Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't delete Malware hidden by rootkit tried many programs always comes back


  • Please log in to reply
11 replies to this topic

#1 seen

seen

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 23 June 2013 - 05:53 AM

I have been dealing with a problem forever and wondering if anyone here can help me.  I think I have a root kit which continues to infect my comp.  I don't have any severe symptoms other than occasion hd accessing while nothing is going on (sometimes alot of accessing) and also I notice that it seems my HD space is fluxuating sometimes, or diminishing.

 

I have done full scans with these programs :

 

-Avast aswMBR  -Comodo CCE + Comodo Full Antivirus scan   -Bootkit Cleaner   -RegRun UnHackMe (including with the regrun warrior boot cd)   -TDSSKiller

 

 

aswMBR comes back with an IRP_MJ_CREATE threat from the driver scan of atapi.sys.

I can't click 'fix' on the program but if I click Fix MBR and do another scan... it seems to be gone, but comes back after a little while later.  

 

CCE doesn't find anything anymore, but it did at one time (i think) and i thought I cleaned it, but now nothing.  

 

Bootkit Cleaner finds nothing. 

 

TDSSKiller found something initially and I ran the full removal and reboot process (like I did on the others) but now when i run it, it finds nothing.

 

UnHackMe basic scans reveal some suspicious files but no serious threats, (i guess?) I think they 

are mostly false positives but not sure.  There is clearly something going on... so I ran the full RegRun Warrior Boot Scan which showed even more suspicious files but nothing serious.  svchost was among them and I tried deleting it and several others but I'm uncertain what was what and I lost my network connection after that so I had to activate a older restore point. 

 

Can anyone help me out? I've seen and read thru some other threads about these kinds of problems but I'm stuck and continue to see the malware pop up in scans from within UnHackMe's windows startup scan..  

 

 

It comes back with Kernal Auto Boot the filenames are always different like, a2t423gd.sys  one time, and next time 4gr3t43gg43.sys etc.  It says ''The file is known as dangerous.  It is not a part of the windows operating system.   Couldn't find the file.  The file may be already deleted or hidden by a root kit.''

 

If I try to delete it, it can't find it.  If i reboot and delete it, won't find it.  What to do???  Thanks for any help... I can post logs or try something else if anyone has any recommendations.  Thanks


Edited by hamluis, 23 June 2013 - 08:44 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 vulcain

vulcain

  • Members
  • 165 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:11:28 PM

Posted 23 June 2013 - 12:48 PM

Hello,
you should repeat the process in safe mode, which prevents infection theoretically not general disinfection tools.
cordially


#3 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 23 June 2013 - 06:25 PM

hi. im the OP.. i made a new account and a new password because I couldn't remember my last one.. I wrote this down though. anyways, I am currently running a full scan with mbam in safe mode on my infected computer.  (although I believe possibly all of my computers may be infected, including this one.)  I ran a quick scan first in regular mode but it found nothing. 

 

Some other info I wanted to mention :   I recently did a full format to try and see if that would eliminate whatever strange behaviour my computer has been doing.  Apparently it didn't do much because I am still experiencing HD reads, slowdowns and malware positives.   I even ran a format + 1pass overwrite before reinstalling windows 7 x64...  some strange behaviour, during the format/overwrite, it kept spitting out errors like, cpu core temperature errors.  I'm not sure if it was a normal procedure of the program (which I cannot remember now, gah) but it made me think that since nothing was even loaded at that point, that there might be something going on in the bios?  I don't know. 

 

I'm currently running MBAM in safe mode will report back after... 



#4 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 23 June 2013 - 06:46 PM

ok it finished the full scan of both hard drives and found Riskwave.Tool.CK from a program directory that no longer exists on the drive (E:\) or so I thought.
 
I don't think this really relates to whats going on though, or not completely.  Another bizarre behaviour i notice when I leave on the HIPS (to paranoid mode) is that mscorsvw.exe will constantly be trying to create new files or modify things.  I know I read that this is the windows framework compiler (i think?), but if i try to executequeditems with it manually, it is unable to do that (it was able to initially the first times i tried after the reinstall of operating sys). 
 
when I run sfc /scannow it always says it frequently finds corrupted files and says it was able to fix them.  but it says this almost every single scan so clearly its not fixing them.
 
where can I go next?  I'm seroiusly completely lost as to how to remove all this junk and reclaim my pc from doing these sketchy background processes :/ I feel like theres keylogging or screencaping going on. Periodically I have had game accounts and emails hacked.


Edited by seen1, 23 June 2013 - 07:09 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 PM

Posted 23 June 2013 - 10:22 PM

Hello, lets look at these
 
 
.Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:11 AM

results of minitoolbox :  
 
 
MiniToolBox by Farbar  Version: 16-06-2013
Ran by XXY (administrator) on 28-06-2013 at 08:09:07
Running from "C:\Users\XXY\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : XXX
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-25-22-2B-3E-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Airlink101 300N Wireless PCI Adapter
   Physical Address. . . . . . . . . : 00-1D-6A-0E-7E-D8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5141:d0ea:bd73:e317%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, June 27, 2013 7:11:19 PM
   Lease Expires . . . . . . . . . . : Friday, June 28, 2013 8:16:42 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 268442986
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-58-74-DB-00-1D-6A-0E-7E-D8
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{F3DAD5A1-5C42-4D87-B2F1-1891B0278F60}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:2479:2838:bb48:1166(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2479:2838:bb48:1166%10(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4002:801::1009
 173.194.35.0
 173.194.35.1
 173.194.35.2
 173.194.35.3
 173.194.35.4
 173.194.35.5
 173.194.35.6
 173.194.35.7
 173.194.35.8
 173.194.35.9
 173.194.35.14
 
 
Pinging google.com [173.194.35.14] with 32 bytes of data:
Reply from 173.194.35.14: bytes=32 time=412ms TTL=50
Reply from 173.194.35.14: bytes=32 time=252ms TTL=50
 
Ping statistics for 173.194.35.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 252ms, Maximum = 412ms, Average = 332ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=190ms TTL=52
Reply from 98.139.183.24: bytes=32 time=315ms TTL=52
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 190ms, Maximum = 315ms, Average = 252ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...00 25 22 2b 3e 60 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
 12...00 1d 6a 0e 7e d8 ......Airlink101 300N Wireless PCI Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 10     58 2001::/32                On-link
 10    306 2001:0:5ef5:79fd:2479:2838:bb48:1166/128
                                    On-link
 12    281 fe80::/64                On-link
 10    306 fe80::/64                On-link
 10    306 fe80::2479:2838:bb48:1166/128
                                    On-link
 12    281 fe80::5141:d0ea:bd73:e317/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/27/2013 04:07:04 AM) (Source: Application Error) (User: )
Description: Faulting application name: AIMP3.exe, version: 3.5.0.1270, time stamp: 0x51ae22f1
Faulting module name: bass_mpc.dll, version: 2.4.1.1, time stamp: 0x4faa6260
Exception code: 0xc0000005
Fault offset: 0x00003cce
Faulting process id: 0x108
Faulting application start time: 0xAIMP3.exe0
Faulting application path: AIMP3.exe1
Faulting module path: AIMP3.exe2
Report Id: AIMP3.exe3
 
Error: (06/25/2013 04:28:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: AIMP3.exe, version: 3.5.0.1270, time stamp: 0x51ae22f1
Faulting module name: bass_mpc.dll, version: 2.4.1.1, time stamp: 0x4faa6260
Exception code: 0xc0000005
Fault offset: 0x00003cce
Faulting process id: 0xc5c
Faulting application start time: 0xAIMP3.exe0
Faulting application path: AIMP3.exe1
Faulting module path: AIMP3.exe2
Report Id: AIMP3.exe3
 
Error: (06/25/2013 01:45:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: AIMP3.exe, version: 3.5.0.1270, time stamp: 0x51ae22f1
Faulting module name: bass_mpc.dll, version: 2.4.1.1, time stamp: 0x4faa6260
Exception code: 0xc0000005
Fault offset: 0x00003cce
Faulting process id: 0x2a8
Faulting application start time: 0xAIMP3.exe0
Faulting application path: AIMP3.exe1
Faulting module path: AIMP3.exe2
Report Id: AIMP3.exe3
 
Error: (06/24/2013 10:40:54 PM) (Source: Application Hang) (User: )
Description: The program FL.exe version 1.1.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1158
 
Start Time: 01ce7162f10be974
 
Termination Time: 27
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe
 
Report Id: c5379104-dd59-11e2-a7bb-0025222b3e60
 
Error: (06/23/2013 10:52:56 PM) (Source: Application Hang) (User: )
Description: The program taskmgr.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ba8
 
Start Time: 01ce709ef4664f94
 
Termination Time: 0
 
Application Path: C:\Windows\system32\taskmgr.exe
 
Report Id: 4fd32380-dc92-11e2-a7bb-0025222b3e60
 
Error: (06/23/2013 08:45:25 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16490 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 458
 
Start Time: 01ce708cfbefabe6
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 
Report Id: 7969616d-dc80-11e2-aa36-0025222b3e60
 
Error: (06/23/2013 08:34:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/23/2013 08:32:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.
 
Error: (06/23/2013 06:26:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x5154efc9
Faulting module name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x5154efc9
Exception code: 0xc0000005
Fault offset: 0x000000000002ea19
Faulting process id: 0x450
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3
 
Error: (06/23/2013 06:09:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
 
System errors:
=============
Error: (06/27/2013 07:11:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
Error: (06/26/2013 11:48:42 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (06/26/2013 06:51:30 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
Error: (06/25/2013 01:34:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
Error: (06/23/2013 10:51:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
Error: (06/23/2013 10:49:15 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
 
Error: (06/23/2013 10:46:45 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft .NET Framework NGEN v4.0.30319_X64 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/23/2013 10:44:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
Error: (06/23/2013 10:44:18 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:28:08 PM on ?6/?23/?2013 was unexpected.
 
Error: (06/23/2013 08:43:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ysyfer
 
 
Microsoft Office Sessions:
=========================
Error: (06/27/2013 04:07:04 AM) (Source: Application Error)(User: )
Description: AIMP3.exe3.5.0.127051ae22f1bass_mpc.dll2.4.1.14faa6260c000000500003cce10801ce7326462df48fC:\Program Files (x86)\AIMP3\AIMP3.exeC:\Program Files (x86)\AIMP3\Plugins\bass_mpc.dllb2756a12-df19-11e2-8486-0025222b3e60
 
Error: (06/25/2013 04:28:39 PM) (Source: Application Error)(User: )
Description: AIMP3.exe3.5.0.127051ae22f1bass_mpc.dll2.4.1.14faa6260c000000500003ccec5c01ce71ec57716896C:\PROGRA~2\AIMP3\AIMP3.exeC:\PROGRA~2\AIMP3\Plugins\bass_mpc.dllf67e2465-ddee-11e2-92ad-0025222b3e60
 
Error: (06/25/2013 01:45:23 AM) (Source: Application Error)(User: )
Description: AIMP3.exe3.5.0.127051ae22f1bass_mpc.dll2.4.1.14faa6260c000000500003cce2a801ce717e777d55e6C:\Program Files (x86)\AIMP3\AIMP3.exeC:\Program Files (x86)\AIMP3\Plugins\bass_mpc.dll9283c586-dd73-11e2-a7bb-0025222b3e60
 
Error: (06/24/2013 10:40:54 PM) (Source: Application Hang)(User: )
Description: FL.exe1.1.0.0115801ce7162f10be97427C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exec5379104-dd59-11e2-a7bb-0025222b3e60
 
Error: (06/23/2013 10:52:56 PM) (Source: Application Hang)(User: )
Description: taskmgr.exe6.1.7601.17514ba801ce709ef4664f940C:\Windows\system32\taskmgr.exe4fd32380-dc92-11e2-a7bb-0025222b3e60
 
Error: (06/23/2013 08:45:25 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1649045801ce708cfbefabe60C:\Program Files (x86)\Internet Explorer\iexplore.exe7969616d-dc80-11e2-aa36-0025222b3e60
 
Error: (06/23/2013 08:34:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\XXY\Downloads\SoftonicDownloader_for_free-easy-cd-dvd-burner.exe
 
Error: (06/23/2013 08:32:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.
 
Error: (06/23/2013 06:26:38 PM) (Source: Application Error)(User: )
Description: atieclxx.exe6.14.11.11435154efc9atieclxx.exe6.14.11.11435154efc9c0000005000000000002ea1945001ce7079d5508220C:\Windows\system32\atieclxx.exeC:\Windows\system32\atieclxx.exe1d3481a4-dc6d-11e2-9129-0025222b3e60
 
Error: (06/23/2013 06:09:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\XXY\Downloads\SoftonicDownloader_for_free-easy-cd-dvd-burner.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-22 03:03:24.009
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\XXY\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-22 03:03:23.930
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\XXY\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-13 14:23:32.661
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\XXY\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-13 14:23:32.603
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\XXY\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29677)
Adobe AIR (Version: 2.5.1.17730)
Adobe Audition CS5.5 (Version: 4.0)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Photoshop CS5 (Version: 12.0)
AIMP3 (Version: v3.50.1270 RC 2, 04.06.2013)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (Version: 2.3.4)
ASIO4ALL (Version: 2.11 Beta2)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.02)
COMODO Antivirus (Version: 6.1.14723.2813)
Comodo Dragon (Version: 27.2.0.0)
Creative ALchemy (Version: 1.43)
Creative Audio Control Panel (Version: 3.00)
Creative Entertainment Console (Version: 3.00)
Creative Sound Blaster Properties x64 Edition (Version: 1.03)
Defraggler (Version: 2.14)
F.lux
FL Studio 11
FlowStone FL 3.0
Focusrite USB 2.0 Audio Driver 2.4 (Version: 2.4)
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
IL Download Manager
IL Shared Libraries
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Last.fm Scrobbler 2.1.35
LatencyMon 5.00
Leisure Suit Larry 7 (Version: 1.0.59)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Native Instruments Traktor 2 (Version: 2.0.1.10169)
Nero 12 (Version: 12.0.02000)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.14300)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Burning ROM (Version: 12.0.20000)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15200)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.18100)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.20000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode Help (CHM) (Version: 12.0.4000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Video Help (CHM) (Version: 12.0.4000)
neroxml (Version: 1.0.0)
NVIDIA PhysX (Version: 9.12.1031)
Prerequisite installer (Version: 12.0.0002)
Quest for Glory Pack
QuickTime (Version: 7.74.80.86)
reFX Nexus VSTi RTAS v2.2.0
Remember Me
Skype™ 6.5 (Version: 6.5.158)
SoulSeek 157 NS 13e
Space Quest Collection
Spek (Version: 0.7.0)
SUPERAntiSpyware (Version: 5.6.1020)
UnHackMe 5.99 release
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
VLC media player 2.0.7 (Version: 2.0.7)
Volume Panel (Version: 2.21)
Wave Arts Power Suite (Version: 5.07)
Welcome App (Start-up experience) (Version: 12.0.14000)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) (Version: 09/10/2012 2.4.128.0)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 36%
Total physical RAM: 6142.09 MB
Available physical RAM: 3873.34 MB
Total Pagefile: 12282.36 MB
Available Pagefile: 9012.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.11 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:698.54 GB) (Free:542.2 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1329.24 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\XXX
 
Administrator            Guest                    XXY                      
 
 
**** End of log ****


#7 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:13 AM

results of tdsskiller : 

08:11:43.0070 4988  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:11:44.0570 4988  ============================================================
08:11:44.0571 4988  Current date / time: 2013/06/28 08:11:44.0570
08:11:44.0571 4988  SystemInfo:
08:11:44.0571 4988  
08:11:44.0571 4988  OS Version: 6.1.7601 ServicePack: 1.0
08:11:44.0571 4988  Product type: Workstation
08:11:44.0571 4988  ComputerName: XXX
08:11:44.0571 4988  UserName: XXY
08:11:44.0571 4988  Windows directory: C:\Windows
08:11:44.0571 4988  System windows directory: C:\Windows
08:11:44.0571 4988  Running under WOW64
08:11:44.0571 4988  Processor architecture: Intel x64
08:11:44.0571 4988  Number of processors: 8
08:11:44.0571 4988  Page size: 0x1000
08:11:44.0571 4988  Boot type: Normal boot
08:11:44.0571 4988  ============================================================
08:11:46.0218 4988  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:11:46.0250 4988  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:11:46.0254 4988  ============================================================
08:11:46.0254 4988  \Device\Harddisk0\DR0:
08:11:46.0254 4988  MBR partitions:
08:11:46.0254 4988  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:11:46.0254 4988  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
08:11:46.0254 4988  \Device\Harddisk1\DR1:
08:11:46.0254 4988  MBR partitions:
08:11:46.0254 4988  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
08:11:46.0254 4988  ============================================================
08:11:46.0269 4988  C: <-> \Device\Harddisk0\DR0\Partition2
08:11:46.0277 4988  E: <-> \Device\Harddisk1\DR1\Partition1
08:11:46.0277 4988  ============================================================
08:11:46.0277 4988  Initialize success
08:11:46.0277 4988  ============================================================
08:12:04.0895 2260  ============================================================
08:12:04.0895 2260  Scan started
08:12:04.0895 2260  Mode: Manual; TDLFS; 
08:12:04.0895 2260  ============================================================
08:12:05.0950 2260  ================ Scan system memory ========================
08:12:05.0950 2260  System memory - ok
08:12:05.0950 2260  ================ Scan services =============================
08:12:06.0011 2260  [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
08:12:06.0014 2260  !SASCORE - ok
08:12:06.0118 2260  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:12:06.0123 2260  1394ohci - ok
08:12:06.0164 2260  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:12:06.0167 2260  ACPI - ok
08:12:06.0189 2260  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:12:06.0205 2260  AcpiPmi - ok
08:12:06.0250 2260  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:12:06.0261 2260  adp94xx - ok
08:12:06.0276 2260  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:12:06.0284 2260  adpahci - ok
08:12:06.0300 2260  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:12:06.0311 2260  adpu320 - ok
08:12:06.0333 2260  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:12:06.0335 2260  AeLookupSvc - ok
08:12:06.0363 2260  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:12:06.0366 2260  AFD - ok
08:12:06.0384 2260  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:12:06.0385 2260  agp440 - ok
08:12:06.0401 2260  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:12:06.0405 2260  ALG - ok
08:12:06.0418 2260  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:12:06.0420 2260  aliide - ok
08:12:06.0469 2260  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:12:06.0471 2260  AMD External Events Utility - ok
08:12:06.0481 2260  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:12:06.0483 2260  amdide - ok
08:12:06.0500 2260  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:12:06.0502 2260  AmdK8 - ok
08:12:06.0744 2260  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:12:06.0978 2260  amdkmdag - ok
08:12:07.0027 2260  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:12:07.0046 2260  amdkmdap - ok
08:12:07.0051 2260  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:12:07.0055 2260  AmdPPM - ok
08:12:07.0073 2260  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:12:07.0089 2260  amdsata - ok
08:12:07.0113 2260  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:12:07.0119 2260  amdsbs - ok
08:12:07.0128 2260  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:12:07.0146 2260  amdxata - ok
08:12:07.0191 2260  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:12:07.0210 2260  AppID - ok
08:12:07.0215 2260  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:12:07.0216 2260  AppIDSvc - ok
08:12:07.0240 2260  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:12:07.0243 2260  Appinfo - ok
08:12:07.0259 2260  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
08:12:07.0260 2260  AppMgmt - ok
08:12:07.0264 2260  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:12:07.0267 2260  arc - ok
08:12:07.0276 2260  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:12:07.0279 2260  arcsas - ok
08:12:07.0381 2260  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:12:07.0384 2260  aspnet_state - ok
08:12:07.0412 2260  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:12:07.0412 2260  AsyncMac - ok
08:12:07.0423 2260  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:12:07.0424 2260  atapi - ok
08:12:07.0489 2260  [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:12:07.0494 2260  AtiHDAudioService - ok
08:12:07.0522 2260  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:12:07.0539 2260  AudioEndpointBuilder - ok
08:12:07.0555 2260  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:12:07.0559 2260  AudioSrv - ok
08:12:07.0618 2260  [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
08:12:07.0622 2260  AxAutoMntSrv - ok
08:12:07.0637 2260  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:12:07.0642 2260  AxInstSV - ok
08:12:07.0681 2260  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:12:07.0695 2260  BDESVC - ok
08:12:07.0704 2260  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:12:07.0704 2260  Beep - ok
08:12:07.0764 2260  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:12:07.0781 2260  BFE - ok
08:12:07.0808 2260  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
08:12:07.0814 2260  BITS - ok
08:12:07.0829 2260  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:12:07.0832 2260  blbdrive - ok
08:12:07.0875 2260  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:12:07.0910 2260  bowser - ok
08:12:07.0936 2260  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:12:07.0939 2260  BrFiltLo - ok
08:12:07.0943 2260  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:12:07.0945 2260  BrFiltUp - ok
08:12:07.0968 2260  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:12:07.0969 2260  Browser - ok
08:12:07.0987 2260  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:12:07.0996 2260  Brserid - ok
08:12:08.0001 2260  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:12:08.0004 2260  BrSerWdm - ok
08:12:08.0008 2260  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:12:08.0009 2260  BrUsbMdm - ok
08:12:08.0013 2260  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:12:08.0015 2260  BrUsbSer - ok
08:12:08.0020 2260  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:12:08.0024 2260  BTHMODEM - ok
08:12:08.0053 2260  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:12:08.0056 2260  bthserv - ok
08:12:08.0068 2260  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:12:08.0069 2260  cdfs - ok
08:12:08.0097 2260  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:12:08.0098 2260  cdrom - ok
08:12:08.0113 2260  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:12:08.0117 2260  CertPropSvc - ok
08:12:08.0125 2260  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:12:08.0141 2260  circlass - ok
08:12:08.0163 2260  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:12:08.0170 2260  CLFS - ok
08:12:08.0212 2260  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:12:08.0216 2260  clr_optimization_v2.0.50727_32 - ok
08:12:08.0243 2260  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:12:08.0248 2260  clr_optimization_v2.0.50727_64 - ok
08:12:08.0308 2260  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:12:08.0311 2260  clr_optimization_v4.0.30319_32 - ok
08:12:08.0325 2260  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:12:08.0328 2260  clr_optimization_v4.0.30319_64 - ok
08:12:08.0344 2260  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:12:08.0345 2260  CmBatt - ok
08:12:08.0462 2260  [ C7C3794C92578A5C2F7555AC75864EB2 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
08:12:08.0556 2260  cmdAgent - ok
08:12:08.0572 2260  [ 47E7C07A0EC8D4E82701EA425EB9E275 ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
08:12:08.0574 2260  cmderd - ok
08:12:08.0611 2260  [ 2BFD057D32A41AB9A1E5F5C674C59339 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
08:12:08.0626 2260  cmdGuard - ok
08:12:08.0635 2260  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:12:08.0638 2260  cmdide - ok
08:12:08.0660 2260  [ 43EBC5556143BD468A44BC0E51555D0E ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
08:12:08.0665 2260  cmdvirth - ok
08:12:08.0681 2260  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
08:12:08.0696 2260  CNG - ok
08:12:08.0708 2260  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:12:08.0708 2260  Compbatt - ok
08:12:08.0739 2260  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:12:08.0758 2260  CompositeBus - ok
08:12:08.0761 2260  COMSysApp - ok
08:12:08.0780 2260  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:12:08.0782 2260  crcdisk - ok
08:12:08.0822 2260  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:12:08.0823 2260  CryptSvc - ok
08:12:08.0850 2260  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
08:12:08.0878 2260  CSC - ok
08:12:08.0913 2260  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
08:12:08.0929 2260  CscService - ok
08:12:09.0065 2260  [ EDBA1382E5D7D1E71442B43E170CF8D4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
08:12:09.0068 2260  CTAudSvcService - ok
08:12:09.0093 2260  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:12:09.0103 2260  DcomLaunch - ok
08:12:09.0148 2260  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:12:09.0162 2260  defragsvc - ok
08:12:09.0185 2260  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:12:09.0202 2260  DfsC - ok
08:12:09.0229 2260  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:12:09.0237 2260  Dhcp - ok
08:12:09.0244 2260  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:12:09.0247 2260  discache - ok
08:12:09.0261 2260  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:12:09.0262 2260  Disk - ok
08:12:09.0283 2260  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:12:09.0288 2260  Dnscache - ok
08:12:09.0313 2260  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:12:09.0320 2260  dot3svc - ok
08:12:09.0340 2260  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:12:09.0344 2260  DPS - ok
08:12:09.0491 2260  [ 582C08E418121232BD199F4B92A63D9B ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
08:12:09.0563 2260  DragonUpdater - ok
08:12:09.0595 2260  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:12:09.0596 2260  drmkaud - ok
08:12:09.0626 2260  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:12:09.0676 2260  DXGKrnl - ok
08:12:09.0708 2260  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:12:09.0712 2260  EapHost - ok
08:12:09.0736 2260  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
08:12:09.0738 2260  EFS - ok
08:12:09.0771 2260  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:12:09.0789 2260  ehRecvr - ok
08:12:09.0808 2260  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:12:09.0812 2260  ehSched - ok
08:12:09.0830 2260  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:12:09.0846 2260  elxstor - ok
08:12:09.0858 2260  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:12:09.0870 2260  ErrDev - ok
08:12:09.0910 2260  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:12:09.0913 2260  EventSystem - ok
08:12:09.0925 2260  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:12:09.0931 2260  exfat - ok
08:12:09.0937 2260  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:12:09.0938 2260  fastfat - ok
08:12:09.0965 2260  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:12:09.0983 2260  Fax - ok
08:12:09.0995 2260  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:12:09.0995 2260  fdc - ok
08:12:09.0999 2260  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:12:10.0014 2260  fdPHost - ok
08:12:10.0045 2260  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:12:10.0049 2260  FDResPub - ok
08:12:10.0073 2260  [ CDAF7F210DF460770DA4F6C4EC67BA0F ] ffusb2audio     C:\Windows\system32\DRIVERS\ffusb2audio.sys
08:12:10.0088 2260  ffusb2audio - ok
08:12:10.0106 2260  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:12:10.0109 2260  FileInfo - ok
08:12:10.0117 2260  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:12:10.0124 2260  Filetrace - ok
08:12:10.0129 2260  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:12:10.0131 2260  flpydisk - ok
08:12:10.0175 2260  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:12:10.0177 2260  FltMgr - ok
08:12:10.0228 2260  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:12:10.0250 2260  FontCache - ok
08:12:10.0274 2260  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:12:10.0382 2260  FontCache3.0.0.0 - ok
08:12:10.0386 2260  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:12:10.0389 2260  FsDepends - ok
08:12:10.0411 2260  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:12:10.0412 2260  Fs_Rec - ok
08:12:10.0441 2260  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:12:10.0449 2260  fvevol - ok
08:12:10.0461 2260  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:12:10.0464 2260  gagp30kx - ok
08:12:10.0499 2260  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:12:10.0515 2260  gpsvc - ok
08:12:10.0554 2260  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:12:10.0558 2260  gupdate - ok
08:12:10.0564 2260  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:12:10.0565 2260  gupdatem - ok
08:12:10.0573 2260  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:12:10.0580 2260  hcw85cir - ok
08:12:10.0602 2260  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:12:10.0624 2260  HdAudAddService - ok
08:12:10.0656 2260  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:12:10.0660 2260  HDAudBus - ok
08:12:10.0672 2260  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:12:10.0675 2260  HidBatt - ok
08:12:10.0682 2260  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:12:10.0691 2260  HidBth - ok
08:12:10.0701 2260  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:12:10.0712 2260  HidIr - ok
08:12:10.0736 2260  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:12:10.0739 2260  hidserv - ok
08:12:10.0764 2260  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:12:10.0765 2260  HidUsb - ok
08:12:10.0783 2260  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:12:10.0787 2260  hkmsvc - ok
08:12:10.0808 2260  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:12:10.0815 2260  HomeGroupListener - ok
08:12:10.0833 2260  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:12:10.0899 2260  HomeGroupProvider - ok
08:12:10.0910 2260  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:12:10.0928 2260  HpSAMD - ok
08:12:10.0962 2260  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:12:10.0966 2260  HTTP - ok
08:12:10.0986 2260  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:12:11.0000 2260  hwpolicy - ok
08:12:11.0028 2260  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:12:11.0029 2260  i8042prt - ok
08:12:11.0043 2260  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:12:11.0072 2260  iaStorV - ok
08:12:11.0106 2260  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:12:11.0124 2260  idsvc - ok
08:12:11.0136 2260  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:12:11.0142 2260  iirsp - ok
08:12:11.0182 2260  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:12:11.0208 2260  IKEEXT - ok
08:12:11.0221 2260  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:12:11.0222 2260  intelide - ok
08:12:11.0237 2260  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:12:11.0238 2260  intelppm - ok
08:12:11.0248 2260  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:12:11.0251 2260  IPBusEnum - ok
08:12:11.0270 2260  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:12:11.0271 2260  IpFilterDriver - ok
08:12:11.0292 2260  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:12:11.0301 2260  iphlpsvc - ok
08:12:11.0311 2260  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:12:11.0332 2260  IPMIDRV - ok
08:12:11.0357 2260  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:12:11.0359 2260  IPNAT - ok
08:12:11.0368 2260  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:12:11.0369 2260  IRENUM - ok
08:12:11.0379 2260  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:12:11.0379 2260  isapnp - ok
08:12:11.0394 2260  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:12:11.0404 2260  iScsiPrt - ok
08:12:11.0428 2260  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
08:12:11.0429 2260  kbdclass - ok
08:12:11.0436 2260  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
08:12:11.0450 2260  kbdhid - ok
08:12:11.0468 2260  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
08:12:11.0470 2260  KeyIso - ok
08:12:11.0493 2260  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:12:11.0494 2260  KSecDD - ok
08:12:11.0512 2260  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:12:11.0519 2260  KSecPkg - ok
08:12:11.0529 2260  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:12:11.0532 2260  ksthunk - ok
08:12:11.0544 2260  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:12:11.0553 2260  KtmRm - ok
08:12:11.0567 2260  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:12:11.0574 2260  LanmanServer - ok
08:12:11.0587 2260  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:12:11.0608 2260  LanmanWorkstation - ok
08:12:11.0629 2260  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:12:11.0633 2260  lltdio - ok
08:12:11.0649 2260  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:12:11.0664 2260  lltdsvc - ok
08:12:11.0671 2260  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:12:11.0673 2260  lmhosts - ok
08:12:11.0708 2260  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:12:11.0722 2260  LSI_FC - ok
08:12:11.0740 2260  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:12:11.0745 2260  LSI_SAS - ok
08:12:11.0759 2260  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:12:11.0763 2260  LSI_SAS2 - ok
08:12:11.0770 2260  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:12:11.0773 2260  LSI_SCSI - ok
08:12:11.0803 2260  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:12:11.0807 2260  luafv - ok
08:12:11.0823 2260  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:12:11.0829 2260  Mcx2Svc - ok
08:12:11.0836 2260  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:12:11.0846 2260  megasas - ok
08:12:11.0865 2260  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:12:11.0882 2260  MegaSR - ok
08:12:11.0912 2260  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:12:11.0916 2260  MMCSS - ok
08:12:11.0929 2260  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:12:11.0930 2260  Modem - ok
08:12:11.0947 2260  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:12:11.0949 2260  monitor - ok
08:12:11.0979 2260  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
08:12:11.0979 2260  mouclass - ok
08:12:12.0006 2260  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:12:12.0007 2260  mouhid - ok
08:12:12.0028 2260  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:12:12.0029 2260  mountmgr - ok
08:12:12.0052 2260  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:12:12.0084 2260  mpio - ok
08:12:12.0089 2260  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:12:12.0091 2260  mpsdrv - ok
08:12:12.0127 2260  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:12:12.0166 2260  MpsSvc - ok
08:12:12.0185 2260  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:12:12.0187 2260  MRxDAV - ok
08:12:12.0213 2260  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:12:12.0215 2260  mrxsmb - ok
08:12:12.0235 2260  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:12:12.0257 2260  mrxsmb10 - ok
08:12:12.0284 2260  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:12:12.0300 2260  mrxsmb20 - ok
08:12:12.0322 2260  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:12:12.0366 2260  msahci - ok
08:12:12.0387 2260  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:12:12.0408 2260  msdsm - ok
08:12:12.0432 2260  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:12:12.0439 2260  MSDTC - ok
08:12:12.0466 2260  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:12:12.0468 2260  Msfs - ok
08:12:12.0481 2260  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:12:12.0484 2260  mshidkmdf - ok
08:12:12.0495 2260  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:12:12.0498 2260  msisadrv - ok
08:12:12.0510 2260  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:12:12.0515 2260  MSiSCSI - ok
08:12:12.0517 2260  msiserver - ok
08:12:12.0536 2260  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:12:12.0536 2260  MSKSSRV - ok
08:12:12.0565 2260  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:12:12.0566 2260  MSPCLOCK - ok
08:12:12.0577 2260  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:12:12.0577 2260  MSPQM - ok
08:12:12.0592 2260  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:12:12.0600 2260  MsRPC - ok
08:12:12.0614 2260  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:12:12.0615 2260  mssmbios - ok
08:12:12.0619 2260  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:12:12.0620 2260  MSTEE - ok
08:12:12.0626 2260  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:12:12.0628 2260  MTConfig - ok
08:12:12.0661 2260  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:12:12.0662 2260  Mup - ok
08:12:12.0691 2260  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:12:12.0708 2260  napagent - ok
08:12:12.0728 2260  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:12:12.0745 2260  NativeWifiP - ok
08:12:12.0797 2260  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:12:12.0803 2260  NDIS - ok
08:12:12.0829 2260  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:12:12.0880 2260  NdisCap - ok
08:12:12.0904 2260  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:12:12.0905 2260  NdisTapi - ok
08:12:12.0926 2260  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:12:12.0927 2260  Ndisuio - ok
08:12:12.0939 2260  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:12:12.0940 2260  NdisWan - ok
08:12:12.0956 2260  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:12:12.0956 2260  NDProxy - ok
08:12:12.0986 2260  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:12:12.0986 2260  NetBIOS - ok
08:12:13.0008 2260  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:12:13.0010 2260  NetBT - ok
08:12:13.0018 2260  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
08:12:13.0019 2260  Netlogon - ok
08:12:13.0058 2260  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:12:13.0062 2260  Netman - ok
08:12:13.0081 2260  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:12:13.0092 2260  netprofm - ok
08:12:13.0163 2260  [ 8CE69B2C4934A1C0321F4C8E9C6C4A41 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
08:12:13.0204 2260  netr28x - ok
08:12:13.0218 2260  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:12:13.0221 2260  nfrd960 - ok
08:12:13.0251 2260  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:12:13.0258 2260  NlaSvc - ok
08:12:13.0264 2260  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:12:13.0265 2260  Npfs - ok
08:12:13.0272 2260  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:12:13.0275 2260  nsi - ok
08:12:13.0282 2260  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:12:13.0284 2260  nsiproxy - ok
08:12:13.0340 2260  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:12:13.0360 2260  Ntfs - ok
08:12:13.0370 2260  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:12:13.0371 2260  Null - ok
08:12:13.0406 2260  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:12:13.0429 2260  nvraid - ok
08:12:13.0447 2260  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:12:13.0466 2260  nvstor - ok
08:12:13.0485 2260  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:12:13.0491 2260  nv_agp - ok
08:12:13.0506 2260  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:12:13.0509 2260  ohci1394 - ok
08:12:13.0573 2260  [ EDD1DCD36F6115ACC6935C3F88FF54D7 ] P17             C:\Windows\system32\drivers\P17.sys
08:12:13.0599 2260  P17 - ok
08:12:13.0624 2260  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:12:13.0632 2260  p2pimsvc - ok
08:12:13.0652 2260  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:12:13.0669 2260  p2psvc - ok
08:12:13.0684 2260  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:12:13.0685 2260  Parport - ok
08:12:13.0711 2260  Partizan - ok
08:12:13.0731 2260  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:12:13.0732 2260  partmgr - ok
08:12:13.0748 2260  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:12:13.0754 2260  PcaSvc - ok
08:12:13.0762 2260  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:12:13.0764 2260  pci - ok
08:12:13.0780 2260  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:12:13.0790 2260  pciide - ok
08:12:13.0803 2260  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:12:13.0805 2260  pcmcia - ok
08:12:13.0818 2260  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:12:13.0821 2260  pcw - ok
08:12:13.0843 2260  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:12:13.0901 2260  PEAUTH - ok
08:12:13.0930 2260  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
08:12:13.0957 2260  PeerDistSvc - ok
08:12:13.0996 2260  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:12:14.0029 2260  pla - ok
08:12:14.0066 2260  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:12:14.0077 2260  PlugPlay - ok
08:12:14.0090 2260  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:12:14.0094 2260  PNRPAutoReg - ok
08:12:14.0105 2260  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:12:14.0111 2260  PNRPsvc - ok
08:12:14.0125 2260  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:12:14.0130 2260  PolicyAgent - ok
08:12:14.0159 2260  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:12:14.0166 2260  Power - ok
08:12:14.0198 2260  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:12:14.0199 2260  PptpMiniport - ok
08:12:14.0203 2260  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:12:14.0204 2260  Processor - ok
08:12:14.0246 2260  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:12:14.0251 2260  ProfSvc - ok
08:12:14.0259 2260  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:12:14.0260 2260  ProtectedStorage - ok
08:12:14.0281 2260  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:12:14.0284 2260  Psched - ok
08:12:14.0316 2260  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:12:14.0343 2260  ql2300 - ok
08:12:14.0357 2260  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:12:14.0370 2260  ql40xx - ok
08:12:14.0381 2260  qozysh - ok
08:12:14.0410 2260  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:12:14.0416 2260  QWAVE - ok
08:12:14.0431 2260  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:12:14.0434 2260  QWAVEdrv - ok
08:12:14.0447 2260  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:12:14.0447 2260  RasAcd - ok
08:12:14.0476 2260  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:12:14.0479 2260  RasAgileVpn - ok
08:12:14.0493 2260  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:12:14.0499 2260  RasAuto - ok
08:12:14.0514 2260  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:12:14.0515 2260  Rasl2tp - ok
08:12:14.0534 2260  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:12:14.0542 2260  RasMan - ok
08:12:14.0547 2260  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:12:14.0547 2260  RasPppoe - ok
08:12:14.0552 2260  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:12:14.0564 2260  RasSstp - ok
08:12:14.0573 2260  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:12:14.0575 2260  rdbss - ok
08:12:14.0586 2260  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:12:14.0589 2260  rdpbus - ok
08:12:14.0596 2260  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:12:14.0597 2260  RDPCDD - ok
08:12:14.0625 2260  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
08:12:14.0625 2260  RDPDR - ok
08:12:14.0631 2260  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:12:14.0633 2260  RDPENCDD - ok
08:12:14.0652 2260  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:12:14.0654 2260  RDPREFMP - ok
08:12:14.0698 2260  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:12:14.0699 2260  RDPWD - ok
08:12:14.0723 2260  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:12:14.0742 2260  rdyboost - ok
08:12:14.0769 2260  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:12:14.0773 2260  RemoteAccess - ok
08:12:14.0787 2260  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:12:14.0790 2260  RemoteRegistry - ok
08:12:14.0825 2260  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:12:14.0835 2260  RpcEptMapper - ok
08:12:14.0847 2260  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:12:14.0849 2260  RpcLocator - ok
08:12:14.0882 2260  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:12:14.0887 2260  RpcSs - ok
08:12:14.0900 2260  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:12:14.0904 2260  rspndr - ok
08:12:14.0940 2260  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:12:14.0945 2260  RTL8167 - ok
08:12:14.0962 2260  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
08:12:14.0990 2260  s3cap - ok
08:12:15.0008 2260  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
08:12:15.0010 2260  SamSs - ok
08:12:15.0035 2260  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
08:12:15.0036 2260  SASDIFSV - ok
08:12:15.0041 2260  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
08:12:15.0041 2260  SASKUTIL - ok
08:12:15.0052 2260  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:12:15.0074 2260  sbp2port - ok
08:12:15.0097 2260  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:12:15.0111 2260  SCardSvr - ok
08:12:15.0132 2260  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:12:15.0152 2260  scfilter - ok
08:12:15.0188 2260  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:12:15.0196 2260  Schedule - ok
08:12:15.0209 2260  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:12:15.0210 2260  SCPolicySvc - ok
08:12:15.0222 2260  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:12:15.0236 2260  SDRSVC - ok
08:12:15.0245 2260  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:12:15.0247 2260  secdrv - ok
08:12:15.0254 2260  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:12:15.0257 2260  seclogon - ok
08:12:15.0266 2260  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:12:15.0280 2260  SENS - ok
08:12:15.0289 2260  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:12:15.0291 2260  SensrSvc - ok
08:12:15.0304 2260  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:12:15.0304 2260  Serenum - ok
08:12:15.0319 2260  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:12:15.0320 2260  Serial - ok
08:12:15.0331 2260  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:12:15.0333 2260  sermouse - ok
08:12:15.0361 2260  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:12:15.0375 2260  SessionEnv - ok
08:12:15.0388 2260  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:12:15.0390 2260  sffdisk - ok
08:12:15.0401 2260  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:12:15.0403 2260  sffp_mmc - ok
08:12:15.0414 2260  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:12:15.0415 2260  sffp_sd - ok
08:12:15.0428 2260  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:12:15.0429 2260  sfloppy - ok
08:12:15.0450 2260  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:12:15.0458 2260  SharedAccess - ok
08:12:15.0472 2260  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:12:15.0475 2260  ShellHWDetection - ok
08:12:15.0501 2260  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:12:15.0504 2260  SiSRaid2 - ok
08:12:15.0508 2260  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:12:15.0514 2260  SiSRaid4 - ok
08:12:15.0540 2260  sjzgxw - ok
08:12:15.0591 2260  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:12:15.0597 2260  SkypeUpdate - ok
08:12:15.0615 2260  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:12:15.0619 2260  Smb - ok
08:12:15.0654 2260  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:12:15.0657 2260  SNMPTRAP - ok
08:12:15.0665 2260  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:12:15.0667 2260  spldr - ok
08:12:15.0699 2260  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:12:15.0704 2260  Spooler - ok
08:12:15.0770 2260  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:12:15.0830 2260  sppsvc - ok
08:12:15.0852 2260  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:12:15.0857 2260  sppuinotify - ok
08:12:15.0909 2260  [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd            C:\Windows\System32\Drivers\sptd.sys
08:12:15.0923 2260  sptd - ok
08:12:15.0958 2260  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:12:15.0963 2260  srv - ok
08:12:15.0995 2260  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:12:16.0020 2260  srv2 - ok
08:12:16.0045 2260  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:12:16.0063 2260  srvnet - ok
08:12:16.0093 2260  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:12:16.0096 2260  SSDPSRV - ok
08:12:16.0108 2260  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:12:16.0112 2260  SstpSvc - ok
08:12:16.0122 2260  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:12:16.0125 2260  stexstor - ok
08:12:16.0154 2260  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:12:16.0161 2260  stisvc - ok
08:12:16.0186 2260  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
08:12:16.0202 2260  storflt - ok
08:12:16.0229 2260  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
08:12:16.0254 2260  storvsc - ok
08:12:16.0275 2260  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:12:16.0275 2260  swenum - ok
08:12:16.0348 2260  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:12:16.0368 2260  SwitchBoard - ok
08:12:16.0390 2260  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:12:16.0412 2260  swprv - ok
08:12:16.0425 2260  Synth3dVsc - ok
08:12:16.0471 2260  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:12:16.0509 2260  SysMain - ok
08:12:16.0530 2260  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:12:16.0538 2260  TabletInputService - ok
08:12:16.0552 2260  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:12:16.0555 2260  TapiSrv - ok
08:12:16.0568 2260  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:12:16.0569 2260  TBS - ok
08:12:16.0611 2260  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:12:16.0622 2260  Tcpip - ok
08:12:16.0685 2260  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:12:16.0696 2260  TCPIP6 - ok
08:12:16.0715 2260  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:12:16.0720 2260  tcpipreg - ok
08:12:16.0728 2260  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:12:16.0729 2260  TDPIPE - ok
08:12:16.0741 2260  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:12:16.0742 2260  TDTCP - ok
08:12:16.0767 2260  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:12:16.0768 2260  tdx - ok
08:12:16.0778 2260  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:12:16.0779 2260  TermDD - ok
08:12:16.0799 2260  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:12:16.0805 2260  TermService - ok
08:12:16.0819 2260  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:12:16.0823 2260  Themes - ok
08:12:16.0834 2260  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:12:16.0836 2260  THREADORDER - ok
08:12:16.0883 2260  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:12:16.0900 2260  TrkWks - ok
08:12:16.0971 2260  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:12:16.0976 2260  TrustedInstaller - ok
08:12:16.0999 2260  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:12:17.0033 2260  tssecsrv - ok
08:12:17.0052 2260  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:12:17.0070 2260  TsUsbFlt - ok
08:12:17.0073 2260  tsusbhub - ok
08:12:17.0111 2260  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:12:17.0135 2260  tunnel - ok
08:12:17.0154 2260  tvelms - ok
08:12:17.0178 2260  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:12:17.0181 2260  uagp35 - ok
08:12:17.0199 2260  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:12:17.0202 2260  udfs - ok
08:12:17.0223 2260  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:12:17.0228 2260  UI0Detect - ok
08:12:17.0238 2260  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:12:17.0242 2260  uliagpkx - ok
08:12:17.0276 2260  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:12:17.0297 2260  umbus - ok
08:12:17.0311 2260  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:12:17.0314 2260  UmPass - ok
08:12:17.0330 2260  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
08:12:17.0346 2260  UmRdpService - ok
08:12:17.0351 2260  uotote - ok
08:12:17.0375 2260  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:12:17.0377 2260  upnphost - ok
08:12:17.0390 2260  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
08:12:17.0399 2260  usbaudio - ok
08:12:17.0411 2260  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:12:17.0412 2260  usbccgp - ok
08:12:17.0440 2260  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:12:17.0443 2260  usbcir - ok
08:12:17.0455 2260  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:12:17.0456 2260  usbehci - ok
08:12:17.0470 2260  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:12:17.0473 2260  usbhub - ok
08:12:17.0489 2260  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:12:17.0501 2260  usbohci - ok
08:12:17.0530 2260  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:12:17.0532 2260  usbprint - ok
08:12:17.0550 2260  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
08:12:17.0551 2260  USBSTOR - ok
08:12:17.0563 2260  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:12:17.0564 2260  usbuhci - ok
08:12:17.0570 2260  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:12:17.0574 2260  UxSms - ok
08:12:17.0583 2260  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
08:12:17.0583 2260  VaultSvc - ok
08:12:17.0597 2260  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:12:17.0600 2260  vdrvroot - ok
08:12:17.0616 2260  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:12:17.0635 2260  vds - ok
08:12:17.0645 2260  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:12:17.0648 2260  vga - ok
08:12:17.0663 2260  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:12:17.0664 2260  VgaSave - ok
08:12:17.0675 2260  VGPU - ok
08:12:17.0692 2260  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:12:17.0713 2260  vhdmp - ok
08:12:17.0719 2260  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:12:17.0721 2260  viaide - ok
08:12:17.0739 2260  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
08:12:17.0758 2260  vmbus - ok
08:12:17.0772 2260  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
08:12:17.0786 2260  VMBusHID - ok
08:12:17.0808 2260  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:12:17.0812 2260  volmgr - ok
08:12:17.0857 2260  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:12:17.0882 2260  volmgrx - ok
08:12:17.0930 2260  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:12:17.0938 2260  volsnap - ok
08:12:17.0997 2260  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:12:18.0001 2260  vsmraid - ok
08:12:18.0041 2260  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:12:18.0071 2260  VSS - ok
08:12:18.0085 2260  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:12:18.0093 2260  vwifibus - ok
08:12:18.0116 2260  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:12:18.0119 2260  vwififlt - ok
08:12:18.0140 2260  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:12:18.0146 2260  W32Time - ok
08:12:18.0156 2260  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:12:18.0159 2260  WacomPen - ok
08:12:18.0190 2260  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:12:18.0191 2260  WANARP - ok
08:12:18.0197 2260  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:12:18.0198 2260  Wanarpv6 - ok
08:12:18.0268 2260  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:12:18.0315 2260  WatAdminSvc - ok
08:12:18.0357 2260  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:12:18.0385 2260  wbengine - ok
08:12:18.0393 2260  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:12:18.0398 2260  WbioSrvc - ok
08:12:18.0411 2260  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:12:18.0427 2260  wcncsvc - ok
08:12:18.0446 2260  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:12:18.0450 2260  WcsPlugInService - ok
08:12:18.0453 2260  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:12:18.0455 2260  Wd - ok
08:12:18.0488 2260  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:12:18.0508 2260  Wdf01000 - ok
08:12:18.0523 2260  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:12:18.0528 2260  WdiServiceHost - ok
08:12:18.0532 2260  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:12:18.0534 2260  WdiSystemHost - ok
08:12:18.0552 2260  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:12:18.0560 2260  WebClient - ok
08:12:18.0570 2260  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:12:18.0577 2260  Wecsvc - ok
08:12:18.0582 2260  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:12:18.0587 2260  wercplsupport - ok
08:12:18.0619 2260  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:12:18.0622 2260  WerSvc - ok
08:12:18.0635 2260  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:12:18.0648 2260  WfpLwf - ok
08:12:18.0655 2260  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:12:18.0658 2260  WIMMount - ok
08:12:18.0664 2260  WinHttpAutoProxySvc - ok
08:12:18.0700 2260  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:12:18.0706 2260  Winmgmt - ok
08:12:18.0748 2260  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:12:18.0799 2260  WinRM - ok
08:12:18.0830 2260  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:12:18.0846 2260  Wlansvc - ok
08:12:18.0875 2260  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:12:18.0876 2260  WmiAcpi - ok
08:12:18.0892 2260  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:12:18.0898 2260  wmiApSrv - ok
08:12:18.0908 2260  WMPNetworkSvc - ok
08:12:18.0930 2260  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:12:18.0933 2260  WPCSvc - ok
08:12:18.0942 2260  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:12:18.0953 2260  WPDBusEnum - ok
08:12:18.0968 2260  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:12:18.0968 2260  ws2ifsl - ok
08:12:18.0977 2260  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
08:12:18.0981 2260  wscsvc - ok
08:12:18.0984 2260  WSearch - ok
08:12:19.0045 2260  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:12:19.0087 2260  wuauserv - ok
08:12:19.0104 2260  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:12:19.0108 2260  WudfPf - ok
08:12:19.0149 2260  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:12:19.0158 2260  WUDFRd - ok
08:12:19.0172 2260  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:12:19.0176 2260  wudfsvc - ok
08:12:19.0193 2260  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:12:19.0200 2260  WwanSvc - ok
08:12:19.0225 2260  ysyfer - ok
08:12:19.0230 2260  zlnimc - ok
08:12:19.0245 2260  zvijcv - ok
08:12:19.0250 2260  ================ Scan global ===============================
08:12:19.0273 2260  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:12:19.0296 2260  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:12:19.0305 2260  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:12:19.0326 2260  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:12:19.0344 2260  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:12:19.0347 2260  [Global] - ok
08:12:19.0348 2260  ================ Scan MBR ==================================
08:12:19.0361 2260  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:12:19.0881 2260  \Device\Harddisk0\DR0 - ok
08:12:19.0884 2260  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
08:12:20.0302 2260  \Device\Harddisk1\DR1 - ok
08:12:20.0303 2260  ================ Scan VBR ==================================
08:12:20.0318 2260  [ 59BD277A5BE6D5BB69C7142849AAF488 ] \Device\Harddisk0\DR0\Partition1
08:12:20.0321 2260  \Device\Harddisk0\DR0\Partition1 - ok
08:12:20.0330 2260  [ D842716151DF59BC10EF8C330C836842 ] \Device\Harddisk0\DR0\Partition2
08:12:20.0333 2260  \Device\Harddisk0\DR0\Partition2 - ok
08:12:20.0334 2260  [ D2D2745C48CFE646D03C257910B9ABC8 ] \Device\Harddisk1\DR1\Partition1
08:12:20.0335 2260  \Device\Harddisk1\DR1\Partition1 - ok
08:12:20.0336 2260  ============================================================
08:12:20.0336 2260  Scan finished
08:12:20.0336 2260  ============================================================
08:12:20.0345 2380  Detected object count: 0
08:12:20.0345 2380  Actual detected object count: 0


#8 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:15 AM

results of adware cleaner : 

 

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 08:14:48
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : XXY - XXX
# Boot Mode : Normal
# Running from : C:\Users\XXY\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
Key Found : HKCU\Software\Softonic
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16490
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v21.0 (en-US)
 
File : C:\Users\XXY\AppData\Roaming\Mozilla\Firefox\Profiles\b6qtd14l.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v27.0.1453.110
 
File : C:\Users\XXY\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [830 octets] - [28/06/2013 08:14:48]
 
########## EOF - C:\AdwCleaner[R1].txt - [889 octets] ##########


#9 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:28 AM

results of ESET online scanner : 

 

were nothing. no threats.

 

any ideas?  why is my hd reading constantly?  i have set comodo hips to paranoid mode again and im building a new policy. but as im unsure which things are bad, im sure im ruining more than helping. is there just not a way to fix ur pc from malware anymore?

 

what else should i try



#10 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:30 AM

results of rkill : 

 

Rkill 2.5.3 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/28/2013 08:29:17 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Disabled
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * WinDefend [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  ::1             localhost 
 
Program finished at: 06/28/2013 08:29:30 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)


#11 seen1

seen1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:28 PM

Posted 28 June 2013 - 10:31 AM

i realize my situation is different.. because i can still *use* my comp... unlike some people ive read about, but i still want to rid my comp of bs. and prevent my hd from constantly accessing... is there just no way?  bios virus perhaps??  anyone who has any idea from these logs.. greatly appreciate the help.  cheers



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 PM

Posted 28 June 2013 - 09:00 PM

Edit.. mis posted... Here we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.

Edited by boopme, 28 June 2013 - 09:02 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users