:09.0843 1504 NVSvc - ok
17:15:09.0890 1504 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:15:09.0890 1504 NwlnkFlt - ok
17:15:09.0921 1504 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:15:09.0921 1504 NwlnkFwd - ok
17:15:09.0984 1504 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:15:09.0984 1504 ohci1394 - ok
17:15:10.0046 1504 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
17:15:10.0062 1504 OMSI download service - ok
17:15:10.0156 1504 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:15:10.0156 1504 ose - ok
17:15:10.0218 1504 PAC207 - ok
17:15:10.0281 1504 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:15:10.0281 1504 Parport - ok
17:15:10.0312 1504 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:15:10.0328 1504 PartMgr - ok
17:15:10.0406 1504 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:15:10.0406 1504 ParVdm - ok
17:15:10.0453 1504 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:15:10.0453 1504 pccsmcfd - ok
17:15:10.0484 1504 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:15:10.0484 1504 PCI - ok
17:15:10.0531 1504 PCIDump - ok
17:15:10.0562 1504 PCIIde - ok
17:15:10.0625 1504 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:15:10.0625 1504 Pcmcia - ok
17:15:10.0656 1504 PDCOMP - ok
17:15:10.0687 1504 PDFRAME - ok
17:15:10.0718 1504 PDRELI - ok
17:15:10.0750 1504 PDRFRAME - ok
17:15:10.0765 1504 perc2 - ok
17:15:10.0796 1504 perc2hib - ok
17:15:10.0906 1504 [ 6C1618A07B49E3873582B6449E744088 ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
17:15:10.0906 1504 Pfc - ok
17:15:10.0953 1504 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
17:15:10.0953 1504 PlugPlay - ok
17:15:11.0015 1504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:15:11.0015 1504 PolicyAgent - ok
17:15:11.0062 1504 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:15:11.0062 1504 PptpMiniport - ok
17:15:11.0109 1504 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:15:11.0109 1504 Processor - ok
17:15:11.0140 1504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:15:11.0140 1504 ProtectedStorage - ok
17:15:11.0171 1504 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:15:11.0171 1504 PSched - ok
17:15:11.0234 1504 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:15:11.0234 1504 Ptilink - ok
17:15:11.0281 1504 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
17:15:11.0281 1504 PxHelp20 - ok
17:15:11.0312 1504 ql1080 - ok
17:15:11.0343 1504 Ql10wnt - ok
17:15:11.0375 1504 ql12160 - ok
17:15:11.0406 1504 ql1240 - ok
17:15:11.0437 1504 ql1280 - ok
17:15:11.0468 1504 RAIDmSvr - ok
17:15:11.0500 1504 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:15:11.0500 1504 RasAcd - ok
17:15:11.0546 1504 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:15:11.0546 1504 RasAuto - ok
17:15:11.0578 1504 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:15:11.0578 1504 Rasl2tp - ok
17:15:11.0656 1504 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:15:11.0656 1504 RasMan - ok
17:15:11.0687 1504 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:15:11.0687 1504 RasPppoe - ok
17:15:11.0734 1504 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:15:11.0734 1504 Raspti - ok
17:15:11.0781 1504 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:15:11.0781 1504 Rdbss - ok
17:15:11.0828 1504 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:15:11.0828 1504 RDPCDD - ok
17:15:11.0906 1504 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:15:11.0906 1504 rdpdr - ok
17:15:11.0968 1504 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:15:11.0984 1504 RDPWD - ok
17:15:12.0031 1504 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:15:12.0031 1504 RDSessMgr - ok
17:15:12.0078 1504 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:15:12.0078 1504 redbook - ok
17:15:12.0156 1504 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:15:12.0156 1504 RemoteAccess - ok
17:15:12.0203 1504 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:15:12.0218 1504 RemoteRegistry - ok
17:15:12.0265 1504 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:15:12.0265 1504 RFCOMM - ok
17:15:12.0359 1504 [ 4D05898896EC49CF663DDA61041AB096 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:15:12.0359 1504 RichVideo - ok
17:15:12.0406 1504 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
17:15:12.0421 1504 ROOTMODEM - ok
17:15:12.0468 1504 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
17:15:12.0468 1504 RpcLocator - ok
17:15:12.0515 1504 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:15:12.0531 1504 RpcSs - ok
17:15:12.0578 1504 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:15:12.0578 1504 RSVP - ok
17:15:12.0656 1504 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
17:15:12.0656 1504 s0016bus - ok
17:15:12.0718 1504 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
17:15:12.0718 1504 s0016mdfl - ok
17:15:12.0750 1504 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
17:15:12.0750 1504 s0016mdm - ok
17:15:12.0796 1504 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
17:15:12.0796 1504 s0016mgmt - ok
17:15:12.0843 1504 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
17:15:12.0843 1504 s0016nd5 - ok
17:15:12.0890 1504 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
17:15:12.0890 1504 s0016obex - ok
17:15:12.0937 1504 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
17:15:12.0937 1504 s0016unic - ok
17:15:13.0000 1504 [ 815445F4676CC96BC9AEEC303C727E19 ] s116bus C:\WINDOWS\system32\DRIVERS\s116bus.sys
17:15:13.0000 1504 s116bus - ok
17:15:13.0046 1504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
17:15:13.0046 1504 SamSs - ok
17:15:13.0093 1504 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:15:13.0093 1504 SASDIFSV - ok
17:15:13.0156 1504 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
17:15:13.0156 1504 SASENUM - ok
17:15:13.0218 1504 [ 67D2688756DD304AF655349BAAD82BFF ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:15:13.0218 1504 SASKUTIL - ok
17:15:13.0265 1504 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:15:13.0281 1504 SCardSvr - ok
17:15:13.0312 1504 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:15:13.0328 1504 Schedule - ok
17:15:13.0375 1504 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:15:13.0375 1504 Secdrv - ok
17:15:13.0421 1504 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:15:13.0421 1504 seclogon - ok
17:15:13.0468 1504 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys
17:15:13.0468 1504 seehcri - ok
17:15:13.0531 1504 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
17:15:13.0531 1504 SENS - ok
17:15:13.0578 1504 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:15:13.0578 1504 serenum - ok
17:15:13.0625 1504 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:15:13.0625 1504 Serial - ok
17:15:13.0718 1504 [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:15:13.0750 1504 ServiceLayer - ok
17:15:13.0828 1504 setup_9.0.0.722_02.04.2011_18-23drv - ok
17:15:13.0875 1504 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:15:13.0875 1504 Sfloppy - ok
17:15:13.0921 1504 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:15:13.0921 1504 SharedAccess - ok
17:15:13.0968 1504 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:15:13.0968 1504 ShellHWDetection - ok
17:15:14.0000 1504 Simbad - ok
17:15:14.0046 1504 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:15:14.0046 1504 SLIP - ok
17:15:14.0125 1504 [ 1D381A07361E4D6A8BE95026B3EBA47A ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
17:15:14.0156 1504 smwdm - ok
17:15:14.0203 1504 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
17:15:14.0203 1504 SONYPVU1 - ok
17:15:14.0296 1504 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
17:15:14.0296 1504 SoundMAX Agent Service (default) - ok
17:15:14.0328 1504 Sparrow - ok
17:15:14.0375 1504 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:15:14.0375 1504 splitter - ok
17:15:14.0421 1504 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:15:14.0437 1504 Spooler - ok
17:15:14.0531 1504 [ 0D77554B62A9090EB05ECBB96058646E ] sprtsvc_TalkTalk C:\Program Files\TalkTalk\bin\sprtsvc.exe
17:15:14.0531 1504 sprtsvc_TalkTalk - ok
17:15:14.0578 1504 [ 03D7AD16AC204C48640CBE6ED8281A65 ] spupdsvc C:\WINDOWS\system32\spupdsvc.exe
17:15:14.0593 1504 spupdsvc - ok
17:15:14.0640 1504 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:15:14.0640 1504 sr - ok
17:15:14.0703 1504 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
17:15:14.0703 1504 srservice - ok
17:15:14.0781 1504 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:15:14.0812 1504 Srv - ok
17:15:14.0859 1504 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:15:14.0875 1504 SSDPSRV - ok
17:15:14.0937 1504 [ 329EBFCE6BA46C29EA1B8624E7823CAD ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
17:15:14.0937 1504 Start BT in service - ok
17:15:15.0000 1504 [ ED78DFAD8EFCDFBC89500492C4D14645 ] STI Simulator C:\WINDOWS\System32\PAStiSvc.exe
17:15:15.0000 1504 STI Simulator - ok
17:15:15.0078 1504 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:15:15.0078 1504 stisvc - ok
17:15:15.0125 1504 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:15:15.0125 1504 streamip - ok
17:15:15.0203 1504 [ 882FC174AC21C536E41351AFF58A7D7D ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
17:15:15.0234 1504 SupportSoft RemoteAssist - ok
17:15:15.0281 1504 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:15:15.0281 1504 swenum - ok
17:15:15.0328 1504 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:15:15.0328 1504 swmidi - ok
17:15:15.0359 1504 SwPrv - ok
17:15:15.0406 1504 symc810 - ok
17:15:15.0437 1504 symc8xx - ok
17:15:15.0468 1504 sym_hi - ok
17:15:15.0484 1504 sym_u3 - ok
17:15:15.0531 1504 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:15:15.0531 1504 sysaudio - ok
17:15:15.0578 1504 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:15:15.0578 1504 SysmonLog - ok
17:15:15.0656 1504 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:15:15.0671 1504 TapiSrv - ok
17:15:15.0734 1504 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:15:15.0750 1504 Tcpip - ok
17:15:15.0812 1504 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:15:15.0828 1504 TDPIPE - ok
17:15:15.0859 1504 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:15:15.0859 1504 TDTCP - ok
17:15:15.0890 1504 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:15:15.0890 1504 TermDD - ok
17:15:15.0953 1504 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
17:15:15.0968 1504 TermService - ok
17:15:16.0015 1504 [ 0E8BE65DAA22027624A7289090E3841E ] tgsrvc_TalkTalk C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
17:15:16.0015 1504 tgsrvc_TalkTalk - ok
17:15:16.0062 1504 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
17:15:16.0062 1504 Themes - ok
17:15:16.0109 1504 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:15:16.0125 1504 TlntSvr - ok
17:15:16.0156 1504 [ DF8444A8FA8FD38D8848BDD40A8403B3 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
17:15:16.0171 1504 tmcomm - ok
17:15:16.0187 1504 TosIde - ok
17:15:16.0250 1504 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:15:16.0250 1504 TrkWks - ok
17:15:16.0296 1504 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:15:16.0296 1504 Udfs - ok
17:15:16.0359 1504 [ 2C2777217A706F62A9D225256CEAF30A ] UlSata C:\WINDOWS\system32\DRIVERS\ulsata.sys
17:15:16.0359 1504 UlSata - ok
17:15:16.0390 1504 ultra - ok
17:15:16.0437 1504 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:15:16.0468 1504 Update - ok
17:15:16.0562 1504 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:15:16.0562 1504 upnphost - ok
17:15:16.0609 1504 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
17:15:16.0609 1504 UPS - ok
17:15:16.0656 1504 usbaucmd - ok
17:15:16.0703 1504 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:15:16.0703 1504 usbaudio - ok
17:15:16.0750 1504 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:15:16.0750 1504 usbccgp - ok
17:15:16.0796 1504 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:15:16.0796 1504 usbehci - ok
17:15:16.0843 1504 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:15:16.0843 1504 usbhub - ok
17:15:16.0890 1504 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:15:16.0890 1504 usbohci - ok
17:15:16.0921 1504 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:15:16.0921 1504 usbprint - ok
17:15:16.0968 1504 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:15:16.0968 1504 usbscan - ok
17:15:17.0015 1504 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:15:17.0015 1504 usbstor - ok
17:15:17.0062 1504 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:15:17.0062 1504 usbuhci - ok
17:15:17.0109 1504 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
17:15:17.0125 1504 usbvideo - ok
17:15:17.0156 1504 [ 51750B0539986186C6931FC40D171521 ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
17:15:17.0156 1504 VComm - ok
17:15:17.0203 1504 [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
17:15:17.0203 1504 VcommMgr - ok
17:15:17.0250 1504 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:15:17.0250 1504 VgaSave - ok
17:15:17.0281 1504 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
17:15:17.0281 1504 viaagp1 - ok
17:15:17.0312 1504 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
17:15:17.0312 1504 ViaIde - ok
17:15:17.0359 1504 [ 44056E9FEE477F512EE58BCFEE949621 ] viamraid C:\WINDOWS\system32\DRIVERS\viamraid.sys
17:15:17.0359 1504 viamraid - ok
17:15:17.0468 1504 [ 268D33A3CB7C6F255615DE0324595FFB ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:15:17.0500 1504 VolSnap - ok
17:15:17.0562 1504 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
17:15:17.0578 1504 VSS - ok
17:15:17.0640 1504 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
17:15:17.0640 1504 W32Time - ok
17:15:17.0703 1504 [ 5394A1B7E29BE25401F79F5C7EDA3FD9 ] W35UND C:\WINDOWS\system32\DRIVERS\W35UND.SYS
17:15:17.0703 1504 W35UND - ok
17:15:17.0734 1504 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:15:17.0750 1504 Wanarp - ok
17:15:17.0781 1504 [ 3743DAA5E5D590AEFF3ED2596AEDB72E ] WBHWDOCT C:\WINDOWS\system32\drivers\WBHWDOCT.sys
17:15:17.0781 1504 WBHWDOCT - ok
17:15:17.0812 1504 [ 4A954A20A4C73D6DB13C0FE25F3F1B0C ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
17:15:17.0828 1504 wceusbsh - ok
17:15:17.0843 1504 WDICA - ok
17:15:17.0890 1504 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:15:17.0890 1504 wdmaud - ok
17:15:17.0953 1504 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:15:17.0968 1504 WebClient - ok
17:15:18.0046 1504 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:15:18.0062 1504 winmgmt - ok
17:15:18.0187 1504 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:15:18.0187 1504 WmdmPmSN - ok
17:15:18.0281 1504 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:15:18.0312 1504 Wmi - ok
17:15:18.0375 1504 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:15:18.0375 1504 WmiApSrv - ok
17:15:18.0484 1504 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:15:18.0531 1504 WMPNetworkSvc - ok
17:15:18.0562 1504 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
17:15:18.0562 1504 WpdUsb - ok
17:15:18.0625 1504 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:15:18.0640 1504 wscsvc - ok
17:15:18.0687 1504 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:15:18.0687 1504 WSTCODEC - ok
17:15:18.0718 1504 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:15:18.0718 1504 wuauserv - ok
17:15:18.0781 1504 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:15:18.0781 1504 WudfPf - ok
17:15:18.0828 1504 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:15:18.0828 1504 WudfRd - ok
17:15:18.0906 1504 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:15:18.0906 1504 WudfSvc - ok
17:15:18.0968 1504 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:15:19.0000 1504 WZCSVC - ok
17:15:19.0031 1504 xcpip - ok
17:15:19.0078 1504 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:15:19.0078 1504 xmlprov - ok
17:15:19.0109 1504 xpsec - ok
17:15:19.0156 1504 [ A8D429E2268792638CFFC57552C5E736 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
17:15:19.0171 1504 yukonwxp - ok
17:15:19.0187 1504 yuwdihvq - ok
17:15:19.0218 1504 zcb21i.sys - ok
17:15:19.0328 1504 ================ Scan global ===============================
17:15:19.0406 1504 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:15:19.0468 1504 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:15:19.0500 1504 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:15:19.0515 1504 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
17:15:19.0531 1504 [Global] - ok
17:15:19.0531 1504 ================ Scan MBR ==================================
17:15:19.0562 1504 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:15:19.0750 1504 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:15:19.0750 1504 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:15:19.0765 1504 ================ Scan VBR ==================================
17:15:19.0781 1504 [ 0023A45C8F9D95FBC4005A1E3FA7C727 ] \Device\Harddisk0\DR0\Partition1
17:15:19.0781 1504 \Device\Harddisk0\DR0\Partition1 - ok
17:15:19.0796 1504 ============================================================
17:15:19.0796 1504 Scan finished
17:15:19.0796 1504 ============================================================
17:15:19.0828 1508 Detected object count: 1
17:15:19.0828 1508 Actual detected object count: 1
17:16:20.0640 1508 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:16:20.0640 1508 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
17:16:20.0640 1508 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
17:16:20.0640 1508 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
17:16:20.0640 1508 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
17:16:20.0703 1508 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
17:16:20.0703 1508 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
17:16:20.0750 1508 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
17:16:20.0765 1508 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:16:20.0781 1508 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:16:20.0828 1508 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:16:20.0843 1508 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:16:20.0843 1508 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
17:16:20.0843 1508 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
17:16:20.0875 1508 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
17:16:20.0906 1508 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
17:16:20.0937 1508 \Device\Harddisk0\DR0\TDLFS\serf232 - copied to quarantine
17:16:20.0953 1508 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
17:16:20.0984 1508 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
17:16:20.0984 1508 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#6 CarolineL

CarolineL
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 01 October 2012 - 11:41 AM

aswMBR :


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-01 17:17:57
-----------------------------
17:17:57.859 OS Version: Windows 5.1.2600 Service Pack 3
17:17:57.859 Number of processors: 1 586 0x40A
17:17:57.859 ComputerName: PATCHWORK1 UserName: Admin
17:17:58.312 Initialize success
17:26:09.531 AVAST engine defs: 12100100
17:26:16.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:26:16.140 Disk 0 Vendor: Maxtor_6Y060L0 YAR41VW0 Size: 58644MB BusType: 3
17:26:16.171 Disk 0 MBR read successfully
17:26:16.187 Disk 0 MBR scan
17:26:16.234 Disk 0 Windows XP default MBR code
17:26:16.250 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 58635 MB offset 63
17:26:16.265 Disk 0 scanning sectors +120085875
17:26:16.296 Disk 0 malicious Win32:MBRoot code @ sector 120085878 !
17:26:16.375 Disk 0 scanning C:\WINDOWS\system32\drivers
17:26:32.968 Service scanning
17:26:44.203 Service Fayn80r2uup C:\WINDOWS\C:\WINDOWS\system32\drivers\mouhid.sys **LOCKED** 123
17:27:01.765 Modules scanning
17:27:16.468 Disk 0 trace - called modules:
17:27:19.062 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
17:27:19.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9992c0]
17:27:19.328 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8a9c6968]
17:27:19.468 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a9c6d98]
17:27:19.859 AVAST engine scan C:\WINDOWS
17:27:26.203 AVAST engine scan C:\WINDOWS\system32
17:30:28.171 AVAST engine scan C:\WINDOWS\system32\drivers
17:30:51.859 AVAST engine scan C:\Documents and Settings\Admin
17:33:40.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:33:40.437 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-01 17:17:57
-----------------------------
17:17:57.859 OS Version: Windows 5.1.2600 Service Pack 3
17:17:57.859 Number of processors: 1 586 0x40A
17:17:57.859 ComputerName: PATCHWORK1 UserName: Admin
17:17:58.312 Initialize success
17:26:09.531 AVAST engine defs: 12100100
17:26:16.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:26:16.140 Disk 0 Vendor: Maxtor_6Y060L0 YAR41VW0 Size: 58644MB BusType: 3
17:26:16.171 Disk 0 MBR read successfully
17:26:16.187 Disk 0 MBR scan
17:26:16.234 Disk 0 Windows XP default MBR code
17:26:16.250 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 58635 MB offset 63
17:26:16.265 Disk 0 scanning sectors +120085875
17:26:16.296 Disk 0 malicious Win32:MBRoot code @ sector 120085878 !
17:26:16.375 Disk 0 scanning C:\WINDOWS\system32\drivers
17:26:32.968 Service scanning
17:26:44.203 Service Fayn80r2uup C:\WINDOWS\C:\WINDOWS\system32\drivers\mouhid.sys **LOCKED** 123
17:27:01.765 Modules scanning
17:27:16.468 Disk 0 trace - called modules:
17:27:19.062 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
17:27:19.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9992c0]
17:27:19.328 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8a9c6968]
17:27:19.468 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a9c6d98]
17:27:19.859 AVAST engine scan C:\WINDOWS
17:27:26.203 AVAST engine scan C:\WINDOWS\system32
17:30:28.171 AVAST engine scan C:\WINDOWS\system32\drivers
17:30:51.859 AVAST engine scan C:\Documents and Settings\Admin
17:33:40.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:33:40.437 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:37:45.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:37:45.296 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-01 17:17:57
-----------------------------
17:17:57.859 OS Version: Windows 5.1.2600 Service Pack 3
17:17:57.859 Number of processors: 1 586 0x40A
17:17:57.859 ComputerName: PATCHWORK1 UserName: Admin
17:17:58.312 Initialize success
17:26:09.531 AVAST engine defs: 12100100
17:26:16.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:26:16.140 Disk 0 Vendor: Maxtor_6Y060L0 YAR41VW0 Size: 58644MB BusType: 3
17:26:16.171 Disk 0 MBR read successfully
17:26:16.187 Disk 0 MBR scan
17:26:16.234 Disk 0 Windows XP default MBR code
17:26:16.250 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 58635 MB offset 63
17:26:16.265 Disk 0 scanning sectors +120085875
17:26:16.296 Disk 0 malicious Win32:MBRoot code @ sector 120085878 !
17:26:16.375 Disk 0 scanning C:\WINDOWS\system32\drivers
17:26:32.968 Service scanning
17:26:44.203 Service Fayn80r2uup C:\WINDOWS\C:\WINDOWS\system32\drivers\mouhid.sys **LOCKED** 123
17:27:01.765 Modules scanning
17:27:16.468 Disk 0 trace - called modules:
17:27:19.062 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
17:27:19.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9992c0]
17:27:19.328 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8a9c6968]
17:27:19.468 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a9c6d98]
17:27:19.859 AVAST engine scan C:\WINDOWS
17:27:26.203 AVAST engine scan C:\WINDOWS\system32
17:30:28.171 AVAST engine scan C:\WINDOWS\system32\drivers
17:30:51.859 AVAST engine scan C:\Documents and Settings\Admin
17:33:40.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:33:40.437 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:37:45.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:37:45.296 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:38:21.031 AVAST engine scan C:\Documents and Settings\All Users
17:38:24.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:38:24.609 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-01 17:17:57
-----------------------------
17:17:57.859 OS Version: Windows 5.1.2600 Service Pack 3
17:17:57.859 Number of processors: 1 586 0x40A
17:17:57.859 ComputerName: PATCHWORK1 UserName: Admin
17:17:58.312 Initialize success
17:26:09.531 AVAST engine defs: 12100100
17:26:16.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:26:16.140 Disk 0 Vendor: Maxtor_6Y060L0 YAR41VW0 Size: 58644MB BusType: 3
17:26:16.171 Disk 0 MBR read successfully
17:26:16.187 Disk 0 MBR scan
17:26:16.234 Disk 0 Windows XP default MBR code
17:26:16.250 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 58635 MB offset 63
17:26:16.265 Disk 0 scanning sectors +120085875
17:26:16.296 Disk 0 malicious Win32:MBRoot code @ sector 120085878 !
17:26:16.375 Disk 0 scanning C:\WINDOWS\system32\drivers
17:26:32.968 Service scanning
17:26:44.203 Service Fayn80r2uup C:\WINDOWS\C:\WINDOWS\system32\drivers\mouhid.sys **LOCKED** 123
17:27:01.765 Modules scanning
17:27:16.468 Disk 0 trace - called modules:
17:27:19.062 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
17:27:19.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9992c0]
17:27:19.328 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8a9c6968]
17:27:19.468 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a9c6d98]
17:27:19.859 AVAST engine scan C:\WINDOWS
17:27:26.203 AVAST engine scan C:\WINDOWS\system32
17:30:28.171 AVAST engine scan C:\WINDOWS\system32\drivers
17:30:51.859 AVAST engine scan C:\Documents and Settings\Admin
17:33:40.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:33:40.437 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:37:45.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:37:45.296 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:38:21.031 AVAST engine scan C:\Documents and Settings\All Users
17:38:24.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:38:24.609 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
17:38:46.828 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
17:38:46.843 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"

Now I am in the realm of the complete unknown :) ESET to follow. Caroline.

#7 CarolineL

CarolineL
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 01 October 2012 - 01:32 PM

.

Edited by CarolineL, 01 October 2012 - 01:33 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users