Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't stay connected to the internet


  • Please log in to reply
8 replies to this topic

#1 akellym

akellym

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:25 PM

Posted 03 January 2013 - 10:00 PM

Hey,

The pc I use for work got the System Progressive Protection virus today. I finally got rid of it and everything seems to be working fine, but now it won't stay connected to the internet. I have 3 other pc connected with cat 5 just like the work pc and they work fine all well as all the wireless ones. I can't find anything wrong, I have run bitdefender and everthing is good. If I unplug the cat 5 cable and plug it back in the internet works for about 2 mins then goes down again, if I restart it's the same thing. Any ideas?

BC AdBot (Login to Remove)

 


#2 akellym

akellym
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:25 PM

Posted 04 January 2013 - 06:43 PM

still not working, I did try a USB wireless and have the same issue...

#3 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:25 PM

Posted 04 January 2013 - 07:09 PM

Hi akellym, and welcome! :thumbsup:

I just want to let you know that I moved this topic to the Am I Infected forum so we can check for leftovers.

A quick question: You mention you've removed the virus...have you followed the method described here?

Or was there another method you used to remove it?

bloopie

#4 akellym

akellym
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:25 PM

Posted 05 January 2013 - 11:32 AM

yes I followed that removal

#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:25 PM

Posted 05 January 2013 - 12:18 PM

Hi again,

:step1:

Okay, could you please post me the MBAM log that you ran according to the removal instructions linked above? The log can be found in the "Logs" tab with the program open...look for the date and time of the scan to find the correct log. Please copy and paste all logs in your next reply.

==========

:step2:

Also, what operating system are you using with the machine in question?

==========

:step3:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

==========

Please post both logs in your next reply and let me know the OS you're running!

bloopie

#6 akellym

akellym
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:25 PM

Posted 05 January 2013 - 06:06 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by k (administrator) on 05-01-2013 at 16:51:23
Running from "C:\Users\k\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 78.110.170.40:80

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Massiveblack
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-11-66-26-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c0a0:66f5:1035:3391%23(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.51.145(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 301999377
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B3-A3-B4-00-25-11-66-26-21
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{09080EDE-A3D8-49F9-8BE9-FFD22BB1EAF8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
23...00 25 11 66 26 21 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.51.145 276
169.254.51.145 255.255.255.255 On-link 169.254.51.145 276
169.254.255.255 255.255.255.255 On-link 169.254.51.145 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.51.145 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.51.145 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
23 276 fe80::/64 On-link
23 276 fe80::c0a0:66f5:1035:3391/128
On-link
1 306 ff00::/8 On-link
23 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/05/2013 00:43:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/05/2013 00:42:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/04/2013 06:06:44 PM) (Source: RasClient) (User: )
Description: CoId={23B6DB33-8807-4FB7-9EAE-71C371643596}: The user Massiveblack\k dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.

Error: (01/04/2013 06:06:24 PM) (Source: RasClient) (User: )
Description: CoId={D67E6A2A-0360-4876-8F8A-9675899352B6}: The user Massiveblack\k dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.

Error: (01/04/2013 06:06:11 PM) (Source: RasClient) (User: )
Description: CoId={7C08A238-DDE6-44AE-B7B0-7AC94B7AFB42}: The user Massiveblack\k dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (01/04/2013 00:33:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/04/2013 00:33:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (01/03/2013 08:07:44 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/03/2013 08:04:07 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/03/2013 07:59:05 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/03/2013 07:59:05 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/03/2013 05:41:23 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/03/2013 05:41:23 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/03/2013 05:41:03 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/03/2013 05:41:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/03/2013 05:36:46 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147467243

Error: (01/03/2013 05:36:43 PM) (Source: Service Control Manager) (User: )
Description: The Security Center service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (01/05/2013 00:43:17 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe

Error: (01/05/2013 00:43:16 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe

Error: (01/05/2013 00:42:51 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/04/2013 06:06:44 PM) (Source: RasClient)(User: )
Description: {23B6DB33-8807-4FB7-9EAE-71C371643596}Massiveblack\kBroadband Connection0

Error: (01/04/2013 06:06:24 PM) (Source: RasClient)(User: )
Description: {D67E6A2A-0360-4876-8F8A-9675899352B6}Massiveblack\kBroadband Connection0

Error: (01/04/2013 06:06:11 PM) (Source: RasClient)(User: )
Description: {7C08A238-DDE6-44AE-B7B0-7AC94B7AFB42}Massiveblack\kBroadband Connection651

Error: (01/04/2013 00:33:07 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe

Error: (01/04/2013 00:33:07 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe


CodeIntegrity Errors:
===================================
Date: 2013-01-03 19:57:06.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:56:33.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:40:50.876
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:34:20.170
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:22:21.824
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:19:59.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:13:28.113
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:12:07.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:04:52.283
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-03 17:00:07.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_014\avcuf64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advertising Center (Version: 0.0.0.2)
Bing Bar (Version: 7.0.609.0)
Bitdefender Internet Security 2013 (Version: 16.20.0.1483)
Canon MP Navigator EX 1.0
Canon MX300 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Compact Wireless-G USB Adapter
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
eMachines Games (Version: 1.0.0.71)
eMachines Recovery Management (Version: 4.05.3005)
eMachines Registration (Version: 1.02.3006)
eMachines ScreenSaver (Version: 1.1.0812)
eMachines Updater (Version: 1.01.3017)
Identity Card (Version: 1.00.3002)
ImagXpress (Version: 7.0.74.0)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Maltego Community Edition 3.1.1 (Version: 3.1.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 1.1.500.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Store Download Manager (Version: 2.6.3411.2)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 17.0)
Mozilla Thunderbird 17.0 (x86 en-US) (Version: 17.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.7.201)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.7.201)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.9.100)
Nero InfoTool (Version: 6.4.7.201)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.209)
Nero StartSmart Help (Version: 9.4.11.208)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70)
NVIDIA 3D Vision Driver 310.70 (Version: 310.70)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Presto! PageManager 7.15.16 (Version: 7.15.16)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
RoboForm 7-7-0 (All Users) (Version: 7-7-0)
ScanSoft OmniPage SE 4 (Version: 15.2.0020)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.0 (Version: 6.0.126)
SUPERAntiSpyware (Version: 5.0.1142)
System Requirements Lab
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Visual Web Spider 7.2
Welcome Center (Version: 1.00.3008)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 4095.23 MB
Available physical RAM: 2507.59 MB
Total Pagefile: 8188.66 MB
Available Pagefile: 6461.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.11 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:452.66 GB) (Free:394.17 GB) NTFS
8 Drive j: () (Removable) (Total:3.73 GB) (Free:3.4 GB) NTFS

========================= Users: ========================================

User accounts for \\MASSIVEBLACK

Administrator Guest k
UpdatusUser

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2012.12.14.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
k :: MASSIVEBLACK [administrator]

1/4/2013 10:13:28 PM
mbam-log-2013-01-04 (22-13-28).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 378460
Time elapsed: 48 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:25 PM

Posted 05 January 2013 - 08:41 PM

Hi again,

Thanks for that! Now just one more quick scan before I move this topic back to the OS subforum for your best help with connectivity.

This scan should only take a few minutes:

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    Posted Image

  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    Posted Image
  • Click Start Scan and allow the scan process to run


    Posted Image

  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue


    Posted Image

  • Click Reboot computer
  • Please copy and paste the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) into your next reply.

Also, please let me know if your initial issues still remain!

bloopie

#8 akellym

akellym
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:25 PM

Posted 05 January 2013 - 11:43 PM

yes i'm still have the same issue.


22:40:26.0911 2512 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:40:27.0085 2512 ============================================================
22:40:27.0085 2512 Current date / time: 2013/01/05 22:40:27.0085
22:40:27.0085 2512 SystemInfo:
22:40:27.0085 2512
22:40:27.0085 2512 OS Version: 6.1.7601 ServicePack: 1.0
22:40:27.0085 2512 Product type: Workstation
22:40:27.0085 2512 ComputerName: MASSIVEBLACK
22:40:27.0086 2512 UserName: k
22:40:27.0086 2512 Windows directory: C:\Windows
22:40:27.0086 2512 System windows directory: C:\Windows
22:40:27.0086 2512 Running under WOW64
22:40:27.0086 2512 Processor architecture: Intel x64
22:40:27.0086 2512 Number of processors: 1
22:40:27.0086 2512 Page size: 0x1000
22:40:27.0086 2512 Boot type: Normal boot
22:40:27.0086 2512 ============================================================
22:40:28.0084 2512 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:40:28.0119 2512 Drive \Device\Harddisk6\DR6 - Size: 0xEE700000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:40:28.0122 2512 ============================================================
22:40:28.0122 2512 \Device\Harddisk0\DR0:
22:40:28.0123 2512 MBR partitions:
22:40:28.0123 2512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:40:28.0123 2512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
22:40:28.0123 2512 \Device\Harddisk6\DR6:
22:40:28.0124 2512 MBR partitions:
22:40:28.0124 2512 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x10, BlocksNum 0x7737F0
22:40:28.0124 2512 ============================================================
22:40:28.0138 2512 C: <-> \Device\Harddisk0\DR0\Partition2
22:40:28.0138 2512 ============================================================
22:40:28.0138 2512 Initialize success
22:40:28.0138 2512 ============================================================
22:40:31.0023 2896 ============================================================
22:40:31.0023 2896 Scan started
22:40:31.0023 2896 Mode: Manual;
22:40:31.0023 2896 ============================================================
22:40:31.0680 2896 ================ Scan system memory ========================
22:40:31.0680 2896 System memory - ok
22:40:31.0680 2896 ================ Scan services =============================
22:40:31.0758 2896 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:40:31.0773 2896 !SASCORE - ok
22:40:31.0898 2896 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:40:31.0914 2896 1394ohci - ok
22:40:31.0945 2896 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:40:31.0945 2896 ACPI - ok
22:40:31.0976 2896 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:40:31.0976 2896 AcpiPmi - ok
22:40:32.0039 2896 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:40:32.0054 2896 AdobeARMservice - ok
22:40:32.0163 2896 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:40:32.0195 2896 AdobeFlashPlayerUpdateSvc - ok
22:40:32.0226 2896 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:40:32.0226 2896 adp94xx - ok
22:40:32.0241 2896 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:40:32.0257 2896 adpahci - ok
22:40:32.0288 2896 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:40:32.0288 2896 adpu320 - ok
22:40:32.0351 2896 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:40:32.0351 2896 AeLookupSvc - ok
22:40:32.0413 2896 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:40:32.0413 2896 AFD - ok
22:40:32.0460 2896 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:40:32.0460 2896 agp440 - ok
22:40:32.0491 2896 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:40:32.0491 2896 ALG - ok
22:40:32.0507 2896 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:40:32.0507 2896 aliide - ok
22:40:32.0522 2896 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:40:32.0522 2896 amdide - ok
22:40:32.0538 2896 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:40:32.0538 2896 AmdK8 - ok
22:40:32.0553 2896 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:40:32.0553 2896 AmdPPM - ok
22:40:32.0600 2896 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:40:32.0616 2896 amdsata - ok
22:40:32.0631 2896 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:40:32.0663 2896 amdsbs - ok
22:40:32.0694 2896 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:40:32.0694 2896 amdxata - ok
22:40:32.0741 2896 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:40:32.0741 2896 androidusb - ok
22:40:32.0787 2896 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:40:32.0787 2896 AppID - ok
22:40:32.0819 2896 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:40:32.0819 2896 AppIDSvc - ok
22:40:32.0865 2896 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:40:32.0865 2896 Appinfo - ok
22:40:32.0912 2896 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:40:32.0912 2896 arc - ok
22:40:32.0928 2896 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:40:32.0928 2896 arcsas - ok
22:40:32.0959 2896 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:32.0959 2896 AsyncMac - ok
22:40:32.0990 2896 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:40:32.0990 2896 atapi - ok
22:40:33.0037 2896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:40:33.0053 2896 AudioEndpointBuilder - ok
22:40:33.0068 2896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:40:33.0068 2896 AudioSrv - ok
22:40:33.0131 2896 [ E7433C0C2505D8DEE6CA2A446C355595 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
22:40:33.0146 2896 avc3 - ok
22:40:33.0177 2896 [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
22:40:33.0177 2896 avchv - ok
22:40:33.0209 2896 [ 3CA0BD46B2FC65393A9B1DCAF6E2F7E7 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
22:40:33.0224 2896 avckf - ok
22:40:33.0271 2896 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:40:33.0271 2896 AxInstSV - ok
22:40:33.0318 2896 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:40:33.0318 2896 b06bdrv - ok
22:40:33.0349 2896 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:40:33.0349 2896 b57nd60a - ok
22:40:33.0427 2896 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:40:33.0427 2896 BBSvc - ok
22:40:33.0474 2896 [ EB274492865DD388FCA5BD9B0FB508EA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
22:40:33.0474 2896 BdDesktopParental - ok
22:40:33.0521 2896 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:40:33.0521 2896 BDESVC - ok
22:40:33.0583 2896 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
22:40:33.0583 2896 BdfNdisf - ok
22:40:33.0599 2896 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
22:40:33.0599 2896 bdfwfpf - ok
22:40:33.0645 2896 [ F4683F14A40B05438A8B6E3B4EE765AC ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
22:40:33.0645 2896 BDSandBox - ok
22:40:33.0692 2896 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:40:33.0692 2896 Beep - ok
22:40:33.0739 2896 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:40:33.0755 2896 BFE - ok
22:40:33.0801 2896 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
22:40:33.0817 2896 BITS - ok
22:40:33.0848 2896 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:40:33.0848 2896 blbdrive - ok
22:40:33.0879 2896 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:40:33.0879 2896 bowser - ok
22:40:33.0911 2896 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:40:33.0911 2896 BrFiltLo - ok
22:40:33.0926 2896 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:40:33.0926 2896 BrFiltUp - ok
22:40:33.0957 2896 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:40:33.0957 2896 BridgeMP - ok
22:40:34.0004 2896 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:40:34.0004 2896 Browser - ok
22:40:34.0035 2896 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:40:34.0035 2896 Brserid - ok
22:40:34.0067 2896 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:40:34.0082 2896 BrSerWdm - ok
22:40:34.0098 2896 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:40:34.0098 2896 BrUsbMdm - ok
22:40:34.0129 2896 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:40:34.0129 2896 BrUsbSer - ok
22:40:34.0145 2896 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:40:34.0145 2896 BTHMODEM - ok
22:40:34.0176 2896 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:40:34.0176 2896 bthserv - ok
22:40:34.0207 2896 catchme - ok
22:40:34.0223 2896 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:40:34.0223 2896 cdfs - ok
22:40:34.0269 2896 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:40:34.0285 2896 cdrom - ok
22:40:34.0332 2896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:40:34.0332 2896 CertPropSvc - ok
22:40:34.0347 2896 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:40:34.0363 2896 circlass - ok
22:40:34.0379 2896 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:40:34.0394 2896 CLFS - ok
22:40:34.0457 2896 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:34.0457 2896 clr_optimization_v2.0.50727_32 - ok
22:40:34.0488 2896 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:40:34.0503 2896 clr_optimization_v2.0.50727_64 - ok
22:40:34.0581 2896 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:34.0581 2896 clr_optimization_v4.0.30319_32 - ok
22:40:34.0644 2896 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:40:34.0644 2896 clr_optimization_v4.0.30319_64 - ok
22:40:34.0659 2896 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:34.0659 2896 CmBatt - ok
22:40:34.0691 2896 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:40:34.0691 2896 cmdide - ok
22:40:34.0722 2896 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:40:34.0722 2896 CNG - ok
22:40:34.0753 2896 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:40:34.0753 2896 Compbatt - ok
22:40:34.0784 2896 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:40:34.0784 2896 CompositeBus - ok
22:40:34.0800 2896 COMSysApp - ok
22:40:34.0815 2896 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:40:34.0815 2896 crcdisk - ok
22:40:34.0862 2896 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:40:34.0862 2896 CryptSvc - ok
22:40:34.0893 2896 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
22:40:34.0909 2896 dc3d - ok
22:40:34.0971 2896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:40:34.0987 2896 DcomLaunch - ok
22:40:35.0034 2896 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:40:35.0034 2896 defragsvc - ok
22:40:35.0065 2896 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:40:35.0065 2896 DfsC - ok
22:40:35.0112 2896 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:40:35.0112 2896 Dhcp - ok
22:40:35.0127 2896 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:40:35.0127 2896 discache - ok
22:40:35.0143 2896 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:40:35.0143 2896 Disk - ok
22:40:35.0174 2896 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:40:35.0174 2896 Dnscache - ok
22:40:35.0221 2896 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:40:35.0221 2896 dot3svc - ok
22:40:35.0268 2896 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:40:35.0268 2896 DPS - ok
22:40:35.0299 2896 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:40:35.0299 2896 drmkaud - ok
22:40:35.0346 2896 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:40:35.0361 2896 DXGKrnl - ok
22:40:35.0393 2896 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:40:35.0393 2896 EapHost - ok
22:40:35.0580 2896 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:40:35.0627 2896 ebdrv - ok
22:40:35.0658 2896 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:40:35.0658 2896 EFS - ok
22:40:35.0751 2896 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:40:35.0767 2896 ehRecvr - ok
22:40:35.0814 2896 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:40:35.0829 2896 ehSched - ok
22:40:35.0861 2896 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:40:35.0876 2896 elxstor - ok
22:40:35.0907 2896 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:40:35.0907 2896 ErrDev - ok
22:40:35.0954 2896 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:40:35.0970 2896 EventSystem - ok
22:40:35.0985 2896 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:40:35.0985 2896 exfat - ok
22:40:36.0017 2896 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:40:36.0017 2896 fastfat - ok
22:40:36.0063 2896 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:40:36.0063 2896 Fax - ok
22:40:36.0095 2896 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:40:36.0095 2896 fdc - ok
22:40:36.0110 2896 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:40:36.0110 2896 fdPHost - ok
22:40:36.0126 2896 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:40:36.0141 2896 FDResPub - ok
22:40:36.0157 2896 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:40:36.0157 2896 FileInfo - ok
22:40:36.0173 2896 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:40:36.0173 2896 Filetrace - ok
22:40:36.0188 2896 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:36.0188 2896 flpydisk - ok
22:40:36.0235 2896 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:40:36.0235 2896 FltMgr - ok
22:40:36.0297 2896 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:40:36.0313 2896 FontCache - ok
22:40:36.0391 2896 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:40:36.0391 2896 FontCache3.0.0.0 - ok
22:40:36.0407 2896 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:40:36.0407 2896 FsDepends - ok
22:40:36.0485 2896 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:40:36.0500 2896 fssfltr - ok
22:40:36.0609 2896 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:40:36.0641 2896 fsssvc - ok
22:40:36.0672 2896 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:40:36.0672 2896 Fs_Rec - ok
22:40:36.0719 2896 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:40:36.0719 2896 fvevol - ok
22:40:36.0750 2896 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:40:36.0765 2896 gagp30kx - ok
22:40:36.0812 2896 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
22:40:36.0812 2896 GameConsoleService - ok
22:40:36.0875 2896 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:40:36.0890 2896 gpsvc - ok
22:40:36.0968 2896 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
22:40:37.0093 2896 Greg_Service - ok
22:40:37.0155 2896 [ BF2763FEA9704B1D9AA2C7719423251A ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
22:40:37.0155 2896 gzflt - ok
22:40:37.0171 2896 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:40:37.0171 2896 hcw85cir - ok
22:40:37.0202 2896 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:40:37.0218 2896 HdAudAddService - ok
22:40:37.0233 2896 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:40:37.0233 2896 HDAudBus - ok
22:40:37.0249 2896 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:40:37.0265 2896 HidBatt - ok
22:40:37.0280 2896 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:40:37.0280 2896 HidBth - ok
22:40:37.0296 2896 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:40:37.0311 2896 HidIr - ok
22:40:37.0343 2896 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:40:37.0343 2896 hidserv - ok
22:40:37.0374 2896 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:40:37.0374 2896 HidUsb - ok
22:40:37.0405 2896 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:40:37.0405 2896 hkmsvc - ok
22:40:37.0436 2896 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:40:37.0452 2896 HomeGroupListener - ok
22:40:37.0483 2896 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:40:37.0483 2896 HomeGroupProvider - ok
22:40:37.0514 2896 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:40:37.0514 2896 HpSAMD - ok
22:40:37.0545 2896 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:40:37.0561 2896 HTTP - ok
22:40:37.0608 2896 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:40:37.0608 2896 hwpolicy - ok
22:40:37.0655 2896 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:40:37.0655 2896 i8042prt - ok
22:40:37.0701 2896 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:40:37.0701 2896 iaStorV - ok
22:40:37.0748 2896 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:40:37.0764 2896 idsvc - ok
22:40:37.0779 2896 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:40:37.0779 2896 iirsp - ok
22:40:37.0811 2896 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:40:37.0826 2896 IKEEXT - ok
22:40:37.0889 2896 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:40:37.0904 2896 IntcAzAudAddService - ok
22:40:37.0935 2896 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:40:37.0951 2896 intelide - ok
22:40:37.0982 2896 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:40:37.0982 2896 intelppm - ok
22:40:38.0013 2896 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:40:38.0013 2896 IPBusEnum - ok
22:40:38.0045 2896 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:38.0045 2896 IpFilterDriver - ok
22:40:38.0091 2896 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:40:38.0107 2896 iphlpsvc - ok
22:40:38.0138 2896 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:40:38.0138 2896 IPMIDRV - ok
22:40:38.0169 2896 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:40:38.0169 2896 IPNAT - ok
22:40:38.0201 2896 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:40:38.0201 2896 IRENUM - ok
22:40:38.0216 2896 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:40:38.0232 2896 isapnp - ok
22:40:38.0279 2896 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:40:38.0279 2896 iScsiPrt - ok
22:40:38.0325 2896 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:40:38.0325 2896 kbdclass - ok
22:40:38.0372 2896 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:40:38.0372 2896 kbdhid - ok
22:40:38.0388 2896 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:40:38.0388 2896 KeyIso - ok
22:40:38.0419 2896 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:40:38.0435 2896 KSecDD - ok
22:40:38.0466 2896 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:40:38.0466 2896 KSecPkg - ok
22:40:38.0497 2896 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:40:38.0497 2896 ksthunk - ok
22:40:38.0559 2896 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:40:38.0559 2896 KtmRm - ok
22:40:38.0606 2896 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:40:38.0606 2896 LanmanServer - ok
22:40:38.0653 2896 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:40:38.0653 2896 LanmanWorkstation - ok
22:40:38.0700 2896 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:40:38.0700 2896 lltdio - ok
22:40:38.0747 2896 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:40:38.0747 2896 lltdsvc - ok
22:40:38.0762 2896 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:40:38.0778 2896 lmhosts - ok
22:40:38.0809 2896 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:40:38.0809 2896 LSI_FC - ok
22:40:38.0825 2896 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:40:38.0840 2896 LSI_SAS - ok
22:40:38.0856 2896 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:40:38.0856 2896 LSI_SAS2 - ok
22:40:38.0887 2896 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:40:38.0887 2896 LSI_SCSI - ok
22:40:38.0903 2896 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:40:38.0903 2896 luafv - ok
22:40:38.0934 2896 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:40:38.0949 2896 Mcx2Svc - ok
22:40:38.0965 2896 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:40:38.0965 2896 megasas - ok
22:40:38.0996 2896 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:40:38.0996 2896 MegaSR - ok
22:40:39.0043 2896 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:40:39.0043 2896 MMCSS - ok
22:40:39.0059 2896 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:40:39.0059 2896 Modem - ok
22:40:39.0090 2896 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:40:39.0090 2896 monitor - ok
22:40:39.0121 2896 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:40:39.0121 2896 mouclass - ok
22:40:39.0137 2896 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:40:39.0137 2896 mouhid - ok
22:40:39.0183 2896 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:40:39.0183 2896 mountmgr - ok
22:40:39.0230 2896 [ 8121C6DD654970FEDDBC195596D9706E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:40:39.0230 2896 MozillaMaintenance - ok
22:40:39.0261 2896 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:40:39.0261 2896 mpio - ok
22:40:39.0277 2896 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:40:39.0277 2896 mpsdrv - ok
22:40:39.0355 2896 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:40:39.0355 2896 MpsSvc - ok
22:40:39.0402 2896 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:40:39.0402 2896 MRxDAV - ok
22:40:39.0433 2896 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:39.0433 2896 mrxsmb - ok
22:40:39.0480 2896 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:39.0480 2896 mrxsmb10 - ok
22:40:39.0511 2896 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:39.0511 2896 mrxsmb20 - ok
22:40:39.0527 2896 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:40:39.0542 2896 msahci - ok
22:40:39.0573 2896 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:40:39.0573 2896 msdsm - ok
22:40:39.0605 2896 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:40:39.0605 2896 MSDTC - ok
22:40:39.0636 2896 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:40:39.0636 2896 Msfs - ok
22:40:39.0667 2896 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:40:39.0667 2896 mshidkmdf - ok
22:40:39.0683 2896 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:40:39.0683 2896 msisadrv - ok
22:40:39.0714 2896 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:40:39.0714 2896 MSiSCSI - ok
22:40:39.0729 2896 msiserver - ok
22:40:39.0776 2896 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:40:39.0776 2896 MSKSSRV - ok
22:40:39.0792 2896 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:39.0792 2896 MSPCLOCK - ok
22:40:39.0807 2896 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:40:39.0807 2896 MSPQM - ok
22:40:39.0854 2896 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:40:39.0854 2896 MsRPC - ok
22:40:39.0885 2896 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:40:39.0885 2896 mssmbios - ok
22:40:39.0917 2896 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:40:39.0917 2896 MSTEE - ok
22:40:39.0932 2896 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:40:39.0932 2896 MTConfig - ok
22:40:39.0948 2896 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:40:39.0948 2896 Mup - ok
22:40:39.0995 2896 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:40:39.0995 2896 napagent - ok
22:40:40.0041 2896 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:40:40.0041 2896 NativeWifiP - ok
22:40:40.0104 2896 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:40:40.0104 2896 NDIS - ok
22:40:40.0135 2896 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:40.0135 2896 NdisCap - ok
22:40:40.0166 2896 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:40.0166 2896 NdisTapi - ok
22:40:40.0197 2896 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:40.0197 2896 Ndisuio - ok
22:40:40.0229 2896 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:40.0244 2896 NdisWan - ok
22:40:40.0275 2896 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:40:40.0275 2896 NDProxy - ok
22:40:40.0369 2896 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:40:40.0369 2896 Nero BackItUp Scheduler 4.0 - ok
22:40:40.0416 2896 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:40:40.0416 2896 NetBIOS - ok
22:40:40.0447 2896 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:40:40.0447 2896 NetBT - ok
22:40:40.0463 2896 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:40:40.0463 2896 Netlogon - ok
22:40:40.0525 2896 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:40:40.0525 2896 Netman - ok
22:40:40.0556 2896 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:40:40.0587 2896 netprofm - ok
22:40:40.0697 2896 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
22:40:40.0728 2896 netr7364 - ok
22:40:40.0759 2896 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:40:40.0759 2896 NetTcpPortSharing - ok
22:40:40.0790 2896 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:40:40.0790 2896 nfrd960 - ok
22:40:40.0837 2896 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:40:40.0853 2896 NlaSvc - ok
22:40:40.0884 2896 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:40:40.0884 2896 Npfs - ok
22:40:40.0915 2896 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:40:40.0915 2896 nsi - ok
22:40:40.0931 2896 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:40:40.0931 2896 nsiproxy - ok
22:40:40.0993 2896 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:40:41.0024 2896 Ntfs - ok
22:40:41.0071 2896 [ 4C08A14D04E62963E96E0BB57BBC953B ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
22:40:41.0087 2896 NuidFltr - ok
22:40:41.0102 2896 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:40:41.0102 2896 Null - ok
22:40:41.0289 2896 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:40:41.0367 2896 nvlddmkm - ok
22:40:41.0399 2896 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:40:41.0414 2896 nvraid - ok
22:40:41.0430 2896 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:40:41.0461 2896 nvstor - ok
22:40:41.0492 2896 [ 7C7EEF51979658CE15BBC04F96A77D56 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
22:40:41.0508 2896 nvstor64 - ok
22:40:41.0555 2896 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
22:40:41.0555 2896 nvsvc - ok
22:40:41.0648 2896 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:40:41.0679 2896 nvUpdatusService - ok
22:40:41.0726 2896 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:40:41.0726 2896 nv_agp - ok
22:40:41.0757 2896 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:40:41.0757 2896 ohci1394 - ok
22:40:41.0835 2896 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:40:41.0835 2896 ose64 - ok
22:40:41.0960 2896 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:40:42.0038 2896 osppsvc - ok
22:40:42.0085 2896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:40:42.0085 2896 p2pimsvc - ok
22:40:42.0101 2896 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:40:42.0116 2896 p2psvc - ok
22:40:42.0147 2896 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:40:42.0147 2896 Parport - ok
22:40:42.0194 2896 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:40:42.0194 2896 partmgr - ok
22:40:42.0225 2896 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:40:42.0225 2896 PcaSvc - ok
22:40:42.0241 2896 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:40:42.0257 2896 pci - ok
22:40:42.0272 2896 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:40:42.0272 2896 pciide - ok
22:40:42.0303 2896 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:40:42.0303 2896 pcmcia - ok
22:40:42.0335 2896 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:40:42.0335 2896 pcw - ok
22:40:42.0366 2896 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:40:42.0366 2896 PEAUTH - ok
22:40:42.0444 2896 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:40:42.0444 2896 PerfHost - ok
22:40:42.0522 2896 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:40:42.0537 2896 pla - ok
22:40:42.0584 2896 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:40:42.0600 2896 PlugPlay - ok
22:40:42.0615 2896 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:40:42.0615 2896 PNRPAutoReg - ok
22:40:42.0647 2896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:40:42.0647 2896 PNRPsvc - ok
22:40:42.0693 2896 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
22:40:42.0709 2896 Point64 - ok
22:40:42.0740 2896 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:40:42.0740 2896 PolicyAgent - ok
22:40:42.0787 2896 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:40:42.0787 2896 Power - ok
22:40:42.0834 2896 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:40:42.0834 2896 PptpMiniport - ok
22:40:42.0865 2896 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:40:42.0865 2896 Processor - ok
22:40:42.0912 2896 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:40:42.0927 2896 ProfSvc - ok
22:40:42.0943 2896 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:42.0943 2896 ProtectedStorage - ok
22:40:42.0974 2896 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:40:42.0974 2896 Psched - ok
22:40:43.0021 2896 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:40:43.0052 2896 ql2300 - ok
22:40:43.0083 2896 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:43.0083 2896 ql40xx - ok
22:40:43.0115 2896 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:40:43.0115 2896 QWAVE - ok
22:40:43.0146 2896 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:40:43.0146 2896 QWAVEdrv - ok
22:40:43.0161 2896 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:40:43.0161 2896 RasAcd - ok
22:40:43.0193 2896 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:43.0193 2896 RasAgileVpn - ok
22:40:43.0224 2896 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:40:43.0224 2896 RasAuto - ok
22:40:43.0271 2896 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:43.0271 2896 Rasl2tp - ok
22:40:43.0302 2896 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:40:43.0317 2896 RasMan - ok
22:40:43.0333 2896 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:43.0364 2896 RasPppoe - ok
22:40:43.0395 2896 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:40:43.0395 2896 RasSstp - ok
22:40:43.0427 2896 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:40:43.0427 2896 rdbss - ok
22:40:43.0442 2896 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:43.0442 2896 rdpbus - ok
22:40:43.0473 2896 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:43.0473 2896 RDPCDD - ok
22:40:43.0520 2896 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:40:43.0520 2896 RDPENCDD - ok
22:40:43.0536 2896 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:40:43.0536 2896 RDPREFMP - ok
22:40:43.0598 2896 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:40:43.0598 2896 RdpVideoMiniport - ok
22:40:43.0629 2896 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:40:43.0629 2896 RDPWD - ok
22:40:43.0661 2896 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:40:43.0661 2896 rdyboost - ok
22:40:43.0692 2896 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:40:43.0692 2896 RemoteAccess - ok
22:40:43.0723 2896 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:40:43.0723 2896 RemoteRegistry - ok
22:40:43.0754 2896 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:40:43.0754 2896 RpcEptMapper - ok
22:40:43.0785 2896 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:40:43.0785 2896 RpcLocator - ok
22:40:43.0832 2896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:40:43.0832 2896 RpcSs - ok
22:40:43.0863 2896 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:40:43.0863 2896 rspndr - ok
22:40:43.0895 2896 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:40:43.0895 2896 RTL8167 - ok
22:40:43.0926 2896 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:40:43.0926 2896 SamSs - ok
22:40:43.0988 2896 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:40:44.0004 2896 SASDIFSV - ok
22:40:44.0019 2896 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:40:44.0019 2896 SASKUTIL - ok
22:40:44.0051 2896 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:40:44.0066 2896 sbp2port - ok
22:40:44.0082 2896 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:40:44.0097 2896 SCardSvr - ok
22:40:44.0129 2896 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:40:44.0129 2896 scfilter - ok
22:40:44.0175 2896 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:40:44.0191 2896 Schedule - ok
22:40:44.0222 2896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:40:44.0222 2896 SCPolicySvc - ok
22:40:44.0269 2896 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:40:44.0269 2896 SDRSVC - ok
22:40:44.0347 2896 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:40:44.0378 2896 SeaPort - ok
22:40:44.0409 2896 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:40:44.0409 2896 secdrv - ok
22:40:44.0441 2896 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:40:44.0456 2896 seclogon - ok
22:40:44.0472 2896 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:40:44.0472 2896 SENS - ok
22:40:44.0487 2896 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:40:44.0487 2896 SensrSvc - ok
22:40:44.0519 2896 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:40:44.0519 2896 Serenum - ok
22:40:44.0550 2896 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:40:44.0550 2896 Serial - ok
22:40:44.0597 2896 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:40:44.0597 2896 sermouse - ok
22:40:44.0643 2896 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:40:44.0643 2896 SessionEnv - ok
22:40:44.0690 2896 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:40:44.0690 2896 sffdisk - ok
22:40:44.0706 2896 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:40:44.0706 2896 sffp_mmc - ok
22:40:44.0721 2896 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:40:44.0721 2896 sffp_sd - ok
22:40:44.0737 2896 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:44.0753 2896 sfloppy - ok
22:40:44.0784 2896 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:40:44.0784 2896 SharedAccess - ok
22:40:44.0831 2896 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:44.0831 2896 ShellHWDetection - ok
22:40:44.0862 2896 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:44.0862 2896 SiSRaid2 - ok
22:40:44.0909 2896 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:44.0909 2896 SiSRaid4 - ok
22:40:44.0971 2896 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:40:45.0018 2896 SkypeUpdate - ok
22:40:45.0049 2896 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:40:45.0049 2896 Smb - ok
22:40:45.0096 2896 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:40:45.0111 2896 SNMPTRAP - ok
22:40:45.0127 2896 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:40:45.0127 2896 spldr - ok
22:40:45.0174 2896 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:40:45.0174 2896 Spooler - ok
22:40:45.0252 2896 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:40:45.0330 2896 sppsvc - ok
22:40:45.0345 2896 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:40:45.0361 2896 sppuinotify - ok
22:40:45.0392 2896 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:40:45.0392 2896 srv - ok
22:40:45.0423 2896 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:40:45.0439 2896 srv2 - ok
22:40:45.0455 2896 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:40:45.0455 2896 srvnet - ok
22:40:45.0501 2896 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:40:45.0517 2896 ssadbus - ok
22:40:45.0564 2896 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:40:45.0564 2896 ssadmdfl - ok
22:40:45.0611 2896 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:40:45.0611 2896 ssadmdm - ok
22:40:45.0642 2896 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:40:45.0657 2896 SSDPSRV - ok
22:40:45.0673 2896 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:40:45.0689 2896 SstpSvc - ok
22:40:45.0767 2896 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:40:45.0813 2896 Stereo Service - ok
22:40:45.0845 2896 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:40:45.0845 2896 stexstor - ok
22:40:45.0891 2896 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:40:45.0907 2896 stisvc - ok
22:40:45.0938 2896 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:40:45.0938 2896 swenum - ok
22:40:45.0969 2896 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:40:45.0969 2896 swprv - ok
22:40:46.0032 2896 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:40:46.0079 2896 SysMain - ok
22:40:46.0110 2896 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:46.0110 2896 TabletInputService - ok
22:40:46.0157 2896 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:40:46.0157 2896 TapiSrv - ok
22:40:46.0172 2896 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:40:46.0172 2896 TBS - ok
22:40:46.0235 2896 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:40:46.0266 2896 Tcpip - ok
22:40:46.0313 2896 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:40:46.0328 2896 TCPIP6 - ok22:40:46.0359 2896 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:40:46.0359 2896 tcpipreg - ok
22:40:46.0391 2896 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:40:46.0391 2896 TDPIPE - ok
22:40:46.0437 2896 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:40:46.0437 2896 TDTCP - ok
22:40:46.0484 2896 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:40:46.0484 2896 tdx - ok
22:40:46.0515 2896 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:40:46.0515 2896 TermDD - ok
22:40:46.0547 2896 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:40:46.0562 2896 TermService - ok
22:40:46.0578 2896 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:40:46.0578 2896 Themes - ok
22:40:46.0609 2896 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:40:46.0609 2896 THREADORDER - ok
22:40:46.0625 2896 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:40:46.0625 2896 TrkWks - ok
22:40:46.0687 2896 [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos C:\Windows\system32\DRIVERS\trufos.sys
22:40:46.0703 2896 trufos - ok
22:40:46.0749 2896 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:46.0765 2896 TrustedInstaller - ok
22:40:46.0796 2896 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:46.0796 2896 tssecsrv - ok
22:40:46.0843 2896 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:40:46.0859 2896 TsUsbFlt - ok
22:40:46.0905 2896 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:40:46.0905 2896 tunnel - ok
22:40:46.0937 2896 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:40:46.0937 2896 uagp35 - ok
22:40:46.0968 2896 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:40:46.0968 2896 udfs - ok
22:40:47.0015 2896 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:40:47.0015 2896 UI0Detect - ok
22:40:47.0046 2896 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:40:47.0046 2896 uliagpkx - ok
22:40:47.0093 2896 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:40:47.0093 2896 umbus - ok
22:40:47.0108 2896 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:40:47.0108 2896 UmPass - ok
22:40:47.0171 2896 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
22:40:47.0202 2896 Updater Service - ok
22:40:47.0264 2896 [ 75A488DA3EA48BE97695A727185515CF ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
22:40:47.0264 2896 UPDATESRV - ok
22:40:47.0295 2896 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:40:47.0295 2896 upnphost - ok
22:40:47.0342 2896 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:40:47.0342 2896 usbaudio - ok
22:40:47.0389 2896 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:47.0389 2896 usbccgp - ok
22:40:47.0436 2896 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:40:47.0436 2896 usbcir - ok
22:40:47.0467 2896 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:40:47.0483 2896 usbehci - ok
22:40:47.0529 2896 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:40:47.0529 2896 usbhub - ok
22:40:47.0561 2896 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:40:47.0561 2896 usbohci - ok
22:40:47.0592 2896 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:40:47.0592 2896 usbprint - ok
22:40:47.0623 2896 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:40:47.0639 2896 usbscan - ok
22:40:47.0654 2896 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:47.0670 2896 USBSTOR - ok
22:40:47.0685 2896 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:40:47.0685 2896 usbuhci - ok
22:40:47.0732 2896 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:40:47.0732 2896 UxSms - ok
22:40:47.0748 2896 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:40:47.0748 2896 VaultSvc - ok
22:40:47.0779 2896 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:40:47.0779 2896 vdrvroot - ok
22:40:47.0810 2896 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:40:47.0826 2896 vds - ok
22:40:47.0857 2896 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:47.0857 2896 vga - ok
22:40:47.0873 2896 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:40:47.0873 2896 VgaSave - ok
22:40:47.0919 2896 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:40:47.0919 2896 vhdmp - ok
22:40:47.0935 2896 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:40:47.0951 2896 viaide - ok
22:40:47.0966 2896 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:40:47.0966 2896 volmgr - ok
22:40:48.0013 2896 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:40:48.0013 2896 volmgrx - ok
22:40:48.0029 2896 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:40:48.0075 2896 volsnap - ok
22:40:48.0107 2896 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:48.0107 2896 vsmraid - ok
22:40:48.0153 2896 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:40:48.0200 2896 VSS - ok
22:40:48.0341 2896 [ CE9659E7047145791F1288C167C22BFE ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
22:40:48.0403 2896 VSSERV - ok
22:40:48.0434 2896 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:40:48.0434 2896 vwifibus - ok
22:40:48.0465 2896 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:40:48.0481 2896 vwififlt - ok
22:40:48.0512 2896 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:40:48.0543 2896 W32Time - ok
22:40:48.0575 2896 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:40:48.0606 2896 WacomPen - ok
22:40:48.0637 2896 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:40:48.0668 2896 WANARP - ok
22:40:48.0684 2896 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:40:48.0684 2896 Wanarpv6 - ok
22:40:48.0746 2896 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:40:48.0824 2896 WatAdminSvc - ok
22:40:48.0871 2896 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:40:48.0949 2896 wbengine - ok
22:40:48.0980 2896 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:40:48.0996 2896 WbioSrvc - ok
22:40:49.0043 2896 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:40:49.0058 2896 wcncsvc - ok
22:40:49.0089 2896 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:49.0089 2896 WcsPlugInService - ok
22:40:49.0105 2896 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:40:49.0121 2896 Wd - ok
22:40:49.0167 2896 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:40:49.0167 2896 Wdf01000 - ok
22:40:49.0183 2896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:40:49.0183 2896 WdiServiceHost - ok
22:40:49.0199 2896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:40:49.0214 2896 WdiSystemHost - ok
22:40:49.0245 2896 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:40:49.0261 2896 WebClient - ok
22:40:49.0277 2896 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:40:49.0292 2896 Wecsvc - ok
22:40:49.0308 2896 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:40:49.0308 2896 wercplsupport - ok
22:40:49.0339 2896 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:40:49.0339 2896 WerSvc - ok
22:40:49.0370 2896 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:49.0370 2896 WfpLwf - ok
22:40:49.0401 2896 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:40:49.0401 2896 WIMMount - ok
22:40:49.0417 2896 WinDefend - ok
22:40:49.0433 2896 WinHttpAutoProxySvc - ok
22:40:49.0479 2896 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:40:49.0479 2896 Winmgmt - ok
22:40:49.0557 2896 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:40:49.0589 2896 WinRM - ok
22:40:49.0651 2896 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:40:49.0651 2896 WinUsb - ok
22:40:49.0698 2896 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:40:49.0698 2896 Wlansvc - ok
22:40:49.0776 2896 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:40:49.0776 2896 wlcrasvc - ok
22:40:49.0869 2896 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:40:49.0901 2896 wlidsvc - ok
22:40:49.0963 2896 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:40:49.0963 2896 WmiAcpi - ok
22:40:49.0994 2896 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:40:49.0994 2896 wmiApSrv - ok
22:40:50.0025 2896 WMPNetworkSvc - ok
22:40:50.0057 2896 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:40:50.0057 2896 WPCSvc - ok
22:40:50.0088 2896 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:40:50.0103 2896 WPDBusEnum - ok
22:40:50.0135 2896 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:40:50.0135 2896 ws2ifsl - ok
22:40:50.0150 2896 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
22:40:50.0150 2896 wscsvc - ok
22:40:50.0166 2896 WSearch - ok
22:40:50.0244 2896 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:40:50.0291 2896 wuauserv - ok
22:40:50.0322 2896 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:40:50.0337 2896 WudfPf - ok
22:40:50.0353 2896 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:40:50.0353 2896 WUDFRd - ok
22:40:50.0384 2896 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:40:50.0400 2896 wudfsvc - ok
22:40:50.0415 2896 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:40:50.0431 2896 WwanSvc - ok
22:40:50.0478 2896 ================ Scan global ===============================
22:40:50.0509 2896 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:40:50.0540 2896 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:40:50.0556 2896 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:40:50.0587 2896 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:40:50.0618 2896 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:40:50.0634 2896 [Global] - ok
22:40:50.0634 2896 ================ Scan MBR ==================================
22:40:50.0649 2896 [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
22:40:53.0239 2896 \Device\Harddisk0\DR0 - ok
22:40:53.0239 2896 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
22:40:53.0255 2896 \Device\Harddisk6\DR6 - ok
22:40:53.0270 2896 ================ Scan VBR ==================================
22:40:53.0270 2896 [ 034B1AC14ABDB0D822B98FA7D10521EB ] \Device\Harddisk0\DR0\Partition1
22:40:53.0286 2896 \Device\Harddisk0\DR0\Partition1 - ok
22:40:53.0301 2896 [ B8BBF7394978661ECA3CC30DDC314C23 ] \Device\Harddisk0\DR0\Partition2
22:40:53.0301 2896 \Device\Harddisk0\DR0\Partition2 - ok
22:40:53.0317 2896 [ C60B682696BE6B4AE44E6625D364ADA5 ] \Device\Harddisk6\DR6\Partition1
22:40:53.0317 2896 \Device\Harddisk6\DR6\Partition1 - ok
22:40:53.0333 2896 ============================================================
22:40:53.0333 2896 Scan finished
22:40:53.0333 2896 ============================================================
22:40:53.0348 2468 Detected object count: 0
22:40:53.0348 2468 Actual detected object count: 0
22:41:43.0299 3608 Deinitialize success

#9 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:25 PM

Posted 06 January 2013 - 01:28 PM

Hi again,

I noticed you posted me a clean MBAM log. I asked for the log containing the infection you removed.

If you've used MBAM to remove the infection, there should be a log with what it found and removed.

Please post that for me in your next reply. Then do the following:

Step :step1:

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, or you will need to run the application again.

==========

Step :step2:

Run RogueKiller

Download RogueKiller from here or here and save it to your desktop.

  • Close all programs and disconnect any USB or external drives before running the tool.
  • Right-click RogueKiller.exe and select Run as Administrator.
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", click Delete.
  • When the Status box shows "Deleting Finished", click Report and then copy and paste the log in your next reply.
  • The log can also be found at RKreport[1].txt on your desktop.

==========

In your next reply, please include the following:

  • The MBAM log containing the infection removal
  • The Rkill log
  • The RogueKiller log
bloopie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users