Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with IRP Hook \Atapi


  • Please log in to reply
13 replies to this topic

#1 eric12401

eric12401

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 06:09 PM

Windows Vista Home Premium. Dell Inspiron 530. Computer usually gets the "blue screen of death" and reboots, programs stop working, unable to do much without it crashing. Virus scanners pick it up but are unable to get rid of it. Help!



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 07 February 2013 - 06:11 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



#3 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 06:29 PM

TDSSKiller
18:21:45.0972 1848  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:21:46.0376 1848  ============================================================
18:21:46.0376 1848  Current date / time: 2013/02/07 18:21:46.0376
18:21:46.0376 1848  SystemInfo:
18:21:46.0376 1848  
18:21:46.0376 1848  OS Version: 6.0.6001 ServicePack: 1.0
18:21:46.0376 1848  Product type: Workstation
18:21:46.0376 1848  ComputerName: NELSON-PC
18:21:46.0376 1848  UserName: nelson
18:21:46.0376 1848  Windows directory: C:\Windows
18:21:46.0376 1848  System windows directory: C:\Windows
18:21:46.0376 1848  Running under WOW64
18:21:46.0376 1848  Processor architecture: Intel x64
18:21:46.0376 1848  Number of processors: 2
18:21:46.0376 1848  Page size: 0x1000
18:21:46.0376 1848  Boot type: Safe boot with network
18:21:46.0376 1848  ============================================================
18:21:47.0229 1848  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:21:47.0268 1848  ============================================================
18:21:47.0268 1848  \Device\Harddisk0\DR0:
18:21:47.0268 1848  MBR partitions:
18:21:47.0268 1848  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:21:47.0268 1848  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
18:21:47.0268 1848  ============================================================
18:21:47.0331 1848  C: <-> \Device\Harddisk0\DR0\Partition2
18:21:47.0355 1848  D: <-> \Device\Harddisk0\DR0\Partition1
18:21:47.0355 1848  ============================================================
18:21:47.0355 1848  Initialize success
18:21:47.0355 1848  ============================================================
18:22:05.0049 1928  ============================================================
18:22:05.0049 1928  Scan started
18:22:05.0049 1928  Mode: Manual; TDLFS; 
18:22:05.0049 1928  ============================================================
18:22:05.0985 1928  ================ Scan system memory ========================
18:22:05.0985 1928  System memory - ok
18:22:05.0985 1928  ================ Scan services =============================
18:22:06.0344 1928  [ 8C99ED256A889D647935A97C543B7B85 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:22:06.0344 1928  ACPI - ok
18:22:06.0391 1928  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:22:06.0391 1928  adp94xx - ok
18:22:06.0406 1928  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:22:06.0406 1928  adpahci - ok
18:22:06.0406 1928  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:22:06.0406 1928  adpu160m - ok
18:22:06.0422 1928  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:22:06.0422 1928  adpu320 - ok
18:22:06.0438 1928  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:22:06.0453 1928  AeLookupSvc - ok
18:22:06.0484 1928  [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD             C:\Windows\system32\drivers\afd.sys
18:22:06.0484 1928  AFD - ok
18:22:06.0500 1928  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:22:06.0500 1928  agp440 - ok
18:22:06.0516 1928  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:22:06.0516 1928  aic78xx - ok
18:22:06.0531 1928  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
18:22:06.0547 1928  ALG - ok
18:22:06.0547 1928  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:22:06.0547 1928  aliide - ok
18:22:06.0562 1928  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
18:22:06.0562 1928  amdide - ok
18:22:06.0562 1928  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:22:06.0562 1928  AmdK8 - ok
18:22:06.0562 1928  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
18:22:06.0562 1928  Appinfo - ok
18:22:06.0578 1928  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
18:22:06.0578 1928  arc - ok
18:22:06.0578 1928  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:22:06.0578 1928  arcsas - ok
18:22:06.0594 1928  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:22:06.0594 1928  AsyncMac - ok
18:22:06.0609 1928  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys
18:22:06.0609 1928  atapi - ok
18:22:06.0625 1928  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:22:06.0625 1928  AudioEndpointBuilder - ok
18:22:06.0640 1928  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:22:06.0640 1928  AudioSrv - ok
18:22:06.0906 1928  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:22:07.0015 1928  AVGIDSAgent - ok
18:22:07.0046 1928  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:22:07.0046 1928  AVGIDSDriver - ok
18:22:07.0062 1928  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
18:22:07.0062 1928  AVGIDSHA - ok
18:22:07.0093 1928  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
18:22:07.0093 1928  Avgldx64 - ok
18:22:07.0124 1928  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
18:22:07.0124 1928  Avgloga - ok
18:22:07.0140 1928  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
18:22:07.0140 1928  Avgmfx64 - ok
18:22:07.0140 1928  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
18:22:07.0140 1928  Avgrkx64 - ok
18:22:07.0171 1928  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
18:22:07.0171 1928  Avgtdia - ok
18:22:07.0202 1928  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:22:07.0202 1928  avgwd - ok
18:22:07.0264 1928  [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE             C:\Windows\System32\bfe.dll
18:22:07.0264 1928  BFE - ok
18:22:07.0327 1928  [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS            C:\Windows\System32\qmgr.dll
18:22:07.0436 1928  BITS - ok
18:22:07.0483 1928  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:22:07.0483 1928  blbdrive - ok
18:22:07.0514 1928  [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:22:07.0514 1928  bowser - ok
18:22:07.0561 1928  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:22:07.0561 1928  BrFiltLo - ok
18:22:07.0561 1928  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:22:07.0561 1928  BrFiltUp - ok
18:22:07.0592 1928  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
18:22:07.0592 1928  Browser - ok
18:22:07.0592 1928  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:22:07.0592 1928  Brserid - ok
18:22:07.0608 1928  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:22:07.0608 1928  BrSerWdm - ok
18:22:07.0608 1928  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:22:07.0608 1928  BrUsbMdm - ok
18:22:07.0608 1928  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:22:07.0608 1928  BrUsbSer - ok
18:22:07.0623 1928  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:22:07.0623 1928  BTHMODEM - ok
18:22:07.0623 1928  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:22:07.0623 1928  cdfs - ok
18:22:07.0639 1928  [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:22:07.0639 1928  cdrom - ok
18:22:07.0670 1928  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:22:07.0670 1928  CertPropSvc - ok
18:22:07.0670 1928  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:22:07.0670 1928  circlass - ok
18:22:07.0686 1928  [ CAEDA2572B7042B11062F327F099251D ] CLFS            C:\Windows\system32\CLFS.sys
18:22:07.0701 1928  CLFS - ok
18:22:07.0842 1928  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:22:07.0857 1928  clr_optimization_v2.0.50727_32 - ok
18:22:07.0951 1928  [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:22:07.0951 1928  clr_optimization_v2.0.50727_64 - ok
18:22:07.0982 1928  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:22:07.0982 1928  cmdide - ok
18:22:07.0998 1928  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:22:07.0998 1928  Compbatt - ok
18:22:07.0998 1928  COMSysApp - ok
18:22:07.0998 1928  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:22:07.0998 1928  crcdisk - ok
18:22:08.0029 1928  [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:22:08.0029 1928  CryptSvc - ok
18:22:08.0091 1928  [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:22:08.0091 1928  DcomLaunch - ok
18:22:08.0122 1928  [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:22:08.0122 1928  DfsC - ok
18:22:08.0200 1928  [ 1781F99840979EE7B126C9073C377FD0 ] DFSR            C:\Windows\system32\DFSR.exe
18:22:08.0263 1928  DFSR - ok
18:22:08.0294 1928  [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:22:08.0310 1928  Dhcp - ok
18:22:08.0310 1928  [ 2DC415FC05FB8A079F896CBBACB19324 ] disk            C:\Windows\system32\drivers\disk.sys
18:22:08.0310 1928  disk - ok
18:22:08.0341 1928  [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:22:08.0341 1928  Dnscache - ok
18:22:08.0372 1928  [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:22:08.0372 1928  dot3svc - ok
18:22:08.0388 1928  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
18:22:08.0388 1928  DPS - ok
18:22:08.0419 1928  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:22:08.0419 1928  drmkaud - ok
18:22:08.0466 1928  [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:22:08.0466 1928  DXGKrnl - ok
18:22:08.0512 1928  [ 17D40652EF3E55EEAE187A89DF40965A ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
18:22:08.0512 1928  e1express - ok
18:22:08.0528 1928  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
18:22:08.0528 1928  E1G60 - ok
18:22:08.0544 1928  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
18:22:08.0544 1928  EapHost - ok
18:22:08.0559 1928  [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:22:08.0559 1928  Ecache - ok
18:22:08.0622 1928  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:22:08.0622 1928  ehRecvr - ok
18:22:08.0637 1928  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
18:22:08.0637 1928  ehSched - ok
18:22:08.0653 1928  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
18:22:08.0653 1928  ehstart - ok
18:22:08.0668 1928  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:22:08.0684 1928  elxstor - ok
18:22:08.0700 1928  [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:22:08.0700 1928  EMDMgmt - ok
18:22:08.0715 1928  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:22:08.0715 1928  ErrDev - ok
18:22:08.0746 1928  [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem     C:\Windows\system32\es.dll
18:22:08.0746 1928  EventSystem - ok
18:22:08.0762 1928  [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:22:08.0762 1928  exfat - ok
18:22:08.0762 1928  [ FE731D345ED9EEABBC72A59B35941834 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:22:08.0762 1928  fastfat - ok
18:22:08.0778 1928  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:22:08.0778 1928  fdc - ok
18:22:08.0793 1928  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
18:22:08.0793 1928  fdPHost - ok
18:22:08.0809 1928  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
18:22:08.0809 1928  FDResPub - ok
18:22:08.0809 1928  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:22:08.0809 1928  FileInfo - ok
18:22:08.0824 1928  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:22:08.0824 1928  Filetrace - ok
18:22:08.0824 1928  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:22:08.0824 1928  flpydisk - ok
18:22:08.0856 1928  [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:22:08.0856 1928  FltMgr - ok
18:22:08.0887 1928  [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:22:08.0887 1928  FontCache3.0.0.0 - ok
18:22:08.0902 1928  [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:22:08.0902 1928  Fs_Rec - ok
18:22:08.0902 1928  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:22:08.0902 1928  gagp30kx - ok
18:22:08.0934 1928  [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc           C:\Windows\System32\gpsvc.dll
18:22:08.0934 1928  gpsvc - ok
18:22:08.0980 1928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:08.0996 1928  gupdate - ok
18:22:08.0996 1928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:08.0996 1928  gupdatem - ok
18:22:09.0027 1928  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:22:09.0027 1928  HdAudAddService - ok
18:22:09.0027 1928  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:22:09.0027 1928  HDAudBus - ok
18:22:09.0043 1928  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:22:09.0043 1928  HidBth - ok
18:22:09.0043 1928  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:22:09.0043 1928  HidIr - ok
18:22:09.0058 1928  [ 0AA154538544E988429DA2D5AA803A6C ] hidserv         C:\Windows\system32\hidserv.dll
18:22:09.0058 1928  hidserv - ok
18:22:09.0074 1928  [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:22:09.0074 1928  HidUsb - ok
18:22:09.0090 1928  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:22:09.0105 1928  hkmsvc - ok
18:22:09.0105 1928  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:22:09.0105 1928  HpCISSs - ok
18:22:09.0128 1928  [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:22:09.0131 1928  HTTP - ok
18:22:09.0136 1928  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:22:09.0137 1928  i2omp - ok
18:22:09.0160 1928  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:22:09.0160 1928  i8042prt - ok
18:22:09.0169 1928  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:22:09.0170 1928  iaStorV - ok
18:22:09.0228 1928  [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:22:09.0238 1928  idsvc - ok
18:22:09.0388 1928  [ DF87170EC724080676C18D5A0AF87FC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:22:09.0425 1928  igfx - ok
18:22:09.0430 1928  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:22:09.0430 1928  iirsp - ok
18:22:09.0452 1928  [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:22:09.0457 1928  IKEEXT - ok
18:22:09.0462 1928  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
18:22:09.0462 1928  intelide - ok
18:22:09.0466 1928  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:22:09.0466 1928  intelppm - ok
18:22:09.0480 1928  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:22:09.0483 1928  IPBusEnum - ok
18:22:09.0488 1928  [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:22:09.0488 1928  IpFilterDriver - ok
18:22:09.0515 1928  [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:22:09.0518 1928  iphlpsvc - ok
18:22:09.0521 1928  IpInIp - ok
18:22:09.0525 1928  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:22:09.0526 1928  IPMIDRV - ok
18:22:09.0530 1928  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:22:09.0531 1928  IPNAT - ok
18:22:09.0534 1928  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:22:09.0535 1928  IRENUM - ok
18:22:09.0558 1928  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:22:09.0559 1928  isapnp - ok
18:22:09.0577 1928  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:22:09.0578 1928  iScsiPrt - ok
18:22:09.0594 1928  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:22:09.0596 1928  iteatapi - ok
18:22:09.0603 1928  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:22:09.0614 1928  iteraid - ok
18:22:09.0618 1928  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:22:09.0619 1928  kbdclass - ok
18:22:09.0622 1928  [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:22:09.0622 1928  kbdhid - ok
18:22:09.0637 1928  [ 80F4593E92FF960E4763380D3168E498 ] KeyIso          C:\Windows\system32\lsass.exe
18:22:09.0639 1928  KeyIso - ok
18:22:09.0656 1928  [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:22:09.0658 1928  KSecDD - ok
18:22:09.0669 1928  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:22:09.0670 1928  ksthunk - ok
18:22:09.0696 1928  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:22:09.0702 1928  KtmRm - ok
18:22:09.0726 1928  [ 6F212EDD7AAE8BD905C9E8824A34F8AE ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:22:09.0729 1928  LanmanServer - ok
18:22:09.0754 1928  [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:22:09.0764 1928  LanmanWorkstation - ok
18:22:09.0769 1928  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:22:09.0770 1928  lltdio - ok
18:22:09.0800 1928  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:22:09.0805 1928  lltdsvc - ok
18:22:09.0808 1928  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:22:09.0809 1928  lmhosts - ok
18:22:09.0815 1928  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:22:09.0816 1928  LSI_FC - ok
18:22:09.0827 1928  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:22:09.0828 1928  LSI_SAS - ok
18:22:09.0838 1928  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:22:09.0839 1928  LSI_SCSI - ok
18:22:09.0844 1928  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:22:09.0845 1928  luafv - ok
18:22:09.0858 1928  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:22:09.0861 1928  Mcx2Svc - ok
18:22:09.0872 1928  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
18:22:09.0873 1928  megasas - ok
18:22:09.0889 1928  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:22:09.0891 1928  MegaSR - ok
18:22:09.0902 1928  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
18:22:09.0904 1928  MMCSS - ok
18:22:09.0908 1928  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
18:22:09.0908 1928  Modem - ok
18:22:09.0912 1928  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:22:09.0913 1928  monitor - ok
18:22:09.0916 1928  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:22:09.0917 1928  mouclass - ok
18:22:09.0920 1928  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:22:09.0920 1928  mouhid - ok
18:22:09.0925 1928  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:22:09.0925 1928  MountMgr - ok
18:22:09.0947 1928  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:22:09.0948 1928  mpio - ok
18:22:09.0952 1928  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:22:09.0953 1928  mpsdrv - ok
18:22:09.0977 1928  [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:22:09.0984 1928  MpsSvc - ok
18:22:09.0988 1928  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:22:09.0989 1928  Mraid35x - ok
18:22:09.0994 1928  [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:22:09.0994 1928  MRxDAV - ok
18:22:10.0024 1928  [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:22:10.0025 1928  mrxsmb - ok
18:22:10.0039 1928  [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:22:10.0040 1928  mrxsmb10 - ok
18:22:10.0052 1928  [ F9425D610712533107A264E2D5B2154B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:22:10.0053 1928  mrxsmb20 - ok
18:22:10.0057 1928  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
18:22:10.0057 1928  msahci - ok
18:22:10.0068 1928  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:22:10.0069 1928  msdsm - ok
18:22:10.0082 1928  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
18:22:10.0086 1928  MSDTC - ok
18:22:10.0091 1928  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:22:10.0091 1928  Msfs - ok
18:22:10.0098 1928  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:22:10.0099 1928  msisadrv - ok
18:22:10.0112 1928  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:22:10.0115 1928  MSiSCSI - ok
18:22:10.0118 1928  msiserver - ok
18:22:10.0152 1928  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:22:10.0152 1928  MSKSSRV - ok
18:22:10.0152 1928  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:22:10.0152 1928  MSPCLOCK - ok
18:22:10.0152 1928  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:22:10.0152 1928  MSPQM - ok
18:22:10.0168 1928  [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:22:10.0168 1928  MsRPC - ok
18:22:10.0184 1928  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:22:10.0184 1928  mssmbios - ok
18:22:10.0184 1928  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:22:10.0184 1928  MSTEE - ok
18:22:10.0184 1928  [ DDF133501F68D6988A0F55DFA88637B4 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:22:10.0184 1928  Mup - ok
18:22:10.0215 1928  [ C25022CDD18980846973B598900915F8 ] napagent        C:\Windows\system32\qagentRT.dll
18:22:10.0215 1928  napagent - ok
18:22:10.0262 1928  [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:22:10.0277 1928  NativeWifiP - ok
18:22:10.0308 1928  [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:22:10.0308 1928  NDIS - ok
18:22:10.0308 1928  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:22:10.0308 1928  NdisTapi - ok
18:22:10.0324 1928  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:22:10.0324 1928  Ndisuio - ok
18:22:10.0324 1928  [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:22:10.0324 1928  NdisWan - ok
18:22:10.0324 1928  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:22:10.0324 1928  NDProxy - ok
18:22:10.0340 1928  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:22:10.0340 1928  NetBIOS - ok
18:22:10.0340 1928  [ 7A29CA243A629230799754162D80120F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:22:10.0340 1928  netbt - ok
18:22:10.0355 1928  [ 80F4593E92FF960E4763380D3168E498 ] Netlogon        C:\Windows\system32\lsass.exe
18:22:10.0355 1928  Netlogon - ok
18:22:10.0386 1928  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
18:22:10.0386 1928  Netman - ok
18:22:10.0402 1928  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
18:22:10.0418 1928  netprofm - ok
18:22:10.0449 1928  [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:22:10.0449 1928  NetTcpPortSharing - ok
18:22:10.0449 1928  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:22:10.0449 1928  nfrd960 - ok
18:22:10.0480 1928  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:22:10.0480 1928  NlaSvc - ok
18:22:10.0496 1928  [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:22:10.0496 1928  Npfs - ok
18:22:10.0542 1928  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
18:22:10.0542 1928  nsi - ok
18:22:10.0558 1928  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:22:10.0558 1928  nsiproxy - ok
18:22:10.0589 1928  [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:22:10.0589 1928  Ntfs - ok
18:22:10.0605 1928  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
18:22:10.0605 1928  Null - ok
18:22:10.0620 1928  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:22:10.0620 1928  nvraid - ok
18:22:10.0636 1928  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:22:10.0636 1928  nvstor - ok
18:22:10.0652 1928  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:22:10.0652 1928  nv_agp - ok
18:22:10.0652 1928  NwlnkFlt - ok
18:22:10.0667 1928  NwlnkFwd - ok
18:22:10.0698 1928  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:22:10.0698 1928  ohci1394 - ok
18:22:10.0730 1928  [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:22:10.0730 1928  p2pimsvc - ok
18:22:10.0745 1928  [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc          C:\Windows\system32\p2psvc.dll
18:22:10.0761 1928  p2psvc - ok
18:22:10.0761 1928  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
18:22:10.0776 1928  Parport - ok
18:22:10.0776 1928  [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:22:10.0792 1928  partmgr - ok
18:22:10.0792 1928  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:22:10.0792 1928  PcaSvc - ok
18:22:10.0823 1928  [ 2A5B2A51559066EA84742909B5B2CD69 ] pci             C:\Windows\system32\drivers\pci.sys
18:22:10.0823 1928  pci - ok
18:22:10.0839 1928  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:22:10.0839 1928  pciide - ok
18:22:10.0854 1928  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:22:10.0854 1928  pcmcia - ok
18:22:10.0886 1928  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:22:10.0886 1928  PEAUTH - ok
18:22:11.0088 1928  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:22:11.0120 1928  PerfHost - ok
18:22:11.0166 1928  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
18:22:11.0182 1928  pla - ok
18:22:11.0213 1928  [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:22:11.0213 1928  PlugPlay - ok
18:22:11.0244 1928  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:22:11.0244 1928  PNRPAutoReg - ok
18:22:11.0260 1928  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:22:11.0260 1928  PNRPsvc - ok
18:22:11.0291 1928  [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:22:11.0291 1928  PolicyAgent - ok
18:22:11.0322 1928  [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:22:11.0322 1928  PptpMiniport - ok
18:22:11.0338 1928  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
18:22:11.0338 1928  Processor - ok
18:22:11.0385 1928  [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:22:11.0432 1928  ProfSvc - ok
18:22:11.0447 1928  [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:22:11.0447 1928  ProtectedStorage - ok
18:22:11.0478 1928  [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:22:11.0478 1928  PSched - ok
18:22:11.0572 1928  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:22:11.0588 1928  ql2300 - ok
18:22:11.0634 1928  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:22:11.0634 1928  ql40xx - ok
18:22:11.0697 1928  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
18:22:11.0712 1928  QWAVE - ok
18:22:11.0712 1928  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:22:11.0712 1928  QWAVEdrv - ok
18:22:11.0712 1928  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:22:11.0712 1928  RasAcd - ok
18:22:11.0728 1928  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
18:22:11.0728 1928  RasAuto - ok
18:22:11.0744 1928  [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:22:11.0744 1928  Rasl2tp - ok
18:22:11.0744 1928  [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan          C:\Windows\System32\rasmans.dll
18:22:11.0759 1928  RasMan - ok
18:22:11.0759 1928  [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:22:11.0759 1928  RasPppoe - ok
18:22:11.0775 1928  [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:22:11.0775 1928  RasSstp - ok
18:22:11.0790 1928  [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:22:11.0790 1928  rdbss - ok
18:22:11.0790 1928  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:22:11.0790 1928  RDPCDD - ok
18:22:11.0806 1928  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:22:11.0806 1928  rdpdr - ok
18:22:11.0806 1928  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:22:11.0806 1928  RDPENCDD - ok
18:22:11.0822 1928  [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:22:11.0822 1928  RDPWD - ok
18:22:11.0837 1928  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:22:11.0837 1928  RemoteAccess - ok
18:22:11.0853 1928  [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:22:11.0868 1928  RemoteRegistry - ok
18:22:11.0884 1928  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
18:22:11.0884 1928  RpcLocator - ok
18:22:11.0915 1928  [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs           C:\Windows\system32\rpcss.dll
18:22:11.0915 1928  RpcSs - ok
18:22:11.0946 1928  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:22:11.0946 1928  rspndr - ok
18:22:11.0962 1928  [ 80F4593E92FF960E4763380D3168E498 ] SamSs           C:\Windows\system32\lsass.exe
18:22:11.0962 1928  SamSs - ok
18:22:11.0978 1928  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:22:11.0978 1928  sbp2port - ok
18:22:12.0009 1928  [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:22:12.0009 1928  SCardSvr - ok
18:22:12.0040 1928  [ CE75D26E0A1106129F4D156851E298ED ] Schedule        C:\Windows\system32\schedsvc.dll
18:22:12.0056 1928  Schedule - ok
18:22:12.0071 1928  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:22:12.0071 1928  SCPolicySvc - ok
18:22:12.0087 1928  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:22:12.0087 1928  SDRSVC - ok
18:22:12.0087 1928  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:22:12.0087 1928  secdrv - ok
18:22:12.0102 1928  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
18:22:12.0102 1928  seclogon - ok
18:22:12.0118 1928  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
18:22:12.0118 1928  SENS - ok
18:22:12.0118 1928  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:22:12.0118 1928  Serenum - ok
18:22:12.0134 1928  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
18:22:12.0134 1928  Serial - ok
18:22:12.0134 1928  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:22:12.0134 1928  sermouse - ok
18:22:12.0165 1928  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:22:12.0165 1928  SessionEnv - ok
18:22:12.0165 1928  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:22:12.0165 1928  sffdisk - ok
18:22:12.0165 1928  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:22:12.0165 1928  sffp_mmc - ok
18:22:12.0165 1928  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:22:12.0165 1928  sffp_sd - ok
18:22:12.0180 1928  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:22:12.0180 1928  sfloppy - ok
18:22:12.0212 1928  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:22:12.0212 1928  SharedAccess - ok
18:22:12.0243 1928  [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:22:12.0243 1928  ShellHWDetection - ok
18:22:12.0258 1928  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:22:12.0258 1928  SiSRaid2 - ok
18:22:12.0258 1928  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:22:12.0258 1928  SiSRaid4 - ok
18:22:12.0305 1928  [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc           C:\Windows\system32\SLsvc.exe
18:22:12.0352 1928  slsvc - ok
18:22:12.0352 1928  [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:22:12.0352 1928  SLUINotify - ok
18:22:12.0352 1928  [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:22:12.0352 1928  Smb - ok
18:22:12.0368 1928  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:22:12.0368 1928  SNMPTRAP - ok
18:22:12.0368 1928  [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:22:12.0368 1928  spldr - ok
18:22:12.0399 1928  [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler         C:\Windows\System32\spoolsv.exe
18:22:12.0399 1928  Spooler - ok
18:22:12.0446 1928  [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:22:12.0446 1928  srv - ok
18:22:12.0477 1928  [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:22:12.0477 1928  srv2 - ok
18:22:12.0492 1928  [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:22:12.0492 1928  srvnet - ok
18:22:12.0524 1928  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:22:12.0524 1928  SSDPSRV - ok
18:22:12.0555 1928  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:22:12.0555 1928  SstpSvc - ok
18:22:12.0570 1928  [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc          C:\Windows\System32\wiaservc.dll
18:22:12.0586 1928  stisvc - ok
18:22:12.0602 1928  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:22:12.0602 1928  swenum - ok
18:22:12.0602 1928  [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv           C:\Windows\System32\swprv.dll
18:22:12.0617 1928  swprv - ok
18:22:12.0617 1928  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:22:12.0617 1928  Symc8xx - ok
18:22:12.0617 1928  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:22:12.0617 1928  Sym_hi - ok
18:22:12.0633 1928  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:22:12.0633 1928  Sym_u3 - ok
18:22:12.0695 1928  [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain         C:\Windows\system32\sysmain.dll
18:22:12.0711 1928  SysMain - ok
18:22:12.0726 1928  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:22:12.0726 1928  TabletInputService - ok
18:22:12.0742 1928  [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:22:12.0758 1928  TapiSrv - ok
18:22:12.0758 1928  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
18:22:12.0758 1928  TBS - ok
18:22:12.0820 1928  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:22:12.0820 1928  Tcpip - ok
18:22:12.0851 1928  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:22:12.0851 1928  Tcpip6 - ok
18:22:12.0882 1928  [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:22:12.0882 1928  tcpipreg - ok
18:22:12.0882 1928  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:22:12.0882 1928  TDPIPE - ok
18:22:12.0898 1928  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:22:12.0898 1928  TDTCP - ok
18:22:12.0898 1928  [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:22:12.0898 1928  tdx - ok
18:22:12.0898 1928  [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:22:12.0898 1928  TermDD - ok
18:22:12.0914 1928  [ F870A5589D6A94B426EFB13689023946 ] TermService     C:\Windows\System32\termsrv.dll
18:22:12.0929 1928  TermService - ok
18:22:12.0929 1928  [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes          C:\Windows\system32\shsvcs.dll
18:22:12.0929 1928  Themes - ok
18:22:12.0945 1928  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:22:12.0945 1928  THREADORDER - ok
18:22:12.0976 1928  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
18:22:12.0976 1928  TrkWks - ok
18:22:13.0023 1928  [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:22:13.0023 1928  TrustedInstaller - ok
18:22:13.0023 1928  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:13.0023 1928  tssecsrv - ok
18:22:13.0038 1928  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:22:13.0038 1928  tunmp - ok
18:22:13.0070 1928  [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:22:13.0070 1928  tunnel - ok
18:22:13.0070 1928  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:22:13.0070 1928  uagp35 - ok
18:22:13.0085 1928  [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:22:13.0085 1928  udfs - ok
18:22:13.0101 1928  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:22:13.0101 1928  UI0Detect - ok
18:22:13.0101 1928  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:22:13.0101 1928  uliagpkx - ok
18:22:13.0116 1928  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:22:13.0116 1928  uliahci - ok
18:22:13.0116 1928  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:22:13.0132 1928  UlSata - ok
18:22:13.0132 1928  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:22:13.0132 1928  ulsata2 - ok
18:22:13.0148 1928  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:22:13.0148 1928  umbus - ok
18:22:13.0163 1928  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
18:22:13.0179 1928  upnphost - ok
18:22:13.0210 1928  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:13.0210 1928  usbccgp - ok
18:22:13.0210 1928  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:22:13.0210 1928  usbcir - ok
18:22:13.0226 1928  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:22:13.0226 1928  usbehci - ok
18:22:13.0241 1928  [ 99045369AE3216216573D0775FD7ED56 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:22:13.0241 1928  usbhub - ok
18:22:13.0241 1928  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:22:13.0241 1928  usbohci - ok
18:22:13.0241 1928  [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:22:13.0241 1928  usbprint - ok
18:22:13.0257 1928  [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:13.0257 1928  USBSTOR - ok
18:22:13.0272 1928  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:22:13.0272 1928  usbuhci - ok
18:22:13.0288 1928  [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms           C:\Windows\System32\uxsms.dll
18:22:13.0288 1928  UxSms - ok
18:22:13.0304 1928  [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds             C:\Windows\System32\vds.exe
18:22:13.0304 1928  vds - ok
18:22:13.0335 1928  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:13.0335 1928  vga - ok
18:22:13.0335 1928  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:22:13.0335 1928  VgaSave - ok
18:22:13.0335 1928  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
18:22:13.0335 1928  viaide - ok
18:22:13.0350 1928  [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:22:13.0350 1928  volmgr - ok
18:22:13.0366 1928  [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:22:13.0366 1928  volmgrx - ok
18:22:13.0366 1928  [ DE4307412D98050239026E56A7DFF3C0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:22:13.0382 1928  volsnap - ok
18:22:13.0382 1928  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:22:13.0382 1928  vsmraid - ok
18:22:13.0413 1928  [ 186BD53F8A408AD20F5A056C05678629 ] VSS             C:\Windows\system32\vssvc.exe
18:22:13.0444 1928  VSS - ok
18:22:13.0491 1928  [ 23DE6F86133361C8DD5410E08A32BB3E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
18:22:13.0491 1928  VST64HWBS2 - ok
18:22:13.0522 1928  [ E6CD7F641916484B0141D191A390D866 ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:22:13.0538 1928  VST64_DPV - ok
18:22:13.0538 1928  [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time         C:\Windows\system32\w32time.dll
18:22:13.0553 1928  W32Time - ok
18:22:13.0553 1928  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:22:13.0553 1928  WacomPen - ok
18:22:13.0553 1928  [ AEA75207E443C8623C36B8D03596F84F ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:22:13.0553 1928  Wanarp - ok
18:22:13.0553 1928  [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:22:13.0569 1928  Wanarpv6 - ok
18:22:13.0600 1928  [ 055449247C490E24B968B44FE8A969EB ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:22:13.0616 1928  wcncsvc - ok
18:22:13.0616 1928  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:22:13.0616 1928  WcsPlugInService - ok
18:22:13.0631 1928  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
18:22:13.0631 1928  Wd - ok
18:22:13.0647 1928  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:22:13.0647 1928  Wdf01000 - ok
18:22:13.0662 1928  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:22:13.0662 1928  WdiServiceHost - ok
18:22:13.0678 1928  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:22:13.0678 1928  WdiSystemHost - ok
18:22:13.0678 1928  [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient       C:\Windows\System32\webclnt.dll
18:22:13.0709 1928  WebClient - ok
18:22:13.0725 1928  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:22:13.0740 1928  Wecsvc - ok
18:22:13.0756 1928  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:22:13.0756 1928  wercplsupport - ok
18:22:13.0787 1928  [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:22:13.0787 1928  WerSvc - ok
18:22:13.0834 1928  [ B5C348B265178FB9EE55ADDB3929485D ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:22:13.0834 1928  winachsf - ok
18:22:13.0850 1928  WinDefend - ok
18:22:13.0850 1928  WinHttpAutoProxySvc - ok
18:22:13.0974 1928  [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:22:13.0974 1928  Winmgmt - ok
18:22:14.0021 1928  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:22:14.0052 1928  WinRM - ok
18:22:14.0084 1928  [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:22:14.0099 1928  Wlansvc - ok
18:22:14.0115 1928  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:22:14.0115 1928  WmiAcpi - ok
18:22:14.0130 1928  [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:22:14.0146 1928  wmiApSrv - ok
18:22:14.0162 1928  WMPNetworkSvc - ok
18:22:14.0193 1928  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:22:14.0193 1928  WPCSvc - ok
18:22:14.0193 1928  [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:22:14.0193 1928  WPDBusEnum - ok
18:22:14.0208 1928  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:22:14.0208 1928  ws2ifsl - ok
18:22:14.0224 1928  [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:22:14.0224 1928  wscsvc - ok
18:22:14.0224 1928  WSearch - ok
18:22:14.0271 1928  [ 69F2BC7B46E3E15C8EC688F42A65B57F ] wuauserv        C:\Windows\system32\wuaueng.dll
18:22:14.0302 1928  wuauserv - ok
18:22:14.0318 1928  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:14.0318 1928  WUDFRd - ok
18:22:14.0333 1928  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:22:14.0333 1928  wudfsvc - ok
18:22:14.0349 1928  ================ Scan global ===============================
18:22:14.0364 1928  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:22:14.0411 1928  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
18:22:14.0427 1928  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
18:22:14.0458 1928  [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
18:22:14.0474 1928  [Global] - ok
18:22:14.0474 1928  ================ Scan MBR ==================================
18:22:14.0474 1928  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:22:14.0474 1928  Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:22:14.0536 1928  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:22:14.0536 1928  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:22:14.0661 1928  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:22:14.0661 1928  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:22:14.0661 1928  ================ Scan VBR ==================================
18:22:14.0692 1928  [ 01B46A372568B8B8D1AC0C4B2D92B382 ] \Device\Harddisk0\DR0\Partition1
18:22:14.0692 1928  \Device\Harddisk0\DR0\Partition1 - ok
18:22:14.0692 1928  [ BDD661804011D7E09D285C9B01231CB8 ] \Device\Harddisk0\DR0\Partition2
18:22:14.0692 1928  \Device\Harddisk0\DR0\Partition2 - ok
18:22:14.0692 1928  ============================================================
18:22:14.0692 1928  Scan finished
18:22:14.0692 1928  ============================================================
18:22:14.0723 1896  Detected object count: 2
18:22:14.0723 1896  Actual detected object count: 2
18:23:02.0255 1896  \Device\Harddisk0\DR0\# - copied to quarantine
18:23:02.0256 1896  \Device\Harddisk0\DR0 - copied to quarantine
18:23:02.0410 1896  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:23:02.0412 1896  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:23:02.0437 1896  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:23:02.0452 1896  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:23:02.0453 1896  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:23:02.0453 1896  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:23:02.0455 1896  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:23:02.0458 1896  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:23:02.0461 1896  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:23:02.0461 1896  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:23:02.0463 1896  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:23:02.0463 1896  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:23:02.0484 1896  \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:23:02.0509 1896  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:23:02.0512 1896  \Device\Harddisk0\DR0 - ok
18:23:09.0581 1896  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 
18:23:09.0581 1896  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:23:09.0581 1896  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
18:23:27.0291 1588  Deinitialize success


#4 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 06:32 PM

aswMBR

 

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-07 18:27:10
-----------------------------
18:27:10.971    OS Version: Windows x64 6.0.6001 Service Pack 1
18:27:10.971    Number of processors: 2 586 0x170A
18:27:10.971    ComputerName: NELSON-PC  UserName: nelson
18:27:13.167    Initialize success
18:28:03.270    AVAST engine defs: 13020701
18:28:15.675    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:28:15.675    Disk 0 Vendor: ST3750630AS DE13 Size: 715404MB BusType: 3
18:28:15.675    Device \Driver\atapi -> MajorFunction fffffa800514e5e8
18:28:15.675    Disk 0 MBR read successfully
18:28:15.675    Disk 0 MBR scan
18:28:15.690    Disk 0 Windows VISTA default MBR code
18:28:15.690    Disk 0 MBR hidden
18:28:15.690    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
18:28:15.706    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        15000 MB offset 81920
18:28:15.721    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       700363 MB offset 30801920
18:28:15.768    Disk 0 scanning C:\Windows\system32\drivers
18:28:20.439    Service scanning
18:28:35.440    Modules scanning
18:28:35.440    Disk 0 trace - called modules:
18:28:35.440    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa8003974240]<<04784069.sys >>UNKNOWN [0xfffffa800514e5e8]<<hal.dll 
18:28:35.456    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a90060]
18:28:35.456    3 CLASSPNP.SYS[fffffa6000fceb3a] -> nt!IofCallDriver -> [0xfffffa8003dc63d0]
18:28:35.456    5 acpi.sys[fffffa60008f6ff6] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003dcf940]
18:28:35.456    \Driver\atapi[0xfffffa8003d92060] -> IRP_MJ_CREATE -> 0xfffffa800514e5e8
18:28:37.203    AVAST engine scan C:\Windows
18:28:38.903    AVAST engine scan C:\Windows\system32
18:30:21.443    AVAST engine scan C:\Windows\system32\drivers
18:30:32.519    AVAST engine scan C:\Users\nelson
18:31:21.677    AVAST engine scan C:\ProgramData
18:31:44.828    Scan finished successfully
18:31:51.957    Disk 0 MBR has been saved successfully to "C:\Users\nelson\Desktop\MBR.dat"
18:31:51.973    The log file has been saved successfully to "C:\Users\nelson\Desktop\aswMBR.txt"


#5 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 07:03 PM

C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0000.dta    Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0001.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0002.dta    a variant of Win32/Rootkit.Kryptik.PR trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0003.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0007.dta    Win32/Olmarik.AFK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0008.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.21.46\mbr0000\tdlfs0000\tsk0012.dta    Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0000.dta    Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0001.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0002.dta    a variant of Win32/Rootkit.Kryptik.PR trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0003.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0007.dta    Win32/Olmarik.AFK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0008.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.02.2013_18.23.48\mbr0000\tdlfs0000\tsk0012.dta    Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
 


#6 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 07:10 PM

Don't remember ever cleaning/quarantining anything, though.



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 07 February 2013 - 07:45 PM

Please restart the PC and run TDSSkiller once again and post the new log

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.


 

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. You can also right click on the link and select Save Link As

Malwarebytes
may "make changes to your registry" as part of its disinfection
routine. If using other security programs that detect registry changes
(ie Spybot's Teatimer), they may interfere or alert you. Temporarily
disable such programs or permit them to allow the changes.



  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy
    and paste the contents of that report in your next reply. Be sure to
    post the complete log to include the top portion which shows the
    database version and your operating system.
  • Exit Malwarebytes when done.

Note:
If Malwarebytes encounters a file that is difficult to remove, you will
be asked to reboot your computer so it can proceed with the
disinfection process. If asked to restart the computer, please do so
immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.



===================================================


Farbar's MiniToolBox

--------------------



  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================


Farbar's Service Scanner

--------------------

Please
download
Farbar
Service Scanner
, save it to your desktop, and run it.
 

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================


AdwCleaner by Xplode - Search for Adware

-------------------
 

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Junkware Removal Tooll by thisisu

-------------------
 

  • Please download [url="http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/"]Junkware Removal Tool[/URL] and save it to your desktop.
  • Disable
    your AntiVirus and AntiSpyware applications, usually via a right click
    on the System Tray icon. They may otherwise interfere with our tools. (Click
    on this
    link
    to see a list of programs that should be disabled. The list
    is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:
 

  • In
    order for Rkill to run properly you must disable your anti-malware
    software. Please refer to
    this
    page
    if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A
    black screen will appear and then disappear. Please do not worry, that
    is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================


Autoruns

--------------------
 

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwVleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


#8 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 08:00 PM

19:58:41.0602 2884  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:58:43.0053 2884  ============================================================
19:58:43.0053 2884  Current date / time: 2013/02/07 19:58:43.0053
19:58:43.0053 2884  SystemInfo:
19:58:43.0053 2884  
19:58:43.0053 2884  OS Version: 6.0.6001 ServicePack: 1.0
19:58:43.0053 2884  Product type: Workstation
19:58:43.0053 2884  ComputerName: NELSON-PC
19:58:43.0053 2884  UserName: nelson
19:58:43.0053 2884  Windows directory: C:\Windows
19:58:43.0053 2884  System windows directory: C:\Windows
19:58:43.0053 2884  Running under WOW64
19:58:43.0053 2884  Processor architecture: Intel x64
19:58:43.0053 2884  Number of processors: 2
19:58:43.0053 2884  Page size: 0x1000
19:58:43.0053 2884  Boot type: Normal boot
19:58:43.0053 2884  ============================================================
19:58:44.0035 2884  BG loaded
19:58:45.0486 2884  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:58:45.0533 2884  ============================================================
19:58:45.0533 2884  \Device\Harddisk0\DR0:
19:58:45.0533 2884  MBR partitions:
19:58:45.0533 2884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
19:58:45.0533 2884  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
19:58:45.0533 2884  ============================================================
19:58:45.0595 2884  C: <-> \Device\Harddisk0\DR0\Partition2
19:58:45.0627 2884  D: <-> \Device\Harddisk0\DR0\Partition1
19:58:45.0627 2884  ============================================================
19:58:45.0627 2884  Initialize success
19:58:45.0627 2884  ============================================================
19:58:57.0849 3292  ============================================================
19:58:57.0849 3292  Scan started
19:58:57.0849 3292  Mode: Manual; TDLFS; 
19:58:57.0849 3292  ============================================================
19:59:01.0967 3292  ================ Scan system memory ========================
19:59:01.0967 3292  System memory - ok
19:59:01.0967 3292  ================ Scan services =============================
19:59:02.0575 3292  [ 8C99ED256A889D647935A97C543B7B85 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:59:02.0575 3292  ACPI - ok
19:59:02.0622 3292  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:59:02.0638 3292  adp94xx - ok
19:59:02.0653 3292  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:59:02.0685 3292  adpahci - ok
19:59:02.0685 3292  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:59:02.0700 3292  adpu160m - ok
19:59:02.0716 3292  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:59:02.0731 3292  adpu320 - ok
19:59:02.0763 3292  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:59:02.0763 3292  AeLookupSvc - ok
19:59:02.0794 3292  [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD             C:\Windows\system32\drivers\afd.sys
19:59:02.0825 3292  AFD - ok
19:59:02.0841 3292  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:59:02.0856 3292  agp440 - ok
19:59:02.0856 3292  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:59:02.0872 3292  aic78xx - ok
19:59:02.0887 3292  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
19:59:02.0887 3292  ALG - ok
19:59:02.0887 3292  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:59:02.0903 3292  aliide - ok
19:59:02.0903 3292  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
19:59:02.0919 3292  amdide - ok
19:59:02.0919 3292  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:59:02.0934 3292  AmdK8 - ok
19:59:02.0950 3292  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
19:59:02.0950 3292  Appinfo - ok
19:59:02.0965 3292  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
19:59:02.0981 3292  arc - ok
19:59:02.0997 3292  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:59:03.0012 3292  arcsas - ok
19:59:03.0012 3292  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:59:03.0028 3292  AsyncMac - ok
19:59:03.0028 3292  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys
19:59:03.0043 3292  atapi - ok
19:59:03.0059 3292  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:59:03.0059 3292  AudioEndpointBuilder - ok
19:59:03.0075 3292  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:59:03.0075 3292  AudioSrv - ok
19:59:03.0855 3292  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:59:03.0901 3292  AVGIDSAgent - ok
19:59:03.0948 3292  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:59:04.0026 3292  AVGIDSDriver - ok
19:59:04.0104 3292  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
19:59:04.0120 3292  AVGIDSHA - ok
19:59:04.0135 3292  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
19:59:04.0135 3292  Avgldx64 - ok
19:59:04.0167 3292  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
19:59:04.0182 3292  Avgloga - ok
19:59:04.0198 3292  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
19:59:04.0198 3292  Avgmfx64 - ok
19:59:04.0213 3292  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
19:59:04.0213 3292  Avgrkx64 - ok
19:59:04.0260 3292  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
19:59:04.0276 3292  Avgtdia - ok
19:59:04.0338 3292  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:59:04.0338 3292  avgwd - ok
19:59:04.0385 3292  [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE             C:\Windows\System32\bfe.dll
19:59:04.0385 3292  BFE - ok
19:59:04.0447 3292  [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS            C:\Windows\System32\qmgr.dll
19:59:04.0447 3292  BITS - ok
19:59:04.0494 3292  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:59:04.0510 3292  blbdrive - ok
19:59:04.0541 3292  [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:59:04.0541 3292  bowser - ok
19:59:04.0572 3292  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:59:04.0588 3292  BrFiltLo - ok
19:59:04.0603 3292  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:59:04.0603 3292  BrFiltUp - ok
19:59:04.0619 3292  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
19:59:04.0619 3292  Browser - ok
19:59:04.0635 3292  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:59:04.0650 3292  Brserid - ok
19:59:04.0650 3292  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:59:04.0666 3292  BrSerWdm - ok
19:59:04.0666 3292  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:59:04.0681 3292  BrUsbMdm - ok
19:59:04.0681 3292  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:59:04.0697 3292  BrUsbSer - ok
19:59:04.0697 3292  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:59:04.0713 3292  BTHMODEM - ok
19:59:04.0728 3292  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:59:04.0744 3292  cdfs - ok
19:59:04.0759 3292  [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:59:04.0775 3292  cdrom - ok
19:59:04.0775 3292  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:59:04.0775 3292  CertPropSvc - ok
19:59:04.0791 3292  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:59:04.0791 3292  circlass - ok
19:59:04.0822 3292  [ CAEDA2572B7042B11062F327F099251D ] CLFS            C:\Windows\system32\CLFS.sys
19:59:04.0837 3292  CLFS - ok
19:59:05.0134 3292  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:59:05.0165 3292  clr_optimization_v2.0.50727_32 - ok
19:59:05.0274 3292  [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:59:05.0321 3292  clr_optimization_v2.0.50727_64 - ok
19:59:05.0337 3292  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:59:05.0352 3292  cmdide - ok
19:59:05.0352 3292  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:59:05.0368 3292  Compbatt - ok
19:59:05.0383 3292  COMSysApp - ok
19:59:05.0399 3292  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:59:05.0399 3292  crcdisk - ok
19:59:05.0430 3292  [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:59:05.0446 3292  CryptSvc - ok
19:59:05.0493 3292  [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:59:05.0493 3292  DcomLaunch - ok
19:59:05.0524 3292  [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:59:05.0524 3292  DfsC - ok
19:59:05.0695 3292  [ 1781F99840979EE7B126C9073C377FD0 ] DFSR            C:\Windows\system32\DFSR.exe
19:59:05.0867 3292  DFSR - ok
19:59:05.0898 3292  [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:59:05.0898 3292  Dhcp - ok
19:59:05.0929 3292  [ 2DC415FC05FB8A079F896CBBACB19324 ] disk            C:\Windows\system32\drivers\disk.sys
19:59:05.0929 3292  disk - ok
19:59:05.0976 3292  [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:59:05.0976 3292  Dnscache - ok
19:59:06.0007 3292  [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:59:06.0007 3292  dot3svc - ok
19:59:06.0023 3292  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
19:59:06.0023 3292  DPS - ok
19:59:06.0054 3292  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:59:06.0070 3292  drmkaud - ok
19:59:06.0319 3292  [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:59:06.0319 3292  DXGKrnl - ok
19:59:06.0366 3292  [ 17D40652EF3E55EEAE187A89DF40965A ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
19:59:06.0382 3292  e1express - ok
19:59:06.0397 3292  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
19:59:06.0413 3292  E1G60 - ok
19:59:06.0429 3292  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
19:59:06.0429 3292  EapHost - ok
19:59:06.0460 3292  [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:59:06.0460 3292  Ecache - ok
19:59:06.0538 3292  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:59:06.0538 3292  ehRecvr - ok
19:59:06.0600 3292  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
19:59:06.0600 3292  ehSched - ok
19:59:06.0616 3292  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
19:59:06.0616 3292  ehstart - ok
19:59:06.0647 3292  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:59:06.0709 3292  elxstor - ok
19:59:06.0756 3292  [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:59:06.0756 3292  EMDMgmt - ok
19:59:06.0772 3292  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:59:06.0772 3292  ErrDev - ok
19:59:06.0803 3292  [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem     C:\Windows\system32\es.dll
19:59:06.0819 3292  EventSystem - ok
19:59:06.0819 3292  [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:59:06.0834 3292  exfat - ok
19:59:06.0850 3292  [ FE731D345ED9EEABBC72A59B35941834 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:59:06.0850 3292  fastfat - ok
19:59:06.0850 3292  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:59:06.0865 3292  fdc - ok
19:59:06.0881 3292  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
19:59:06.0881 3292  fdPHost - ok
19:59:06.0912 3292  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
19:59:06.0912 3292  FDResPub - ok
19:59:06.0928 3292  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:59:06.0928 3292  FileInfo - ok
19:59:06.0928 3292  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:59:07.0006 3292  Filetrace - ok
19:59:07.0021 3292  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:59:07.0021 3292  flpydisk - ok
19:59:07.0053 3292  [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:59:07.0068 3292  FltMgr - ok
19:59:07.0099 3292  [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:59:07.0131 3292  FontCache3.0.0.0 - ok
19:59:07.0131 3292  [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:59:07.0146 3292  Fs_Rec - ok
19:59:07.0162 3292  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:59:07.0177 3292  gagp30kx - ok
19:59:07.0209 3292  [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc           C:\Windows\System32\gpsvc.dll
19:59:07.0209 3292  gpsvc - ok
19:59:07.0271 3292  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:59:07.0271 3292  gupdate - ok
19:59:07.0271 3292  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:59:07.0271 3292  gupdatem - ok
19:59:07.0302 3292  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:59:07.0318 3292  HdAudAddService - ok
19:59:07.0333 3292  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:59:07.0333 3292  HDAudBus - ok
19:59:07.0349 3292  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:59:07.0365 3292  HidBth - ok
19:59:07.0365 3292  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:59:07.0380 3292  HidIr - ok
19:59:07.0396 3292  [ 0AA154538544E988429DA2D5AA803A6C ] hidserv         C:\Windows\system32\hidserv.dll
19:59:07.0396 3292  hidserv - ok
19:59:07.0411 3292  [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:59:07.0411 3292  HidUsb - ok
19:59:07.0443 3292  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:59:07.0458 3292  hkmsvc - ok
19:59:07.0474 3292  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:59:07.0489 3292  HpCISSs - ok
19:59:07.0536 3292  [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:59:07.0552 3292  HTTP - ok
19:59:07.0567 3292  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:59:07.0583 3292  i2omp - ok
19:59:07.0599 3292  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:59:07.0599 3292  i8042prt - ok
19:59:07.0614 3292  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:59:07.0630 3292  iaStorV - ok
19:59:07.0723 3292  [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:59:07.0817 3292  idsvc - ok
19:59:08.0238 3292  [ DF87170EC724080676C18D5A0AF87FC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:59:08.0316 3292  igfx - ok
19:59:08.0379 3292  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:59:08.0410 3292  iirsp - ok
19:59:08.0441 3292  [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:59:08.0441 3292  IKEEXT - ok
19:59:08.0457 3292  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
19:59:08.0472 3292  intelide - ok
19:59:08.0472 3292  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:59:08.0472 3292  intelppm - ok
19:59:08.0519 3292  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:59:08.0519 3292  IPBusEnum - ok
19:59:08.0519 3292  [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:59:08.0535 3292  IpFilterDriver - ok
19:59:08.0581 3292  [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:59:08.0581 3292  iphlpsvc - ok
19:59:08.0581 3292  IpInIp - ok
19:59:08.0581 3292  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:59:08.0613 3292  IPMIDRV - ok
19:59:08.0613 3292  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:59:08.0628 3292  IPNAT - ok
19:59:08.0628 3292  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:59:08.0644 3292  IRENUM - ok
19:59:08.0659 3292  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:59:08.0675 3292  isapnp - ok
19:59:08.0691 3292  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:59:08.0691 3292  iScsiPrt - ok
19:59:08.0706 3292  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:59:08.0722 3292  iteatapi - ok
19:59:08.0722 3292  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:59:08.0737 3292  iteraid - ok
19:59:08.0737 3292  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:59:08.0753 3292  kbdclass - ok
19:59:08.0753 3292  [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:59:08.0769 3292  kbdhid - ok
19:59:08.0815 3292  [ 80F4593E92FF960E4763380D3168E498 ] KeyIso          C:\Windows\system32\lsass.exe
19:59:08.0815 3292  KeyIso - ok
19:59:08.0862 3292  [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:59:08.0987 3292  KSecDD - ok
19:59:09.0018 3292  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:59:09.0034 3292  ksthunk - ok
19:59:09.0081 3292  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:59:09.0081 3292  KtmRm - ok
19:59:09.0112 3292  [ 6F212EDD7AAE8BD905C9E8824A34F8AE ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:59:09.0112 3292  LanmanServer - ok
19:59:09.0143 3292  [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:59:09.0143 3292  LanmanWorkstation - ok
19:59:09.0174 3292  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:59:09.0174 3292  lltdio - ok
19:59:09.0205 3292  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:59:09.0221 3292  lltdsvc - ok
19:59:09.0221 3292  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:59:09.0221 3292  lmhosts - ok
19:59:09.0237 3292  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:59:09.0252 3292  LSI_FC - ok
19:59:09.0252 3292  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:59:09.0268 3292  LSI_SAS - ok
19:59:09.0299 3292  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:59:09.0315 3292  LSI_SCSI - ok
19:59:09.0315 3292  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:59:09.0315 3292  luafv - ok
19:59:09.0330 3292  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:59:09.0346 3292  Mcx2Svc - ok
19:59:09.0346 3292  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
19:59:09.0361 3292  megasas - ok
19:59:09.0393 3292  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
19:59:09.0408 3292  MegaSR - ok
19:59:09.0424 3292  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
19:59:09.0424 3292  MMCSS - ok
19:59:09.0424 3292  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
19:59:09.0424 3292  Modem - ok
19:59:09.0439 3292  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:59:09.0439 3292  monitor - ok
19:59:09.0439 3292  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:59:09.0455 3292  mouclass - ok
19:59:09.0455 3292  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:59:09.0471 3292  mouhid - ok
19:59:09.0471 3292  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:59:09.0486 3292  MountMgr - ok
19:59:09.0517 3292  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:59:09.0533 3292  mpio - ok
19:59:09.0533 3292  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:59:09.0533 3292  mpsdrv - ok
19:59:09.0564 3292  [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:59:09.0564 3292  MpsSvc - ok
19:59:09.0580 3292  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:59:09.0580 3292  Mraid35x - ok
19:59:09.0595 3292  [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:59:09.0595 3292  MRxDAV - ok
19:59:09.0642 3292  [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:59:09.0642 3292  mrxsmb - ok
19:59:09.0705 3292  [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:59:09.0705 3292  mrxsmb10 - ok
19:59:09.0720 3292  [ F9425D610712533107A264E2D5B2154B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:59:09.0720 3292  mrxsmb20 - ok
19:59:09.0720 3292  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
19:59:09.0736 3292  msahci - ok
19:59:09.0767 3292  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:59:09.0767 3292  msdsm - ok
19:59:09.0814 3292  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
19:59:09.0814 3292  MSDTC - ok
19:59:09.0829 3292  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:59:09.0845 3292  Msfs - ok
19:59:09.0845 3292  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:59:09.0845 3292  msisadrv - ok
19:59:09.0876 3292  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:59:09.0892 3292  MSiSCSI - ok
19:59:09.0892 3292  msiserver - ok
19:59:09.0907 3292  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:59:09.0923 3292  MSKSSRV - ok
19:59:09.0939 3292  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:59:09.0939 3292  MSPCLOCK - ok
19:59:09.0954 3292  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:59:09.0954 3292  MSPQM - ok
19:59:09.0985 3292  [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:59:09.0985 3292  MsRPC - ok
19:59:10.0001 3292  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:59:10.0001 3292  mssmbios - ok
19:59:10.0001 3292  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:59:10.0017 3292  MSTEE - ok
19:59:10.0017 3292  [ DDF133501F68D6988A0F55DFA88637B4 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:59:10.0032 3292  Mup - ok
19:59:10.0048 3292  [ C25022CDD18980846973B598900915F8 ] napagent        C:\Windows\system32\qagentRT.dll
19:59:10.0063 3292  napagent - ok
19:59:10.0126 3292  [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:59:10.0141 3292  NativeWifiP - ok
19:59:10.0173 3292  [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:59:10.0188 3292  NDIS - ok
19:59:10.0188 3292  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:59:10.0204 3292  NdisTapi - ok
19:59:10.0204 3292  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:59:10.0219 3292  Ndisuio - ok
19:59:10.0219 3292  [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:59:10.0235 3292  NdisWan - ok
19:59:10.0251 3292  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:59:10.0251 3292  NDProxy - ok
19:59:10.0266 3292  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:59:10.0282 3292  NetBIOS - ok
19:59:10.0329 3292  [ 7A29CA243A629230799754162D80120F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:59:10.0344 3292  netbt - ok
19:59:10.0375 3292  [ 80F4593E92FF960E4763380D3168E498 ] Netlogon        C:\Windows\system32\lsass.exe
19:59:10.0375 3292  Netlogon - ok
19:59:10.0407 3292  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
19:59:10.0407 3292  Netman - ok
19:59:10.0422 3292  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
19:59:10.0422 3292  netprofm - ok
19:59:10.0469 3292  [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:59:10.0687 3292  NetTcpPortSharing - ok
19:59:10.0719 3292  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:59:10.0734 3292  nfrd960 - ok
19:59:10.0750 3292  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:59:10.0750 3292  NlaSvc - ok
19:59:10.0750 3292  [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:59:10.0765 3292  Npfs - ok
19:59:10.0781 3292  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
19:59:10.0781 3292  nsi - ok
19:59:10.0797 3292  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:59:10.0812 3292  nsiproxy - ok
19:59:10.0875 3292  [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:59:10.0890 3292  Ntfs - ok
19:59:10.0906 3292  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
19:59:10.0906 3292  Null - ok
19:59:10.0937 3292  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:59:10.0953 3292  nvraid - ok
19:59:10.0968 3292  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:59:10.0968 3292  nvstor - ok
19:59:10.0984 3292  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:59:10.0984 3292  nv_agp - ok
19:59:10.0999 3292  NwlnkFlt - ok
19:59:10.0999 3292  NwlnkFwd - ok
19:59:11.0015 3292  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:59:11.0015 3292  ohci1394 - ok
19:59:11.0046 3292  [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:59:11.0062 3292  p2pimsvc - ok
19:59:11.0155 3292  [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc          C:\Windows\system32\p2psvc.dll
19:59:11.0155 3292  p2psvc - ok
19:59:11.0202 3292  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
19:59:11.0233 3292  Parport - ok
19:59:11.0233 3292  [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:59:11.0233 3292  partmgr - ok
19:59:11.0249 3292  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:59:11.0249 3292  PcaSvc - ok
19:59:11.0265 3292  [ 2A5B2A51559066EA84742909B5B2CD69 ] pci             C:\Windows\system32\drivers\pci.sys
19:59:11.0265 3292  pci - ok
19:59:11.0280 3292  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:59:11.0280 3292  pciide - ok
19:59:11.0296 3292  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:59:11.0311 3292  pcmcia - ok
19:59:11.0343 3292  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:59:11.0343 3292  PEAUTH - ok
19:59:11.0686 3292  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:59:11.0686 3292  PerfHost - ok
19:59:11.0826 3292  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
19:59:11.0842 3292  pla - ok
19:59:11.0904 3292  [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:59:11.0904 3292  PlugPlay - ok
19:59:11.0967 3292  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:59:11.0967 3292  PNRPAutoReg - ok
19:59:11.0982 3292  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:59:11.0998 3292  PNRPsvc - ok
19:59:12.0013 3292  [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:59:12.0013 3292  PolicyAgent - ok
19:59:12.0045 3292  [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:59:12.0060 3292  PptpMiniport - ok
19:59:12.0091 3292  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
19:59:12.0107 3292  Processor - ok
19:59:12.0154 3292  [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:59:12.0154 3292  ProfSvc - ok
19:59:12.0169 3292  [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:59:12.0169 3292  ProtectedStorage - ok
19:59:12.0216 3292  [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:59:12.0216 3292  PSched - ok
19:59:12.0279 3292  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:59:12.0450 3292  ql2300 - ok
19:59:12.0481 3292  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:59:12.0513 3292  ql40xx - ok
19:59:12.0544 3292  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
19:59:12.0559 3292  QWAVE - ok
19:59:12.0559 3292  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:59:12.0575 3292  QWAVEdrv - ok
19:59:12.0591 3292  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:59:12.0606 3292  RasAcd - ok
19:59:12.0637 3292  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
19:59:12.0637 3292  RasAuto - ok
19:59:12.0669 3292  [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:59:12.0684 3292  Rasl2tp - ok
19:59:12.0715 3292  [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan          C:\Windows\System32\rasmans.dll
19:59:12.0731 3292  RasMan - ok
19:59:12.0731 3292  [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:59:12.0747 3292  RasPppoe - ok
19:59:12.0809 3292  [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:59:12.0809 3292  RasSstp - ok
19:59:12.0918 3292  [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:59:12.0918 3292  rdbss - ok
19:59:12.0934 3292  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:59:12.0949 3292  RDPCDD - ok
19:59:12.0981 3292  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
19:59:12.0996 3292  rdpdr - ok
19:59:13.0012 3292  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:59:13.0027 3292  RDPENCDD - ok
19:59:13.0043 3292  [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:59:13.0090 3292  RDPWD - ok
19:59:13.0105 3292  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:59:13.0105 3292  RemoteAccess - ok
19:59:13.0137 3292  [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:59:13.0137 3292  RemoteRegistry - ok
19:59:13.0183 3292  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
19:59:13.0183 3292  RpcLocator - ok
19:59:13.0261 3292  [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs           C:\Windows\system32\rpcss.dll
19:59:13.0261 3292  RpcSs - ok
19:59:13.0324 3292  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:59:13.0324 3292  rspndr - ok
19:59:13.0355 3292  [ 80F4593E92FF960E4763380D3168E498 ] SamSs           C:\Windows\system32\lsass.exe
19:59:13.0355 3292  SamSs - ok
19:59:13.0371 3292  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:59:13.0402 3292  sbp2port - ok
19:59:13.0417 3292  [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:59:13.0417 3292  SCardSvr - ok
19:59:13.0636 3292  [ CE75D26E0A1106129F4D156851E298ED ] Schedule        C:\Windows\system32\schedsvc.dll
19:59:13.0636 3292  Schedule - ok
19:59:13.0667 3292  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:59:13.0667 3292  SCPolicySvc - ok
19:59:13.0698 3292  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:59:13.0714 3292  SDRSVC - ok
19:59:13.0729 3292  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:59:13.0729 3292  secdrv - ok
19:59:13.0745 3292  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
19:59:13.0745 3292  seclogon - ok
19:59:13.0854 3292  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
19:59:13.0854 3292  SENS - ok
19:59:13.0885 3292  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:59:13.0948 3292  Serenum - ok
19:59:13.0963 3292  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
19:59:14.0010 3292  Serial - ok
19:59:14.0213 3292  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:59:14.0260 3292  sermouse - ok
19:59:14.0322 3292  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:59:14.0322 3292  SessionEnv - ok
19:59:14.0369 3292  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:59:14.0400 3292  sffdisk - ok
19:59:14.0447 3292  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:59:14.0478 3292  sffp_mmc - ok
19:59:14.0478 3292  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:59:14.0494 3292  sffp_sd - ok
19:59:14.0494 3292  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:59:14.0509 3292  sfloppy - ok
19:59:14.0572 3292  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:59:14.0572 3292  SharedAccess - ok
19:59:14.0619 3292  [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:59:14.0619 3292  ShellHWDetection - ok
19:59:14.0634 3292  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:59:14.0681 3292  SiSRaid2 - ok
19:59:14.0697 3292  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:59:14.0728 3292  SiSRaid4 - ok
19:59:14.0899 3292  [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc           C:\Windows\system32\SLsvc.exe
19:59:14.0915 3292  slsvc - ok
19:59:14.0915 3292  [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:59:14.0931 3292  SLUINotify - ok
19:59:14.0962 3292  [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:59:14.0962 3292  Smb - ok
19:59:14.0993 3292  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:59:15.0009 3292  SNMPTRAP - ok
19:59:15.0024 3292  [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:59:15.0024 3292  spldr - ok
19:59:15.0055 3292  [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler         C:\Windows\System32\spoolsv.exe
19:59:15.0055 3292  Spooler - ok
19:59:15.0102 3292  [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:59:15.0102 3292  srv - ok
19:59:15.0149 3292  [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:59:15.0149 3292  srv2 - ok
19:59:15.0196 3292  [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:59:15.0196 3292  srvnet - ok
19:59:15.0211 3292  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:59:15.0227 3292  SSDPSRV - ok
19:59:15.0243 3292  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:59:15.0243 3292  SstpSvc - ok
19:59:15.0274 3292  [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc          C:\Windows\System32\wiaservc.dll
19:59:15.0289 3292  stisvc - ok
19:59:15.0305 3292  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:59:15.0321 3292  swenum - ok
19:59:15.0383 3292  [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv           C:\Windows\System32\swprv.dll
19:59:15.0383 3292  swprv - ok
19:59:15.0399 3292  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:59:15.0399 3292  Symc8xx - ok
19:59:15.0414 3292  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:59:15.0430 3292  Sym_hi - ok
19:59:15.0430 3292  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:59:15.0461 3292  Sym_u3 - ok
19:59:15.0508 3292  [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain         C:\Windows\system32\sysmain.dll
19:59:15.0523 3292  SysMain - ok
19:59:15.0555 3292  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:59:15.0555 3292  TabletInputService - ok
19:59:15.0586 3292  [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:59:15.0586 3292  TapiSrv - ok
19:59:15.0601 3292  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
19:59:15.0601 3292  TBS - ok
19:59:15.0757 3292  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:59:15.0929 3292  Tcpip - ok
19:59:16.0054 3292  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:59:16.0069 3292  Tcpip6 - ok
19:59:16.0101 3292  [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:59:16.0101 3292  tcpipreg - ok
19:59:16.0116 3292  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:59:16.0116 3292  TDPIPE - ok
19:59:16.0132 3292  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:59:16.0147 3292  TDTCP - ok
19:59:16.0163 3292  [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:59:16.0179 3292  tdx - ok
19:59:16.0194 3292  [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:59:16.0194 3292  TermDD - ok
19:59:16.0272 3292  [ F870A5589D6A94B426EFB13689023946 ] TermService     C:\Windows\System32\termsrv.dll
19:59:16.0272 3292  TermService - ok
19:59:16.0350 3292  [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes          C:\Windows\system32\shsvcs.dll
19:59:16.0350 3292  Themes - ok
19:59:16.0381 3292  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:59:16.0381 3292  THREADORDER - ok
19:59:16.0413 3292  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
19:59:16.0413 3292  TrkWks - ok
19:59:16.0459 3292  [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:59:16.0459 3292  TrustedInstaller - ok
19:59:16.0506 3292  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:59:16.0522 3292  tssecsrv - ok
19:59:16.0569 3292  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:59:16.0569 3292  tunmp - ok
19:59:16.0647 3292  [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:59:16.0662 3292  tunnel - ok
19:59:16.0678 3292  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:59:16.0740 3292  uagp35 - ok
19:59:16.0787 3292  [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:59:16.0803 3292  udfs - ok
19:59:16.0849 3292  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:59:16.0849 3292  UI0Detect - ok
19:59:16.0881 3292  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:59:16.0927 3292  uliagpkx - ok
19:59:16.0974 3292  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:59:17.0021 3292  uliahci - ok
19:59:17.0052 3292  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:59:17.0068 3292  UlSata - ok
19:59:17.0099 3292  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:59:17.0115 3292  ulsata2 - ok
19:59:17.0146 3292  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:59:17.0161 3292  umbus - ok
19:59:17.0224 3292  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
19:59:17.0239 3292  upnphost - ok
19:59:17.0271 3292  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:59:17.0286 3292  usbccgp - ok
19:59:17.0317 3292  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:59:17.0333 3292  usbcir - ok
19:59:17.0349 3292  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:59:17.0364 3292  usbehci - ok
19:59:17.0380 3292  [ 99045369AE3216216573D0775FD7ED56 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:59:17.0380 3292  usbhub - ok
19:59:17.0395 3292  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:59:17.0395 3292  usbohci - ok
19:59:17.0411 3292  [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:59:17.0427 3292  usbprint - ok
19:59:17.0442 3292  [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:59:17.0442 3292  USBSTOR - ok
19:59:17.0458 3292  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:59:17.0473 3292  usbuhci - ok
19:59:17.0489 3292  [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms           C:\Windows\System32\uxsms.dll
19:59:17.0489 3292  UxSms - ok
19:59:17.0536 3292  [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds             C:\Windows\System32\vds.exe
19:59:17.0536 3292  vds - ok
19:59:17.0551 3292  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:59:17.0583 3292  vga - ok
19:59:17.0614 3292  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:59:17.0614 3292  VgaSave - ok
19:59:17.0629 3292  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
19:59:17.0629 3292  viaide - ok
19:59:17.0661 3292  [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:59:17.0661 3292  volmgr - ok
19:59:17.0676 3292  [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:59:17.0692 3292  volmgrx - ok
19:59:17.0723 3292  [ DE4307412D98050239026E56A7DFF3C0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:59:17.0739 3292  volsnap - ok
19:59:17.0754 3292  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:59:17.0770 3292  vsmraid - ok
19:59:17.0910 3292  [ 186BD53F8A408AD20F5A056C05678629 ] VSS             C:\Windows\system32\vssvc.exe
19:59:17.0926 3292  VSS - ok
19:59:17.0988 3292  [ 23DE6F86133361C8DD5410E08A32BB3E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
19:59:18.0004 3292  VST64HWBS2 - ok
19:59:18.0066 3292  [ E6CD7F641916484B0141D191A390D866 ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:59:18.0082 3292  VST64_DPV - ok
19:59:18.0144 3292  [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time         C:\Windows\system32\w32time.dll
19:59:18.0160 3292  W32Time - ok
19:59:18.0175 3292  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:59:18.0207 3292  WacomPen - ok
19:59:18.0222 3292  [ AEA75207E443C8623C36B8D03596F84F ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:59:18.0222 3292  Wanarp - ok
19:59:18.0238 3292  [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:59:18.0238 3292  Wanarpv6 - ok
19:59:18.0269 3292  [ 055449247C490E24B968B44FE8A969EB ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:59:18.0285 3292  wcncsvc - ok
19:59:18.0300 3292  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:59:18.0300 3292  WcsPlugInService - ok
19:59:18.0331 3292  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
19:59:18.0347 3292  Wd - ok
19:59:18.0378 3292  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:59:18.0409 3292  Wdf01000 - ok
19:59:18.0425 3292  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:59:18.0425 3292  WdiServiceHost - ok
19:59:18.0425 3292  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:59:18.0441 3292  WdiSystemHost - ok
19:59:18.0456 3292  [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient       C:\Windows\System32\webclnt.dll
19:59:18.0456 3292  WebClient - ok
19:59:18.0487 3292  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:59:18.0503 3292  Wecsvc - ok
19:59:18.0519 3292  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:59:18.0519 3292  wercplsupport - ok
19:59:18.0565 3292  [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:59:18.0565 3292  WerSvc - ok
19:59:18.0659 3292  [ B5C348B265178FB9EE55ADDB3929485D ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:59:18.0675 3292  winachsf - ok
19:59:18.0690 3292  WinDefend - ok
19:59:18.0690 3292  WinHttpAutoProxySvc - ok
19:59:18.0831 3292  [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:59:18.0831 3292  Winmgmt - ok
19:59:18.0940 3292  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:59:18.0971 3292  WinRM - ok
19:59:19.0018 3292  [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:59:19.0018 3292  Wlansvc - ok
19:59:19.0080 3292  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:59:19.0111 3292  WmiAcpi - ok
19:59:19.0158 3292  [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:59:19.0158 3292  wmiApSrv - ok
19:59:19.0205 3292  WMPNetworkSvc - ok
19:59:19.0221 3292  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:59:19.0221 3292  WPCSvc - ok
19:59:19.0236 3292  [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:59:19.0252 3292  WPDBusEnum - ok
19:59:19.0252 3292  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:59:19.0267 3292  ws2ifsl - ok
19:59:19.0299 3292  [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:59:19.0299 3292  wscsvc - ok
19:59:19.0314 3292  WSearch - ok
19:59:19.0579 3292  [ 69F2BC7B46E3E15C8EC688F42A65B57F ] wuauserv        C:\Windows\system32\wuaueng.dll
19:59:19.0595 3292  wuauserv - ok
19:59:19.0642 3292  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:59:19.0642 3292  WUDFRd - ok
19:59:19.0689 3292  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:59:19.0689 3292  wudfsvc - ok
19:59:19.0704 3292  ================ Scan global ===============================
19:59:19.0720 3292  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
19:59:19.0767 3292  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
19:59:19.0798 3292  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
19:59:19.0829 3292  [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
19:59:19.0845 3292  [Global] - ok
19:59:19.0845 3292  ================ Scan MBR ==================================
19:59:19.0860 3292  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
19:59:21.0873 3292  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:59:21.0873 3292  \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:59:21.0873 3292  ================ Scan VBR ==================================
19:59:21.0904 3292  [ 01B46A372568B8B8D1AC0C4B2D92B382 ] \Device\Harddisk0\DR0\Partition1
19:59:21.0904 3292  \Device\Harddisk0\DR0\Partition1 - ok
19:59:21.0919 3292  [ BDD661804011D7E09D285C9B01231CB8 ] \Device\Harddisk0\DR0\Partition2
19:59:21.0935 3292  \Device\Harddisk0\DR0\Partition2 - ok
19:59:21.0935 3292  ============================================================
19:59:21.0935 3292  Scan finished
19:59:21.0935 3292  ============================================================
19:59:21.0951 3284  Detected object count: 1
19:59:21.0951 3284  Actual detected object count: 1
19:59:31.0373 3284  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:59:31.0373 3284  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 


#9 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 08:25 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.07.11
 
Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
nelson :: NELSON-PC [administrator]
 
2/7/2013 8:02:39 PM
mbam-log-2013-02-07 (20-02-39).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203971
Time elapsed: 1 minute(s), 53 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 
(end)
______________________________________________________________________
MiniToolBox by Farbar  Version:10-01-2013
Ran by nelson (administrator) on 07-02-2013 at 20:09:44
Running from "C:\Users\nelson\Downloads"
Windows Vista ™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : nelson-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-21-9B-1E-1A-F0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::61c2:1ac6:e957:62a2%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, February 07, 2013 8:06:47 PM
   Lease Expires . . . . . . . . . . : Friday, February 08, 2013 8:06:47 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{CD2447FF-AF90-4F92-A25D-B8A6106C193A}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:383d:387e:3f57:fefc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::383d:387e:3f57:fefc%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    google.com
Addresses:  2607:f8b0:4004:803::1002
      74.125.228.96
      74.125.228.105
      74.125.228.104
      74.125.228.101
      74.125.228.103
      74.125.228.98
      74.125.228.97
      74.125.228.110
      74.125.228.100
      74.125.228.102
      74.125.228.99
 
 
 
Pinging google.com [74.125.228.98] with 32 bytes of data:
 
Reply from 74.125.228.98: bytes=32 time=61ms TTL=53
 
Reply from 74.125.228.98: bytes=32 time=34ms TTL=53
 
 
 
Ping statistics for 74.125.228.98:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 34ms, Maximum = 61ms, Average = 47ms
 
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=136ms TTL=47
 
Reply from 206.190.36.45: bytes=32 time=170ms TTL=47
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 136ms, Maximum = 170ms, Average = 153ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 10 ...00 21 9b 1e 1a f0 ...... Intel® 82562V 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
 11 ...00 00 00 00 00 00 00 e0  isatap.{CD2447FF-AF90-4F92-A25D-B8A6106C193A}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    276
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:6ab8:383d:387e:3f57:fefc/128
                                    On-link
 10    276 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::383d:387e:3f57:fefc/128
                                    On-link
 10    276 fe80::61c2:1ac6:e957:62a2/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/07/2013 08:08:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 07:59:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 06:21:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 06:20:07 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (02/07/2013 05:57:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 05:56:56 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (02/07/2013 05:48:18 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6002.18111, time stamp 0x4acfb17d, faulting module msvcrt.dll, version 7.0.6001.18000, time stamp 0x4791a727, exception code 0xc0000005, fault offset 0x000214af,
process id 0x88c, application start time 0xsvchost.exe0.
 
Error: (02/07/2013 05:48:04 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6002.18111, time stamp 0x4acfb17d, faulting module OLEAUT32.dll, version 6.0.6001.18565, time stamp 0x4d0f78bd, exception code 0xc0000005, fault offset 0x00006934,
process id 0x129c, application start time 0xsvchost.exe0.
 
Error: (02/07/2013 05:47:51 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6002.18111, time stamp 0x4acfb17d, faulting module msvcrt.dll, version 7.0.6001.18000, time stamp 0x4791a727, exception code 0xc0000005, fault offset 0x000214af,
process id 0x1334, application start time 0xsvchost.exe0.
 
Error: (02/07/2013 05:47:38 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6002.18111, time stamp 0x4acfb17d, faulting module msvcrt.dll, version 7.0.6001.18000, time stamp 0x4791a727, exception code 0xc0000005, fault offset 0x000214af,
process id 0xcf8, application start time 0xsvchost.exe0.
 
 
System errors:
=============
Error: (02/07/2013 08:06:48 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (02/07/2013 08:05:09 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5
 
Error: (02/07/2013 08:05:06 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (02/07/2013 07:57:53 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (02/07/2013 06:21:00 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSDriver
Avgldx64
spldr
Wanarpv6
 
Error: (02/07/2013 06:21:00 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31
 
Error: (02/07/2013 06:21:00 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068
 
Error: (02/07/2013 06:20:18 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (02/07/2013 06:20:18 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (02/07/2013 06:20:10 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
 
Microsoft Office Sessions:
=========================
Error: (02/07/2013 08:08:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 07:59:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 06:21:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 06:20:07 PM) (Source: EventSystem)(User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (02/07/2013 05:57:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 05:56:56 PM) (Source: EventSystem)(User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (02/07/2013 05:48:18 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6002.181114acfb17dmsvcrt.dll7.0.6001.180004791a727c0000005000214af88c01ce058538d85a3c
 
Error: (02/07/2013 05:48:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6002.181114acfb17dOLEAUT32.dll6.0.6001.185654d0f78bdc000000500006934129c01ce05853074385c
 
Error: (02/07/2013 05:47:51 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6002.181114acfb17dmsvcrt.dll7.0.6001.180004791a727c0000005000214af133401ce058528c9f09c
 
Error: (02/07/2013 05:47:38 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6002.181114acfb17dmsvcrt.dll7.0.6001.180004791a727c0000005000214afcf801ce0585212240ec
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-07 18:21:04.535
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:21:04.455
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:21:04.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:21:04.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.305
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdrivera.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 18:20:46.245
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdrivera.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 2013.0.2897)
Intel® Graphics Media Accelerator Driver
Reimage Repair (Version: 1.6.3.3)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
 
========================= Devices: ================================
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 4084.27 MB
Available physical RAM: 2514.05 MB
Total Pagefile: 8341.84 MB
Available Pagefile: 6669.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 4000.05 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:683.95 GB) (Free:649.48 GB) NTFS
3 Drive d: () (Fixed) (Total:14.65 GB) (Free:14.05 GB) NTFS
4 Drive e: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\NELSON-PC
 
Administrator            Guest                    nelson                   
 
 
**** End of log ****
_____________________________________________________________
 
Farbar Service Scanner Version: 30-01-2013
Ran by nelson (administrator) on 07-02-2013 at 20:11:21
Running from "C:\Users\nelson\Desktop"
Windows Vista ™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll
[2013-02-07 15:37] - [2010-02-18 09:21] - 0224256 ____A (Microsoft Corporation) 3A0427F35E7F8C16BBC5B1BE32B8DE76
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
_____________________________________________________
 
# AdwCleaner v2.111 - Logfile created 02/07/2013 at 20:12:21
# Updated 05/02/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 1 (64 bits)
# User : nelson - NELSON-PC
# Boot Mode : Normal
# Running from : C:\Users\nelson\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v7.0.6001.18639
 
[OK] Registry is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\nelson\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [669 octets] - [07/02/2013 20:12:21]
 
########## EOF - C:\AdwCleaner[R1].txt - [728 octets] ##########
____________________________________________________________
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows ™ Vista Home Premium x64
Ran by nelson on Thu 02/07/2013 at 20:14:06.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 02/07/2013 at 20:19:15.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________________________________
 
Rkill 2.4.6 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/07/2013 08:23:33 PM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\nelson\Desktop\FSS (1).exe (PID: 1556) [UP-HEUR]
 * C:\Users\nelson\Desktop\AdwCleaner.exe (PID: 3932) [UP-HEUR]
 * C:\Users\nelson\Desktop\JRT.exe (PID: 3264) [UP-HEUR]
 
3 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\nelson\Desktop\rkill\rkill-02-07-2013-08-23-36.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  ::1             localhost
 
Program finished at: 02/07/2013 08:23:43 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)
_________________________________________________________
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "Windows Defender"    "Windows Defender User Interface"    "Microsoft Corporation"    "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "AVG_UI"    "AVG User Interface"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows Mail 7"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows Mail 7"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "EA Core"    "EA Download Manager"    "Electronic Arts"    "c:\program files (x86)\electronic arts\eadm\core.exe"
+ "Sidebar"    "Windows Sidebar"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"
"Task Scheduler"    ""    ""    ""
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo"    ""    ""    "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo"    ""    ""    "c:\windows\system32\gatherwirelessinfo.vbs"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "WinDefend"    "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions."    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga"    "AVG Logging Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdia.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "e1express"    "Intel® PRO/1000 Adapter NDIS 6 deserialized driver"    "Intel Corporation"    "c:\windows\system32\drivers\e1e6032e.sys"
+ "E1G60"    "Intel® PRO/1000 Adapter NDIS 6 deserialized driver"    "Intel Corporation"    "c:\windows\system32\drivers\e1g6032e.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "IpInIp"    "IP in IP Tunnel Driver"    ""    "File not found: system32\DRIVERS\ipinip.sys"
+ "NwlnkFlt"    "IPX Traffic Filter Driver"    ""    "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd"    "IPX Traffic Forwarder Driver"    ""    "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "VST64_DPV"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"
+ "VST64HWBS2"    "HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstbs26.sys"
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Windows Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
"C:\Users\nelson\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ "Clock"    "Watch the clock in your own time zone or any city in the world."    "Microsoft Corporation"    "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines"    "Track the latest news, sports, and entertainment headlines."    "Microsoft Corporation"    "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show"    "Show a continuous slide show of your pictures."    "Microsoft Corporation"    "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"
 
 
 


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 07 February 2013 - 08:38 PM

Run TDSSkiller and select DELETE for TDSSfilesystem

 

Please run malwarebytes and post the clean log



#11 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 07 February 2013 - 08:42 PM

20:40:28.0608 4932  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:40:28.0975 4932  ============================================================
20:40:28.0975 4932  Current date / time: 2013/02/07 20:40:28.0975
20:40:28.0975 4932  SystemInfo:
20:40:28.0975 4932  
20:40:28.0975 4932  OS Version: 6.0.6001 ServicePack: 1.0
20:40:28.0975 4932  Product type: Workstation
20:40:28.0975 4932  ComputerName: NELSON-PC
20:40:28.0975 4932  UserName: nelson
20:40:28.0975 4932  Windows directory: C:\Windows
20:40:28.0975 4932  System windows directory: C:\Windows
20:40:28.0975 4932  Running under WOW64
20:40:28.0975 4932  Processor architecture: Intel x64
20:40:28.0975 4932  Number of processors: 2
20:40:28.0975 4932  Page size: 0x1000
20:40:28.0975 4932  Boot type: Normal boot
20:40:28.0975 4932  ============================================================
20:40:29.0969 4932  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:30.0012 4932  ============================================================
20:40:30.0012 4932  \Device\Harddisk0\DR0:
20:40:30.0013 4932  MBR partitions:
20:40:30.0013 4932  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:40:30.0013 4932  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
20:40:30.0013 4932  ============================================================
20:40:30.0099 4932  C: <-> \Device\Harddisk0\DR0\Partition2
20:40:30.0123 4932  D: <-> \Device\Harddisk0\DR0\Partition1
20:40:30.0123 4932  ============================================================
20:40:30.0123 4932  Initialize success
20:40:30.0123 4932  ============================================================
20:40:36.0834 4788  ============================================================
20:40:36.0834 4788  Scan started
20:40:36.0834 4788  Mode: Manual; TDLFS; 
20:40:36.0834 4788  ============================================================
20:40:37.0718 4788  ================ Scan system memory ========================
20:40:37.0718 4788  System memory - ok
20:40:37.0718 4788  ================ Scan services =============================
20:40:39.0369 4788  [ 8C99ED256A889D647935A97C543B7B85 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:40:39.0372 4788  ACPI - ok
20:40:39.0431 4788  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:40:39.0435 4788  adp94xx - ok
20:40:39.0445 4788  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:40:39.0448 4788  adpahci - ok
20:40:39.0456 4788  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:40:39.0457 4788  adpu160m - ok
20:40:39.0465 4788  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:40:39.0467 4788  adpu320 - ok
20:40:39.0495 4788  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:40:39.0496 4788  AeLookupSvc - ok
20:40:39.0528 4788  [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD             C:\Windows\system32\drivers\afd.sys
20:40:39.0531 4788  AFD - ok
20:40:39.0548 4788  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:40:39.0549 4788  agp440 - ok
20:40:39.0564 4788  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:40:39.0566 4788  aic78xx - ok
20:40:39.0572 4788  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
20:40:39.0574 4788  ALG - ok
20:40:39.0578 4788  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:40:39.0579 4788  aliide - ok
20:40:39.0586 4788  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
20:40:39.0587 4788  amdide - ok
20:40:39.0593 4788  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:40:39.0594 4788  AmdK8 - ok
20:40:39.0610 4788  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
20:40:39.0611 4788  Appinfo - ok
20:40:39.0675 4788  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
20:40:39.0675 4788  arc - ok
20:40:39.0706 4788  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:40:39.0706 4788  arcsas - ok
20:40:39.0765 4788  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:39.0766 4788  AsyncMac - ok
20:40:39.0779 4788  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys
20:40:39.0779 4788  atapi - ok
20:40:39.0840 4788  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:40:39.0844 4788  AudioEndpointBuilder - ok
20:40:39.0867 4788  [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:40:39.0871 4788  AudioSrv - ok
20:40:40.0759 4788  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:40:40.0783 4788  AVGIDSAgent - ok
20:40:40.0843 4788  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:40:40.0845 4788  AVGIDSDriver - ok
20:40:40.0891 4788  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
20:40:40.0892 4788  AVGIDSHA - ok
20:40:40.0935 4788  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
20:40:40.0937 4788  Avgldx64 - ok
20:40:40.0971 4788  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
20:40:40.0973 4788  Avgloga - ok
20:40:40.0989 4788  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
20:40:40.0991 4788  Avgmfx64 - ok
20:40:40.0997 4788  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
20:40:40.0998 4788  Avgrkx64 - ok
20:40:41.0017 4788  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
20:40:41.0019 4788  Avgtdia - ok
20:40:41.0063 4788  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:40:41.0065 4788  avgwd - ok
20:40:41.0125 4788  [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE             C:\Windows\System32\bfe.dll
20:40:41.0129 4788  BFE - ok
20:40:41.0183 4788  [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS            C:\Windows\System32\qmgr.dll
20:40:41.0192 4788  BITS - ok
20:40:41.0247 4788  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:40:41.0248 4788  blbdrive - ok
20:40:41.0310 4788  [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:40:41.0311 4788  bowser - ok
20:40:41.0340 4788  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:40:41.0341 4788  BrFiltLo - ok
20:40:41.0346 4788  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:40:41.0346 4788  BrFiltUp - ok
20:40:41.0363 4788  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
20:40:41.0365 4788  Browser - ok
20:40:41.0370 4788  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:40:41.0371 4788  Brserid - ok
20:40:41.0376 4788  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:40:41.0377 4788  BrSerWdm - ok
20:40:41.0383 4788  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:40:41.0384 4788  BrUsbMdm - ok
20:40:41.0388 4788  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:40:41.0389 4788  BrUsbSer - ok
20:40:41.0393 4788  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:40:41.0395 4788  BTHMODEM - ok
20:40:41.0409 4788  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:40:41.0411 4788  cdfs - ok
20:40:41.0416 4788  [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:40:41.0418 4788  cdrom - ok
20:40:41.0441 4788  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:40:41.0442 4788  CertPropSvc - ok
20:40:41.0447 4788  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:40:41.0448 4788  circlass - ok
20:40:41.0467 4788  [ CAEDA2572B7042B11062F327F099251D ] CLFS            C:\Windows\system32\CLFS.sys
20:40:41.0469 4788  CLFS - ok
20:40:41.0893 4788  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:41.0894 4788  clr_optimization_v2.0.50727_32 - ok
20:40:42.0110 4788  [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:40:42.0111 4788  clr_optimization_v2.0.50727_64 - ok
20:40:42.0195 4788  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:40:42.0204 4788  cmdide - ok
20:40:42.0210 4788  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:40:42.0216 4788  Compbatt - ok
20:40:42.0230 4788  COMSysApp - ok
20:40:42.0252 4788  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:40:42.0253 4788  crcdisk - ok
20:40:42.0308 4788  [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:40:42.0309 4788  CryptSvc - ok
20:40:42.0377 4788  [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:40:42.0382 4788  DcomLaunch - ok
20:40:42.0424 4788  [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:40:42.0425 4788  DfsC - ok
20:40:42.0504 4788  [ 1781F99840979EE7B126C9073C377FD0 ] DFSR            C:\Windows\system32\DFSR.exe
20:40:42.0547 4788  DFSR - ok
20:40:42.0583 4788  [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:40:42.0585 4788  Dhcp - ok
20:40:42.0595 4788  [ 2DC415FC05FB8A079F896CBBACB19324 ] disk            C:\Windows\system32\drivers\disk.sys
20:40:42.0595 4788  disk - ok
20:40:42.0627 4788  [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:40:42.0628 4788  Dnscache - ok
20:40:42.0702 4788  [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:40:42.0704 4788  dot3svc - ok
20:40:42.0749 4788  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
20:40:42.0751 4788  DPS - ok
20:40:42.0778 4788  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:40:42.0779 4788  drmkaud - ok
20:40:42.0869 4788  [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:40:42.0874 4788  DXGKrnl - ok
20:40:42.0970 4788  [ 17D40652EF3E55EEAE187A89DF40965A ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
20:40:42.0971 4788  e1express - ok
20:40:42.0986 4788  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
20:40:42.0987 4788  E1G60 - ok
20:40:43.0012 4788  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
20:40:43.0013 4788  EapHost - ok
20:40:43.0026 4788  [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:40:43.0027 4788  Ecache - ok
20:40:43.0088 4788  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:40:43.0090 4788  ehRecvr - ok
20:40:43.0107 4788  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
20:40:43.0108 4788  ehSched - ok
20:40:43.0118 4788  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
20:40:43.0119 4788  ehstart - ok
20:40:43.0141 4788  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:40:43.0144 4788  elxstor - ok
20:40:43.0177 4788  [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:40:43.0180 4788  EMDMgmt - ok
20:40:43.0184 4788  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:40:43.0185 4788  ErrDev - ok
20:40:43.0222 4788  [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem     C:\Windows\system32\es.dll
20:40:43.0225 4788  EventSystem - ok
20:40:43.0231 4788  [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:40:43.0233 4788  exfat - ok
20:40:43.0245 4788  [ FE731D345ED9EEABBC72A59B35941834 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:40:43.0247 4788  fastfat - ok
20:40:43.0251 4788  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:40:43.0252 4788  fdc - ok
20:40:43.0273 4788  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
20:40:43.0274 4788  fdPHost - ok
20:40:43.0278 4788  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
20:40:43.0279 4788  FDResPub - ok
20:40:43.0284 4788  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:40:43.0285 4788  FileInfo - ok
20:40:43.0289 4788  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:40:43.0289 4788  Filetrace - ok
20:40:43.0294 4788  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:40:43.0294 4788  flpydisk - ok
20:40:43.0324 4788  [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:40:43.0326 4788  FltMgr - ok
20:40:43.0466 4788  [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:43.0467 4788  FontCache3.0.0.0 - ok
20:40:43.0487 4788  [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:40:43.0488 4788  Fs_Rec - ok
20:40:43.0509 4788  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:40:43.0510 4788  gagp30kx - ok
20:40:43.0591 4788  [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc           C:\Windows\System32\gpsvc.dll
20:40:43.0596 4788  gpsvc - ok
20:40:43.0705 4788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:43.0729 4788  gupdate - ok
20:40:43.0734 4788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:43.0735 4788  gupdatem - ok
20:40:43.0789 4788  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:40:43.0792 4788  HdAudAddService - ok
20:40:43.0809 4788  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:40:43.0810 4788  HDAudBus - ok
20:40:43.0832 4788  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:40:43.0833 4788  HidBth - ok
20:40:43.0838 4788  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:40:43.0839 4788  HidIr - ok
20:40:43.0882 4788  [ 0AA154538544E988429DA2D5AA803A6C ] hidserv         C:\Windows\system32\hidserv.dll
20:40:43.0884 4788  hidserv - ok
20:40:43.0912 4788  [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:40:43.0913 4788  HidUsb - ok
20:40:43.0936 4788  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:40:43.0938 4788  hkmsvc - ok
20:40:43.0963 4788  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:40:43.0964 4788  HpCISSs - ok
20:40:44.0000 4788  [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:40:44.0005 4788  HTTP - ok
20:40:44.0029 4788  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:40:44.0030 4788  i2omp - ok
20:40:44.0041 4788  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:40:44.0046 4788  i8042prt - ok
20:40:44.0083 4788  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:40:44.0086 4788  iaStorV - ok
20:40:44.0142 4788  [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:40:44.0153 4788  idsvc - ok
20:40:44.0320 4788  [ DF87170EC724080676C18D5A0AF87FC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:40:44.0390 4788  igfx - ok
20:40:44.0422 4788  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:40:44.0424 4788  iirsp - ok
20:40:44.0448 4788  [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:40:44.0453 4788  IKEEXT - ok
20:40:44.0500 4788  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
20:40:44.0502 4788  intelide - ok
20:40:44.0507 4788  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:40:44.0508 4788  intelppm - ok
20:40:44.0544 4788  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:40:44.0548 4788  IPBusEnum - ok
20:40:44.0564 4788  [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:40:44.0565 4788  IpFilterDriver - ok
20:40:44.0604 4788  [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:40:44.0606 4788  iphlpsvc - ok
20:40:44.0609 4788  IpInIp - ok
20:40:44.0614 4788  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:40:44.0615 4788  IPMIDRV - ok
20:40:44.0619 4788  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:40:44.0620 4788  IPNAT - ok
20:40:44.0624 4788  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:40:44.0625 4788  IRENUM - ok
20:40:44.0671 4788  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:40:44.0672 4788  isapnp - ok
20:40:44.0693 4788  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:40:44.0695 4788  iScsiPrt - ok
20:40:44.0708 4788  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:40:44.0715 4788  iteatapi - ok
20:40:44.0721 4788  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:40:44.0722 4788  iteraid - ok
20:40:44.0727 4788  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:40:44.0728 4788  kbdclass - ok
20:40:44.0732 4788  [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:40:44.0733 4788  kbdhid - ok
20:40:44.0751 4788  [ 80F4593E92FF960E4763380D3168E498 ] KeyIso          C:\Windows\system32\lsass.exe
20:40:44.0752 4788  KeyIso - ok
20:40:44.0830 4788  [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:40:44.0834 4788  KSecDD - ok
20:40:44.0858 4788  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:40:44.0858 4788  ksthunk - ok
20:40:44.0926 4788  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:40:44.0926 4788  KtmRm - ok
20:40:44.0942 4788  [ 6F212EDD7AAE8BD905C9E8824A34F8AE ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:40:44.0942 4788  LanmanServer - ok
20:40:44.0951 4788  [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:40:44.0959 4788  LanmanWorkstation - ok
20:40:44.0972 4788  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:40:44.0975 4788  lltdio - ok
20:40:45.0013 4788  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:40:45.0015 4788  lltdsvc - ok
20:40:45.0019 4788  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:40:45.0020 4788  lmhosts - ok
20:40:45.0028 4788  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:40:45.0029 4788  LSI_FC - ok
20:40:45.0040 4788  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:40:45.0041 4788  LSI_SAS - ok
20:40:45.0046 4788  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:40:45.0048 4788  LSI_SCSI - ok
20:40:45.0053 4788  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:40:45.0055 4788  luafv - ok
20:40:45.0071 4788  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:40:45.0072 4788  Mcx2Svc - ok
20:40:45.0088 4788  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
20:40:45.0089 4788  megasas - ok
20:40:45.0110 4788  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:40:45.0112 4788  MegaSR - ok
20:40:45.0123 4788  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
20:40:45.0125 4788  MMCSS - ok
20:40:45.0129 4788  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
20:40:45.0130 4788  Modem - ok
20:40:45.0133 4788  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:40:45.0134 4788  monitor - ok
20:40:45.0138 4788  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:40:45.0139 4788  mouclass - ok
20:40:45.0142 4788  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:40:45.0143 4788  mouhid - ok
20:40:45.0147 4788  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:40:45.0148 4788  MountMgr - ok
20:40:45.0193 4788  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:40:45.0194 4788  mpio - ok
20:40:45.0198 4788  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:40:45.0199 4788  mpsdrv - ok
20:40:45.0223 4788  [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:40:45.0227 4788  MpsSvc - ok
20:40:45.0240 4788  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:40:45.0241 4788  Mraid35x - ok
20:40:45.0254 4788  [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:40:45.0255 4788  MRxDAV - ok
20:40:45.0321 4788  [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:45.0322 4788  mrxsmb - ok
20:40:45.0360 4788  [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:45.0364 4788  mrxsmb10 - ok
20:40:45.0381 4788  [ F9425D610712533107A264E2D5B2154B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:45.0385 4788  mrxsmb20 - ok
20:40:45.0389 4788  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:40:45.0390 4788  msahci - ok
20:40:45.0406 4788  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:40:45.0408 4788  msdsm - ok
20:40:45.0420 4788  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
20:40:45.0422 4788  MSDTC - ok
20:40:45.0428 4788  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:40:45.0429 4788  Msfs - ok
20:40:45.0447 4788  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:40:45.0448 4788  msisadrv - ok
20:40:45.0466 4788  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:40:45.0467 4788  MSiSCSI - ok
20:40:45.0471 4788  msiserver - ok
20:40:45.0483 4788  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:40:45.0483 4788  MSKSSRV - ok
20:40:45.0487 4788  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:45.0488 4788  MSPCLOCK - ok
20:40:45.0491 4788  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:40:45.0492 4788  MSPQM - ok
20:40:45.0505 4788  [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:40:45.0509 4788  MsRPC - ok
20:40:45.0515 4788  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:40:45.0516 4788  mssmbios - ok
20:40:45.0522 4788  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:40:45.0523 4788  MSTEE - ok
20:40:45.0527 4788  [ DDF133501F68D6988A0F55DFA88637B4 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:40:45.0528 4788  Mup - ok
20:40:45.0558 4788  [ C25022CDD18980846973B598900915F8 ] napagent        C:\Windows\system32\qagentRT.dll
20:40:45.0564 4788  napagent - ok
20:40:45.0610 4788  [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:40:45.0611 4788  NativeWifiP - ok
20:40:45.0647 4788  [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:40:45.0651 4788  NDIS - ok
20:40:45.0656 4788  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:45.0657 4788  NdisTapi - ok
20:40:45.0660 4788  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:45.0661 4788  Ndisuio - ok
20:40:45.0666 4788  [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:45.0667 4788  NdisWan - ok
20:40:45.0673 4788  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:40:45.0674 4788  NDProxy - ok
20:40:45.0680 4788  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:40:45.0680 4788  NetBIOS - ok
20:40:45.0687 4788  [ 7A29CA243A629230799754162D80120F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:40:45.0689 4788  netbt - ok
20:40:45.0725 4788  [ 80F4593E92FF960E4763380D3168E498 ] Netlogon        C:\Windows\system32\lsass.exe
20:40:45.0726 4788  Netlogon - ok
20:40:45.0796 4788  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
20:40:45.0799 4788  Netman - ok
20:40:45.0862 4788  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
20:40:45.0879 4788  netprofm - ok
20:40:45.0909 4788  [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:40:45.0910 4788  NetTcpPortSharing - ok
20:40:45.0915 4788  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:40:45.0916 4788  nfrd960 - ok
20:40:45.0952 4788  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:40:45.0952 4788  NlaSvc - ok
20:40:45.0968 4788  [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:40:45.0968 4788  Npfs - ok
20:40:45.0968 4788  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
20:40:45.0968 4788  nsi - ok
20:40:45.0983 4788  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:40:45.0983 4788  nsiproxy - ok
20:40:46.0002 4788  [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:40:46.0011 4788  Ntfs - ok
20:40:46.0017 4788  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
20:40:46.0018 4788  Null - ok
20:40:46.0023 4788  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:40:46.0024 4788  nvraid - ok
20:40:46.0028 4788  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:40:46.0029 4788  nvstor - ok
20:40:46.0035 4788  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:40:46.0036 4788  nv_agp - ok
20:40:46.0039 4788  NwlnkFlt - ok
20:40:46.0043 4788  NwlnkFwd - ok
20:40:46.0067 4788  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:40:46.0069 4788  ohci1394 - ok
20:40:46.0092 4788  [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:40:46.0104 4788  p2pimsvc - ok
20:40:46.0118 4788  [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc          C:\Windows\system32\p2psvc.dll
20:40:46.0125 4788  p2psvc - ok
20:40:46.0133 4788  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
20:40:46.0134 4788  Parport - ok
20:40:46.0141 4788  [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:40:46.0142 4788  partmgr - ok
20:40:46.0147 4788  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:40:46.0151 4788  PcaSvc - ok
20:40:46.0168 4788  [ 2A5B2A51559066EA84742909B5B2CD69 ] pci             C:\Windows\system32\drivers\pci.sys
20:40:46.0170 4788  pci - ok
20:40:46.0188 4788  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:40:46.0189 4788  pciide - ok
20:40:46.0196 4788  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:40:46.0198 4788  pcmcia - ok
20:40:46.0216 4788  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:40:46.0242 4788  PEAUTH - ok
20:40:47.0085 4788  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:40:47.0086 4788  PerfHost - ok
20:40:47.0251 4788  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
20:40:47.0262 4788  pla - ok
20:40:47.0325 4788  [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:40:47.0333 4788  PlugPlay - ok
20:40:47.0366 4788  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:40:47.0373 4788  PNRPAutoReg - ok
20:40:47.0388 4788  [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:40:47.0395 4788  PNRPsvc - ok
20:40:47.0419 4788  [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:40:47.0423 4788  PolicyAgent - ok
20:40:47.0474 4788  [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:40:47.0476 4788  PptpMiniport - ok
20:40:47.0513 4788  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
20:40:47.0514 4788  Processor - ok
20:40:47.0623 4788  [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:40:47.0633 4788  ProfSvc - ok
20:40:47.0657 4788  [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:40:47.0658 4788  ProtectedStorage - ok
20:40:47.0687 4788  [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:40:47.0701 4788  PSched - ok
20:40:47.0739 4788  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:40:47.0749 4788  ql2300 - ok
20:40:47.0759 4788  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:40:47.0761 4788  ql40xx - ok
20:40:47.0778 4788  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
20:40:47.0784 4788  QWAVE - ok
20:40:47.0789 4788  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:40:47.0790 4788  QWAVEdrv - ok
20:40:47.0794 4788  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:40:47.0795 4788  RasAcd - ok
20:40:47.0820 4788  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
20:40:47.0824 4788  RasAuto - ok
20:40:47.0829 4788  [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:47.0831 4788  Rasl2tp - ok
20:40:47.0849 4788  [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan          C:\Windows\System32\rasmans.dll
20:40:47.0855 4788  RasMan - ok
20:40:47.0860 4788  [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:47.0861 4788  RasPppoe - ok
20:40:47.0875 4788  [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:40:47.0877 4788  RasSstp - ok
20:40:47.0885 4788  [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:40:47.0887 4788  rdbss - ok
20:40:47.0891 4788  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:40:47.0892 4788  RDPCDD - ok
20:40:47.0906 4788  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:40:47.0909 4788  rdpdr - ok
20:40:47.0917 4788  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:40:47.0918 4788  RDPENCDD - ok
20:40:47.0956 4788  [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:40:47.0958 4788  RDPWD - ok
20:40:47.0983 4788  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:40:47.0986 4788  RemoteAccess - ok
20:40:48.0000 4788  [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:40:48.0006 4788  RemoteRegistry - ok
20:40:48.0032 4788  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
20:40:48.0034 4788  RpcLocator - ok
20:40:48.0074 4788  [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs           C:\Windows\system32\rpcss.dll
20:40:48.0079 4788  RpcSs - ok
20:40:48.0087 4788  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:40:48.0089 4788  rspndr - ok
20:40:48.0115 4788  [ 80F4593E92FF960E4763380D3168E498 ] SamSs           C:\Windows\system32\lsass.exe
20:40:48.0116 4788  SamSs - ok
20:40:48.0122 4788  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:40:48.0123 4788  sbp2port - ok
20:40:48.0159 4788  [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:40:48.0173 4788  SCardSvr - ok
20:40:48.0229 4788  [ CE75D26E0A1106129F4D156851E298ED ] Schedule        C:\Windows\system32\schedsvc.dll
20:40:48.0242 4788  Schedule - ok
20:40:48.0270 4788  [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:40:48.0271 4788  SCPolicySvc - ok
20:40:48.0325 4788  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:40:48.0327 4788  SDRSVC - ok
20:40:48.0359 4788  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:40:48.0361 4788  secdrv - ok
20:40:48.0384 4788  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
20:40:48.0386 4788  seclogon - ok
20:40:48.0402 4788  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
20:40:48.0403 4788  SENS - ok
20:40:48.0407 4788  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:40:48.0407 4788  Serenum - ok
20:40:48.0421 4788  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
20:40:48.0422 4788  Serial - ok
20:40:48.0426 4788  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:40:48.0427 4788  sermouse - ok
20:40:48.0455 4788  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:40:48.0458 4788  SessionEnv - ok
20:40:48.0465 4788  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:40:48.0466 4788  sffdisk - ok
20:40:48.0470 4788  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:40:48.0471 4788  sffp_mmc - ok
20:40:48.0474 4788  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:40:48.0475 4788  sffp_sd - ok
20:40:48.0478 4788  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:40:48.0480 4788  sfloppy - ok
20:40:48.0513 4788  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:40:48.0516 4788  SharedAccess - ok
20:40:48.0593 4788  [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:48.0596 4788  ShellHWDetection - ok
20:40:48.0602 4788  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:40:48.0623 4788  SiSRaid2 - ok
20:40:48.0643 4788  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:40:48.0644 4788  SiSRaid4 - ok
20:40:48.0735 4788  [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc           C:\Windows\system32\SLsvc.exe
20:40:48.0747 4788  slsvc - ok
20:40:48.0752 4788  [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:40:48.0754 4788  SLUINotify - ok
20:40:48.0761 4788  [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:40:48.0762 4788  Smb - ok
20:40:48.0772 4788  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:40:48.0775 4788  SNMPTRAP - ok
20:40:48.0779 4788  [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:40:48.0781 4788  spldr - ok
20:40:48.0801 4788  [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler         C:\Windows\System32\spoolsv.exe
20:40:48.0803 4788  Spooler - ok
20:40:48.0848 4788  [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:40:48.0850 4788  srv - ok
20:40:48.0889 4788  [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:40:48.0890 4788  srv2 - ok
20:40:48.0903 4788  [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:40:48.0904 4788  srvnet - ok
20:40:48.0923 4788  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:40:48.0926 4788  SSDPSRV - ok
20:40:48.0943 4788  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:40:48.0947 4788  SstpSvc - ok
20:40:48.0974 4788  [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc          C:\Windows\System32\wiaservc.dll
20:40:48.0978 4788  stisvc - ok
20:40:48.0992 4788  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:40:48.0993 4788  swenum - ok
20:40:49.0016 4788  [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv           C:\Windows\System32\swprv.dll
20:40:49.0023 4788  swprv - ok
20:40:49.0029 4788  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:40:49.0030 4788  Symc8xx - ok
20:40:49.0036 4788  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:40:49.0038 4788  Sym_hi - ok
20:40:49.0043 4788  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:40:49.0046 4788  Sym_u3 - ok
20:40:49.0074 4788  [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain         C:\Windows\system32\sysmain.dll
20:40:49.0094 4788  SysMain - ok
20:40:49.0124 4788  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:49.0128 4788  TabletInputService - ok
20:40:49.0143 4788  [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:40:49.0146 4788  TapiSrv - ok
20:40:49.0160 4788  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
20:40:49.0164 4788  TBS - ok
20:40:49.0218 4788  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:40:49.0226 4788  Tcpip - ok
20:40:49.0260 4788  [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:40:49.0267 4788  Tcpip6 - ok
20:40:49.0289 4788  [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:40:49.0291 4788  tcpipreg - ok
20:40:49.0299 4788  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:40:49.0301 4788  TDPIPE - ok
20:40:49.0311 4788  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:40:49.0312 4788  TDTCP - ok
20:40:49.0318 4788  [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:40:49.0321 4788  tdx - ok
20:40:49.0330 4788  [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:40:49.0331 4788  TermDD - ok
20:40:49.0349 4788  [ F870A5589D6A94B426EFB13689023946 ] TermService     C:\Windows\System32\termsrv.dll
20:40:49.0352 4788  TermService - ok
20:40:49.0401 4788  [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes          C:\Windows\system32\shsvcs.dll
20:40:49.0404 4788  Themes - ok
20:40:49.0429 4788  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:40:49.0430 4788  THREADORDER - ok
20:40:49.0485 4788  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
20:40:49.0507 4788  TrkWks - ok
20:40:49.0557 4788  [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:49.0557 4788  TrustedInstaller - ok
20:40:49.0565 4788  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:49.0566 4788  tssecsrv - ok
20:40:49.0582 4788  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:40:49.0582 4788  tunmp - ok
20:40:49.0619 4788  [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:40:49.0620 4788  tunnel - ok
20:40:49.0625 4788  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:40:49.0626 4788  uagp35 - ok
20:40:49.0636 4788  [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:40:49.0639 4788  udfs - ok
20:40:49.0681 4788  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:40:49.0697 4788  UI0Detect - ok
20:40:49.0722 4788  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:40:49.0722 4788  uliagpkx - ok
20:40:49.0732 4788  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:40:49.0734 4788  uliahci - ok
20:40:49.0741 4788  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:40:49.0742 4788  UlSata - ok
20:40:49.0769 4788  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:40:49.0771 4788  ulsata2 - ok
20:40:49.0782 4788  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:40:49.0783 4788  umbus - ok
20:40:49.0845 4788  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
20:40:49.0848 4788  upnphost - ok
20:40:49.0898 4788  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:40:49.0899 4788  usbccgp - ok
20:40:49.0911 4788  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:40:49.0912 4788  usbcir - ok
20:40:49.0931 4788  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:40:49.0932 4788  usbehci - ok
20:40:49.0960 4788  [ 99045369AE3216216573D0775FD7ED56 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:40:49.0962 4788  usbhub - ok
20:40:49.0968 4788  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:40:49.0969 4788  usbohci - ok
20:40:49.0975 4788  [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:40:49.0976 4788  usbprint - ok
20:40:49.0994 4788  [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:40:49.0995 4788  USBSTOR - ok
20:40:50.0023 4788  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:40:50.0024 4788  usbuhci - ok
20:40:50.0046 4788  [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms           C:\Windows\System32\uxsms.dll
20:40:50.0065 4788  UxSms - ok
20:40:50.0101 4788  [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds             C:\Windows\System32\vds.exe
20:40:50.0109 4788  vds - ok
20:40:50.0123 4788  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:50.0124 4788  vga - ok
20:40:50.0130 4788  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:40:50.0131 4788  VgaSave - ok
20:40:50.0137 4788  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
20:40:50.0138 4788  viaide - ok
20:40:50.0160 4788  [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:40:50.0162 4788  volmgr - ok
20:40:50.0173 4788  [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:40:50.0177 4788  volmgrx - ok
20:40:50.0241 4788  [ DE4307412D98050239026E56A7DFF3C0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:40:50.0256 4788  volsnap - ok
20:40:50.0289 4788  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:40:50.0291 4788  vsmraid - ok
20:40:50.0437 4788  [ 186BD53F8A408AD20F5A056C05678629 ] VSS             C:\Windows\system32\vssvc.exe
20:40:50.0449 4788  VSS - ok
20:40:50.0558 4788  [ 23DE6F86133361C8DD5410E08A32BB3E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
20:40:50.0561 4788  VST64HWBS2 - ok
20:40:50.0777 4788  [ E6CD7F641916484B0141D191A390D866 ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:40:50.0800 4788  VST64_DPV - ok
20:40:50.0884 4788  [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time         C:\Windows\system32\w32time.dll
20:40:50.0888 4788  W32Time - ok
20:40:50.0955 4788  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:40:50.0956 4788  WacomPen - ok
20:40:50.0977 4788  [ AEA75207E443C8623C36B8D03596F84F ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:40:50.0978 4788  Wanarp - ok
20:40:50.0983 4788  [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:40:50.0984 4788  Wanarpv6 - ok
20:40:51.0078 4788  [ 055449247C490E24B968B44FE8A969EB ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:40:51.0095 4788  wcncsvc - ok
20:40:51.0108 4788  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:51.0112 4788  WcsPlugInService - ok
20:40:51.0118 4788  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
20:40:51.0119 4788  Wd - ok
20:40:51.0146 4788  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:40:51.0158 4788  Wdf01000 - ok
20:40:51.0171 4788  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:40:51.0176 4788  WdiServiceHost - ok
20:40:51.0181 4788  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:40:51.0183 4788  WdiSystemHost - ok
20:40:51.0198 4788  [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient       C:\Windows\System32\webclnt.dll
20:40:51.0204 4788  WebClient - ok
20:40:51.0230 4788  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:40:51.0233 4788  Wecsvc - ok
20:40:51.0271 4788  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:40:51.0278 4788  wercplsupport - ok
20:40:51.0310 4788  [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:40:51.0315 4788  WerSvc - ok
20:40:51.0511 4788  [ B5C348B265178FB9EE55ADDB3929485D ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:40:51.0517 4788  winachsf - ok
20:40:51.0542 4788  WinDefend - ok
20:40:51.0548 4788  WinHttpAutoProxySvc - ok
20:40:51.0832 4788  [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:40:51.0834 4788  Winmgmt - ok
20:40:51.0937 4788  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:40:51.0956 4788  WinRM - ok
20:40:52.0052 4788  [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:40:52.0061 4788  Wlansvc - ok
20:40:52.0108 4788  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:40:52.0109 4788  WmiAcpi - ok
20:40:52.0126 4788  [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:40:52.0129 4788  wmiApSrv - ok
20:40:52.0153 4788  WMPNetworkSvc - ok
20:40:52.0179 4788  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:40:52.0184 4788  WPCSvc - ok
20:40:52.0189 4788  [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:40:52.0193 4788  WPDBusEnum - ok
20:40:52.0202 4788  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:40:52.0210 4788  ws2ifsl - ok
20:40:52.0258 4788  [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:40:52.0258 4788  wscsvc - ok
20:40:52.0258 4788  WSearch - ok
20:40:52.0418 4788  [ 69F2BC7B46E3E15C8EC688F42A65B57F ] wuauserv        C:\Windows\system32\wuaueng.dll
20:40:52.0432 4788  wuauserv - ok
20:40:52.0503 4788  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:52.0506 4788  WUDFRd - ok
20:40:52.0518 4788  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:40:52.0521 4788  wudfsvc - ok
20:40:52.0526 4788  ================ Scan global ===============================
20:40:52.0553 4788  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
20:40:52.0622 4788  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
20:40:52.0675 4788  [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
20:40:52.0701 4788  [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
20:40:52.0705 4788  [Global] - ok
20:40:52.0707 4788  ================ Scan MBR ==================================
20:40:52.0716 4788  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
20:40:54.0032 4788  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:40:54.0032 4788  \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:40:54.0032 4788  ================ Scan VBR ==================================
20:40:54.0054 4788  [ 01B46A372568B8B8D1AC0C4B2D92B382 ] \Device\Harddisk0\DR0\Partition1
20:40:54.0077 4788  \Device\Harddisk0\DR0\Partition1 - ok
20:40:54.0092 4788  [ BDD661804011D7E09D285C9B01231CB8 ] \Device\Harddisk0\DR0\Partition2
20:40:54.0094 4788  \Device\Harddisk0\DR0\Partition2 - ok
20:40:54.0095 4788  ============================================================
20:40:54.0095 4788  Scan finished
20:40:54.0095 4788  ============================================================
20:40:54.0106 4792  Detected object count: 1
20:40:54.0106 4792  Actual detected object count: 1
20:40:58.0811 4792  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:40:58.0847 4792  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:40:59.0213 4792  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:40:59.0230 4792  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:40:59.0232 4792  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:40:59.0233 4792  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:40:59.0235 4792  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:40:59.0239 4792  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:40:59.0242 4792  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:40:59.0253 4792  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:40:59.0256 4792  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:40:59.0258 4792  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:40:59.0304 4792  \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
20:40:59.0306 4792  \Device\Harddisk0\DR0\TDLFS - deleted
20:40:59.0306 4792  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 
 
___________________________________________________
 
 
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.07.11
 
Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
nelson :: NELSON-PC [administrator]
 
2/7/2013 8:41:30 PM
mbam-log-2013-02-07 (20-41-30).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204335
Time elapsed: 1 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 07 February 2013 - 09:34 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



#13 eric12401

eric12401
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 08 February 2013 - 06:41 AM

Excellent, thank you very much!!



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 08 February 2013 - 07:02 AM

You're most welcome :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users