Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSSKiller log


  • This topic is locked This topic is locked
7 replies to this topic

#1 Karmia

Karmia

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 15 January 2013 - 01:03 PM

Hello.
I am currently experiencing the same problem and I have tried the instructions given I found at other sites. The problem with the browsers worked. I fixed Mozilla and just uninstalled google, later installing a new one. I thought everything was working fine until I open Microsoft word. I panicked. And so, I tried searching for solutions then I found this. I followed the instructions given.

This is my last mbam log:
Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1/15/2013 12:10:24 PM
mbam-log-2013-01-15 (12-10-24).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 206960
Time elapsed: 1 hour(s), 21 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


This is the TDSS Killer:
01:13:37.0404 3180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:13:39.0451 3180 ============================================================
01:13:39.0451 3180 Current date / time: 2013/01/16 01:13:39.0451
01:13:39.0451 3180 SystemInfo:
01:13:39.0451 3180
01:13:39.0451 3180 OS Version: 6.1.7600 ServicePack: 0.0
01:13:39.0451 3180 Product type: Workstation
01:13:39.0452 3180 ComputerName: HANNAH-PC
01:13:39.0452 3180 UserName: Hannah
01:13:39.0452 3180 Windows directory: C:\Windows
01:13:39.0452 3180 System windows directory: C:\Windows
01:13:39.0452 3180 Processor architecture: Intel x86
01:13:39.0452 3180 Number of processors: 2
01:13:39.0452 3180 Page size: 0x1000
01:13:39.0452 3180 Boot type: Normal boot
01:13:39.0452 3180 ============================================================
01:13:45.0444 3180 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:13:45.0729 3180 ============================================================
01:13:45.0729 3180 \Device\Harddisk0\DR0:
01:13:45.0743 3180 MBR partitions:
01:13:45.0744 3180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:13:45.0744 3180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DA800
01:13:45.0744 3180 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x950D000, BlocksNum 0x950C000
01:13:45.0744 3180 ============================================================
01:13:45.0928 3180 C: <-> \Device\Harddisk0\DR0\Partition2
01:13:46.0151 3180 D: <-> \Device\Harddisk0\DR0\Partition3
01:13:46.0662 3180 ============================================================
01:13:46.0662 3180 Initialize success
01:13:46.0662 3180 ============================================================
01:14:23.0188 1884 ============================================================
01:14:23.0188 1884 Scan started
01:14:23.0188 1884 Mode: Manual; TDLFS;
01:14:23.0188 1884 ============================================================
01:14:24.0986 1884 ================ Scan system memory ========================
01:14:24.0986 1884 System memory - ok
01:14:24.0990 1884 ================ Scan services =============================
01:14:25.0073 1884 .EsetTrialReset - ok
01:14:25.0393 1884 [ BF02F806C873ABB04B197161E8E5A316 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:14:25.0663 1884 1394ohci - ok
01:14:25.0755 1884 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:14:25.0815 1884 ACPI - ok
01:14:25.0856 1884 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:14:25.0884 1884 AcpiPmi - ok
01:14:25.0951 1884 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:14:26.0137 1884 adp94xx - ok
01:14:26.0193 1884 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:14:26.0356 1884 adpahci - ok
01:14:26.0382 1884 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:14:26.0541 1884 adpu320 - ok
01:14:26.0624 1884 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:14:26.0627 1884 AeLookupSvc - ok
01:14:26.0700 1884 [ DDC040FDB01EF1712A6B13E52AFB104C ] AFD C:\Windows\system32\drivers\afd.sys
01:14:26.0792 1884 AFD - ok
01:14:26.0813 1884 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
01:14:26.0911 1884 agp440 - ok
01:14:26.0948 1884 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
01:14:27.0020 1884 aic78xx - ok
01:14:27.0113 1884 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
01:14:27.0137 1884 ALG - ok
01:14:27.0178 1884 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
01:14:27.0268 1884 aliide - ok
01:14:27.0297 1884 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
01:14:27.0413 1884 amdagp - ok
01:14:27.0494 1884 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
01:14:27.0587 1884 amdide - ok
01:14:27.0616 1884 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:14:27.0696 1884 AmdK8 - ok
01:14:27.0712 1884 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:14:27.0857 1884 AmdPPM - ok
01:14:27.0900 1884 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:14:28.0006 1884 amdsata - ok
01:14:28.0038 1884 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:14:28.0129 1884 amdsbs - ok
01:14:28.0147 1884 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:14:28.0226 1884 amdxata - ok
01:14:28.0319 1884 [ D2BF422C2611632AFB9CE8F7B2A8C306 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
01:14:28.0439 1884 AmUStor - ok
01:14:28.0489 1884 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
01:14:28.0570 1884 AppID - ok
01:14:28.0630 1884 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:14:28.0665 1884 AppIDSvc - ok
01:14:28.0691 1884 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
01:14:28.0704 1884 Appinfo - ok
01:14:28.0814 1884 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:14:28.0834 1884 Apple Mobile Device - ok
01:14:28.0882 1884 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
01:14:28.0898 1884 AppMgmt - ok
01:14:28.0971 1884 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
01:14:29.0042 1884 arc - ok
01:14:29.0102 1884 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:14:29.0182 1884 arcsas - ok
01:14:29.0282 1884 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:14:29.0299 1884 aspnet_state - ok
01:14:29.0337 1884 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:14:29.0459 1884 AsyncMac - ok
01:14:29.0502 1884 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
01:14:29.0534 1884 atapi - ok
01:14:29.0732 1884 [ 0531FD32FE5D14194DA576B74AEB9BBC ] athr C:\Windows\system32\DRIVERS\athr.sys
01:14:29.0918 1884 athr - ok
01:14:29.0997 1884 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:14:30.0027 1884 AudioEndpointBuilder - ok
01:14:30.0069 1884 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
01:14:30.0078 1884 Audiosrv - ok
01:14:30.0138 1884 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:14:30.0151 1884 AxInstSV - ok
01:14:30.0233 1884 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
01:14:30.0282 1884 b06bdrv - ok
01:14:30.0340 1884 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
01:14:30.0490 1884 b57nd60x - ok
01:14:30.0556 1884 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
01:14:30.0567 1884 BDESVC - ok
01:14:30.0626 1884 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
01:14:30.0697 1884 Beep - ok
01:14:30.0776 1884 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
01:14:30.0898 1884 BFE - ok
01:14:31.0075 1884 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
01:14:31.0171 1884 BITS - ok
01:14:31.0202 1884 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:14:31.0305 1884 blbdrive - ok
01:14:31.0426 1884 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:14:31.0478 1884 Bonjour Service - ok
01:14:31.0526 1884 [ FCAFAEF6798D7B51FF029F99A9898961 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:14:31.0785 1884 bowser - ok
01:14:31.0834 1884 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:14:31.0859 1884 BrFiltLo - ok
01:14:31.0993 1884 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:14:32.0009 1884 BrFiltUp - ok
01:14:32.0088 1884 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
01:14:32.0131 1884 Browser - ok
01:14:32.0181 1884 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:14:32.0199 1884 Brserid - ok
01:14:32.0246 1884 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:14:32.0270 1884 BrSerWdm - ok
01:14:32.0326 1884 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:14:32.0337 1884 BrUsbMdm - ok
01:14:32.0375 1884 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:14:32.0406 1884 BrUsbSer - ok
01:14:32.0473 1884 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
01:14:32.0539 1884 BthEnum - ok
01:14:32.0578 1884 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:14:32.0646 1884 BTHMODEM - ok
01:14:32.0678 1884 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:14:32.0685 1884 BthPan - ok
01:14:32.0735 1884 [ 4A34888E13224678DD062466AFEC4240 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
01:14:32.0810 1884 BTHPORT - ok
01:14:32.0876 1884 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
01:14:32.0885 1884 bthserv - ok
01:14:32.0928 1884 [ FA04C63916FA221DBB91FCE153D07A55 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
01:14:33.0022 1884 BTHUSB - ok
01:14:33.0095 1884 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:14:33.0248 1884 cdfs - ok
01:14:33.0328 1884 [ 656D1EC977E3C5316A62DBBE52CB9663 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:14:33.0491 1884 cdrom - ok
01:14:33.0550 1884 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
01:14:33.0559 1884 CertPropSvc - ok
01:14:33.0596 1884 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
01:14:33.0632 1884 circlass - ok
01:14:33.0667 1884 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
01:14:33.0684 1884 CLFS - ok
01:14:33.0742 1884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:14:33.0786 1884 clr_optimization_v2.0.50727_32 - ok
01:14:33.0828 1884 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:14:33.0909 1884 CmBatt - ok
01:14:34.0001 1884 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:14:34.0210 1884 cmdide - ok
01:14:34.0272 1884 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys
01:14:34.0499 1884 CNG - ok
01:14:34.0564 1884 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:14:34.0656 1884 Compbatt - ok
01:14:34.0699 1884 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:14:34.0709 1884 CompositeBus - ok
01:14:34.0745 1884 COMSysApp - ok
01:14:34.0794 1884 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:14:34.0925 1884 crcdisk - ok
01:14:34.0972 1884 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:14:34.0983 1884 CryptSvc - ok
01:14:35.0020 1884 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
01:14:35.0177 1884 CSC - ok
01:14:35.0225 1884 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
01:14:35.0247 1884 CscService - ok
01:14:35.0316 1884 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
01:14:35.0348 1884 DcomLaunch - ok
01:14:35.0404 1884 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
01:14:35.0420 1884 defragsvc - ok
01:14:35.0486 1884 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:14:35.0554 1884 DfsC - ok
01:14:35.0607 1884 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
01:14:35.0695 1884 Dhcp - ok
01:14:35.0734 1884 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
01:14:35.0864 1884 discache - ok
01:14:35.0924 1884 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:14:36.0032 1884 Disk - ok
01:14:36.0102 1884 [ D0722E963D3C6145446874241401B209 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:14:36.0153 1884 Dnscache - ok
01:14:36.0175 1884 [ A8E0833D994D84936FA72EE1BEF4774F ] dot3svc C:\Windows\System32\dot3svc.dll
01:14:36.0201 1884 dot3svc - ok
01:14:36.0220 1884 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
01:14:36.0237 1884 DPS - ok
01:14:36.0299 1884 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:14:36.0452 1884 drmkaud - ok
01:14:36.0507 1884 [ 8B6C3464D7FAC176500061DBFFF42AD4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:14:36.0810 1884 DXGKrnl - ok
01:14:36.0873 1884 [ 22EF8965101685ADD128F03A2B03CE16 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
01:14:36.0894 1884 E1G60 - ok
01:14:36.0950 1884 [ D4F94D45E25D764462A5B95BC426C8D0 ] eamon C:\Windows\system32\DRIVERS\eamon.sys
01:14:37.0030 1884 eamon - ok
01:14:37.0089 1884 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
01:14:37.0100 1884 EapHost - ok
01:14:37.0300 1884 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
01:14:37.0547 1884 ebdrv - ok
01:14:37.0590 1884 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe
01:14:37.0599 1884 EFS - ok
01:14:37.0659 1884 [ 9456462C1425D2BBF1616EDABFABA5F4 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
01:14:37.0762 1884 ehdrv - ok
01:14:37.0844 1884 [ 4F2BBB2471556746E31F7DB5975AFD1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:14:37.0920 1884 ehRecvr - ok
01:14:37.0957 1884 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
01:14:37.0989 1884 ehSched - ok
01:14:38.0039 1884 [ 98B73963E8D2B89A9D5227FB6D245A00 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
01:14:38.0086 1884 EhttpSrv - ok
01:14:38.0385 1884 [ 73B0195E0405051CC2B69E84EC3F64D1 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
01:14:38.0405 1884 ekrn - ok
01:14:38.0480 1884 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:14:38.0687 1884 elxstor - ok
01:14:38.0748 1884 [ 9957F65BEDC0C5F654FF5BE4552F3DF7 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
01:14:38.0783 1884 epfw - ok
01:14:38.0830 1884 [ A39214536ABB60DC3AC73C6FC963E06D ] Epfwndis C:\Windows\system32\DRIVERS\Epfwndis.sys
01:14:38.0966 1884 Epfwndis - ok
01:14:39.0009 1884 [ 7449750D231B0C4BD48C32399711D76B ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
01:14:39.0025 1884 epfwwfp - ok
01:14:39.0065 1884 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:14:39.0131 1884 ErrDev - ok
01:14:39.0247 1884 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
01:14:39.0258 1884 EventSystem - ok
01:14:39.0331 1884 [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
01:14:39.0421 1884 ewusbnet - ok
01:14:39.0476 1884 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
01:14:39.0545 1884 exfat - ok
01:14:39.0563 1884 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:14:39.0801 1884 fastfat - ok
01:14:39.0977 1884 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
01:14:40.0101 1884 Fax - ok
01:14:40.0160 1884 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
01:14:40.0316 1884 fdc - ok
01:14:40.0375 1884 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
01:14:40.0393 1884 fdPHost - ok
01:14:40.0432 1884 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
01:14:40.0457 1884 FDResPub - ok
01:14:40.0493 1884 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:14:40.0586 1884 FileInfo - ok
01:14:40.0614 1884 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:14:40.0715 1884 Filetrace - ok
01:14:40.0763 1884 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:14:40.0837 1884 flpydisk - ok
01:14:40.0913 1884 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:14:41.0203 1884 FltMgr - ok
01:14:41.0317 1884 [ B6512A85815FDC3D560C3705F5BDB93D ] FontCache C:\Windows\system32\FntCache.dll
01:14:41.0347 1884 FontCache - ok
01:14:41.0431 1884 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:14:41.0442 1884 FontCache3.0.0.0 - ok
01:14:41.0472 1884 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:14:41.0552 1884 FsDepends - ok
01:14:41.0581 1884 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:14:41.0660 1884 Fs_Rec - ok
01:14:41.0740 1884 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:14:41.0910 1884 fvevol - ok
01:14:41.0956 1884 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:14:42.0033 1884 gagp30kx - ok
01:14:42.0137 1884 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:14:42.0224 1884 GEARAspiWDM - ok
01:14:42.0297 1884 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
01:14:42.0316 1884 gpsvc - ok
01:14:42.0424 1884 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
01:14:42.0430 1884 gupdate - ok
01:14:42.0479 1884 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
01:14:42.0482 1884 gupdatem - ok
01:14:42.0530 1884 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:14:42.0635 1884 hcw85cir - ok
01:14:42.0688 1884 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:14:42.0693 1884 HDAudBus - ok
01:14:42.0726 1884 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:14:42.0838 1884 HidBatt - ok
01:14:42.0872 1884 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:14:42.0976 1884 HidBth - ok
01:14:43.0021 1884 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
01:14:43.0141 1884 HidIr - ok
01:14:43.0203 1884 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
01:14:43.0231 1884 hidserv - ok
01:14:43.0284 1884 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:14:43.0370 1884 HidUsb - ok
01:14:43.0410 1884 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:14:43.0423 1884 hkmsvc - ok
01:14:43.0466 1884 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:14:43.0496 1884 HomeGroupListener - ok
01:14:43.0656 1884 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:14:43.0669 1884 HomeGroupProvider - ok
01:14:43.0721 1884 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:14:43.0843 1884 HpSAMD - ok
01:14:43.0901 1884 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:14:43.0997 1884 HTTP - ok
01:14:44.0090 1884 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
01:14:44.0132 1884 hwdatacard - ok
01:14:44.0158 1884 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:14:44.0265 1884 hwpolicy - ok
01:14:44.0344 1884 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
01:14:44.0359 1884 hwusbdev - ok
01:14:44.0414 1884 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:14:44.0508 1884 i8042prt - ok
01:14:44.0600 1884 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:14:44.0710 1884 iaStorV - ok
01:14:44.0857 1884 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
01:14:44.0883 1884 IDriverT - ok
01:14:44.0969 1884 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:14:45.0053 1884 idsvc - ok
01:14:45.0404 1884 [ 99469637D568076EA5664DAA8463C2E3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
01:14:45.0583 1884 igfx - ok
01:14:45.0645 1884 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:14:45.0749 1884 iirsp - ok
01:14:45.0858 1884 [ C5B04409186A27409BD069580208A6D3 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
01:14:45.0882 1884 IJPLMSVC - ok
01:14:45.0986 1884 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
01:14:46.0043 1884 IKEEXT - ok
01:14:46.0338 1884 [ 0A0E3C041C20C4175E1CC6580138CA38 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
01:14:46.0611 1884 IntcAzAudAddService - ok
01:14:46.0649 1884 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
01:14:46.0714 1884 intelide - ok
01:14:46.0752 1884 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:14:46.0820 1884 intelppm - ok
01:14:47.0003 1884 [ E2C2CE489356943C1922B8353DCDAD05 ] ioatdma C:\Windows\System32\Drivers\qd26032.sys
01:14:47.0087 1884 ioatdma - ok
01:14:47.0108 1884 [ C4317DA9066EF0678DB2B68492523B38 ] ioatdma1 C:\Windows\System32\Drivers\qd16032.sys
01:14:47.0311 1884 ioatdma1 - ok
01:14:47.0386 1884 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:14:47.0411 1884 IPBusEnum - ok
01:14:47.0468 1884 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:14:47.0582 1884 IpFilterDriver - ok
01:14:47.0640 1884 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:14:47.0663 1884 iphlpsvc - ok
01:14:47.0690 1884 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:14:47.0772 1884 IPMIDRV - ok
01:14:47.0789 1884 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:14:47.0927 1884 IPNAT - ok
01:14:48.0126 1884 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:14:48.0148 1884 iPod Service - ok
01:14:48.0200 1884 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:14:48.0266 1884 IRENUM - ok
01:14:48.0304 1884 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:14:48.0436 1884 isapnp - ok
01:14:48.0455 1884 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:14:48.0529 1884 iScsiPrt - ok
01:14:48.0603 1884 [ 2247354A4D999C9CBB4D61B2A27576B9 ] iSSetup C:\Windows\system32\DRIVERS\iSSetup.sys
01:14:48.0680 1884 iSSetup - ok
01:14:48.0719 1884 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:14:48.0883 1884 kbdclass - ok
01:14:48.0954 1884 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:14:49.0175 1884 kbdhid - ok
01:14:49.0206 1884 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe
01:14:49.0215 1884 KeyIso - ok
01:14:49.0256 1884 [ E36A061EC11B373826905B21BE10948F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:14:49.0292 1884 KSecDD - ok
01:14:49.0337 1884 [ C1F278A8151CACEB89BADAF336E37740 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:14:49.0435 1884 KSecPkg - ok
01:14:49.0511 1884 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
01:14:49.0547 1884 KtmRm - ok
01:14:49.0610 1884 [ BCA92CB047A4326925ECEF759DBAA233 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:14:49.0646 1884 LanmanServer - ok
01:14:49.0688 1884 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:14:49.0709 1884 LanmanWorkstation - ok
01:14:49.0760 1884 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:14:49.0839 1884 lltdio - ok
01:14:49.0883 1884 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:14:49.0901 1884 lltdsvc - ok
01:14:49.0940 1884 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
01:14:49.0954 1884 lmhosts - ok
01:14:50.0042 1884 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:14:50.0106 1884 LSI_FC - ok
01:14:50.0234 1884 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:14:50.0381 1884 LSI_SAS - ok
01:14:50.0493 1884 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:14:50.0618 1884 LSI_SAS2 - ok
01:14:50.0672 1884 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:14:50.0792 1884 LSI_SCSI - ok
01:14:50.0813 1884 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
01:14:50.0887 1884 luafv - ok
01:14:50.0954 1884 [ 79EC6C0033776F89DD5131241F0170E1 ] massfilter C:\Windows\system32\drivers\massfilter.sys
01:14:51.0026 1884 massfilter - ok
01:14:51.0067 1884 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:14:51.0081 1884 Mcx2Svc - ok
01:14:51.0124 1884 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
01:14:51.0261 1884 megasas - ok
01:14:51.0297 1884 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:14:51.0390 1884 MegaSR - ok
01:14:51.0539 1884 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
01:14:51.0573 1884 Microsoft Office Groove Audit Service - ok
01:14:51.0629 1884 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
01:14:51.0639 1884 MMCSS - ok
01:14:51.0667 1884 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
01:14:51.0672 1884 Modem - ok
01:14:51.0731 1884 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:14:51.0735 1884 monitor - ok
01:14:51.0779 1884 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:14:51.0847 1884 mouclass - ok
01:14:51.0879 1884 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
01:14:51.0943 1884 mouhid - ok
01:14:51.0991 1884 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:14:52.0102 1884 mountmgr - ok
01:14:52.0149 1884 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\drivers\mpio.sys
01:14:52.0222 1884 mpio - ok
01:14:52.0266 1884 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:14:52.0367 1884 mpsdrv - ok
01:14:52.0430 1884 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
01:14:52.0452 1884 MpsSvc - ok
01:14:52.0479 1884 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:14:52.0574 1884 MRxDAV - ok
01:14:52.0603 1884 [ F4A054BE78AF7F410129C4B64B07DC9B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:14:52.0838 1884 mrxsmb - ok
01:14:52.0867 1884 [ DEFFA295BD1895C6ED8E3078412AC60B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:14:52.0989 1884 mrxsmb10 - ok
01:14:53.0015 1884 [ 24D76ABE5DCAD22F19D105F76FDF0CE1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:14:53.0108 1884 mrxsmb20 - ok
01:14:53.0133 1884 [ BB14A640E7F234F260D1AA19A60CF960 ] msahci C:\Windows\system32\drivers\msahci.sys
01:14:53.0203 1884 msahci - ok
01:14:53.0220 1884 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:14:53.0308 1884 msdsm - ok
01:14:53.0378 1884 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
01:14:53.0541 1884 MSDTC - ok
01:14:53.0584 1884 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:14:53.0712 1884 Msfs - ok
01:14:53.0765 1884 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:14:53.0843 1884 mshidkmdf - ok
01:14:53.0882 1884 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:14:53.0954 1884 msisadrv - ok
01:14:54.0019 1884 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:14:54.0034 1884 MSiSCSI - ok
01:14:54.0055 1884 msiserver - ok
01:14:54.0115 1884 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:14:54.0132 1884 MSKSSRV - ok
01:14:54.0164 1884 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:14:54.0167 1884 MSPCLOCK - ok
01:14:54.0185 1884 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:14:54.0189 1884 MSPQM - ok
01:14:54.0254 1884 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:14:54.0287 1884 MsRPC - ok
01:14:54.0353 1884 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:14:54.0357 1884 mssmbios - ok
01:14:54.0414 1884 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:14:54.0469 1884 MSTEE - ok
01:14:54.0504 1884 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:14:54.0612 1884 MTConfig - ok
01:14:54.0665 1884 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
01:14:54.0688 1884 Mup - ok
01:14:54.0776 1884 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
01:14:54.0803 1884 napagent - ok
01:14:54.0876 1884 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:14:54.0972 1884 NativeWifiP - ok
01:14:55.0067 1884 [ 779E9149D3662ED6BEB58A67E3C775F4 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:14:55.0112 1884 NDIS - ok
01:14:55.0154 1884 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:14:55.0223 1884 NdisCap - ok
01:14:55.0282 1884 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:14:55.0319 1884 NdisTapi - ok
01:14:55.0456 1884 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:14:55.0594 1884 Ndisuio - ok
01:14:55.0647 1884 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:14:55.0717 1884 NdisWan - ok
01:14:55.0757 1884 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:14:55.0844 1884 NDProxy - ok
01:14:55.0890 1884 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:14:56.0015 1884 NetBIOS - ok
01:14:56.0072 1884 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:14:56.0182 1884 NetBT - ok
01:14:56.0213 1884 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe
01:14:56.0231 1884 Netlogon - ok
01:14:56.0384 1884 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
01:14:56.0413 1884 Netman - ok
01:14:56.0469 1884 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
01:14:56.0485 1884 netprofm - ok
01:14:56.0528 1884 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:14:56.0547 1884 NetTcpPortSharing - ok
01:14:56.0591 1884 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:14:56.0712 1884 nfrd960 - ok
01:14:56.0744 1884 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
01:14:56.0778 1884 NlaSvc - ok
01:14:56.0861 1884 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
01:14:56.0875 1884 NMSAccessU - ok
01:14:56.0909 1884 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:14:56.0975 1884 Npfs - ok
01:14:57.0024 1884 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
01:14:57.0038 1884 nsi - ok
01:14:57.0064 1884 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:14:57.0169 1884 nsiproxy - ok
01:14:57.0276 1884 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:14:57.0421 1884 Ntfs - ok
01:14:57.0458 1884 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
01:14:57.0522 1884 Null - ok
01:14:57.0566 1884 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:14:57.0660 1884 nvraid - ok
01:14:57.0682 1884 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:14:58.0019 1884 nvstor - ok
01:14:58.0087 1884 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:14:58.0221 1884 nv_agp - ok
01:14:58.0270 1884 [ 908593EAC1FFE529FE760B0A378B3600 ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys
01:14:58.0282 1884 O2MDRDR - ok
01:14:58.0311 1884 [ E5E4F48A17CDD4683936B06563BA1C51 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys
01:14:58.0324 1884 O2SDRDR - ok
01:14:58.0443 1884 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:14:58.0457 1884 odserv - ok
01:14:58.0512 1884 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:14:58.0526 1884 ohci1394 - ok
01:14:58.0582 1884 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:14:58.0599 1884 ose - ok
01:14:58.0671 1884 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:14:58.0707 1884 p2pimsvc - ok
01:14:58.0757 1884 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
01:14:58.0819 1884 p2psvc - ok
01:14:58.0881 1884 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
01:14:58.0997 1884 Parport - ok
01:14:59.0028 1884 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:14:59.0159 1884 partmgr - ok
01:14:59.0202 1884 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
01:14:59.0273 1884 Parvdm - ok
01:14:59.0319 1884 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:14:59.0332 1884 PcaSvc - ok
01:14:59.0384 1884 [ 80A4748A0304715C29093311795AC448 ] pci C:\Windows\system32\drivers\pci.sys
01:14:59.0637 1884 pci - ok
01:14:59.0715 1884 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
01:14:59.0843 1884 pciide - ok
01:14:59.0887 1884 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:15:00.0000 1884 pcmcia - ok
01:15:00.0050 1884 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
01:15:00.0134 1884 pcw - ok
01:15:00.0211 1884 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:15:00.0252 1884 PEAUTH - ok
01:15:00.0416 1884 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:15:00.0587 1884 PeerDistSvc - ok
01:15:00.0763 1884 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
01:15:00.0873 1884 pla - ok
01:15:00.0925 1884 [ 2CC2008F1296968FBA162ED9F9AFE328 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:15:00.0949 1884 PlugPlay - ok
01:15:00.0981 1884 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:15:01.0022 1884 PNRPAutoReg - ok
01:15:01.0099 1884 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:15:01.0113 1884 PNRPsvc - ok
01:15:01.0175 1884 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:15:01.0195 1884 PolicyAgent - ok
01:15:01.0258 1884 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
01:15:01.0306 1884 Power - ok
01:15:01.0354 1884 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:15:01.0422 1884 PptpMiniport - ok
01:15:01.0452 1884 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
01:15:01.0510 1884 Processor - ok
01:15:01.0580 1884 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
01:15:01.0649 1884 ProfSvc - ok
01:15:01.0692 1884 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:15:01.0705 1884 ProtectedStorage - ok
01:15:01.0769 1884 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:15:01.0895 1884 Psched - ok
01:15:02.0006 1884 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:15:02.0176 1884 ql2300 - ok
01:15:02.0218 1884 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:15:02.0316 1884 ql40xx - ok
01:15:02.0391 1884 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
01:15:02.0435 1884 QWAVE - ok
01:15:02.0474 1884 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:15:02.0543 1884 QWAVEdrv - ok
01:15:02.0574 1884 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:15:02.0643 1884 RasAcd - ok
01:15:02.0676 1884 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:15:02.0741 1884 RasAgileVpn - ok
01:15:02.0794 1884 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
01:15:02.0825 1884 RasAuto - ok
01:15:02.0885 1884 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:15:02.0958 1884 Rasl2tp - ok
01:15:03.0028 1884 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
01:15:03.0048 1884 RasMan - ok
01:15:03.0094 1884 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:15:03.0163 1884 RasPppoe - ok
01:15:03.0188 1884 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:15:03.0271 1884 RasSstp - ok
01:15:03.0297 1884 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:15:03.0380 1884 rdbss - ok
01:15:03.0460 1884 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:15:03.0597 1884 rdpbus - ok
01:15:03.0655 1884 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:15:03.0733 1884 RDPCDD - ok
01:15:03.0781 1884 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:15:03.0795 1884 RDPDR - ok
01:15:03.0828 1884 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:15:03.0897 1884 RDPENCDD - ok
01:15:03.0945 1884 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:15:04.0032 1884 RDPREFMP - ok
01:15:04.0064 1884 [ 801371BA9782282892D00AADB08EE367 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:15:04.0201 1884 RDPWD - ok
01:15:04.0297 1884 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:15:04.0459 1884 rdyboost - ok
01:15:04.0515 1884 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
01:15:04.0529 1884 RemoteAccess - ok
01:15:04.0577 1884 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:15:04.0616 1884 RemoteRegistry - ok
01:15:04.0677 1884 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:15:04.0763 1884 RFCOMM - ok
01:15:04.0796 1884 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
01:15:04.0931 1884 rimmptsk - ok
01:15:04.0965 1884 [ AF213955C4D952C914620E8DB0CD0CF7 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
01:15:05.0057 1884 rimspci - ok
01:15:05.0084 1884 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
01:15:05.0177 1884 rimsptsk - ok
01:15:05.0215 1884 [ 6978DECC2C38C5CE10A8B0F2B12F4451 ] risdpcie C:\Windows\system32\DRIVERS\risdpe86.sys
01:15:05.0299 1884 risdpcie - ok
01:15:05.0330 1884 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
01:15:05.0473 1884 rismxdp - ok
01:15:05.0504 1884 [ 764C1F3453E779724BA647327DE7DDD4 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe86.sys
01:15:05.0595 1884 rixdpcie - ok
01:15:05.0650 1884 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:15:05.0673 1884 RpcEptMapper - ok
01:15:05.0716 1884 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
01:15:05.0733 1884 RpcLocator - ok
01:15:05.0781 1884 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
01:15:05.0797 1884 RpcSs - ok
01:15:05.0867 1884 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:15:05.0989 1884 rspndr - ok
01:15:06.0051 1884 [ 83F7A29B659771E60CD71999EF57AA0C ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
01:15:06.0211 1884 RSUSBSTOR - ok
01:15:06.0272 1884 [ 05C2613F661584190C752F6184D1C8EF ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
01:15:06.0541 1884 RTL8167 - ok
01:15:06.0605 1884 [ 702A60ACC6C067CC3F688C801A1F76E1 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
01:15:06.0685 1884 RTSTOR - ok
01:15:06.0722 1884 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:15:06.0804 1884 s3cap - ok
01:15:06.0825 1884 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe
01:15:06.0845 1884 SamSs - ok
01:15:06.0904 1884 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:15:06.0983 1884 sbp2port - ok
01:15:07.0029 1884 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:15:07.0049 1884 SCardSvr - ok
01:15:07.0088 1884 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:15:07.0105 1884 scfilter - ok
01:15:07.0151 1884 [ 3E8B0C453E25613A1F59762A5C42AA75 ] Schedule C:\Windows\system32\schedsvc.dll
01:15:07.0193 1884 Schedule - ok
01:15:07.0236 1884 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:15:07.0243 1884 SCPolicySvc - ok
01:15:07.0287 1884 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:15:07.0327 1884 SDRSVC - ok
01:15:07.0387 1884 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:15:07.0589 1884 secdrv - ok
01:15:07.0630 1884 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
01:15:07.0655 1884 seclogon - ok
01:15:07.0704 1884 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
01:15:07.0728 1884 SENS - ok
01:15:07.0758 1884 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:15:07.0784 1884 SensrSvc - ok
01:15:07.0816 1884 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
01:15:07.0885 1884 Serenum - ok
01:15:07.0949 1884 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
01:15:08.0052 1884 Serial - ok
01:15:08.0095 1884 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:15:08.0159 1884 sermouse - ok
01:15:08.0279 1884 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
01:15:08.0312 1884 SessionEnv - ok
01:15:08.0356 1884 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:15:08.0420 1884 sffdisk - ok
01:15:08.0455 1884 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:15:08.0593 1884 sffp_mmc - ok
01:15:08.0619 1884 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:15:08.0686 1884 sffp_sd - ok
01:15:08.0714 1884 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:15:08.0788 1884 sfloppy - ok
01:15:08.0905 1884 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:15:08.0972 1884 SharedAccess - ok
01:15:09.0060 1884 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:15:09.0079 1884 ShellHWDetection - ok
01:15:09.0136 1884 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
01:15:09.0225 1884 sisagp - ok
01:15:09.0263 1884 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:15:09.0445 1884 SiSRaid2 - ok
01:15:09.0476 1884 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:15:09.0588 1884 SiSRaid4 - ok
01:15:09.0648 1884 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:15:09.0822 1884 Smb - ok
01:15:09.0909 1884 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:15:09.0927 1884 SNMPTRAP - ok
01:15:09.0966 1884 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
01:15:09.0978 1884 spldr - ok
01:15:10.0028 1884 [ 49B6DD6AB3715B7A67965F17194E98A9 ] Spooler C:\Windows\System32\spoolsv.exe
01:15:10.0046 1884 Spooler - ok
01:15:10.0230 1884 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
01:15:10.0498 1884 sppsvc - ok
01:15:10.0637 1884 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:15:10.0682 1884 sppuinotify - ok
01:15:10.0744 1884 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
01:15:10.0784 1884 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
01:15:10.0805 1884 sptd ( LockedFile.Multi.Generic ) - warning
01:15:10.0805 1884 sptd - detected LockedFile.Multi.Generic (1)
01:15:10.0859 1884 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:15:11.0010 1884 srv - ok
01:15:11.0051 1884 [ DCE7E10FEAABD4CAE95948B3DE5340BB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:15:11.0236 1884 srv2 - ok
01:15:11.0296 1884 [ B5665BAA2120B8A54E22E9CD07C05106 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:15:11.0402 1884 srvnet - ok
01:15:11.0451 1884 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:15:11.0487 1884 SSDPSRV - ok
01:15:11.0531 1884 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:15:11.0565 1884 SstpSvc - ok
01:15:11.0629 1884 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
01:15:11.0769 1884 StarOpen - ok
01:15:11.0820 1884 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:15:11.0910 1884 stexstor - ok
01:15:11.0982 1884 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
01:15:12.0059 1884 StiSvc - ok
01:15:12.0109 1884 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:15:12.0175 1884 storflt - ok
01:15:12.0227 1884 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:15:12.0298 1884 storvsc - ok
01:15:12.0333 1884 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:15:12.0342 1884 swenum - ok
01:15:12.0401 1884 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
01:15:12.0427 1884 swprv - ok
01:15:12.0517 1884 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
01:15:12.0564 1884 SysMain - ok
01:15:12.0626 1884 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:15:12.0646 1884 TabletInputService - ok
01:15:12.0691 1884 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
01:15:12.0714 1884 TapiSrv - ok
01:15:12.0753 1884 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
01:15:12.0779 1884 TBS - ok
01:15:12.0873 1884 [ A1EDFAE89BC8956C925B99950E3558AD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:15:13.0077 1884 Tcpip - ok
01:15:13.0167 1884 [ A1EDFAE89BC8956C925B99950E3558AD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:15:13.0203 1884 TCPIP6 - ok
01:15:13.0263 1884 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:15:13.0344 1884 tcpipreg - ok
01:15:13.0401 1884 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:15:13.0493 1884 TDPIPE - ok
01:15:13.0522 1884 [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:15:13.0595 1884 TDTCP - ok
01:15:13.0638 1884 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:15:13.0776 1884 tdx - ok
01:15:13.0833 1884 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:15:13.0846 1884 TermDD - ok
01:15:13.0959 1884 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
01:15:14.0118 1884 TermService - ok
01:15:14.0225 1884 [ 59CFDA4EACB3788F8B17F87B49B0AC0E ] Themes C:\Windows\system32\themeservice.dll
01:15:16.0207 1884 Themes - ok
01:15:16.0244 1884 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
01:15:16.0270 1884 THREADORDER - ok
01:15:16.0325 1884 [ 9EE240F7029771B21CC6200BE6516D60 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
01:15:16.0342 1884 tosrfec - ok
01:15:16.0410 1884 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
01:15:16.0465 1884 TrkWks - ok
01:15:16.0576 1884 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:15:16.0657 1884 TrustedInstaller - ok
01:15:16.0713 1884 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:15:16.0974 1884 tssecsrv - ok
01:15:17.0013 1884 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:15:17.0155 1884 tunnel - ok
01:15:17.0195 1884 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:15:17.0265 1884 uagp35 - ok
01:15:17.0319 1884 [ EB0A7BD4D471AC3CE55564A4C55B9D8E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:15:17.0407 1884 udfs - ok
01:15:17.0505 1884 [ EF3D01DFFAE4AEDB7AD07B75FBE5CC60 ] UI Assistant Service C:\Program Files\SMART BRO\AssistantServices.exe
01:15:17.0522 1884 UI Assistant Service - ok
01:15:17.0563 1884 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:15:17.0595 1884 UI0Detect - ok
01:15:17.0640 1884 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:15:17.0709 1884 uliagpkx - ok
01:15:17.0764 1884 [ 71BBF3E8078D585ABF27411A8986EB95 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:15:17.0848 1884 umbus - ok
01:15:17.0897 1884 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
01:15:17.0961 1884 UmPass - ok
01:15:17.0999 1884 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
01:15:18.0021 1884 UmRdpService - ok
01:15:18.0130 1884 [ F365FA561C3AB455D8685770D208691A ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
01:15:18.0137 1884 UnlockerDriver5 - ok
01:15:18.0189 1884 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
01:15:18.0245 1884 upnphost - ok
01:15:18.0318 1884 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
01:15:18.0455 1884 USBAAPL - ok
01:15:18.0513 1884 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:15:18.0702 1884 usbccgp - ok
01:15:18.0811 1884 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:15:19.0012 1884 usbcir - ok
01:15:19.0070 1884 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:15:19.0217 1884 usbehci - ok
01:15:19.0311 1884 [ 0DB84EDA895894BA222E27ACF597C806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:15:19.0435 1884 usbhub - ok
01:15:19.0467 1884 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:15:19.0564 1884 usbohci - ok
01:15:19.0619 1884 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:15:19.0705 1884 usbprint - ok
01:15:19.0765 1884 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:15:19.0907 1884 USBSTOR - ok
01:15:19.0970 1884 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:15:20.0041 1884 usbuhci - ok
01:15:20.0199 1884 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
01:15:20.0274 1884 usbvideo - ok
01:15:20.0330 1884 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
01:15:20.0361 1884 UxSms - ok
01:15:20.0392 1884 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe
01:15:20.0411 1884 VaultSvc - ok
01:15:20.0490 1884 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:15:20.0702 1884 vdrvroot - ok
01:15:20.0791 1884 [ 03E73018549D1A2906E6356FE3BD31D4 ] vds C:\Windows\System32\vds.exe
01:15:20.0836 1884 vds - ok
01:15:20.0906 1884 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:15:20.0994 1884 vga - ok
01:15:21.0030 1884 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
01:15:21.0138 1884 VgaSave - ok
01:15:21.0221 1884 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:15:21.0305 1884 vhdmp - ok
01:15:21.0380 1884 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
01:15:21.0465 1884 viaagp - ok
01:15:21.0528 1884 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
01:15:21.0629 1884 ViaC7 - ok
01:15:21.0666 1884 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
01:15:21.0761 1884 viaide - ok
01:15:21.0855 1884 [ E2D93ECD5A0F3BFBA99D023074C73F6A ] vm3dmp C:\Windows\system32\DRIVERS\vm3dmp.sys
01:15:22.0020 1884 vm3dmp - ok
01:15:22.0048 1884 VMAUDIO - ok
01:15:22.0111 1884 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:15:22.0126 1884 vmbus - ok
01:15:22.0169 1884 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:15:22.0233 1884 VMBusHID - ok
01:15:22.0266 1884 vmci - ok
01:15:22.0485 1884 [ 17CD671136032E3A202B4A9C6C4C9DBA ] vmmouse C:\Windows\system32\DRIVERS\vmmouse.sys
01:15:22.0506 1884 vmmouse - ok
01:15:22.0575 1884 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:15:22.0659 1884 volmgr - ok
01:15:22.0723 1884 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:15:22.0861 1884 volmgrx - ok
01:15:22.0971 1884 [ 70F41D1EBDD9EE6ED2FD0FC05AA1FC13 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:15:23.0073 1884 volsnap - ok
01:15:23.0132 1884 [ 33E74DF34753FCAAB06F6F2BDC8CABF5 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
01:15:23.0345 1884 vpcbus - ok
01:15:23.0427 1884 [ 5F04362CEB5FB5901037E9D9EADD3760 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
01:15:23.0440 1884 vpcnfltr - ok
01:15:23.0493 1884 [ 625088D6EE9EDE977FD03CF18D1CD5C5 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
01:15:23.0586 1884 vpcusb - ok
01:15:23.0634 1884 [ 5ED378D91E32134F3C0B3810860FFD71 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
01:15:23.0716 1884 vpcvmm - ok
01:15:23.0779 1884 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:15:23.0893 1884 vsmraid - ok
01:15:23.0984 1884 [ F1BF254DC9EDA07E3A83BD111E39A350 ] VSS C:\Windows\system32\vssvc.exe
01:15:24.0023 1884 VSS - ok
01:15:24.0050 1884 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:15:24.0205 1884 vwifibus - ok
01:15:24.0254 1884 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:15:24.0401 1884 vwififlt - ok
01:15:24.0486 1884 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:15:24.0600 1884 vwifimp - ok
01:15:24.0672 1884 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
01:15:24.0699 1884 W32Time - ok
01:15:24.0749 1884 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:15:24.0817 1884 WacomPen - ok
01:15:24.0868 1884 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:15:25.0038 1884 WANARP - ok
01:15:25.0052 1884 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:15:25.0055 1884 Wanarpv6 - ok
01:15:25.0252 1884 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
01:15:25.0514 1884 wbengine - ok
01:15:25.0900 1884 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:15:25.0935 1884 WbioSrvc - ok
01:15:26.0007 1884 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:15:26.0048 1884 wcncsvc - ok
01:15:26.0119 1884 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:15:26.0138 1884 WcsPlugInService - ok
01:15:26.0229 1884 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
01:15:26.0342 1884 Wd - ok
01:15:26.0415 1884 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:15:26.0638 1884 Wdf01000 - ok
01:15:26.0736 1884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:15:26.0806 1884 WdiServiceHost - ok
01:15:26.0819 1884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:15:26.0841 1884 WdiSystemHost - ok
01:15:26.0890 1884 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
01:15:26.0935 1884 WebClient - ok
01:15:27.0040 1884 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:15:27.0078 1884 Wecsvc - ok
01:15:27.0134 1884 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:15:27.0156 1884 wercplsupport - ok
01:15:27.0257 1884 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
01:15:27.0272 1884 WerSvc - ok
01:15:27.0314 1884 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:15:27.0402 1884 WfpLwf - ok
01:15:27.0445 1884 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:15:27.0535 1884 WIMMount - ok
01:15:27.0674 1884 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
01:15:27.0732 1884 WinDefend - ok
01:15:27.0778 1884 WinHttpAutoProxySvc - ok
01:15:27.0913 1884 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:15:27.0928 1884 Winmgmt - ok
01:15:28.0042 1884 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
01:15:28.0091 1884 WinRM - ok
01:15:28.0248 1884 [ B5BA3CC19D00F2EBA92F1CFBEBB5D650 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:15:28.0260 1884 WinUsb - ok
01:15:28.0332 1884 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:15:28.0390 1884 Wlansvc - ok
01:15:28.0476 1884 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:15:28.0640 1884 WmiAcpi - ok
01:15:28.0715 1884 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:15:28.0733 1884 wmiApSrv - ok
01:15:28.0932 1884 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
01:15:29.0005 1884 WMPNetworkSvc - ok
01:15:29.0061 1884 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:15:29.0080 1884 WPCSvc - ok
01:15:29.0114 1884 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:15:29.0136 1884 WPDBusEnum - ok
01:15:29.0189 1884 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:15:29.0336 1884 ws2ifsl - ok
01:15:29.0377 1884 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
01:15:29.0413 1884 wscsvc - ok
01:15:29.0428 1884 WSearch - ok
01:15:29.0557 1884 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
01:15:29.0695 1884 wuauserv - ok
01:15:29.0719 1884 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:15:29.0808 1884 WudfPf - ok
01:15:29.0897 1884 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:15:29.0912 1884 WUDFRd - ok
01:15:29.0991 1884 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:15:30.0072 1884 wudfsvc - ok
01:15:30.0120 1884 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
01:15:30.0214 1884 WwanSvc - ok
01:15:30.0449 1884 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
01:15:30.0482 1884 ZTEusbmdm6k - ok
01:15:30.0604 1884 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
01:15:30.0631 1884 ZTEusbnmea - ok
01:15:30.0712 1884 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
01:15:30.0737 1884 ZTEusbser6k - ok
01:15:30.0801 1884 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
01:15:30.0813 1884 ZTEusbvoice - ok
01:15:30.0943 1884 ================ Scan global ===============================
01:15:30.0997 1884 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
01:15:31.0067 1884 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll
01:15:31.0104 1884 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll
01:15:31.0162 1884 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
01:15:31.0226 1884 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
01:15:31.0272 1884 [Global] - ok
01:15:31.0274 1884 ================ Scan MBR ==================================
01:15:31.0301 1884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:15:31.0663 1884 \Device\Harddisk0\DR0 - ok
01:15:31.0664 1884 ================ Scan VBR ==================================
01:15:31.0673 1884 [ 2E99961AE09BF6A7C74110737F55A08F ] \Device\Harddisk0\DR0\Partition1
01:15:31.0688 1884 \Device\Harddisk0\DR0\Partition1 - ok
01:15:31.0733 1884 [ 24F527F5FAAC9E480C93F811CF3E35D2 ] \Device\Harddisk0\DR0\Partition2
01:15:31.0738 1884 \Device\Harddisk0\DR0\Partition2 - ok
01:15:31.0767 1884 [ B7FFC8900D66A7AD8C8779FEA3C4319A ] \Device\Harddisk0\DR0\Partition3
01:15:31.0772 1884 \Device\Harddisk0\DR0\Partition3 - ok
01:15:31.0774 1884 ============================================================
01:15:31.0774 1884 Scan finished
01:15:31.0774 1884 ============================================================
01:15:31.0848 3340 Detected object count: 1
01:15:31.0848 3340 Actual detected object count: 1
01:15:43.0026 3340 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:15:43.0026 3340 sptd ( LockedFile.Multi.Generic ) - User select action: Skip


There are no threats found in ESET though. I have scanned my laptop a few times using ESET already.

BC AdBot (Login to Remove)

 


#2 Karmia

Karmia
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 15 January 2013 - 01:18 PM

Now, it still keeps on appearing whenever I open Microsoft Word. I don't know what to do anymore :(

#3 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:06 AM

Posted 15 January 2013 - 02:24 PM

Hello Karmia, and welcome to Bleeping Computer! :thumbsup:

You TDSSKiller log is clean, so I'd like you to run these tools for me next:

Step :step1:

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step2:

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

==========

Step :step3:

Please download the Junkware Removal Tool by thisisu and save it to your desktop.
  • Right-click on the tool and select Run As Administrator.
  • Once the scan completes, it will generate a log for you. Please post that log in your next reply.

==========

In your next reply, please include the folowing!

  • The MBAM log
  • The AdwCleaner log
  • The Junkware Removal log


How is the machine running now?

bloopie

#4 Karmia

Karmia
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 15 January 2013 - 11:23 PM

Malwarebytes' Log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2012.12.14.11

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Hannah :: HANNAH-PC [administrator]

1/16/2013 3:37:08 PM
mbam-log-2013-01-16 (15-37-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209327
Time elapsed: 9 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



ADW CLEANER LOG:

# AdwCleaner v2.105 - Logfile created 01/16/2013 at 15:48:31
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Hannah - HANNAH-PC
# Boot Mode : Normal
# Running from : D:\Users\Hannah\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v3.5.5 (en-US)

File : C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\oydprzrq.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v10.1.1844.0

File : C:\Users\Hannah\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4501 octets] - [16/01/2013 14:12:25]
AdwCleaner[S2].txt - [976 octets] - [16/01/2013 15:48:31]

########## EOF - C:\AdwCleaner[S2].txt - [1035 octets] ##########


JUNK REMOVAL TOOL LOG:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Windows 7 Ultimate x86
Ran by Hannah on Wed 01/16/2013 at 16:03:57.89
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/16/2013 at 16:11:23.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by Karmia, 16 January 2013 - 03:14 AM.


#5 Karmia

Karmia
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 16 January 2013 - 03:18 AM

Afer trying those, search.certified toolbar still appears whenever I open Microsoft word. :(

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:06 AM

Posted 16 January 2013 - 01:37 PM

Hi again,

Everything's looking pretty clean in your logs, so I'm going to move this thread to the Malware Removal Forum where it will stay. I'd like to get a deeper look into the system and we can't post the logs in the Aii forum:

==========

We need to create a New FULL OTL Report
  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

bloopie

Edited by bloopie, 16 January 2013 - 06:22 PM.
Updated Link


#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:06 AM

Posted 21 January 2013 - 05:38 PM

Hello again,

Are you still with us? :)

It has been several days so far without a response. If you still need help with this issue, please follow the instructions in my last post.

If you do not respond in the next 24-48 hrs, I will be forced to close this topic.

bloopie

#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:06 AM

Posted 22 January 2013 - 07:09 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users