Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Script Virus's Rootkits Worms and Encrypted Virus's


  • Please log in to reply
8 replies to this topic

#1 Burnfire

Burnfire

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 20 January 2013 - 05:21 PM

Some of the Video Game Applications I run on my PC lag and make weird distorted matrix noises. Sort of sounds like an old 56k modem dial up to the internet.
Ive very recently ran Systweak Advanced system optimizer System protector in safemode if there was any Trojan Horse or any type of malware on my machine it would be detected. If and when it does detect something I emediatly delete it from the quarantine. I also scan with AVAST Anti virus it dosnt detect anything either. This is why I suspect there is some kind of Script,Worm,Trojan,or encrypted virus or Rootkit on my machine. I have never scanned for rootkits before I am currently running the Malware Bytes Anti-Rootkit scanner.

Edited by Budapest, 20 January 2013 - 05:43 PM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


#2 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 21 January 2013 - 09:29 PM

I imagine I should provide you with an analysis report. However before I run Hijack this I must inform you that it prompted me with the following error.

My system denited write access to the Hosts file. notepad C:\Windows\System32\drivers\etc\hosts
Find the line(s) Hijack This reports and delete them. Save the file as 'hosts' (with quotes) and reboot

#3 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 21 January 2013 - 09:32 PM

System Protector found a virus by the name of Valhala. I scanned for rootkits and one was found in the OS Windows folder. I removed them both.

#4 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 23 January 2013 - 08:28 PM

My CPU tempurature is 60 celcius when idle. It tops out at 80 celcius during 3D Gaming.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:02 AM

Posted 24 January 2013 - 02:34 PM

Please also run these..
Did rootkit give a name?


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 25 January 2013 - 03:08 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Zidigen (administrator) on 25-01-2013 at 00:04:25
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

ASUS 802.11n Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Zidigen-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 14-DA-E9-B0-83-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : ASUS 802.11n Network Adapter
Physical Address. . . . . . . . . : 14-DA-E9-B0-83-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::907f:6127:50b0:4f1e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.211(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 24, 2013 10:52:40 PM
Lease Expires . . . . . . . . . . : Friday, January 25, 2013 10:52:43 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 303356649
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-21-37-BB-20-CF-30-7F-99-61
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.socal.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:c30:21e1:b354:42a0(Preferred)
Link-local IPv6 Address . . . . . : fe80::c30:21e1:b354:42a0%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4007:801::1005
74.125.239.4
74.125.239.5
74.125.239.6
74.125.239.7
74.125.239.8
74.125.239.9
74.125.239.14
74.125.239.0
74.125.239.1
74.125.239.2
74.125.239.3


Pinging google.com [74.125.224.238] with 32 bytes of data:
Reply from 74.125.224.238: bytes=32 time=12ms TTL=54
Reply from 74.125.224.238: bytes=32 time=12ms TTL=54

Ping statistics for 74.125.224.238:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=217ms TTL=47
Reply from 98.139.183.24: bytes=32 time=403ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 217ms, Maximum = 403ms, Average = 310ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...14 da e9 b0 83 42 ......Microsoft Virtual WiFi Miniport Adapter
11...14 da e9 b0 83 43 ......ASUS 802.11n Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.211 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.211 281
192.168.1.211 255.255.255.255 On-link 192.168.1.211 281
192.168.1.255 255.255.255.255 On-link 192.168.1.211 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.211 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.211 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:6ab8:c30:21e1:b354:42a0/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::c30:21e1:b354:42a0/128
On-link
11 281 fe80::907f:6127:50b0:4f1e/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/24/2013 09:08:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: Cxbx.exe, version: 0.0.0.0, time stamp: 0x3f8cf997
Faulting module name: Cxbx.exe, version: 0.0.0.0, time stamp: 0x3f8cf997
Exception code: 0xc0000005
Fault offset: 0x000020c9
Faulting process id: 0x14ac
Faulting application start time: 0xCxbx.exe0
Faulting application path: Cxbx.exe1
Faulting module path: Cxbx.exe2
Report Id: Cxbx.exe3

Error: (01/24/2013 05:26:28 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe Files (x86)\Advanced System Optimizer 3\SystemProtector.exe" ; Description = System Protector; Error = 0x8007043c).

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6069

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6069

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5055

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5055

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2013 10:26:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4056

Error: (01/23/2013 10:26:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4056


System errors:
=============
Error: (01/24/2013 05:11:08 PM) (Source: DCOM) (User: )
Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:14 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:14 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (01/24/2013 05:00:14 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (01/24/2013 09:08:45 PM) (Source: Application Error)(User: )
Description: Cxbx.exe0.0.0.03f8cf997Cxbx.exe0.0.0.03f8cf997c0000005000020c914ac01cdfab9c5009968C:\Users\Zidigen\Desktop\Cxbx-0.7.9-Pre4-Trace\Cxbx.exeC:\Users\Zidigen\Desktop\Cxbx-0.7.9-Pre4-Trace\Cxbx.exe4ae339c8-66ad-11e2-87a5-a9d4cf85749a

Error: (01/24/2013 05:26:28 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe Files (x86)\Advanced System Optimizer 3\SystemProtector.exe" System Protector0x8007043c

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6069

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6069

Error: (01/23/2013 10:26:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5055

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5055

Error: (01/23/2013 10:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2013 10:26:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4056

Error: (01/23/2013 10:26:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4056


=========================== Installed Programs ============================

7-Zip 9.22beta
ACE Online EP3-5 3.7.2.2 Full
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced System Optimizer (Version: 3.5.1000.14553)
AI Suite (Version: 1.05.30)
Allods Online 3.0.05.38 (Version: 3.0.05.38)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ASUSUpdate
Audacity 2.0.2 (Version: 2.0.2)
avast! Free Antivirus (Version: 7.0.1474.0)
Battlefield 2™ (Version: 1.00.0000)
Battlefield 2: Special Forces
BitTorrent (Version: 7.2.1)
Bonjour (Version: 3.0.0.10)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
Chivalry: Medieval Warfare
Combat Arms
CPUID CPU-Z 1.62.0
Crysis
Deus Ex: Human Revolution
DOOM 3
DOOM 3: Resurrection of Evil
EVE Online (remove only)
Fraps (remove only)
G-Force (Version: 4.4)
Google Earth (Version: 7.0.2.8415)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
GTA San Andreas (Version: 1.00.00001)
Insurgency: Modern Infantry Combat
iTunes (Version: 11.0.1.12)
Java 7 Update 11 (Version: 7.0.110)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 9.4.0 (Full) (Version: 9.4.0)
Launchpad Enhanced (Version: 0.05.000)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
Nexus Mod Manager (Version: 0.34.0)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 310.90 (Version: 310.90)
NVIDIA Control Panel 310.90 (Version: 310.90)
NVIDIA Drivers (Version: 1.3)
NVIDIA Graphics Driver 310.90 (Version: 310.90)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA Logo Screensaver
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1090)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL
Pando Media Booster (Version: 2.6.0.8)
PC Probe II (Version: 1.04.72)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PunkBuster Services (Version: 0.986)
Quake 4™ (Version: 1.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6716)
RuneScape Launcher 1.2.2 (Version: 1.2.2)
Skype™ 6.0 (Version: 6.0.126)
Sound Blaster X-Fi (Version: 1.0)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.0.1108)
swMSM (Version: 12.0.0.1)
System Requirements Lab Detection (Version: 1.0.5.0)
TeamSpeak 3 Client (Version: 3.0.6)
The Chronicles of Riddick: Assault on Dark Athena
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
ZoneAlarm Firewall (Version: 11.0.000.038)
ZoneAlarm Free Firewall (Version: 11.0.000.038)
ZoneAlarm Security (Version: 11.0.000.038)
ZoneAlarm Security Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 4094.55 MB
Available physical RAM: 2495.97 MB
Total Pagefile: 8187.3 MB
Available Pagefile: 6059.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3949.03 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:296.09 GB) (Free:118.47 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:149.01 GB) (Free:89.19 GB) NTFS
5 Drive g: () (Fixed) (Total:465.75 GB) (Free:412.05 GB) NTFS

========================= Users: ========================================

User accounts for \\ZIDIGEN-PC

Administrator ASPNET Guest
UpdatusUser WeirdBeard Zidigen


**** End of log ****

#7 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 25 January 2013 - 03:12 AM

00:09:07.0654 4420 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:09:08.0087 4420 ============================================================
00:09:08.0087 4420 Current date / time: 2013/01/25 00:09:08.0087
00:09:08.0087 4420 SystemInfo:
00:09:08.0087 4420
00:09:08.0087 4420 OS Version: 6.1.7601 ServicePack: 1.0
00:09:08.0087 4420 Product type: Workstation
00:09:08.0088 4420 ComputerName: ZIDIGEN-PC
00:09:08.0088 4420 UserName: Zidigen
00:09:08.0088 4420 Windows directory: C:\Windows
00:09:08.0088 4420 System windows directory: C:\Windows
00:09:08.0088 4420 Running under WOW64
00:09:08.0088 4420 Processor architecture: Intel x64
00:09:08.0088 4420 Number of processors: 2
00:09:08.0088 4420 Page size: 0x1000
00:09:08.0088 4420 Boot type: Normal boot
00:09:08.0088 4420 ============================================================
00:09:09.0192 4420 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:09:09.0206 4420 Drive \Device\Harddisk1\DR1 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:09:09.0211 4420 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:09:15.0850 4420 ============================================================
00:09:15.0850 4420 \Device\Harddisk0\DR0:
00:09:15.0851 4420 MBR partitions:
00:09:15.0851 4420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2502DBBD
00:09:15.0876 4420 \Device\Harddisk1\DR1:
00:09:15.0876 4420 MBR partitions:
00:09:15.0876 4420 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A04800
00:09:15.0876 4420 \Device\Harddisk2\DR2:
00:09:15.0877 4420 MBR partitions:
00:09:15.0877 4420 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
00:09:15.0877 4420 ============================================================
00:09:15.0909 4420 C: <-> \Device\Harddisk0\DR0\Partition1
00:09:15.0944 4420 G: <-> \Device\Harddisk2\DR2\Partition1
00:09:15.0973 4420 D: <-> \Device\Harddisk1\DR1\Partition1
00:09:15.0973 4420 ============================================================
00:09:15.0973 4420 Initialize success
00:09:15.0973 4420 ============================================================
00:09:23.0396 0792 ============================================================
00:09:23.0396 0792 Scan started
00:09:23.0396 0792 Mode: Manual;
00:09:23.0396 0792 ============================================================
00:09:24.0847 0792 ================ Scan system memory ========================
00:09:24.0847 0792 System memory - ok
00:09:24.0847 0792 ================ Scan services =============================
00:09:24.0900 0792 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
00:09:24.0922 0792 !SASCORE - ok
00:09:25.0010 0792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:09:25.0014 0792 1394ohci - ok
00:09:25.0048 0792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:09:25.0052 0792 ACPI - ok
00:09:25.0081 0792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:09:25.0083 0792 AcpiPmi - ok
00:09:25.0135 0792 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:09:25.0137 0792 AdobeARMservice - ok
00:09:25.0239 0792 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:09:25.0241 0792 AdobeFlashPlayerUpdateSvc - ok
00:09:25.0269 0792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:09:25.0282 0792 adp94xx - ok
00:09:25.0314 0792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:09:25.0318 0792 adpahci - ok
00:09:25.0337 0792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:09:25.0341 0792 adpu320 - ok
00:09:25.0363 0792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:09:25.0364 0792 AeLookupSvc - ok
00:09:25.0393 0792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:09:25.0400 0792 AFD - ok
00:09:25.0426 0792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:09:25.0427 0792 agp440 - ok
00:09:25.0445 0792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:09:25.0447 0792 ALG - ok
00:09:25.0461 0792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:09:25.0473 0792 aliide - ok
00:09:25.0491 0792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:09:25.0492 0792 amdide - ok
00:09:25.0559 0792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:09:25.0561 0792 AmdK8 - ok
00:09:25.0566 0792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:09:25.0568 0792 AmdPPM - ok
00:09:25.0592 0792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:09:25.0594 0792 amdsata - ok
00:09:25.0609 0792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:09:25.0613 0792 amdsbs - ok
00:09:25.0622 0792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:09:25.0622 0792 amdxata - ok
00:09:25.0644 0792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:09:25.0646 0792 AppID - ok
00:09:25.0665 0792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:09:25.0666 0792 AppIDSvc - ok
00:09:25.0690 0792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:09:25.0692 0792 Appinfo - ok
00:09:25.0724 0792 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:09:25.0726 0792 Apple Mobile Device - ok
00:09:25.0750 0792 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:09:25.0753 0792 AppMgmt - ok
00:09:25.0765 0792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:09:25.0767 0792 arc - ok
00:09:25.0782 0792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:09:25.0784 0792 arcsas - ok
00:09:25.0813 0792 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
00:09:25.0814 0792 AsIO - ok
00:09:25.0857 0792 [ FE4736ACB7679B40A903052F2AD5C232 ] ASO3DiskOptimizer C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
00:09:25.0860 0792 ASO3DiskOptimizer - ok
00:09:25.0898 0792 aspnet_state - ok
00:09:25.0925 0792 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:09:25.0926 0792 aswFsBlk - ok
00:09:25.0947 0792 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
00:09:25.0948 0792 aswKbd - ok
00:09:25.0968 0792 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:09:25.0969 0792 aswMonFlt - ok
00:09:25.0982 0792 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
00:09:25.0984 0792 aswRdr - ok
00:09:26.0021 0792 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:09:26.0047 0792 aswSnx - ok
00:09:26.0063 0792 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:09:26.0068 0792 aswSP - ok
00:09:26.0088 0792 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:09:26.0089 0792 aswTdi - ok
00:09:26.0106 0792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:09:26.0107 0792 AsyncMac - ok
00:09:26.0134 0792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:09:26.0134 0792 atapi - ok
00:09:26.0169 0792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:09:26.0183 0792 AudioEndpointBuilder - ok
00:09:26.0194 0792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:09:26.0199 0792 AudioSrv - ok
00:09:26.0243 0792 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:09:26.0244 0792 avast! Antivirus - ok
00:09:26.0263 0792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:09:26.0266 0792 AxInstSV - ok
00:09:26.0286 0792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:09:26.0291 0792 b06bdrv - ok
00:09:26.0305 0792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:09:26.0309 0792 b57nd60a - ok
00:09:26.0335 0792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:09:26.0338 0792 BDESVC - ok
00:09:26.0346 0792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:09:26.0347 0792 Beep - ok
00:09:26.0382 0792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:09:26.0395 0792 BFE - ok
00:09:26.0435 0792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:09:26.0474 0792 BITS - ok
00:09:26.0483 0792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:09:26.0484 0792 blbdrive - ok
00:09:26.0515 0792 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:09:26.0520 0792 Bonjour Service - ok
00:09:26.0552 0792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:09:26.0554 0792 bowser - ok
00:09:26.0568 0792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:09:26.0569 0792 BrFiltLo - ok
00:09:26.0583 0792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:09:26.0584 0792 BrFiltUp - ok
00:09:26.0603 0792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:09:26.0606 0792 Browser - ok
00:09:26.0626 0792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:09:26.0631 0792 Brserid - ok
00:09:26.0635 0792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:09:26.0637 0792 BrSerWdm - ok
00:09:26.0644 0792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:09:26.0646 0792 BrUsbMdm - ok
00:09:26.0652 0792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:09:26.0654 0792 BrUsbSer - ok
00:09:26.0669 0792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:09:26.0671 0792 BTHMODEM - ok
00:09:26.0697 0792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:09:26.0699 0792 bthserv - ok
00:09:26.0711 0792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:09:26.0713 0792 cdfs - ok
00:09:26.0741 0792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:09:26.0744 0792 cdrom - ok
00:09:26.0774 0792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:09:26.0776 0792 CertPropSvc - ok
00:09:26.0790 0792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:09:26.0791 0792 circlass - ok
00:09:26.0821 0792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:09:26.0826 0792 CLFS - ok
00:09:26.0850 0792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:09:26.0852 0792 clr_optimization_v2.0.50727_32 - ok
00:09:26.0900 0792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:09:26.0902 0792 clr_optimization_v2.0.50727_64 - ok
00:09:26.0954 0792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:09:26.0956 0792 clr_optimization_v4.0.30319_32 - ok
00:09:26.0981 0792 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:09:26.0983 0792 clr_optimization_v4.0.30319_64 - ok
00:09:26.0999 0792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:09:27.0000 0792 CmBatt - ok
00:09:27.0023 0792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:09:27.0024 0792 cmdide - ok
00:09:27.0054 0792 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
00:09:27.0059 0792 CNG - ok
00:09:27.0081 0792 [ 8B0894025E4077324A460830E4CE48D3 ] COMMONFX.DLL C:\Windows\System32\COMMONFX.DLL
00:09:27.0085 0792 COMMONFX.DLL - ok
00:09:27.0095 0792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:09:27.0097 0792 Compbatt - ok
00:09:27.0124 0792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:09:27.0125 0792 CompositeBus - ok
00:09:27.0129 0792 COMSysApp - ok
00:09:27.0142 0792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:09:27.0144 0792 crcdisk - ok
00:09:27.0170 0792 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:09:27.0174 0792 CryptSvc - ok
00:09:27.0206 0792 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
00:09:27.0219 0792 CSC - ok
00:09:27.0271 0792 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
00:09:27.0285 0792 CscService - ok
00:09:27.0312 0792 [ DF908DFC09A49F6F71A88E1EBFED97D6 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
00:09:27.0315 0792 CT20XUT - ok
00:09:27.0318 0792 CT20XUT.DLL - ok
00:09:27.0328 0792 [ DF908DFC09A49F6F71A88E1EBFED97D6 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
00:09:27.0330 0792 CT20XUT.SYS - ok
00:09:27.0366 0792 [ 8B15225C82E7F6064D4523DF494BF112 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
00:09:27.0381 0792 ctac32k - ok
00:09:27.0403 0792 [ 80298AE72BDCF141DE89CF4DD54E286A ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
00:09:27.0416 0792 ctaud2k - ok
00:09:27.0487 0792 [ 044AE7EF3B00D3FF78C2499020CF5877 ] CTAUDFX.DLL C:\Windows\System32\CTAUDFX.DLL
00:09:27.0496 0792 CTAUDFX.DLL - ok
00:09:27.0511 0792 [ 00406FE23F68323C5B6E5DB7C9E1F630 ] CTEAPSFX.DLL C:\Windows\System32\CTEAPSFX.DLL
00:09:27.0515 0792 CTEAPSFX.DLL - ok
00:09:27.0531 0792 [ 65DE222141B31AC3FFE6F57D3E24AF12 ] CTEDSPFX.DLL C:\Windows\System32\CTEDSPFX.DLL
00:09:27.0536 0792 CTEDSPFX.DLL - ok
00:09:27.0553 0792 [ 54F59F12BE0DB627273A55DC8EF7B35B ] CTEDSPIO.DLL C:\Windows\System32\CTEDSPIO.DLL
00:09:27.0557 0792 CTEDSPIO.DLL - ok
00:09:27.0578 0792 [ C0CBEB55E12B3D63AEB4CA5926D65FEA ] CTEDSPSY.DLL C:\Windows\System32\CTEDSPSY.DLL
00:09:27.0583 0792 CTEDSPSY.DLL - ok
00:09:27.0632 0792 [ 76E301B0465F0F8D4AD50B1E21A429F2 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
00:09:27.0666 0792 CTEXFIFX - ok
00:09:27.0670 0792 CTEXFIFX.DLL - ok
00:09:27.0701 0792 [ 76E301B0465F0F8D4AD50B1E21A429F2 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
00:09:27.0710 0792 CTEXFIFX.SYS - ok
00:09:27.0724 0792 [ 9DD0C0D2EAABB276229B0FBADBABBCDE ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
00:09:27.0726 0792 CTHWIUT - ok
00:09:27.0729 0792 CTHWIUT.DLL - ok
00:09:27.0733 0792 [ 9DD0C0D2EAABB276229B0FBADBABBCDE ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
00:09:27.0734 0792 CTHWIUT.SYS - ok
00:09:27.0750 0792 [ 95FE230FB90AAE0240ED6B5882659236 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
00:09:27.0752 0792 ctprxy2k - ok
00:09:27.0775 0792 [ B92DFA633AB0595E1D941778844A9909 ] CTSBLFX.DLL C:\Windows\System32\CTSBLFX.DLL
00:09:27.0792 0792 CTSBLFX.DLL - ok
00:09:27.0810 0792 [ 95DEEDAC0EB4EA39E8E52C82874ECD55 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
00:09:27.0814 0792 ctsfm2k - ok
00:09:27.0845 0792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:09:27.0860 0792 DcomLaunch - ok
00:09:27.0887 0792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:09:27.0893 0792 defragsvc - ok
00:09:27.0918 0792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:09:27.0920 0792 DfsC - ok
00:09:27.0954 0792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:09:27.0960 0792 Dhcp - ok
00:09:27.0978 0792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:09:27.0979 0792 discache - ok
00:09:27.0986 0792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:09:27.0987 0792 Disk - ok
00:09:28.0013 0792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:09:28.0017 0792 Dnscache - ok
00:09:28.0046 0792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:09:28.0051 0792 dot3svc - ok
00:09:28.0079 0792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:09:28.0083 0792 DPS - ok
00:09:28.0109 0792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:09:28.0110 0792 drmkaud - ok
00:09:28.0152 0792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:09:28.0178 0792 DXGKrnl - ok
00:09:28.0182 0792 EagleX64 - ok
00:09:28.0210 0792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:09:28.0213 0792 EapHost - ok
00:09:28.0294 0792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:09:28.0358 0792 ebdrv - ok
00:09:28.0385 0792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:09:28.0387 0792 EFS - ok
00:09:28.0425 0792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:09:28.0439 0792 ehRecvr - ok
00:09:28.0460 0792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:09:28.0462 0792 ehSched - ok
00:09:28.0486 0792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:09:28.0498 0792 elxstor - ok
00:09:28.0522 0792 [ 1125E333BB0BA07EA83C13AEDA00ECCB ] emupia C:\Windows\system32\drivers\emupia2k.sys
00:09:28.0525 0792 emupia - ok
00:09:28.0538 0792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:09:28.0539 0792 ErrDev - ok
00:09:28.0564 0792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:09:28.0569 0792 EventSystem - ok
00:09:28.0574 0792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:09:28.0577 0792 exfat - ok
00:09:28.0595 0792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:09:28.0599 0792 fastfat - ok
00:09:28.0627 0792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:09:28.0640 0792 Fax - ok
00:09:28.0649 0792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:09:28.0650 0792 fdc - ok
00:09:28.0661 0792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:09:28.0662 0792 fdPHost - ok
00:09:28.0671 0792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:09:28.0673 0792 FDResPub - ok
00:09:28.0682 0792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:09:28.0684 0792 FileInfo - ok
00:09:28.0687 0792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:09:28.0689 0792 Filetrace - ok
00:09:28.0699 0792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:09:28.0700 0792 flpydisk - ok
00:09:28.0727 0792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:09:28.0730 0792 FltMgr - ok
00:09:28.0778 0792 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:09:28.0806 0792 FontCache - ok
00:09:28.0846 0792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:09:28.0848 0792 FontCache3.0.0.0 - ok
00:09:28.0864 0792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:09:28.0865 0792 FsDepends - ok
00:09:28.0885 0792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:09:28.0886 0792 Fs_Rec - ok
00:09:28.0917 0792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:09:28.0920 0792 fvevol - ok
00:09:28.0931 0792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:09:28.0933 0792 gagp30kx - ok
00:09:28.0953 0792 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:09:28.0955 0792 GEARAspiWDM - ok
00:09:28.0994 0792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:09:29.0020 0792 gpsvc - ok
00:09:29.0093 0792 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:09:29.0094 0792 gupdate - ok
00:09:29.0099 0792 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:09:29.0100 0792 gupdatem - ok
00:09:29.0126 0792 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:09:29.0130 0792 gusvc - ok
00:09:29.0179 0792 [ FB82CE21D7B134DE2D270DB9DA646818 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
00:09:29.0222 0792 ha20x2k - ok
00:09:29.0249 0792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:09:29.0250 0792 hcw85cir - ok
00:09:29.0273 0792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:09:29.0278 0792 HdAudAddService - ok
00:09:29.0296 0792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:09:29.0299 0792 HDAudBus - ok
00:09:29.0304 0792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:09:29.0306 0792 HidBatt - ok
00:09:29.0311 0792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:09:29.0313 0792 HidBth - ok
00:09:29.0323 0792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:09:29.0325 0792 HidIr - ok
00:09:29.0347 0792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:09:29.0349 0792 hidserv - ok
00:09:29.0370 0792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:09:29.0372 0792 HidUsb - ok
00:09:29.0394 0792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:09:29.0397 0792 hkmsvc - ok
00:09:29.0423 0792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:09:29.0427 0792 HomeGroupListener - ok
00:09:29.0464 0792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:09:29.0469 0792 HomeGroupProvider - ok
00:09:29.0479 0792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:09:29.0481 0792 HpSAMD - ok
00:09:29.0512 0792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:09:29.0522 0792 HTTP - ok
00:09:29.0545 0792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:09:29.0545 0792 hwpolicy - ok
00:09:29.0568 0792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:09:29.0571 0792 i8042prt - ok
00:09:29.0602 0792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:09:29.0607 0792 iaStorV - ok
00:09:29.0643 0792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:09:29.0661 0792 idsvc - ok
00:09:29.0673 0792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:09:29.0675 0792 iirsp - ok
00:09:29.0720 0792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:09:29.0745 0792 IKEEXT - ok
00:09:30.0049 0792 [ 7D00AD50AAF957F0CA3A07F0E20EA58B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:09:30.0127 0792 IntcAzAudAddService - ok
00:09:30.0145 0792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:09:30.0146 0792 intelide - ok
00:09:30.0158 0792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:09:30.0160 0792 intelppm - ok
00:09:30.0183 0792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:09:30.0186 0792 IPBusEnum - ok
00:09:30.0207 0792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:09:30.0209 0792 IpFilterDriver - ok
00:09:30.0246 0792 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:09:30.0259 0792 iphlpsvc - ok
00:09:30.0283 0792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:09:30.0285 0792 IPMIDRV - ok
00:09:30.0307 0792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:09:30.0309 0792 IPNAT - ok
00:09:30.0346 0792 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:09:30.0359 0792 iPod Service - ok
00:09:30.0375 0792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:09:30.0377 0792 IRENUM - ok
00:09:30.0399 0792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:09:30.0400 0792 isapnp - ok
00:09:30.0427 0792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:09:30.0431 0792 iScsiPrt - ok
00:09:30.0481 0792 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
00:09:30.0482 0792 ISWKL - ok
00:09:30.0520 0792 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
00:09:30.0544 0792 IswSvc - ok
00:09:30.0557 0792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:09:30.0577 0792 kbdclass - ok
00:09:30.0587 0792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:09:30.0589 0792 kbdhid - ok
00:09:30.0601 0792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:09:30.0604 0792 KeyIso - ok
00:09:30.0633 0792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:09:30.0635 0792 KSecDD - ok
00:09:30.0662 0792 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:09:30.0665 0792 KSecPkg - ok
00:09:30.0676 0792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:09:30.0677 0792 ksthunk - ok
00:09:30.0702 0792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:09:30.0708 0792 KtmRm - ok
00:09:30.0730 0792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:09:30.0736 0792 LanmanServer - ok
00:09:30.0759 0792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:09:30.0763 0792 LanmanWorkstation - ok
00:09:30.0795 0792 [ 6E7EE7F713826AD0FDDC86806D802626 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:09:30.0797 0792 LHidFilt - ok
00:09:30.0811 0792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:09:30.0813 0792 lltdio - ok
00:09:30.0841 0792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:09:30.0846 0792 lltdsvc - ok
00:09:30.0850 0792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:09:30.0852 0792 lmhosts - ok
00:09:30.0864 0792 [ C4ED829BA8D73F8480E50652586B80E1 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:09:30.0866 0792 LMouFilt - ok
00:09:30.0876 0792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:09:30.0878 0792 LSI_FC - ok
00:09:30.0885 0792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:09:30.0887 0792 LSI_SAS - ok
00:09:30.0901 0792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:09:30.0903 0792 LSI_SAS2 - ok
00:09:30.0917 0792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:09:30.0919 0792 LSI_SCSI - ok
00:09:30.0931 0792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:09:30.0933 0792 luafv - ok
00:09:30.0951 0792 [ 2A990513D28C5283A333AF665A57C150 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
00:09:30.0953 0792 LUsbFilt - ok
00:09:30.0957 0792 Maplom - ok
00:09:30.0960 0792 MaplomL - ok
00:09:30.0995 0792 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
00:09:30.0999 0792 mcdbus - ok
00:09:31.0038 0792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:09:31.0042 0792 Mcx2Svc - ok
00:09:31.0061 0792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:09:31.0063 0792 megasas - ok
00:09:31.0076 0792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:09:31.0081 0792 MegaSR - ok
00:09:31.0104 0792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:09:31.0106 0792 MMCSS - ok
00:09:31.0122 0792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:09:31.0123 0792 Modem - ok
00:09:31.0146 0792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:09:31.0147 0792 monitor - ok
00:09:31.0171 0792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:09:31.0173 0792 mouclass - ok
00:09:31.0179 0792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:09:31.0180 0792 mouhid - ok
00:09:31.0202 0792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:09:31.0204 0792 mountmgr - ok
00:09:31.0229 0792 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:09:31.0231 0792 MozillaMaintenance - ok
00:09:31.0251 0792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:09:31.0253 0792 mpio - ok
00:09:31.0266 0792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:09:31.0267 0792 mpsdrv - ok
00:09:31.0310 0792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:09:31.0336 0792 MpsSvc - ok
00:09:31.0379 0792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:09:31.0381 0792 MRxDAV - ok
00:09:31.0409 0792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:09:31.0411 0792 mrxsmb - ok
00:09:31.0424 0792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:09:31.0427 0792 mrxsmb10 - ok
00:09:31.0455 0792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:09:31.0457 0792 mrxsmb20 - ok
00:09:31.0463 0792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:09:31.0465 0792 msahci - ok
00:09:31.0476 0792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:09:31.0479 0792 msdsm - ok
00:09:31.0490 0792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:09:31.0494 0792 MSDTC - ok
00:09:31.0507 0792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:09:31.0508 0792 Msfs - ok
00:09:31.0518 0792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:09:31.0519 0792 mshidkmdf - ok
00:09:31.0540 0792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:09:31.0541 0792 msisadrv - ok
00:09:31.0571 0792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:09:31.0575 0792 MSiSCSI - ok
00:09:31.0578 0792 msiserver - ok
00:09:31.0592 0792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:09:31.0593 0792 MSKSSRV - ok
00:09:31.0606 0792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:09:31.0607 0792 MSPCLOCK - ok
00:09:31.0615 0792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:09:31.0616 0792 MSPQM - ok
00:09:31.0642 0792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:09:31.0646 0792 MsRPC - ok
00:09:31.0658 0792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:09:31.0659 0792 mssmbios - ok
00:09:31.0675 0792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:09:31.0676 0792 MSTEE - ok
00:09:31.0686 0792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:09:31.0688 0792 MTConfig - ok
00:09:31.0714 0792 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
00:09:31.0715 0792 MTsensor - ok
00:09:31.0726 0792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:09:31.0727 0792 Mup - ok
00:09:31.0762 0792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:09:31.0775 0792 napagent - ok
00:09:31.0806 0792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:09:31.0810 0792 NativeWifiP - ok
00:09:31.0845 0792 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:09:31.0860 0792 NDIS - ok
00:09:31.0874 0792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:09:31.0875 0792 NdisCap - ok
00:09:31.0889 0792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:09:31.0890 0792 NdisTapi - ok
00:09:31.0916 0792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:09:31.0918 0792 Ndisuio - ok
00:09:31.0944 0792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:09:31.0947 0792 NdisWan - ok
00:09:31.0974 0792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:09:31.0975 0792 NDProxy - ok
00:09:31.0980 0792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:09:31.0981 0792 NetBIOS - ok
00:09:32.0015 0792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:09:32.0019 0792 NetBT - ok
00:09:32.0034 0792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:09:32.0037 0792 Netlogon - ok
00:09:32.0062 0792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:09:32.0069 0792 Netman - ok
00:09:32.0090 0792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:09:32.0096 0792 netprofm - ok
00:09:32.0147 0792 [ 8EA8424621A537A57DA63473B5D4CEE2 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
00:09:32.0181 0792 netr28ux - ok
00:09:32.0214 0792 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:09:32.0216 0792 NetTcpPortSharing - ok
00:09:32.0232 0792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:09:32.0234 0792 nfrd960 - ok
00:09:32.0263 0792 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:09:32.0268 0792 NlaSvc - ok
00:09:32.0281 0792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:09:32.0282 0792 Npfs - ok
00:09:32.0297 0792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:09:32.0300 0792 nsi - ok
00:09:32.0311 0792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:09:32.0312 0792 nsiproxy - ok
00:09:32.0369 0792 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:09:32.0409 0792 Ntfs - ok
00:09:32.0416 0792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:09:32.0417 0792 Null - ok
00:09:32.0449 0792 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
00:09:32.0454 0792 NVENETFD - ok
00:09:32.0485 0792 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:09:32.0515 0792 NVHDA - ok
00:09:32.0825 0792 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:09:33.0094 0792 nvlddmkm - ok
00:09:33.0133 0792 [ 956A1F47826514C1EA0C295FE13C7377 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
00:09:33.0137 0792 NVNET - ok
00:09:33.0158 0792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:09:33.0162 0792 nvraid - ok
00:09:33.0191 0792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:09:33.0193 0792 nvstor - ok
00:09:33.0226 0792 [ 7C7EEF51979658CE15BBC04F96A77D56 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
00:09:33.0227 0792 nvstor64 - ok
00:09:33.0250 0792 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:09:33.0275 0792 nvsvc - ok
00:09:33.0362 0792 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:09:33.0370 0792 nvUpdatusService - ok
00:09:33.0402 0792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:09:33.0404 0792 nv_agp - ok
00:09:33.0433 0792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:09:33.0435 0792 ohci1394 - ok
00:09:33.0447 0792 [ FA78441F605C39545810F33A08528AEA ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
00:09:33.0450 0792 ossrv - ok
00:09:33.0481 0792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:09:33.0487 0792 p2pimsvc - ok
00:09:33.0512 0792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:09:33.0518 0792 p2psvc - ok
00:09:33.0540 0792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:09:33.0541 0792 Parport - ok
00:09:33.0562 0792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:09:33.0564 0792 partmgr - ok
00:09:33.0641 0792 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
00:09:33.0642 0792 pbfilter - ok
00:09:33.0664 0792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:09:33.0670 0792 PcaSvc - ok
00:09:33.0686 0792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:09:33.0688 0792 pci - ok
00:09:33.0699 0792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:09:33.0700 0792 pciide - ok
00:09:33.0721 0792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:09:33.0725 0792 pcmcia - ok
00:09:33.0739 0792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:09:33.0741 0792 pcw - ok
00:09:33.0763 0792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:09:33.0774 0792 PEAUTH - ok
00:09:33.0816 0792 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:09:33.0841 0792 PeerDistSvc - ok
00:09:33.0900 0792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:09:33.0904 0792 PerfHost - ok
00:09:33.0965 0792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:09:34.0000 0792 pla - ok
00:09:34.0023 0792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:09:34.0029 0792 PlugPlay - ok
00:09:34.0033 0792 PnkBstrA - ok
00:09:34.0047 0792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:09:34.0050 0792 PNRPAutoReg - ok
00:09:34.0073 0792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:09:34.0076 0792 PNRPsvc - ok
00:09:34.0099 0792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:09:34.0111 0792 PolicyAgent - ok
00:09:34.0144 0792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:09:34.0148 0792 Power - ok
00:09:34.0171 0792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:09:34.0173 0792 PptpMiniport - ok
00:09:34.0177 0792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:09:34.0179 0792 Processor - ok
00:09:34.0207 0792 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:09:34.0210 0792 ProfSvc - ok
00:09:34.0218 0792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:09:34.0220 0792 ProtectedStorage - ok
00:09:34.0245 0792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:09:34.0247 0792 Psched - ok
00:09:34.0295 0792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:09:34.0329 0792 ql2300 - ok
00:09:34.0341 0792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:09:34.0344 0792 ql40xx - ok
00:09:34.0369 0792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:09:34.0375 0792 QWAVE - ok
00:09:34.0390 0792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:09:34.0391 0792 QWAVEdrv - ok
00:09:34.0400 0792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:09:34.0402 0792 RasAcd - ok
00:09:34.0428 0792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:09:34.0429 0792 RasAgileVpn - ok
00:09:34.0445 0792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:09:34.0449 0792 RasAuto - ok
00:09:34.0479 0792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:09:34.0481 0792 Rasl2tp - ok
00:09:34.0506 0792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:09:34.0513 0792 RasMan - ok
00:09:34.0528 0792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:09:34.0530 0792 RasPppoe - ok
00:09:34.0542 0792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:09:34.0544 0792 RasSstp - ok
00:09:34.0568 0792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:09:34.0572 0792 rdbss - ok
00:09:34.0588 0792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:09:34.0590 0792 rdpbus - ok
00:09:34.0605 0792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:09:34.0606 0792 RDPCDD - ok
00:09:34.0634 0792 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:09:34.0637 0792 RDPDR - ok
00:09:34.0656 0792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:09:34.0657 0792 RDPENCDD - ok
00:09:34.0685 0792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:09:34.0686 0792 RDPREFMP - ok
00:09:34.0706 0792 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:09:34.0707 0792 RdpVideoMiniport - ok
00:09:34.0732 0792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:09:34.0735 0792 RDPWD - ok
00:09:34.0763 0792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:09:34.0766 0792 rdyboost - ok
00:09:34.0801 0792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:09:34.0804 0792 RemoteAccess - ok
00:09:34.0822 0792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:09:34.0826 0792 RemoteRegistry - ok
00:09:34.0855 0792 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:09:34.0856 0792 RimUsb - ok
00:09:34.0877 0792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:09:34.0880 0792 RpcEptMapper - ok
00:09:34.0902 0792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:09:34.0904 0792 RpcLocator - ok
00:09:34.0944 0792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:09:34.0948 0792 RpcSs - ok
00:09:34.0961 0792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:09:34.0963 0792 rspndr - ok
00:09:34.0989 0792 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:09:34.0990 0792 s3cap - ok
00:09:35.0001 0792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:09:35.0003 0792 SamSs - ok
00:09:35.0052 0792 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
00:09:35.0052 0792 SASDIFSV - ok
00:09:35.0058 0792 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
00:09:35.0059 0792 SASKUTIL - ok
00:09:35.0092 0792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:09:35.0095 0792 sbp2port - ok
00:09:35.0117 0792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:09:35.0124 0792 SCardSvr - ok
00:09:35.0153 0792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:09:35.0155 0792 scfilter - ok
00:09:35.0207 0792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:09:35.0242 0792 Schedule - ok
00:09:35.0274 0792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:09:35.0275 0792 SCPolicySvc - ok
00:09:35.0299 0792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:09:35.0305 0792 SDRSVC - ok
00:09:35.0322 0792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:09:35.0324 0792 secdrv - ok
00:09:35.0349 0792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:09:35.0354 0792 seclogon - ok
00:09:35.0382 0792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:09:35.0387 0792 SENS - ok
00:09:35.0398 0792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:09:35.0402 0792 SensrSvc - ok
00:09:35.0418 0792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:09:35.0419 0792 Serenum - ok
00:09:35.0434 0792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:09:35.0436 0792 Serial - ok
00:09:35.0451 0792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:09:35.0452 0792 sermouse - ok
00:09:35.0490 0792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:09:35.0494 0792 SessionEnv - ok
00:09:35.0519 0792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:09:35.0520 0792 sffdisk - ok
00:09:35.0525 0792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:09:35.0527 0792 sffp_mmc - ok
00:09:35.0534 0792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:09:35.0535 0792 sffp_sd - ok
00:09:35.0550 0792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:09:35.0551 0792 sfloppy - ok
00:09:35.0595 0792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:09:35.0600 0792 SharedAccess - ok
00:09:35.0640 0792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:09:35.0647 0792 ShellHWDetection - ok
00:09:35.0661 0792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:09:35.0663 0792 SiSRaid2 - ok
00:09:35.0673 0792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:09:35.0675 0792 SiSRaid4 - ok
00:09:35.0698 0792 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:09:35.0700 0792 SkypeUpdate - ok
00:09:35.0713 0792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:09:35.0715 0792 Smb - ok
00:09:35.0736 0792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:09:35.0740 0792 SNMPTRAP - ok
00:09:35.0750 0792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:09:35.0750 0792 spldr - ok
00:09:35.0785 0792 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:09:35.0802 0792 Spooler - ok
00:09:35.0892 0792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:09:35.0913 0792 sppsvc - ok
00:09:35.0940 0792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:09:35.0943 0792 sppuinotify - ok
00:09:35.0982 0792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:09:35.0988 0792 srv - ok
00:09:36.0023 0792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:09:36.0028 0792 srv2 - ok
00:09:36.0055 0792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:09:36.0057 0792 srvnet - ok
00:09:36.0068 0792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:09:36.0074 0792 SSDPSRV - ok
00:09:36.0084 0792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:09:36.0089 0792 SstpSvc - ok
00:09:36.0108 0792 Steam Client Service - ok
00:09:36.0146 0792 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:09:36.0149 0792 Stereo Service - ok
00:09:36.0164 0792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:09:36.0165 0792 stexstor - ok
00:09:36.0197 0792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:09:36.0209 0792 stisvc - ok
00:09:36.0225 0792 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:09:36.0226 0792 storflt - ok
00:09:36.0236 0792 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:09:36.0238 0792 storvsc - ok
00:09:36.0254 0792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:09:36.0256 0792 swenum - ok
00:09:36.0275 0792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:09:36.0288 0792 swprv - ok
00:09:36.0293 0792 Synth3dVsc - ok
00:09:36.0354 0792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:09:36.0397 0792 SysMain - ok
00:09:36.0427 0792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:09:36.0433 0792 TabletInputService - ok
00:09:36.0463 0792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:09:36.0471 0792 TapiSrv - ok
00:09:36.0490 0792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:09:36.0495 0792 TBS - ok
00:09:36.0555 0792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:09:36.0598 0792 Tcpip - ok
00:09:36.0639 0792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:09:36.0649 0792 TCPIP6 - ok
00:09:36.0679 0792 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:09:36.0680 0792 tcpipreg - ok
00:09:36.0702 0792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:09:36.0703 0792 TDPIPE - ok
00:09:36.0722 0792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:09:36.0723 0792 TDTCP - ok
00:09:36.0753 0792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:09:36.0755 0792 tdx - ok
00:09:36.0763 0792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:09:36.0765 0792 TermDD - ok
00:09:36.0806 0792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:09:36.0818 0792 TermService - ok
00:09:36.0838 0792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:09:36.0841 0792 Themes - ok
00:09:36.0862 0792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:09:36.0864 0792 THREADORDER - ok
00:09:36.0879 0792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:09:36.0883 0792 TrkWks - ok
00:09:36.0925 0792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:09:36.0926 0792 TrustedInstaller - ok
00:09:36.0952 0792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:09:36.0954 0792 tssecsrv - ok
00:09:36.0983 0792 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:09:36.0985 0792 TsUsbFlt - ok
00:09:36.0991 0792 tsusbhub - ok
00:09:37.0022 0792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:09:37.0025 0792 tunnel - ok
00:09:37.0039 0792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:09:37.0041 0792 uagp35 - ok
00:09:37.0074 0792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:09:37.0078 0792 udfs - ok
00:09:37.0103 0792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:09:37.0107 0792 UI0Detect - ok
00:09:37.0133 0792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:09:37.0135 0792 uliagpkx - ok
00:09:37.0164 0792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:09:37.0166 0792 umbus - ok
00:09:37.0180 0792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:09:37.0181 0792 UmPass - ok
00:09:37.0204 0792 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
00:09:37.0209 0792 UmRdpService - ok
00:09:37.0229 0792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:09:37.0236 0792 upnphost - ok
00:09:37.0269 0792 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:09:37.0271 0792 USBAAPL64 - ok
00:09:37.0295 0792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:09:37.0297 0792 usbccgp - ok
00:09:37.0318 0792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:09:37.0320 0792 usbcir - ok
00:09:37.0350 0792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:09:37.0352 0792 usbehci - ok
00:09:37.0372 0792 [ 68BAD03835873D4BBBDE95CBB135A395 ] UsbFltr C:\Windows\system32\Drivers\UsbFltr.sys
00:09:37.0374 0792 UsbFltr - ok
00:09:37.0393 0792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:09:37.0398 0792 usbhub - ok
00:09:37.0423 0792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:09:37.0424 0792 usbohci - ok
00:09:37.0443 0792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:09:37.0444 0792 usbprint - ok
00:09:37.0464 0792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:09:37.0466 0792 USBSTOR - ok
00:09:37.0487 0792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:09:37.0489 0792 usbuhci - ok
00:09:37.0508 0792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:09:37.0512 0792 UxSms - ok
00:09:37.0526 0792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:09:37.0528 0792 VaultSvc - ok
00:09:37.0555 0792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:09:37.0556 0792 vdrvroot - ok
00:09:37.0591 0792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:09:37.0605 0792 vds - ok
00:09:37.0615 0792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:09:37.0616 0792 vga - ok
00:09:37.0637 0792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:09:37.0638 0792 VgaSave - ok
00:09:37.0644 0792 VGPU - ok
00:09:37.0674 0792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:09:37.0678 0792 vhdmp - ok
00:09:37.0702 0792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:09:37.0703 0792 viaide - ok
00:09:37.0730 0792 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:09:37.0733 0792 vmbus - ok
00:09:37.0760 0792 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:09:37.0762 0792 VMBusHID - ok
00:09:37.0780 0792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:09:37.0781 0792 volmgr - ok
00:09:37.0824 0792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:09:37.0828 0792 volmgrx - ok
00:09:37.0852 0792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:09:37.0855 0792 volsnap - ok
00:09:37.0890 0792 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
00:09:37.0895 0792 Vsdatant - ok
00:09:37.0924 0792 vsmon - ok
00:09:37.0943 0792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:09:37.0946 0792 vsmraid - ok
00:09:37.0995 0792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:09:38.0009 0792 VSS - ok
00:09:38.0023 0792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:09:38.0024 0792 vwifibus - ok
00:09:38.0030 0792 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:09:38.0032 0792 vwififlt - ok
00:09:38.0045 0792 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:09:38.0046 0792 vwifimp - ok
00:09:38.0072 0792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:09:38.0084 0792 W32Time - ok
00:09:38.0094 0792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:09:38.0096 0792 WacomPen - ok
00:09:38.0107 0792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:09:38.0109 0792 WANARP - ok
00:09:38.0115 0792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:09:38.0116 0792 Wanarpv6 - ok
00:09:38.0169 0792 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:09:38.0194 0792 WatAdminSvc - ok
00:09:38.0241 0792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:09:38.0284 0792 wbengine - ok
00:09:38.0303 0792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:09:38.0310 0792 WbioSrvc - ok
00:09:38.0339 0792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:09:38.0345 0792 wcncsvc - ok
00:09:38.0363 0792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:09:38.0367 0792 WcsPlugInService - ok
00:09:38.0385 0792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:09:38.0387 0792 Wd - ok
00:09:38.0425 0792 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:09:38.0437 0792 Wdf01000 - ok
00:09:38.0444 0792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:09:38.0448 0792 WdiServiceHost - ok
00:09:38.0454 0792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:09:38.0458 0792 WdiSystemHost - ok
00:09:38.0483 0792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:09:38.0489 0792 WebClient - ok
00:09:38.0506 0792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:09:38.0512 0792 Wecsvc - ok
00:09:38.0530 0792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:09:38.0534 0792 wercplsupport - ok
00:09:38.0548 0792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:09:38.0552 0792 WerSvc - ok
00:09:38.0567 0792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:09:38.0568 0792 WfpLwf - ok
00:09:38.0575 0792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:09:38.0577 0792 WIMMount - ok
00:09:38.0588 0792 WinDefend - ok
00:09:38.0596 0792 WinHttpAutoProxySvc - ok
00:09:38.0643 0792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:09:38.0647 0792 Winmgmt - ok
00:09:38.0718 0792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:09:38.0769 0792 WinRM - ok
00:09:38.0810 0792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:09:38.0812 0792 WinUsb - ok
00:09:38.0842 0792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:09:38.0867 0792 Wlansvc - ok
00:09:38.0951 0792 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:09:38.0998 0792 wlidsvc - ok
00:09:39.0031 0792 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
00:09:39.0033 0792 WmBEnum - ok
00:09:39.0055 0792 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
00:09:39.0057 0792 WmFilter - ok
00:09:39.0078 0792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:09:39.0080 0792 WmiAcpi - ok
00:09:39.0099 0792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:09:39.0101 0792 wmiApSrv - ok
00:09:39.0111 0792 WMPNetworkSvc - ok
00:09:39.0126 0792 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
00:09:39.0127 0792 WmVirHid - ok
00:09:39.0141 0792 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
00:09:39.0144 0792 WmXlCore - ok
00:09:39.0160 0792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:09:39.0165 0792 WPCSvc - ok
00:09:39.0203 0792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:09:39.0207 0792 WPDBusEnum - ok
00:09:39.0233 0792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:09:39.0234 0792 ws2ifsl - ok
00:09:39.0253 0792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:09:39.0258 0792 wscsvc - ok
00:09:39.0271 0792 WSearch - ok
00:09:39.0349 0792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:09:39.0435 0792 wuauserv - ok
00:09:39.0467 0792 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:09:39.0470 0792 WudfPf - ok
00:09:39.0496 0792 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:09:39.0500 0792 WUDFRd - ok
00:09:39.0528 0792 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:09:39.0534 0792 wudfsvc - ok
00:09:39.0571 0792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:09:39.0579 0792 WwanSvc - ok
00:09:39.0606 0792 ================ Scan global ===============================
00:09:39.0649 0792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:09:39.0673 0792 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
00:09:39.0690 0792 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
00:09:39.0717 0792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:09:39.0740 0792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:09:39.0746 0792 [Global] - ok
00:09:39.0746 0792 ================ Scan MBR ==================================
00:09:39.0757 0792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:09:39.0942 0792 \Device\Harddisk0\DR0 - ok
00:09:39.0961 0792 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
00:09:39.0964 0792 \Device\Harddisk1\DR1 - ok
00:09:39.0969 0792 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
00:09:39.0975 0792 \Device\Harddisk2\DR2 - ok
00:09:39.0975 0792 ================ Scan VBR ==================================
00:09:39.0978 0792 [ 5703B0EF3FE9431BCAF6C7B70ABFCC5E ] \Device\Harddisk0\DR0\Partition1
00:09:39.0979 0792 \Device\Harddisk0\DR0\Partition1 - ok
00:09:39.0986 0792 [ FAA327494FA62385438C176275CF884F ] \Device\Harddisk1\DR1\Partition1
00:09:39.0988 0792 \Device\Harddisk1\DR1\Partition1 - ok
00:09:39.0991 0792 [ B700BDB26E37E8C7FCE40B3DC417875C ] \Device\Harddisk2\DR2\Partition1
00:09:39.0994 0792 \Device\Harddisk2\DR2\Partition1 - ok
00:09:39.0994 0792 ============================================================
00:09:39.0994 0792 Scan finished
00:09:39.0994 0792 ============================================================
00:09:40.0001 4936 Detected object count: 0
00:09:40.0001 4936 Actual detected object count: 0
00:10:31.0272 4364 Deinitialize success

#8 Burnfire

Burnfire
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 25 January 2013 - 03:24 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-25 00:15:40
-----------------------------
00:15:40.024 OS Version: Windows x64 6.1.7601 Service Pack 1
00:15:40.024 Number of processors: 2 586 0x170A
00:15:40.024 ComputerName: ZIDIGEN-PC UserName: Zidigen
00:15:41.018 Initialize success
00:15:42.013 AVAST engine defs: 13012401
00:16:03.508 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000074
00:16:03.510 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
00:16:03.513 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000075
00:16:03.515 Disk 1 Vendor: ST316082 8.03 Size: 152587MB BusType: 3
00:16:03.527 Disk 0 MBR read successfully
00:16:03.529 Disk 0 MBR scan
00:16:03.533 Disk 0 Windows 7 default MBR code
00:16:03.536 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 303195 MB offset 63
00:16:03.540 Disk 0 Partition - 00 05 Extended 2045 MB offset 620953598
00:16:03.603 Disk 0 scanning C:\Windows\system32\drivers
00:16:12.690 Service scanning
00:16:27.114 Modules scanning
00:16:27.121 Disk 0 trace - called modules:
00:16:27.146
00:16:27.641 AVAST engine scan C:\Windows
00:16:29.200 AVAST engine scan C:\Windows\system32
00:18:08.762 AVAST engine scan C:\Windows\system32\drivers
00:18:17.027 AVAST engine scan C:\Users\Zidigen
00:22:45.742 Disk 0 MBR has been saved successfully to "C:\Users\Zidigen\Downloads\MBR.dat"
00:22:45.747 The log file has been saved successfully to "C:\Users\Zidigen\Downloads\aswMBR.txt"

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:02 AM

Posted 25 January 2013 - 10:06 AM

OK,nothing there either. Go into Control Panel and remove this...Java 7 Update 9 (64-bit) (Version: 7.0.90)
Older versions are exploitable and need to go.

I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users