Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 BSOD


  • Please log in to reply
5 replies to this topic

#1 jarizzle151

jarizzle151

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:09 AM

Posted 21 January 2013 - 06:39 PM

Hello All,

I have been working on a Toshiba Satellite for the past few days now and I've read similar threads with the same stop messages but the computer only stays runs (without safe mode) for a good 5 minutes before I get the following BSOD message.

STOP: 0x7E (OxC0000005, 0x85676864, 0x80E4bb70, 0x80E4B750)

When the computer returns I receive this error message:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: c9
BCP1: 00000004
BCP2: 8B9898C0
BCP3: 00000000
BCP4: 00000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\012113-51168-01.dmp
C:\Users\cassie\AppData\Local\Temp\WER-110823-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

Any help at all would be appreciated: I have installed Malwarebytes, Combofix, and Memtest (which I let run overnight but has turned no errors). I did notice when I installed malwarebytes, something was being uploaded and was caught by MB. I couldnt get the IP address but the file related to it was svchost.exe.

Thanks for all of your help in advance

Riz

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 AM

Posted 22 January 2013 - 12:00 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jarizzle151

jarizzle151
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:09 AM

Posted 22 January 2013 - 12:10 AM

How many of these can you run in safe mode?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 AM

Posted 22 January 2013 - 12:12 AM

If you are unable to boot into normal mode,run all of them.Run them from safemode with networking.

#5 jarizzle151

jarizzle151
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:09 AM

Posted 22 January 2013 - 01:44 PM

TDSS REPORT

23:56:26.0582 0804 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:56:28.0586 0804 ============================================================
23:56:28.0586 0804 Current date / time: 2013/01/21 23:56:28.0586
23:56:28.0586 0804 SystemInfo:
23:56:28.0586 0804
23:56:28.0586 0804 OS Version: 6.1.7601 ServicePack: 1.0
23:56:28.0586 0804 Product type: Workstation
23:56:28.0586 0804 ComputerName: CASSIE-PC
23:56:28.0586 0804 UserName: cassie
23:56:28.0586 0804 Windows directory: C:\Windows
23:56:28.0586 0804 System windows directory: C:\Windows
23:56:28.0586 0804 Processor architecture: Intel x86
23:56:28.0586 0804 Number of processors: 2
23:56:28.0586 0804 Page size: 0x1000
23:56:28.0586 0804 Boot type: Safe boot with network
23:56:28.0586 0804 ============================================================
23:56:32.0076 0804 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:56:32.0096 0804 Drive \Device\Harddisk1\DR1 - Size: 0x76200000 (1.85 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:56:32.0106 0804 ============================================================
23:56:32.0106 0804 \Device\Harddisk0\DR0:
23:56:32.0116 0804 MBR partitions:
23:56:32.0116 0804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xDCA6000
23:56:32.0116 0804 \Device\Harddisk1\DR1:
23:56:32.0116 0804 MBR partitions:
23:56:32.0116 0804 ============================================================
23:56:32.0196 0804 C: <-> \Device\Harddisk0\DR0\Partition1
23:56:32.0196 0804 ============================================================
23:56:32.0196 0804 Initialize success
23:56:32.0196 0804 ============================================================
23:56:43.0936 1708 ============================================================
23:56:43.0936 1708 Scan started
23:56:43.0936 1708 Mode: Manual; TDLFS;
23:56:43.0936 1708 ============================================================
23:56:46.0366 1708 ================ Scan system memory ========================
23:56:46.0366 1708 System memory - ok
23:56:46.0366 1708 ================ Scan services =============================
23:56:46.0636 1708 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:56:46.0636 1708 1394ohci - ok
23:56:46.0676 1708 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:56:46.0686 1708 ACPI - ok
23:56:46.0706 1708 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:56:46.0716 1708 AcpiPmi - ok
23:56:46.0756 1708 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:56:46.0776 1708 adp94xx - ok
23:56:46.0846 1708 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:56:46.0856 1708 adpahci - ok
23:56:46.0906 1708 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:56:46.0906 1708 adpu320 - ok
23:56:46.0956 1708 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:56:46.0966 1708 AeLookupSvc - ok
23:56:47.0026 1708 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:56:47.0036 1708 AFD - ok
23:56:47.0116 1708 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:56:47.0136 1708 AgereSoftModem - ok
23:56:47.0166 1708 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:56:47.0166 1708 agp440 - ok
23:56:47.0216 1708 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:56:47.0216 1708 aic78xx - ok
23:56:47.0286 1708 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:56:47.0286 1708 ALG - ok
23:56:47.0336 1708 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:56:47.0346 1708 aliide - ok
23:56:47.0356 1708 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:56:47.0356 1708 amdagp - ok
23:56:47.0386 1708 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:56:47.0386 1708 amdide - ok
23:56:47.0406 1708 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:56:47.0416 1708 AmdK8 - ok
23:56:47.0456 1708 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:56:47.0456 1708 AmdPPM - ok
23:56:47.0556 1708 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:56:47.0556 1708 amdsata - ok
23:56:47.0616 1708 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:56:47.0626 1708 amdsbs - ok
23:56:47.0656 1708 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:56:47.0666 1708 amdxata - ok
23:56:47.0696 1708 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:56:47.0696 1708 AppID - ok
23:56:47.0756 1708 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:56:47.0756 1708 AppIDSvc - ok
23:56:47.0766 1708 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:56:47.0766 1708 Appinfo - ok
23:56:47.0826 1708 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
23:56:47.0826 1708 arc - ok
23:56:47.0886 1708 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:56:47.0886 1708 arcsas - ok
23:56:47.0916 1708 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:56:47.0936 1708 AsyncMac - ok
23:56:47.0956 1708 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:56:47.0956 1708 atapi - ok
23:56:48.0056 1708 [ AC4ADAC154563AB41CC79B0257BC685A ] athr C:\Windows\system32\DRIVERS\athr.sys
23:56:48.0086 1708 athr - ok
23:56:48.0146 1708 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:56:48.0156 1708 AudioEndpointBuilder - ok
23:56:48.0176 1708 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:56:48.0176 1708 Audiosrv - ok
23:56:48.0226 1708 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:56:48.0236 1708 AxInstSV - ok
23:56:48.0296 1708 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
23:56:48.0306 1708 b06bdrv - ok
23:56:48.0356 1708 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:56:48.0356 1708 b57nd60x - ok
23:56:48.0396 1708 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:56:48.0406 1708 BDESVC - ok
23:56:48.0436 1708 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:56:48.0446 1708 Beep - ok
23:56:48.0526 1708 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
23:56:48.0536 1708 BFE - ok
23:56:48.0596 1708 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
23:56:48.0616 1708 BITS - ok
23:56:48.0626 1708 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:56:48.0626 1708 blbdrive - ok
23:56:48.0686 1708 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:56:48.0686 1708 bowser - ok
23:56:48.0736 1708 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:56:48.0736 1708 BrFiltLo - ok
23:56:48.0786 1708 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:56:48.0796 1708 BrFiltUp - ok
23:56:48.0846 1708 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:56:48.0856 1708 BridgeMP - ok
23:56:48.0896 1708 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
23:56:48.0906 1708 Browser - ok
23:56:48.0926 1708 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:56:48.0936 1708 Brserid - ok
23:56:48.0966 1708 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:56:48.0966 1708 BrSerWdm - ok
23:56:48.0986 1708 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:56:48.0986 1708 BrUsbMdm - ok
23:56:49.0016 1708 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:56:49.0026 1708 BrUsbSer - ok
23:56:49.0046 1708 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:56:49.0066 1708 BTHMODEM - ok
23:56:49.0116 1708 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:56:49.0126 1708 bthserv - ok
23:56:49.0266 1708 catchme - ok
23:56:49.0306 1708 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:56:49.0306 1708 cdfs - ok
23:56:49.0406 1708 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:56:49.0406 1708 cdrom - ok
23:56:49.0496 1708 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:56:49.0506 1708 CertPropSvc - ok
23:56:49.0546 1708 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
23:56:49.0546 1708 circlass - ok
23:56:49.0606 1708 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:56:49.0616 1708 CLFS - ok
23:56:49.0726 1708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:49.0736 1708 clr_optimization_v2.0.50727_32 - ok
23:56:49.0866 1708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:49.0906 1708 clr_optimization_v4.0.30319_32 - ok
23:56:49.0956 1708 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:56:49.0966 1708 CmBatt - ok
23:56:49.0986 1708 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:56:49.0986 1708 cmdide - ok
23:56:50.0026 1708 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
23:56:50.0036 1708 CNG - ok
23:56:50.0106 1708 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:56:50.0106 1708 Compbatt - ok
23:56:50.0166 1708 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:56:50.0166 1708 CompositeBus - ok
23:56:50.0196 1708 COMSysApp - ok
23:56:50.0236 1708 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:56:50.0236 1708 crcdisk - ok
23:56:50.0326 1708 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:56:50.0336 1708 CryptSvc - ok
23:56:50.0396 1708 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:56:50.0406 1708 DcomLaunch - ok
23:56:50.0456 1708 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:56:50.0466 1708 defragsvc - ok
23:56:50.0506 1708 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:56:50.0506 1708 DfsC - ok
23:56:50.0586 1708 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:56:50.0586 1708 Dhcp - ok
23:56:50.0666 1708 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:56:50.0666 1708 discache - ok
23:56:50.0766 1708 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
23:56:50.0766 1708 Disk - ok
23:56:50.0846 1708 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:56:50.0856 1708 Dnscache - ok
23:56:50.0916 1708 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:56:50.0916 1708 dot3svc - ok
23:56:50.0956 1708 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:56:50.0956 1708 DPS - ok
23:56:50.0996 1708 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:56:50.0996 1708 drmkaud - ok
23:56:51.0066 1708 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:56:51.0086 1708 DXGKrnl - ok
23:56:51.0156 1708 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:56:51.0166 1708 EapHost - ok
23:56:51.0426 1708 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
23:56:51.0526 1708 ebdrv - ok
23:56:51.0586 1708 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:56:51.0586 1708 EFS - ok
23:56:51.0696 1708 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:56:51.0706 1708 ehRecvr - ok
23:56:51.0716 1708 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:56:51.0726 1708 ehSched - ok
23:56:51.0796 1708 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:56:51.0806 1708 elxstor - ok
23:56:51.0836 1708 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:56:51.0836 1708 ErrDev - ok
23:56:51.0906 1708 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:56:51.0916 1708 EventSystem - ok
23:56:51.0946 1708 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:56:51.0956 1708 exfat - ok
23:56:52.0016 1708 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:56:52.0016 1708 fastfat - ok
23:56:52.0116 1708 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:56:52.0126 1708 Fax - ok
23:56:52.0176 1708 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
23:56:52.0176 1708 fdc - ok
23:56:52.0226 1708 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:56:52.0236 1708 fdPHost - ok
23:56:52.0256 1708 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:56:52.0266 1708 FDResPub - ok
23:56:52.0286 1708 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:56:52.0296 1708 FileInfo - ok
23:56:52.0346 1708 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:56:52.0346 1708 Filetrace - ok
23:56:52.0396 1708 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:56:52.0396 1708 flpydisk - ok
23:56:52.0416 1708 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:56:52.0416 1708 FltMgr - ok
23:56:52.0516 1708 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:56:52.0536 1708 FontCache - ok
23:56:52.0626 1708 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:56:52.0626 1708 FontCache3.0.0.0 - ok
23:56:52.0666 1708 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:56:52.0666 1708 FsDepends - ok
23:56:52.0706 1708 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:56:52.0706 1708 Fs_Rec - ok
23:56:52.0786 1708 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:56:52.0786 1708 fvevol - ok
23:56:52.0836 1708 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:56:52.0836 1708 gagp30kx - ok
23:56:52.0906 1708 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:56:52.0916 1708 gpsvc - ok
23:56:52.0966 1708 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:56:52.0966 1708 hcw85cir - ok
23:56:53.0066 1708 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:56:53.0066 1708 HdAudAddService - ok
23:56:53.0126 1708 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:56:53.0136 1708 HDAudBus - ok
23:56:53.0186 1708 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:56:53.0186 1708 HidBatt - ok
23:56:53.0236 1708 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:56:53.0246 1708 HidBth - ok
23:56:53.0296 1708 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:56:53.0296 1708 HidIr - ok
23:56:53.0356 1708 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
23:56:53.0356 1708 hidserv - ok
23:56:53.0406 1708 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:56:53.0406 1708 HidUsb - ok
23:56:53.0456 1708 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:56:53.0456 1708 hkmsvc - ok
23:56:53.0516 1708 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:56:53.0526 1708 HomeGroupListener - ok
23:56:53.0626 1708 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:56:53.0626 1708 HomeGroupProvider - ok
23:56:53.0676 1708 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:56:53.0676 1708 HpSAMD - ok
23:56:53.0796 1708 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:56:53.0806 1708 HTTP - ok
23:56:53.0846 1708 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:56:53.0846 1708 hwpolicy - ok
23:56:53.0896 1708 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:56:53.0896 1708 i8042prt - ok
23:56:53.0966 1708 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:56:53.0976 1708 iaStorV - ok
23:56:54.0106 1708 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:56:54.0126 1708 idsvc - ok
23:56:54.0356 1708 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:56:54.0486 1708 igfx - ok
23:56:54.0556 1708 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:56:54.0576 1708 iirsp - ok
23:56:54.0656 1708 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:56:54.0676 1708 IKEEXT - ok
23:56:54.0716 1708 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:56:54.0716 1708 intelide - ok
23:56:54.0756 1708 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:56:54.0756 1708 intelppm - ok
23:56:54.0806 1708 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:56:54.0816 1708 IPBusEnum - ok
23:56:54.0836 1708 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:56:54.0836 1708 IpFilterDriver - ok
23:56:54.0896 1708 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:56:54.0906 1708 iphlpsvc - ok
23:56:54.0916 1708 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:56:54.0926 1708 IPMIDRV - ok
23:56:54.0966 1708 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:56:54.0966 1708 IPNAT - ok
23:56:55.0016 1708 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:56:55.0026 1708 IRENUM - ok
23:56:55.0076 1708 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:56:55.0076 1708 isapnp - ok
23:56:55.0136 1708 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:56:55.0136 1708 iScsiPrt - ok
23:56:55.0166 1708 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:56:55.0176 1708 kbdclass - ok
23:56:55.0216 1708 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:56:55.0216 1708 kbdhid - ok
23:56:55.0236 1708 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:56:55.0236 1708 KeyIso - ok
23:56:55.0256 1708 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:56:55.0256 1708 KSecDD - ok
23:56:55.0306 1708 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:56:55.0306 1708 KSecPkg - ok
23:56:55.0356 1708 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:56:55.0366 1708 KtmRm - ok
23:56:55.0436 1708 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
23:56:55.0446 1708 LanmanServer - ok
23:56:55.0496 1708 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:56:55.0506 1708 LanmanWorkstation - ok
23:56:55.0606 1708 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:56:55.0606 1708 lltdio - ok
23:56:55.0666 1708 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:56:55.0676 1708 lltdsvc - ok
23:56:55.0706 1708 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:56:55.0706 1708 lmhosts - ok
23:56:55.0766 1708 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:56:55.0766 1708 LSI_FC - ok
23:56:55.0836 1708 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:56:55.0836 1708 LSI_SAS - ok
23:56:55.0876 1708 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:56:55.0886 1708 LSI_SAS2 - ok
23:56:55.0906 1708 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:56:55.0906 1708 LSI_SCSI - ok
23:56:55.0946 1708 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:56:55.0946 1708 luafv - ok
23:56:56.0016 1708 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
23:56:56.0026 1708 LVRS - ok
23:56:56.0096 1708 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:56:56.0096 1708 MBAMProtector - ok
23:56:56.0236 1708 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:56:56.0246 1708 MBAMScheduler - ok
23:56:56.0296 1708 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:56:56.0326 1708 MBAMService - ok
23:56:56.0426 1708 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
23:56:56.0426 1708 MBAMSwissArmy - ok
23:56:56.0476 1708 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:56:56.0486 1708 Mcx2Svc - ok
23:56:56.0536 1708 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
23:56:56.0536 1708 megasas - ok
23:56:56.0626 1708 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:56:56.0676 1708 MegaSR - ok
23:56:56.0726 1708 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:56:56.0726 1708 MMCSS - ok
23:56:56.0756 1708 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:56:56.0766 1708 Modem - ok
23:56:56.0806 1708 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:56:56.0806 1708 monitor - ok
23:56:56.0856 1708 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:56:56.0856 1708 mouclass - ok
23:56:56.0886 1708 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
23:56:56.0896 1708 mouhid - ok
23:56:56.0916 1708 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:56:56.0916 1708 mountmgr - ok
23:56:56.0966 1708 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:56:56.0976 1708 mpio - ok
23:56:56.0996 1708 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:56:56.0996 1708 mpsdrv - ok
23:56:57.0086 1708 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:56:57.0096 1708 MpsSvc - ok
23:56:57.0146 1708 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:56:57.0146 1708 MRxDAV - ok
23:56:57.0206 1708 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:56:57.0206 1708 mrxsmb - ok
23:56:57.0236 1708 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:56:57.0246 1708 mrxsmb10 - ok
23:56:57.0276 1708 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:56:57.0286 1708 mrxsmb20 - ok
23:56:57.0306 1708 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:56:57.0306 1708 msahci - ok
23:56:57.0336 1708 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:56:57.0336 1708 msdsm - ok
23:56:57.0366 1708 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:56:57.0406 1708 MSDTC - ok
23:56:57.0476 1708 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:56:57.0476 1708 Msfs - ok
23:56:57.0526 1708 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:56:57.0526 1708 mshidkmdf - ok
23:56:57.0546 1708 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:56:57.0546 1708 msisadrv - ok
23:56:57.0596 1708 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:56:57.0596 1708 MSiSCSI - ok
23:56:57.0616 1708 msiserver - ok
23:56:57.0666 1708 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:56:57.0666 1708 MSKSSRV - ok
23:56:57.0726 1708 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:56:57.0726 1708 MSPCLOCK - ok
23:56:57.0776 1708 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:56:57.0776 1708 MSPQM - ok
23:56:57.0836 1708 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:56:57.0836 1708 MsRPC - ok
23:56:57.0866 1708 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:56:57.0866 1708 mssmbios - ok
23:56:57.0946 1708 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:56:57.0956 1708 MSTEE - ok
23:56:57.0966 1708 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:56:57.0966 1708 MTConfig - ok
23:56:58.0016 1708 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:56:58.0016 1708 Mup - ok
23:56:58.0076 1708 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:56:58.0096 1708 napagent - ok
23:56:58.0166 1708 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:56:58.0176 1708 NativeWifiP - ok
23:56:58.0236 1708 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:56:58.0256 1708 NDIS - ok
23:56:58.0306 1708 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:56:58.0326 1708 NdisCap - ok
23:56:58.0366 1708 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:56:58.0366 1708 NdisTapi - ok
23:56:58.0406 1708 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:56:58.0416 1708 Ndisuio - ok
23:56:58.0456 1708 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:56:58.0456 1708 NdisWan - ok
23:56:58.0506 1708 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:56:58.0506 1708 NDProxy - ok
23:56:58.0556 1708 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:56:58.0556 1708 NetBIOS - ok
23:56:58.0616 1708 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:56:58.0616 1708 NetBT - ok
23:56:58.0656 1708 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:56:58.0656 1708 Netlogon - ok
23:56:58.0736 1708 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:56:58.0756 1708 Netman - ok
23:56:58.0826 1708 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:56:58.0836 1708 netprofm - ok
23:56:58.0916 1708 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:56:58.0926 1708 NetTcpPortSharing - ok
23:56:58.0976 1708 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:56:58.0976 1708 nfrd960 - ok
23:56:59.0016 1708 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:56:59.0026 1708 NlaSvc - ok
23:56:59.0046 1708 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:56:59.0046 1708 Npfs - ok
23:56:59.0096 1708 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:56:59.0096 1708 nsi - ok
23:56:59.0136 1708 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:56:59.0136 1708 nsiproxy - ok
23:56:59.0267 1708 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:56:59.0287 1708 Ntfs - ok
23:56:59.0347 1708 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:56:59.0347 1708 Null - ok
23:56:59.0417 1708 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:56:59.0417 1708 nvraid - ok
23:56:59.0467 1708 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:56:59.0467 1708 nvstor - ok
23:56:59.0517 1708 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:56:59.0527 1708 nv_agp - ok
23:56:59.0587 1708 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:56:59.0597 1708 ohci1394 - ok
23:56:59.0657 1708 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:56:59.0667 1708 p2pimsvc - ok
23:56:59.0757 1708 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:56:59.0767 1708 p2psvc - ok
23:56:59.0837 1708 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
23:56:59.0837 1708 Parport - ok
23:56:59.0927 1708 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:56:59.0937 1708 partmgr - ok
23:56:59.0947 1708 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:56:59.0977 1708 Parvdm - ok
23:57:00.0017 1708 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:57:00.0027 1708 PcaSvc - ok
23:57:00.0067 1708 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:57:00.0067 1708 pci - ok
23:57:00.0107 1708 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:57:00.0107 1708 pciide - ok
23:57:00.0167 1708 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:57:00.0177 1708 pcmcia - ok
23:57:00.0227 1708 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:57:00.0227 1708 pcw - ok
23:57:00.0327 1708 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:57:00.0337 1708 PEAUTH - ok
23:57:00.0447 1708 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:57:00.0487 1708 pla - ok
23:57:00.0547 1708 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:57:00.0567 1708 PlugPlay - ok
23:57:00.0607 1708 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:57:00.0917 1708 PNRPAutoReg - ok
23:57:00.0947 1708 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:57:00.0947 1708 PNRPsvc - ok
23:57:01.0007 1708 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:57:01.0027 1708 PolicyAgent - ok
23:57:01.0087 1708 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:57:01.0087 1708 Power - ok
23:57:01.0167 1708 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:57:01.0167 1708 PptpMiniport - ok
23:57:01.0197 1708 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
23:57:01.0217 1708 Processor - ok
23:57:01.0267 1708 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
23:57:01.0277 1708 ProfSvc - ok
23:57:01.0287 1708 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:57:01.0287 1708 ProtectedStorage - ok
23:57:01.0317 1708 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:57:01.0317 1708 Psched - ok
23:57:01.0427 1708 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:57:01.0457 1708 ql2300 - ok
23:57:01.0527 1708 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:57:01.0527 1708 ql40xx - ok
23:57:01.0597 1708 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:57:01.0607 1708 QWAVE - ok
23:57:01.0647 1708 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:57:01.0647 1708 QWAVEdrv - ok
23:57:01.0697 1708 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:57:01.0707 1708 RasAcd - ok
23:57:01.0747 1708 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:57:01.0757 1708 RasAgileVpn - ok
23:57:01.0797 1708 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:57:01.0797 1708 RasAuto - ok
23:57:01.0847 1708 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:57:01.0847 1708 Rasl2tp - ok
23:57:01.0967 1708 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:57:01.0977 1708 RasMan - ok
23:57:02.0037 1708 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:57:02.0037 1708 RasPppoe - ok
23:57:02.0087 1708 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:57:02.0087 1708 RasSstp - ok
23:57:02.0107 1708 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:57:02.0127 1708 rdbss - ok
23:57:02.0147 1708 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:57:02.0147 1708 rdpbus - ok
23:57:02.0197 1708 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:57:02.0197 1708 RDPCDD - ok
23:57:02.0257 1708 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:57:02.0257 1708 RDPENCDD - ok
23:57:02.0267 1708 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:57:02.0277 1708 RDPREFMP - ok
23:57:02.0337 1708 [ 244C83332F44589AE98FC347F11B2693 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:57:02.0347 1708 RDPWD - ok
23:57:02.0447 1708 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:57:02.0447 1708 rdyboost - ok
23:57:02.0497 1708 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:57:02.0507 1708 RemoteAccess - ok
23:57:02.0547 1708 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:57:02.0567 1708 RemoteRegistry - ok
23:57:02.0587 1708 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:57:02.0587 1708 RpcEptMapper - ok
23:57:02.0597 1708 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:57:02.0607 1708 RpcLocator - ok
23:57:02.0647 1708 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:57:02.0647 1708 RpcSs - ok
23:57:02.0697 1708 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:57:02.0697 1708 rspndr - ok
23:57:02.0767 1708 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
23:57:02.0767 1708 RTL8167 - ok
23:57:02.0797 1708 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:57:02.0817 1708 SamSs - ok
23:57:02.0857 1708 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:57:02.0857 1708 sbp2port - ok
23:57:02.0937 1708 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:57:02.0937 1708 SCardSvr - ok
23:57:02.0947 1708 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:57:02.0947 1708 scfilter - ok
23:57:03.0007 1708 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:57:03.0017 1708 Schedule - ok
23:57:03.0047 1708 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:57:03.0057 1708 SCPolicySvc - ok
23:57:03.0107 1708 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:57:03.0127 1708 sdbus - ok
23:57:03.0187 1708 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:57:03.0187 1708 SDRSVC - ok
23:57:03.0227 1708 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:57:03.0237 1708 secdrv - ok
23:57:03.0257 1708 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:57:03.0257 1708 seclogon - ok
23:57:03.0287 1708 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
23:57:03.0297 1708 SENS - ok
23:57:03.0357 1708 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:57:03.0377 1708 SensrSvc - ok
23:57:03.0447 1708 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:57:03.0447 1708 Serenum - ok
23:57:03.0487 1708 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
23:57:03.0487 1708 Serial - ok
23:57:03.0537 1708 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:57:03.0547 1708 sermouse - ok
23:57:03.0627 1708 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:57:03.0637 1708 SessionEnv - ok
23:57:03.0677 1708 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:57:03.0687 1708 sffdisk - ok
23:57:03.0727 1708 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:57:03.0727 1708 sffp_mmc - ok
23:57:03.0757 1708 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:57:03.0757 1708 sffp_sd - ok
23:57:03.0777 1708 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:57:03.0777 1708 sfloppy - ok
23:57:03.0847 1708 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:57:03.0857 1708 SharedAccess - ok
23:57:03.0967 1708 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:57:03.0977 1708 ShellHWDetection - ok
23:57:04.0007 1708 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:57:04.0017 1708 sisagp - ok
23:57:04.0077 1708 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:57:04.0077 1708 SiSRaid2 - ok
23:57:04.0127 1708 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:57:04.0137 1708 SiSRaid4 - ok
23:57:04.0247 1708 [ 8C5477EB1C03CA76CD8EB66A610A9E90 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:57:04.0247 1708 SkypeUpdate - ok
23:57:04.0297 1708 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:57:04.0317 1708 Smb - ok
23:57:04.0387 1708 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:57:04.0387 1708 SNMPTRAP - ok
23:57:04.0437 1708 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:57:04.0437 1708 spldr - ok
23:57:04.0497 1708 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
23:57:04.0507 1708 Spooler - ok
23:57:04.0887 1708 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:57:04.0997 1708 sppsvc - ok
23:57:05.0027 1708 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:57:05.0037 1708 sppuinotify - ok
23:57:05.0157 1708 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:57:05.0157 1708 srv - ok
23:57:05.0217 1708 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:57:05.0227 1708 srv2 - ok
23:57:05.0267 1708 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:57:05.0277 1708 srvnet - ok
23:57:05.0327 1708 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:57:05.0337 1708 SSDPSRV - ok
23:57:05.0357 1708 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:57:05.0377 1708 SstpSvc - ok
23:57:05.0417 1708 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:57:05.0437 1708 stexstor - ok
23:57:05.0507 1708 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:57:05.0517 1708 StiSvc - ok
23:57:05.0547 1708 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:57:05.0547 1708 swenum - ok
23:57:05.0607 1708 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:57:05.0627 1708 swprv - ok
23:57:05.0767 1708 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:57:05.0787 1708 SysMain - ok
23:57:05.0817 1708 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:57:05.0817 1708 TabletInputService - ok
23:57:05.0877 1708 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:57:05.0877 1708 TapiSrv - ok
23:57:05.0927 1708 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:57:05.0927 1708 TBS - ok
23:57:06.0097 1708 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:57:06.0117 1708 Tcpip - ok
23:57:06.0217 1708 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:57:06.0227 1708 TCPIP6 - ok
23:57:06.0307 1708 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:57:06.0307 1708 tcpipreg - ok
23:57:06.0357 1708 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:57:06.0357 1708 TDPIPE - ok
23:57:06.0397 1708 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:57:06.0397 1708 TDTCP - ok
23:57:06.0427 1708 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:57:06.0437 1708 tdx - ok
23:57:06.0457 1708 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:57:06.0457 1708 TermDD - ok
23:57:06.0547 1708 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:57:06.0567 1708 TermService - ok
23:57:06.0607 1708 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:57:06.0607 1708 Themes - ok
23:57:06.0667 1708 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:57:06.0667 1708 THREADORDER - ok
23:57:06.0757 1708 [ F779BA4CD37963AB4600C9871B7752A3 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
23:57:06.0757 1708 tifm21 - ok
23:57:06.0807 1708 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:57:06.0807 1708 TrkWks - ok
23:57:06.0887 1708 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:57:06.0897 1708 TrustedInstaller - ok
23:57:06.0977 1708 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:57:06.0977 1708 tssecsrv - ok
23:57:07.0027 1708 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:57:07.0057 1708 TsUsbFlt - ok
23:57:07.0067 1708 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:57:07.0077 1708 TsUsbGD - ok
23:57:07.0127 1708 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:57:07.0137 1708 tunnel - ok
23:57:07.0237 1708 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
23:57:07.0247 1708 TVALZ - ok
23:57:07.0267 1708 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:57:07.0267 1708 uagp35 - ok
23:57:07.0347 1708 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:57:07.0357 1708 udfs - ok
23:57:07.0437 1708 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:57:07.0447 1708 UI0Detect - ok
23:57:07.0487 1708 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:57:07.0487 1708 uliagpkx - ok
23:57:07.0537 1708 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:57:07.0537 1708 umbus - ok
23:57:07.0587 1708 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
23:57:07.0597 1708 UmPass - ok
23:57:07.0617 1708 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:57:07.0627 1708 upnphost - ok
23:57:07.0687 1708 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:57:07.0737 1708 usbaudio - ok
23:57:07.0787 1708 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:57:07.0787 1708 usbccgp - ok
23:57:07.0857 1708 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:57:07.0867 1708 usbcir - ok
23:57:07.0907 1708 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:57:07.0917 1708 usbehci - ok
23:57:07.0977 1708 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:57:07.0987 1708 usbhub - ok
23:57:08.0007 1708 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:57:08.0017 1708 usbohci - ok
23:57:08.0037 1708 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:57:08.0047 1708 usbprint - ok
23:57:08.0107 1708 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:57:08.0127 1708 USBSTOR - ok
23:57:08.0167 1708 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:57:08.0167 1708 usbuhci - ok
23:57:08.0217 1708 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:57:08.0217 1708 usbvideo - ok
23:57:08.0287 1708 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:57:08.0297 1708 UxSms - ok
23:57:08.0317 1708 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:57:08.0317 1708 VaultSvc - ok
23:57:08.0377 1708 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:57:08.0377 1708 vdrvroot - ok
23:57:08.0447 1708 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:57:08.0467 1708 vds - ok
23:57:08.0507 1708 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:57:08.0517 1708 vga - ok
23:57:08.0557 1708 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:57:08.0567 1708 VgaSave - ok
23:57:08.0587 1708 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:57:08.0587 1708 vhdmp - ok
23:57:08.0627 1708 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:57:08.0627 1708 viaagp - ok
23:57:08.0687 1708 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:57:08.0707 1708 ViaC7 - ok
23:57:08.0727 1708 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:57:08.0727 1708 viaide - ok
23:57:08.0767 1708 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:57:08.0777 1708 volmgr - ok
23:57:08.0807 1708 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:57:08.0807 1708 volmgrx - ok
23:57:08.0867 1708 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:57:08.0877 1708 volsnap - ok
23:57:08.0927 1708 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:57:08.0927 1708 vsmraid - ok
23:57:09.0047 1708 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:57:09.0067 1708 VSS - ok
23:57:09.0107 1708 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:57:09.0117 1708 vwifibus - ok
23:57:09.0207 1708 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:57:09.0207 1708 vwififlt - ok
23:57:09.0247 1708 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:57:09.0257 1708 W32Time - ok
23:57:09.0307 1708 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:57:09.0317 1708 WacomPen - ok
23:57:09.0327 1708 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:57:09.0337 1708 WANARP - ok
23:57:09.0367 1708 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:57:09.0367 1708 Wanarpv6 - ok
23:57:09.0577 1708 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:57:09.0617 1708 WatAdminSvc - ok
23:57:09.0727 1708 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:57:09.0757 1708 wbengine - ok
23:57:09.0777 1708 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:57:09.0777 1708 WbioSrvc - ok
23:57:09.0827 1708 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:57:09.0837 1708 wcncsvc - ok
23:57:09.0897 1708 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:57:09.0907 1708 WcsPlugInService - ok
23:57:09.0987 1708 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
23:57:09.0997 1708 Wd - ok
23:57:10.0097 1708 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:57:10.0107 1708 Wdf01000 - ok
23:57:10.0137 1708 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:57:10.0137 1708 WdiServiceHost - ok
23:57:10.0147 1708 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:57:10.0157 1708 WdiSystemHost - ok
23:57:10.0187 1708 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:57:10.0187 1708 WebClient - ok
23:57:10.0267 1708 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:57:10.0267 1708 Wecsvc - ok
23:57:10.0297 1708 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:57:10.0307 1708 wercplsupport - ok
23:57:10.0357 1708 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:57:10.0387 1708 WerSvc - ok
23:57:10.0427 1708 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:57:10.0437 1708 WfpLwf - ok
23:57:10.0457 1708 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:57:10.0457 1708 WIMMount - ok
23:57:10.0577 1708 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:57:10.0587 1708 WinDefend - ok
23:57:10.0597 1708 WinHttpAutoProxySvc - ok
23:57:10.0747 1708 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:57:10.0747 1708 Winmgmt - ok
23:57:10.0837 1708 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:57:10.0867 1708 WinRM - ok
23:57:10.0937 1708 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:57:10.0937 1708 WinUSB - ok
23:57:11.0007 1708 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:57:11.0027 1708 Wlansvc - ok
23:57:11.0077 1708 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:57:11.0107 1708 WmiAcpi - ok
23:57:11.0167 1708 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:57:11.0167 1708 wmiApSrv - ok
23:57:11.0297 1708 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:57:11.0317 1708 WMPNetworkSvc - ok
23:57:11.0357 1708 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:57:11.0377 1708 WPCSvc - ok
23:57:11.0417 1708 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:57:11.0427 1708 WPDBusEnum - ok
23:57:11.0487 1708 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:57:11.0487 1708 ws2ifsl - ok
23:57:11.0527 1708 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
23:57:11.0537 1708 wscsvc - ok
23:57:11.0557 1708 WSearch - ok
23:57:11.0737 1708 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
23:57:11.0807 1708 wuauserv - ok
23:57:11.0847 1708 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:57:11.0857 1708 WudfPf - ok
23:57:11.0947 1708 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:57:11.0947 1708 WUDFRd - ok
23:57:12.0007 1708 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:57:12.0007 1708 wudfsvc - ok
23:57:12.0057 1708 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:57:12.0067 1708 WwanSvc - ok
23:57:12.0097 1708 ================ Scan global ===============================
23:57:12.0137 1708 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:57:12.0177 1708 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:57:12.0197 1708 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:57:12.0237 1708 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:57:12.0307 1708 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:57:12.0317 1708 [Global] - ok
23:57:12.0317 1708 ================ Scan MBR ==================================
23:57:12.0327 1708 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:57:12.0327 1708 Suspicious mbr (Forged): \Device\Harddisk0\DR0
23:57:12.0397 1708 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
23:57:12.0397 1708 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
23:57:12.0467 1708 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:57:12.0467 1708 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:57:12.0487 1708 [ 4D917F6B41B9B6029C37AE3B50A1AD49 ] \Device\Harddisk1\DR1
23:57:37.0667 1708 \Device\Harddisk1\DR1 - ok
23:57:37.0677 1708 ================ Scan VBR ==================================
23:57:37.0717 1708 [ 7B9AF35EE155FADA3DAF68A12A1AAFA6 ] \Device\Harddisk0\DR0\Partition1
23:57:37.0717 1708 \Device\Harddisk0\DR0\Partition1 - ok
23:57:37.0717 1708 ============================================================
23:57:37.0717 1708 Scan finished
23:57:37.0717 1708 ============================================================
23:57:37.0757 1676 Detected object count: 2
23:57:37.0757 1676 Actual detected object count: 2
23:57:45.0597 1676 \Device\Harddisk0\DR0\# - copied to quarantine
23:57:45.0607 1676 \Device\Harddisk0\DR0 - copied to quarantine
23:57:45.0637 1676 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
23:57:45.0667 1676 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:57:45.0677 1676 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:57:45.0677 1676 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
23:57:45.0687 1676 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
23:57:45.0697 1676 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:57:45.0707 1676 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:57:45.0707 1676 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
23:57:45.0707 1676 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
23:57:45.0707 1676 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:57:45.0717 1676 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:57:45.0717 1676 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:57:45.0717 1676 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
23:57:45.0717 1676 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
23:57:45.0727 1676 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
23:57:45.0777 1676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
23:57:45.0807 1676 \Device\Harddisk0\DR0 - ok
23:57:50.0647 1676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
23:57:50.0647 1676 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:57:50.0647 1676 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:57:58.0067 0828 Deinitialize success

ASW

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-22 00:32:47
-----------------------------
00:32:47.222 OS Version: Windows 6.1.7601 Service Pack 1
00:32:47.222 Number of processors: 2 586 0xE0C
00:32:47.222 ComputerName: CASSIE-PC UserName: cassie
00:32:58.844 Initialize success
00:33:23.835 AVAST engine defs: 13012101
00:33:36.393 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:33:36.424 Disk 0 Vendor: Hitachi_HTS541612J9SA00 SBDOC7DP Size: 114473MB BusType: 3
00:33:36.456 Disk 0 MBR read successfully
00:33:36.471 Disk 0 MBR scan
00:33:36.705 Disk 0 Windows 7 default MBR code
00:33:36.752 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
00:33:36.814 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 112972 MB offset 3074048
00:33:36.861 Disk 0 scanning sectors +234440704
00:33:37.282 Disk 0 scanning C:\Windows\system32\drivers
00:34:34.207 Service scanning
00:36:32.689 Modules scanning
00:38:07.366 Disk 0 trace - called modules:
00:38:07.490 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys
00:38:07.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x850235a0]
00:38:07.974 3 CLASSPNP.SYS[87e5659e] -> nt!IofCallDriver -> [0x84f61918]
00:38:07.990 5 ACPI.sys[876673d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84b79030]
00:38:14.760 AVAST engine scan C:\Windows
00:38:36.023 AVAST engine scan C:\Windows\system32
00:56:06.966 AVAST engine scan C:\Windows\system32\drivers
00:57:10.348 AVAST engine scan C:\Users\cassie
01:26:55.883 AVAST engine scan C:\ProgramData
01:27:48.502 Scan finished successfully
01:32:05.305 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
01:32:05.336 The log file has been saved successfully to "E:\aswMBR.txt"

ESET

C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.12.57\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.21.00\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.01.2013_23.56.28\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

That's everything. I left it on overnight and haven't gotten a BSOD yet. Anyway to tell for sure?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 AM

Posted 26 January 2013 - 11:28 AM

Run TDSSkiller and make sure to delete TDSSfile system

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users