Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

rootkit is gone but my pc is so slow (something strange is going on)


  • This topic is locked This topic is locked
11 replies to this topic

#1 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 10 February 2014 - 11:46 AM

good afternoon to all from cyprus

 

i have been asked from the member hamluis to post my logs from the dds and combobox and i am hoping for your kind help

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/8/2014 4:41:05 PM
System Uptime: 2/10/2014 5:21:20 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P8H61-M LE
Processor: Intel Pentium III Xeon processor | LGA1155 | 2393/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 184 GiB total, 98.66 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 49 GiB total, 40.302 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 2/9/2014 11:30:19 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe Audition 2.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Help Center 2.0
AVG 2013
GIMP 2.8.6
Glary Utilities 4.3
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB954550-v5)
Intel® Processor Graphics
K-Lite Codec Pack 7.1.0 (Full)
Maxthon 3
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
PeerBlock 1.0+ (r484)
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Registrar Registry Manager 6.50
Sony ACID Pro 6.0
Sony Media Manager 2.2
Sony PC Companion 2.10.188
Tweaking.com - Windows Repair (All in One)
WebFldrs XP
Windows Media Format 11 runtime
WinMount V3.5.0504
.
==== Event Viewer Messages From Past Week ========
.
2/9/2014 9:33:06 PM, error: Service Control Manager [7000]  - The ESET standalone malware removal tool kernel-mode driver service failed to start due to the following error:  The maximum number of secrets that may be stored in a single system has been exceeded.
2/9/2014 6:01:31 PM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
2/9/2014 6:01:31 PM, error: SideBySide [59]  - Generate Activation Context failed for E:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL. Reference error message: The operation completed successfully. .
2/9/2014 6:01:31 PM, error: SideBySide [32]  - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
2/9/2014 4:41:26 PM, error: Service Control Manager [7000]  - The Process creation detector. service failed to start due to the following error:  The system cannot find the file specified.
2/9/2014 4:35:36 PM, error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/9/2014 11:36:30 PM, error: Service Control Manager [7034]  - The WebClient service terminated unexpectedly.  It has done this 1 time(s).
2/9/2014 11:36:30 PM, error: Service Control Manager [7034]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).
2/9/2014 11:36:30 PM, error: Service Control Manager [7034]  - The SSDP Discovery Service service terminated unexpectedly.  It has done this 1 time(s).
2/9/2014 10:58:15 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
2/8/2014 6:22:15 PM, error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
2/8/2014 5:03:22 PM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC90.ATL. Reference error message: The referenced assembly is not installed on your system. .
2/8/2014 5:03:22 PM, error: SideBySide [59]  - Generate Activation Context failed for E:\Program Files\Glary Utilities 4\ContextHandler.dll. Reference error message: The operation completed successfully. .
2/8/2014 5:03:22 PM, error: SideBySide [32]  - Dependent Assembly Microsoft.VC90.ATL could not be found and Last Error was The referenced assembly is not installed on your system.
2/8/2014 11:19:08 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
.
==== End Of File ===========================
 
 
ComboFix 14-02-05.02 - My Pc 02/10/2014  18:33:52.3.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2762.1985 [GMT 2:00]
Running from: e:\documents and settings\My Pc\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\windows\system32\drivers\ovfsth.sys
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-10 to 2014-02-10  )))))))))))))))))))))))))))))))
.
.
2014-02-08 16:32 . 2014-02-10 15:53 -------- d-----r- E:\Program Files
2014-02-08 16:31 . 2014-02-08 14:43 -------- d-----w- E:\Documents and Settings
2014-02-08 16:03 . 2014-02-08 16:03 -------- d-----w- E:\$AVG
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-24 23:48 . 2013-11-24 23:48 208184 ----a-w- e:\windows\system32\drivers\avgidsdriverx.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MountOverlayIcon]
@="{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}"
[HKEY_CLASSES_ROOT\CLSID\{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}]
2010-10-20 11:22 257024 ----a-w- e:\program files\WinMount\WinMTExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="e:\program files\PeerBlock\peerblock.exe" [2010-10-14 1867888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="e:\program files\AVG\AVG2013\avgui.exe" [2013-11-19 4411952]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk * \0e:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"="RTHDCPL.EXE"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"Alcmtr"="ALCMTR.EXE"
"IgfxTray"="e:\windows\system32\igfxtray.exe"
"HotKeysCmds"="e:\windows\system32\hkcmd.exe"
"Persistence"="e:\windows\system32\igfxpers.exe"
"UpdateUSB"="e:\windows\inf\UpdateUSB.exe"
"Adobe ARM"="e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="e:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="e:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"MP10_EnsureFileVer"="e:\windows\inf\unregmp2.exe"/EnsureFileVersions
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Program Files\\Maxthon3\\Bin\\Maxthon.exe"=
"e:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\WINDOWS\\system32\\sessmgr.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 AVGIDSHX;AVGIDSHX;e:\windows\system32\drivers\avgidshx.sys [7/20/2013 1:50 AM 60216]
R0 Avglogx;AVG Logging Driver;e:\windows\system32\drivers\avglogx.sys [7/20/2013 1:51 AM 246072]
R0 Avgrkx86;AVG Anti-Rootkit Driver;e:\windows\system32\drivers\avgrkx86.sys [10/23/2013 1:05 AM 39224]
R1 AVGIDSDriver;AVGIDSDriver;e:\windows\system32\drivers\avgidsdriverx.sys [11/25/2013 1:48 AM 208184]
R1 AVGIDSShim;AVGIDSShim;e:\windows\system32\drivers\avgidsshimx.sys [10/23/2013 1:05 AM 22328]
R1 Avgldx86;AVG AVI Loader Driver;e:\windows\system32\drivers\avgldx86.sys [7/20/2013 1:50 AM 171320]
R1 Avgtdix;AVG TDI Driver;e:\windows\system32\drivers\avgtdix.sys [3/21/2013 3:08 AM 182072]
R1 WMDrive;WMDrive;e:\windows\system32\drivers\WMDrive.sys [2/8/2014 4:50 PM 65856]
R2 avgfws;AVG Firewall;e:\program files\AVG\AVG2013\avgfws.exe [10/23/2013 1:06 AM 1432080]
R2 AVGIDSAgent;AVGIDSAgent;e:\program files\AVG\AVG2013\avgidsagent.exe [7/4/2013 3:53 PM 4939312]
R2 avgwd;AVG WatchDog;e:\program files\AVG\AVG2013\avgwdsvc.exe [11/20/2013 1:54 AM 283136]
R3 Avgfwdx;Avgfwdx;e:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
R3 pbfilter;pbfilter;e:\program files\PeerBlock\pbfilter.sys [2/9/2014 6:44 PM 19056]
S0 BootDefragDriver;BootDefragDriver;e:\windows\system32\drivers\BootDefragDriver.sys --> e:\windows\system32\drivers\BootDefragDriver.sys [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [2/8/2014 4:58 PM 1691480]
S3 Avgfwfd;AVG network filter service;e:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S3 Sony PC Companion;Sony PC Companion;e:\program files\Sony\Sony PC Companion\PCCService.exe [2/9/2014 7:55 PM 155824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - PBFILTER
*Deregistered* - PROCEXP152
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-10 e:\windows\Tasks\GlaryInitialize 4.job
- e:\program files\Glary Utilities 4\Initialize.exe [2013-12-24 02:02]
.
2014-02-08 e:\windows\Tasks\GlaryUpdate 4.job
- e:\program files\Glary Utilities 4\CheckUpdate.exe [2013-12-24 02:01]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.10.254
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-89825561.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-10 18:37
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•A~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"=""
.
Completion time: 2014-02-10  18:39:46
ComboFix-quarantined-files.txt  2014-02-10 16:39
.
Pre-Run: 43,268,706,304 bytes free
Post-Run: 43,263,107,072 bytes free
.
- - End Of File - - 3E94FA99E128B16B977057DFF26D2AF3
8F558EB6672622401DA993E1E865C861
 
 
i hope that i have done the right procedure, if not then please delete my post
 
many thanks in advance
 
nick cyprus

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 10 February 2014 - 12:03 PM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach that log in your next reply.

 

 

 

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 10 February 2014 - 03:08 PM

good evening from cyprus dear Marius and i thank you so much for your kind reply and for your great help and assistance

 

i have scan my pc just few days ago with TDSSKiller but nothing found 

 

i am downloading now the aswmbr....  but i have the avg internet security suite 213 so i am scanning the pc with the avg

 

i can upload the avg log scan file it is required

 

negative avg haven't found anything suspicious 

 

please, if you allow me let me explain what was the problem

 

everything started when i have updated to sp3

 

the most strange thing was the firewall that was not shown under the task bar while i had enable it 

 

till then i was happy without any antivirus, only the windows firewall

 

then, i have installed the avg that found a rootkit and it cleaned those files

 

but the pc was still very slow 

 

i have deleted the partition c through my windows xp pro sp2, i have create a new c partition and i have formatted the parttion (not quick format)

 

i have installed again all my programs but again the pc was still so slow even if it is in a clean state

 

the hd is checked for any bad sectors or any cross link files but nothing serious found

 

now, the pc is still so slow especially when i install any new software, or whenever i extract a file with winmount, also it take so long time to render from sony acid a wave file and also it take longer to edit a file in adobe audition

 

this is not a normal behavior for my pc 

 

i have to say also, that i have scanned all my exe files that i have on my second partition like adobe audition, sony acid, winmount  but nothing found so far

 

i am thinking to delete both the partitions and to do a low format but unfortunately i have no any spare hd to backup so i am looking for a solution

 

i am a novice pc user but i really don't know what is going on with my pc

 

this is the avg log in summury

 

 

"Whole Computer Scan"
"No infection was found during this scan"
"Folders selected for scanning:";"Scan Whole Computer"
"Started:";"2/10/2014, 9:33:22 PM"
"Finished:";"2/10/2014, 9:33:30 PM"
"Total object scanned:";"1094"
"User who launched the scan:";"My Pc"
 
 
please, i wish to thank you very much for your kind assistance


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 10 February 2014 - 03:51 PM

Please let aswMBR scan your pc and attach the log as requested, please


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 10 February 2014 - 04:38 PM

hi again dear dear Marius and as requested please find enclosed the log files for both the mbr and tdsskiller

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-10 23:34:06
-----------------------------
23:34:06.328    OS Version: Windows 5.1.2600 Service Pack 3
23:34:06.328    Number of processors: 2 586 0x2A07
23:34:06.328    ComputerName: PCUSER  UserName: My Pc
23:34:13.125    Initialize success
23:34:42.703    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-10
23:34:42.718    Disk 0 Vendor: ST250DM000-1BD141 KC45 Size: 238475MB BusType: 3
23:34:42.828    Disk 0 MBR read successfully
23:34:42.828    Disk 0 MBR scan
23:34:42.843    Disk 0 Windows XP default MBR code
23:34:42.843    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        49999 MB offset 63
23:34:42.843    Disk 0 Partition - 00     0F Extended LBA                 0 MB offset 102398310
23:34:42.859    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       188457 MB offset 102414375
23:34:42.875    Disk 0 scanning sectors +488376000
23:34:42.906    Disk 0 scanning E:\WINDOWS\system32\drivers
23:34:47.218    Service scanning
23:34:55.062    Modules scanning
23:34:58.343    Disk 0 trace - called modules:
23:34:58.359    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
23:34:58.359    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a2c5ab8]
23:34:58.359    3 CLASSPNP.SYS[b98e8fd7] -> nt!IofCallDriver -> \Device\00000068[0x8a2ca9e8]
23:34:58.375    5 ACPI.sys[b977f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-10[0x8a2c8d98]
23:34:58.375    Scan finished successfully
23:35:27.125    Disk 0 MBR has been saved successfully to "E:\Documents and Settings\My Pc\Desktop\MBR.dat"
23:35:27.125    The log file has been saved successfully to "E:\Documents and Settings\My Pc\Desktop\aswMBR.txt"
 
 
 
 
23:29:06.0703 0x0d74  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35
23:29:11.0906 0x0d74  ============================================================
23:29:11.0906 0x0d74  Current date / time: 2014/02/10 23:29:11.0906
23:29:11.0906 0x0d74  SystemInfo:
23:29:11.0906 0x0d74  
23:29:11.0906 0x0d74  OS Version: 5.1.2600 ServicePack: 3.0
23:29:11.0906 0x0d74  Product type: Workstation
23:29:11.0906 0x0d74  ComputerName: PCUSER
23:29:11.0906 0x0d74  UserName: My Pc
23:29:11.0906 0x0d74  Windows directory: E:\WINDOWS
23:29:11.0906 0x0d74  System windows directory: E:\WINDOWS
23:29:11.0906 0x0d74  Processor architecture: Intel x86
23:29:11.0906 0x0d74  Number of processors: 2
23:29:11.0906 0x0d74  Page size: 0x1000
23:29:11.0906 0x0d74  Boot type: Normal boot
23:29:11.0906 0x0d74  ============================================================
23:29:25.0921 0x0d74  KLMD registered as E:\WINDOWS\system32\drivers\93173393.sys
23:29:27.0031 0x0d74  System UUID: {A07D3390-031D-A9A7-C003-29955A7016A2}
23:29:29.0812 0x0d74  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:29:29.0828 0x0d74  ============================================================
23:29:29.0828 0x0d74  \Device\Harddisk0\DR0:
23:29:29.0828 0x0d74  MBR partitions:
23:29:29.0828 0x0d74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
23:29:29.0859 0x0d74  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61AB827, BlocksNum 0x17014E99
23:29:29.0859 0x0d74  ============================================================
23:29:29.0953 0x0d74  C: <-> \Device\Harddisk0\DR0\Partition2
23:29:30.0000 0x0d74  E: <-> \Device\Harddisk0\DR0\Partition1
23:29:30.0000 0x0d74  ============================================================
23:29:30.0000 0x0d74  Initialize success
23:29:30.0000 0x0d74  ============================================================
23:29:33.0828 0x0df4  ============================================================
23:29:33.0828 0x0df4  Scan started
23:29:33.0828 0x0df4  Mode: Manual; 
23:29:33.0828 0x0df4  ============================================================
23:29:33.0828 0x0df4  KSN ping started
23:29:36.0250 0x0df4  KSN ping finished: true
23:29:39.0390 0x0df4  ================ Scan system memory ========================
23:29:39.0390 0x0df4  System memory - ok
23:29:39.0390 0x0df4  ================ Scan services =============================
23:29:39.0484 0x0df4  Abiosdsk - ok
23:29:39.0484 0x0df4  abp480n5 - ok
23:29:39.0515 0x0df4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            E:\WINDOWS\system32\DRIVERS\ACPI.sys
23:29:39.0531 0x0df4  ACPI - ok
23:29:39.0828 0x0df4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          E:\WINDOWS\system32\drivers\ACPIEC.sys
23:29:39.0843 0x0df4  ACPIEC - ok
23:29:39.0937 0x0df4  [ 95BB13D293F468B8CF347A98BB8E5638, F2BAF5B33168315C2F1B7BFFFFFB08482B664E29949F5DC877027FAD2D200744 ] Adobe LM Service E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:29:39.0953 0x0df4  Adobe LM Service - ok
23:29:39.0953 0x0df4  adpu160m - ok
23:29:39.0968 0x0df4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             E:\WINDOWS\system32\drivers\aec.sys
23:29:39.0968 0x0df4  aec - ok
23:29:39.0984 0x0df4  [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD             E:\WINDOWS\System32\drivers\afd.sys
23:29:39.0984 0x0df4  AFD - ok
23:29:40.0000 0x0df4  Aha154x - ok
23:29:40.0000 0x0df4  aic78u2 - ok
23:29:40.0000 0x0df4  aic78xx - ok
23:29:40.0015 0x0df4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         E:\WINDOWS\system32\alrsvc.dll
23:29:40.0015 0x0df4  Alerter - ok
23:29:40.0031 0x0df4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             E:\WINDOWS\System32\alg.exe
23:29:40.0046 0x0df4  ALG - ok
23:29:40.0046 0x0df4  AliIde - ok
23:29:40.0109 0x0df4  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         E:\WINDOWS\system32\drivers\Ambfilt.sys
23:29:40.0156 0x0df4  Ambfilt - ok
23:29:40.0156 0x0df4  amsint - ok
23:29:40.0171 0x0df4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         E:\WINDOWS\System32\appmgmts.dll
23:29:40.0187 0x0df4  AppMgmt - ok
23:29:40.0187 0x0df4  asc - ok
23:29:40.0187 0x0df4  asc3350p - ok
23:29:40.0187 0x0df4  asc3550 - ok
23:29:40.0234 0x0df4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:29:40.0250 0x0df4  aspnet_state - ok
23:29:40.0250 0x0df4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        E:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:29:40.0250 0x0df4  AsyncMac - ok
23:29:40.0281 0x0df4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           E:\WINDOWS\system32\DRIVERS\atapi.sys
23:29:40.0281 0x0df4  atapi - ok
23:29:40.0281 0x0df4  Atdisk - ok
23:29:40.0296 0x0df4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         E:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:29:40.0296 0x0df4  Atmarpc - ok
23:29:40.0296 0x0df4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        E:\WINDOWS\System32\audiosrv.dll
23:29:40.0296 0x0df4  AudioSrv - ok
23:29:40.0328 0x0df4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         E:\WINDOWS\system32\DRIVERS\audstub.sys
23:29:40.0328 0x0df4  audstub - ok
23:29:40.0359 0x0df4  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5, 7C93BB50B6EDDEAABB149045A52BDAE5DD9262DC87EEE537D766714E793292C5 ] Avgfwdx         E:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23:29:40.0359 0x0df4  Avgfwdx - ok
23:29:40.0375 0x0df4  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5, 7C93BB50B6EDDEAABB149045A52BDAE5DD9262DC87EEE537D766714E793292C5 ] Avgfwfd         E:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23:29:40.0375 0x0df4  Avgfwfd - ok
23:29:40.0437 0x0df4  [ 8A0D857EE0D05FDF1FAC51D3CC03E18C, 0806BCC1593B2CCFA26B0C8BA17088801D850401505A486B17BC49B28B058D01 ] avgfws          E:\Program Files\AVG\AVG2013\avgfws.exe
23:29:40.0484 0x0df4  avgfws - ok
23:29:40.0625 0x0df4  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     E:\Program Files\AVG\AVG2013\avgidsagent.exe
23:29:40.0859 0x0df4  AVGIDSAgent - ok
23:29:40.0875 0x0df4  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    E:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
23:29:40.0875 0x0df4  AVGIDSDriver - ok
23:29:40.0875 0x0df4  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        E:\WINDOWS\system32\DRIVERS\avgidshx.sys
23:29:40.0875 0x0df4  AVGIDSHX - ok
23:29:40.0890 0x0df4  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      E:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
23:29:40.0890 0x0df4  AVGIDSShim - ok
23:29:40.0906 0x0df4  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        E:\WINDOWS\system32\DRIVERS\avgldx86.sys
23:29:40.0906 0x0df4  Avgldx86 - ok
23:29:40.0921 0x0df4  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         E:\WINDOWS\system32\DRIVERS\avglogx.sys
23:29:40.0921 0x0df4  Avglogx - ok
23:29:40.0937 0x0df4  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        E:\WINDOWS\system32\DRIVERS\avgmfx86.sys
23:29:40.0937 0x0df4  Avgmfx86 - ok
23:29:40.0937 0x0df4  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        E:\WINDOWS\system32\DRIVERS\avgrkx86.sys
23:29:40.0937 0x0df4  Avgrkx86 - ok
23:29:40.0953 0x0df4  [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix         E:\WINDOWS\system32\DRIVERS\avgtdix.sys
23:29:40.0953 0x0df4  Avgtdix - ok
23:29:40.0968 0x0df4  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           E:\Program Files\AVG\AVG2013\avgwdsvc.exe
23:29:40.0968 0x0df4  avgwd - ok
23:29:41.0000 0x0df4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            E:\WINDOWS\system32\drivers\Beep.sys
23:29:41.0015 0x0df4  Beep - ok
23:29:41.0046 0x0df4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            E:\WINDOWS\system32\qmgr.dll
23:29:41.0093 0x0df4  BITS - ok
23:29:41.0093 0x0df4  BootDefragDriver - ok
23:29:41.0109 0x0df4  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         E:\WINDOWS\System32\browser.dll
23:29:41.0125 0x0df4  Browser - ok
23:29:41.0140 0x0df4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         E:\WINDOWS\system32\drivers\cbidf2k.sys
23:29:41.0140 0x0df4  cbidf2k - ok
23:29:41.0140 0x0df4  cd20xrnt - ok
23:29:41.0140 0x0df4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         E:\WINDOWS\system32\drivers\Cdaudio.sys
23:29:41.0140 0x0df4  Cdaudio - ok
23:29:41.0156 0x0df4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            E:\WINDOWS\system32\drivers\Cdfs.sys
23:29:41.0171 0x0df4  Cdfs - ok
23:29:41.0218 0x0df4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           E:\WINDOWS\system32\DRIVERS\cdrom.sys
23:29:41.0218 0x0df4  Cdrom - ok
23:29:41.0218 0x0df4  Changer - ok
23:29:41.0234 0x0df4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           E:\WINDOWS\system32\cisvc.exe
23:29:41.0250 0x0df4  CiSvc - ok
23:29:41.0265 0x0df4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         E:\WINDOWS\system32\clipsrv.exe
23:29:41.0281 0x0df4  ClipSrv - ok
23:29:41.0296 0x0df4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:29:41.0312 0x0df4  clr_optimization_v2.0.50727_32 - ok
23:29:41.0375 0x0df4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:29:41.0375 0x0df4  clr_optimization_v4.0.30319_32 - ok
23:29:41.0375 0x0df4  CmdIde - ok
23:29:41.0375 0x0df4  COMSysApp - ok
23:29:41.0390 0x0df4  Cpqarray - ok
23:29:41.0390 0x0df4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        E:\WINDOWS\System32\cryptsvc.dll
23:29:41.0390 0x0df4  CryptSvc - ok
23:29:41.0406 0x0df4  dac2w2k - ok
23:29:41.0406 0x0df4  dac960nt - ok
23:29:41.0421 0x0df4  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch      E:\WINDOWS\system32\rpcss.dll
23:29:41.0437 0x0df4  DcomLaunch - ok
23:29:41.0453 0x0df4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            E:\WINDOWS\System32\dhcpcsvc.dll
23:29:41.0468 0x0df4  Dhcp - ok
23:29:41.0468 0x0df4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            E:\WINDOWS\system32\DRIVERS\disk.sys
23:29:41.0484 0x0df4  Disk - ok
23:29:41.0484 0x0df4  dmadmin - ok
23:29:41.0515 0x0df4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          E:\WINDOWS\system32\drivers\dmboot.sys
23:29:41.0546 0x0df4  dmboot - ok
23:29:41.0546 0x0df4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            E:\WINDOWS\system32\drivers\dmio.sys
23:29:41.0546 0x0df4  dmio - ok
23:29:41.0703 0x0df4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          E:\WINDOWS\system32\drivers\dmload.sys
23:29:41.0765 0x0df4  dmload - ok
23:29:41.0765 0x0df4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        E:\WINDOWS\System32\dmserver.dll
23:29:41.0765 0x0df4  dmserver - ok
23:29:41.0781 0x0df4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          E:\WINDOWS\system32\drivers\DMusic.sys
23:29:41.0796 0x0df4  DMusic - ok
23:29:41.0796 0x0df4  [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache        E:\WINDOWS\System32\dnsrslvr.dll
23:29:41.0796 0x0df4  Dnscache - ok
23:29:41.0812 0x0df4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         E:\WINDOWS\System32\dot3svc.dll
23:29:41.0812 0x0df4  Dot3svc - ok
23:29:41.0828 0x0df4  dpti2o - ok
23:29:41.0828 0x0df4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         E:\WINDOWS\system32\drivers\drmkaud.sys
23:29:41.0828 0x0df4  drmkaud - ok
23:29:41.0843 0x0df4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         E:\WINDOWS\System32\eapsvc.dll
23:29:41.0843 0x0df4  EapHost - ok
23:29:41.0859 0x0df4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           E:\WINDOWS\System32\ersvc.dll
23:29:41.0875 0x0df4  ERSvc - ok
23:29:41.0890 0x0df4  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog        E:\WINDOWS\system32\services.exe
23:29:41.0890 0x0df4  Eventlog - ok
23:29:41.0890 0x0df4  [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem     E:\WINDOWS\system32\es.dll
23:29:41.0906 0x0df4  EventSystem - ok
23:29:41.0921 0x0df4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         E:\WINDOWS\system32\drivers\Fastfat.sys
23:29:41.0921 0x0df4  Fastfat - ok
23:29:41.0953 0x0df4  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility E:\WINDOWS\System32\shsvcs.dll
23:29:41.0968 0x0df4  FastUserSwitchingCompatibility - ok
23:29:41.0968 0x0df4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             E:\WINDOWS\system32\drivers\Fdc.sys
23:29:41.0968 0x0df4  Fdc - ok
23:29:41.0984 0x0df4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            E:\WINDOWS\system32\drivers\Fips.sys
23:29:41.0984 0x0df4  Fips - ok
23:29:42.0000 0x0df4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        E:\WINDOWS\system32\drivers\Flpydisk.sys
23:29:42.0000 0x0df4  Flpydisk - ok
23:29:42.0031 0x0df4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          E:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:29:42.0031 0x0df4  FltMgr - ok
23:29:42.0062 0x0df4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:29:42.0078 0x0df4  FontCache3.0.0.0 - ok
23:29:42.0078 0x0df4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          E:\WINDOWS\system32\drivers\Fs_Rec.sys
23:29:42.0078 0x0df4  Fs_Rec - ok
23:29:42.0078 0x0df4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          E:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:29:42.0093 0x0df4  Ftdisk - ok
23:29:42.0109 0x0df4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             E:\WINDOWS\system32\DRIVERS\msgpc.sys
23:29:42.0109 0x0df4  Gpc - ok
23:29:42.0125 0x0df4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        E:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:29:42.0125 0x0df4  HDAudBus - ok
23:29:42.0156 0x0df4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:29:42.0171 0x0df4  helpsvc - ok
23:29:42.0171 0x0df4  HidServ - ok
23:29:42.0203 0x0df4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          E:\WINDOWS\system32\DRIVERS\hidusb.sys
23:29:42.0203 0x0df4  hidusb - ok
23:29:42.0218 0x0df4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          E:\WINDOWS\System32\kmsvc.dll
23:29:42.0234 0x0df4  hkmsvc - ok
23:29:42.0234 0x0df4  hpn - ok
23:29:42.0250 0x0df4  [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP            E:\WINDOWS\system32\Drivers\HTTP.sys
23:29:42.0265 0x0df4  HTTP - ok
23:29:42.0281 0x0df4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      E:\WINDOWS\System32\w3ssl.dll
23:29:42.0281 0x0df4  HTTPFilter - ok
23:29:42.0281 0x0df4  i2omgmt - ok
23:29:42.0281 0x0df4  i2omp - ok
23:29:42.0296 0x0df4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        E:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:29:42.0296 0x0df4  i8042prt - ok
23:29:42.0375 0x0df4  [ 14C665264EE51DFE6AE9DFDF9C5511F2, 949694FFFFA01F299379E5C45D2FACCAA330A4443932A0BCB36A310D3A9E3D08 ] ialm            E:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23:29:42.0437 0x0df4  ialm - ok
23:29:42.0484 0x0df4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:29:42.0500 0x0df4  idsvc - ok
23:29:42.0515 0x0df4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           E:\WINDOWS\system32\DRIVERS\imapi.sys
23:29:42.0515 0x0df4  Imapi - ok
23:29:42.0515 0x0df4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    E:\WINDOWS\system32\imapi.exe
23:29:42.0531 0x0df4  ImapiService - ok
23:29:42.0531 0x0df4  ini910u - ok
23:29:42.0921 0x0df4  [ 52B1C4CE44EE58F7E781C561EFB22517, 8B1C0C4730614CD8519EAB75D23BD68C3BFD6E37EB91570FB93BFF3448F2B990 ] IntcAzAudAddService E:\WINDOWS\system32\drivers\RtkHDAud.sys
23:29:43.0093 0x0df4  IntcAzAudAddService - ok
23:29:43.0109 0x0df4  IntelIde - ok
23:29:43.0125 0x0df4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        E:\WINDOWS\system32\DRIVERS\intelppm.sys
23:29:43.0140 0x0df4  intelppm - ok
23:29:43.0156 0x0df4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           E:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:29:43.0156 0x0df4  Ip6Fw - ok
23:29:43.0171 0x0df4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:29:43.0187 0x0df4  IpFilterDriver - ok
23:29:43.0187 0x0df4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          E:\WINDOWS\system32\DRIVERS\ipinip.sys
23:29:43.0187 0x0df4  IpInIp - ok
23:29:43.0203 0x0df4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           E:\WINDOWS\system32\DRIVERS\ipnat.sys
23:29:43.0203 0x0df4  IpNat - ok
23:29:43.0218 0x0df4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           E:\WINDOWS\system32\DRIVERS\ipsec.sys
23:29:43.0218 0x0df4  IPSec - ok
23:29:43.0250 0x0df4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          E:\WINDOWS\system32\DRIVERS\irenum.sys
23:29:43.0250 0x0df4  IRENUM - ok
23:29:43.0281 0x0df4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          E:\WINDOWS\system32\DRIVERS\isapnp.sys
23:29:43.0281 0x0df4  isapnp - ok
23:29:43.0281 0x0df4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        E:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:29:43.0281 0x0df4  Kbdclass - ok
23:29:43.0296 0x0df4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          E:\WINDOWS\system32\drivers\kmixer.sys
23:29:43.0312 0x0df4  kmixer - ok
23:29:43.0312 0x0df4  [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD          E:\WINDOWS\system32\drivers\KSecDD.sys
23:29:43.0312 0x0df4  KSecDD - ok
23:29:43.0328 0x0df4  [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer    E:\WINDOWS\System32\srvsvc.dll
23:29:43.0328 0x0df4  LanmanServer - ok
23:29:43.0343 0x0df4  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation E:\WINDOWS\System32\wkssvc.dll
23:29:43.0343 0x0df4  lanmanworkstation - ok
23:29:43.0343 0x0df4  lbrtfdc - ok
23:29:43.0359 0x0df4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         E:\WINDOWS\System32\lmhsvc.dll
23:29:43.0359 0x0df4  LmHosts - ok
23:29:43.0390 0x0df4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       E:\WINDOWS\System32\msgsvc.dll
23:29:43.0390 0x0df4  Messenger - ok
23:29:43.0406 0x0df4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           E:\WINDOWS\system32\drivers\mnmdd.sys
23:29:43.0421 0x0df4  mnmdd - ok
23:29:43.0437 0x0df4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         E:\WINDOWS\system32\mnmsrvc.exe
23:29:43.0453 0x0df4  mnmsrvc - ok
23:29:43.0453 0x0df4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           E:\WINDOWS\system32\drivers\Modem.sys
23:29:43.0468 0x0df4  Modem - ok
23:29:43.0515 0x0df4  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         E:\WINDOWS\system32\drivers\Monfilt.sys
23:29:43.0562 0x0df4  Monfilt - ok
23:29:43.0718 0x0df4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        E:\WINDOWS\system32\DRIVERS\mouclass.sys
23:29:43.0734 0x0df4  Mouclass - ok
23:29:43.0750 0x0df4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          E:\WINDOWS\system32\DRIVERS\mouhid.sys
23:29:43.0765 0x0df4  mouhid - ok
23:29:43.0781 0x0df4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        E:\WINDOWS\system32\drivers\MountMgr.sys
23:29:43.0781 0x0df4  MountMgr - ok
23:29:43.0781 0x0df4  mraid35x - ok
23:29:43.0796 0x0df4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          E:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:29:43.0796 0x0df4  MRxDAV - ok
23:29:43.0812 0x0df4  [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb          E:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:29:43.0828 0x0df4  MRxSmb - ok
23:29:43.0843 0x0df4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           E:\WINDOWS\system32\msdtc.exe
23:29:43.0843 0x0df4  MSDTC - ok
23:29:43.0859 0x0df4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            E:\WINDOWS\system32\drivers\Msfs.sys
23:29:43.0859 0x0df4  Msfs - ok
23:29:43.0859 0x0df4  MSIServer - ok
23:29:43.0875 0x0df4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         E:\WINDOWS\system32\drivers\MSKSSRV.sys
23:29:43.0890 0x0df4  MSKSSRV - ok
23:29:43.0890 0x0df4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        E:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:29:43.0906 0x0df4  MSPCLOCK - ok
23:29:43.0921 0x0df4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           E:\WINDOWS\system32\drivers\MSPQM.sys
23:29:43.0921 0x0df4  MSPQM - ok
23:29:43.0937 0x0df4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        E:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:29:43.0937 0x0df4  mssmbios - ok
23:29:44.0015 0x0df4  MSSQL$SONY_MEDIAMGR - ok
23:29:44.0046 0x0df4  [ CB7524C21727404BD3140DCA32DEB7DE, 5B1F111FADC31CD1E6F0345E2F9F989D9E63D64C9F20EFEFAC7A86BD82B8484C ] MSSQLServerADHelper E:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
23:29:44.0062 0x0df4  MSSQLServerADHelper - ok
23:29:44.0078 0x0df4  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             E:\WINDOWS\system32\drivers\Mup.sys
23:29:44.0078 0x0df4  Mup - ok
23:29:44.0109 0x0df4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        E:\WINDOWS\System32\qagentrt.dll
23:29:44.0109 0x0df4  napagent - ok
23:29:44.0125 0x0df4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            E:\WINDOWS\system32\drivers\NDIS.sys
23:29:44.0140 0x0df4  NDIS - ok
23:29:44.0140 0x0df4  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        E:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:29:44.0156 0x0df4  NdisTapi - ok
23:29:44.0156 0x0df4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         E:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:29:44.0156 0x0df4  Ndisuio - ok
23:29:44.0171 0x0df4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         E:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:29:44.0171 0x0df4  NdisWan - ok
23:29:44.0171 0x0df4  [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy         E:\WINDOWS\system32\drivers\NDProxy.sys
23:29:44.0171 0x0df4  NDProxy - ok
23:29:44.0171 0x0df4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         E:\WINDOWS\system32\DRIVERS\netbios.sys
23:29:44.0171 0x0df4  NetBIOS - ok
23:29:44.0187 0x0df4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           E:\WINDOWS\system32\DRIVERS\netbt.sys
23:29:44.0187 0x0df4  NetBT - ok
23:29:44.0203 0x0df4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          E:\WINDOWS\system32\netdde.exe
23:29:44.0218 0x0df4  NetDDE - ok
23:29:44.0218 0x0df4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      E:\WINDOWS\system32\netdde.exe
23:29:44.0218 0x0df4  NetDDEdsdm - ok
23:29:44.0234 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        E:\WINDOWS\system32\lsass.exe
23:29:44.0234 0x0df4  Netlogon - ok
23:29:44.0250 0x0df4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          E:\WINDOWS\System32\netman.dll
23:29:44.0250 0x0df4  Netman - ok
23:29:44.0281 0x0df4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:29:44.0281 0x0df4  NetTcpPortSharing - ok
23:29:44.0296 0x0df4  [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla             E:\WINDOWS\System32\mswsock.dll
23:29:44.0312 0x0df4  Nla - ok
23:29:44.0312 0x0df4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            E:\WINDOWS\system32\drivers\Npfs.sys
23:29:44.0312 0x0df4  Npfs - ok
23:29:44.0343 0x0df4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            E:\WINDOWS\system32\drivers\Ntfs.sys
23:29:44.0359 0x0df4  Ntfs - ok
23:29:44.0359 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         E:\WINDOWS\system32\lsass.exe
23:29:44.0359 0x0df4  NtLmSsp - ok
23:29:44.0375 0x0df4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         E:\WINDOWS\system32\ntmssvc.dll
23:29:44.0390 0x0df4  NtmsSvc - ok
23:29:44.0421 0x0df4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            E:\WINDOWS\system32\drivers\Null.sys
23:29:44.0421 0x0df4  Null - ok
23:29:44.0453 0x0df4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:29:44.0453 0x0df4  NwlnkFlt - ok
23:29:44.0468 0x0df4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:29:44.0468 0x0df4  NwlnkFwd - ok
23:29:44.0484 0x0df4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         E:\WINDOWS\system32\DRIVERS\parport.sys
23:29:44.0484 0x0df4  Parport - ok
23:29:44.0484 0x0df4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         E:\WINDOWS\system32\drivers\PartMgr.sys
23:29:44.0484 0x0df4  PartMgr - ok
23:29:44.0500 0x0df4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          E:\WINDOWS\system32\drivers\ParVdm.sys
23:29:44.0515 0x0df4  ParVdm - ok
23:29:44.0546 0x0df4  [ F678CD9E3AFCC9264A514B941A85A9D4, 65F60C2BA9D743FF01F7BFBA23751868A744F806FFE297FED7AEA070A54C00F3 ] pbfilter        E:\Program Files\PeerBlock\pbfilter.sys
23:29:44.0546 0x0df4  pbfilter - ok
23:29:44.0703 0x0df4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             E:\WINDOWS\system32\DRIVERS\pci.sys
23:29:44.0703 0x0df4  PCI - ok
23:29:44.0718 0x0df4  PCIDump - ok
23:29:44.0750 0x0df4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          E:\WINDOWS\system32\DRIVERS\pciide.sys
23:29:44.0750 0x0df4  PCIIde - ok
23:29:44.0765 0x0df4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          E:\WINDOWS\system32\drivers\Pcmcia.sys
23:29:44.0765 0x0df4  Pcmcia - ok
23:29:44.0765 0x0df4  PDCOMP - ok
23:29:44.0781 0x0df4  PDFRAME - ok
23:29:44.0781 0x0df4  PDRELI - ok
23:29:44.0781 0x0df4  PDRFRAME - ok
23:29:44.0781 0x0df4  perc2 - ok
23:29:44.0781 0x0df4  perc2hib - ok
23:29:44.0796 0x0df4  [ 444F122E68DB44C0589227781F3C8B3F, 99581AD22CBD3B647E719E250291C315099B62FDF80671225F0C5A05489D0F91 ] pfc             E:\WINDOWS\system32\drivers\pfc.sys
23:29:44.0796 0x0df4  pfc - ok
23:29:44.0828 0x0df4  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay        E:\WINDOWS\system32\services.exe
23:29:44.0828 0x0df4  PlugPlay - ok
23:29:44.0828 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     E:\WINDOWS\system32\lsass.exe
23:29:44.0843 0x0df4  PolicyAgent - ok
23:29:44.0890 0x0df4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    E:\WINDOWS\system32\DRIVERS\raspptp.sys
23:29:44.0921 0x0df4  PptpMiniport - ok
23:29:44.0937 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage E:\WINDOWS\system32\lsass.exe
23:29:44.0937 0x0df4  ProtectedStorage - ok
23:29:44.0937 0x0df4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          E:\WINDOWS\system32\DRIVERS\psched.sys
23:29:44.0953 0x0df4  PSched - ok
23:29:44.0953 0x0df4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         E:\WINDOWS\system32\DRIVERS\ptilink.sys
23:29:44.0953 0x0df4  Ptilink - ok
23:29:44.0953 0x0df4  ql1080 - ok
23:29:44.0953 0x0df4  Ql10wnt - ok
23:29:44.0968 0x0df4  ql12160 - ok
23:29:44.0968 0x0df4  ql1240 - ok
23:29:44.0968 0x0df4  ql1280 - ok
23:29:44.0984 0x0df4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          E:\WINDOWS\system32\DRIVERS\rasacd.sys
23:29:45.0000 0x0df4  RasAcd - ok
23:29:45.0015 0x0df4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         E:\WINDOWS\System32\rasauto.dll
23:29:45.0015 0x0df4  RasAuto - ok
23:29:45.0015 0x0df4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         E:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:29:45.0015 0x0df4  Rasl2tp - ok
23:29:45.0031 0x0df4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          E:\WINDOWS\System32\rasmans.dll
23:29:45.0046 0x0df4  RasMan - ok
23:29:45.0046 0x0df4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        E:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:29:45.0046 0x0df4  RasPppoe - ok
23:29:45.0046 0x0df4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          E:\WINDOWS\system32\DRIVERS\raspti.sys
23:29:45.0046 0x0df4  Raspti - ok
23:29:45.0062 0x0df4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           E:\WINDOWS\system32\DRIVERS\rdbss.sys
23:29:45.0078 0x0df4  Rdbss - ok
23:29:45.0078 0x0df4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          E:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:29:45.0078 0x0df4  RDPCDD - ok
23:29:45.0093 0x0df4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           E:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:29:45.0093 0x0df4  rdpdr - ok
23:29:45.0109 0x0df4  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           E:\WINDOWS\system32\drivers\RDPWD.sys
23:29:45.0125 0x0df4  RDPWD - ok
23:29:45.0125 0x0df4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       E:\WINDOWS\system32\sessmgr.exe
23:29:45.0140 0x0df4  RDSessMgr - ok
23:29:45.0156 0x0df4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         E:\WINDOWS\system32\DRIVERS\redbook.sys
23:29:45.0156 0x0df4  redbook - ok
23:29:45.0187 0x0df4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    E:\WINDOWS\System32\mprdim.dll
23:29:45.0187 0x0df4  RemoteAccess - ok
23:29:45.0218 0x0df4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  E:\WINDOWS\system32\regsvc.dll
23:29:45.0218 0x0df4  RemoteRegistry - ok
23:29:45.0250 0x0df4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      E:\WINDOWS\system32\locator.exe
23:29:45.0250 0x0df4  RpcLocator - ok
23:29:45.0281 0x0df4  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs           E:\WINDOWS\System32\rpcss.dll
23:29:45.0281 0x0df4  RpcSs - ok
23:29:45.0312 0x0df4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            E:\WINDOWS\system32\rsvp.exe
23:29:45.0312 0x0df4  RSVP - ok
23:29:45.0343 0x0df4  [ 41FA2D39C227073A448AA7000B636280, 738233E2022EDE2384A673BE6F60E897641945E060D6DFD0BFB728FC503DF22C ] RTLE8023xp      E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23:29:45.0359 0x0df4  RTLE8023xp - ok
23:29:45.0359 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           E:\WINDOWS\system32\lsass.exe
23:29:45.0359 0x0df4  SamSs - ok
23:29:45.0375 0x0df4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        E:\WINDOWS\System32\SCardSvr.exe
23:29:45.0390 0x0df4  SCardSvr - ok
23:29:45.0421 0x0df4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        E:\WINDOWS\system32\schedsvc.dll
23:29:45.0421 0x0df4  Schedule - ok
23:29:45.0437 0x0df4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          E:\WINDOWS\system32\DRIVERS\secdrv.sys
23:29:45.0437 0x0df4  Secdrv - ok
23:29:45.0437 0x0df4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        E:\WINDOWS\System32\seclogon.dll
23:29:45.0437 0x0df4  seclogon - ok
23:29:45.0453 0x0df4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            E:\WINDOWS\system32\sens.dll
23:29:45.0453 0x0df4  SENS - ok
23:29:45.0453 0x0df4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         E:\WINDOWS\system32\DRIVERS\serenum.sys
23:29:45.0453 0x0df4  serenum - ok
23:29:45.0468 0x0df4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          E:\WINDOWS\system32\DRIVERS\serial.sys
23:29:45.0468 0x0df4  Serial - ok
23:29:45.0484 0x0df4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         E:\WINDOWS\system32\drivers\Sfloppy.sys
23:29:45.0484 0x0df4  Sfloppy - ok
23:29:45.0500 0x0df4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    E:\WINDOWS\System32\ipnathlp.dll
23:29:45.0500 0x0df4  SharedAccess - ok
23:29:45.0515 0x0df4  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection E:\WINDOWS\System32\shsvcs.dll
23:29:45.0515 0x0df4  ShellHWDetection - ok
23:29:45.0515 0x0df4  Simbad - ok
23:29:45.0906 0x0df4  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion E:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:29:45.0984 0x0df4  Sony PC Companion - ok
23:29:45.0984 0x0df4  Sparrow - ok
23:29:46.0015 0x0df4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        E:\WINDOWS\system32\drivers\splitter.sys
23:29:46.0109 0x0df4  splitter - ok
23:29:46.0187 0x0df4  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler         E:\WINDOWS\system32\spoolsv.exe
23:29:46.0203 0x0df4  Spooler - ok
23:29:46.0203 0x0df4  SQLAgent$SONY_MEDIAMGR - ok
23:29:46.0265 0x0df4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              E:\WINDOWS\system32\DRIVERS\sr.sys
23:29:46.0328 0x0df4  sr - ok
23:29:46.0421 0x0df4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       E:\WINDOWS\system32\srsvc.dll
23:29:46.0421 0x0df4  srservice - ok
23:29:46.0515 0x0df4  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             E:\WINDOWS\system32\DRIVERS\srv.sys
23:29:46.0531 0x0df4  Srv - ok
23:29:46.0718 0x0df4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         E:\WINDOWS\System32\ssdpsrv.dll
23:29:46.0734 0x0df4  SSDPSRV - ok
23:29:46.0812 0x0df4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          E:\WINDOWS\system32\wiaservc.dll
23:29:46.0828 0x0df4  stisvc - ok
23:29:46.0843 0x0df4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          E:\WINDOWS\system32\DRIVERS\swenum.sys
23:29:46.0843 0x0df4  swenum - ok
23:29:46.0843 0x0df4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          E:\WINDOWS\system32\drivers\swmidi.sys
23:29:46.0843 0x0df4  swmidi - ok
23:29:46.0843 0x0df4  SwPrv - ok
23:29:46.0843 0x0df4  symc810 - ok
23:29:46.0843 0x0df4  symc8xx - ok
23:29:46.0859 0x0df4  sym_hi - ok
23:29:46.0859 0x0df4  sym_u3 - ok
23:29:46.0859 0x0df4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        E:\WINDOWS\system32\drivers\sysaudio.sys
23:29:46.0875 0x0df4  sysaudio - ok
23:29:46.0890 0x0df4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       E:\WINDOWS\system32\smlogsvc.exe
23:29:46.0906 0x0df4  SysmonLog - ok
23:29:46.0921 0x0df4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         E:\WINDOWS\System32\tapisrv.dll
23:29:46.0921 0x0df4  TapiSrv - ok
23:29:46.0937 0x0df4  [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip           E:\WINDOWS\system32\DRIVERS\tcpip.sys
23:29:46.0953 0x0df4  Tcpip - ok
23:29:46.0968 0x0df4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          E:\WINDOWS\system32\drivers\TDPIPE.sys
23:29:46.0984 0x0df4  TDPIPE - ok
23:29:46.0984 0x0df4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           E:\WINDOWS\system32\drivers\TDTCP.sys
23:29:47.0000 0x0df4  TDTCP - ok
23:29:47.0000 0x0df4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          E:\WINDOWS\system32\DRIVERS\termdd.sys
23:29:47.0015 0x0df4  TermDD - ok
23:29:47.0031 0x0df4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     E:\WINDOWS\System32\termsrv.dll
23:29:47.0031 0x0df4  TermService - ok
23:29:47.0046 0x0df4  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes          E:\WINDOWS\System32\shsvcs.dll
23:29:47.0046 0x0df4  Themes - ok
23:29:47.0062 0x0df4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         E:\WINDOWS\system32\tlntsvr.exe
23:29:47.0078 0x0df4  TlntSvr - ok
23:29:47.0078 0x0df4  TosIde - ok
23:29:47.0093 0x0df4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          E:\WINDOWS\system32\trkwks.dll
23:29:47.0093 0x0df4  TrkWks - ok
23:29:47.0109 0x0df4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            E:\WINDOWS\system32\drivers\Udfs.sys
23:29:47.0125 0x0df4  Udfs - ok
23:29:47.0125 0x0df4  ultra - ok
23:29:47.0156 0x0df4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          E:\WINDOWS\system32\DRIVERS\update.sys
23:29:47.0171 0x0df4  Update - ok
23:29:47.0187 0x0df4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        E:\WINDOWS\System32\upnphost.dll
23:29:47.0187 0x0df4  upnphost - ok
23:29:47.0187 0x0df4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             E:\WINDOWS\System32\ups.exe
23:29:47.0203 0x0df4  UPS - ok
23:29:47.0218 0x0df4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         E:\WINDOWS\system32\DRIVERS\usbehci.sys
23:29:47.0218 0x0df4  usbehci - ok
23:29:47.0234 0x0df4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          E:\WINDOWS\system32\DRIVERS\usbhub.sys
23:29:47.0234 0x0df4  usbhub - ok
23:29:47.0250 0x0df4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         E:\WINDOWS\System32\drivers\vga.sys
23:29:47.0250 0x0df4  VgaSave - ok
23:29:47.0250 0x0df4  ViaIde - ok
23:29:47.0265 0x0df4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         E:\WINDOWS\system32\drivers\VolSnap.sys
23:29:47.0265 0x0df4  VolSnap - ok
23:29:47.0312 0x0df4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             E:\WINDOWS\System32\vssvc.exe
23:29:47.0328 0x0df4  VSS - ok
23:29:47.0343 0x0df4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         E:\WINDOWS\system32\w32time.dll
23:29:47.0359 0x0df4  W32Time - ok
23:29:47.0359 0x0df4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          E:\WINDOWS\system32\DRIVERS\wanarp.sys
23:29:47.0359 0x0df4  Wanarp - ok
23:29:47.0359 0x0df4  WDICA - ok
23:29:47.0390 0x0df4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          E:\WINDOWS\system32\drivers\wdmaud.sys
23:29:47.0390 0x0df4  wdmaud - ok
23:29:47.0406 0x0df4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       E:\WINDOWS\System32\webclnt.dll
23:29:47.0406 0x0df4  WebClient - ok
23:29:47.0468 0x0df4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         E:\WINDOWS\system32\wbem\WMIsvc.dll
23:29:47.0468 0x0df4  winmgmt - ok
23:29:47.0500 0x0df4  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        E:\WINDOWS\system32\MsPMSNSv.dll
23:29:47.0500 0x0df4  WmdmPmSN - ok
23:29:47.0515 0x0df4  [ EAFCB25D7D44EC245DCDCBED41CF4213, 4B0B9A15C1B79A75AC8F43ADCE48CDF7F80232D735F360A13E9146097E03F00B ] WMDrive         E:\WINDOWS\system32\drivers\WMDrive.sys
23:29:47.0531 0x0df4  WMDrive - ok
23:29:47.0562 0x0df4  [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi             E:\WINDOWS\System32\advapi32.dll
23:29:47.0578 0x0df4  Wmi - ok
23:29:47.0906 0x0df4  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         E:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:29:47.0921 0x0df4  WmiAcpi - ok
23:29:47.0968 0x0df4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        E:\WINDOWS\system32\wbem\wmiapsrv.exe
23:29:48.0000 0x0df4  WmiApSrv - ok
23:29:48.0031 0x0df4  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          E:\WINDOWS\system32\Drivers\wpdusb.sys
23:29:48.0031 0x0df4  WpdUsb - ok
23:29:48.0140 0x0df4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:29:48.0171 0x0df4  WPFFontCache_v0400 - ok
23:29:48.0203 0x0df4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         E:\WINDOWS\System32\drivers\ws2ifsl.sys
23:29:48.0218 0x0df4  WS2IFSL - ok
23:29:48.0234 0x0df4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          E:\WINDOWS\system32\wscsvc.dll
23:29:48.0234 0x0df4  wscsvc - ok
23:29:48.0265 0x0df4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        E:\WINDOWS\system32\wuauserv.dll
23:29:48.0265 0x0df4  wuauserv - ok
23:29:48.0296 0x0df4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          E:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:29:48.0296 0x0df4  WudfPf - ok
23:29:48.0312 0x0df4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          E:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:29:48.0312 0x0df4  WudfRd - ok
23:29:48.0328 0x0df4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         E:\WINDOWS\System32\WUDFSvc.dll
23:29:48.0328 0x0df4  WudfSvc - ok
23:29:48.0359 0x0df4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          E:\WINDOWS\System32\wzcsvc.dll
23:29:48.0375 0x0df4  WZCSVC - ok
23:29:48.0390 0x0df4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         E:\WINDOWS\System32\xmlprov.dll
23:29:48.0406 0x0df4  xmlprov - ok
23:29:48.0406 0x0df4  ================ Scan global ===============================
23:29:48.0421 0x0df4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] E:\WINDOWS\system32\basesrv.dll
23:29:48.0453 0x0df4  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] E:\WINDOWS\system32\winsrv.dll
23:29:48.0468 0x0df4  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] E:\WINDOWS\system32\winsrv.dll
23:29:48.0468 0x0df4  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] E:\WINDOWS\system32\services.exe
23:29:48.0484 0x0df4  [ Global ] - ok
23:29:48.0484 0x0df4  ================ Scan MBR ==================================
23:29:48.0500 0x0df4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:29:48.0968 0x0df4  \Device\Harddisk0\DR0 - ok
23:29:48.0968 0x0df4  ================ Scan VBR ==================================
23:29:48.0968 0x0df4  [ 85445260A4CC64EBB6A681248819A4B0 ] \Device\Harddisk0\DR0\Partition1
23:29:48.0968 0x0df4  \Device\Harddisk0\DR0\Partition1 - ok
23:29:48.0984 0x0df4  [ 7EB6B2553F2A730C5BFA4944D6FCB8C1 ] \Device\Harddisk0\DR0\Partition2
23:29:48.0984 0x0df4  \Device\Harddisk0\DR0\Partition2 - ok
23:29:48.0984 0x0df4  Waiting for KSN requests completion. In queue: 137
23:29:49.0984 0x0df4  Waiting for KSN requests completion. In queue: 137
23:29:50.0984 0x0df4  Waiting for KSN requests completion. In queue: 137
23:29:52.0000 0x0df4  AV detected via SS1: AVG Internet Security 2013, 2013.0, enabled, updated
23:29:52.0000 0x0df4  FW detected via SS1: AVG Internet Security 2013, 2013.0, enabled
23:29:54.0453 0x0df4  ============================================================
23:29:54.0453 0x0df4  Scan finished
23:29:54.0453 0x0df4  ============================================================
23:29:54.0453 0x0dec  Detected object count: 0
23:29:54.0453 0x0dec  Actual detected object count: 0
 
 
i hope to be ok
 
thanks
 
 


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 11 February 2014 - 06:15 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 11 February 2014 - 11:27 AM

good afternoon dear marius and as requested please find enclosed the log files for combofix and malwarebytes
 
everything was done as instructed
 
unfortunately, the malwarebytes scanned only the partition e since i have deleted and formmated the partition (not quick) c, also i have wiped the free space with glarys utilities as well just to be sure that everithing will fully deleted
 
please, if you haven't find anything supsicious till now do not bother any more with my situation and i will try to delete everything on the hard disk by the active kill disk bootable version
 
i wish to say that i fully appreciate your very kind help and qassistance all this time
 
 
 
ComboFix 14-02-05.02 - My Pc 02/11/2014  17:58:42.4.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2762.2276 [GMT 2:00]
Running from: e:\documents and settings\My Pc\Desktop\ComboFix.exe
Command switches used :: e:\documents and settings\My Pc\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
- REDUCED FUNCTIONALITY MODE -
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-11 to 2014-02-11  )))))))))))))))))))))))))))))))
.
.
2014-02-08 16:32 . 2014-02-11 15:52 -------- d-----r- E:\Program Files
2014-02-08 16:31 . 2014-02-08 14:43 -------- d-----w- E:\Documents and Settings
2014-02-08 16:03 . 2014-02-10 21:22 -------- d-----w- E:\$AVG
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-24 23:48 . 2013-11-24 23:48 208184 ----a-w- e:\windows\system32\drivers\avgidsdriverx.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MountOverlayIcon]
@="{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}"
[HKEY_CLASSES_ROOT\CLSID\{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}]
2010-10-20 11:22 257024 ----a-w- e:\program files\WinMount\WinMTExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="e:\program files\PeerBlock\peerblock.exe" [2010-10-14 1867888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="e:\program files\AVG\AVG2013\avgui.exe" [2013-11-19 4411952]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk * \0e:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Program Files\\Maxthon3\\Bin\\Maxthon.exe"=
"e:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\WINDOWS\\system32\\sessmgr.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"e:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 AVGIDSHX;AVGIDSHX;e:\windows\system32\drivers\avgidshx.sys [7/20/2013 1:50 AM 60216]
R0 Avglogx;AVG Logging Driver;e:\windows\system32\drivers\avglogx.sys [7/20/2013 1:51 AM 246072]
R0 Avgrkx86;AVG Anti-Rootkit Driver;e:\windows\system32\drivers\avgrkx86.sys [10/23/2013 1:05 AM 39224]
R1 AVGIDSDriver;AVGIDSDriver;e:\windows\system32\drivers\avgidsdriverx.sys [11/25/2013 1:48 AM 208184]
R1 AVGIDSShim;AVGIDSShim;e:\windows\system32\drivers\avgidsshimx.sys [10/23/2013 1:05 AM 22328]
R1 Avgldx86;AVG AVI Loader Driver;e:\windows\system32\drivers\avgldx86.sys [7/20/2013 1:50 AM 171320]
R1 Avgtdix;AVG TDI Driver;e:\windows\system32\drivers\avgtdix.sys [3/21/2013 3:08 AM 182072]
R1 WMDrive;WMDrive;e:\windows\system32\drivers\WMDrive.sys [2/8/2014 4:50 PM 65856]
R2 avgfws;AVG Firewall;e:\program files\AVG\AVG2013\avgfws.exe [10/23/2013 1:06 AM 1432080]
R2 avgwd;AVG WatchDog;e:\program files\AVG\AVG2013\avgwdsvc.exe [11/20/2013 1:54 AM 283136]
R2 MBAMScheduler;MBAMScheduler;e:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2/11/2014 5:45 PM 418376]
R2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/11/2014 5:45 PM 701512]
R3 Avgfwdx;Avgfwdx;e:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
R3 MBAMProtector;MBAMProtector;e:\windows\system32\drivers\mbam.sys [2/11/2014 5:45 PM 22856]
R3 pbfilter;pbfilter;e:\program files\PeerBlock\pbfilter.sys [2/9/2014 6:44 PM 19056]
S0 BootDefragDriver;BootDefragDriver;e:\windows\system32\drivers\BootDefragDriver.sys --> e:\windows\system32\drivers\BootDefragDriver.sys [?]
S2 AVGIDSAgent;AVGIDSAgent;e:\program files\AVG\AVG2013\avgidsagent.exe [7/4/2013 3:53 PM 4939312]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [2/8/2014 4:58 PM 1691480]
S3 Avgfwfd;AVG network filter service;e:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S3 Sony PC Companion;Sony PC Companion;e:\program files\Sony\Sony PC Companion\PCCService.exe [2/9/2014 7:55 PM 155824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSCHEDULER
*NewlyCreated* - MBAMSERVICE
*NewlyCreated* - PBFILTER
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-11 e:\windows\Tasks\GlaryInitialize 4.job
- e:\program files\Glary Utilities 4\Initialize.exe [2013-12-24 02:02]
.
2014-02-08 e:\windows\Tasks\GlaryUpdate 4.job
- e:\program files\Glary Utilities 4\CheckUpdate.exe [2013-12-24 02:01]
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-11 17:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•A~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1196)
e:\windows\system32\MSVCP60.dll
.
- - - - - - - > 'explorer.exe'(3572)
e:\program files\WinMount\WinMTExt.dll
e:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
e:\windows\system32\WPDShServiceObj.dll
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2014-02-11  18:01:53
ComboFix-quarantined-files.txt  2014-02-11 16:01
ComboFix2.txt  2014-02-10 16:39
.
Pre-Run: 42,332,229,632 bytes free
Post-Run: 42,346,672,128 bytes free
.
- - End Of File - - 8B5D79CC1B91C09CDAB2143E63E6CDBB
8F558EB6672622401DA993E1E865C861
 
 
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.11.07
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
My Pc :: PCUSER [administrator]
 
Protection: Enabled
 
2/11/2014 6:04:13 PM
mbam-log-2014-02-11 (18-04-13).txt
 
Scan type: Full scan (E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222075
Time elapsed: 15 minute(s), 12 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 11 February 2014 - 11:34 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 11 February 2014 - 01:57 PM

hi dear marius and i thank you so much for your kind assistance

 

negative * i cannot be able to make the eset online scan because the connection speed is so slow

 

i am online for over two and half hours and the eset done only 3%

 

it is not practical to wait so long, sorry

 

any alternative method ?

 

please, if you haven't found anything suspicious please do not bother any more and you can close this thread

 

i will try to delete everything on the hard drive with the active kill disk bootable edition



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 12 February 2014 - 05:59 AM

No, I haven´t found anything really suspicious. Feel free to wipe the place - it is the only way to get 100% security.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 Guest_nickko_*

Guest_nickko_*

  • Guests
  • OFFLINE
  •  

Posted 12 February 2014 - 10:08 AM

good afternoon dear marius and i wish to thank you once again for your really very kind assistance

 

please, you can close this thread

 

i will proceed with the full deletion of my hard drive

 

i wish you all the best

 

nick cyprus



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 13 February 2014 - 09:01 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users