Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Java Update installed


  • Please log in to reply
7 replies to this topic

#1 markanthonyjohn

markanthonyjohn

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 May 2013 - 08:32 AM

Hello all, I am new to the forum, so please accept my apologies if I leave any information out.

 

I use google chrome and this morning upon startup I received a popup asking me to install the newest version of Flash, so I did.  After that I realized it was fake because the installation file went missing. 

 

I did a search and found a post by Gringo essentially addressing my problem, but I have not run any programs since I would await any specific instructions.  Your help is much appreciated and thank you in advance.

 

Mark.

 

 

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 17 May 2013 - 09:33 AM

Welcome Mark, please run these and see if it's gone.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

>>>>

Download Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
>>>>>

Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 markanthonyjohn

markanthonyjohn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 May 2013 - 11:38 AM

Thanks for the prompt response!

 

Here are my scan results:

 

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by mfantin (administrator) on 17-05-2013 at 11:23:29
Running from "C:\Users\MFantin.STARR\Downloads"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MFANTIN-PC
   Primary Dns Suffix  . . . . . . . : starr.local
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : starr.local
                                       starr
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : starr
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 8C-89-A5-BF-3E-39
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e0a8:1230:cdc2:2714%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.119(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 17, 2013 9:43:17 AM
   Lease Expires . . . . . . . . . . : Saturday, May 18, 2013 9:43:17 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 260868517
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E2-52-BD-8C-89-A5-BF-3E-39
   DNS Servers . . . . . . . . . . . : 192.168.0.110
                                       192.168.0.1
                                       192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.starr:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : starr
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  vserver.starr.local
Address:  192.168.0.110
 
Name:    google.com
Addresses:  2607:f8b0:4004:803::1005
 74.125.228.101
 74.125.228.104
 74.125.228.103
 74.125.228.102
 74.125.228.100
 74.125.228.98
 74.125.228.97
 74.125.228.105
 74.125.228.110
 74.125.228.96
 74.125.228.99
 
 
Pinging google.com [74.125.228.33] with 32 bytes of data:
Reply from 74.125.228.33: bytes=32 time=11ms TTL=252
Reply from 74.125.228.33: bytes=32 time=11ms TTL=252
 
Ping statistics for 74.125.228.33:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 11ms, Average = 11ms
Server:  vserver.starr.local
Address:  192.168.0.110
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=825ms TTL=49
Reply from 206.190.36.45: bytes=32 time=823ms TTL=48
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 823ms, Maximum = 825ms, Average = 824ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...8c 89 a5 bf 3e 39 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.119     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.119    266
    192.168.0.119  255.255.255.255         On-link     192.168.0.119    266
    192.168.0.255  255.255.255.255         On-link     192.168.0.119    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.119    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.119    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    266 fe80::/64                On-link
 12    266 fe80::e0a8:1230:cdc2:2714/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/17/2013 09:44:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2013 09:41:38 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {915c2177-ec47-403a-b6ec-b9933dfbd96c}
 
 
System errors:
=============
Error: (05/17/2013 09:43:16 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain STARR due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
 
Microsoft Office Sessions:
=========================
Error: (05/17/2013 09:44:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2013 09:41:38 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {915c2177-ec47-403a-b6ec-b9933dfbd96c}
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-14 22:18:48.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 21:56:19.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 21:36:48.613
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-10 08:45:00.864
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-08 23:04:58.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-08 22:42:51.147
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-08 22:22:46.169
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-08 22:11:37.808
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-03 18:21:23.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-03 17:54:14.161
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (Version: 7.1.7)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.7)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
A-PDF Watermark
Application Profiles (Version: 2.0.4273.33792)
Belarc Advisor 8.2 (Version: 8.2.7.11)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
ccc-utility (Version: 2012.0405.2205.37728)
CCleaner (Version: 3.24)
CyberLink Power2Go (Version: 7.0.0.1607)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
E-Transcript Bundle Viewer (Version: 5.5.2.151)
GFI Business Agent (Version: 6.0.5481)
Google Calendar Sync
Google Chrome (Version: 26.0.1410.64)
Google Talk Plugin (Version: 3.16.0.12200)
Google Talk Plugin (Version: 3.19.1.13088)
Google Update Helper (Version: 1.3.21.145)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
ISYS Workgroup 10 (Version: 10.0)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
Juris Application (Version: 2.40.8)
KONICA MINOLTA bizhub 751/601
KONICA MINOLTA C652Series
Live Update 5 (Version: 5.0.086)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Lync 2010 (Version: 4.0.7577.4388)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office Subscription (English) 2010 (Version: 14.0.6114.5000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus Subscription 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Online Services Sign-in Assistant (Version: 7.250.4287.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Photo Gallery (Version: 16.4.3505.0912)
Realtek Ethernet Controller Driver (Version: 7.46.610.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6410)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
Revo Uninstaller 1.94 (Version: 1.94)
swMSM (Version: 12.0.0.1)
SysTools OST Recovery v3.5.0.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Small Business Server 2011 Standard ClientAgent (Version: 6.1.7900.1)
Windows Small Business Server 2011 Standard WMI Provider (Version: 6.1.7900.1)
WordPerfect Office 12 - Small Business Edition Software Bundle (Version: 12)
WordPerfect Office 12 - Small Business Edition, Task Manager (Version: 12.0)
WordPerfect Office 12 (Version: 12.3.0)
WordPerfect OfficeReady
 
========================= Memory info: ===================================
 
Percentage of memory in use: 42%
Total physical RAM: 3054.46 MB
Available physical RAM: 1768.8 MB
Total Pagefile: 6107.22 MB
Available Pagefile: 4500.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.1 MB
 
========================= Partitions: =====================================
 
1 Drive c: (WINDOWS) (Fixed) (Total:425.27 GB) (Free:338.18 GB) NTFS
2 Drive d: (ImageBackup) (Fixed) (Total:40 GB) (Free:36.26 GB) NTFS
5 Drive i: (Storage) (Network) (Total:586.41 GB) (Free:370.15 GB) NTFS
6 Drive o: (RAIDVOL) (Network) (Total:905.97 GB) (Free:600.66 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MFANTIN-PC
 
Admin                    Administrator            Guest                    
 
 
**** End of log ****
 

 

 

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.05.17.05
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
mfantin :: MFANTIN-PC [administrator]
 
5/17/2013 11:25:59 AM
mbam-log-2013-05-17 (11-25-59).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 253009
Time elapsed: 4 minute(s), 19 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

 

 

 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
 
Database version: v2013.05.17.05
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
mfantin :: MFANTIN-PC [administrator]
 
5/17/2013 11:39:14 AM
mbar-log-2013-05-17 (11-39-14).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28782
Time elapsed: 7 minute(s), 11 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

 

 

 

 

 

 

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 3202838528, free: 1769717760
 
------------ Kernel report ------------
     05/17/2013 11:31:35
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStorV.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW73.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\MBfilt32.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\lvbusflt.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs.sys
\SystemRoot\system32\DRIVERS\lvuvc.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\sbapifs.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\rdpdr.sys
\SystemRoot\system32\drivers\tdtcp.sys
\SystemRoot\System32\DRIVERS\tssecsrv.sys
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\usp10.dll
\Windows\System32\urlmon.dll
\Windows\System32\imm32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\lpk.dll
\Windows\System32\nsi.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\kernel32.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\psapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\wininet.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shell32.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8844d030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xffffffff86101028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.05.17.05
Downloaded database version: v2013.05.14.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8844d030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8844dd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8844d030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86101028, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffaf7016f0, 0xffffffff8844d030, 0xffffffff884da048
Lower DeviceData: 0xffffffffb72cbdd8, 0xffffffff86101028, 0xffffffff884d9240
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2A59C329
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 83886080
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 84912128  Numsec = 891858944
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Performing system, memory and registry scan...
Read File: File "c:\ProgramData\{34103E53-AC5B-4F22-B3E9-F6108EFC81D0}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{34103E53-AC5B-4F22-B3E9-F6108EFC81D0}\instance.dat" is compressed (flags = 1)
Done!
Scan finished
=======================================
 
 

 

[ESETScan LOG:

 

 

 

C:\$Recycle.Bin\S-1-5-21-500672762-217732789-3162844301-1202\$R3JJG1K.exe a variant of Win32/GetNow.A application


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 17 May 2013 - 01:45 PM

Ok, lets do this next
 
Please download Rkill by Grinler and save it to your desktop.
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.
 
 
 
Please Download[url="http://www.bleepingcomputer.com/download/tdsskiller/dl/4/"] TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 markanthonyjohn

markanthonyjohn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 May 2013 - 01:57 PM

Thanks again for the quick replies.  Here are the logs:

 

 

Rkill 2.4.8 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 05/17/2013 02:54:48 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 05/17/2013 02:55:20 PM
Execution time: 0 hours(s), 0 minute(s), and 32 seconds(s)
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 05/17/2013 02:55:24 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)
 

 

 

 

 

 

14:56:41.0515 7560  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:56:41.0821 7560  ============================================================
14:56:41.0822 7560  Current date / time: 2013/05/17 14:56:41.0821
14:56:41.0822 7560  SystemInfo:
14:56:41.0822 7560  
14:56:41.0822 7560  OS Version: 6.1.7601 ServicePack: 1.0
14:56:41.0822 7560  Product type: Workstation
14:56:41.0822 7560  ComputerName: MFANTIN-PC
14:56:41.0822 7560  UserName: mfantin
14:56:41.0822 7560  Windows directory: C:\Windows
14:56:41.0822 7560  System windows directory: C:\Windows
14:56:41.0822 7560  Processor architecture: Intel x86
14:56:41.0822 7560  Number of processors: 8
14:56:41.0822 7560  Page size: 0x1000
14:56:41.0822 7560  Boot type: Normal boot
14:56:41.0822 7560  ============================================================
14:56:42.0191 7560  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:56:42.0192 7560  ============================================================
14:56:42.0192 7560  \Device\Harddisk0\DR0:
14:56:42.0193 7560  MBR partitions:
14:56:42.0193 7560  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
14:56:42.0204 7560  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFB000, BlocksNum 0x4FFF800
14:56:42.0204 7560  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50FA800, BlocksNum 0x3528B000
14:56:42.0204 7560  ============================================================
14:56:42.0221 7560  C: <-> \Device\Harddisk0\DR0\Partition3
14:56:42.0250 7560  D: <-> \Device\Harddisk0\DR0\Partition2
14:56:42.0250 7560  ============================================================
14:56:42.0250 7560  Initialize success
14:56:42.0251 7560  ============================================================
14:56:54.0383 7212  ============================================================
14:56:54.0383 7212  Scan started
14:56:54.0383 7212  Mode: Manual; TDLFS; 
14:56:54.0383 7212  ============================================================
14:56:55.0316 7212  ================ Scan system memory ========================
14:56:55.0316 7212  System memory - ok
14:56:55.0317 7212  ================ Scan services =============================
14:56:55.0478 7212  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:56:55.0482 7212  1394ohci - ok
14:56:55.0521 7212  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:56:55.0525 7212  ACPI - ok
14:56:55.0556 7212  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:56:55.0558 7212  AcpiPmi - ok
14:56:55.0764 7212  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:55.0766 7212  AdobeARMservice - ok
14:56:55.0860 7212  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:55.0867 7212  AdobeFlashPlayerUpdateSvc - ok
14:56:55.0993 7212  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:56:56.0000 7212  adp94xx - ok
14:56:56.0036 7212  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:56:56.0041 7212  adpahci - ok
14:56:56.0064 7212  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:56:56.0071 7212  adpu320 - ok
14:56:56.0139 7212  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:56:56.0144 7212  AeLookupSvc - ok
14:56:56.0255 7212  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
14:56:56.0258 7212  AFD - ok
14:56:56.0297 7212  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
14:56:56.0298 7212  agp440 - ok
14:56:56.0337 7212  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:56:56.0341 7212  aic78xx - ok
14:56:56.0368 7212  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
14:56:56.0374 7212  ALG - ok
14:56:56.0413 7212  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:56:56.0414 7212  aliide - ok
14:56:56.0462 7212  [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:56:56.0465 7212  AMD External Events Utility - ok
14:56:56.0469 7212  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:56:56.0471 7212  amdagp - ok
14:56:56.0474 7212  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:56:56.0475 7212  amdide - ok
14:56:56.0491 7212  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:56:56.0493 7212  AmdK8 - ok
14:56:56.0666 7212  [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:56:56.0796 7212  amdkmdag - ok
14:56:56.0844 7212  [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:56:56.0849 7212  amdkmdap - ok
14:56:56.0878 7212  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:56:56.0880 7212  AmdPPM - ok
14:56:56.0912 7212  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:56:56.0914 7212  amdsata - ok
14:56:56.0942 7212  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:56:56.0945 7212  amdsbs - ok
14:56:56.0963 7212  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:56:56.0965 7212  amdxata - ok
14:56:56.0972 7212  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
14:56:56.0974 7212  AppID - ok
14:56:57.0001 7212  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:56:57.0002 7212  AppIDSvc - ok
14:56:57.0034 7212  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
14:56:57.0035 7212  Appinfo - ok
14:56:57.0052 7212  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:56:57.0054 7212  AppMgmt - ok
14:56:57.0087 7212  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
14:56:57.0090 7212  arc - ok
14:56:57.0094 7212  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:56:57.0096 7212  arcsas - ok
14:56:57.0119 7212  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:56:57.0120 7212  AsyncMac - ok
14:56:57.0147 7212  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
14:56:57.0147 7212  atapi - ok
14:56:57.0190 7212  [ 6ADC42CF4A6AB84975CA63DCCFAAF5D8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
14:56:57.0192 7212  AtiHDAudioService - ok
14:56:57.0223 7212  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:56:57.0230 7212  AudioEndpointBuilder - ok
14:56:57.0238 7212  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:56:57.0243 7212  Audiosrv - ok
14:56:57.0263 7212  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:56:57.0265 7212  AxInstSV - ok
14:56:57.0304 7212  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
14:56:57.0311 7212  b06bdrv - ok
14:56:57.0338 7212  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:56:57.0342 7212  b57nd60x - ok
14:56:57.0403 7212  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:56:57.0405 7212  BDESVC - ok
14:56:57.0415 7212  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:56:57.0416 7212  Beep - ok
14:56:57.0437 7212  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
14:56:57.0445 7212  BFE - ok
14:56:57.0473 7212  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
14:56:57.0481 7212  BITS - ok
14:56:57.0503 7212  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:56:57.0505 7212  blbdrive - ok
14:56:57.0533 7212  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:56:57.0535 7212  bowser - ok
14:56:57.0555 7212  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:56:57.0557 7212  BrFiltLo - ok
14:56:57.0571 7212  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:56:57.0572 7212  BrFiltUp - ok
14:56:57.0619 7212  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
14:56:57.0621 7212  Browser - ok
14:56:57.0641 7212  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:56:57.0646 7212  Brserid - ok
14:56:57.0657 7212  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:56:57.0659 7212  BrSerWdm - ok
14:56:57.0676 7212  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:56:57.0678 7212  BrUsbMdm - ok
14:56:57.0694 7212  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:56:57.0695 7212  BrUsbSer - ok
14:56:57.0707 7212  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:56:57.0709 7212  BTHMODEM - ok
14:56:57.0750 7212  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
14:56:57.0752 7212  bthserv - ok
14:56:57.0775 7212  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:56:57.0776 7212  cdfs - ok
14:56:57.0801 7212  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:56:57.0803 7212  cdrom - ok
14:56:57.0822 7212  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:56:57.0824 7212  CertPropSvc - ok
14:56:57.0840 7212  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:56:57.0841 7212  circlass - ok
14:56:57.0862 7212  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
14:56:57.0866 7212  CLFS - ok
14:56:57.0913 7212  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0915 7212  clr_optimization_v2.0.50727_32 - ok
14:56:57.0969 7212  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0974 7212  clr_optimization_v4.0.30319_32 - ok
14:56:58.0005 7212  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:56:58.0006 7212  CmBatt - ok
14:56:58.0032 7212  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:56:58.0034 7212  cmdide - ok
14:56:58.0089 7212  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:56:58.0095 7212  CNG - ok
14:56:58.0099 7212  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:56:58.0100 7212  Compbatt - ok
14:56:58.0138 7212  [ 9704B9C442E3EF2989746D08F80A3743 ] CompFilter      C:\Windows\system32\DRIVERS\lvbusflt.sys
14:56:58.0140 7212  CompFilter - ok
14:56:58.0178 7212  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:56:58.0180 7212  CompositeBus - ok
14:56:58.0192 7212  COMSysApp - ok
14:56:58.0207 7212  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:56:58.0209 7212  crcdisk - ok
14:56:58.0248 7212  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:56:58.0250 7212  CryptSvc - ok
14:56:58.0265 7212  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
14:56:58.0271 7212  CSC - ok
14:56:58.0301 7212  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
14:56:58.0310 7212  CscService - ok
14:56:58.0339 7212  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:56:58.0345 7212  DcomLaunch - ok
14:56:58.0371 7212  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:56:58.0376 7212  defragsvc - ok
14:56:58.0401 7212  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:56:58.0404 7212  DfsC - ok
14:56:58.0427 7212  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:56:58.0432 7212  Dhcp - ok
14:56:58.0448 7212  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
14:56:58.0450 7212  discache - ok
14:56:58.0478 7212  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
14:56:58.0479 7212  Disk - ok
14:56:58.0497 7212  [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:56:58.0499 7212  dmvsc - ok
14:56:58.0525 7212  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:56:58.0528 7212  Dnscache - ok
14:56:58.0543 7212  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:56:58.0548 7212  dot3svc - ok
14:56:58.0559 7212  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
14:56:58.0563 7212  DPS - ok
14:56:58.0596 7212  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:56:58.0597 7212  drmkaud - ok
14:56:58.0632 7212  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:56:58.0643 7212  DXGKrnl - ok
14:56:58.0656 7212  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
14:56:58.0659 7212  EapHost - ok
14:56:58.0731 7212  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
14:56:58.0762 7212  ebdrv - ok
14:56:58.0781 7212  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
14:56:58.0782 7212  EFS - ok
14:56:58.0822 7212  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:56:58.0831 7212  ehRecvr - ok
14:56:58.0845 7212  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
14:56:58.0847 7212  ehSched - ok
14:56:58.0910 7212  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:56:58.0917 7212  elxstor - ok
14:56:58.0933 7212  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:56:58.0934 7212  ErrDev - ok
14:56:58.0975 7212  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
14:56:58.0979 7212  EventSystem - ok
14:56:58.0992 7212  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:56:58.0996 7212  exfat - ok
14:56:59.0007 7212  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:56:59.0009 7212  fastfat - ok
14:56:59.0040 7212  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
14:56:59.0048 7212  Fax - ok
14:56:59.0081 7212  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
14:56:59.0083 7212  fdc - ok
14:56:59.0106 7212  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:56:59.0108 7212  fdPHost - ok
14:56:59.0119 7212  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
14:56:59.0122 7212  FDResPub - ok
14:56:59.0129 7212  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:56:59.0131 7212  FileInfo - ok
14:56:59.0141 7212  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:56:59.0143 7212  Filetrace - ok
14:56:59.0164 7212  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:56:59.0166 7212  flpydisk - ok
14:56:59.0183 7212  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:56:59.0186 7212  FltMgr - ok
14:56:59.0253 7212  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
14:56:59.0266 7212  FontCache - ok
14:56:59.0314 7212  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:56:59.0316 7212  FontCache3.0.0.0 - ok
14:56:59.0329 7212  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:56:59.0331 7212  FsDepends - ok
14:56:59.0370 7212  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:56:59.0371 7212  Fs_Rec - ok
14:56:59.0404 7212  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:56:59.0408 7212  fvevol - ok
14:56:59.0425 7212  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:56:59.0427 7212  gagp30kx - ok
14:56:59.0489 7212  [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
14:56:59.0490 7212  gfiark - ok
14:56:59.0521 7212  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:56:59.0530 7212  gpsvc - ok
14:56:59.0569 7212  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:56:59.0571 7212  gupdate - ok
14:56:59.0589 7212  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:56:59.0591 7212  gupdatem - ok
14:56:59.0617 7212  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:56:59.0619 7212  hcw85cir - ok
14:56:59.0642 7212  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:56:59.0647 7212  HdAudAddService - ok
14:56:59.0676 7212  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:56:59.0679 7212  HDAudBus - ok
14:56:59.0682 7212  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:56:59.0684 7212  HidBatt - ok
14:56:59.0705 7212  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:56:59.0707 7212  HidBth - ok
14:56:59.0740 7212  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:56:59.0741 7212  HidIr - ok
14:56:59.0765 7212  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
14:56:59.0768 7212  hidserv - ok
14:56:59.0783 7212  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:56:59.0784 7212  HidUsb - ok
14:56:59.0807 7212  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:56:59.0811 7212  hkmsvc - ok
14:56:59.0831 7212  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:56:59.0836 7212  HomeGroupListener - ok
14:56:59.0854 7212  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:56:59.0859 7212  HomeGroupProvider - ok
14:56:59.0888 7212  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:56:59.0891 7212  HpSAMD - ok
14:56:59.0922 7212  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:56:59.0927 7212  HTTP - ok
14:56:59.0935 7212  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:56:59.0936 7212  hwpolicy - ok
14:56:59.0961 7212  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:56:59.0963 7212  i8042prt - ok
14:57:00.0009 7212  [ DB81F413FA4E3F328CAD7B5D59EF3F21 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:57:00.0014 7212  iaStor - ok
14:57:00.0098 7212  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:57:00.0100 7212  IAStorDataMgrSvc - ok
14:57:00.0127 7212  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:57:00.0132 7212  iaStorV - ok
14:57:00.0186 7212  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:57:00.0200 7212  idsvc - ok
14:57:00.0224 7212  [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM          C:\Windows\system32\drivers\IFXTPM.SYS
14:57:00.0226 7212  IFXTPM - ok
14:57:00.0323 7212  [ AD626F6964F4D364D226C39E06872DD3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:57:00.0363 7212  igfx - ok
14:57:00.0410 7212  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:57:00.0412 7212  iirsp - ok
14:57:00.0445 7212  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:57:00.0455 7212  IKEEXT - ok
14:57:00.0531 7212  [ 7C5AFED75CF690DF0610DF01A9561AEB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:57:00.0561 7212  IntcAzAudAddService - ok
14:57:00.0583 7212  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:57:00.0583 7212  intelide - ok
14:57:00.0611 7212  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:57:00.0613 7212  intelppm - ok
14:57:00.0635 7212  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:57:00.0639 7212  IPBusEnum - ok
14:57:00.0655 7212  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:00.0656 7212  IpFilterDriver - ok
14:57:00.0706 7212  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:57:00.0714 7212  iphlpsvc - ok
14:57:00.0729 7212  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:57:00.0731 7212  IPMIDRV - ok
14:57:00.0746 7212  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:57:00.0748 7212  IPNAT - ok
14:57:00.0778 7212  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:57:00.0779 7212  IRENUM - ok
14:57:00.0810 7212  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:57:00.0811 7212  isapnp - ok
14:57:00.0827 7212  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:57:00.0831 7212  iScsiPrt - ok
14:57:00.0852 7212  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:00.0853 7212  kbdclass - ok
14:57:00.0856 7212  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:00.0858 7212  kbdhid - ok
14:57:00.0872 7212  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
14:57:00.0875 7212  KeyIso - ok
14:57:00.0914 7212  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:57:00.0916 7212  KSecDD - ok
14:57:00.0927 7212  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:57:00.0930 7212  KSecPkg - ok
14:57:00.0952 7212  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:57:00.0958 7212  KtmRm - ok
14:57:00.0990 7212  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:57:00.0995 7212  LanmanServer - ok
14:57:01.0026 7212  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:01.0031 7212  LanmanWorkstation - ok
14:57:01.0087 7212  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:57:01.0091 7212  lltdio - ok
14:57:01.0140 7212  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:57:01.0145 7212  lltdsvc - ok
14:57:01.0163 7212  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:57:01.0166 7212  lmhosts - ok
14:57:01.0190 7212  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:57:01.0193 7212  LSI_FC - ok
14:57:01.0223 7212  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:57:01.0226 7212  LSI_SAS - ok
14:57:01.0242 7212  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:57:01.0244 7212  LSI_SAS2 - ok
14:57:01.0261 7212  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:57:01.0264 7212  LSI_SCSI - ok
14:57:01.0300 7212  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
14:57:01.0302 7212  luafv - ok
14:57:01.0340 7212  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
14:57:01.0345 7212  LVRS - ok
14:57:01.0415 7212  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
14:57:01.0466 7212  LVUVC - ok
14:57:01.0495 7212  [ 29CB85A1FE091C9D3AA3C72D66DF3E69 ] MBfilt          C:\Windows\system32\drivers\MBfilt32.sys
14:57:01.0496 7212  MBfilt - ok
14:57:01.0517 7212  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:57:01.0519 7212  Mcx2Svc - ok
14:57:01.0552 7212  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:57:01.0554 7212  megasas - ok
14:57:01.0565 7212  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:57:01.0569 7212  MegaSR - ok
14:57:01.0591 7212  [ D86AC00883B9C98B570E7643AAF8E554 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
14:57:01.0593 7212  MEI - ok
14:57:01.0643 7212  Microsoft SharePoint Workspace Audit Service - ok
14:57:01.0671 7212  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
14:57:01.0674 7212  MMCSS - ok
14:57:01.0685 7212  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
14:57:01.0686 7212  Modem - ok
14:57:01.0712 7212  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:57:01.0714 7212  monitor - ok
14:57:01.0730 7212  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:57:01.0731 7212  mouclass - ok
14:57:01.0754 7212  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:57:01.0755 7212  mouhid - ok
14:57:01.0775 7212  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:57:01.0777 7212  mountmgr - ok
14:57:01.0828 7212  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:57:01.0831 7212  MozillaMaintenance - ok
14:57:01.0848 7212  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:57:01.0851 7212  mpio - ok
14:57:01.0866 7212  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:57:01.0868 7212  mpsdrv - ok
14:57:01.0898 7212  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:57:01.0908 7212  MpsSvc - ok
14:57:01.0926 7212  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:57:01.0927 7212  MRxDAV - ok
14:57:01.0962 7212  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:01.0964 7212  mrxsmb - ok
14:57:02.0015 7212  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:02.0019 7212  mrxsmb10 - ok
14:57:02.0024 7212  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:02.0026 7212  mrxsmb20 - ok
14:57:02.0041 7212  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
14:57:02.0043 7212  msahci - ok
14:57:02.0068 7212  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:57:02.0070 7212  msdsm - ok
14:57:02.0089 7212  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
14:57:02.0094 7212  MSDTC - ok
14:57:02.0105 7212  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:57:02.0107 7212  Msfs - ok
14:57:02.0114 7212  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:57:02.0115 7212  mshidkmdf - ok
14:57:02.0128 7212  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:57:02.0130 7212  msisadrv - ok
14:57:02.0156 7212  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:57:02.0159 7212  MSiSCSI - ok
14:57:02.0162 7212  msiserver - ok
14:57:02.0232 7212  [ 3846C05A66A3F5CD1D33E1A323C1762C ] MSI_MSIBIOS_010507 C:\Program Files\MSI\Live Update 5\msibios32_100507.sys
14:57:02.0235 7212  MSI_MSIBIOS_010507 - ok
14:57:02.0253 7212  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:57:02.0254 7212  MSKSSRV - ok
14:57:02.0334 7212  [ 49AAB9D55319DB55A7D36167656D412A ] msoidsvc        C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
14:57:02.0354 7212  msoidsvc - ok
14:57:02.0369 7212  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:02.0370 7212  MSPCLOCK - ok
14:57:02.0418 7212  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:57:02.0419 7212  MSPQM - ok
14:57:02.0432 7212  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:57:02.0436 7212  MsRPC - ok
14:57:02.0446 7212  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:57:02.0448 7212  mssmbios - ok
14:57:02.0468 7212  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:57:02.0470 7212  MSTEE - ok
14:57:02.0481 7212  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:57:02.0483 7212  MTConfig - ok
14:57:02.0493 7212  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:57:02.0494 7212  Mup - ok
14:57:02.0513 7212  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
14:57:02.0520 7212  napagent - ok
14:57:02.0542 7212  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:57:02.0547 7212  NativeWifiP - ok
14:57:02.0592 7212  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:57:02.0599 7212  NDIS - ok
14:57:02.0615 7212  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:02.0617 7212  NdisCap - ok
14:57:02.0649 7212  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:02.0650 7212  NdisTapi - ok
14:57:02.0676 7212  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:02.0677 7212  Ndisuio - ok
14:57:02.0693 7212  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:02.0695 7212  NdisWan - ok
14:57:02.0707 7212  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:57:02.0708 7212  NDProxy - ok
14:57:02.0759 7212  [ 90EB97C8DBF11BB0016C51946AC5ECD6 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:57:02.0761 7212  Net Driver HPZ12 - ok
14:57:02.0771 7212  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:57:02.0772 7212  NetBIOS - ok
14:57:02.0794 7212  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:57:02.0796 7212  NetBT - ok
14:57:02.0806 7212  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
14:57:02.0808 7212  Netlogon - ok
14:57:02.0840 7212  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
14:57:02.0844 7212  Netman - ok
14:57:02.0861 7212  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
14:57:02.0868 7212  netprofm - ok
14:57:02.0888 7212  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:57:02.0891 7212  NetTcpPortSharing - ok
14:57:02.0925 7212  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:57:02.0927 7212  nfrd960 - ok
14:57:02.0959 7212  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:57:02.0965 7212  NlaSvc - ok
14:57:02.0978 7212  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:57:02.0980 7212  Npfs - ok
14:57:03.0006 7212  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
14:57:03.0009 7212  nsi - ok
14:57:03.0023 7212  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:57:03.0025 7212  nsiproxy - ok
14:57:03.0082 7212  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:57:03.0091 7212  Ntfs - ok
14:57:03.0159 7212  [ CD2166C9511D336A058CDE91778AAA69 ] NTIOLib_1_0_4   C:\Program Files\MSI\Live Update 5\NTIOLib.sys
14:57:03.0161 7212  NTIOLib_1_0_4 - ok
14:57:03.0184 7212  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
14:57:03.0185 7212  Null - ok
14:57:03.0211 7212  [ 2DA2169C7CAFDA18DE0CB4CB15630E0F ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
14:57:03.0214 7212  nusb3hub - ok
14:57:03.0229 7212  [ 46663F90EF648DB8225EE57B7ACFC20C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:57:03.0232 7212  nusb3xhc - ok
14:57:03.0261 7212  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:57:03.0264 7212  nvraid - ok
14:57:03.0269 7212  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:57:03.0273 7212  nvstor - ok
14:57:03.0295 7212  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:57:03.0297 7212  nv_agp - ok
14:57:03.0332 7212  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:57:03.0334 7212  ohci1394 - ok
14:57:03.0393 7212  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:03.0396 7212  ose - ok
14:57:03.0536 7212  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:03.0577 7212  osppsvc - ok
14:57:03.0656 7212  [ CB4440B56FD4993B4E8CCDB39BAA23E6 ] osubsvc         C:\Program Files\Common Files\Microsoft Shared\OFFICE14\osa.exe
14:57:03.0663 7212  osubsvc - ok
14:57:03.0698 7212  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:57:03.0704 7212  p2pimsvc - ok
14:57:03.0724 7212  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:57:03.0731 7212  p2psvc - ok
14:57:03.0745 7212  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
14:57:03.0746 7212  Parport - ok
14:57:03.0778 7212  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:57:03.0780 7212  partmgr - ok
14:57:03.0789 7212  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
14:57:03.0791 7212  Parvdm - ok
14:57:03.0810 7212  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:57:03.0815 7212  PcaSvc - ok
14:57:03.0834 7212  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
14:57:03.0836 7212  pci - ok
14:57:03.0864 7212  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
14:57:03.0866 7212  pciide - ok
14:57:03.0898 7212  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:57:03.0900 7212  pcmcia - ok
14:57:03.0918 7212  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
14:57:03.0920 7212  pcw - ok
14:57:03.0943 7212  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:57:03.0952 7212  PEAUTH - ok
14:57:03.0978 7212  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:57:03.0992 7212  PeerDistSvc - ok
14:57:04.0037 7212  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
14:57:04.0056 7212  pla - ok
14:57:04.0096 7212  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:57:04.0102 7212  PlugPlay - ok
14:57:04.0126 7212  [ F0EFAF6000E9FCBD77F769D527CE5F9D ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:57:04.0128 7212  Pml Driver HPZ12 - ok
14:57:04.0138 7212  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:57:04.0141 7212  PNRPAutoReg - ok
14:57:04.0156 7212  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:57:04.0160 7212  PNRPsvc - ok
14:57:04.0185 7212  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:57:04.0188 7212  PolicyAgent - ok
14:57:04.0218 7212  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
14:57:04.0223 7212  Power - ok
14:57:04.0248 7212  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:57:04.0250 7212  PptpMiniport - ok
14:57:04.0266 7212  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
14:57:04.0267 7212  Processor - ok
14:57:04.0297 7212  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:57:04.0302 7212  ProfSvc - ok
14:57:04.0314 7212  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:04.0316 7212  ProtectedStorage - ok
14:57:04.0330 7212  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:57:04.0332 7212  Psched - ok
14:57:04.0386 7212  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:57:04.0403 7212  ql2300 - ok
14:57:04.0416 7212  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:57:04.0418 7212  ql40xx - ok
14:57:04.0440 7212  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
14:57:04.0444 7212  QWAVE - ok
14:57:04.0456 7212  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:57:04.0458 7212  QWAVEdrv - ok
14:57:04.0471 7212  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:57:04.0472 7212  RasAcd - ok
14:57:04.0498 7212  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:04.0499 7212  RasAgileVpn - ok
14:57:04.0506 7212  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
14:57:04.0509 7212  RasAuto - ok
14:57:04.0519 7212  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:04.0520 7212  Rasl2tp - ok
14:57:04.0525 7212  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
14:57:04.0529 7212  RasMan - ok
14:57:04.0532 7212  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:04.0533 7212  RasPppoe - ok
14:57:04.0549 7212  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:57:04.0550 7212  RasSstp - ok
14:57:04.0565 7212  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:57:04.0567 7212  rdbss - ok
14:57:04.0573 7212  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:04.0575 7212  rdpbus - ok
14:57:04.0583 7212  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:04.0584 7212  RDPCDD - ok
14:57:04.0588 7212  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:57:04.0589 7212  RDPDR - ok
14:57:04.0595 7212  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:57:04.0597 7212  RDPENCDD - ok
14:57:04.0607 7212  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:57:04.0609 7212  RDPREFMP - ok
14:57:04.0644 7212  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:57:04.0646 7212  RDPWD - ok
14:57:04.0670 7212  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:57:04.0673 7212  rdyboost - ok
14:57:04.0695 7212  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:57:04.0698 7212  RemoteAccess - ok
14:57:04.0722 7212  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:57:04.0726 7212  RemoteRegistry - ok
14:57:04.0740 7212  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:57:04.0744 7212  RpcEptMapper - ok
14:57:04.0755 7212  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
14:57:04.0758 7212  RpcLocator - ok
14:57:04.0772 7212  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
14:57:04.0778 7212  RpcSs - ok
14:57:04.0805 7212  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:57:04.0807 7212  rspndr - ok
14:57:04.0832 7212  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
14:57:04.0838 7212  RTL8167 - ok
14:57:04.0859 7212  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:57:04.0861 7212  s3cap - ok
14:57:04.0872 7212  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
14:57:04.0874 7212  SamSs - ok
14:57:05.0020 7212  [ 16B1E8876C6FCA98E521186A98BB500E ] SBAMSvc         C:\Program Files\GFI Software\GFIAgent\SBAMSvc.exe
14:57:05.0054 7212  SBAMSvc - ok
14:57:05.0101 7212  [ 87574F4C899E8AEDDDC1EDF71D3E045E ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
14:57:05.0103 7212  sbapifs - ok
14:57:05.0141 7212  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:57:05.0143 7212  sbp2port - ok
14:57:05.0185 7212  [ 3D4BE78FEB12C8DC49A78416FB0F8D2B ] SBPIMSvc        C:\Program Files\GFI Software\GFIAgent\SBPIMSvc.exe
14:57:05.0188 7212  SBPIMSvc - ok
14:57:05.0207 7212  [ 4740AA6233F13E12DBC50CDD4C23C4E3 ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
14:57:05.0210 7212  sbwtis - ok
14:57:05.0230 7212  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:57:05.0234 7212  SCardSvr - ok
14:57:05.0241 7212  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:57:05.0243 7212  scfilter - ok
14:57:05.0265 7212  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
14:57:05.0273 7212  Schedule - ok
14:57:05.0288 7212  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:57:05.0289 7212  SCPolicySvc - ok
14:57:05.0304 7212  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:57:05.0309 7212  SDRSVC - ok
14:57:05.0338 7212  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:57:05.0340 7212  secdrv - ok
14:57:05.0359 7212  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
14:57:05.0367 7212  seclogon - ok
14:57:05.0396 7212  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
14:57:05.0400 7212  SENS - ok
14:57:05.0409 7212  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:57:05.0413 7212  SensrSvc - ok
14:57:05.0429 7212  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:57:05.0430 7212  Serenum - ok
14:57:05.0450 7212  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:57:05.0452 7212  Serial - ok
14:57:05.0491 7212  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:57:05.0493 7212  sermouse - ok
14:57:05.0524 7212  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:57:05.0529 7212  SessionEnv - ok
14:57:05.0544 7212  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:57:05.0544 7212  sffdisk - ok
14:57:05.0556 7212  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:57:05.0557 7212  sffp_mmc - ok
14:57:05.0566 7212  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:57:05.0567 7212  sffp_sd - ok
14:57:05.0590 7212  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:57:05.0591 7212  sfloppy - ok
14:57:05.0612 7212  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:57:05.0616 7212  SharedAccess - ok
14:57:05.0627 7212  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:05.0630 7212  ShellHWDetection - ok
14:57:05.0655 7212  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:57:05.0656 7212  sisagp - ok
14:57:05.0674 7212  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:57:05.0675 7212  SiSRaid2 - ok
14:57:05.0686 7212  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:57:05.0687 7212  SiSRaid4 - ok
14:57:05.0697 7212  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:57:05.0698 7212  Smb - ok
14:57:05.0726 7212  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:57:05.0731 7212  SNMPTRAP - ok
14:57:05.0744 7212  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:57:05.0746 7212  spldr - ok
14:57:05.0797 7212  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
14:57:05.0803 7212  Spooler - ok
14:57:05.0864 7212  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:57:05.0905 7212  sppsvc - ok
14:57:05.0915 7212  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:57:05.0919 7212  sppuinotify - ok
14:57:05.0936 7212  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:57:05.0939 7212  srv - ok
14:57:05.0949 7212  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:57:05.0953 7212  srv2 - ok
14:57:05.0972 7212  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:57:05.0975 7212  srvnet - ok
14:57:06.0008 7212  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:57:06.0012 7212  SSDPSRV - ok
14:57:06.0038 7212  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:57:06.0042 7212  SstpSvc - ok
14:57:06.0115 7212  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:57:06.0117 7212  stexstor - ok
14:57:06.0159 7212  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:57:06.0165 7212  StiSvc - ok
14:57:06.0194 7212  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:57:06.0196 7212  storflt - ok
14:57:06.0210 7212  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
14:57:06.0217 7212  StorSvc - ok
14:57:06.0228 7212  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:57:06.0230 7212  storvsc - ok
14:57:06.0247 7212  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:57:06.0248 7212  swenum - ok
14:57:06.0275 7212  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
14:57:06.0283 7212  swprv - ok
14:57:06.0328 7212  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
14:57:06.0346 7212  SysMain - ok
14:57:06.0354 7212  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:06.0357 7212  TabletInputService - ok
14:57:06.0377 7212  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:57:06.0380 7212  TapiSrv - ok
14:57:06.0406 7212  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
14:57:06.0409 7212  TBS - ok
14:57:06.0464 7212  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:57:06.0474 7212  Tcpip - ok
14:57:06.0523 7212  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:57:06.0532 7212  TCPIP6 - ok
14:57:06.0570 7212  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:57:06.0572 7212  tcpipreg - ok
14:57:06.0595 7212  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:57:06.0596 7212  TDPIPE - ok
14:57:06.0624 7212  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:57:06.0625 7212  TDTCP - ok
14:57:06.0634 7212  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:57:06.0636 7212  tdx - ok
14:57:06.0645 7212  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:57:06.0647 7212  TermDD - ok
14:57:06.0669 7212  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
14:57:06.0675 7212  TermService - ok
14:57:06.0687 7212  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
14:57:06.0691 7212  Themes - ok
14:57:06.0703 7212  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:57:06.0706 7212  THREADORDER - ok
14:57:06.0714 7212  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
14:57:06.0718 7212  TrkWks - ok
14:57:06.0756 7212  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:06.0760 7212  TrustedInstaller - ok
14:57:06.0770 7212  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:06.0772 7212  tssecsrv - ok
14:57:06.0793 7212  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:57:06.0795 7212  TsUsbFlt - ok
14:57:06.0812 7212  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:57:06.0814 7212  TsUsbGD - ok
14:57:06.0833 7212  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:57:06.0836 7212  tunnel - ok
14:57:06.0848 7212  [ 04F489BB7F0EAABAFDE7F2611ED4AD63 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
14:57:06.0850 7212  TurboB - ok
14:57:06.0873 7212  [ 0F13DD9FD7D44D15CCB388E09CC53595 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:57:06.0877 7212  TurboBoost - ok
14:57:06.0891 7212  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:57:06.0893 7212  uagp35 - ok
14:57:06.0912 7212  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:57:06.0914 7212  udfs - ok
14:57:06.0939 7212  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:57:06.0942 7212  UI0Detect - ok
14:57:06.0958 7212  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:57:06.0960 7212  uliagpkx - ok
14:57:06.0976 7212  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:57:06.0978 7212  umbus - ok
14:57:07.0000 7212  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:57:07.0002 7212  UmPass - ok
14:57:07.0017 7212  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:57:07.0022 7212  UmRdpService - ok
14:57:07.0069 7212  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:57:07.0075 7212  UMVPFSrv - ok
14:57:07.0100 7212  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
14:57:07.0105 7212  upnphost - ok
14:57:07.0140 7212  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:57:07.0143 7212  usbaudio - ok
14:57:07.0152 7212  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:07.0153 7212  usbccgp - ok
14:57:07.0187 7212  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:57:07.0190 7212  usbcir - ok
14:57:07.0219 7212  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:57:07.0221 7212  usbehci - ok
14:57:07.0235 7212  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:57:07.0238 7212  usbhub - ok
14:57:07.0251 7212  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:57:07.0253 7212  usbohci - ok
14:57:07.0270 7212  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:57:07.0272 7212  usbprint - ok
14:57:07.0288 7212  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:07.0290 7212  USBSTOR - ok
14:57:07.0299 7212  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:57:07.0300 7212  usbuhci - ok
14:57:07.0311 7212  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:57:07.0314 7212  usbvideo - ok
14:57:07.0341 7212  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
14:57:07.0345 7212  UxSms - ok
14:57:07.0356 7212  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
14:57:07.0359 7212  VaultSvc - ok
14:57:07.0413 7212  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:57:07.0415 7212  vdrvroot - ok
14:57:07.0436 7212  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
14:57:07.0445 7212  vds - ok
14:57:07.0457 7212  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:07.0459 7212  vga - ok
14:57:07.0469 7212  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:57:07.0470 7212  VgaSave - ok
14:57:07.0484 7212  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:57:07.0487 7212  vhdmp - ok
14:57:07.0521 7212  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:57:07.0523 7212  viaagp - ok
14:57:07.0535 7212  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
14:57:07.0537 7212  ViaC7 - ok
14:57:07.0564 7212  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
14:57:07.0566 7212  viaide - ok
14:57:07.0576 7212  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:57:07.0579 7212  vmbus - ok
14:57:07.0590 7212  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:57:07.0592 7212  VMBusHID - ok
14:57:07.0606 7212  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:57:07.0608 7212  volmgr - ok
14:57:07.0619 7212  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:57:07.0624 7212  volmgrx - ok
14:57:07.0644 7212  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:57:07.0647 7212  volsnap - ok
14:57:07.0673 7212  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:57:07.0676 7212  vsmraid - ok
14:57:07.0711 7212  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
14:57:07.0727 7212  VSS - ok
14:57:07.0742 7212  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:57:07.0743 7212  vwifibus - ok
14:57:07.0756 7212  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
14:57:07.0760 7212  W32Time - ok
14:57:07.0779 7212  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:57:07.0781 7212  WacomPen - ok
14:57:07.0802 7212  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:57:07.0804 7212  WANARP - ok
14:57:07.0807 7212  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:57:07.0808 7212  Wanarpv6 - ok
14:57:07.0877 7212  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:07.0895 7212  WatAdminSvc - ok
14:57:07.0933 7212  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
14:57:07.0952 7212  wbengine - ok
14:57:07.0963 7212  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:57:07.0969 7212  WbioSrvc - ok
14:57:07.0976 7212  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:57:07.0984 7212  wcncsvc - ok
14:57:07.0999 7212  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:08.0003 7212  WcsPlugInService - ok
14:57:08.0041 7212  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
14:57:08.0043 7212  Wd - ok
14:57:08.0088 7212  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:57:08.0096 7212  Wdf01000 - ok
14:57:08.0117 7212  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:57:08.0122 7212  WdiServiceHost - ok
14:57:08.0125 7212  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:57:08.0129 7212  WdiSystemHost - ok
14:57:08.0138 7212  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
14:57:08.0144 7212  WebClient - ok
14:57:08.0161 7212  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:57:08.0167 7212  Wecsvc - ok
14:57:08.0182 7212  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:57:08.0187 7212  wercplsupport - ok
14:57:08.0223 7212  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:57:08.0228 7212  WerSvc - ok
14:57:08.0247 7212  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:08.0249 7212  WfpLwf - ok
14:57:08.0267 7212  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:57:08.0269 7212  WIMMount - ok
14:57:08.0319 7212  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:57:08.0328 7212  WinDefend - ok
14:57:08.0332 7212  WinHttpAutoProxySvc - ok
14:57:08.0387 7212  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:57:08.0391 7212  Winmgmt - ok
14:57:08.0442 7212  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
14:57:08.0460 7212  WinRM - ok
14:57:08.0522 7212  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:08.0525 7212  WinUsb - ok
14:57:08.0555 7212  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:57:08.0569 7212  Wlansvc - ok
14:57:08.0661 7212  [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:08.0682 7212  wlidsvc - ok
14:57:08.0706 7212  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:57:08.0708 7212  WmiAcpi - ok
14:57:08.0735 7212  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:57:08.0738 7212  wmiApSrv - ok
14:57:08.0787 7212  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:57:08.0802 7212  WMPNetworkSvc - ok
14:57:08.0830 7212  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:57:08.0834 7212  WPCSvc - ok
14:57:08.0849 7212  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:57:08.0854 7212  WPDBusEnum - ok
14:57:08.0874 7212  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:57:08.0875 7212  ws2ifsl - ok
14:57:08.0889 7212  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:57:08.0894 7212  wscsvc - ok
14:57:08.0896 7212  WSearch - ok
14:57:08.0961 7212  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:57:08.0988 7212  wuauserv - ok
14:57:09.0026 7212  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:57:09.0029 7212  WudfPf - ok
14:57:09.0052 7212  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:09.0055 7212  WUDFRd - ok
14:57:09.0072 7212  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:57:09.0077 7212  wudfsvc - ok
14:57:09.0095 7212  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:57:09.0101 7212  WwanSvc - ok
14:57:09.0116 7212  ================ Scan global ===============================
14:57:09.0135 7212  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:57:09.0169 7212  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
14:57:09.0179 7212  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
14:57:09.0207 7212  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:57:09.0224 7212  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:57:09.0229 7212  [Global] - ok
14:57:09.0230 7212  ================ Scan MBR ==================================
14:57:09.0242 7212  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:57:09.0740 7212  \Device\Harddisk0\DR0 - ok
14:57:09.0741 7212  ================ Scan VBR ==================================
14:57:09.0743 7212  [ 1B9869E056A98DA393AA3AB47E2DBF31 ] \Device\Harddisk0\DR0\Partition1
14:57:09.0745 7212  \Device\Harddisk0\DR0\Partition1 - ok
14:57:09.0779 7212  [ 095170609844A8834292BAD523B48DD1 ] \Device\Harddisk0\DR0\Partition2
14:57:09.0781 7212  \Device\Harddisk0\DR0\Partition2 - ok
14:57:09.0797 7212  [ 9283D650C08D638F86343E51EC299528 ] \Device\Harddisk0\DR0\Partition3
14:57:09.0799 7212  \Device\Harddisk0\DR0\Partition3 - ok
14:57:09.0799 7212  ============================================================
14:57:09.0799 7212  Scan finished
14:57:09.0799 7212  ============================================================
14:57:09.0807 7376  Detected object count: 0
14:57:09.0807 7376  Actual detected object count: 0
14:57:17.0979 7568  Deinitialize success


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 17 May 2013 - 02:27 PM

Do you still see it as I do not?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 markanthonyjohn

markanthonyjohn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 May 2013 - 02:31 PM

No, I do not see anything.  So, I am good to go now right?  Thank you so much again.  Mark.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 17 May 2013 - 03:25 PM

Yes,good to go and you're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users