Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help with the Google Redirect Virus


  • Please log in to reply
8 replies to this topic

#1 brucewig

brucewig

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 04 October 2012 - 10:41 PM

Hi,

My computer seems to be stuck with what I've seen described as a Google Redirect Virus. The Virus is what it says: when I click on a link given to me by the Google search engine, I am instead directed to a page that looks like a different search engine's results.

So far I have observed no other strange behavior on my computer such as fake virus alerts, extra windows opening with advertisements, or anything else that has been associated with this virus from what I understand.

What should I do? Thanks in advance for your help!

Bruce

Edited by brucewig, 04 October 2012 - 10:42 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:52 PM

Posted 05 October 2012 - 05:00 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 brucewig

brucewig
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 October 2012 - 04:19 PM

Thanks for your quick response! Here are the Log Files:

-------------------

TDSKiller

-------------------

15:49:56.0319 7328 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:49:56.0553 7328 ============================================================
15:49:56.0553 7328 Current date / time: 2012/10/05 15:49:56.0553
15:49:56.0553 7328 SystemInfo:
15:49:56.0553 7328
15:49:56.0553 7328 OS Version: 6.1.7600 ServicePack: 0.0
15:49:56.0553 7328 Product type: Workstation
15:49:56.0553 7328 ComputerName: BRUCE-PC
15:49:56.0553 7328 UserName: Bruce
15:49:56.0553 7328 Windows directory: C:\Windows
15:49:56.0553 7328 System windows directory: C:\Windows
15:49:56.0553 7328 Processor architecture: Intel x86
15:49:56.0553 7328 Number of processors: 2
15:49:56.0553 7328 Page size: 0x1000
15:49:56.0553 7328 Boot type: Normal boot
15:49:56.0553 7328 ============================================================
15:49:57.0739 7328 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:49:57.0739 7328 Drive \Device\Harddisk1\DR1 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:49:57.0770 7328 ============================================================
15:49:57.0770 7328 \Device\Harddisk0\DR0:
15:49:57.0770 7328 MBR partitions:
15:49:57.0770 7328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
15:49:57.0770 7328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
15:49:57.0770 7328 \Device\Harddisk1\DR1:
15:49:57.0770 7328 MBR partitions:
15:49:57.0770 7328 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x17BD5299
15:49:57.0770 7328 ============================================================
15:49:57.0786 7328 C: <-> \Device\Harddisk0\DR0\Partition2
15:49:57.0786 7328 E: <-> \Device\Harddisk1\DR1\Partition1
15:49:57.0786 7328 ============================================================
15:49:57.0786 7328 Initialize success
15:49:57.0786 7328 ============================================================
15:51:37.0345 2612 ============================================================
15:51:37.0345 2612 Scan started
15:51:37.0345 2612 Mode: Manual; TDLFS;
15:51:37.0345 2612 ============================================================
15:51:38.0609 2612 ================ Scan system memory ========================
15:51:38.0609 2612 System memory - ok
15:51:38.0609 2612 ================ Scan services =============================
15:51:38.0718 2612 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:51:38.0718 2612 1394ohci - ok
15:51:38.0733 2612 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:51:38.0749 2612 ACPI - ok
15:51:38.0765 2612 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:51:38.0765 2612 AcpiPmi - ok
15:51:38.0827 2612 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:51:38.0827 2612 AdobeARMservice - ok
15:51:38.0858 2612 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:51:38.0858 2612 adp94xx - ok
15:51:38.0874 2612 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:51:38.0889 2612 adpahci - ok
15:51:38.0905 2612 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:51:38.0905 2612 adpu320 - ok
15:51:38.0921 2612 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:51:38.0921 2612 AeLookupSvc - ok
15:51:38.0952 2612 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
15:51:38.0967 2612 AFD - ok
15:51:38.0967 2612 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:51:38.0967 2612 agp440 - ok
15:51:38.0999 2612 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:51:38.0999 2612 aic78xx - ok
15:51:39.0030 2612 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:51:39.0030 2612 ALG - ok
15:51:39.0030 2612 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:51:39.0030 2612 aliide - ok
15:51:39.0045 2612 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
15:51:39.0045 2612 amdagp - ok
15:51:39.0061 2612 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:51:39.0061 2612 amdide - ok
15:51:39.0077 2612 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:51:39.0077 2612 AmdK8 - ok
15:51:39.0077 2612 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:51:39.0077 2612 AmdPPM - ok
15:51:39.0077 2612 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:51:39.0077 2612 amdsata - ok
15:51:39.0092 2612 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:51:39.0092 2612 amdsbs - ok
15:51:39.0108 2612 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:51:39.0108 2612 amdxata - ok
15:51:39.0123 2612 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
15:51:39.0123 2612 AppID - ok
15:51:39.0139 2612 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:51:39.0139 2612 AppIDSvc - ok
15:51:39.0139 2612 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
15:51:39.0139 2612 Appinfo - ok
15:51:39.0170 2612 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:51:39.0170 2612 AppMgmt - ok
15:51:39.0186 2612 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:51:39.0186 2612 arc - ok
15:51:39.0201 2612 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:51:39.0201 2612 arcsas - ok
15:51:39.0217 2612 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:39.0217 2612 AsyncMac - ok
15:51:39.0233 2612 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:51:39.0233 2612 atapi - ok
15:51:39.0264 2612 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:51:39.0264 2612 AudioEndpointBuilder - ok
15:51:39.0279 2612 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:51:39.0279 2612 Audiosrv - ok
15:51:39.0311 2612 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:51:39.0311 2612 AxInstSV - ok
15:51:39.0342 2612 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:51:39.0342 2612 b06bdrv - ok
15:51:39.0357 2612 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:51:39.0357 2612 b57nd60x - ok
15:51:39.0389 2612 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:51:39.0389 2612 BDESVC - ok
15:51:39.0389 2612 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:51:39.0404 2612 Beep - ok
15:51:39.0435 2612 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
15:51:39.0435 2612 BFE - ok
15:51:39.0467 2612 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
15:51:39.0482 2612 BITS - ok
15:51:39.0498 2612 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:51:39.0498 2612 blbdrive - ok
15:51:39.0513 2612 [ D2F8D15F4852920E1F6B769E982414AD ] Blfp C:\Windows\system32\DRIVERS\basp.sys
15:51:39.0529 2612 Blfp - ok
15:51:39.0545 2612 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:51:39.0545 2612 bowser - ok
15:51:39.0560 2612 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:51:39.0560 2612 BrFiltLo - ok
15:51:39.0576 2612 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:51:39.0576 2612 BrFiltUp - ok
15:51:39.0607 2612 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
15:51:39.0607 2612 Browser - ok
15:51:39.0638 2612 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:51:39.0638 2612 Brserid - ok
15:51:39.0638 2612 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:39.0654 2612 BrSerWdm - ok
15:51:39.0654 2612 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:39.0654 2612 BrUsbMdm - ok
15:51:39.0654 2612 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:39.0654 2612 BrUsbSer - ok
15:51:39.0669 2612 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:51:39.0669 2612 BTHMODEM - ok
15:51:39.0685 2612 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:51:39.0685 2612 bthserv - ok
15:51:39.0701 2612 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:51:39.0701 2612 cdfs - ok
15:51:39.0732 2612 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:51:39.0732 2612 cdrom - ok
15:51:39.0747 2612 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
15:51:39.0747 2612 CertPropSvc - ok
15:51:39.0763 2612 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:51:39.0763 2612 circlass - ok
15:51:39.0779 2612 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:51:39.0779 2612 CLFS - ok
15:51:39.0841 2612 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:39.0841 2612 clr_optimization_v2.0.50727_32 - ok
15:51:39.0841 2612 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:51:39.0841 2612 CmBatt - ok
15:51:39.0857 2612 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:51:39.0857 2612 cmdide - ok
15:51:39.0888 2612 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
15:51:39.0888 2612 CNG - ok
15:51:39.0888 2612 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:51:39.0888 2612 Compbatt - ok
15:51:39.0903 2612 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:51:39.0903 2612 CompositeBus - ok
15:51:39.0919 2612 COMSysApp - ok
15:51:39.0935 2612 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:51:39.0935 2612 crcdisk - ok
15:51:39.0950 2612 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:51:39.0950 2612 CryptSvc - ok
15:51:39.0981 2612 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
15:51:39.0981 2612 CSC - ok
15:51:39.0997 2612 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
15:51:40.0013 2612 CscService - ok
15:51:40.0028 2612 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
15:51:40.0028 2612 DcomLaunch - ok
15:51:40.0044 2612 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:51:40.0044 2612 defragsvc - ok
15:51:40.0075 2612 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:51:40.0075 2612 DfsC - ok
15:51:40.0091 2612 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:51:40.0091 2612 Dhcp - ok
15:51:40.0106 2612 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:51:40.0106 2612 discache - ok
15:51:40.0122 2612 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:51:40.0122 2612 Disk - ok
15:51:40.0153 2612 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:51:40.0153 2612 Dnscache - ok
15:51:40.0184 2612 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
15:51:40.0184 2612 dot3svc - ok
15:51:40.0184 2612 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
15:51:40.0184 2612 DPS - ok
15:51:40.0215 2612 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:51:40.0215 2612 drmkaud - ok
15:51:40.0247 2612 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:51:40.0262 2612 DXGKrnl - ok
15:51:40.0293 2612 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:51:40.0293 2612 EapHost - ok
15:51:40.0356 2612 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:51:40.0403 2612 ebdrv - ok
15:51:40.0418 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
15:51:40.0418 2612 EFS - ok
15:51:40.0465 2612 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:51:40.0465 2612 ehRecvr - ok
15:51:40.0481 2612 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:51:40.0481 2612 ehSched - ok
15:51:40.0496 2612 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:51:40.0512 2612 elxstor - ok
15:51:40.0512 2612 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:51:40.0512 2612 ErrDev - ok
15:51:40.0543 2612 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:51:40.0543 2612 EventSystem - ok
15:51:40.0559 2612 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:51:40.0559 2612 exfat - ok
15:51:40.0574 2612 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:51:40.0574 2612 fastfat - ok
15:51:40.0605 2612 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
15:51:40.0621 2612 Fax - ok
15:51:40.0652 2612 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:51:40.0652 2612 fdc - ok
15:51:40.0668 2612 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:51:40.0668 2612 fdPHost - ok
15:51:40.0668 2612 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:51:40.0683 2612 FDResPub - ok
15:51:40.0683 2612 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:51:40.0683 2612 FileInfo - ok
15:51:40.0699 2612 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:51:40.0699 2612 Filetrace - ok
15:51:40.0730 2612 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:51:40.0730 2612 flpydisk - ok
15:51:40.0746 2612 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:51:40.0746 2612 FltMgr - ok
15:51:40.0777 2612 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
15:51:40.0793 2612 FontCache - ok
15:51:40.0855 2612 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:51:40.0886 2612 FontCache3.0.0.0 - ok
15:51:40.0902 2612 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:51:40.0902 2612 FsDepends - ok
15:51:40.0949 2612 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:51:40.0964 2612 Fs_Rec - ok
15:51:41.0011 2612 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:51:41.0027 2612 fvevol - ok
15:51:41.0058 2612 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:51:41.0058 2612 gagp30kx - ok
15:51:41.0073 2612 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
15:51:41.0089 2612 gpsvc - ok
15:51:41.0105 2612 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:51:41.0105 2612 hcw85cir - ok
15:51:41.0120 2612 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:51:41.0120 2612 HDAudBus - ok
15:51:41.0120 2612 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:51:41.0120 2612 HidBatt - ok
15:51:41.0136 2612 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:51:41.0136 2612 HidBth - ok
15:51:41.0151 2612 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:51:41.0151 2612 HidIr - ok
15:51:41.0167 2612 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:51:41.0167 2612 hidserv - ok
15:51:41.0183 2612 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:51:41.0183 2612 HidUsb - ok
15:51:41.0198 2612 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:51:41.0198 2612 hkmsvc - ok
15:51:41.0214 2612 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:41.0214 2612 HomeGroupListener - ok
15:51:41.0245 2612 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:41.0245 2612 HomeGroupProvider - ok
15:51:41.0261 2612 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:51:41.0261 2612 HpSAMD - ok
15:51:41.0292 2612 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:51:41.0292 2612 HTTP - ok
15:51:41.0307 2612 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:51:41.0307 2612 hwpolicy - ok
15:51:41.0323 2612 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:51:41.0323 2612 i8042prt - ok
15:51:41.0323 2612 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:51:41.0339 2612 iaStorV - ok
15:51:41.0370 2612 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:51:41.0385 2612 idsvc - ok
15:51:41.0417 2612 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:51:41.0417 2612 iirsp - ok
15:51:41.0448 2612 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
15:51:41.0463 2612 IKEEXT - ok
15:51:41.0526 2612 [ 53613A3F3EF4E33A640CB3B1CD9BA38B ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
15:51:41.0573 2612 IntcAzAudAddService - ok
15:51:41.0588 2612 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:51:41.0588 2612 intelide - ok
15:51:41.0604 2612 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:51:41.0604 2612 intelppm - ok
15:51:41.0619 2612 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:51:41.0619 2612 IPBusEnum - ok
15:51:41.0635 2612 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:41.0635 2612 IpFilterDriver - ok
15:51:41.0682 2612 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:51:41.0682 2612 iphlpsvc - ok
15:51:41.0697 2612 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:51:41.0697 2612 IPMIDRV - ok
15:51:41.0713 2612 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:51:41.0713 2612 IPNAT - ok
15:51:41.0729 2612 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:51:41.0729 2612 IRENUM - ok
15:51:41.0744 2612 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:51:41.0744 2612 isapnp - ok
15:51:41.0775 2612 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:51:41.0775 2612 iScsiPrt - ok
15:51:41.0807 2612 [ 62632763D9B2B7F92D2968D40406E7AA ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
15:51:41.0807 2612 k57nd60x - ok
15:51:41.0822 2612 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:51:41.0822 2612 kbdclass - ok
15:51:41.0838 2612 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:51:41.0838 2612 kbdhid - ok
15:51:41.0853 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
15:51:41.0853 2612 KeyIso - ok
15:51:41.0885 2612 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:51:41.0885 2612 KSecDD - ok
15:51:41.0885 2612 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:51:41.0885 2612 KSecPkg - ok
15:51:41.0916 2612 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:51:41.0916 2612 KtmRm - ok
15:51:41.0931 2612 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
15:51:41.0947 2612 LanmanServer - ok
15:51:41.0963 2612 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:41.0963 2612 LanmanWorkstation - ok
15:51:41.0978 2612 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:51:41.0978 2612 lltdio - ok
15:51:42.0009 2612 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:51:42.0009 2612 lltdsvc - ok
15:51:42.0025 2612 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:51:42.0025 2612 lmhosts - ok
15:51:42.0041 2612 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:51:42.0041 2612 LSI_FC - ok
15:51:42.0041 2612 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:51:42.0056 2612 LSI_SAS - ok
15:51:42.0056 2612 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:51:42.0056 2612 LSI_SAS2 - ok
15:51:42.0072 2612 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:51:42.0072 2612 LSI_SCSI - ok
15:51:42.0087 2612 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:51:42.0087 2612 luafv - ok
15:51:42.0103 2612 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:51:42.0103 2612 Mcx2Svc - ok
15:51:42.0134 2612 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:51:42.0134 2612 megasas - ok
15:51:42.0150 2612 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:51:42.0150 2612 MegaSR - ok
15:51:42.0165 2612 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:51:42.0165 2612 MMCSS - ok
15:51:42.0181 2612 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:51:42.0181 2612 Modem - ok
15:51:42.0181 2612 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:51:42.0181 2612 monitor - ok
15:51:42.0197 2612 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:51:42.0197 2612 mouclass - ok
15:51:42.0212 2612 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:51:42.0212 2612 mouhid - ok
15:51:42.0228 2612 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:51:42.0228 2612 mountmgr - ok
15:51:42.0228 2612 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:51:42.0228 2612 mpio - ok
15:51:42.0228 2612 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:51:42.0228 2612 mpsdrv - ok
15:51:42.0259 2612 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
15:51:42.0275 2612 MpsSvc - ok
15:51:42.0290 2612 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:51:42.0290 2612 MRxDAV - ok
15:51:42.0321 2612 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:42.0321 2612 mrxsmb - ok
15:51:42.0353 2612 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:42.0353 2612 mrxsmb10 - ok
15:51:42.0368 2612 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:42.0368 2612 mrxsmb20 - ok
15:51:42.0384 2612 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:51:42.0384 2612 msahci - ok
15:51:42.0399 2612 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:51:42.0399 2612 msdsm - ok
15:51:42.0415 2612 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:51:42.0415 2612 MSDTC - ok
15:51:42.0415 2612 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:51:42.0431 2612 Msfs - ok
15:51:42.0431 2612 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:51:42.0431 2612 mshidkmdf - ok
15:51:42.0446 2612 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:51:42.0446 2612 msisadrv - ok
15:51:42.0477 2612 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:51:42.0477 2612 MSiSCSI - ok
15:51:42.0477 2612 msiserver - ok
15:51:42.0509 2612 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:51:42.0509 2612 MSKSSRV - ok
15:51:42.0524 2612 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:42.0524 2612 MSPCLOCK - ok
15:51:42.0540 2612 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:51:42.0540 2612 MSPQM - ok
15:51:42.0555 2612 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:51:42.0555 2612 MsRPC - ok
15:51:42.0571 2612 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:51:42.0571 2612 mssmbios - ok
15:51:42.0571 2612 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:51:42.0571 2612 MSTEE - ok
15:51:42.0571 2612 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:51:42.0571 2612 MTConfig - ok
15:51:42.0587 2612 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:51:42.0587 2612 Mup - ok
15:51:42.0618 2612 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
15:51:42.0618 2612 napagent - ok
15:51:42.0665 2612 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:51:42.0665 2612 NativeWifiP - ok
15:51:42.0696 2612 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:51:42.0711 2612 NDIS - ok
15:51:42.0743 2612 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:42.0743 2612 NdisCap - ok
15:51:42.0758 2612 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:42.0758 2612 NdisTapi - ok
15:51:42.0774 2612 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:42.0774 2612 Ndisuio - ok
15:51:42.0789 2612 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:42.0789 2612 NdisWan - ok
15:51:42.0805 2612 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:51:42.0805 2612 NDProxy - ok
15:51:42.0821 2612 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:51:42.0821 2612 NetBIOS - ok
15:51:42.0836 2612 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:51:42.0836 2612 NetBT - ok
15:51:42.0852 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
15:51:42.0852 2612 Netlogon - ok
15:51:42.0899 2612 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:51:42.0899 2612 Netman - ok
15:51:42.0914 2612 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:51:42.0914 2612 netprofm - ok
15:51:42.0930 2612 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:51:42.0930 2612 NetTcpPortSharing - ok
15:51:42.0945 2612 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:51:42.0945 2612 nfrd960 - ok
15:51:42.0961 2612 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
15:51:42.0977 2612 NlaSvc - ok
15:51:42.0992 2612 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:51:42.0992 2612 Npfs - ok
15:51:43.0008 2612 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:51:43.0008 2612 nsi - ok
15:51:43.0023 2612 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:51:43.0023 2612 nsiproxy - ok
15:51:43.0055 2612 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:51:43.0070 2612 Ntfs - ok
15:51:43.0086 2612 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:51:43.0086 2612 Null - ok
15:51:43.0242 2612 [ D9099ED7CF688B131C5B0FCDAE1A48FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:51:43.0382 2612 nvlddmkm - ok
15:51:43.0413 2612 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:51:43.0413 2612 nvraid - ok
15:51:43.0413 2612 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:51:43.0413 2612 nvstor - ok
15:51:43.0429 2612 [ ABC3DBF9C508F48109782499C3D9DAB5 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:51:43.0429 2612 nvsvc - ok
15:51:43.0460 2612 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:51:43.0460 2612 nv_agp - ok
15:51:43.0507 2612 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:51:43.0507 2612 odserv - ok
15:51:43.0523 2612 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:51:43.0523 2612 ohci1394 - ok
15:51:43.0569 2612 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:43.0569 2612 ose - ok
15:51:43.0601 2612 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:51:43.0601 2612 p2pimsvc - ok
15:51:43.0632 2612 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:51:43.0632 2612 p2psvc - ok
15:51:43.0647 2612 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:51:43.0647 2612 Parport - ok
15:51:43.0679 2612 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:51:43.0679 2612 partmgr - ok
15:51:43.0679 2612 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:51:43.0679 2612 Parvdm - ok
15:51:43.0725 2612 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
15:51:43.0725 2612 PBADRV - ok
15:51:43.0725 2612 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:51:43.0725 2612 PcaSvc - ok
15:51:43.0741 2612 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
15:51:43.0741 2612 pci - ok
15:51:43.0757 2612 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:51:43.0757 2612 pciide - ok
15:51:43.0772 2612 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:51:43.0772 2612 pcmcia - ok
15:51:43.0772 2612 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:51:43.0772 2612 pcw - ok
15:51:43.0803 2612 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:51:43.0819 2612 PEAUTH - ok
15:51:43.0866 2612 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:51:43.0881 2612 PeerDistSvc - ok
15:51:43.0913 2612 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
15:51:43.0944 2612 pla - ok
15:51:43.0975 2612 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:51:43.0975 2612 PlugPlay - ok
15:51:43.0991 2612 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:51:43.0991 2612 PNRPAutoReg - ok
15:51:44.0006 2612 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:51:44.0006 2612 PNRPsvc - ok
15:51:44.0037 2612 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:51:44.0037 2612 PolicyAgent - ok
15:51:44.0069 2612 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
15:51:44.0069 2612 Power - ok
15:51:44.0084 2612 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:51:44.0084 2612 PptpMiniport - ok
15:51:44.0100 2612 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:51:44.0100 2612 Processor - ok
15:51:44.0131 2612 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
15:51:44.0131 2612 ProfSvc - ok
15:51:44.0147 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:44.0147 2612 ProtectedStorage - ok
15:51:44.0162 2612 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:51:44.0162 2612 Psched - ok
15:51:44.0193 2612 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:51:44.0193 2612 PxHelp20 - ok
15:51:44.0240 2612 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:51:44.0256 2612 ql2300 - ok
15:51:44.0271 2612 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:51:44.0271 2612 ql40xx - ok
15:51:44.0287 2612 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:51:44.0287 2612 QWAVE - ok
15:51:44.0303 2612 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:51:44.0303 2612 QWAVEdrv - ok
15:51:44.0318 2612 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:51:44.0318 2612 RasAcd - ok
15:51:44.0334 2612 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:44.0349 2612 RasAgileVpn - ok
15:51:44.0349 2612 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:51:44.0349 2612 RasAuto - ok
15:51:44.0365 2612 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:44.0365 2612 Rasl2tp - ok
15:51:44.0396 2612 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
15:51:44.0396 2612 RasMan - ok
15:51:44.0412 2612 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:44.0412 2612 RasPppoe - ok
15:51:44.0427 2612 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:51:44.0427 2612 RasSstp - ok
15:51:44.0443 2612 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:51:44.0443 2612 rdbss - ok
15:51:44.0459 2612 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:51:44.0459 2612 rdpbus - ok
15:51:44.0459 2612 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:44.0459 2612 RDPCDD - ok
15:51:44.0474 2612 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:51:44.0490 2612 RDPDR - ok
15:51:44.0490 2612 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:51:44.0505 2612 RDPENCDD - ok
15:51:44.0505 2612 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:51:44.0505 2612 RDPREFMP - ok
15:51:44.0521 2612 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:51:44.0537 2612 RDPWD - ok
15:51:44.0552 2612 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:51:44.0552 2612 rdyboost - ok
15:51:44.0568 2612 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:51:44.0583 2612 RemoteAccess - ok
15:51:44.0583 2612 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:51:44.0583 2612 RemoteRegistry - ok
15:51:44.0599 2612 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:51:44.0615 2612 RpcEptMapper - ok
15:51:44.0615 2612 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:51:44.0615 2612 RpcLocator - ok
15:51:44.0661 2612 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
15:51:44.0661 2612 RpcSs - ok
15:51:44.0661 2612 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:51:44.0661 2612 rspndr - ok
15:51:44.0677 2612 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:51:44.0693 2612 s3cap - ok
15:51:44.0708 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
15:51:44.0708 2612 SamSs - ok
15:51:44.0724 2612 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:51:44.0739 2612 sbp2port - ok
15:51:44.0771 2612 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:51:44.0771 2612 SCardSvr - ok
15:51:44.0771 2612 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:51:44.0771 2612 scfilter - ok
15:51:44.0802 2612 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
15:51:44.0817 2612 Schedule - ok
15:51:44.0833 2612 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:51:44.0833 2612 SCPolicySvc - ok
15:51:44.0849 2612 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:51:44.0849 2612 SDRSVC - ok
15:51:44.0895 2612 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:51:44.0911 2612 SeaPort - ok
15:51:44.0927 2612 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:51:44.0927 2612 secdrv - ok
15:51:44.0927 2612 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:51:44.0927 2612 seclogon - ok
15:51:45.0005 2612 [ D7F978C1B6387544FE132EB5B915ED1A ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
15:51:45.0020 2612 SecureStorageService - ok
15:51:45.0051 2612 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:51:45.0051 2612 SENS - ok
15:51:45.0067 2612 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:51:45.0067 2612 SensrSvc - ok
15:51:45.0083 2612 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:51:45.0083 2612 Serenum - ok
15:51:45.0098 2612 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:51:45.0098 2612 Serial - ok
15:51:45.0114 2612 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:51:45.0114 2612 sermouse - ok
15:51:45.0145 2612 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
15:51:45.0145 2612 SessionEnv - ok
15:51:45.0161 2612 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:51:45.0161 2612 sffdisk - ok
15:51:45.0161 2612 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:51:45.0161 2612 sffp_mmc - ok
15:51:45.0161 2612 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:51:45.0161 2612 sffp_sd - ok
15:51:45.0176 2612 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:51:45.0176 2612 sfloppy - ok
15:51:45.0207 2612 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:51:45.0207 2612 SharedAccess - ok
15:51:45.0223 2612 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:45.0223 2612 ShellHWDetection - ok
15:51:45.0239 2612 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
15:51:45.0239 2612 sisagp - ok
15:51:45.0254 2612 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:51:45.0254 2612 SiSRaid2 - ok
15:51:45.0270 2612 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:51:45.0270 2612 SiSRaid4 - ok
15:51:45.0285 2612 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:51:45.0285 2612 Smb - ok
15:51:45.0332 2612 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:51:45.0332 2612 SNMPTRAP - ok
15:51:45.0332 2612 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:51:45.0348 2612 spldr - ok
15:51:45.0379 2612 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
15:51:45.0379 2612 Spooler - ok
15:51:45.0441 2612 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
15:51:45.0488 2612 sppsvc - ok
15:51:45.0504 2612 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:51:45.0504 2612 sppuinotify - ok
15:51:45.0519 2612 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:51:45.0535 2612 srv - ok
15:51:45.0551 2612 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:51:45.0566 2612 srv2 - ok
15:51:45.0582 2612 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:51:45.0597 2612 srvnet - ok
15:51:45.0613 2612 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:51:45.0613 2612 SSDPSRV - ok
15:51:45.0629 2612 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:51:45.0629 2612 SstpSvc - ok
15:51:45.0644 2612 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:51:45.0644 2612 stexstor - ok
15:51:45.0675 2612 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
15:51:45.0691 2612 StiSvc - ok
15:51:45.0722 2612 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:51:45.0738 2612 stllssvr - ok
15:51:45.0753 2612 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:51:45.0753 2612 storflt - ok
15:51:45.0785 2612 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:51:45.0785 2612 StorSvc - ok
15:51:45.0800 2612 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:51:45.0800 2612 storvsc - ok
15:51:45.0816 2612 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:51:45.0816 2612 swenum - ok
15:51:45.0831 2612 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:51:45.0831 2612 swprv - ok
15:51:45.0863 2612 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
15:51:45.0894 2612 SysMain - ok
15:51:45.0909 2612 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:45.0909 2612 TabletInputService - ok
15:51:45.0925 2612 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
15:51:45.0925 2612 TapiSrv - ok
15:51:45.0941 2612 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:51:45.0941 2612 TBS - ok
15:51:45.0987 2612 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:51:46.0003 2612 Tcpip - ok
15:51:46.0065 2612 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:51:46.0081 2612 TCPIP6 - ok
15:51:46.0081 2612 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:51:46.0081 2612 tcpipreg - ok
15:51:46.0143 2612 [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
15:51:46.0159 2612 tcsd_win32.exe - ok
15:51:46.0221 2612 [ A62F1DE032E59C4BB35557A2219CB160 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
15:51:46.0237 2612 TdmService - ok
15:51:46.0253 2612 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:51:46.0253 2612 TDPIPE - ok
15:51:46.0284 2612 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:51:46.0284 2612 TDTCP - ok
15:51:46.0315 2612 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:51:46.0315 2612 tdx - ok
15:51:46.0315 2612 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:51:46.0315 2612 TermDD - ok
15:51:46.0331 2612 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
15:51:46.0346 2612 TermService - ok
15:51:46.0362 2612 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:51:46.0362 2612 Themes - ok
15:51:46.0362 2612 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:51:46.0362 2612 THREADORDER - ok
15:51:46.0393 2612 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:51:46.0409 2612 TrkWks - ok
15:51:46.0455 2612 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:46.0455 2612 TrustedInstaller - ok
15:51:46.0471 2612 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:46.0471 2612 tssecsrv - ok
15:51:46.0471 2612 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:51:46.0471 2612 tunnel - ok
15:51:46.0487 2612 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:51:46.0502 2612 uagp35 - ok
15:51:46.0502 2612 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:51:46.0502 2612 udfs - ok
15:51:46.0518 2612 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:51:46.0518 2612 UI0Detect - ok
15:51:46.0549 2612 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:51:46.0549 2612 uliagpkx - ok
15:51:46.0565 2612 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:51:46.0565 2612 umbus - ok
15:51:46.0580 2612 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:51:46.0580 2612 UmPass - ok
15:51:46.0627 2612 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:51:46.0627 2612 UmRdpService - ok
15:51:46.0658 2612 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:51:46.0658 2612 upnphost - ok
15:51:46.0658 2612 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:46.0658 2612 usbccgp - ok
15:51:46.0674 2612 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:51:46.0674 2612 usbcir - ok
15:51:46.0689 2612 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:51:46.0689 2612 usbehci - ok
15:51:46.0705 2612 [ 0DB84EDA895894BA222E27ACF597C806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:51:46.0705 2612 usbhub - ok
15:51:46.0736 2612 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:51:46.0736 2612 usbohci - ok
15:51:46.0752 2612 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:51:46.0752 2612 usbprint - ok
15:51:46.0767 2612 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:46.0783 2612 USBSTOR - ok
15:51:46.0799 2612 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:51:46.0799 2612 usbuhci - ok
15:51:46.0814 2612 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:51:46.0814 2612 UxSms - ok
15:51:46.0830 2612 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
15:51:46.0830 2612 VaultSvc - ok
15:51:46.0845 2612 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:51:46.0845 2612 vdrvroot - ok
15:51:46.0861 2612 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
15:51:46.0877 2612 vds - ok
15:51:46.0908 2612 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:46.0908 2612 vga - ok
15:51:46.0908 2612 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:51:46.0908 2612 VgaSave - ok
15:51:46.0923 2612 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:51:46.0923 2612 vhdmp - ok
15:51:46.0923 2612 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
15:51:46.0939 2612 viaagp - ok
15:51:46.0939 2612 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:51:46.0939 2612 ViaC7 - ok
15:51:46.0955 2612 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:51:46.0955 2612 viaide - ok
15:51:46.0970 2612 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:51:46.0970 2612 vmbus - ok
15:51:46.0986 2612 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:51:46.0986 2612 VMBusHID - ok
15:51:47.0001 2612 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:51:47.0017 2612 volmgr - ok
15:51:47.0033 2612 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:51:47.0033 2612 volmgrx - ok
15:51:47.0064 2612 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:51:47.0064 2612 volsnap - ok
15:51:47.0079 2612 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:51:47.0079 2612 vsmraid - ok
15:51:47.0095 2612 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
15:51:47.0111 2612 VSS - ok
15:51:47.0126 2612 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:51:47.0126 2612 vwifibus - ok
15:51:47.0142 2612 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:51:47.0157 2612 W32Time - ok
15:51:47.0173 2612 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:51:47.0173 2612 WacomPen - ok
15:51:47.0189 2612 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:51:47.0189 2612 WANARP - ok
15:51:47.0189 2612 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:51:47.0189 2612 Wanarpv6 - ok
15:51:47.0235 2612 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:47.0267 2612 WatAdminSvc - ok
15:51:47.0298 2612 [ 4011D285C449DD833040045CB0F0E3FE ] WavxDMgr C:\Windows\system32\DRIVERS\WavxDMgr.sys
15:51:47.0298 2612 WavxDMgr - ok
15:51:47.0329 2612 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
15:51:47.0345 2612 wbengine - ok
15:51:47.0360 2612 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:51:47.0360 2612 WbioSrvc - ok
15:51:47.0391 2612 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:51:47.0391 2612 wcncsvc - ok
15:51:47.0391 2612 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:47.0391 2612 WcsPlugInService - ok
15:51:47.0407 2612 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:51:47.0407 2612 Wd - ok
15:51:47.0438 2612 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:51:47.0438 2612 Wdf01000 - ok
15:51:47.0438 2612 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:51:47.0454 2612 WdiServiceHost - ok
15:51:47.0454 2612 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:51:47.0454 2612 WdiSystemHost - ok
15:51:47.0469 2612 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
15:51:47.0469 2612 WebClient - ok
15:51:47.0485 2612 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:51:47.0485 2612 Wecsvc - ok
15:51:47.0501 2612 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:51:47.0501 2612 wercplsupport - ok
15:51:47.0516 2612 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:51:47.0516 2612 WerSvc - ok
15:51:47.0547 2612 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:47.0547 2612 WfpLwf - ok
15:51:47.0547 2612 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:51:47.0547 2612 WIMMount - ok
15:51:47.0594 2612 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:51:47.0625 2612 WinDefend - ok
15:51:47.0625 2612 WinHttpAutoProxySvc - ok
15:51:47.0672 2612 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:51:47.0672 2612 Winmgmt - ok
15:51:47.0719 2612 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
15:51:47.0735 2612 WinRM - ok
15:51:47.0781 2612 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:51:47.0797 2612 Wlansvc - ok
15:51:47.0813 2612 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:51:47.0813 2612 WmiAcpi - ok
15:51:47.0844 2612 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:51:47.0844 2612 wmiApSrv - ok
15:51:47.0875 2612 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:51:47.0891 2612 WMPNetworkSvc - ok
15:51:47.0906 2612 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:51:47.0906 2612 WPCSvc - ok
15:51:47.0922 2612 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:51:47.0922 2612 WPDBusEnum - ok
15:51:47.0922 2612 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:51:47.0922 2612 ws2ifsl - ok
15:51:47.0937 2612 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:51:47.0937 2612 wscsvc - ok
15:51:47.0953 2612 WSearch - ok
15:51:48.0000 2612 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:51:48.0031 2612 wuauserv - ok
15:51:48.0047 2612 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:51:48.0047 2612 WudfPf - ok
15:51:48.0062 2612 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:51:48.0062 2612 wudfsvc - ok
15:51:48.0078 2612 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:51:48.0093 2612 WwanSvc - ok
15:51:48.0093 2612 ================ Scan global ===============================
15:51:48.0125 2612 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
15:51:48.0140 2612 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
15:51:48.0156 2612 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
15:51:48.0187 2612 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:51:48.0218 2612 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:51:48.0218 2612 [Global] - ok
15:51:48.0218 2612 ================ Scan MBR ==================================
15:51:48.0234 2612 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
15:51:48.0234 2612 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:51:48.0296 2612 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:51:48.0296 2612 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:51:48.0359 2612 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:51:48.0359 2612 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:51:48.0359 2612 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:51:48.0483 2612 \Device\Harddisk1\DR1 - ok
15:51:48.0483 2612 ================ Scan VBR ==================================
15:51:48.0483 2612 [ 47276C0556ABA56A3A3C1A7B93DF7DF7 ] \Device\Harddisk0\DR0\Partition1
15:51:48.0483 2612 \Device\Harddisk0\DR0\Partition1 - ok
15:51:48.0515 2612 [ 301756E790D1D60619654DED9516C0F3 ] \Device\Harddisk0\DR0\Partition2
15:51:48.0515 2612 \Device\Harddisk0\DR0\Partition2 - ok
15:51:48.0515 2612 [ E7103269032D309A78D144F74F0BAF76 ] \Device\Harddisk1\DR1\Partition1
15:51:48.0515 2612 \Device\Harddisk1\DR1\Partition1 - ok
15:51:48.0515 2612 ============================================================
15:51:48.0515 2612 Scan finished
15:51:48.0515 2612 ============================================================
15:51:48.0530 1916 Detected object count: 2
15:51:48.0530 1916 Actual detected object count: 2
15:53:03.0178 1916 \Device\Harddisk0\DR0\# - copied to quarantine
15:53:03.0193 1916 \Device\Harddisk0\DR0 - copied to quarantine
15:53:03.0209 1916 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:53:03.0209 1916 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:53:03.0209 1916 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:53:03.0224 1916 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:53:03.0224 1916 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:53:03.0224 1916 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:53:03.0224 1916 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
15:53:03.0240 1916 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
15:53:03.0256 1916 \Device\Harddisk0\DR0 - ok
15:53:03.0271 1916 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
15:53:03.0271 1916 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:53:03.0271 1916 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:53:13.0801 5992 Deinitialize success

-------------------------

aswMBR

-------------------------

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-05 16:17:02
-----------------------------
16:17:02.207 OS Version: Windows 6.1.7600
16:17:02.207 Number of processors: 2 586 0x170A
16:17:02.207 ComputerName: BRUCE-PC UserName: Bruce
16:17:03.174 Initialize success
16:19:09.598 AVAST engine defs: 12100501
16:19:45.556 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:19:45.556 Disk 0 Vendor: WDC_WD3200AAKS-75L9A0 02.03E02 Size: 305245MB BusType: 3
16:19:45.556 Disk 0 MBR read successfully
16:19:45.556 Disk 0 MBR scan
16:19:45.556 Disk 0 Windows VISTA default MBR code
16:19:45.572 Disk 0 MBR hidden
16:19:45.572 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:19:45.572 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
16:19:45.587 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920
16:19:45.603 Disk 0 scanning sectors +625140400
16:19:45.634 Disk 0 scanning C:\Windows\system32\drivers
16:19:50.891 Service scanning
16:20:03.247 Modules scanning
16:20:06.476 Disk 0 trace - called modules:
16:20:06.476 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86fbe360]<<
16:20:06.491 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f29030]
16:20:06.491 3 CLASSPNP.SYS[8bb9059e] -> nt!IofCallDriver -> [0x85fb1028]
16:20:06.491 \Driver\atapi[0x87027f38] -> IRP_MJ_CREATE -> 0x875eb4b1
16:20:07.412 AVAST engine scan C:\Windows
16:20:08.660 AVAST engine scan C:\Windows\system32
16:21:29.452 AVAST engine scan C:\Windows\system32\drivers
16:21:35.895 AVAST engine scan C:\Users\Bruce
16:26:24.199 File: C:\Users\Bruce\AppData\Local\Microsoft Help\Microsoft\ymcepif.dll **INFECTED** Win32:BHO-AGQ [Trj]
16:26:25.588 File: C:\Users\Bruce\AppData\Local\Temp\57BC.tmp **INFECTED** Win32:Alureon-AWV [Trj]
16:26:25.791 File: C:\Users\Bruce\AppData\Local\Temp\69E4.tmp **INFECTED** Win32:Alureon-AWV [Trj]
16:27:04.588 AVAST engine scan C:\ProgramData
16:27:10.188 File: C:\ProgramData\Microsoft\Windows\DRM\5165.tmp **INFECTED** Win32:Alureon-AWV [Trj]
16:27:17.177 Scan finished successfully
16:27:45.631 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
16:27:45.647 The log file has been saved successfully to "C:\aswMBR.txt"

------------------

ESET

------------------

C:\ProgramData\Microsoft\Windows\DRM\5165.tmp a variant of Win32/Kryptik.AMBY trojan cleaned by deleting (after the next restart) - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.OU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.10.2012_15.49.56\mbr0000\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Default\aadidegedddbdgdcgbdcdgdddegcdeda\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Default\aadidegedddbdgdcgbdcdgdddegcdeda\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Microsoft Help\Microsoft\ymcepif.dll Win32/Kryptik.AMNF trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Bruce\AppData\Local\Temp\0.38112747635335187 Win32/Kryptik.AMNF trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Temp\57BC.tmp a variant of Win32/Kryptik.AMBY trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Temp\69E4.tmp a variant of Win32/Kryptik.AMBY trojan cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Temp\BetterInstaller.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined
C:\Users\Bruce\AppData\Local\Temp\NOD3AF6.tmp a variant of Win32/Kryptik.AMBY trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Bruce\AppData\Local\Temp\NODC689.tmp Win32/Kryptik.AMNF trojan cleaned by deleting (after the next restart) - quarantined
C:\Windows\System32\config\systemprofile\0.3152902799211492.exe Win32/Weelsof.B trojan cleaned by deleting - quarantined

------------------------------------------------

How should I proceed from here? Thanks again!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:52 PM

Posted 05 October 2012 - 04:22 PM

Run TDSSkiller again and select DELETE for this

15:53:03.0271 1916 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator.After scan gets completed,post the generated log here.

#5 brucewig

brucewig
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 October 2012 - 05:57 PM

Hi,

I ran TDSSkiller again, but I did not see a Delete option when it came to the file--I chose the action "Cure." Was I looking at the wrong thing? Here is the log from what I did.

Note: I have not rebooted my computer as the TDSSkiller program suggested, either before or this time.

18:52:02.0512 6852 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:52:02.0715 6852 ============================================================
18:52:02.0731 6852 Current date / time: 2012/10/05 18:52:02.0715
18:52:02.0731 6852 SystemInfo:
18:52:02.0731 6852
18:52:02.0731 6852 OS Version: 6.1.7600 ServicePack: 0.0
18:52:02.0731 6852 Product type: Workstation
18:52:02.0731 6852 ComputerName: BRUCE-PC
18:52:02.0731 6852 UserName: Bruce
18:52:02.0731 6852 Windows directory: C:\Windows
18:52:02.0731 6852 System windows directory: C:\Windows
18:52:02.0731 6852 Processor architecture: Intel x86
18:52:02.0731 6852 Number of processors: 2
18:52:02.0731 6852 Page size: 0x1000
18:52:02.0731 6852 Boot type: Normal boot
18:52:02.0731 6852 ============================================================
18:52:02.0887 6852 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:52:02.0887 6852 Drive \Device\Harddisk1\DR1 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:52:02.0887 6852 ============================================================
18:52:02.0887 6852 \Device\Harddisk0\DR0:
18:52:02.0887 6852 MBR partitions:
18:52:02.0887 6852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:52:02.0887 6852 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
18:52:02.0887 6852 \Device\Harddisk1\DR1:
18:52:02.0887 6852 MBR partitions:
18:52:02.0887 6852 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x17BD5299
18:52:02.0887 6852 ============================================================
18:52:02.0918 6852 C: <-> \Device\Harddisk0\DR0\Partition2
18:52:02.0918 6852 E: <-> \Device\Harddisk1\DR1\Partition1
18:52:02.0918 6852 ============================================================
18:52:02.0918 6852 Initialize success
18:52:02.0918 6852 ============================================================
18:52:09.0095 7664 ============================================================
18:52:09.0095 7664 Scan started
18:52:09.0095 7664 Mode: Manual;
18:52:09.0095 7664 ============================================================
18:52:09.0953 7664 ================ Scan system memory ========================
18:52:09.0953 7664 System memory - ok
18:52:09.0953 7664 ================ Scan services =============================
18:52:10.0078 7664 [ 2A8681AEA24003040CA7D677BE9F1702 ] 03503958 C:\Windows\system32\drivers\22967893.sys
18:52:10.0109 7664 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:52:10.0109 7664 1394ohci - ok
18:52:10.0141 7664 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:52:10.0141 7664 ACPI - ok
18:52:10.0156 7664 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:52:10.0156 7664 AcpiPmi - ok
18:52:10.0234 7664 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:52:10.0234 7664 AdobeARMservice - ok
18:52:10.0250 7664 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:52:10.0250 7664 adp94xx - ok
18:52:10.0281 7664 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:52:10.0281 7664 adpahci - ok
18:52:10.0297 7664 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:52:10.0297 7664 adpu320 - ok
18:52:10.0312 7664 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:52:10.0312 7664 AeLookupSvc - ok
18:52:10.0375 7664 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
18:52:10.0375 7664 AFD - ok
18:52:10.0390 7664 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:52:10.0390 7664 agp440 - ok
18:52:10.0390 7664 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:52:10.0390 7664 aic78xx - ok
18:52:10.0406 7664 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:52:10.0406 7664 ALG - ok
18:52:10.0437 7664 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:52:10.0437 7664 aliide - ok
18:52:10.0437 7664 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
18:52:10.0437 7664 amdagp - ok
18:52:10.0437 7664 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:52:10.0437 7664 amdide - ok
18:52:10.0453 7664 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:52:10.0453 7664 AmdK8 - ok
18:52:10.0453 7664 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:52:10.0453 7664 AmdPPM - ok
18:52:10.0453 7664 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:52:10.0468 7664 amdsata - ok
18:52:10.0468 7664 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:52:10.0484 7664 amdsbs - ok
18:52:10.0484 7664 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:52:10.0484 7664 amdxata - ok
18:52:10.0499 7664 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
18:52:10.0499 7664 AppID - ok
18:52:10.0515 7664 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:52:10.0515 7664 AppIDSvc - ok
18:52:10.0531 7664 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
18:52:10.0531 7664 Appinfo - ok
18:52:10.0562 7664 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:52:10.0562 7664 AppMgmt - ok
18:52:10.0562 7664 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:52:10.0562 7664 arc - ok
18:52:10.0577 7664 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:52:10.0577 7664 arcsas - ok
18:52:10.0609 7664 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:10.0609 7664 AsyncMac - ok
18:52:10.0624 7664 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:52:10.0624 7664 atapi - ok
18:52:10.0640 7664 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:52:10.0655 7664 AudioEndpointBuilder - ok
18:52:10.0655 7664 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:52:10.0671 7664 Audiosrv - ok
18:52:10.0687 7664 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:52:10.0687 7664 AxInstSV - ok
18:52:10.0702 7664 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:52:10.0702 7664 b06bdrv - ok
18:52:10.0718 7664 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:52:10.0718 7664 b57nd60x - ok
18:52:10.0749 7664 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:52:10.0749 7664 BDESVC - ok
18:52:10.0765 7664 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:52:10.0765 7664 Beep - ok
18:52:10.0796 7664 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
18:52:10.0796 7664 BFE - ok
18:52:10.0843 7664 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
18:52:10.0858 7664 BITS - ok
18:52:10.0858 7664 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:52:10.0874 7664 blbdrive - ok
18:52:10.0889 7664 [ D2F8D15F4852920E1F6B769E982414AD ] Blfp C:\Windows\system32\DRIVERS\basp.sys
18:52:10.0889 7664 Blfp - ok
18:52:10.0921 7664 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:52:10.0921 7664 bowser - ok
18:52:10.0936 7664 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:52:10.0936 7664 BrFiltLo - ok
18:52:10.0952 7664 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:52:10.0952 7664 BrFiltUp - ok
18:52:10.0967 7664 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
18:52:10.0967 7664 Browser - ok
18:52:10.0983 7664 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:52:10.0983 7664 Brserid - ok
18:52:10.0999 7664 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:52:10.0999 7664 BrSerWdm - ok
18:52:10.0999 7664 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:52:10.0999 7664 BrUsbMdm - ok
18:52:10.0999 7664 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:52:10.0999 7664 BrUsbSer - ok
18:52:11.0014 7664 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:52:11.0014 7664 BTHMODEM - ok
18:52:11.0045 7664 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:52:11.0045 7664 bthserv - ok
18:52:11.0061 7664 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:52:11.0061 7664 cdfs - ok
18:52:11.0077 7664 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:52:11.0077 7664 cdrom - ok
18:52:11.0092 7664 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
18:52:11.0092 7664 CertPropSvc - ok
18:52:11.0123 7664 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:52:11.0123 7664 circlass - ok
18:52:11.0139 7664 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:52:11.0139 7664 CLFS - ok
18:52:11.0201 7664 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:11.0201 7664 clr_optimization_v2.0.50727_32 - ok
18:52:11.0201 7664 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:11.0201 7664 CmBatt - ok
18:52:11.0217 7664 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:52:11.0217 7664 cmdide - ok
18:52:11.0248 7664 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
18:52:11.0248 7664 CNG - ok
18:52:11.0264 7664 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:52:11.0264 7664 Compbatt - ok
18:52:11.0279 7664 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:52:11.0279 7664 CompositeBus - ok
18:52:11.0279 7664 COMSysApp - ok
18:52:11.0295 7664 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:52:11.0311 7664 crcdisk - ok
18:52:11.0326 7664 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:52:11.0326 7664 CryptSvc - ok
18:52:11.0342 7664 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
18:52:11.0357 7664 CSC - ok
18:52:11.0389 7664 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
18:52:11.0389 7664 CscService - ok
18:52:11.0404 7664 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
18:52:11.0420 7664 DcomLaunch - ok
18:52:11.0435 7664 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:52:11.0435 7664 defragsvc - ok
18:52:11.0467 7664 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:52:11.0467 7664 DfsC - ok
18:52:11.0482 7664 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:52:11.0482 7664 Dhcp - ok
18:52:11.0498 7664 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:52:11.0498 7664 discache - ok
18:52:11.0529 7664 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:52:11.0529 7664 Disk - ok
18:52:11.0545 7664 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:52:11.0545 7664 Dnscache - ok
18:52:11.0576 7664 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
18:52:11.0576 7664 dot3svc - ok
18:52:11.0591 7664 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
18:52:11.0591 7664 DPS - ok
18:52:11.0607 7664 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:52:11.0607 7664 drmkaud - ok
18:52:11.0654 7664 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:52:11.0654 7664 DXGKrnl - ok
18:52:11.0669 7664 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:52:11.0669 7664 EapHost - ok
18:52:11.0732 7664 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:52:11.0779 7664 ebdrv - ok
18:52:11.0810 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
18:52:11.0810 7664 EFS - ok
18:52:11.0857 7664 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:52:11.0857 7664 ehRecvr - ok
18:52:11.0872 7664 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:52:11.0872 7664 ehSched - ok
18:52:11.0903 7664 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:52:11.0903 7664 elxstor - ok
18:52:11.0919 7664 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:52:11.0919 7664 ErrDev - ok
18:52:11.0935 7664 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:52:11.0935 7664 EventSystem - ok
18:52:11.0950 7664 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:52:11.0950 7664 exfat - ok
18:52:11.0966 7664 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:52:11.0966 7664 fastfat - ok
18:52:12.0013 7664 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
18:52:12.0028 7664 Fax - ok
18:52:12.0028 7664 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:52:12.0028 7664 fdc - ok
18:52:12.0059 7664 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:52:12.0059 7664 fdPHost - ok
18:52:12.0059 7664 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:52:12.0059 7664 FDResPub - ok
18:52:12.0075 7664 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:52:12.0075 7664 FileInfo - ok
18:52:12.0075 7664 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:52:12.0075 7664 Filetrace - ok
18:52:12.0091 7664 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:52:12.0091 7664 flpydisk - ok
18:52:12.0106 7664 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:52:12.0106 7664 FltMgr - ok
18:52:12.0137 7664 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
18:52:12.0137 7664 FontCache - ok
18:52:12.0184 7664 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:12.0184 7664 FontCache3.0.0.0 - ok
18:52:12.0200 7664 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:52:12.0200 7664 FsDepends - ok
18:52:12.0231 7664 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:52:12.0231 7664 Fs_Rec - ok
18:52:12.0247 7664 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:52:12.0247 7664 fvevol - ok
18:52:12.0262 7664 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:52:12.0262 7664 gagp30kx - ok
18:52:12.0293 7664 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
18:52:12.0309 7664 gpsvc - ok
18:52:12.0309 7664 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:52:12.0309 7664 hcw85cir - ok
18:52:12.0325 7664 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:52:12.0325 7664 HDAudBus - ok
18:52:12.0340 7664 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:52:12.0340 7664 HidBatt - ok
18:52:12.0356 7664 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:52:12.0356 7664 HidBth - ok
18:52:12.0371 7664 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:52:12.0371 7664 HidIr - ok
18:52:12.0387 7664 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:52:12.0387 7664 hidserv - ok
18:52:12.0403 7664 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:52:12.0403 7664 HidUsb - ok
18:52:12.0418 7664 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:52:12.0418 7664 hkmsvc - ok
18:52:12.0465 7664 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:52:12.0481 7664 HomeGroupListener - ok
18:52:12.0496 7664 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:52:12.0496 7664 HomeGroupProvider - ok
18:52:12.0527 7664 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:52:12.0527 7664 HpSAMD - ok
18:52:12.0543 7664 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:52:12.0559 7664 HTTP - ok
18:52:12.0559 7664 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:52:12.0559 7664 hwpolicy - ok
18:52:12.0574 7664 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:52:12.0574 7664 i8042prt - ok
18:52:12.0605 7664 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:52:12.0605 7664 iaStorV - ok
18:52:12.0637 7664 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:12.0652 7664 idsvc - ok
18:52:12.0699 7664 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:52:12.0699 7664 iirsp - ok
18:52:12.0730 7664 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
18:52:12.0746 7664 IKEEXT - ok
18:52:12.0824 7664 [ 53613A3F3EF4E33A640CB3B1CD9BA38B ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
18:52:12.0855 7664 IntcAzAudAddService - ok
18:52:12.0886 7664 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:52:12.0886 7664 intelide - ok
18:52:12.0902 7664 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:52:12.0902 7664 intelppm - ok
18:52:12.0917 7664 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:52:12.0917 7664 IPBusEnum - ok
18:52:12.0933 7664 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:52:12.0933 7664 IpFilterDriver - ok
18:52:12.0949 7664 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:52:12.0949 7664 iphlpsvc - ok
18:52:12.0964 7664 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:52:12.0964 7664 IPMIDRV - ok
18:52:12.0980 7664 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:52:12.0995 7664 IPNAT - ok
18:52:12.0995 7664 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:52:12.0995 7664 IRENUM - ok
18:52:13.0011 7664 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:52:13.0011 7664 isapnp - ok
18:52:13.0042 7664 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:52:13.0042 7664 iScsiPrt - ok
18:52:13.0073 7664 [ 62632763D9B2B7F92D2968D40406E7AA ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
18:52:13.0073 7664 k57nd60x - ok
18:52:13.0089 7664 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:52:13.0089 7664 kbdclass - ok
18:52:13.0105 7664 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:52:13.0105 7664 kbdhid - ok
18:52:13.0120 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
18:52:13.0120 7664 KeyIso - ok
18:52:13.0136 7664 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:52:13.0136 7664 KSecDD - ok
18:52:13.0151 7664 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:52:13.0151 7664 KSecPkg - ok
18:52:13.0183 7664 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:52:13.0183 7664 KtmRm - ok
18:52:13.0198 7664 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
18:52:13.0198 7664 LanmanServer - ok
18:52:13.0229 7664 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:52:13.0229 7664 LanmanWorkstation - ok
18:52:13.0261 7664 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:52:13.0261 7664 lltdio - ok
18:52:13.0276 7664 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:52:13.0276 7664 lltdsvc - ok
18:52:13.0307 7664 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:52:13.0307 7664 lmhosts - ok
18:52:13.0323 7664 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:52:13.0323 7664 LSI_FC - ok
18:52:13.0323 7664 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:52:13.0323 7664 LSI_SAS - ok
18:52:13.0339 7664 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:52:13.0339 7664 LSI_SAS2 - ok
18:52:13.0354 7664 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:52:13.0354 7664 LSI_SCSI - ok
18:52:13.0370 7664 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:52:13.0370 7664 luafv - ok
18:52:13.0385 7664 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:52:13.0385 7664 Mcx2Svc - ok
18:52:13.0401 7664 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:52:13.0417 7664 megasas - ok
18:52:13.0432 7664 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:52:13.0432 7664 MegaSR - ok
18:52:13.0463 7664 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:52:13.0463 7664 MMCSS - ok
18:52:13.0463 7664 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:52:13.0463 7664 Modem - ok
18:52:13.0479 7664 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:52:13.0479 7664 monitor - ok
18:52:13.0479 7664 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:52:13.0495 7664 mouclass - ok
18:52:13.0495 7664 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:52:13.0495 7664 mouhid - ok
18:52:13.0510 7664 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:52:13.0510 7664 mountmgr - ok
18:52:13.0510 7664 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:52:13.0510 7664 mpio - ok
18:52:13.0526 7664 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:52:13.0526 7664 mpsdrv - ok
18:52:13.0541 7664 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
18:52:13.0557 7664 MpsSvc - ok
18:52:13.0573 7664 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:52:13.0573 7664 MRxDAV - ok
18:52:13.0604 7664 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:52:13.0619 7664 mrxsmb - ok
18:52:13.0635 7664 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:52:13.0635 7664 mrxsmb10 - ok
18:52:13.0651 7664 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:52:13.0651 7664 mrxsmb20 - ok
18:52:13.0666 7664 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:52:13.0666 7664 msahci - ok
18:52:13.0682 7664 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:52:13.0682 7664 msdsm - ok
18:52:13.0697 7664 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:52:13.0697 7664 MSDTC - ok
18:52:13.0713 7664 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:52:13.0713 7664 Msfs - ok
18:52:13.0729 7664 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:52:13.0729 7664 mshidkmdf - ok
18:52:13.0744 7664 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:52:13.0744 7664 msisadrv - ok
18:52:13.0760 7664 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:52:13.0760 7664 MSiSCSI - ok
18:52:13.0775 7664 msiserver - ok
18:52:13.0791 7664 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:52:13.0791 7664 MSKSSRV - ok
18:52:13.0807 7664 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:52:13.0807 7664 MSPCLOCK - ok
18:52:13.0822 7664 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:52:13.0822 7664 MSPQM - ok
18:52:13.0838 7664 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:52:13.0838 7664 MsRPC - ok
18:52:13.0853 7664 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:52:13.0853 7664 mssmbios - ok
18:52:13.0853 7664 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:52:13.0853 7664 MSTEE - ok
18:52:13.0869 7664 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:52:13.0869 7664 MTConfig - ok
18:52:13.0869 7664 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:52:13.0869 7664 Mup - ok
18:52:13.0900 7664 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
18:52:13.0916 7664 napagent - ok
18:52:13.0931 7664 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:52:13.0947 7664 NativeWifiP - ok
18:52:13.0963 7664 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:52:13.0978 7664 NDIS - ok
18:52:13.0994 7664 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:52:13.0994 7664 NdisCap - ok
18:52:14.0009 7664 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:52:14.0009 7664 NdisTapi - ok
18:52:14.0025 7664 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:52:14.0025 7664 Ndisuio - ok
18:52:14.0041 7664 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:52:14.0041 7664 NdisWan - ok
18:52:14.0056 7664 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:52:14.0056 7664 NDProxy - ok
18:52:14.0072 7664 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:52:14.0072 7664 NetBIOS - ok
18:52:14.0087 7664 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:52:14.0087 7664 NetBT - ok
18:52:14.0103 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
18:52:14.0103 7664 Netlogon - ok
18:52:14.0134 7664 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:52:14.0134 7664 Netman - ok
18:52:14.0150 7664 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:52:14.0150 7664 netprofm - ok
18:52:14.0181 7664 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:14.0181 7664 NetTcpPortSharing - ok
18:52:14.0197 7664 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:52:14.0197 7664 nfrd960 - ok
18:52:14.0212 7664 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
18:52:14.0212 7664 NlaSvc - ok
18:52:14.0228 7664 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:52:14.0228 7664 Npfs - ok
18:52:14.0259 7664 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:52:14.0259 7664 nsi - ok
18:52:14.0259 7664 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:52:14.0259 7664 nsiproxy - ok
18:52:14.0290 7664 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:52:14.0321 7664 Ntfs - ok
18:52:14.0321 7664 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:52:14.0321 7664 Null - ok
18:52:14.0509 7664 [ D9099ED7CF688B131C5B0FCDAE1A48FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:52:14.0649 7664 nvlddmkm - ok
18:52:14.0680 7664 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:52:14.0680 7664 nvraid - ok
18:52:14.0696 7664 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:52:14.0696 7664 nvstor - ok
18:52:14.0711 7664 [ ABC3DBF9C508F48109782499C3D9DAB5 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:52:14.0711 7664 nvsvc - ok
18:52:14.0743 7664 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:52:14.0743 7664 nv_agp - ok
18:52:14.0789 7664 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:52:14.0789 7664 odserv - ok
18:52:14.0821 7664 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:52:14.0821 7664 ohci1394 - ok
18:52:14.0867 7664 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:52:14.0867 7664 ose - ok
18:52:14.0899 7664 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:52:14.0899 7664 p2pimsvc - ok
18:52:14.0930 7664 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:52:14.0930 7664 p2psvc - ok
18:52:14.0930 7664 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:52:14.0945 7664 Parport - ok
18:52:14.0961 7664 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:52:14.0961 7664 partmgr - ok
18:52:14.0977 7664 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:52:14.0977 7664 Parvdm - ok
18:52:15.0008 7664 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
18:52:15.0008 7664 PBADRV - ok
18:52:15.0008 7664 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:52:15.0008 7664 PcaSvc - ok
18:52:15.0023 7664 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
18:52:15.0023 7664 pci - ok
18:52:15.0039 7664 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:52:15.0039 7664 pciide - ok
18:52:15.0039 7664 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:52:15.0055 7664 pcmcia - ok
18:52:15.0055 7664 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:52:15.0055 7664 pcw - ok
18:52:15.0086 7664 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:52:15.0101 7664 PEAUTH - ok
18:52:15.0133 7664 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:52:15.0148 7664 PeerDistSvc - ok
18:52:15.0195 7664 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
18:52:15.0211 7664 pla - ok
18:52:15.0257 7664 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:52:15.0257 7664 PlugPlay - ok
18:52:15.0257 7664 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:52:15.0257 7664 PNRPAutoReg - ok
18:52:15.0273 7664 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:52:15.0289 7664 PNRPsvc - ok
18:52:15.0304 7664 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:52:15.0304 7664 PolicyAgent - ok
18:52:15.0335 7664 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
18:52:15.0351 7664 Power - ok
18:52:15.0367 7664 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:52:15.0367 7664 PptpMiniport - ok
18:52:15.0382 7664 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:52:15.0382 7664 Processor - ok
18:52:15.0413 7664 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
18:52:15.0413 7664 ProfSvc - ok
18:52:15.0429 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:52:15.0429 7664 ProtectedStorage - ok
18:52:15.0445 7664 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:52:15.0445 7664 Psched - ok
18:52:15.0491 7664 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:52:15.0491 7664 PxHelp20 - ok
18:52:15.0523 7664 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:52:15.0554 7664 ql2300 - ok
18:52:15.0569 7664 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:52:15.0569 7664 ql40xx - ok
18:52:15.0585 7664 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:52:15.0585 7664 QWAVE - ok
18:52:15.0601 7664 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:52:15.0601 7664 QWAVEdrv - ok
18:52:15.0601 7664 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:52:15.0616 7664 RasAcd - ok
18:52:15.0632 7664 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:52:15.0632 7664 RasAgileVpn - ok
18:52:15.0647 7664 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:52:15.0647 7664 RasAuto - ok
18:52:15.0647 7664 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:52:15.0647 7664 Rasl2tp - ok
18:52:15.0679 7664 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
18:52:15.0694 7664 RasMan - ok
18:52:15.0694 7664 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:52:15.0694 7664 RasPppoe - ok
18:52:15.0710 7664 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:52:15.0710 7664 RasSstp - ok
18:52:15.0725 7664 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:52:15.0725 7664 rdbss - ok
18:52:15.0741 7664 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:52:15.0741 7664 rdpbus - ok
18:52:15.0741 7664 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:52:15.0741 7664 RDPCDD - ok
18:52:15.0757 7664 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:52:15.0757 7664 RDPDR - ok
18:52:15.0772 7664 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:52:15.0772 7664 RDPENCDD - ok
18:52:15.0788 7664 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:52:15.0788 7664 RDPREFMP - ok
18:52:15.0803 7664 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:52:15.0803 7664 RDPWD - ok
18:52:15.0819 7664 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:52:15.0819 7664 rdyboost - ok
18:52:15.0850 7664 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:52:15.0850 7664 RemoteAccess - ok
18:52:15.0850 7664 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:52:15.0866 7664 RemoteRegistry - ok
18:52:15.0881 7664 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:52:15.0881 7664 RpcEptMapper - ok
18:52:15.0897 7664 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:52:15.0897 7664 RpcLocator - ok
18:52:15.0913 7664 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
18:52:15.0913 7664 RpcSs - ok
18:52:15.0913 7664 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:52:15.0928 7664 rspndr - ok
18:52:15.0944 7664 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:52:15.0944 7664 s3cap - ok
18:52:15.0944 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
18:52:15.0944 7664 SamSs - ok
18:52:15.0975 7664 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:52:15.0975 7664 sbp2port - ok
18:52:15.0991 7664 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:52:15.0991 7664 SCardSvr - ok
18:52:16.0006 7664 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:52:16.0006 7664 scfilter - ok
18:52:16.0037 7664 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
18:52:16.0053 7664 Schedule - ok
18:52:16.0069 7664 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:52:16.0069 7664 SCPolicySvc - ok
18:52:16.0069 7664 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:52:16.0084 7664 SDRSVC - ok
18:52:16.0131 7664 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:52:16.0131 7664 SeaPort - ok
18:52:16.0147 7664 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:52:16.0147 7664 secdrv - ok
18:52:16.0162 7664 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:52:16.0178 7664 seclogon - ok
18:52:16.0240 7664 [ D7F978C1B6387544FE132EB5B915ED1A ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:52:16.0256 7664 SecureStorageService - ok
18:52:16.0287 7664 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:52:16.0287 7664 SENS - ok
18:52:16.0303 7664 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:52:16.0303 7664 SensrSvc - ok
18:52:16.0318 7664 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:52:16.0318 7664 Serenum - ok
18:52:16.0318 7664 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:52:16.0334 7664 Serial - ok
18:52:16.0334 7664 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:52:16.0349 7664 sermouse - ok
18:52:16.0365 7664 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
18:52:16.0365 7664 SessionEnv - ok
18:52:16.0381 7664 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:52:16.0381 7664 sffdisk - ok
18:52:16.0381 7664 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:52:16.0381 7664 sffp_mmc - ok
18:52:16.0396 7664 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:52:16.0396 7664 sffp_sd - ok
18:52:16.0412 7664 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:52:16.0412 7664 sfloppy - ok
18:52:16.0443 7664 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:52:16.0443 7664 SharedAccess - ok
18:52:16.0474 7664 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:52:16.0490 7664 ShellHWDetection - ok
18:52:16.0505 7664 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
18:52:16.0505 7664 sisagp - ok
18:52:16.0521 7664 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:52:16.0521 7664 SiSRaid2 - ok
18:52:16.0537 7664 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:52:16.0537 7664 SiSRaid4 - ok
18:52:16.0552 7664 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:52:16.0552 7664 Smb - ok
18:52:16.0599 7664 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:52:16.0599 7664 SNMPTRAP - ok
18:52:16.0599 7664 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:52:16.0599 7664 spldr - ok
18:52:16.0630 7664 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
18:52:16.0630 7664 Spooler - ok
18:52:16.0708 7664 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
18:52:16.0771 7664 sppsvc - ok
18:52:16.0786 7664 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:52:16.0786 7664 sppuinotify - ok
18:52:16.0802 7664 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:52:16.0802 7664 srv - ok
18:52:16.0833 7664 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:52:16.0833 7664 srv2 - ok
18:52:16.0864 7664 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:52:16.0864 7664 srvnet - ok
18:52:16.0880 7664 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:52:16.0880 7664 SSDPSRV - ok
18:52:16.0895 7664 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:52:16.0895 7664 SstpSvc - ok
18:52:16.0911 7664 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:52:16.0911 7664 stexstor - ok
18:52:16.0942 7664 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
18:52:16.0958 7664 StiSvc - ok
18:52:17.0005 7664 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:52:17.0005 7664 stllssvr - ok
18:52:17.0020 7664 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:52:17.0020 7664 storflt - ok
18:52:17.0051 7664 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:52:17.0051 7664 StorSvc - ok
18:52:17.0067 7664 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:52:17.0067 7664 storvsc - ok
18:52:17.0083 7664 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:52:17.0083 7664 swenum - ok
18:52:17.0098 7664 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:52:17.0098 7664 swprv - ok
18:52:17.0129 7664 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
18:52:17.0161 7664 SysMain - ok
18:52:17.0176 7664 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:52:17.0176 7664 TabletInputService - ok
18:52:17.0176 7664 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
18:52:17.0192 7664 TapiSrv - ok
18:52:17.0207 7664 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:52:17.0207 7664 TBS - ok
18:52:17.0239 7664 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:52:17.0270 7664 Tcpip - ok
18:52:17.0301 7664 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:52:17.0301 7664 TCPIP6 - ok
18:52:17.0317 7664 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:52:17.0317 7664 tcpipreg - ok
18:52:17.0363 7664 [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:52:17.0379 7664 tcsd_win32.exe - ok
18:52:17.0441 7664 [ A62F1DE032E59C4BB35557A2219CB160 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
18:52:17.0473 7664 TdmService - ok
18:52:17.0488 7664 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:52:17.0488 7664 TDPIPE - ok
18:52:17.0519 7664 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:52:17.0519 7664 TDTCP - ok
18:52:17.0551 7664 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:52:17.0551 7664 tdx - ok
18:52:17.0551 7664 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:52:17.0551 7664 TermDD - ok
18:52:17.0566 7664 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
18:52:17.0582 7664 TermService - ok
18:52:17.0597 7664 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:52:17.0597 7664 Themes - ok
18:52:17.0613 7664 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:52:17.0613 7664 THREADORDER - ok
18:52:17.0629 7664 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:52:17.0644 7664 TrkWks - ok
18:52:17.0691 7664 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:52:17.0691 7664 TrustedInstaller - ok
18:52:17.0707 7664 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:52:17.0707 7664 tssecsrv - ok
18:52:17.0722 7664 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:52:17.0722 7664 tunnel - ok
18:52:17.0738 7664 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:52:17.0738 7664 uagp35 - ok
18:52:17.0753 7664 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:52:17.0753 7664 udfs - ok
18:52:17.0769 7664 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:52:17.0769 7664 UI0Detect - ok
18:52:17.0785 7664 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:52:17.0785 7664 uliagpkx - ok
18:52:17.0800 7664 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:52:17.0800 7664 umbus - ok
18:52:17.0816 7664 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:52:17.0816 7664 UmPass - ok
18:52:17.0847 7664 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:52:17.0847 7664 UmRdpService - ok
18:52:17.0878 7664 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:52:17.0878 7664 upnphost - ok
18:52:17.0878 7664 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:52:17.0894 7664 usbccgp - ok
18:52:17.0894 7664 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:52:17.0894 7664 usbcir - ok
18:52:17.0909 7664 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:52:17.0909 7664 usbehci - ok
18:52:17.0925 7664 [ 0DB84EDA895894BA222E27ACF597C806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:52:17.0925 7664 usbhub - ok
18:52:17.0956 7664 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:52:17.0956 7664 usbohci - ok
18:52:17.0972 7664 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:52:17.0972 7664 usbprint - ok
18:52:17.0987 7664 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:52:17.0987 7664 USBSTOR - ok
18:52:18.0003 7664 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:52:18.0003 7664 usbuhci - ok
18:52:18.0019 7664 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:52:18.0019 7664 UxSms - ok
18:52:18.0034 7664 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
18:52:18.0034 7664 VaultSvc - ok
18:52:18.0050 7664 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:52:18.0050 7664 vdrvroot - ok
18:52:18.0065 7664 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
18:52:18.0081 7664 vds - ok
18:52:18.0097 7664 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:52:18.0097 7664 vga - ok
18:52:18.0097 7664 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:52:18.0097 7664 VgaSave - ok
18:52:18.0112 7664 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:52:18.0112 7664 vhdmp - ok
18:52:18.0128 7664 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
18:52:18.0128 7664 viaagp - ok
18:52:18.0143 7664 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:52:18.0143 7664 ViaC7 - ok
18:52:18.0143 7664 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:52:18.0143 7664 viaide - ok
18:52:18.0175 7664 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:52:18.0175 7664 vmbus - ok
18:52:18.0190 7664 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:52:18.0190 7664 VMBusHID - ok
18:52:18.0190 7664 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:52:18.0190 7664 volmgr - ok
18:52:18.0221 7664 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:52:18.0221 7664 volmgrx - ok
18:52:18.0237 7664 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:52:18.0237 7664 volsnap - ok
18:52:18.0253 7664 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:52:18.0253 7664 vsmraid - ok
18:52:18.0284 7664 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
18:52:18.0299 7664 VSS - ok
18:52:18.0315 7664 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:52:18.0315 7664 vwifibus - ok
18:52:18.0331 7664 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:52:18.0331 7664 W32Time - ok
18:52:18.0346 7664 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:52:18.0346 7664 WacomPen - ok
18:52:18.0362 7664 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:52:18.0362 7664 WANARP - ok
18:52:18.0362 7664 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:52:18.0362 7664 Wanarpv6 - ok
18:52:18.0424 7664 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:52:18.0440 7664 WatAdminSvc - ok
18:52:18.0471 7664 [ 4011D285C449DD833040045CB0F0E3FE ] WavxDMgr C:\Windows\system32\DRIVERS\WavxDMgr.sys
18:52:18.0471 7664 WavxDMgr - ok
18:52:18.0518 7664 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
18:52:18.0549 7664 wbengine - ok
18:52:18.0565 7664 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:52:18.0565 7664 WbioSrvc - ok
18:52:18.0580 7664 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:52:18.0580 7664 wcncsvc - ok
18:52:18.0596 7664 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:52:18.0596 7664 WcsPlugInService - ok
18:52:18.0611 7664 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:52:18.0611 7664 Wd - ok
18:52:18.0627 7664 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:52:18.0627 7664 Wdf01000 - ok
18:52:18.0627 7664 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:52:18.0643 7664 WdiServiceHost - ok
18:52:18.0643 7664 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:52:18.0643 7664 WdiSystemHost - ok
18:52:18.0658 7664 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
18:52:18.0658 7664 WebClient - ok
18:52:18.0674 7664 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:52:18.0674 7664 Wecsvc - ok
18:52:18.0689 7664 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:52:18.0689 7664 wercplsupport - ok
18:52:18.0705 7664 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:52:18.0705 7664 WerSvc - ok
18:52:18.0736 7664 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:52:18.0736 7664 WfpLwf - ok
18:52:18.0736 7664 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:52:18.0736 7664 WIMMount - ok
18:52:18.0783 7664 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:52:18.0799 7664 WinDefend - ok
18:52:18.0814 7664 WinHttpAutoProxySvc - ok
18:52:18.0861 7664 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:52:18.0861 7664 Winmgmt - ok
18:52:18.0892 7664 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
18:52:18.0923 7664 WinRM - ok
18:52:18.0970 7664 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:52:18.0986 7664 Wlansvc - ok
18:52:19.0001 7664 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:52:19.0001 7664 WmiAcpi - ok
18:52:19.0017 7664 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:52:19.0033 7664 wmiApSrv - ok
18:52:19.0064 7664 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:52:19.0079 7664 WMPNetworkSvc - ok
18:52:19.0095 7664 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:52:19.0095 7664 WPCSvc - ok
18:52:19.0111 7664 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:52:19.0111 7664 WPDBusEnum - ok
18:52:19.0111 7664 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:52:19.0111 7664 ws2ifsl - ok
18:52:19.0126 7664 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:52:19.0126 7664 wscsvc - ok
18:52:19.0142 7664 WSearch - ok
18:52:19.0189 7664 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:52:19.0204 7664 wuauserv - ok
18:52:19.0220 7664 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:52:19.0220 7664 WudfPf - ok
18:52:19.0235 7664 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:52:19.0235 7664 wudfsvc - ok
18:52:19.0251 7664 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:52:19.0251 7664 WwanSvc - ok
18:52:19.0267 7664 ================ Scan global ===============================
18:52:19.0298 7664 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
18:52:19.0313 7664 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
18:52:19.0329 7664 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
18:52:19.0345 7664 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:52:19.0376 7664 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:52:19.0376 7664 [Global] - ok
18:52:19.0376 7664 ================ Scan MBR ==================================
18:52:19.0391 7664 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
18:52:19.0391 7664 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:52:19.0454 7664 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:52:19.0454 7664 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:52:19.0454 7664 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:52:19.0454 7664 \Device\Harddisk1\DR1 - ok
18:52:19.0469 7664 ================ Scan VBR ==================================
18:52:19.0469 7664 [ 47276C0556ABA56A3A3C1A7B93DF7DF7 ] \Device\Harddisk0\DR0\Partition1
18:52:19.0469 7664 \Device\Harddisk0\DR0\Partition1 - ok
18:52:19.0485 7664 [ 301756E790D1D60619654DED9516C0F3 ] \Device\Harddisk0\DR0\Partition2
18:52:19.0485 7664 \Device\Harddisk0\DR0\Partition2 - ok
18:52:19.0485 7664 [ 5FBF1EDF8B54EEF8AE9A362CD57EF788 ] \Device\Harddisk1\DR1\Partition1
18:52:19.0485 7664 \Device\Harddisk1\DR1\Partition1 - ok
18:52:19.0485 7664 ============================================================
18:52:19.0485 7664 Scan finished
18:52:19.0485 7664 ============================================================
18:52:19.0485 7696 Detected object count: 1
18:52:19.0485 7696 Actual detected object count: 1
18:53:02.0915 7696 \Device\Harddisk0\DR0\# - copied to quarantine
18:53:02.0915 7696 \Device\Harddisk0\DR0 - copied to quarantine
18:53:02.0931 7696 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:53:02.0947 7696 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:53:02.0947 7696 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:53:02.0962 7696 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:53:02.0978 7696 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:53:02.0978 7696 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:53:02.0978 7696 \Device\Harddisk0\DR0 - ok
18:53:02.0993 7696 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
18:53:25.0894 2628 Deinitialize success

#6 brucewig

brucewig
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 10 October 2012 - 04:32 PM

Hi,

I wasn't sure if I should proceed after the above run of TDSSkiller--I was waiting for your response before I continued. I thought maybe you were away for the holiday weekend, so I waited.

Anyway, today I ran the programs. I ran TDSSkiller, and when I got to the select action, I was still not exactly sure what to do. You had said:

"select DELETE for this: 15:53:03.0271 1016 \Device\Harddisk0\DR0 ( TDSS File System ) - User action: Skip"

After the scan, there were two threats detected:

Rootkit.Boot.Pihar.c
Physical drive: \Device\Harddisk0\DR0
Malware object, high risk

TDSS File System
Physical drive: \Device\Harddisk0\DR0
Suspicious object: medium risk

The options for the first threat were Skip, Copy to quarantine, Cure, and Restore. There was no delete option, so I took "Cure," which was the default given.

for the second threat, I was able to Skip, Copy to quarantine, and Delete. I chose Delete.

When I ran Adware Cleaner, the program automatically rebooted the computer. This was the first reboot of the computer since I discovered the virus. After the reboot, I got an error message saying:

"There was a problem starting C:\Users\Bruce\AppData\Local\Microsoft Help\Microsoft\ymcepf.dll The specified module could not be found"

Also, after the reboot, my Internet Explorer home page was changed to the Google website.

Here are the log files from all the programs

-------------------------------
TDSSkiller
-------------------------------
15:34:58.0670 3152 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:34:58.0888 3152 ============================================================
15:34:58.0888 3152 Current date / time: 2012/10/10 15:34:58.0888
15:34:58.0888 3152 SystemInfo:
15:34:58.0888 3152
15:34:58.0888 3152 OS Version: 6.1.7600 ServicePack: 0.0
15:34:58.0888 3152 Product type: Workstation
15:34:58.0888 3152 ComputerName: BRUCE-PC
15:34:58.0888 3152 UserName: Bruce
15:34:58.0888 3152 Windows directory: C:\Windows
15:34:58.0888 3152 System windows directory: C:\Windows
15:34:58.0888 3152 Processor architecture: Intel x86
15:34:58.0888 3152 Number of processors: 2
15:34:58.0888 3152 Page size: 0x1000
15:34:58.0888 3152 Boot type: Normal boot
15:34:58.0888 3152 ============================================================
15:34:59.0044 3152 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:34:59.0044 3152 Drive \Device\Harddisk1\DR1 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:34:59.0060 3152 ============================================================
15:34:59.0060 3152 \Device\Harddisk0\DR0:
15:34:59.0060 3152 MBR partitions:
15:34:59.0060 3152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
15:34:59.0060 3152 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
15:34:59.0060 3152 \Device\Harddisk1\DR1:
15:34:59.0060 3152 MBR partitions:
15:34:59.0060 3152 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x17BD5299
15:34:59.0060 3152 ============================================================
15:34:59.0076 3152 C: <-> \Device\Harddisk0\DR0\Partition2
15:34:59.0091 3152 E: <-> \Device\Harddisk1\DR1\Partition1
15:34:59.0091 3152 ============================================================
15:34:59.0091 3152 Initialize success
15:34:59.0091 3152 ============================================================
15:36:03.0301 5624 ============================================================
15:36:03.0301 5624 Scan started
15:36:03.0301 5624 Mode: Manual; TDLFS;
15:36:03.0301 5624 ============================================================
15:36:03.0800 5624 ================ Scan system memory ========================
15:36:03.0800 5624 System memory - ok
15:36:03.0800 5624 ================ Scan services =============================
15:36:03.0941 5624 [ 2A8681AEA24003040CA7D677BE9F1702 ] 03503958 C:\Windows\system32\drivers\22967893.sys
15:36:03.0972 5624 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:36:03.0972 5624 1394ohci - ok
15:36:04.0019 5624 [ 2A8681AEA24003040CA7D677BE9F1702 ] 64871382 C:\Windows\system32\drivers\93908746.sys
15:36:04.0034 5624 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:36:04.0034 5624 ACPI - ok
15:36:04.0050 5624 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:36:04.0065 5624 AcpiPmi - ok
15:36:04.0112 5624 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:04.0112 5624 AdobeARMservice - ok
15:36:04.0143 5624 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:36:04.0143 5624 adp94xx - ok
15:36:04.0159 5624 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:36:04.0175 5624 adpahci - ok
15:36:04.0190 5624 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:36:04.0190 5624 adpu320 - ok
15:36:04.0206 5624 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:36:04.0206 5624 AeLookupSvc - ok
15:36:04.0237 5624 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
15:36:04.0253 5624 AFD - ok
15:36:04.0253 5624 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:36:04.0268 5624 agp440 - ok
15:36:04.0284 5624 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:36:04.0284 5624 aic78xx - ok
15:36:04.0315 5624 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:36:04.0315 5624 ALG - ok
15:36:04.0315 5624 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:36:04.0315 5624 aliide - ok
15:36:04.0331 5624 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
15:36:04.0331 5624 amdagp - ok
15:36:04.0331 5624 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:36:04.0331 5624 amdide - ok
15:36:04.0346 5624 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:36:04.0346 5624 AmdK8 - ok
15:36:04.0346 5624 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:36:04.0346 5624 AmdPPM - ok
15:36:04.0346 5624 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:36:04.0346 5624 amdsata - ok
15:36:04.0362 5624 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:36:04.0362 5624 amdsbs - ok
15:36:04.0377 5624 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:36:04.0377 5624 amdxata - ok
15:36:04.0393 5624 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
15:36:04.0393 5624 AppID - ok
15:36:04.0409 5624 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:36:04.0409 5624 AppIDSvc - ok
15:36:04.0409 5624 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
15:36:04.0409 5624 Appinfo - ok
15:36:04.0440 5624 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:36:04.0440 5624 AppMgmt - ok
15:36:04.0455 5624 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:36:04.0455 5624 arc - ok
15:36:04.0471 5624 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:36:04.0471 5624 arcsas - ok
15:36:04.0487 5624 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:04.0487 5624 AsyncMac - ok
15:36:04.0502 5624 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:36:04.0502 5624 atapi - ok
15:36:04.0549 5624 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:04.0549 5624 AudioEndpointBuilder - ok
15:36:04.0565 5624 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:36:04.0565 5624 Audiosrv - ok
15:36:04.0580 5624 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:36:04.0580 5624 AxInstSV - ok
15:36:04.0596 5624 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:36:04.0596 5624 b06bdrv - ok
15:36:04.0627 5624 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:36:04.0627 5624 b57nd60x - ok
15:36:04.0643 5624 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:36:04.0643 5624 BDESVC - ok
15:36:04.0643 5624 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:36:04.0643 5624 Beep - ok
15:36:04.0689 5624 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
15:36:04.0689 5624 BFE - ok
15:36:04.0721 5624 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
15:36:04.0736 5624 BITS - ok
15:36:04.0767 5624 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:04.0767 5624 blbdrive - ok
15:36:04.0783 5624 [ D2F8D15F4852920E1F6B769E982414AD ] Blfp C:\Windows\system32\DRIVERS\basp.sys
15:36:04.0799 5624 Blfp - ok
15:36:04.0814 5624 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:36:04.0814 5624 bowser - ok
15:36:04.0830 5624 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:36:04.0830 5624 BrFiltLo - ok
15:36:04.0845 5624 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:36:04.0845 5624 BrFiltUp - ok
15:36:04.0861 5624 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
15:36:04.0861 5624 Browser - ok
15:36:04.0877 5624 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:36:04.0877 5624 Brserid - ok
15:36:04.0892 5624 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:04.0892 5624 BrSerWdm - ok
15:36:04.0908 5624 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:04.0908 5624 BrUsbMdm - ok
15:36:04.0908 5624 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:04.0908 5624 BrUsbSer - ok
15:36:04.0923 5624 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:36:04.0939 5624 BTHMODEM - ok
15:36:04.0970 5624 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:36:04.0970 5624 bthserv - ok
15:36:04.0970 5624 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:36:04.0970 5624 cdfs - ok
15:36:05.0001 5624 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:36:05.0001 5624 cdrom - ok
15:36:05.0033 5624 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
15:36:05.0033 5624 CertPropSvc - ok
15:36:05.0048 5624 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:36:05.0048 5624 circlass - ok
15:36:05.0064 5624 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:36:05.0064 5624 CLFS - ok
15:36:05.0126 5624 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:05.0142 5624 clr_optimization_v2.0.50727_32 - ok
15:36:05.0142 5624 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:36:05.0142 5624 CmBatt - ok
15:36:05.0157 5624 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:36:05.0157 5624 cmdide - ok
15:36:05.0173 5624 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
15:36:05.0173 5624 CNG - ok
15:36:05.0189 5624 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:36:05.0189 5624 Compbatt - ok
15:36:05.0204 5624 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:36:05.0204 5624 CompositeBus - ok
15:36:05.0220 5624 COMSysApp - ok
15:36:05.0220 5624 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:36:05.0220 5624 crcdisk - ok
15:36:05.0251 5624 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:36:05.0251 5624 CryptSvc - ok
15:36:05.0267 5624 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
15:36:05.0282 5624 CSC - ok
15:36:05.0298 5624 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
15:36:05.0298 5624 CscService - ok
15:36:05.0313 5624 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
15:36:05.0313 5624 DcomLaunch - ok
15:36:05.0345 5624 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:36:05.0345 5624 defragsvc - ok
15:36:05.0376 5624 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:36:05.0376 5624 DfsC - ok
15:36:05.0391 5624 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:36:05.0391 5624 Dhcp - ok
15:36:05.0391 5624 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:36:05.0391 5624 discache - ok
15:36:05.0438 5624 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:36:05.0438 5624 Disk - ok
15:36:05.0454 5624 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:36:05.0454 5624 Dnscache - ok
15:36:05.0485 5624 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
15:36:05.0485 5624 dot3svc - ok
15:36:05.0485 5624 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
15:36:05.0501 5624 DPS - ok
15:36:05.0532 5624 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:36:05.0532 5624 drmkaud - ok
15:36:05.0563 5624 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:36:05.0579 5624 DXGKrnl - ok
15:36:05.0610 5624 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:36:05.0610 5624 EapHost - ok
15:36:05.0672 5624 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:36:05.0719 5624 ebdrv - ok
15:36:05.0735 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
15:36:05.0735 5624 EFS - ok
15:36:05.0781 5624 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:36:05.0797 5624 ehRecvr - ok
15:36:05.0797 5624 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:36:05.0813 5624 ehSched - ok
15:36:05.0828 5624 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:36:05.0844 5624 elxstor - ok
15:36:05.0859 5624 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:36:05.0859 5624 ErrDev - ok
15:36:05.0875 5624 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:36:05.0875 5624 EventSystem - ok
15:36:05.0891 5624 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:36:05.0891 5624 exfat - ok
15:36:05.0906 5624 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:36:05.0922 5624 fastfat - ok
15:36:05.0953 5624 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
15:36:05.0953 5624 Fax - ok
15:36:05.0969 5624 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:36:05.0969 5624 fdc - ok
15:36:06.0000 5624 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:36:06.0000 5624 fdPHost - ok
15:36:06.0015 5624 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:36:06.0015 5624 FDResPub - ok
15:36:06.0031 5624 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:36:06.0031 5624 FileInfo - ok
15:36:06.0031 5624 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:36:06.0031 5624 Filetrace - ok
15:36:06.0047 5624 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:36:06.0047 5624 flpydisk - ok
15:36:06.0062 5624 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:36:06.0062 5624 FltMgr - ok
15:36:06.0093 5624 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
15:36:06.0109 5624 FontCache - ok
15:36:06.0140 5624 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:36:06.0140 5624 FontCache3.0.0.0 - ok
15:36:06.0156 5624 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:36:06.0156 5624 FsDepends - ok
15:36:06.0187 5624 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:36:06.0187 5624 Fs_Rec - ok
15:36:06.0203 5624 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:36:06.0203 5624 fvevol - ok
15:36:06.0218 5624 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:36:06.0218 5624 gagp30kx - ok
15:36:06.0249 5624 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
15:36:06.0265 5624 gpsvc - ok
15:36:06.0265 5624 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:36:06.0265 5624 hcw85cir - ok
15:36:06.0296 5624 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:36:06.0296 5624 HDAudBus - ok
15:36:06.0296 5624 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:36:06.0296 5624 HidBatt - ok
15:36:06.0312 5624 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:36:06.0312 5624 HidBth - ok
15:36:06.0343 5624 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:36:06.0343 5624 HidIr - ok
15:36:06.0343 5624 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:36:06.0343 5624 hidserv - ok
15:36:06.0359 5624 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:36:06.0359 5624 HidUsb - ok
15:36:06.0374 5624 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:36:06.0374 5624 hkmsvc - ok
15:36:06.0390 5624 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:06.0405 5624 HomeGroupListener - ok
15:36:06.0437 5624 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:06.0437 5624 HomeGroupProvider - ok
15:36:06.0452 5624 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:36:06.0452 5624 HpSAMD - ok
15:36:06.0483 5624 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:36:06.0483 5624 HTTP - ok
15:36:06.0499 5624 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:36:06.0499 5624 hwpolicy - ok
15:36:06.0515 5624 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:36:06.0515 5624 i8042prt - ok
15:36:06.0530 5624 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:36:06.0530 5624 iaStorV - ok
15:36:06.0577 5624 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:36:06.0593 5624 idsvc - ok
15:36:06.0608 5624 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:36:06.0608 5624 iirsp - ok
15:36:06.0655 5624 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
15:36:06.0671 5624 IKEEXT - ok
15:36:06.0733 5624 [ 53613A3F3EF4E33A640CB3B1CD9BA38B ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
15:36:06.0780 5624 IntcAzAudAddService - ok
15:36:06.0811 5624 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:36:06.0811 5624 intelide - ok
15:36:06.0827 5624 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:36:06.0827 5624 intelppm - ok
15:36:06.0842 5624 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:36:06.0842 5624 IPBusEnum - ok
15:36:06.0858 5624 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:06.0858 5624 IpFilterDriver - ok
15:36:06.0873 5624 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:36:06.0873 5624 iphlpsvc - ok
15:36:06.0889 5624 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:36:06.0889 5624 IPMIDRV - ok
15:36:06.0905 5624 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:36:06.0905 5624 IPNAT - ok
15:36:06.0920 5624 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:36:06.0920 5624 IRENUM - ok
15:36:06.0936 5624 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:36:06.0936 5624 isapnp - ok
15:36:06.0967 5624 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:36:06.0967 5624 iScsiPrt - ok
15:36:06.0998 5624 [ 62632763D9B2B7F92D2968D40406E7AA ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
15:36:06.0998 5624 k57nd60x - ok
15:36:07.0014 5624 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:07.0014 5624 kbdclass - ok
15:36:07.0029 5624 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:07.0029 5624 kbdhid - ok
15:36:07.0045 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
15:36:07.0045 5624 KeyIso - ok
15:36:07.0061 5624 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:36:07.0061 5624 KSecDD - ok
15:36:07.0076 5624 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:36:07.0076 5624 KSecPkg - ok
15:36:07.0107 5624 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:36:07.0107 5624 KtmRm - ok
15:36:07.0123 5624 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
15:36:07.0123 5624 LanmanServer - ok
15:36:07.0154 5624 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:07.0154 5624 LanmanWorkstation - ok
15:36:07.0185 5624 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:36:07.0185 5624 lltdio - ok
15:36:07.0201 5624 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:36:07.0201 5624 lltdsvc - ok
15:36:07.0217 5624 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:36:07.0217 5624 lmhosts - ok
15:36:07.0232 5624 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:36:07.0232 5624 LSI_FC - ok
15:36:07.0248 5624 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:36:07.0248 5624 LSI_SAS - ok
15:36:07.0248 5624 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:36:07.0248 5624 LSI_SAS2 - ok
15:36:07.0263 5624 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:36:07.0263 5624 LSI_SCSI - ok
15:36:07.0279 5624 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:36:07.0279 5624 luafv - ok
15:36:07.0310 5624 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:36:07.0310 5624 Mcx2Svc - ok
15:36:07.0326 5624 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:36:07.0326 5624 megasas - ok
15:36:07.0341 5624 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:36:07.0341 5624 MegaSR - ok
15:36:07.0357 5624 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:36:07.0373 5624 MMCSS - ok
15:36:07.0373 5624 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:36:07.0373 5624 Modem - ok
15:36:07.0388 5624 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:36:07.0388 5624 monitor - ok
15:36:07.0404 5624 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:36:07.0404 5624 mouclass - ok
15:36:07.0419 5624 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:36:07.0419 5624 mouhid - ok
15:36:07.0419 5624 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:36:07.0419 5624 mountmgr - ok
15:36:07.0435 5624 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:36:07.0435 5624 mpio - ok
15:36:07.0435 5624 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:36:07.0435 5624 mpsdrv - ok
15:36:07.0451 5624 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
15:36:07.0466 5624 MpsSvc - ok
15:36:07.0482 5624 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:36:07.0482 5624 MRxDAV - ok
15:36:07.0529 5624 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:07.0529 5624 mrxsmb - ok
15:36:07.0560 5624 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:07.0560 5624 mrxsmb10 - ok
15:36:07.0560 5624 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:07.0560 5624 mrxsmb20 - ok
15:36:07.0591 5624 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:36:07.0591 5624 msahci - ok
15:36:07.0607 5624 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:36:07.0607 5624 msdsm - ok
15:36:07.0622 5624 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:36:07.0622 5624 MSDTC - ok
15:36:07.0622 5624 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:36:07.0622 5624 Msfs - ok
15:36:07.0638 5624 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:36:07.0638 5624 mshidkmdf - ok
15:36:07.0653 5624 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:36:07.0653 5624 msisadrv - ok
15:36:07.0685 5624 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:36:07.0685 5624 MSiSCSI - ok
15:36:07.0685 5624 msiserver - ok
15:36:07.0716 5624 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:36:07.0716 5624 MSKSSRV - ok
15:36:07.0731 5624 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:07.0731 5624 MSPCLOCK - ok
15:36:07.0731 5624 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:36:07.0731 5624 MSPQM - ok
15:36:07.0747 5624 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:36:07.0763 5624 MsRPC - ok
15:36:07.0763 5624 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:36:07.0763 5624 mssmbios - ok
15:36:07.0778 5624 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:36:07.0778 5624 MSTEE - ok
15:36:07.0778 5624 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:36:07.0778 5624 MTConfig - ok
15:36:07.0794 5624 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:36:07.0794 5624 Mup - ok
15:36:07.0825 5624 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
15:36:07.0825 5624 napagent - ok
15:36:07.0856 5624 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:36:07.0856 5624 NativeWifiP - ok
15:36:07.0872 5624 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:36:07.0887 5624 NDIS - ok
15:36:07.0903 5624 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:07.0903 5624 NdisCap - ok
15:36:07.0934 5624 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:07.0934 5624 NdisTapi - ok
15:36:07.0934 5624 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:07.0934 5624 Ndisuio - ok
15:36:07.0950 5624 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:07.0950 5624 NdisWan - ok
15:36:07.0965 5624 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:36:07.0965 5624 NDProxy - ok
15:36:07.0981 5624 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:36:07.0997 5624 NetBIOS - ok
15:36:08.0012 5624 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:36:08.0012 5624 NetBT - ok
15:36:08.0028 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
15:36:08.0028 5624 Netlogon - ok
15:36:08.0075 5624 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:36:08.0075 5624 Netman - ok
15:36:08.0090 5624 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:36:08.0090 5624 netprofm - ok
15:36:08.0121 5624 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:36:08.0121 5624 NetTcpPortSharing - ok
15:36:08.0137 5624 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:36:08.0137 5624 nfrd960 - ok
15:36:08.0153 5624 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
15:36:08.0153 5624 NlaSvc - ok
15:36:08.0168 5624 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:36:08.0168 5624 Npfs - ok
15:36:08.0184 5624 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:36:08.0184 5624 nsi - ok
15:36:08.0199 5624 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:36:08.0199 5624 nsiproxy - ok
15:36:08.0231 5624 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:36:08.0246 5624 Ntfs - ok
15:36:08.0262 5624 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:36:08.0262 5624 Null - ok
15:36:08.0433 5624 [ D9099ED7CF688B131C5B0FCDAE1A48FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:08.0558 5624 nvlddmkm - ok
15:36:08.0589 5624 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:36:08.0589 5624 nvraid - ok
15:36:08.0589 5624 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:36:08.0605 5624 nvstor - ok
15:36:08.0605 5624 [ ABC3DBF9C508F48109782499C3D9DAB5 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:36:08.0621 5624 nvsvc - ok
15:36:08.0636 5624 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:36:08.0636 5624 nv_agp - ok
15:36:08.0699 5624 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:36:08.0699 5624 odserv - ok
15:36:08.0699 5624 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:36:08.0714 5624 ohci1394 - ok
15:36:08.0761 5624 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:08.0761 5624 ose - ok
15:36:08.0792 5624 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:36:08.0792 5624 p2pimsvc - ok
15:36:08.0823 5624 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:36:08.0823 5624 p2psvc - ok
15:36:08.0839 5624 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:36:08.0839 5624 Parport - ok
15:36:08.0870 5624 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:36:08.0870 5624 partmgr - ok
15:36:08.0870 5624 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:36:08.0870 5624 Parvdm - ok
15:36:08.0901 5624 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
15:36:08.0901 5624 PBADRV - ok
15:36:08.0901 5624 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:36:08.0917 5624 PcaSvc - ok
15:36:08.0917 5624 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
15:36:08.0933 5624 pci - ok
15:36:08.0933 5624 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:36:08.0933 5624 pciide - ok
15:36:08.0948 5624 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:36:08.0948 5624 pcmcia - ok
15:36:08.0964 5624 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:36:08.0964 5624 pcw - ok
15:36:08.0979 5624 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:36:08.0995 5624 PEAUTH - ok
15:36:09.0057 5624 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:36:09.0073 5624 PeerDistSvc - ok
15:36:09.0104 5624 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
15:36:09.0135 5624 pla - ok
15:36:09.0167 5624 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:36:09.0167 5624 PlugPlay - ok
15:36:09.0182 5624 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:36:09.0182 5624 PNRPAutoReg - ok
15:36:09.0198 5624 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:36:09.0213 5624 PNRPsvc - ok
15:36:09.0229 5624 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:36:09.0229 5624 PolicyAgent - ok
15:36:09.0260 5624 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
15:36:09.0276 5624 Power - ok
15:36:09.0276 5624 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:36:09.0276 5624 PptpMiniport - ok
15:36:09.0291 5624 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:36:09.0291 5624 Processor - ok
15:36:09.0323 5624 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
15:36:09.0323 5624 ProfSvc - ok
15:36:09.0338 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:09.0338 5624 ProtectedStorage - ok
15:36:09.0354 5624 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:36:09.0354 5624 Psched - ok
15:36:09.0401 5624 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:36:09.0401 5624 PxHelp20 - ok
15:36:09.0432 5624 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:36:09.0463 5624 ql2300 - ok
15:36:09.0479 5624 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:36:09.0479 5624 ql40xx - ok
15:36:09.0494 5624 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:36:09.0494 5624 QWAVE - ok
15:36:09.0510 5624 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:36:09.0510 5624 QWAVEdrv - ok
15:36:09.0510 5624 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:36:09.0510 5624 RasAcd - ok
15:36:09.0541 5624 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:09.0541 5624 RasAgileVpn - ok
15:36:09.0557 5624 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:36:09.0557 5624 RasAuto - ok
15:36:09.0572 5624 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:09.0572 5624 Rasl2tp - ok
15:36:09.0603 5624 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
15:36:09.0603 5624 RasMan - ok
15:36:09.0619 5624 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:09.0619 5624 RasPppoe - ok
15:36:09.0635 5624 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:36:09.0635 5624 RasSstp - ok
15:36:09.0650 5624 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:36:09.0650 5624 rdbss - ok
15:36:09.0666 5624 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:36:09.0666 5624 rdpbus - ok
15:36:09.0666 5624 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:09.0666 5624 RDPCDD - ok
15:36:09.0681 5624 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:36:09.0681 5624 RDPDR - ok
15:36:09.0697 5624 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:36:09.0697 5624 RDPENCDD - ok
15:36:09.0713 5624 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:36:09.0713 5624 RDPREFMP - ok
15:36:09.0728 5624 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:36:09.0728 5624 RDPWD - ok
15:36:09.0744 5624 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:36:09.0744 5624 rdyboost - ok
15:36:09.0775 5624 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:36:09.0775 5624 RemoteAccess - ok
15:36:09.0775 5624 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:36:09.0791 5624 RemoteRegistry - ok
15:36:09.0806 5624 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:36:09.0806 5624 RpcEptMapper - ok
15:36:09.0822 5624 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:36:09.0822 5624 RpcLocator - ok
15:36:09.0837 5624 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
15:36:09.0837 5624 RpcSs - ok
15:36:09.0837 5624 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:36:09.0853 5624 rspndr - ok
15:36:09.0869 5624 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:36:09.0869 5624 s3cap - ok
15:36:09.0884 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
15:36:09.0884 5624 SamSs - ok
15:36:09.0900 5624 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:36:09.0900 5624 sbp2port - ok
15:36:09.0931 5624 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:36:09.0931 5624 SCardSvr - ok
15:36:09.0931 5624 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:36:09.0931 5624 scfilter - ok
15:36:09.0962 5624 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
15:36:09.0978 5624 Schedule - ok
15:36:10.0009 5624 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:36:10.0009 5624 SCPolicySvc - ok
15:36:10.0025 5624 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:36:10.0025 5624 SDRSVC - ok
15:36:10.0087 5624 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:36:10.0087 5624 SeaPort - ok
15:36:10.0118 5624 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:36:10.0118 5624 secdrv - ok
15:36:10.0118 5624 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:36:10.0118 5624 seclogon - ok
15:36:10.0196 5624 [ D7F978C1B6387544FE132EB5B915ED1A ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
15:36:10.0212 5624 SecureStorageService - ok
15:36:10.0227 5624 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:36:10.0243 5624 SENS - ok
15:36:10.0259 5624 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:36:10.0259 5624 SensrSvc - ok
15:36:10.0274 5624 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:36:10.0274 5624 Serenum - ok
15:36:10.0290 5624 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:36:10.0290 5624 Serial - ok
15:36:10.0305 5624 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:36:10.0305 5624 sermouse - ok
15:36:10.0321 5624 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
15:36:10.0337 5624 SessionEnv - ok
15:36:10.0337 5624 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:36:10.0337 5624 sffdisk - ok
15:36:10.0337 5624 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:36:10.0352 5624 sffp_mmc - ok
15:36:10.0352 5624 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:36:10.0352 5624 sffp_sd - ok
15:36:10.0368 5624 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:36:10.0368 5624 sfloppy - ok
15:36:10.0399 5624 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:36:10.0399 5624 SharedAccess - ok
15:36:10.0415 5624 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:10.0415 5624 ShellHWDetection - ok
15:36:10.0430 5624 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
15:36:10.0430 5624 sisagp - ok
15:36:10.0446 5624 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:36:10.0446 5624 SiSRaid2 - ok
15:36:10.0461 5624 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:36:10.0461 5624 SiSRaid4 - ok
15:36:10.0477 5624 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:36:10.0477 5624 Smb - ok
15:36:10.0508 5624 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:36:10.0524 5624 SNMPTRAP - ok
15:36:10.0524 5624 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:36:10.0524 5624 spldr - ok
15:36:10.0571 5624 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
15:36:10.0571 5624 Spooler - ok
15:36:10.0633 5624 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
15:36:10.0680 5624 sppsvc - ok
15:36:10.0695 5624 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:36:10.0695 5624 sppuinotify - ok
15:36:10.0711 5624 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:36:10.0711 5624 srv - ok
15:36:10.0742 5624 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:36:10.0742 5624 srv2 - ok
15:36:10.0773 5624 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:36:10.0773 5624 srvnet - ok
15:36:10.0805 5624 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:36:10.0805 5624 SSDPSRV - ok
15:36:10.0820 5624 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:36:10.0820 5624 SstpSvc - ok
15:36:10.0836 5624 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:36:10.0836 5624 stexstor - ok
15:36:10.0851 5624 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
15:36:10.0883 5624 StiSvc - ok
15:36:10.0914 5624 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:36:10.0914 5624 stllssvr - ok
15:36:10.0945 5624 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:36:10.0945 5624 storflt - ok
15:36:10.0961 5624 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:36:10.0961 5624 StorSvc - ok
15:36:10.0976 5624 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:36:10.0976 5624 storvsc - ok
15:36:10.0992 5624 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:36:10.0992 5624 swenum - ok
15:36:11.0007 5624 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:36:11.0023 5624 swprv - ok
15:36:11.0039 5624 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
15:36:11.0070 5624 SysMain - ok
15:36:11.0085 5624 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:11.0101 5624 TabletInputService - ok
15:36:11.0101 5624 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
15:36:11.0101 5624 TapiSrv - ok
15:36:11.0117 5624 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:36:11.0117 5624 TBS - ok
15:36:11.0163 5624 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:36:11.0195 5624 Tcpip - ok
15:36:11.0210 5624 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:36:11.0226 5624 TCPIP6 - ok
15:36:11.0226 5624 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:36:11.0226 5624 tcpipreg - ok
15:36:11.0288 5624 [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
15:36:11.0304 5624 tcsd_win32.exe - ok
15:36:11.0366 5624 [ A62F1DE032E59C4BB35557A2219CB160 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
15:36:11.0397 5624 TdmService - ok
15:36:11.0429 5624 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:36:11.0429 5624 TDPIPE - ok
15:36:11.0444 5624 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:36:11.0444 5624 TDTCP - ok
15:36:11.0460 5624 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:36:11.0460 5624 tdx - ok
15:36:11.0475 5624 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:36:11.0475 5624 TermDD - ok
15:36:11.0491 5624 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
15:36:11.0507 5624 TermService - ok
15:36:11.0507 5624 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:36:11.0507 5624 Themes - ok
15:36:11.0522 5624 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:36:11.0522 5624 THREADORDER - ok
15:36:11.0553 5624 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:36:11.0553 5624 TrkWks - ok
15:36:11.0600 5624 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:11.0600 5624 TrustedInstaller - ok
15:36:11.0616 5624 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:11.0616 5624 tssecsrv - ok
15:36:11.0631 5624 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:36:11.0647 5624 tunnel - ok
15:36:11.0694 5624 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:36:11.0694 5624 uagp35 - ok
15:36:11.0709 5624 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:36:11.0709 5624 udfs - ok
15:36:11.0725 5624 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:36:11.0725 5624 UI0Detect - ok
15:36:11.0741 5624 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:36:11.0741 5624 uliagpkx - ok
15:36:11.0756 5624 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:36:11.0756 5624 umbus - ok
15:36:11.0772 5624 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:36:11.0772 5624 UmPass - ok
15:36:11.0803 5624 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:36:11.0803 5624 UmRdpService - ok
15:36:11.0834 5624 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:36:11.0834 5624 upnphost - ok
15:36:11.0850 5624 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:11.0850 5624 usbccgp - ok
15:36:11.0850 5624 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:36:11.0865 5624 usbcir - ok
15:36:11.0865 5624 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:36:11.0865 5624 usbehci - ok
15:36:11.0881 5624 [ 0DB84EDA895894BA222E27ACF597C806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:36:11.0897 5624 usbhub - ok
15:36:11.0912 5624 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:36:11.0912 5624 usbohci - ok
15:36:11.0928 5624 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:36:11.0928 5624 usbprint - ok
15:36:11.0943 5624 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:11.0943 5624 USBSTOR - ok
15:36:11.0959 5624 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:36:11.0959 5624 usbuhci - ok
15:36:11.0975 5624 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:36:11.0975 5624 UxSms - ok
15:36:11.0990 5624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
15:36:11.0990 5624 VaultSvc - ok
15:36:12.0021 5624 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:36:12.0021 5624 vdrvroot - ok
15:36:12.0021 5624 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
15:36:12.0053 5624 vds - ok
15:36:12.0068 5624 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:12.0068 5624 vga - ok
15:36:12.0068 5624 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:36:12.0068 5624 VgaSave - ok
15:36:12.0099 5624 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:36:12.0115 5624 vhdmp - ok
15:36:12.0115 5624 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
15:36:12.0115 5624 viaagp - ok
15:36:12.0131 5624 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:36:12.0131 5624 ViaC7 - ok
15:36:12.0146 5624 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:36:12.0146 5624 viaide - ok
15:36:12.0162 5624 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:36:12.0177 5624 vmbus - ok
15:36:12.0177 5624 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:36:12.0193 5624 VMBusHID - ok
15:36:12.0193 5624 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:36:12.0193 5624 volmgr - ok
15:36:12.0209 5624 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:36:12.0209 5624 volmgrx - ok
15:36:12.0240 5624 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:36:12.0240 5624 volsnap - ok
15:36:12.0255 5624 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:36:12.0255 5624 vsmraid - ok
15:36:12.0287 5624 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
15:36:12.0318 5624 VSS - ok
15:36:12.0318 5624 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:36:12.0318 5624 vwifibus - ok
15:36:12.0333 5624 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:36:12.0349 5624 W32Time - ok
15:36:12.0349 5624 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:36:12.0349 5624 WacomPen - ok
15:36:12.0365 5624 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:36:12.0365 5624 WANARP - ok
15:36:12.0380 5624 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:36:12.0380 5624 Wanarpv6 - ok
15:36:12.0427 5624 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:36:12.0458 5624 WatAdminSvc - ok
15:36:12.0474 5624 [ 4011D285C449DD833040045CB0F0E3FE ] WavxDMgr C:\Windows\system32\DRIVERS\WavxDMgr.sys
15:36:12.0489 5624 WavxDMgr - ok
15:36:12.0505 5624 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
15:36:12.0536 5624 wbengine - ok
15:36:12.0552 5624 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:36:12.0552 5624 WbioSrvc - ok
15:36:12.0567 5624 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:36:12.0567 5624 wcncsvc - ok
15:36:12.0567 5624 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:36:12.0583 5624 WcsPlugInService - ok
15:36:12.0583 5624 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:36:12.0599 5624 Wd - ok
15:36:12.0614 5624 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:36:12.0614 5624 Wdf01000 - ok
15:36:12.0630 5624 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:36:12.0630 5624 WdiServiceHost - ok
15:36:12.0630 5624 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:36:12.0630 5624 WdiSystemHost - ok
15:36:12.0645 5624 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
15:36:12.0661 5624 WebClient - ok
15:36:12.0677 5624 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:36:12.0677 5624 Wecsvc - ok
15:36:12.0677 5624 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:36:12.0692 5624 wercplsupport - ok
15:36:12.0708 5624 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:36:12.0708 5624 WerSvc - ok
15:36:12.0723 5624 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:36:12.0723 5624 WfpLwf - ok
15:36:12.0755 5624 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:36:12.0755 5624 WIMMount - ok
15:36:12.0801 5624 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:36:12.0817 5624 WinDefend - ok
15:36:12.0817 5624 WinHttpAutoProxySvc - ok
15:36:12.0864 5624 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:36:12.0864 5624 Winmgmt - ok
15:36:12.0911 5624 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
15:36:12.0926 5624 WinRM - ok
15:36:12.0973 5624 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:36:12.0989 5624 Wlansvc - ok
15:36:12.0989 5624 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:36:13.0004 5624 WmiAcpi - ok
15:36:13.0020 5624 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:36:13.0020 5624 wmiApSrv - ok
15:36:13.0067 5624 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:36:13.0067 5624 WMPNetworkSvc - ok
15:36:13.0082 5624 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:36:13.0082 5624 WPCSvc - ok
15:36:13.0098 5624 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:36:13.0113 5624 WPDBusEnum - ok
15:36:13.0129 5624 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:36:13.0129 5624 ws2ifsl - ok
15:36:13.0145 5624 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:36:13.0145 5624 wscsvc - ok
15:36:13.0145 5624 WSearch - ok
15:36:13.0191 5624 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:36:13.0223 5624 wuauserv - ok
15:36:13.0238 5624 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:36:13.0238 5624 WudfPf - ok
15:36:13.0269 5624 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:36:13.0269 5624 wudfsvc - ok
15:36:13.0285 5624 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:36:13.0285 5624 WwanSvc - ok
15:36:13.0301 5624 ================ Scan global ===============================
15:36:13.0316 5624 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
15:36:13.0347 5624 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
15:36:13.0363 5624 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
15:36:13.0379 5624 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:36:13.0410 5624 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:36:13.0410 5624 [Global] - ok
15:36:13.0410 5624 ================ Scan MBR ==================================
15:36:13.0410 5624 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
15:36:13.0410 5624 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:36:13.0472 5624 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:36:13.0472 5624 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:36:13.0519 5624 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:36:13.0519 5624 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:36:13.0519 5624 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:36:13.0644 5624 \Device\Harddisk1\DR1 - ok
15:36:13.0644 5624 ================ Scan VBR ==================================
15:36:13.0659 5624 [ 47276C0556ABA56A3A3C1A7B93DF7DF7 ] \Device\Harddisk0\DR0\Partition1
15:36:13.0659 5624 \Device\Harddisk0\DR0\Partition1 - ok
15:36:13.0691 5624 [ 301756E790D1D60619654DED9516C0F3 ] \Device\Harddisk0\DR0\Partition2
15:36:13.0691 5624 \Device\Harddisk0\DR0\Partition2 - ok
15:36:13.0691 5624 [ 6EF068B71FA6D09A7B2C58A45DD4C44B ] \Device\Harddisk1\DR1\Partition1
15:36:13.0691 5624 \Device\Harddisk1\DR1\Partition1 - ok
15:36:13.0691 5624 ============================================================
15:36:13.0691 5624 Scan finished
15:36:13.0691 5624 ============================================================
15:36:13.0691 6220 Detected object count: 2
15:36:13.0691 6220 Actual detected object count: 2
15:49:09.0500 6220 \Device\Harddisk0\DR0\# - copied to quarantine
15:49:09.0500 6220 \Device\Harddisk0\DR0 - copied to quarantine
15:49:09.0516 6220 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:49:09.0531 6220 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:49:09.0531 6220 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:49:09.0547 6220 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:49:09.0562 6220 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
15:49:09.0562 6220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
15:49:09.0562 6220 \Device\Harddisk0\DR0 - ok
15:49:09.0562 6220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
15:49:09.0578 6220 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:49:09.0578 6220 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:49:09.0578 6220 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:49:09.0594 6220 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:49:09.0594 6220 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:49:09.0594 6220 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:49:09.0594 6220 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:49:09.0594 6220 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
15:49:09.0609 6220 \Device\Harddisk0\DR0\TDLFS - deleted
15:49:09.0609 6220 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
15:49:22.0479 7612 Deinitialize success


----------------
Malwarebytes
----------------
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.09

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Bruce :: BRUCE-PC [administrator]

10/10/2012 3:56:02 PM
mbam-log-2012-10-10 (15-56-02).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 366648
Time elapsed: 36 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\Bruce\AppData\Local\Temp\NOD2ED0.tmp (Trojan.Agent.MRGGen) -> Delete on reboot.
C:\Users\Bruce\AppData\Local\Temp\NOD2F7D.tmp (Trojan.Labedo) -> Delete on reboot.
C:\TDSSKiller_Quarantine\05.10.2012_18.52.02\mbr0000\tdlfs0000\tsk0003.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\10.10.2012_15.34.58\mbr0000\tdlfs0000\tsk0003.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\10.10.2012_15.34.58\tdlfs0000\tsk0003.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.

(end)


------------------------
Mini Toolbox
------------------------
MiniToolBox by Farbar Version: 23-07-2012
Ran by Bruce (administrator) on 10-10-2012 at 16:38:19
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bruce-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-25-64-C4-84-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8881:5ef9:9b07:a807%11(Preferred)
IPv4 Address. . . . . . . . . . . : 68.199.9.83(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Lease Obtained. . . . . . . . . . : Wednesday, October 10, 2012 3:33:47 PM
Lease Expires . . . . . . . . . . : Wednesday, October 10, 2012 9:33:47 PM
Default Gateway . . . . . . . . . : 68.199.8.1
DHCP Server . . . . . . . . . . . : 167.206.195.24
DHCPv6 IAID . . . . . . . . . . . : 234890596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-22-09-B9-00-25-64-C4-84-80
DNS Servers . . . . . . . . . . . : 167.206.245.129
167.206.245.130
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{613AD6BB-F17D-466E-A0CC-942107A53BD6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vdns1.srv.prnynj.cv.net
Address: 167.206.245.129

Name: google.com
Addresses: 2607:f8b0:4006:801::1000
74.125.226.199
74.125.226.193
74.125.226.196
74.125.226.201
74.125.226.200
74.125.226.195
74.125.226.197
74.125.226.194
74.125.226.206
74.125.226.192
74.125.226.198


Pinging google.com [74.125.226.238] with 32 bytes of data:
Reply from 74.125.226.238: bytes=32 time=9ms TTL=56
Reply from 74.125.226.238: bytes=32 time=11ms TTL=56

Ping statistics for 74.125.226.238:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 11ms, Average = 10ms
Server: vdns1.srv.prnynj.cv.net
Address: 167.206.245.129

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=146ms TTL=53
Reply from 98.139.183.24: bytes=32 time=91ms TTL=53

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 146ms, Average = 118ms
Server: vdns1.srv.prnynj.cv.net
Address: 167.206.245.129

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 25 64 c4 84 80 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 68.199.8.1 68.199.9.83 20
68.199.8.0 255.255.248.0 On-link 68.199.9.83 276
68.199.9.83 255.255.255.255 On-link 68.199.9.83 276
68.199.15.255 255.255.255.255 On-link 68.199.9.83 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 68.199.9.83 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 68.199.9.83 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::8881:5ef9:9b07:a807/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/05/2012 09:54:18 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ae8

Start Time: 01cda33f9b15f569

Termination Time: 31

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/04/2012 00:34:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: MSHTML.dll, version: 9.0.8112.16448, time stamp: 0x4fecfb0e
Exception code: 0xc0000005
Fault offset: 0x001d9b56
Faulting process id: 0x85c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 00:18:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x1e40
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 00:15:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x804
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 01:32:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0xde0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 01:24:27 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x1278
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 01:18:25 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 72c

Start Time: 01cd9890177aab17

Termination Time: 24

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: e895fab0-0de2-11e2-8e32-002564c48480

Error: (10/04/2012 00:58:17 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x128c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 00:57:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x630
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/04/2012 00:55:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x1454
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (10/04/2012 00:36:25 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 8 time(s).

Error: (10/04/2012 00:18:49 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 7 time(s).

Error: (10/04/2012 00:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 6 time(s).

Error: (10/04/2012 01:32:05 AM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 5 time(s).

Error: (10/04/2012 01:32:05 AM) (Source: Service Control Manager) (User: )
Description: The Application Experience service terminated unexpectedly. It has done this 3 time(s).

Error: (10/04/2012 01:24:33 AM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 4 time(s).

Error: (10/04/2012 01:24:33 AM) (Source: Service Control Manager) (User: )
Description: The Application Experience service failed to start due to the following error:
%%109

Error: (10/04/2012 01:02:29 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:
%%1056

Error: (10/04/2012 00:58:23 AM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 3 time(s).

Error: (10/04/2012 00:57:29 AM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader X (10.1.0) (Version: 10.1.0)
BioAPI Framework (Version: 1.0.1)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 12.25.02)
DCP32MMWrapper (Version: 1.6.334.60)
Dell Backup and Recovery Manager (Version: 1.2.1)
Dell Control Point (Version: 1.6.334.60)
Dell ControlPoint Security Manager (Version: 1.6.334.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Embassy Trust Suite by Wave Systems (Version: 03.04.00.063)
Dell Security Device Driver Pack (Version: 1.3.039)
Document Manager Lite (Version: 06.09.00.121)
EMBASSY Security Center (Version: 03.09.00.092)
EMBASSY Security Setup (Version: 03.09.00.102)
ESC Home Page Plugin (Version: 03.04.00.029)
ESET Online Scanner v3
FileZilla Client 3.5.3 (Version: 3.5.3)
Gemalto (Version: 01.01.00.0000)
Google Chrome (Version: 21.0.1180.89)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 17 (Version: 6.0.170)
Java™ 7 Update 3 (Version: 7.0.30)
Java™ SE Development Kit 7 Update 3 (Version: 1.7.0.30)
JavaFX 2.0.3 (Version: 2.0.3)
JavaFX 2.0.3 SDK (Version: 2.0.3)
Junk Mail filter update (Version: 14.0.8089.726)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office SharePoint Designer 2007 (Version: 12.0.6215.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1)
Microsoft Office SharePoint Designer MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTRU TCG Software Stack (Version: 2.1.29)
NVIDIA Drivers (Version: 1.4)
PowerDVD DX (Version: 8.3.5424)
Preboot Manager (Version: 02.09.00.071)
Private Information Manager (Version: 06.04.00.047)
Realtek High Definition Audio Driver (Version: 6.0.1.5871)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Security Wizards (Version: 01.07.00.016)
SO32MMWrapper (Version: 1.6.334.60)
SweetPacks Toolbar for Internet Explorer 4.4 (Version: 4.4.0001)
Trusted Drive Manager (Version: 3.1.0.116)
UPEK TouchChip Fingerprint Reader (Version: 1.1.0)
Wave Infrastructure Installer (Version: 07.00.21.0000)
Wave Support Software (Version: 05.10.00.046)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3325.65 MB
Available physical RAM: 1874.61 MB
Total Pagefile: 6649.57 MB
Available Pagefile: 5029.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:248.18 GB) NTFS
3 Drive e: () (Fixed) (Total:189.87 GB) (Free:32.99 GB) FAT32

========================= Users: ========================================

User accounts for \\BRUCE-PC

Administrator Bruce Guest

========================= Restore Points ==================================

17-08-2012 21:05:47 Windows Update
21-08-2012 20:00:54 Windows Update
21-08-2012 22:00:10 Windows Update
28-08-2012 07:48:53 Windows Update
31-08-2012 16:52:30 Windows Update
04-09-2012 19:44:32 Windows Update
07-09-2012 21:48:50 Windows Update
11-09-2012 05:47:56 Windows Update
14-09-2012 09:02:46 Windows Update
18-09-2012 15:55:19 Windows Update
18-09-2012 22:00:10 Windows Update

**** End of log ****


----------------------
FSS
----------------------
Farbar Service Scanner Version: 07-10-2012
Ran by Bruce (administrator) on 10-10-2012 at 16:41:26
Running from "C:\"
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-11 16:10] - [2012-03-30 06:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2011-07-18 01:57] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-07-10 16:43] - [2012-04-24 00:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


-------------------------------
Adware Cleaner
-------------------------------
# AdwCleaner v2.004 - Logfile created 10/10/2012 at 16:45:08
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Bruce - BRUCE-PC
# Boot Mode : Normal
# Running from : C:\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\SweetIM

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=4.0002002 --> hxxp://www.google.com

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://home.sweetim.com/?crg=4.0002002&barid={E984C565-7229-11E1-8984-002564C48480}",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=4.0002002&barid={E984C565-7229-11E1-8984-002564C48480}" ]
Deleted [l.39] : keyword = "search.sweetim.com",
Deleted [l.42] : search_url = "hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0002002&barid={E984C565-7229-11E1-8984-002564C48480}",
Deleted [l.1248] : homepage = "hxxp://home.sweetim.com/?crg=4.0002002&barid={E984C565-7229-11E1-8984-002564C48480}",
Deleted [l.1428] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=4.0002002&barid={E984C565-7229-11E1-8984-002564C48480}" ]

*************************

AdwCleaner[S1].txt - [4459 octets] - [10/10/2012 16:45:08]

########## EOF - C:\AdwCleaner[S1].txt - [4519 octets] ##########


-------------------------------
junkware removal tool
-------------------------------
Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.0 (10.10.2012)
OS: Windows 7 Professional x86
Ran by Bruce on Wed 10/10/2012 at 16:58:41.48
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\sweetim"



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/10/2012 at 17:01:55.46
End of Report

--------------------

Thanks again for your help!

Edited by brucewig, 10 October 2012 - 04:35 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:52 PM

Posted 10 October 2012 - 04:50 PM

Run TDSSkiller and malwarebytes again and post the new logs

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 brucewig

brucewig
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 10 October 2012 - 06:09 PM

Hi, here are the results;

----------
TDSSkiller
----------
18:13:02.0296 3564 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:13:02.0545 3564 ============================================================
18:13:02.0545 3564 Current date / time: 2012/10/10 18:13:02.0545
18:13:02.0545 3564 SystemInfo:
18:13:02.0545 3564
18:13:02.0545 3564 OS Version: 6.1.7600 ServicePack: 0.0
18:13:02.0545 3564 Product type: Workstation
18:13:02.0545 3564 ComputerName: BRUCE-PC
18:13:02.0545 3564 UserName: Bruce
18:13:02.0545 3564 Windows directory: C:\Windows
18:13:02.0545 3564 System windows directory: C:\Windows
18:13:02.0545 3564 Processor architecture: Intel x86
18:13:02.0545 3564 Number of processors: 2
18:13:02.0545 3564 Page size: 0x1000
18:13:02.0545 3564 Boot type: Normal boot
18:13:02.0545 3564 ============================================================
18:13:03.0216 3564 BG loaded
18:13:03.0450 3564 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:13:03.0450 3564 Drive \Device\Harddisk1\DR1 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:13:03.0466 3564 ============================================================
18:13:03.0466 3564 \Device\Harddisk0\DR0:
18:13:03.0466 3564 MBR partitions:
18:13:03.0466 3564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:13:03.0466 3564 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
18:13:03.0466 3564 \Device\Harddisk1\DR1:
18:13:03.0466 3564 MBR partitions:
18:13:03.0466 3564 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x17BD5299
18:13:03.0466 3564 ============================================================
18:13:03.0481 3564 C: <-> \Device\Harddisk0\DR0\Partition2
18:13:03.0481 3564 E: <-> \Device\Harddisk1\DR1\Partition1
18:13:03.0481 3564 ============================================================
18:13:03.0481 3564 Initialize success
18:13:03.0481 3564 ============================================================
18:14:00.0765 3912 ============================================================
18:14:00.0765 3912 Scan started
18:14:00.0765 3912 Mode: Manual; TDLFS;
18:14:00.0765 3912 ============================================================
18:14:01.0451 3912 ================ Scan system memory ========================
18:14:01.0451 3912 System memory - ok
18:14:01.0451 3912 ================ Scan services =============================
18:14:01.0576 3912 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:14:01.0576 3912 1394ohci - ok
18:14:01.0607 3912 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:14:01.0607 3912 ACPI - ok
18:14:01.0623 3912 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:14:01.0623 3912 AcpiPmi - ok
18:14:01.0701 3912 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:14:01.0701 3912 AdobeARMservice - ok
18:14:01.0716 3912 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:14:01.0732 3912 adp94xx - ok
18:14:01.0747 3912 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:14:01.0747 3912 adpahci - ok
18:14:01.0763 3912 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:14:01.0763 3912 adpu320 - ok
18:14:01.0794 3912 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:14:01.0794 3912 AeLookupSvc - ok
18:14:01.0825 3912 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
18:14:01.0825 3912 AFD - ok
18:14:01.0841 3912 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:14:01.0841 3912 agp440 - ok
18:14:01.0872 3912 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:14:01.0872 3912 aic78xx - ok
18:14:01.0888 3912 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:14:01.0888 3912 ALG - ok
18:14:01.0903 3912 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:14:01.0903 3912 aliide - ok
18:14:01.0903 3912 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
18:14:01.0903 3912 amdagp - ok
18:14:01.0919 3912 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:14:01.0919 3912 amdide - ok
18:14:01.0919 3912 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:14:01.0919 3912 AmdK8 - ok
18:14:01.0919 3912 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:14:01.0919 3912 AmdPPM - ok
18:14:01.0935 3912 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:14:01.0935 3912 amdsata - ok
18:14:01.0935 3912 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:14:01.0935 3912 amdsbs - ok
18:14:01.0950 3912 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:14:01.0950 3912 amdxata - ok
18:14:01.0966 3912 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
18:14:01.0966 3912 AppID - ok
18:14:01.0981 3912 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:14:01.0981 3912 AppIDSvc - ok
18:14:01.0997 3912 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
18:14:01.0997 3912 Appinfo - ok
18:14:02.0028 3912 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:14:02.0028 3912 AppMgmt - ok
18:14:02.0044 3912 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:14:02.0044 3912 arc - ok
18:14:02.0059 3912 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:14:02.0059 3912 arcsas - ok
18:14:02.0075 3912 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:14:02.0075 3912 AsyncMac - ok
18:14:02.0091 3912 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:14:02.0091 3912 atapi - ok
18:14:02.0122 3912 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:14:02.0122 3912 AudioEndpointBuilder - ok
18:14:02.0137 3912 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:14:02.0137 3912 Audiosrv - ok
18:14:02.0153 3912 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:14:02.0153 3912 AxInstSV - ok
18:14:02.0184 3912 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:14:02.0184 3912 b06bdrv - ok
18:14:02.0200 3912 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:14:02.0200 3912 b57nd60x - ok
18:14:02.0215 3912 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:14:02.0215 3912 BDESVC - ok
18:14:02.0231 3912 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:14:02.0231 3912 Beep - ok
18:14:02.0262 3912 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
18:14:02.0262 3912 BFE - ok
18:14:02.0293 3912 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
18:14:02.0293 3912 BITS - ok
18:14:02.0309 3912 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:14:02.0309 3912 blbdrive - ok
18:14:02.0325 3912 [ D2F8D15F4852920E1F6B769E982414AD ] Blfp C:\Windows\system32\DRIVERS\basp.sys
18:14:02.0325 3912 Blfp - ok
18:14:02.0356 3912 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:14:02.0356 3912 bowser - ok
18:14:02.0371 3912 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:14:02.0371 3912 BrFiltLo - ok
18:14:02.0387 3912 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:14:02.0387 3912 BrFiltUp - ok
18:14:02.0403 3912 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
18:14:02.0418 3912 Browser - ok
18:14:02.0418 3912 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:14:02.0434 3912 Brserid - ok
18:14:02.0434 3912 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:14:02.0434 3912 BrSerWdm - ok
18:14:02.0434 3912 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:14:02.0449 3912 BrUsbMdm - ok
18:14:02.0449 3912 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:14:02.0449 3912 BrUsbSer - ok
18:14:02.0465 3912 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:14:02.0465 3912 BTHMODEM - ok
18:14:02.0481 3912 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:14:02.0481 3912 bthserv - ok
18:14:02.0496 3912 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:14:02.0496 3912 cdfs - ok
18:14:02.0527 3912 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:14:02.0527 3912 cdrom - ok
18:14:02.0543 3912 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
18:14:02.0559 3912 CertPropSvc - ok
18:14:02.0559 3912 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:14:02.0559 3912 circlass - ok
18:14:02.0574 3912 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:14:02.0574 3912 CLFS - ok
18:14:02.0637 3912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:14:02.0637 3912 clr_optimization_v2.0.50727_32 - ok
18:14:02.0637 3912 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:14:02.0637 3912 CmBatt - ok
18:14:02.0652 3912 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:14:02.0652 3912 cmdide - ok
18:14:02.0683 3912 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
18:14:02.0683 3912 CNG - ok
18:14:02.0699 3912 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:14:02.0699 3912 Compbatt - ok
18:14:02.0715 3912 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:14:02.0715 3912 CompositeBus - ok
18:14:02.0715 3912 COMSysApp - ok
18:14:02.0730 3912 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:14:02.0730 3912 crcdisk - ok
18:14:02.0761 3912 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:14:02.0761 3912 CryptSvc - ok
18:14:02.0777 3912 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
18:14:02.0777 3912 CSC - ok
18:14:02.0793 3912 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
18:14:02.0808 3912 CscService - ok
18:14:02.0824 3912 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
18:14:02.0824 3912 DcomLaunch - ok
18:14:02.0855 3912 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:14:02.0855 3912 defragsvc - ok
18:14:02.0871 3912 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:14:02.0871 3912 DfsC - ok
18:14:02.0886 3912 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:14:02.0886 3912 Dhcp - ok
18:14:02.0902 3912 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:14:02.0902 3912 discache - ok
18:14:02.0933 3912 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:14:02.0933 3912 Disk - ok
18:14:02.0949 3912 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:14:02.0949 3912 Dnscache - ok
18:14:02.0980 3912 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
18:14:02.0980 3912 dot3svc - ok
18:14:02.0995 3912 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
18:14:02.0995 3912 DPS - ok
18:14:03.0011 3912 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:14:03.0011 3912 drmkaud - ok
18:14:03.0058 3912 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:14:03.0058 3912 DXGKrnl - ok
18:14:03.0073 3912 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:14:03.0073 3912 EapHost - ok
18:14:03.0151 3912 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:14:03.0183 3912 ebdrv - ok
18:14:03.0214 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
18:14:03.0214 3912 EFS - ok
18:14:03.0261 3912 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:14:03.0276 3912 ehRecvr - ok
18:14:03.0276 3912 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:14:03.0292 3912 ehSched - ok
18:14:03.0307 3912 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:14:03.0307 3912 elxstor - ok
18:14:03.0323 3912 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:14:03.0323 3912 ErrDev - ok
18:14:03.0354 3912 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:14:03.0354 3912 EventSystem - ok
18:14:03.0370 3912 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:14:03.0370 3912 exfat - ok
18:14:03.0385 3912 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:14:03.0385 3912 fastfat - ok
18:14:03.0417 3912 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
18:14:03.0417 3912 Fax - ok
18:14:03.0432 3912 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:14:03.0432 3912 fdc - ok
18:14:03.0448 3912 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:14:03.0448 3912 fdPHost - ok
18:14:03.0463 3912 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:14:03.0463 3912 FDResPub - ok
18:14:03.0479 3912 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:14:03.0479 3912 FileInfo - ok
18:14:03.0479 3912 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:14:03.0479 3912 Filetrace - ok
18:14:03.0495 3912 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:14:03.0495 3912 flpydisk - ok
18:14:03.0510 3912 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:14:03.0510 3912 FltMgr - ok
18:14:03.0557 3912 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
18:14:03.0557 3912 FontCache - ok
18:14:03.0604 3912 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:14:03.0604 3912 FontCache3.0.0.0 - ok
18:14:03.0619 3912 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:14:03.0619 3912 FsDepends - ok
18:14:03.0635 3912 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:14:03.0635 3912 Fs_Rec - ok
18:14:03.0651 3912 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:14:03.0651 3912 fvevol - ok
18:14:03.0666 3912 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:14:03.0666 3912 gagp30kx - ok
18:14:03.0682 3912 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
18:14:03.0682 3912 gpsvc - ok
18:14:03.0697 3912 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:14:03.0697 3912 hcw85cir - ok
18:14:03.0729 3912 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:14:03.0729 3912 HDAudBus - ok
18:14:03.0744 3912 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:14:03.0744 3912 HidBatt - ok
18:14:03.0760 3912 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:14:03.0760 3912 HidBth - ok
18:14:03.0775 3912 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:14:03.0775 3912 HidIr - ok
18:14:03.0791 3912 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:14:03.0791 3912 hidserv - ok
18:14:03.0791 3912 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:14:03.0791 3912 HidUsb - ok
18:14:03.0822 3912 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:14:03.0822 3912 hkmsvc - ok
18:14:03.0838 3912 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:14:03.0838 3912 HomeGroupListener - ok
18:14:03.0853 3912 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:14:03.0869 3912 HomeGroupProvider - ok
18:14:03.0869 3912 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:14:03.0869 3912 HpSAMD - ok
18:14:03.0900 3912 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:14:03.0900 3912 HTTP - ok
18:14:03.0916 3912 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:14:03.0916 3912 hwpolicy - ok
18:14:03.0931 3912 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:14:03.0931 3912 i8042prt - ok
18:14:03.0947 3912 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:14:03.0947 3912 iaStorV - ok
18:14:03.0994 3912 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:14:04.0009 3912 idsvc - ok
18:14:04.0009 3912 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:14:04.0009 3912 iirsp - ok
18:14:04.0056 3912 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
18:14:04.0072 3912 IKEEXT - ok
18:14:04.0150 3912 [ 53613A3F3EF4E33A640CB3B1CD9BA38B ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
18:14:04.0165 3912 IntcAzAudAddService - ok
18:14:04.0165 3912 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:14:04.0165 3912 intelide - ok
18:14:04.0181 3912 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:14:04.0197 3912 intelppm - ok
18:14:04.0197 3912 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:14:04.0197 3912 IPBusEnum - ok
18:14:04.0212 3912 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:14:04.0212 3912 IpFilterDriver - ok
18:14:04.0228 3912 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:14:04.0243 3912 iphlpsvc - ok
18:14:04.0259 3912 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:14:04.0259 3912 IPMIDRV - ok
18:14:04.0259 3912 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:14:04.0275 3912 IPNAT - ok
18:14:04.0275 3912 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:14:04.0275 3912 IRENUM - ok
18:14:04.0290 3912 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:14:04.0290 3912 isapnp - ok
18:14:04.0321 3912 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:14:04.0321 3912 iScsiPrt - ok
18:14:04.0353 3912 [ 62632763D9B2B7F92D2968D40406E7AA ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
18:14:04.0353 3912 k57nd60x - ok
18:14:04.0368 3912 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:14:04.0368 3912 kbdclass - ok
18:14:04.0384 3912 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:14:04.0384 3912 kbdhid - ok
18:14:04.0399 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
18:14:04.0399 3912 KeyIso - ok
18:14:04.0415 3912 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:14:04.0415 3912 KSecDD - ok
18:14:04.0431 3912 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:14:04.0431 3912 KSecPkg - ok
18:14:04.0462 3912 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:14:04.0462 3912 KtmRm - ok
18:14:04.0477 3912 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
18:14:04.0477 3912 LanmanServer - ok
18:14:04.0509 3912 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:14:04.0509 3912 LanmanWorkstation - ok
18:14:04.0540 3912 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:14:04.0540 3912 lltdio - ok
18:14:04.0555 3912 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:14:04.0555 3912 lltdsvc - ok
18:14:04.0571 3912 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:14:04.0571 3912 lmhosts - ok
18:14:04.0587 3912 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:14:04.0587 3912 LSI_FC - ok
18:14:04.0602 3912 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:14:04.0602 3912 LSI_SAS - ok
18:14:04.0618 3912 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:14:04.0633 3912 LSI_SAS2 - ok
18:14:04.0633 3912 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:14:04.0633 3912 LSI_SCSI - ok
18:14:04.0649 3912 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:14:04.0649 3912 luafv - ok
18:14:04.0680 3912 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:14:04.0680 3912 Mcx2Svc - ok
18:14:04.0696 3912 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:14:04.0696 3912 megasas - ok
18:14:04.0711 3912 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:14:04.0711 3912 MegaSR - ok
18:14:04.0727 3912 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:14:04.0743 3912 MMCSS - ok
18:14:04.0743 3912 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:14:04.0743 3912 Modem - ok
18:14:04.0758 3912 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:14:04.0758 3912 monitor - ok
18:14:04.0774 3912 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:14:04.0774 3912 mouclass - ok
18:14:04.0789 3912 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:14:04.0789 3912 mouhid - ok
18:14:04.0789 3912 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:14:04.0805 3912 mountmgr - ok
18:14:04.0805 3912 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:14:04.0805 3912 mpio - ok
18:14:04.0805 3912 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:14:04.0805 3912 mpsdrv - ok
18:14:04.0821 3912 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
18:14:04.0836 3912 MpsSvc - ok
18:14:04.0836 3912 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:14:04.0836 3912 MRxDAV - ok
18:14:04.0883 3912 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:14:04.0883 3912 mrxsmb - ok
18:14:04.0914 3912 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:14:04.0914 3912 mrxsmb10 - ok
18:14:04.0914 3912 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:14:04.0914 3912 mrxsmb20 - ok
18:14:04.0945 3912 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:14:04.0945 3912 msahci - ok
18:14:04.0961 3912 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:14:04.0961 3912 msdsm - ok
18:14:04.0977 3912 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:14:04.0977 3912 MSDTC - ok
18:14:04.0992 3912 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:14:04.0992 3912 Msfs - ok
18:14:05.0008 3912 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:14:05.0008 3912 mshidkmdf - ok
18:14:05.0023 3912 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:14:05.0023 3912 msisadrv - ok
18:14:05.0039 3912 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:14:05.0039 3912 MSiSCSI - ok
18:14:05.0055 3912 msiserver - ok
18:14:05.0070 3912 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:14:05.0070 3912 MSKSSRV - ok
18:14:05.0086 3912 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:14:05.0086 3912 MSPCLOCK - ok
18:14:05.0101 3912 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:14:05.0101 3912 MSPQM - ok
18:14:05.0117 3912 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:14:05.0117 3912 MsRPC - ok
18:14:05.0133 3912 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:14:05.0133 3912 mssmbios - ok
18:14:05.0133 3912 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:14:05.0133 3912 MSTEE - ok
18:14:05.0148 3912 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:14:05.0148 3912 MTConfig - ok
18:14:05.0148 3912 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:14:05.0148 3912 Mup - ok
18:14:05.0179 3912 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
18:14:05.0195 3912 napagent - ok
18:14:05.0211 3912 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:14:05.0211 3912 NativeWifiP - ok
18:14:05.0226 3912 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:14:05.0242 3912 NDIS - ok
18:14:05.0257 3912 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:14:05.0257 3912 NdisCap - ok
18:14:05.0289 3912 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:14:05.0289 3912 NdisTapi - ok
18:14:05.0289 3912 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:14:05.0289 3912 Ndisuio - ok
18:14:05.0304 3912 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:14:05.0304 3912 NdisWan - ok
18:14:05.0320 3912 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:14:05.0320 3912 NDProxy - ok
18:14:05.0335 3912 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:14:05.0335 3912 NetBIOS - ok
18:14:05.0351 3912 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:14:05.0351 3912 NetBT - ok
18:14:05.0367 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
18:14:05.0367 3912 Netlogon - ok
18:14:05.0413 3912 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:14:05.0413 3912 Netman - ok
18:14:05.0429 3912 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:14:05.0429 3912 netprofm - ok
18:14:05.0445 3912 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:14:05.0460 3912 NetTcpPortSharing - ok
18:14:05.0460 3912 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:14:05.0460 3912 nfrd960 - ok
18:14:05.0491 3912 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
18:14:05.0491 3912 NlaSvc - ok
18:14:05.0491 3912 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:14:05.0491 3912 Npfs - ok
18:14:05.0523 3912 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:14:05.0523 3912 nsi - ok
18:14:05.0523 3912 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:14:05.0523 3912 nsiproxy - ok
18:14:05.0554 3912 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:14:05.0585 3912 Ntfs - ok
18:14:05.0585 3912 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:14:05.0585 3912 Null - ok
18:14:05.0741 3912 [ D9099ED7CF688B131C5B0FCDAE1A48FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:14:05.0788 3912 nvlddmkm - ok
18:14:05.0803 3912 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:14:05.0803 3912 nvraid - ok
18:14:05.0819 3912 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:14:05.0819 3912 nvstor - ok
18:14:05.0835 3912 [ ABC3DBF9C508F48109782499C3D9DAB5 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:14:05.0835 3912 nvsvc - ok
18:14:05.0850 3912 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:14:05.0850 3912 nv_agp - ok
18:14:05.0897 3912 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:14:05.0913 3912 odserv - ok
18:14:05.0928 3912 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:14:06.0006 3912 ohci1394 - ok
18:14:06.0053 3912 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:14:06.0069 3912 ose - ok
18:14:06.0084 3912 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:14:06.0100 3912 p2pimsvc - ok
18:14:06.0115 3912 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:14:06.0131 3912 p2psvc - ok
18:14:06.0131 3912 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:14:06.0131 3912 Parport - ok
18:14:06.0162 3912 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:14:06.0162 3912 partmgr - ok
18:14:06.0162 3912 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:14:06.0162 3912 Parvdm - ok
18:14:06.0193 3912 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
18:14:06.0193 3912 PBADRV - ok
18:14:06.0209 3912 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:14:06.0209 3912 PcaSvc - ok
18:14:06.0225 3912 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
18:14:06.0225 3912 pci - ok
18:14:06.0225 3912 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:14:06.0225 3912 pciide - ok
18:14:06.0240 3912 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:14:06.0240 3912 pcmcia - ok
18:14:06.0256 3912 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:14:06.0256 3912 pcw - ok
18:14:06.0271 3912 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:14:06.0287 3912 PEAUTH - ok
18:14:06.0318 3912 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:14:06.0334 3912 PeerDistSvc - ok
18:14:06.0365 3912 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
18:14:06.0396 3912 pla - ok
18:14:06.0427 3912 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:14:06.0443 3912 PlugPlay - ok
18:14:06.0443 3912 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:14:06.0459 3912 PNRPAutoReg - ok
18:14:06.0459 3912 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:14:06.0474 3912 PNRPsvc - ok
18:14:06.0490 3912 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:14:06.0505 3912 PolicyAgent - ok
18:14:06.0521 3912 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
18:14:06.0537 3912 Power - ok
18:14:06.0537 3912 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:14:06.0552 3912 PptpMiniport - ok
18:14:06.0552 3912 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:14:06.0568 3912 Processor - ok
18:14:06.0583 3912 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
18:14:06.0583 3912 ProfSvc - ok
18:14:06.0599 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:14:06.0599 3912 ProtectedStorage - ok
18:14:06.0615 3912 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:14:06.0615 3912 Psched - ok
18:14:06.0661 3912 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:14:06.0661 3912 PxHelp20 - ok
18:14:06.0693 3912 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:14:06.0724 3912 ql2300 - ok
18:14:06.0739 3912 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:14:06.0739 3912 ql40xx - ok
18:14:06.0771 3912 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:14:06.0771 3912 QWAVE - ok
18:14:06.0771 3912 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:14:06.0786 3912 QWAVEdrv - ok
18:14:06.0786 3912 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:14:06.0786 3912 RasAcd - ok
18:14:06.0802 3912 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:14:06.0802 3912 RasAgileVpn - ok
18:14:06.0817 3912 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:14:06.0817 3912 RasAuto - ok
18:14:06.0833 3912 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:14:06.0833 3912 Rasl2tp - ok
18:14:06.0849 3912 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
18:14:06.0864 3912 RasMan - ok
18:14:06.0864 3912 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:14:06.0864 3912 RasPppoe - ok
18:14:06.0895 3912 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:14:06.0895 3912 RasSstp - ok
18:14:06.0895 3912 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:14:06.0895 3912 rdbss - ok
18:14:06.0911 3912 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:14:06.0911 3912 rdpbus - ok
18:14:06.0911 3912 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:14:06.0911 3912 RDPCDD - ok
18:14:06.0942 3912 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:14:06.0942 3912 RDPDR - ok
18:14:06.0958 3912 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:14:06.0958 3912 RDPENCDD - ok
18:14:06.0973 3912 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:14:06.0973 3912 RDPREFMP - ok
18:14:06.0989 3912 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:14:06.0989 3912 RDPWD - ok
18:14:07.0005 3912 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:14:07.0005 3912 rdyboost - ok
18:14:07.0036 3912 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:14:07.0036 3912 RemoteAccess - ok
18:14:07.0051 3912 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:14:07.0051 3912 RemoteRegistry - ok
18:14:07.0067 3912 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:14:07.0083 3912 RpcEptMapper - ok
18:14:07.0083 3912 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:14:07.0083 3912 RpcLocator - ok
18:14:07.0098 3912 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
18:14:07.0114 3912 RpcSs - ok
18:14:07.0114 3912 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:14:07.0114 3912 rspndr - ok
18:14:07.0129 3912 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:14:07.0129 3912 s3cap - ok
18:14:07.0145 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
18:14:07.0145 3912 SamSs - ok
18:14:07.0161 3912 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:14:07.0161 3912 sbp2port - ok
18:14:07.0192 3912 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:14:07.0192 3912 SCardSvr - ok
18:14:07.0207 3912 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:14:07.0207 3912 scfilter - ok
18:14:07.0239 3912 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
18:14:07.0239 3912 Schedule - ok
18:14:07.0254 3912 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:14:07.0254 3912 SCPolicySvc - ok
18:14:07.0270 3912 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:14:07.0270 3912 SDRSVC - ok
18:14:07.0317 3912 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:14:07.0317 3912 SeaPort - ok
18:14:07.0332 3912 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:14:07.0332 3912 secdrv - ok
18:14:07.0332 3912 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:14:07.0348 3912 seclogon - ok
18:14:07.0410 3912 [ D7F978C1B6387544FE132EB5B915ED1A ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:14:07.0426 3912 SecureStorageService - ok
18:14:07.0457 3912 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:14:07.0457 3912 SENS - ok
18:14:07.0488 3912 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:14:07.0488 3912 SensrSvc - ok
18:14:07.0504 3912 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:14:07.0504 3912 Serenum - ok
18:14:07.0519 3912 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:14:07.0519 3912 Serial - ok
18:14:07.0535 3912 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:14:07.0535 3912 sermouse - ok
18:14:07.0551 3912 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
18:14:07.0566 3912 SessionEnv - ok
18:14:07.0566 3912 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:14:07.0566 3912 sffdisk - ok
18:14:07.0566 3912 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:14:07.0582 3912 sffp_mmc - ok
18:14:07.0582 3912 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:14:07.0582 3912 sffp_sd - ok
18:14:07.0597 3912 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:14:07.0597 3912 sfloppy - ok
18:14:07.0629 3912 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:14:07.0629 3912 SharedAccess - ok
18:14:07.0644 3912 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:14:07.0660 3912 ShellHWDetection - ok
18:14:07.0675 3912 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
18:14:07.0675 3912 sisagp - ok
18:14:07.0691 3912 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:14:07.0691 3912 SiSRaid2 - ok
18:14:07.0707 3912 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:14:07.0707 3912 SiSRaid4 - ok
18:14:07.0722 3912 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:14:07.0722 3912 Smb - ok
18:14:07.0738 3912 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:14:07.0738 3912 SNMPTRAP - ok
18:14:07.0753 3912 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:14:07.0753 3912 spldr - ok
18:14:07.0785 3912 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
18:14:07.0785 3912 Spooler - ok
18:14:07.0831 3912 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
18:14:07.0847 3912 sppsvc - ok
18:14:07.0847 3912 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:14:07.0863 3912 sppuinotify - ok
18:14:07.0878 3912 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:14:07.0878 3912 srv - ok
18:14:07.0909 3912 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:14:07.0909 3912 srv2 - ok
18:14:07.0941 3912 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:14:07.0941 3912 srvnet - ok
18:14:07.0956 3912 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:14:07.0956 3912 SSDPSRV - ok
18:14:07.0972 3912 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:14:07.0972 3912 SstpSvc - ok
18:14:07.0987 3912 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:14:07.0987 3912 stexstor - ok
18:14:08.0019 3912 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
18:14:08.0034 3912 StiSvc - ok
18:14:08.0065 3912 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:14:08.0065 3912 stllssvr - ok
18:14:08.0097 3912 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:14:08.0097 3912 storflt - ok
18:14:08.0128 3912 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:14:08.0128 3912 StorSvc - ok
18:14:08.0143 3912 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:14:08.0143 3912 storvsc - ok
18:14:08.0159 3912 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:14:08.0159 3912 swenum - ok
18:14:08.0190 3912 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:14:08.0190 3912 swprv - ok
18:14:08.0221 3912 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
18:14:08.0221 3912 SysMain - ok
18:14:08.0237 3912 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:14:08.0237 3912 TabletInputService - ok
18:14:08.0237 3912 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
18:14:08.0237 3912 TapiSrv - ok
18:14:08.0253 3912 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:14:08.0253 3912 TBS - ok
18:14:08.0299 3912 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:14:08.0331 3912 Tcpip - ok
18:14:08.0362 3912 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:14:08.0362 3912 TCPIP6 - ok
18:14:08.0362 3912 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:14:08.0362 3912 tcpipreg - ok
18:14:08.0409 3912 [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:14:08.0440 3912 tcsd_win32.exe - ok
18:14:08.0502 3912 [ A62F1DE032E59C4BB35557A2219CB160 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
18:14:08.0502 3912 TdmService - ok
18:14:08.0518 3912 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:14:08.0518 3912 TDPIPE - ok
18:14:08.0549 3912 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:14:08.0549 3912 TDTCP - ok
18:14:08.0565 3912 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:14:08.0565 3912 tdx - ok
18:14:08.0565 3912 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:14:08.0565 3912 TermDD - ok
18:14:08.0580 3912 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
18:14:08.0596 3912 TermService - ok
18:14:08.0611 3912 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:14:08.0611 3912 Themes - ok
18:14:08.0611 3912 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:14:08.0611 3912 THREADORDER - ok
18:14:08.0643 3912 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:14:08.0658 3912 TrkWks - ok
18:14:08.0705 3912 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:14:08.0705 3912 TrustedInstaller - ok
18:14:08.0721 3912 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:14:08.0721 3912 tssecsrv - ok
18:14:08.0736 3912 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:14:08.0736 3912 tunnel - ok
18:14:08.0752 3912 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:14:08.0752 3912 uagp35 - ok
18:14:08.0767 3912 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:14:08.0767 3912 udfs - ok
18:14:08.0783 3912 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:14:08.0783 3912 UI0Detect - ok
18:14:08.0799 3912 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:14:08.0799 3912 uliagpkx - ok
18:14:08.0814 3912 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:14:08.0814 3912 umbus - ok
18:14:08.0845 3912 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:14:08.0845 3912 UmPass - ok
18:14:08.0877 3912 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:14:08.0877 3912 UmRdpService - ok
18:14:08.0892 3912 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:14:08.0892 3912 upnphost - ok
18:14:08.0892 3912 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:14:08.0892 3912 usbccgp - ok
18:14:08.0908 3912 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:14:08.0908 3912 usbcir - ok
18:14:08.0923 3912 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:14:08.0923 3912 usbehci - ok
18:14:08.0939 3912 [ 0DB84EDA895894BA222E27ACF597C806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:14:08.0939 3912 usbhub - ok
18:14:08.0970 3912 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:14:08.0970 3912 usbohci - ok
18:14:08.0986 3912 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:14:08.0986 3912 usbprint - ok
18:14:08.0986 3912 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:14:08.0986 3912 USBSTOR - ok
18:14:09.0001 3912 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:14:09.0001 3912 usbuhci - ok
18:14:09.0033 3912 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:14:09.0033 3912 UxSms - ok
18:14:09.0048 3912 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
18:14:09.0048 3912 VaultSvc - ok
18:14:09.0048 3912 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:14:09.0048 3912 vdrvroot - ok
18:14:09.0064 3912 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
18:14:09.0079 3912 vds - ok
18:14:09.0095 3912 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:14:09.0111 3912 vga - ok
18:14:09.0111 3912 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:14:09.0111 3912 VgaSave - ok
18:14:09.0111 3912 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:14:09.0126 3912 vhdmp - ok
18:14:09.0142 3912 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
18:14:09.0142 3912 viaagp - ok
18:14:09.0157 3912 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:14:09.0157 3912 ViaC7 - ok
18:14:09.0157 3912 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:14:09.0157 3912 viaide - ok
18:14:09.0189 3912 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:14:09.0189 3912 vmbus - ok
18:14:09.0204 3912 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:14:09.0204 3912 VMBusHID - ok
18:14:09.0204 3912 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:14:09.0204 3912 volmgr - ok
18:14:09.0220 3912 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:14:09.0235 3912 volmgrx - ok
18:14:09.0251 3912 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:14:09.0251 3912 volsnap - ok
18:14:09.0267 3912 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:14:09.0282 3912 vsmraid - ok
18:14:09.0298 3912 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
18:14:09.0298 3912 VSS - ok
18:14:09.0313 3912 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:14:09.0313 3912 vwifibus - ok
18:14:09.0345 3912 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:14:09.0345 3912 W32Time - ok
18:14:09.0345 3912 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:14:09.0360 3912 WacomPen - ok
18:14:09.0360 3912 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:14:09.0360 3912 WANARP - ok
18:14:09.0376 3912 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:14:09.0376 3912 Wanarpv6 - ok
18:14:09.0423 3912 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:14:09.0454 3912 WatAdminSvc - ok
18:14:09.0485 3912 [ 4011D285C449DD833040045CB0F0E3FE ] WavxDMgr C:\Windows\system32\DRIVERS\WavxDMgr.sys
18:14:09.0485 3912 WavxDMgr - ok
18:14:09.0516 3912 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
18:14:09.0532 3912 wbengine - ok
18:14:09.0547 3912 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:14:09.0563 3912 WbioSrvc - ok
18:14:09.0563 3912 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:14:09.0579 3912 wcncsvc - ok
18:14:09.0579 3912 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:14:09.0579 3912 WcsPlugInService - ok
18:14:09.0610 3912 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:14:09.0610 3912 Wd - ok
18:14:09.0610 3912 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:14:09.0625 3912 Wdf01000 - ok
18:14:09.0625 3912 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:14:09.0625 3912 WdiServiceHost - ok
18:14:09.0641 3912 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:14:09.0641 3912 WdiSystemHost - ok
18:14:09.0641 3912 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
18:14:09.0657 3912 WebClient - ok
18:14:09.0672 3912 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:14:09.0672 3912 Wecsvc - ok
18:14:09.0672 3912 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:14:09.0688 3912 wercplsupport - ok
18:14:09.0703 3912 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:14:09.0703 3912 WerSvc - ok
18:14:09.0719 3912 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:14:09.0719 3912 WfpLwf - ok
18:14:09.0735 3912 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:14:09.0735 3912 WIMMount - ok
18:14:09.0781 3912 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:14:09.0781 3912 WinDefend - ok
18:14:09.0797 3912 WinHttpAutoProxySvc - ok
18:14:09.0844 3912 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:14:09.0844 3912 Winmgmt - ok
18:14:09.0891 3912 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
18:14:09.0906 3912 WinRM - ok
18:14:09.0937 3912 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:14:09.0953 3912 Wlansvc - ok
18:14:09.0953 3912 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:14:09.0953 3912 WmiAcpi - ok
18:14:09.0984 3912 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:14:09.0984 3912 wmiApSrv - ok
18:14:10.0031 3912 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:14:10.0031 3912 WMPNetworkSvc - ok
18:14:10.0047 3912 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:14:10.0047 3912 WPCSvc - ok
18:14:10.0062 3912 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:14:10.0062 3912 WPDBusEnum - ok
18:14:10.0078 3912 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:14:10.0078 3912 ws2ifsl - ok
18:14:10.0093 3912 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:14:10.0093 3912 wscsvc - ok
18:14:10.0093 3912 WSearch - ok
18:14:10.0156 3912 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:14:10.0156 3912 wuauserv - ok
18:14:10.0171 3912 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:14:10.0171 3912 WudfPf - ok
18:14:10.0203 3912 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:14:10.0203 3912 wudfsvc - ok
18:14:10.0218 3912 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:14:10.0218 3912 WwanSvc - ok
18:14:10.0218 3912 ================ Scan global ===============================
18:14:10.0249 3912 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
18:14:10.0281 3912 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
18:14:10.0281 3912 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
18:14:10.0312 3912 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:14:10.0343 3912 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:14:10.0343 3912 [Global] - ok
18:14:10.0343 3912 ================ Scan MBR ==================================
18:14:10.0359 3912 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
18:14:10.0593 3912 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:14:10.0593 3912 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:14:10.0593 3912 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:14:10.0717 3912 \Device\Harddisk1\DR1 - ok
18:14:10.0717 3912 ================ Scan VBR ==================================
18:14:10.0717 3912 [ 47276C0556ABA56A3A3C1A7B93DF7DF7 ] \Device\Harddisk0\DR0\Partition1
18:14:10.0717 3912 \Device\Harddisk0\DR0\Partition1 - ok
18:14:10.0733 3912 [ 301756E790D1D60619654DED9516C0F3 ] \Device\Harddisk0\DR0\Partition2
18:14:10.0733 3912 \Device\Harddisk0\DR0\Partition2 - ok
18:14:10.0733 3912 [ A7F212E9D62B7E25B52AAF6139B53AE4 ] \Device\Harddisk1\DR1\Partition1
18:14:10.0733 3912 \Device\Harddisk1\DR1\Partition1 - ok
18:14:10.0733 3912 ============================================================
18:14:10.0733 3912 Scan finished
18:14:10.0733 3912 ============================================================
18:14:10.0780 3456 Detected object count: 1
18:14:10.0780 3456 Actual detected object count: 1
18:14:27.0019 3456 \Device\Harddisk0\DR0\TDLFS - deleted
18:14:27.0019 3456 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
18:14:37.0612 2364 Deinitialize success


------------
Malwarebytes
------------
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.09

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Bruce :: BRUCE-PC [administrator]

10/10/2012 6:15:29 PM
mbam-log-2012-10-10 (18-15-29).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 366117
Time elapsed: 34 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


--------------
RKill
--------------
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 06:58:26 PM in x86 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/10/2012 06:58:35 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)


--------
Autoruns
--------
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "ChangeTPMAuth" "ChangeTPMAuth Application" "Wave Systems Corp." "c:\program files\wave systems corp\common\changetpmauth.exe"
+ "DBRMTray" "DbrmTrayicon" "Microsoft" "c:\dell\dbrm\reminder\dbrmtrayicon.exe"
+ "DellControlPoint" "Dell ControlPoint" "Dell Inc." "c:\program files\dell\dell controlpoint\dell.controlpoint.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\program files\realtek\audio\hda\rtdcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "USCService" "Dell Security Device and Task Status" "Broadcom Corporation" "c:\program files\dell\dell controlpoint\security manager\bcmdeviceandtaskstatusservice.exe"
+ "WavXMgr" "WavX Document Manager Application" "Wave Systems Corp." "c:\program files\wave systems corp\services manager\docmgr\bin\wavxdocmgr.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "DBRMTray" "TrayApp" "Microsoft" "c:\dell\dbrm\reminder\trayapp.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\bruce\appdata\local\google\update\googleupdate.exe"
+ "Microsoft" "" "" "File not found: C:\Users\Bruce\AppData\Local\Microsoft Help\Microsoft\ymcepif.dll"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EncryptDocMgr" "ContextMenuItem Module" "Wave Systems Corp." "c:\program files\wave systems corp\services manager\docmgr\bin\contextmenuitem.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EncryptDocMgr" "ContextMenuItem Module" "Wave Systems Corp." "c:\program files\wave systems corp\services manager\docmgr\bin\contextmenuitem.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "EnabledUnlockedFDEIconOverlay" "TDM Icon Overlay" "Wave Systems Corp." "c:\program files\wave systems corp\trusted drive manager\tdmiconoverlay.dll"
+ "UninitializedFdeIconOverlay" "TDM Icon Overlay" "Wave Systems Corp." "c:\program files\wave systems corp\trusted drive manager\tdmiconoverlay.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll"
+ "Search Helper" "Microsoft Search Helper Extention" "Microsoft Corp." "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files\windows live\toolbar\wltcore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files\windows live\toolbar\wltcore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskUserS-1-5-21-2011915119-3138510129-4040441681-1000Core" "Google Installer" "Google Inc." "c:\users\bruce\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2011915119-3138510129-4040441681-1000UA" "Google Installer" "Google Inc." "c:\users\bruce\appdata\local\google\update\googleupdate.exe"
+ "\JavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\windows\system32\jusched.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corp." "c:\program files\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SecureStorageService" "Secure Storage Service" "Wave Systems Corp." "c:\program files\wave systems corp\secure storage manager\securestorageservice.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "tcsd_win32.exe" "TCS service for accessing the TPM" "" "c:\program files\ntru cryptosystems\ntru tcg software stack\bin\tcsd_win32.exe"
+ "TdmService" "Tdm Service" "Wave Systems Corp." "c:\program files\wave systems corp\trusted drive manager\tdmservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "Blfp" "Broadcom Advanced Server Program Driver" "Broadcom Corporation" "c:\windows\system32\drivers\basp.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtdvhda.sys"
+ "k57nd60x" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60x.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 186.27 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PBADRV" "PBADRV" "Dell Inc" "c:\windows\system32\drivers\pbadrv.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WavxDMgr" "Document Manager Driver" "Wave Systems Corp." "c:\windows\system32\drivers\wavxdmgr.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
+ "wvauth" "Authentication Package" "Wave Systems Corp." "c:\windows\system32\wvauth.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "TdmNetworkProvider" "TDM Network Provider" "Wave Systems Corp." "c:\windows\system32\tdmnetworkprovider.dll"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:52 PM

Posted 10 October 2012 - 06:12 PM

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Microsoft" "" "" "File not found: C:\Users\Bruce\AppData\Local\Microsoft Help\Microsoft\ymcepif.dll"

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users