Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I may have been infected but cured it and I'm now left with the collateral damage?


  • Please log in to reply
10 replies to this topic

#1 BigTim

BigTim

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 28 November 2012 - 04:00 PM

Hello! I seem to be having similar sort of symptoms to others on this thread - I boot my system, the GUI loads then the first thing that happens is Mozilla Firefox starts and will try to load www.fsquirt.exe... which I know is a Bluetooth Utility... its almost like its an Autorun or Some Reg Startup command but I can't find anything, I suspect this isn't the only problem either as I used the WAB command and sure enough they all appeared but when I clicked on one of the files to open, I had a popup saying something about an error opening the file which you and I both know it should've started Mail/Live Mail 2012/etc. I also use an ATI Radeon HD3850 GFX card which uses Catalyst Drivers (12.6) - I should have an app startup called the CCC.exe (Catalyst Control Centre) but it doesn't anymore... I had a warning from my anti-virus 2 weeks ago but was sorted and I ran Mbam just to be sure with no nasties found... please advise as I'm getting a bad feeling here

Thanks in advance.

Tim

Edited by BigTim, 28 November 2012 - 04:00 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:23 AM

Posted 28 November 2012 - 08:45 PM

Hello Tim and welcome. Lets see what these scans produce.

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.




ESET ONLINE

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 29 November 2012 - 03:30 PM

Allo Boopme! Thanx a million for yer prompt reply. Okey dokey, I'll do as you ask, my next post will contain the results txt you asked for.

Thanx in advance

Tim

#4 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 29 November 2012 - 07:41 PM

Allo! Ok here's the results!

MiniToolBox by Farbar Version: 25-11-2012
Ran by Bear (administrator) on 29-11-2012 at 20:33:29
Running from "C:\Users\Bear.Tim-PC\Desktop"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tim-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cable.virginmedia.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-19-66-0C-D3-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::98fc:8f84:130a:e2be%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 29 November 2012 19:00:48
Lease Expires . . . . . . . . . . : 06 December 2012 19:00:47
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 301996390
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-1C-71-12-00-19-66-0C-D3-37
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.cable.virginmedia.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:73b8:248f:3323:3f57:ff99(Preferred)
Link-local IPv6 Address . . . . . : fe80::248f:3323:3f57:ff99%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:802::1008
173.194.34.70
173.194.34.71
173.194.34.64
173.194.34.68
173.194.34.65
173.194.34.66
173.194.34.72
173.194.34.67
173.194.34.69
173.194.34.78
173.194.34.73


Pinging google.com [173.194.34.71] with 32 bytes of data:
Reply from 173.194.34.71: bytes=32 time=12ms TTL=55
Reply from 173.194.34.71: bytes=32 time=15ms TTL=56

Ping statistics for 173.194.34.71:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 15ms, Average = 13ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=153ms TTL=47
Reply from 98.138.253.109: bytes=32 time=150ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 150ms, Maximum = 153ms, Average = 151ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 19 66 0c d3 37 ......Realtek RTL8139/810x Family Fast Ethernet NIC
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 276
192.168.0.102 255.255.255.255 On-link 192.168.0.102 276
192.168.0.255 255.255.255.255 On-link 192.168.0.102 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:5ef5:73b8:248f:3323:3f57:ff99/128
On-link
12 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::248f:3323:3f57:ff99/128
On-link
12 276 fe80::98fc:8f84:130a:e2be/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/29/2012 07:03:25 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (11/29/2012 07:02:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 08:42:39 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (11/28/2012 08:41:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 05:55:15 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (11/28/2012 05:54:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 00:02:10 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (11/28/2012 00:01:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2012 09:16:19 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (11/27/2012 09:15:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/29/2012 07:00:48 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%13.

Error: (11/29/2012 07:00:22 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (11/28/2012 09:38:47 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/28/2012 09:38:46 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/28/2012 09:38:46 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/28/2012 09:38:44 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/28/2012 09:38:42 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/28/2012 08:40:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%13.

Error: (11/28/2012 08:39:37 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (11/28/2012 05:52:36 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%13.


Microsoft Office Sessions:
=========================
Error: (11/29/2012 07:03:25 PM) (Source: SecurityCenter)(User: )
Description:

Error: (11/29/2012 07:02:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 08:42:39 PM) (Source: SecurityCenter)(User: )
Description:

Error: (11/28/2012 08:41:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 05:55:15 PM) (Source: SecurityCenter)(User: )
Description:

Error: (11/28/2012 05:54:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 00:02:10 PM) (Source: SecurityCenter)(User: )
Description:

Error: (11/28/2012 00:01:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2012 09:16:19 PM) (Source: SecurityCenter)(User: )
Description:

Error: (11/27/2012 09:15:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 3.0.868.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0704.122.388)
AMD Media Foundation Decoders (Version: 1.0.70309.0018)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
µTorrent (Version: 3.2.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0309.43.976)
Catalyst Control Center Graphics Previews Common (Version: 2012.0309.43.976)
Catalyst Control Center InstallProxy (Version: 2012.0309.43.976)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0309.43.976)
ccc-utility (Version: 2012.0309.43.976)
CCC Help Chinese Standard (Version: 2012.0309.0042.976)
CCC Help Chinese Traditional (Version: 2012.0309.0042.976)
CCC Help Czech (Version: 2012.0309.0042.976)
CCC Help Danish (Version: 2012.0309.0042.976)
CCC Help Dutch (Version: 2012.0309.0042.976)
CCC Help English (Version: 2012.0309.0042.976)
CCC Help Finnish (Version: 2012.0309.0042.976)
CCC Help French (Version: 2012.0309.0042.976)
CCC Help German (Version: 2012.0309.0042.976)
CCC Help Greek (Version: 2012.0309.0042.976)
CCC Help Hungarian (Version: 2012.0309.0042.976)
CCC Help Italian (Version: 2012.0309.0042.976)
CCC Help Japanese (Version: 2012.0309.0042.976)
CCC Help Korean (Version: 2012.0309.0042.976)
CCC Help Norwegian (Version: 2012.0309.0042.976)
CCC Help Polish (Version: 2012.0309.0042.976)
CCC Help Portuguese (Version: 2012.0309.0042.976)
CCC Help Russian (Version: 2012.0309.0042.976)
CCC Help Spanish (Version: 2012.0309.0042.976)
CCC Help Swedish (Version: 2012.0309.0042.976)
CCC Help Thai (Version: 2012.0309.0042.976)
CCC Help Turkish (Version: 2012.0309.0042.976)
CCleaner (Version: 3.24)
CloneDVD2
CPUID CPU-Z 1.61.5
Creative Audio Console (Version: 1.33)
Creative Software AutoUpdate (Version: 1.40)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.22)
eReg (Version: 1.20.138.34)
Foxit Reader 5.1 (Version: 5.1.4.104)
Google Earth (Version: 7.0.1.8244)
Google Update Helper (Version: 1.3.21.123)
GreedyTorrent v1.01 beta build 170
Hurrican 1.0.0.4 (Version: 1.0.0.4)
HydraVision (Version: 4.2.236.0)
ImgBurn (Version: 2.5.7.0)
Intel Processor Diagnostic Tool (Version: 19.0.0)
Intel® Processor ID Utility (Version: 4.55.0000)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 21 (Version: 6.0.210)
JLC's Internet TV
Junk Mail filter update (Version: 16.4.3505.0912)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
Native Instruments Controller Editor
Native Instruments Controller Editor (Version: 1.3.5.667)
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig 5 (Version: 5.0.2.2476)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.3.0.853)
OpenAL
PC Wizard 2012.2.11
Revo Uninstaller 1.94 (Version: 1.94)
Source SDK Base 2007
Steam (Version: 1.0.0.0)
TechPowerUp GPU-Z
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.4 (Version: 2.0.4)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
YTD Video Downloader 3.9.3

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 3517.87 MB
Available physical RAM: 2638.02 MB
Total Pagefile: 7034.02 MB
Available Pagefile: 6141.84 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.76 MB

========================= Partitions: =====================================

2 Drive c: (MAGICTHIGHS) (Fixed) (Total:372.61 GB) (Free:82.73 GB) NTFS

========================= Users: ========================================

User accounts for \\TIM-PC

Administrator Bear Guest


**** End of log ****




20:38:05.0369 2908 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:38:06.0039 2908 ============================================================
20:38:06.0039 2908 Current date / time: 2012/11/29 20:38:06.0039
20:38:06.0039 2908 SystemInfo:
20:38:06.0039 2908
20:38:06.0039 2908 OS Version: 6.1.7601 ServicePack: 1.0
20:38:06.0039 2908 Product type: Workstation
20:38:06.0039 2908 ComputerName: TIM-PC
20:38:06.0039 2908 UserName: Bear
20:38:06.0039 2908 Windows directory: C:\Windows
20:38:06.0039 2908 System windows directory: C:\Windows
20:38:06.0039 2908 Processor architecture: Intel x86
20:38:06.0039 2908 Number of processors: 4
20:38:06.0039 2908 Page size: 0x1000
20:38:06.0039 2908 Boot type: Normal boot
20:38:06.0039 2908 ============================================================
20:38:06.0991 2908 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:38:06.0991 2908 ============================================================
20:38:06.0991 2908 \Device\Harddisk0\DR0:
20:38:06.0991 2908 MBR partitions:
20:38:06.0991 2908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E937C82
20:38:06.0991 2908 ============================================================
20:38:06.0991 2908 C: <-> \Device\Harddisk0\DR0\Partition1
20:38:06.0991 2908 ============================================================
20:38:06.0991 2908 Initialize success
20:38:06.0991 2908 ============================================================
20:39:02.0792 2196 ============================================================
20:39:02.0792 2196 Scan started
20:39:02.0792 2196 Mode: Manual; TDLFS;
20:39:02.0792 2196 ============================================================
20:39:03.0276 2196 ================ Scan system memory ========================
20:39:03.0276 2196 System memory - ok
20:39:03.0276 2196 ================ Scan services =============================
20:39:03.0416 2196 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:39:03.0416 2196 1394ohci - ok
20:39:03.0432 2196 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:39:03.0432 2196 ACPI - ok
20:39:03.0448 2196 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:39:03.0463 2196 AcpiPmi - ok
20:39:03.0479 2196 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:39:03.0494 2196 AdobeFlashPlayerUpdateSvc - ok
20:39:03.0510 2196 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:39:03.0557 2196 adp94xx - ok
20:39:03.0572 2196 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:39:03.0588 2196 adpahci - ok
20:39:03.0604 2196 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:39:03.0619 2196 adpu320 - ok
20:39:03.0650 2196 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:39:03.0650 2196 AeLookupSvc - ok
20:39:03.0682 2196 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:39:03.0697 2196 AFD - ok
20:39:03.0713 2196 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
20:39:03.0728 2196 agp440 - ok
20:39:03.0760 2196 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:39:03.0775 2196 aic78xx - ok
20:39:03.0775 2196 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:39:03.0775 2196 ALG - ok
20:39:03.0791 2196 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:39:03.0806 2196 aliide - ok
20:39:03.0838 2196 [ 4B9298FD6707980AB8E3A8F0E642EC9A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:39:03.0838 2196 AMD External Events Utility - ok
20:39:03.0853 2196 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:39:03.0869 2196 amdagp - ok
20:39:03.0884 2196 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:39:03.0900 2196 amdide - ok
20:39:03.0931 2196 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
20:39:03.0947 2196 amdiox86 - ok
20:39:03.0947 2196 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:39:03.0962 2196 AmdK8 - ok
20:39:04.0181 2196 [ 5C297F25A4A09D14BFE2CAB5DE2F1457 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:39:04.0384 2196 amdkmdag - ok
20:39:04.0415 2196 [ FF2E35D9BD35F36A0126A0CA7556E43D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:39:04.0430 2196 amdkmdap - ok
20:39:04.0430 2196 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:39:04.0462 2196 AmdPPM - ok
20:39:04.0493 2196 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:39:04.0508 2196 amdsata - ok
20:39:04.0508 2196 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:39:04.0540 2196 amdsbs - ok
20:39:04.0540 2196 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:39:04.0555 2196 amdxata - ok
20:39:04.0602 2196 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
20:39:04.0602 2196 AppHostSvc - ok
20:39:04.0618 2196 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:39:04.0649 2196 AppID - ok
20:39:04.0664 2196 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:39:04.0664 2196 AppIDSvc - ok
20:39:04.0680 2196 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:39:04.0680 2196 Appinfo - ok
20:39:04.0696 2196 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:39:04.0711 2196 arc - ok
20:39:04.0727 2196 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:39:04.0742 2196 arcsas - ok
20:39:04.0805 2196 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:39:04.0805 2196 aspnet_state - ok
20:39:04.0820 2196 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:39:04.0836 2196 AsyncMac - ok
20:39:04.0836 2196 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:39:04.0836 2196 atapi - ok
20:39:04.0867 2196 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:39:04.0867 2196 AudioEndpointBuilder - ok
20:39:04.0867 2196 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:39:04.0867 2196 Audiosrv - ok
20:39:04.0883 2196 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:39:04.0883 2196 AxInstSV - ok
20:39:04.0914 2196 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:39:04.0914 2196 b06bdrv - ok
20:39:04.0945 2196 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:39:04.0976 2196 b57nd60x - ok
20:39:04.0992 2196 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:39:05.0008 2196 BDESVC - ok
20:39:05.0008 2196 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:39:05.0023 2196 Beep - ok
20:39:05.0054 2196 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:39:05.0054 2196 BFE - ok
20:39:05.0086 2196 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:39:05.0086 2196 BITS - ok
20:39:05.0117 2196 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:39:05.0132 2196 blbdrive - ok
20:39:05.0148 2196 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:39:05.0164 2196 bowser - ok
20:39:05.0179 2196 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:39:05.0179 2196 BrFiltLo - ok
20:39:05.0195 2196 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:39:05.0195 2196 BrFiltUp - ok
20:39:05.0210 2196 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:39:05.0242 2196 BridgeMP - ok
20:39:05.0257 2196 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:39:05.0257 2196 Browser - ok
20:39:05.0273 2196 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:39:05.0288 2196 Brserid - ok
20:39:05.0288 2196 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:39:05.0288 2196 BrSerWdm - ok
20:39:05.0304 2196 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:39:05.0304 2196 BrUsbMdm - ok
20:39:05.0304 2196 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:39:05.0304 2196 BrUsbSer - ok
20:39:05.0320 2196 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:39:05.0335 2196 BTHMODEM - ok
20:39:05.0351 2196 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:39:05.0366 2196 bthserv - ok
20:39:05.0366 2196 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:39:05.0382 2196 cdfs - ok
20:39:05.0398 2196 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:39:05.0429 2196 cdrom - ok
20:39:05.0444 2196 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:39:05.0444 2196 CertPropSvc - ok
20:39:05.0460 2196 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:39:05.0460 2196 circlass - ok
20:39:05.0476 2196 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:39:05.0491 2196 CLFS - ok
20:39:05.0538 2196 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:39:05.0538 2196 clr_optimization_v2.0.50727_32 - ok
20:39:05.0569 2196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:39:05.0569 2196 clr_optimization_v4.0.30319_32 - ok
20:39:05.0569 2196 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:39:05.0585 2196 CmBatt - ok
20:39:05.0616 2196 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:39:05.0632 2196 cmdide - ok
20:39:05.0647 2196 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
20:39:05.0647 2196 CNG - ok
20:39:05.0663 2196 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS
20:39:05.0678 2196 COMMONFX - ok
20:39:05.0678 2196 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS
20:39:05.0678 2196 COMMONFX.SYS - ok
20:39:05.0694 2196 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:39:05.0710 2196 Compbatt - ok
20:39:05.0725 2196 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:39:05.0725 2196 CompositeBus - ok
20:39:05.0725 2196 COMSysApp - ok
20:39:05.0741 2196 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:39:05.0756 2196 crcdisk - ok
20:39:05.0803 2196 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
20:39:05.0803 2196 Creative Audio Engine Licensing Service - ok
20:39:05.0819 2196 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:39:05.0834 2196 CryptSvc - ok
20:39:05.0850 2196 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
20:39:05.0850 2196 CT20XUT.DLL - ok
20:39:05.0881 2196 [ 357C534B38019B597F51C8BF7186C118 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
20:39:05.0897 2196 ctac32k - ok
20:39:05.0912 2196 [ 691F8259A1F9C983356D8DB2CDE8043C ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
20:39:05.0928 2196 ctaud2k - ok
20:39:05.0959 2196 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS
20:39:05.0959 2196 CTAUDFX - ok
20:39:05.0975 2196 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS
20:39:05.0975 2196 CTAUDFX.SYS - ok
20:39:06.0006 2196 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
20:39:06.0022 2196 CTAudSvcService - ok
20:39:06.0037 2196 [ 8545D70B0335A05498F34E7E3F8CA9A2 ] ctdvda2k C:\Windows\system32\drivers\ctdvda2k.sys
20:39:06.0053 2196 ctdvda2k - ok
20:39:06.0068 2196 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
20:39:06.0084 2196 CTEAPSFX.DLL - ok
20:39:06.0084 2196 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
20:39:06.0100 2196 CTEDSPFX.DLL - ok
20:39:06.0100 2196 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
20:39:06.0100 2196 CTEDSPIO.DLL - ok
20:39:06.0115 2196 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
20:39:06.0115 2196 CTEDSPSY.DLL - ok
20:39:06.0131 2196 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS
20:39:06.0162 2196 CTERFXFX - ok
20:39:06.0162 2196 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS
20:39:06.0162 2196 CTERFXFX.SYS - ok
20:39:06.0209 2196 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
20:39:06.0224 2196 CTEXFIFX.DLL - ok
20:39:06.0240 2196 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
20:39:06.0240 2196 CTHWIUT.DLL - ok
20:39:06.0256 2196 [ 4D71541283AEA28FB839007BE90B5FC7 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
20:39:06.0271 2196 ctprxy2k - ok
20:39:06.0287 2196 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS
20:39:06.0302 2196 CTSBLFX - ok
20:39:06.0318 2196 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS
20:39:06.0318 2196 CTSBLFX.SYS - ok
20:39:06.0334 2196 [ 632194572EBDE8D461728CF382A7E964 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
20:39:06.0349 2196 ctsfm2k - ok
20:39:06.0380 2196 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:39:06.0380 2196 DcomLaunch - ok
20:39:06.0396 2196 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:39:06.0396 2196 defragsvc - ok
20:39:06.0427 2196 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:39:06.0443 2196 DfsC - ok
20:39:06.0458 2196 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:39:06.0458 2196 Dhcp - ok
20:39:06.0474 2196 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:39:06.0490 2196 discache - ok
20:39:06.0505 2196 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:39:06.0521 2196 Disk - ok
20:39:06.0552 2196 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:39:06.0552 2196 Dnscache - ok
20:39:06.0583 2196 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:39:06.0583 2196 dot3svc - ok
20:39:06.0583 2196 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:39:06.0583 2196 DPS - ok
20:39:06.0599 2196 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:39:06.0614 2196 drmkaud - ok
20:39:06.0646 2196 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:39:06.0755 2196 DXGKrnl - ok
20:39:06.0786 2196 [ E31464CE787E3A0FFEA55BAA591897F0 ] eamon C:\Windows\system32\DRIVERS\eamon.sys
20:39:06.0786 2196 eamon - ok
20:39:06.0802 2196 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:39:06.0802 2196 EapHost - ok
20:39:06.0880 2196 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:39:06.0942 2196 ebdrv - ok
20:39:06.0958 2196 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:39:06.0958 2196 EFS - ok
20:39:06.0973 2196 [ 2C95A7A87E4272C1FFF9BAF579677DB3 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
20:39:06.0989 2196 ehdrv - ok
20:39:07.0020 2196 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:39:07.0036 2196 ehRecvr - ok
20:39:07.0036 2196 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:39:07.0051 2196 ehSched - ok
20:39:07.0082 2196 [ 5E245B6C66122614000ADDFCD41CEDCE ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
20:39:07.0098 2196 EhttpSrv - ok
20:39:07.0129 2196 [ A5F63285C1B6C4B396D9ACE0DFFC88EF ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
20:39:07.0129 2196 ekrn - ok
20:39:07.0145 2196 [ 44996A2ADDD2DB7454F2CA40B67D8941 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:39:07.0160 2196 ElbyCDIO - ok
20:39:07.0176 2196 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:39:07.0223 2196 elxstor - ok
20:39:07.0238 2196 [ BACD9CC06D7A787E529E7EBF56B671AA ] emupia C:\Windows\system32\drivers\emupia2k.sys
20:39:07.0254 2196 emupia - ok
20:39:07.0270 2196 [ C2C9A92B560A775C65B89E78DCB6951A ] epfw C:\Windows\system32\DRIVERS\epfw.sys
20:39:07.0270 2196 epfw - ok
20:39:07.0285 2196 [ 73FC7C4A5952B5493C6BE2708D1538C0 ] Epfwndis C:\Windows\system32\DRIVERS\Epfwndis.sys
20:39:07.0316 2196 Epfwndis - ok
20:39:07.0316 2196 [ 5211FB96523E6C1AEE19D6FB4D57CE25 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
20:39:07.0332 2196 epfwwfp - ok
20:39:07.0332 2196 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:39:07.0348 2196 ErrDev - ok
20:39:07.0379 2196 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:39:07.0394 2196 EventSystem - ok
20:39:07.0410 2196 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:39:07.0426 2196 exfat - ok
20:39:07.0457 2196 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:39:07.0472 2196 fastfat - ok
20:39:07.0488 2196 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:39:07.0504 2196 Fax - ok
20:39:07.0519 2196 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:39:07.0550 2196 fdc - ok
20:39:07.0566 2196 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:39:07.0566 2196 fdPHost - ok
20:39:07.0582 2196 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:39:07.0582 2196 FDResPub - ok
20:39:07.0597 2196 [ F5CB6CB6D12F495516BE27CFFCCDE4BF ] FETNDIS C:\Windows\system32\DRIVERS\fetnd6.sys
20:39:07.0613 2196 FETNDIS - ok
20:39:07.0628 2196 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:39:07.0644 2196 FileInfo - ok
20:39:07.0644 2196 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:39:07.0660 2196 Filetrace - ok
20:39:07.0675 2196 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:39:07.0691 2196 flpydisk - ok
20:39:07.0706 2196 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:39:07.0706 2196 FltMgr - ok
20:39:07.0738 2196 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:39:07.0738 2196 FontCache - ok
20:39:07.0769 2196 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:39:07.0784 2196 FontCache3.0.0.0 - ok
20:39:07.0784 2196 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:39:07.0800 2196 FsDepends - ok
20:39:07.0816 2196 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:39:07.0831 2196 Fs_Rec - ok
20:39:07.0847 2196 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:39:07.0878 2196 fvevol - ok
20:39:07.0909 2196 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:39:07.0925 2196 gagp30kx - ok
20:39:07.0956 2196 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:39:07.0956 2196 gpsvc - ok
20:39:08.0003 2196 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:39:08.0003 2196 gupdate - ok
20:39:08.0003 2196 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:39:08.0003 2196 gupdatem - ok
20:39:08.0034 2196 [ 70606233F3ED0E53CB3EA17F846D6A4F ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
20:39:08.0065 2196 ha10kx2k - ok
20:39:08.0081 2196 [ A0C69AD2A61E576B0207ACDD9626E167 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
20:39:08.0096 2196 hap16v2k - ok
20:39:08.0096 2196 [ 2EE89452C574D259ADA4FC9FC1C07243 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
20:39:08.0112 2196 hap17v2k - ok
20:39:08.0128 2196 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:39:08.0143 2196 hcw85cir - ok
20:39:08.0159 2196 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:39:08.0159 2196 HDAudBus - ok
20:39:08.0174 2196 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:39:08.0190 2196 HidBatt - ok
20:39:08.0221 2196 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:39:08.0237 2196 HidBth - ok
20:39:08.0237 2196 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:39:08.0252 2196 HidIr - ok
20:39:08.0284 2196 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
20:39:08.0284 2196 hidserv - ok
20:39:08.0284 2196 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:39:08.0299 2196 HidUsb - ok
20:39:08.0315 2196 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:39:08.0315 2196 hkmsvc - ok
20:39:08.0346 2196 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:39:08.0346 2196 HomeGroupListener - ok
20:39:08.0362 2196 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:39:08.0377 2196 HomeGroupProvider - ok
20:39:08.0393 2196 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:39:08.0424 2196 HpSAMD - ok
20:39:08.0440 2196 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:39:08.0486 2196 HTTP - ok
20:39:08.0486 2196 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:39:08.0502 2196 hwpolicy - ok
20:39:08.0518 2196 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:39:08.0533 2196 i8042prt - ok
20:39:08.0549 2196 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:39:08.0580 2196 iaStorV - ok
20:39:08.0611 2196 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:39:08.0627 2196 idsvc - ok
20:39:08.0642 2196 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:39:08.0658 2196 iirsp - ok
20:39:08.0689 2196 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:39:08.0689 2196 IKEEXT - ok
20:39:08.0705 2196 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:39:08.0720 2196 intelide - ok
20:39:08.0752 2196 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:39:08.0752 2196 intelppm - ok
20:39:08.0767 2196 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:39:08.0767 2196 IPBusEnum - ok
20:39:08.0783 2196 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:39:08.0798 2196 IpFilterDriver - ok
20:39:08.0830 2196 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:39:08.0830 2196 iphlpsvc - ok
20:39:08.0845 2196 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:39:08.0861 2196 IPMIDRV - ok
20:39:08.0861 2196 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:39:08.0892 2196 IPNAT - ok
20:39:08.0908 2196 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:39:08.0923 2196 IRENUM - ok
20:39:08.0939 2196 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:39:08.0970 2196 isapnp - ok
20:39:08.0986 2196 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:39:09.0001 2196 iScsiPrt - ok
20:39:09.0017 2196 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:39:09.0032 2196 kbdclass - ok
20:39:09.0032 2196 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:39:09.0064 2196 kbdhid - ok
20:39:09.0064 2196 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:39:09.0064 2196 KeyIso - ok
20:39:09.0079 2196 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:39:09.0079 2196 KSecDD - ok
20:39:09.0095 2196 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:39:09.0110 2196 KSecPkg - ok
20:39:09.0126 2196 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:39:09.0142 2196 KtmRm - ok
20:39:09.0157 2196 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
20:39:09.0173 2196 LanmanServer - ok
20:39:09.0188 2196 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:39:09.0188 2196 LanmanWorkstation - ok
20:39:09.0220 2196 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:39:09.0235 2196 LBTServ - ok
20:39:09.0251 2196 [ 717E6714BCA808F2A372E636AFF3D15A ] LEqdUsb C:\Windows\System32\Drivers\LEqdUsb.Sys
20:39:09.0251 2196 LEqdUsb - ok
20:39:09.0266 2196 [ 2786F7B4003ADFF88CE28BC1800B5407 ] LHidEqd C:\Windows\System32\Drivers\LHidEqd.Sys
20:39:09.0266 2196 LHidEqd - ok
20:39:09.0282 2196 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:39:09.0282 2196 LHidFilt - ok
20:39:09.0313 2196 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:39:09.0329 2196 lltdio - ok
20:39:09.0360 2196 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:39:09.0360 2196 lltdsvc - ok
20:39:09.0376 2196 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:39:09.0376 2196 lmhosts - ok
20:39:09.0376 2196 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:39:09.0391 2196 LMouFilt - ok
20:39:09.0391 2196 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:39:09.0407 2196 LSI_FC - ok
20:39:09.0422 2196 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:39:09.0438 2196 LSI_SAS - ok
20:39:09.0438 2196 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:39:09.0469 2196 LSI_SAS2 - ok
20:39:09.0485 2196 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:39:09.0500 2196 LSI_SCSI - ok
20:39:09.0516 2196 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:39:09.0532 2196 luafv - ok
20:39:09.0532 2196 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt C:\Windows\System32\Drivers\LUsbFilt.Sys
20:39:09.0547 2196 LUsbFilt - ok
20:39:09.0563 2196 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:39:09.0563 2196 Mcx2Svc - ok
20:39:09.0563 2196 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:39:09.0594 2196 megasas - ok
20:39:09.0625 2196 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:39:09.0641 2196 MegaSR - ok
20:39:09.0656 2196 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:39:09.0656 2196 MMCSS - ok
20:39:09.0672 2196 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:39:09.0688 2196 Modem - ok
20:39:09.0719 2196 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:39:09.0719 2196 monitor - ok
20:39:09.0734 2196 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:39:09.0750 2196 mouclass - ok
20:39:09.0766 2196 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:39:09.0781 2196 mouhid - ok
20:39:09.0797 2196 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:39:09.0812 2196 mountmgr - ok
20:39:09.0828 2196 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:39:09.0859 2196 mpio - ok
20:39:09.0859 2196 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:39:09.0875 2196 mpsdrv - ok
20:39:09.0890 2196 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:39:09.0906 2196 MpsSvc - ok
20:39:09.0922 2196 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:39:09.0937 2196 MRxDAV - ok
20:39:09.0953 2196 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:39:09.0968 2196 mrxsmb - ok
20:39:09.0984 2196 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:39:10.0015 2196 mrxsmb10 - ok
20:39:10.0031 2196 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:39:10.0046 2196 mrxsmb20 - ok
20:39:10.0062 2196 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:39:10.0078 2196 msahci - ok
20:39:10.0109 2196 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:39:10.0124 2196 msdsm - ok
20:39:10.0140 2196 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\system32\msdtc.exe
20:39:10.0140 2196 MSDTC - ok
20:39:10.0156 2196 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:39:10.0171 2196 Msfs - ok
20:39:10.0187 2196 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:39:10.0202 2196 mshidkmdf - ok
20:39:10.0202 2196 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:39:10.0218 2196 msisadrv - ok
20:39:10.0249 2196 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:39:10.0249 2196 MSiSCSI - ok
20:39:10.0249 2196 msiserver - ok
20:39:10.0249 2196 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:39:10.0265 2196 MSKSSRV - ok
20:39:10.0280 2196 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:39:10.0296 2196 MSPCLOCK - ok
20:39:10.0296 2196 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:39:10.0312 2196 MSPQM - ok
20:39:10.0312 2196 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:39:10.0327 2196 MsRPC - ok
20:39:10.0343 2196 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:39:10.0343 2196 mssmbios - ok
20:39:10.0358 2196 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:39:10.0358 2196 MSTEE - ok
20:39:10.0374 2196 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:39:10.0405 2196 MTConfig - ok
20:39:10.0405 2196 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:39:10.0405 2196 Mup - ok
20:39:10.0436 2196 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:39:10.0436 2196 napagent - ok
20:39:10.0468 2196 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:39:10.0483 2196 NativeWifiP - ok
20:39:10.0530 2196 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:39:10.0546 2196 NDIS - ok
20:39:10.0546 2196 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:39:10.0561 2196 NdisCap - ok
20:39:10.0577 2196 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:39:10.0577 2196 NdisTapi - ok
20:39:10.0592 2196 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:39:10.0608 2196 Ndisuio - ok
20:39:10.0624 2196 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:39:10.0639 2196 NdisWan - ok
20:39:10.0655 2196 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:39:10.0686 2196 NDProxy - ok
20:39:10.0686 2196 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:39:10.0717 2196 NetBIOS - ok
20:39:10.0733 2196 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:39:10.0748 2196 NetBT - ok
20:39:10.0764 2196 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:39:10.0764 2196 Netlogon - ok
20:39:10.0795 2196 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:39:10.0795 2196 Netman - ok
20:39:10.0811 2196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:39:10.0811 2196 NetMsmqActivator - ok
20:39:10.0811 2196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:39:10.0811 2196 NetPipeActivator - ok
20:39:10.0842 2196 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:39:10.0842 2196 netprofm - ok
20:39:10.0842 2196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:39:10.0842 2196 NetTcpActivator - ok
20:39:10.0842 2196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:39:10.0858 2196 NetTcpPortSharing - ok
20:39:10.0873 2196 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:39:10.0889 2196 nfrd960 - ok
20:39:10.0998 2196 [ BD7A1D7BEF2C0FDE73F7B87971ED9D2F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
20:39:11.0029 2196 NIHardwareService - ok
20:39:11.0060 2196 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:39:11.0060 2196 NlaSvc - ok
20:39:11.0076 2196 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:39:11.0092 2196 Npfs - ok
20:39:11.0107 2196 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:39:11.0123 2196 nsi - ok
20:39:11.0123 2196 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:39:11.0154 2196 nsiproxy - ok
20:39:11.0185 2196 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:39:11.0216 2196 Ntfs - ok
20:39:11.0216 2196 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:39:11.0232 2196 Null - ok
20:39:11.0248 2196 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:39:11.0263 2196 nvraid - ok
20:39:11.0279 2196 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:39:11.0310 2196 nvstor - ok
20:39:11.0326 2196 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:39:11.0341 2196 nv_agp - ok
20:39:11.0357 2196 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:39:11.0357 2196 ohci1394 - ok
20:39:11.0372 2196 [ AE896073E1BBF98FEFC2EC52F62C0FBA ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
20:39:11.0388 2196 ossrv - ok
20:39:11.0404 2196 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:39:11.0404 2196 p2pimsvc - ok
20:39:11.0419 2196 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:39:11.0435 2196 p2psvc - ok
20:39:11.0435 2196 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:39:11.0450 2196 Parport - ok
20:39:11.0482 2196 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:39:11.0513 2196 partmgr - ok
20:39:11.0513 2196 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:39:11.0528 2196 Parvdm - ok
20:39:11.0544 2196 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:39:11.0560 2196 PcaSvc - ok
20:39:11.0575 2196 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:39:11.0591 2196 pci - ok
20:39:11.0606 2196 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:39:11.0622 2196 pciide - ok
20:39:11.0638 2196 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:39:11.0653 2196 pcmcia - ok
20:39:11.0669 2196 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:39:11.0684 2196 pcw - ok
20:39:11.0716 2196 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:39:11.0716 2196 PEAUTH - ok
20:39:11.0778 2196 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:39:11.0794 2196 pla - ok
20:39:11.0825 2196 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:39:11.0825 2196 PlugPlay - ok
20:39:11.0840 2196 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:39:11.0840 2196 PNRPAutoReg - ok
20:39:11.0856 2196 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:39:11.0856 2196 PNRPsvc - ok
20:39:11.0887 2196 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:39:11.0903 2196 PolicyAgent - ok
20:39:11.0918 2196 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:39:11.0918 2196 Power - ok
20:39:11.0934 2196 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:39:11.0950 2196 PptpMiniport - ok
20:39:11.0981 2196 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:39:11.0996 2196 Processor - ok
20:39:12.0028 2196 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:39:12.0028 2196 ProfSvc - ok
20:39:12.0043 2196 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:39:12.0059 2196 ProtectedStorage - ok
20:39:12.0074 2196 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:39:12.0090 2196 Psched - ok
20:39:12.0121 2196 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:39:12.0152 2196 ql2300 - ok
20:39:12.0184 2196 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:39:12.0199 2196 ql40xx - ok
20:39:12.0230 2196 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:39:12.0230 2196 QWAVE - ok
20:39:12.0230 2196 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:39:12.0246 2196 QWAVEdrv - ok
20:39:12.0262 2196 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:39:12.0277 2196 RasAcd - ok
20:39:12.0293 2196 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:39:12.0308 2196 RasAgileVpn - ok
20:39:12.0324 2196 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:39:12.0324 2196 RasAuto - ok
20:39:12.0340 2196 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:39:12.0355 2196 Rasl2tp - ok
20:39:12.0371 2196 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:39:12.0386 2196 RasMan - ok
20:39:12.0386 2196 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:39:12.0402 2196 RasPppoe - ok
20:39:12.0433 2196 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:39:12.0449 2196 RasSstp - ok
20:39:12.0464 2196 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:39:12.0496 2196 rdbss - ok
20:39:12.0511 2196 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:39:12.0527 2196 rdpbus - ok
20:39:12.0542 2196 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:39:12.0558 2196 RDPCDD - ok
20:39:12.0574 2196 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:39:12.0589 2196 RDPENCDD - ok
20:39:12.0589 2196 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:39:12.0605 2196 RDPREFMP - ok
20:39:12.0636 2196 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:39:12.0636 2196 RdpVideoMiniport - ok
20:39:12.0667 2196 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:39:12.0683 2196 RDPWD - ok
20:39:12.0683 2196 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:39:12.0714 2196 rdyboost - ok
20:39:12.0730 2196 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:39:12.0730 2196 RemoteAccess - ok
20:39:12.0761 2196 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:39:12.0761 2196 RemoteRegistry - ok
20:39:12.0776 2196 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:39:12.0792 2196 RpcEptMapper - ok
20:39:12.0808 2196 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:39:12.0808 2196 RpcLocator - ok
20:39:12.0823 2196 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:39:12.0823 2196 RpcSs - ok
20:39:12.0854 2196 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:39:12.0886 2196 rspndr - ok
20:39:12.0901 2196 [ 166911EADA13CD34DD8F8C667707BE94 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
20:39:12.0932 2196 RTL8023xp - ok
20:39:12.0932 2196 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:39:12.0932 2196 SamSs - ok
20:39:12.0948 2196 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:39:12.0964 2196 sbp2port - ok
20:39:12.0979 2196 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:39:12.0979 2196 SCardSvr - ok
20:39:12.0995 2196 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:39:12.0995 2196 scfilter - ok
20:39:13.0026 2196 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:39:13.0026 2196 Schedule - ok
20:39:13.0042 2196 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:39:13.0042 2196 SCPolicySvc - ok
20:39:13.0057 2196 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:39:13.0073 2196 SDRSVC - ok
20:39:13.0073 2196 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:39:13.0088 2196 secdrv - ok
20:39:13.0104 2196 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:39:13.0104 2196 seclogon - ok
20:39:13.0104 2196 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
20:39:13.0120 2196 SENS - ok
20:39:13.0135 2196 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:39:13.0135 2196 SensrSvc - ok
20:39:13.0151 2196 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:39:13.0166 2196 Serenum - ok
20:39:13.0182 2196 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:39:13.0198 2196 Serial - ok
20:39:13.0229 2196 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:39:13.0244 2196 sermouse - ok
20:39:13.0260 2196 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:39:13.0260 2196 SessionEnv - ok
20:39:13.0276 2196 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:39:13.0291 2196 sffdisk - ok
20:39:13.0307 2196 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:39:13.0322 2196 sffp_mmc - ok
20:39:13.0322 2196 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:39:13.0354 2196 sffp_sd - ok
20:39:13.0354 2196 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:39:13.0369 2196 sfloppy - ok
20:39:13.0385 2196 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:39:13.0400 2196 SharedAccess - ok
20:39:13.0432 2196 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:39:13.0447 2196 ShellHWDetection - ok
20:39:13.0447 2196 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:39:13.0463 2196 sisagp - ok
20:39:13.0478 2196 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:39:13.0510 2196 SiSRaid2 - ok
20:39:13.0525 2196 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:39:13.0556 2196 SiSRaid4 - ok
20:39:13.0572 2196 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:39:13.0588 2196 Smb - ok
20:39:13.0603 2196 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:39:13.0603 2196 SNMPTRAP - ok
20:39:13.0619 2196 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:39:13.0619 2196 spldr - ok
20:39:13.0650 2196 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:39:13.0650 2196 Spooler - ok
20:39:13.0744 2196 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:39:13.0775 2196 sppsvc - ok
20:39:13.0775 2196 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:39:13.0790 2196 sppuinotify - ok
20:39:13.0806 2196 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:39:13.0822 2196 srv - ok
20:39:13.0837 2196 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:39:13.0868 2196 srv2 - ok
20:39:13.0884 2196 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:39:13.0915 2196 srvnet - ok
20:39:13.0931 2196 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:39:13.0931 2196 SSDPSRV - ok
20:39:13.0946 2196 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:39:13.0962 2196 SstpSvc - ok
20:39:13.0962 2196 Steam Client Service - ok
20:39:13.0978 2196 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:39:13.0993 2196 stexstor - ok
20:39:14.0024 2196 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:39:14.0024 2196 StiSvc - ok
20:39:14.0056 2196 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:39:14.0056 2196 swenum - ok
20:39:14.0071 2196 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:39:14.0087 2196 swprv - ok
20:39:14.0118 2196 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:39:14.0134 2196 SysMain - ok
20:39:14.0149 2196 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:39:14.0149 2196 TabletInputService - ok
20:39:14.0165 2196 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:39:14.0180 2196 TapiSrv - ok
20:39:14.0196 2196 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:39:14.0196 2196 TBS - ok
20:39:14.0243 2196 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:39:14.0274 2196 Tcpip - ok
20:39:14.0290 2196 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:39:14.0305 2196 TCPIP6 - ok
20:39:14.0321 2196 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:39:14.0352 2196 tcpipreg - ok
20:39:14.0368 2196 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:39:14.0383 2196 TDPIPE - ok
20:39:14.0414 2196 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:39:14.0430 2196 TDTCP - ok
20:39:14.0446 2196 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:39:14.0477 2196 tdx - ok
20:39:14.0492 2196 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:39:14.0508 2196 TermDD - ok
20:39:14.0524 2196 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:39:14.0539 2196 TermService - ok
20:39:14.0555 2196 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:39:14.0555 2196 Themes - ok
20:39:14.0570 2196 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:39:14.0570 2196 THREADORDER - ok
20:39:14.0570 2196 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:39:14.0586 2196 TrkWks - ok
20:39:14.0617 2196 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:39:14.0617 2196 TrustedInstaller - ok
20:39:14.0633 2196 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:39:14.0680 2196 tssecsrv - ok
20:39:14.0695 2196 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:39:14.0726 2196 TsUsbFlt - ok
20:39:14.0742 2196 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:39:14.0773 2196 TsUsbGD - ok
20:39:14.0773 2196 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:39:14.0789 2196 tunnel - ok
20:39:14.0820 2196 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:39:14.0836 2196 uagp35 - ok
20:39:14.0851 2196 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:39:14.0882 2196 udfs - ok
20:39:14.0914 2196 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:39:14.0914 2196 UI0Detect - ok
20:39:14.0929 2196 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:39:14.0945 2196 uliagpkx - ok
20:39:14.0960 2196 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:39:14.0976 2196 umbus - ok
20:39:14.0992 2196 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:39:15.0007 2196 UmPass - ok
20:39:15.0038 2196 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:39:15.0054 2196 upnphost - ok
20:39:15.0054 2196 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:39:15.0085 2196 usbccgp - ok
20:39:15.0101 2196 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:39:15.0116 2196 usbcir - ok
20:39:15.0132 2196 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:39:15.0148 2196 usbehci - ok
20:39:15.0163 2196 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:39:15.0179 2196 usbhub - ok
20:39:15.0179 2196 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:39:15.0210 2196 usbohci - ok
20:39:15.0226 2196 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:39:15.0241 2196 usbprint - ok
20:39:15.0257 2196 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:39:15.0272 2196 USBSTOR - ok
20:39:15.0272 2196 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:39:15.0288 2196 usbuhci - ok
20:39:15.0304 2196 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:39:15.0304 2196 UxSms - ok
20:39:15.0319 2196 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:39:15.0319 2196 VaultSvc - ok
20:39:15.0335 2196 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:39:15.0350 2196 vdrvroot - ok
20:39:15.0382 2196 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:39:15.0382 2196 vds - ok
20:39:15.0397 2196 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:39:15.0413 2196 vga - ok
20:39:15.0428 2196 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:39:15.0444 2196 VgaSave - ok
20:39:15.0460 2196 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:39:15.0475 2196 vhdmp - ok
20:39:15.0491 2196 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:39:15.0506 2196 viaagp - ok
20:39:15.0538 2196 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:39:15.0553 2196 ViaC7 - ok
20:39:15.0569 2196 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:39:15.0584 2196 viaide - ok
20:39:15.0600 2196 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:39:15.0631 2196 volmgr - ok
20:39:15.0647 2196 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:39:15.0662 2196 volmgrx - ok
20:39:15.0678 2196 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:39:15.0725 2196 volsnap - ok
20:39:15.0740 2196 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:39:15.0756 2196 vsmraid - ok
20:39:15.0803 2196 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:39:15.0803 2196 VSS - ok
20:39:15.0834 2196 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:39:15.0850 2196 vwifibus - ok
20:39:15.0865 2196 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:39:15.0865 2196 W32Time - ok
20:39:15.0912 2196 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
20:39:15.0912 2196 W3SVC - ok
20:39:15.0928 2196 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:39:15.0943 2196 WacomPen - ok
20:39:15.0959 2196 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:39:15.0974 2196 WANARP - ok
20:39:15.0974 2196 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:39:15.0974 2196 Wanarpv6 - ok
20:39:15.0990 2196 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
20:39:15.0990 2196 WAS - ok
20:39:16.0037 2196 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:39:16.0037 2196 WatAdminSvc - ok
20:39:16.0084 2196 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:39:16.0099 2196 wbengine - ok
20:39:16.0115 2196 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:39:16.0115 2196 WbioSrvc - ok
20:39:16.0130 2196 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:39:16.0130 2196 wcncsvc - ok
20:39:16.0146 2196 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:39:16.0146 2196 WcsPlugInService - ok
20:39:16.0162 2196 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:39:16.0177 2196 Wd - ok
20:39:16.0208 2196 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:39:16.0240 2196 Wdf01000 - ok
20:39:16.0240 2196 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:39:16.0255 2196 WdiServiceHost - ok
20:39:16.0255 2196 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:39:16.0255 2196 WdiSystemHost - ok
20:39:16.0271 2196 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:39:16.0271 2196 WebClient - ok
20:39:16.0302 2196 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:39:16.0302 2196 Wecsvc - ok
20:39:16.0318 2196 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:39:16.0318 2196 wercplsupport - ok
20:39:16.0333 2196 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:39:16.0333 2196 WerSvc - ok
20:39:16.0349 2196 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:39:16.0364 2196 WfpLwf - ok
20:39:16.0380 2196 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:39:16.0396 2196 WIMMount - ok
20:39:16.0442 2196 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:39:16.0442 2196 WinDefend - ok
20:39:16.0458 2196 WinHttpAutoProxySvc - ok
20:39:16.0489 2196 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:39:16.0489 2196 Winmgmt - ok
20:39:16.0536 2196 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:39:16.0552 2196 WinRM - ok
20:39:16.0583 2196 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:39:16.0598 2196 Wlansvc - ok
20:39:16.0676 2196 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:39:16.0692 2196 wlidsvc - ok
20:39:16.0708 2196 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:39:16.0723 2196 WmiAcpi - ok
20:39:16.0739 2196 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:39:16.0739 2196 wmiApSrv - ok
20:39:16.0801 2196 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:39:16.0801 2196 WMPNetworkSvc - ok
20:39:16.0817 2196 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:39:16.0817 2196 WPCSvc - ok
20:39:16.0832 2196 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:39:16.0832 2196 WPDBusEnum - ok
20:39:16.0848 2196 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:39:16.0864 2196 ws2ifsl - ok
20:39:16.0879 2196 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
20:39:16.0895 2196 wscsvc - ok
20:39:16.0895 2196 WSearch - ok
20:39:16.0973 2196 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:39:16.0973 2196 wuauserv - ok
20:39:17.0004 2196 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:39:17.0004 2196 WudfPf - ok
20:39:17.0020 2196 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:39:17.0020 2196 WUDFRd - ok
20:39:17.0020 2196 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:39:17.0035 2196 wudfsvc - ok
20:39:17.0051 2196 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:39:17.0051 2196 WwanSvc - ok
20:39:17.0066 2196 ================ Scan global ===============================
20:39:17.0098 2196 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:39:17.0113 2196 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:39:17.0129 2196 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:39:17.0144 2196 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:39:17.0160 2196 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:39:17.0160 2196 [Global] - ok
20:39:17.0160 2196 ================ Scan MBR ==================================
20:39:17.0176 2196 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:39:17.0332 2196 \Device\Harddisk0\DR0 - ok
20:39:17.0332 2196 ================ Scan VBR ==================================
20:39:17.0332 2196 [ 66C6718A1A5C2C9134A1733DE708EB72 ] \Device\Harddisk0\DR0\Partition1
20:39:17.0332 2196 \Device\Harddisk0\DR0\Partition1 - ok
20:39:17.0332 2196 ============================================================
20:39:17.0332 2196 Scan finished
20:39:17.0332 2196 ============================================================
20:39:17.0347 1604 Detected object count: 0
20:39:17.0347 1604 Actual detected object count: 0
20:39:56.0238 3896 Deinitialize success





aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-29 20:41:12
-----------------------------
20:41:12.825 OS Version: Windows 6.1.7601 Service Pack 1
20:41:12.825 Number of processors: 4 586 0xF07
20:41:12.825 ComputerName: TIM-PC UserName: Bear
20:41:23.995 Initialize success
20:42:18.451 AVAST engine defs: 12112900
20:43:19.889 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
20:43:19.889 Disk 0 Vendor: Hitachi_HDT725040VLA360 V5COA7EA Size: 381554MB BusType: 3
20:43:19.905 Disk 0 MBR read successfully
20:43:19.905 Disk 0 MBR scan
20:43:19.905 Disk 0 Windows VISTA default MBR code
20:43:19.905 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 381551 MB offset 63
20:43:19.920 Disk 0 scanning sectors +781417665
20:43:19.967 Disk 0 scanning C:\Windows\system32\drivers
20:43:33.087 Service scanning
20:43:52.805 Modules scanning
20:43:59.841 Disk 0 trace - called modules:
20:43:59.856 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys
20:43:59.856 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x869418a0]
20:44:00.371 3 CLASSPNP.SYS[8c82259e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x863f5908]
20:44:01.323 AVAST engine scan C:\Windows
20:44:02.976 AVAST engine scan C:\Windows\system32
20:46:54.296 AVAST engine scan C:\Windows\system32\drivers
20:47:07.977 AVAST engine scan C:\Users\Bear.Tim-PC
20:50:43.008 AVAST engine scan C:\ProgramData
20:51:03.366 Scan finished successfully
21:00:57.243 Disk 0 MBR has been saved successfully to "C:\Users\Bear.Tim-PC\Desktop\MBR.dat"
21:00:57.243 The log file has been saved successfully to "C:\Users\Bear.Tim-PC\Desktop\aswMBR.txt"




The Eset Online Scanner came up clean, as I thought it would.

Thanx in advance

Tim




#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:23 AM

Posted 29 November 2012 - 08:10 PM

Hello,for some reason I did not see an installeed antivirus.

You need to uninstall...Java™ 6 Update 21 (Version: 6.0.210) and install Java 7 update 9

fsquirt.exe
Process name: Microsoft BlueTooth File Transfer Wizard
Application using this process: Microsoft® Windows® Operating System


Lets run SFC a it may be file corruption from infectiion ,, if this does not fix it you will need to ask this again in the WIN7 as they will need to look for another reason.

System File Checker
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 06 December 2012 - 06:25 PM

Allo! Sorry for the late reply, I've been working away and I've only been back home 1hr. Ok so I'll do as you Said and get back to you. Oh I use ESET Smart Security Ver 4.

Thanx in advance

Tim ;)


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:23 AM

Posted 06 December 2012 - 10:10 PM

OK, post when you can.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 15 December 2012 - 09:08 AM

Allo! How are you? Wow have I been busy!!! Xmas shoppers - they're Kamikaze's man!!! :hysterical: OK so I did as you said, I booted into the WRE off the boot disk and ran the following command through a Command Prompt : sfc /scannow /offbootdir=C:\ /offwindir=C:\Windows

So, it ran and came back with: found some files that are corrupt but can't repair please see CBS.LOG! So, I know where and what that is, the thing is what now?

Thanx in advance

Tim


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:23 AM

Posted 16 December 2012 - 11:49 AM

Hello as it is no longer malware ,you should take this issue and the CBS log up to WIN 7 so they can strighten that out.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:23 AM

Posted 16 December 2012 - 07:08 PM

Allo! Yea OK, thanx for all your advice and help.

Merry Xmas and Happy New Year.

Tim
:thumbup2:

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:23 AM

Posted 16 December 2012 - 07:34 PM

:santa: Merry Christmas Tim
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users