Jump to content
Sign in to follow this  
Dragonmaster

Browser speed is very slow

Recommended Posts

Hi, a few days ago my web browser started to run very slowly, using up almost 50% of my CPU most of the time. There is also some sort of redirect malware on my computer as sometimes I get sent to random links whenever I use a search engine. I'll post my log here. Any help would be greatly appreciated :)

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:03:27 p.m., on 29/08/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Boot mode: Normal

 

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxpers.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\wuauclt.exe

C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Edward\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=C:\Users\Edward\LOCALS~1\Temp\caqdricoxx.pif

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe

O4 - HKLM\..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [smoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

O4 - HKLM\..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://easyabc.95599.cn

O15 - Trusted Zone: http://www.95599.cn

O15 - Trusted Zone: http://www.95599.sh.cn

O15 - Trusted Zone: http://www.abchina.com

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

 

--

End of file - 8070 bytes

Share this post


Link to post
Share on other sites

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)

Hello there, Dragonmaster

 

:wp:

 

I'm Conspire, I'll be glad to help you with your computer problems.

 

Please observe these rules while we work:

  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

Share this post


Link to post
Share on other sites

Hello there,

 

Please download DDS by sUBs from one of the following links and save it to your desktop.

  • Disable any script blocking protection (How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
---------------------------------------------------
  • Post the contents of the DDS.txt report in your next reply
  • Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.
===================================================

 

Please download aswMBR.exe and save it to your desktop.

  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan

     

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

 

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===================================================

 

On your next reply please post :

DDS log

aswMBR log

Checkup log

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

 

Good Day!

Share this post


Link to post
Share on other sites

Hi thanks for your help, I can't seem to open aswMBR.exe for some reason, I tried running as admin as well but still doesn't open. Also I can't seem to find the attachment area to attach the files.

Edited by Dragonmaster

Share this post


Link to post
Share on other sites

Skip aswMBR for the moment and run this please. :)

 

Download TDSSKiller.exe and save it to your desktop

 

Execute TDSSKiller.exe by doubleclicking on it.

Press Start Scan

If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.

Once complete, a log will be produced at the root drive which is typically C: ,for example, C:TDSSKiller.<version_date_time>log.txt

Share this post


Link to post
Share on other sites

Kind of expected lol.

 

Download Farbar Recovery Scan Tool 32-Bit

Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

 

Plug the flashdrive into the infected PC.

 

Enter System Recovery Options.

 

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

 

On the System Recovery Options menu you will get the following options:

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:frst.exe (for x64 bit version type e:frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Share this post


Link to post
Share on other sites

No DDS log is fine, here it is:

 

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Edward at 17:09:51 on 2012-08-31

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1916.966 [GMT 12:00]

.

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:windowssystem32wininit.exe

C:windowssystem32lsm.exe

C:windowssystem32svchost.exe -k DcomLaunch

C:windowssystem32svchost.exe -k RPCSS

C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:windowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:windowssystem32svchost.exe -k netsvcs

C:windowssystem32svchost.exe -k LocalService

C:windowssystem32svchost.exe -k NetworkService

C:windowsSystem32spoolsv.exe

C:windowssystem32svchost.exe -k LocalServiceNoNetwork

C:windowssystem32Dwm.exe

C:windowsExplorer.EXE

C:Program FilesAVGAVG2012avgfws.exe

C:Program FilesAVGAVG2012avgwdsvc.exe

C:WindowsSystem32igfxpers.exe

C:Program FilesCONEXANTcAudioFilterAgentcAudioFilterAgent.exe

C:windowssystem32taskhost.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesAVGAVG2012avgtray.exe

c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe

c:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe

C:windowssystem32svchost.exe -k imgsvc

C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesService32.exe

C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesApp32.exe

C:windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesWindows Media Playerwmpnetwk.exe

C:windowsSystem32svchost.exe -k LocalServicePeerNet

C:windowssystem32wuauclt.exe

C:windowsservicingTrustedInstaller.exe

C:UsersEdwardAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersEdwardAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersEdwardAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersEdwardAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersEdwardAppDataLocalGoogleChromeApplicationchrome.exe

C:windowssystem32msiexec.exe

C:windowssystem32wbemwmiprvse.exe

C:windowssystem32DllHost.exe

C:windowssystem32DllHost.exe

C:windowssystem32REGSVR32.exe

C:windowssystem32conhost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = Preserve

mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:program filesdvdvideosofttbprxtbDVDV.dll

mURLSearchHooks: H - No File

uWindows: Load=c:usersedwardlocals~1tempcaqdricoxx.pif

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:program filesavgavg2012avgdtiex.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre6binssv.dll

BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:program filesdvdvideosofttbprxtbDVDV.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:progra~1mif5ba~1office14URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - c:program filestoshibatoshiba media controller plug-inTOSHIBAMediaControllerIE.dll

TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:program filesdvdvideosofttbprxtbDVDV.dll

mRun: [<NO NAME>]

mRun: [Persistence] c:windowssystem32igfxpers.exe

mRun: [cAudioFilterAgent] c:program filesconexantcaudiofilteragentcAudioFilterAgent.exe

mRun: [TPwrMain] c:program filestoshibapower saverTPwrMain.EXE

mRun: [smoothView] c:program filestoshibasmoothviewSmoothView.exe

mRun: [00TCrdMain] c:program filestoshibaflashcardsTCrdMain.exe

mRun: [synTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe

mRun: [TWebCamera] "c:program filestoshibatoshiba web camera applicationTWebCamera.exe" autorun

mRun: [TosSENotify] c:program filestoshibatoshiba hdd ssd alertTosWaitSrv.exe

mRun: [TosVolRegulator] c:program filestoshibatosvolregulatorTosVolRegulator.exe

mRun: [TosReelTimeMonitor] c:program filestoshibareeltimeTosReelTimeMonitor.exe

mRun: [TosNC] c:program filestoshibabulletinboardTosNcCore.exe

mRun: [AVG_TRAY] "c:program filesavgavg2012avgtray.exe"

StartupFolder: c:usersedwardappdataroamingmicros~1windowsstartm~1programsstartuppmbmed~1.lnk - c:program filessonysony picture utilitypmbcoreSPUVolumeWatcher.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice14ONBttnIE.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:program filesavgavg2012avgdtiex.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:program filesmicrosoft officeoffice14ONBttnIELinkedNotes.dll

Trusted Zone: 95599.cneasyabc

Trusted Zone: 95599.cnwww

Trusted Zone: 95599.sh.cnwww

Trusted Zone: abchina.comwww

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 10.1.1.1

TCP: Interfaces{188E1979-4DEF-44A1-82AE-78346F1AFFDE} : DhcpNameServer = 10.1.1.1

TCP: Interfaces{E4919445-3B15-4AD5-9125-B6CA442252F8}745756374713 : DhcpNameServer = 192.168.1.1

TCP: Interfaces{E4919445-3B15-4AD5-9125-B6CA442252F8}745756374733 : DhcpNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filescommon filesmicrosoft sharedoffice14MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg2012avgpp.dll

Notify: igfxcui - igfxdev.dll

IFEO: cfaddgadgets.exe - "c:program filestuneup utilities 2012TUAutoReactivator32.exe"

IFEO: cfmain.exe - "c:program filestuneup utilities 2012TUAutoReactivator32.exe"

IFEO: cfprofile.exe - "c:program filestuneup utilities 2012TUAutoReactivator32.exe"

IFEO: freefileviewer.exe - "c:program filestuneup utilities 2012TUAutoReactivator32.exe"

IFEO: hd-apkhandler.exe - "c:program filestuneup utilities 2012TUAutoReactivator32.exe"

.

Note: multiple IFEO entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:windowssystem32driversavgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32driversavgrkx86.sys [2012-1-31 31952]

R1 Avgfwfd;AVG network filter service;c:windowssystem32driversavgfwd6x.sys [2011-5-23 47968]

R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32driversavgldx86.sys [2012-2-22 235216]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32driversavgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver;c:windowssystem32driversavgtdix.sys [2012-3-19 301248]

R1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32driversvwififlt.sys [2009-7-14 48128]

R2 avgfws;AVG Firewall;c:program filesavgavg2012avgfws.exe [2012-6-13 2321560]

R2 avgwd;AVG WatchDog;c:program filesavgavg2012avgwdsvc.exe [2012-2-14 193288]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:program filestuneup utilities 2012TuneUpUtilitiesService32.exe [2011-12-14 1514304]

R3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32driversavgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32driversavgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:windowssystem32driversavgidsshimx.sys [2011-12-23 17232]

R3 FwLnk;FwLnk Driver;c:windowssystem32driversFwLnk.sys [2010-6-26 7680]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:windowssystem32driversL1C62x86.sys [2010-3-5 67624]

R3 PGEffect;Pangu effect driver;c:windowssystem32driversPGEffect.sys [2010-6-26 24064]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:program filestuneup utilities 2012TuneUpUtilitiesDriver32.sys [2011-12-12 10064]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32driversvwifimp.sys [2009-7-14 14336]

S2 AVGIDSAgent;AVGIDSAgent;c:program filesavgavg2012avgidsagent.exe [2012-7-4 5160568]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-14 229888]

S3 osppsvc;Office Software Protection Platform;c:program filescommon filesmicrosoft sharedofficesoftwareprotectionplatformOSPPSVC.EXE [2010-1-9 4640000]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32driversRtsUStor.sys [2010-6-26 182304]

S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-5-24 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2010-11-27 1343400]

S4 cfWiMAXService;ConfigFree WiMAX Service;c:program filestoshibaconfigfreeCFIWmxSvcs.exe [2010-1-29 185712]

S4 ConfigFree Service;ConfigFree Service;c:program filestoshibaconfigfreeCFSvcs.exe [2009-3-11 46448]

S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filestoshibatoshiba hdd ssd alertTosSmartSrv.exe [2010-2-6 111960]

.

=============== Created Last 30 ================

.

2012-08-31 05:01:55 388096 ----a-r- c:usersedwardappdataroamingmicrosoftinstaller{45a66726-69bc-466b-a7a4-12fcba4883d7}HiJackThis.exe

2012-08-31 05:01:53 -------- d-----w- c:program filesTrend Micro

2012-08-29 04:57:02 -------- d-----w- c:program filesPC Tools Security

2012-08-29 04:55:46 -------- d-----w- c:programdataPC Tools

2012-08-27 09:19:23 -------- d-----w- c:windowssystem32driversAVG

2012-08-26 21:49:19 7023536 ----a-w- c:programdatamicrosoftwindows defenderdefinition updates{e47acfc3-f80d-423e-8e1e-a5b698f175b2}mpengine.dll

2012-08-26 08:54:53 -------- d-----w- c:usersedwardappdataroamingAd-Aware Antivirus

2012-08-26 08:08:36 -------- d-----w- c:program filesCCleaner

2012-08-25 10:17:47 -------- d-----w- c:program filesGophoto.it

2012-08-25 10:17:16 -------- d-----w- c:program files1ClickDownload

2012-08-24 09:20:47 -------- d-----w- c:usersedwardappdataroamingAVG2012

2012-08-24 09:19:27 -------- d--h--w- C:$AVG

2012-08-24 09:19:27 -------- d-----w- c:programdataAVG2012

2012-08-24 09:18:45 -------- d-----w- c:program filesAVG

2012-08-24 09:15:42 -------- d--h--w- c:programdataCommon Files

2012-08-24 09:15:42 -------- d-----w- c:programdataMFAData

2012-08-24 09:06:53 -------- d-----w- c:usersedwardappdataroamingPC Cleaners

2012-08-24 09:06:45 4269368 ----a-w- c:windowsuninst.exe

2012-08-24 09:06:45 -------- d-----w- c:usersedwardappdataroamingPCPro

2012-08-24 09:06:39 -------- d-----w- c:programdataPC1Data

2012-08-16 04:19:44 400896 ----a-w- c:windowssystem32srcore.dll

2012-08-16 04:19:42 2345984 ----a-w- c:windowssystem32win32k.sys

2012-08-16 04:19:41 492032 ----a-w- c:windowssystem32win32spl.dll

2012-08-16 04:19:40 317440 ----a-w- c:windowssystem32spoolsv.exe

2012-08-16 04:19:38 769024 ----a-w- c:windowssystem32localspl.dll

2012-08-16 04:19:38 41984 ----a-w- c:windowssystem32browcli.dll

2012-08-16 04:19:38 102912 ----a-w- c:windowssystem32browser.dll

2012-08-15 04:21:18 -------- d-----w- c:usersedwardappdataroamingSpeedyPC Software

2012-08-15 04:21:18 -------- d-----w- c:usersedwardappdataroamingDriverCure

2012-08-15 04:21:01 -------- d-----w- c:programdataSpeedyPC Software

2012-08-14 11:12:25 -------- d-----w- c:usersedwardappdataroamingMalwarebytes

2012-08-14 11:12:10 -------- d-----w- c:programdataMalwarebytes

2012-08-06 08:35:13 -------- d-----w- c:usersedwardappdataroamingFree Sound Recorder

2012-08-06 08:34:28 344064 ----a-w- c:windowssystem32msvcr70.dll

.

==================== Find3M ====================

.

2012-08-05 07:43:05 70344 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

2012-08-05 07:43:05 426184 ----a-w- c:windowssystem32FlashPlayerApp.exe

2012-07-12 05:13:40 405144 ----a-w- c:windowssystem32Newtonsoft.Json.Net20.dll

2012-06-29 00:16:58 1800704 ----a-w- c:windowssystem32jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- c:windowssystem32wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- c:windowssystem32inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- c:windowssystem32ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- c:windowssystem32mshtml.tlb

2012-06-06 05:05:52 1390080 ----a-w- c:windowssystem32msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- c:windowssystem32msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- c:windowssystem32cdosys.dll

2012-06-05 20:49:52 1070152 ----a-w- c:windowssystem32MSCOMCTL.OCX

2012-06-02 22:12:32 2422272 ----a-w- c:windowssystem32wucltux.dll

2012-06-02 22:12:13 88576 ----a-w- c:windowssystem32wudriver.dll

.

============= FINISH: 17:16:33.57 ===============

Share this post


Link to post
Share on other sites

I'd still need to gather more information before continuing.

 

 

Step 1. Place TDSSKiller.exe in Malwarebytes Chameleon folder.

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

 

Step 2. Install the Chameleon driver by doing the following:

Press the Windows key + R and in the Run box, copy and paste the following command then press Enter.

 

"C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o

 

A black DOS prompt will appear with a prompt to press any key to continue, please do.

 

Step 3. Execute TDSSKiller.exe by doubleclicking on it

Press Start Scan

If Malicious objects are found, ensure Cure is selected (it should be by default)

Click Continue then click Reboot now

Once complete, a log will be produced at the root drive which is typically C:\

For example, C:\TDSSKiller.version_date_time_log.txt

Please attach that log in reply.

Share this post


Link to post
Share on other sites

Please read through these instructions to familiarize yourself with what to expect when this tool runs

 

Refer to the ComboFix User's Guide

 

 

Download ComboFix from one of these locations:

Link 1

Link 2

 

 

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

 

 

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs

 

 

====================================================

 

 

Double click on combofix.exe & follow the prompts.

 

 

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply for further review.

Share this post


Link to post
Share on other sites

Here's the log you requested:

 

 

ComboFix 12-09-04.03 - Edward 05/09/2012 23:14:27.1.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1916.1173 [GMT 12:00]

Running from: c:usersEdwardDesktopComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:usersEdwardAppDataRoamingapp

c:usersEdwardAppDataRoamingappJerakine_lang.dat

c:usersEdwardAppDataRoamingappJerakine_lang_vesrion.dat

c:windowssystemPHONETIC.FON

c:windowssystem32Thumbs.db

.

.

((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 )))))))))))))))))))))))))))))))

.

.

2012-09-05 11:49 . 2012-09-05 11:51 -------- d-----w- c:usersEdwardAppDataLocaltemp

2012-09-05 11:49 . 2012-09-05 11:49 -------- d-----w- c:usersGuestAppDataLocaltemp

2012-09-05 11:49 . 2012-09-05 11:49 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-09-03 04:58 . 2012-09-03 04:58 31560 ----a-w- c:windowssystem32driversmbamchameleon.sys

2012-09-03 04:53 . 2012-09-03 04:53 -------- d-----w- c:program filesMalwarebytes' Anti-Malware

2012-09-02 06:26 . 2012-09-02 08:06 -------- d-----w- C:FRST

2012-08-31 05:01 . 2012-08-31 05:01 388096 ----a-r- c:usersEdwardAppDataRoamingMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe

2012-08-31 05:01 . 2012-08-31 05:01 -------- d-----w- c:program filesTrend Micro

2012-08-29 04:57 . 2012-08-29 05:16 -------- d-----w- c:program filesPC Tools Security

2012-08-29 04:55 . 2012-08-29 05:14 -------- d-----w- c:programdataPC Tools

2012-08-27 09:19 . 2012-09-05 11:26 -------- d-----w- c:windowssystem32driversAVG

2012-08-26 21:49 . 2012-08-01 22:51 7023536 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E47ACFC3-F80D-423E-8E1E-A5B698F175B2}mpengine.dll

2012-08-26 08:54 . 2012-08-26 08:55 -------- d-----w- c:usersEdwardAppDataRoamingAd-Aware Antivirus

2012-08-26 08:08 . 2012-08-26 08:08 -------- d-----w- c:program filesCCleaner

2012-08-25 10:17 . 2012-08-25 10:17 -------- d-----w- c:program filesGophoto.it

2012-08-25 10:17 . 2012-08-25 10:22 -------- d-----w- c:program files1ClickDownload

2012-08-24 09:20 . 2012-08-24 09:20 -------- d-----w- c:usersEdwardAppDataRoamingAVG2012

2012-08-24 09:19 . 2012-08-27 09:28 -------- d-----w- c:programdataAVG2012

2012-08-24 09:19 . 2012-08-27 09:19 -------- d-----w- C:$AVG

2012-08-24 09:18 . 2012-08-24 09:18 -------- d-----w- c:program filesAVG

2012-08-24 09:15 . 2012-09-05 11:27 -------- d-----w- c:programdataMFAData

2012-08-24 09:15 . 2012-08-24 09:15 -------- d--h--w- c:programdataCommon Files

2012-08-24 09:06 . 2012-08-24 09:06 -------- d-----w- c:usersEdwardAppDataRoamingPC Cleaners

2012-08-24 09:06 . 2012-08-24 09:06 -------- d-----w- c:usersEdwardAppDataRoamingPCPro

2012-08-24 09:06 . 2012-08-24 09:06 4269368 ----a-w- c:windowsuninst.exe

2012-08-24 09:06 . 2012-08-24 09:06 -------- d-----w- c:programdataPC1Data

2012-08-16 04:19 . 2012-05-05 07:46 400896 ----a-w- c:windowssystem32srcore.dll

2012-08-16 04:19 . 2012-07-18 17:47 2345984 ----a-w- c:windowssystem32win32k.sys

2012-08-16 04:19 . 2012-02-11 05:43 492032 ----a-w- c:windowssystem32win32spl.dll

2012-08-16 04:19 . 2012-02-11 05:37 317440 ----a-w- c:windowssystem32spoolsv.exe

2012-08-16 04:19 . 2012-07-04 21:14 41984 ----a-w- c:windowssystem32browcli.dll

2012-08-16 04:19 . 2012-07-04 21:14 102912 ----a-w- c:windowssystem32browser.dll

2012-08-16 04:19 . 2012-05-14 04:33 769024 ----a-w- c:windowssystem32localspl.dll

2012-08-15 04:21 . 2012-08-15 04:21 -------- d-----w- c:usersEdwardAppDataRoamingSpeedyPC Software

2012-08-15 04:21 . 2012-08-15 04:21 -------- d-----w- c:usersEdwardAppDataRoamingDriverCure

2012-08-15 04:21 . 2012-08-15 08:15 -------- d-----w- c:programdataSpeedyPC Software

2012-08-14 11:12 . 2012-08-14 11:12 -------- d-----w- c:usersEdwardAppDataRoamingMalwarebytes

2012-08-14 11:12 . 2012-08-14 11:12 -------- d-----w- c:programdataMalwarebytes

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-05 07:43 . 2012-04-29 06:03 426184 ----a-w- c:windowssystem32FlashPlayerApp.exe

2012-08-05 07:43 . 2011-07-01 22:02 70344 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl

2012-07-12 05:13 . 2012-07-29 08:04 405144 ----a-w- c:windowssystem32Newtonsoft.Json.Net20.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE~Browser Helper Objects{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

2011-05-09 09:49 176936 ----a-w- c:program filesDVDVideoSoftTBprxtbDVDV.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:program filesDVDVideoSoftTBprxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOTclsid{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

.

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:program filesDVDVideoSoftTBprxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOTclsid{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"Persistence"="c:windowssystem32igfxpers.exe" [2010-03-18 167960]

"cAudioFilterAgent"="c:program filesConexantcAudioFilterAgentcAudioFilterAgent.exe" [2010-03-10 496184]

"TPwrMain"="c:program filesTOSHIBAPower SaverTPwrMain.EXE" [2009-11-06 480608]

"SmoothView"="c:program filesToshibaSmoothViewSmoothView.exe" [2009-07-28 460088]

"00TCrdMain"="c:program filesTOSHIBAFlashCardsTCrdMain.exe" [2010-03-03 742712]

"SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2010-03-11 1697064]

"TWebCamera"="c:program filesTOSHIBATOSHIBA Web Camera ApplicationTWebCamera.exe" [2010-02-24 2454840]

"TosSENotify"="c:program filesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe" [2010-02-06 611672]

"TosVolRegulator"="c:program filesTOSHIBATosVolRegulatorTosVolRegulator.exe" [2009-11-11 22840]

"TosReelTimeMonitor"="c:program filesTOSHIBAReelTimeTosReelTimeMonitor.exe" [2010-03-03 30040]

"TosNC"="c:program filesToshibaBulletinBoardTosNcCore.exe" [2010-03-19 467816]

"AVG_TRAY"="c:program filesAVGAVG2012avgtray.exe" [2012-04-04 2587008]

.

c:usersEdwardAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

PMB Media Check Tool.lnk - c:program filesSonySony Picture UtilityPMBCoreSPUVolumeWatcher.exe [2010-11-28 333088]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]

BootExecute REG_MULTI_SZ autocheck autochk *0c:progra~1AVGAVG2012avgrsx.exe /sync /restart

.

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]

"Google Update"="c:usersEdwardAppDataLocalGoogleUpdateGoogleUpdate.exe" /c

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-]

"Adobe Reader Speed Launcher"="c:program filesAdobeReader 9.0ReaderReader_sl.exe"

"Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe"

"DivXUpdate"="c:program filesDivXDivX UpdateDivXUpdate.exe" /CHECKNOW

"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe"

"QuickTime Task"="c:program filesQuickTimeQTTask.exe" -atboottime

"IgfxTray"=c:windowssystem32igfxtray.exe

"HotKeysCmds"=c:windowssystem32hkcmd.exe

"SmartAudio"=c:program filesCONEXANTSAIISAIICpl.exe /t

.

R0 TfFsMon;TfFsMon;c:windowssystem32driversTfFsMon.sys [x]

R0 TFSysMon;TFSysMon;c:windowssystem32driversTfSysMon.sys [x]

R3 1394hub;1394 Enabled Hub;c:windowsSystem32svchost.exe [x]

R3 EagleXNt;EagleXNt;c:windowssystem32driversEagleXNt.sys [x]

R3 mbamchameleon;mbamchameleon;c:windowssystem32driversmbamchameleon.sys [x]

R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [x]

R3 XDva390;XDva390;c:windowssystem32XDva390.sys [x]

R4 cfWiMAXService;ConfigFree WiMAX Service;c:program filesTOSHIBAConfigFreeCFIWmxSvcs.exe [x]

R4 ConfigFree Service;ConfigFree Service;c:program filesTOSHIBAConfigFreeCFSvcs.exe [x]

R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:windowssystem32DRIVERSavgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx86.sys [x]

S1 Avgfwfd;AVG network filter service;c:windowssystem32DRIVERSavgfwd6x.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:windowssystem32DRIVERSavgtdix.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [x]

S2 avgfws;AVG Firewall;c:program filesAVGAVG2012avgfws.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:program filesAVGAVG2012avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:program filesAVGAVG2012avgwdsvc.exe [x]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:program filesTuneUp Utilities 2012TuneUpUtilitiesService32.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIVERSavgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32DRIVERSavgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:windowssystem32DRIVERSavgidsshimx.sys [x]

S3 FwLnk;FwLnk Driver;c:windowssystem32DRIVERSFwLnk.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:windowssystem32DRIVERSL1C62x86.sys [x]

S3 PGEffect;Pangu effect driver;c:windowssystem32DRIVERSpgeffect.sys [x]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:program filesTuneUp Utilities 2012TuneUpUtilitiesDriver32.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32DRIVERSvwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-09-01 c:windowsTasksFreeFileViewerUpdateChecker.job

- c:program filesFreeFileViewerFFVCheckForUpdates.exe [2012-06-05 02:24]

.

2012-09-05 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-2499217020-1990170743-3599274222-1004Core.job

- c:usersEdwardAppDataLocalGoogleUpdateGoogleUpdate.exe [2012-08-15 09:19]

.

2012-09-05 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-2499217020-1990170743-3599274222-1004UA.job

- c:usersEdwardAppDataLocalGoogleUpdateGoogleUpdate.exe [2012-08-15 09:19]

.

.

------- Supplementary Scan -------

.

uStart Page = about:blank

Trusted Zone: 95599.cneasyabc

Trusted Zone: 95599.cnwww

Trusted Zone: 95599.sh.cnwww

Trusted Zone: abchina.comwww

TCP: DhcpNameServer = 10.1.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

Completion time: 2012-09-06 00:08:21

ComboFix-quarantined-files.txt 2012-09-05 12:08

.

Pre-Run: 233,778,475,008 bytes free

Post-Run: 233,379,192,832 bytes free

.

- - End Of File - - C2B9D23531C4A74237B00DF1CFBBBF08

Share this post


Link to post
Share on other sites
I ran TDSS Killer and it worked this time, after the reboot my computer has become dramatically faster. My computer's fan turns on for a while whenever I watch a video and the CPU becomes high when I load several pages at once (the fan turns on as well). Overall my computer's speed improved :)

Share this post


Link to post
Share on other sites

21:37:13.0463 5644 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

21:37:15.0498 5644 ============================================================

21:37:15.0499 5644 Current date / time: 2012/09/06 21:37:15.0498

21:37:15.0499 5644 SystemInfo:

21:37:15.0499 5644

21:37:15.0499 5644 OS Version: 6.1.7601 ServicePack: 1.0

21:37:15.0499 5644 Product type: Workstation

21:37:15.0499 5644 ComputerName: EDWARD-PC

21:37:15.0499 5644 UserName: Edward

21:37:15.0499 5644 Windows directory: C:windows

21:37:15.0499 5644 System windows directory: C:windows

21:37:15.0499 5644 Processor architecture: Intel x86

21:37:15.0499 5644 Number of processors: 2

21:37:15.0499 5644 Page size: 0x1000

21:37:15.0499 5644 Boot type: Normal boot

21:37:15.0499 5644 ============================================================

21:37:17.0309 5644 Drive DeviceHarddisk0DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:37:17.0357 5644 ============================================================

21:37:17.0357 5644 DeviceHarddisk0DR0:

21:37:17.0358 5644 MBR partitions:

21:37:17.0358 5644 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23CB6000

21:37:17.0358 5644 ============================================================

21:37:17.0405 5644 C: <-> DeviceHarddisk0DR0Partition1

21:37:17.0448 5644 ============================================================

21:37:17.0448 5644 Initialize success

21:37:17.0448 5644 ============================================================

21:38:52.0140 0856 ============================================================

21:38:52.0140 0856 Scan started

21:38:52.0140 0856 Mode: Manual;

21:38:52.0140 0856 ============================================================

21:38:53.0520 0856 ================ Scan system memory ========================

21:38:53.0520 0856 System memory - ok

21:38:53.0521 0856 ================ Scan services =============================

21:38:53.0706 0856 1394hub - ok

21:38:53.0786 0856 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:windowssystem32drivers1394ohci.sys

21:38:53.0794 0856 1394ohci - ok

21:38:53.0821 0856 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:windowssystem32driversACPI.sys

21:38:53.0824 0856 ACPI - ok

21:38:53.0879 0856 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:windowssystem32driversacpipmi.sys

21:38:53.0881 0856 AcpiPmi - ok

21:38:53.0931 0856 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:windowssystem32DRIVERSadp94xx.sys

21:38:53.0937 0856 adp94xx - ok

21:38:53.0962 0856 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:windowssystem32DRIVERSadpahci.sys

21:38:53.0967 0856 adpahci - ok

21:38:53.0989 0856 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:windowssystem32DRIVERSadpu320.sys

21:38:53.0991 0856 adpu320 - ok

21:38:54.0025 0856 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:windowsSystem32aelupsvc.dll

21:38:54.0026 0856 AeLookupSvc - ok

21:38:54.0077 0856 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:windowssystem32driversafd.sys

21:38:54.0081 0856 AFD - ok

21:38:54.0114 0856 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:windowssystem32driversagp440.sys

21:38:54.0118 0856 agp440 - ok

21:38:54.0180 0856 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:windowssystem32DRIVERSdjsvs.sys

21:38:54.0183 0856 aic78xx - ok

21:38:54.0222 0856 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:windowsSystem32alg.exe

21:38:54.0224 0856 ALG - ok

21:38:54.0275 0856 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:windowssystem32driversaliide.sys

21:38:54.0276 0856 aliide - ok

21:38:54.0296 0856 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:windowssystem32driversamdagp.sys

21:38:54.0299 0856 amdagp - ok

21:38:54.0327 0856 [ CD5914170297126B6266860198D1D4F0 ] amdide C:windowssystem32driversamdide.sys

21:38:54.0329 0856 amdide - ok

21:38:54.0357 0856 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:windowssystem32DRIVERSamdk8.sys

21:38:54.0359 0856 AmdK8 - ok

21:38:54.0382 0856 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:windowssystem32DRIVERSamdppm.sys

21:38:54.0386 0856 AmdPPM - ok

21:38:54.0431 0856 [ D320BF87125326F996D4904FE24300FC ] amdsata C:windowssystem32driversamdsata.sys

21:38:54.0433 0856 amdsata - ok

21:38:54.0460 0856 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:windowssystem32DRIVERSamdsbs.sys

21:38:54.0463 0856 amdsbs - ok

21:38:54.0486 0856 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:windowssystem32driversamdxata.sys

21:38:54.0488 0856 amdxata - ok

21:38:54.0528 0856 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:windowssystem32driversappid.sys

21:38:54.0575 0856 AppID - ok

21:38:54.0617 0856 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:windowsSystem32appidsvc.dll

21:38:54.0620 0856 AppIDSvc - ok

21:38:54.0665 0856 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:windowsSystem32appinfo.dll

21:38:54.0667 0856 Appinfo - ok

21:38:54.0741 0856 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:windowssystem32DRIVERSarc.sys

21:38:54.0744 0856 arc - ok

21:38:54.0765 0856 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:windowssystem32DRIVERSarcsas.sys

21:38:54.0768 0856 arcsas - ok

21:38:54.0792 0856 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:windowssystem32DRIVERSasyncmac.sys

21:38:54.0794 0856 AsyncMac - ok

21:38:54.0842 0856 [ 338C86357871C167A96AB976519BF59E ] atapi C:windowssystem32driversatapi.sys

21:38:54.0844 0856 atapi - ok

21:38:54.0922 0856 [ 0F4B6B99D6CDC1D93DF1FA690796B2F7 ] athr C:windowssystem32DRIVERSathr.sys

21:38:54.0938 0856 athr - ok

21:38:55.0044 0856 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:windowsSystem32Audiosrv.dll

21:38:55.0052 0856 AudioEndpointBuilder - ok

21:38:55.0066 0856 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:windowsSystem32Audiosrv.dll

21:38:55.0072 0856 Audiosrv - ok

21:38:55.0151 0856 [ C46BA2C177DF0B84F9C0BFC1E4574DC7 ] Avgfwfd C:windowssystem32DRIVERSavgfwd6x.sys

21:38:55.0154 0856 Avgfwfd - ok

21:38:55.0321 0856 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:Program FilesAVGAVG2012avgfws.exe

21:38:55.0370 0856 avgfws - ok

21:38:55.0663 0856 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:Program FilesAVGAVG2012avgidsagent.exe

21:38:55.0701 0856 AVGIDSAgent - ok

21:38:55.0748 0856 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:windowssystem32DRIVERSavgidsdriverx.sys

21:38:55.0751 0856 AVGIDSDriver - ok

21:38:55.0766 0856 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:windowssystem32DRIVERSavgidsfilterx.sys

21:38:55.0767 0856 AVGIDSFilter - ok

21:38:55.0786 0856 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:windowssystem32DRIVERSavgidshx.sys

21:38:55.0788 0856 AVGIDSHX - ok

21:38:55.0825 0856 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:windowssystem32DRIVERSavgidsshimx.sys

21:38:55.0827 0856 AVGIDSShim - ok

21:38:55.0900 0856 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:windowssystem32DRIVERSavgldx86.sys

21:38:55.0903 0856 Avgldx86 - ok

21:38:55.0934 0856 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:windowssystem32DRIVERSavgmfx86.sys

21:38:55.0936 0856 Avgmfx86 - ok

21:38:55.0994 0856 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:windowssystem32DRIVERSavgrkx86.sys

21:38:55.0997 0856 Avgrkx86 - ok

21:38:56.0047 0856 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:windowssystem32DRIVERSavgtdix.sys

21:38:56.0052 0856 Avgtdix - ok

21:38:56.0085 0856 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:Program FilesAVGAVG2012avgwdsvc.exe

21:38:56.0089 0856 avgwd - ok

21:38:56.0136 0856 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:windowsSystem32AxInstSV.dll

21:38:56.0140 0856 AxInstSV - ok

21:38:56.0184 0856 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:windowssystem32DRIVERSbxvbdx.sys

21:38:56.0194 0856 b06bdrv - ok

21:38:56.0234 0856 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:windowssystem32DRIVERSb57nd60x.sys

21:38:56.0239 0856 b57nd60x - ok

21:38:56.0332 0856 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:Program FilesMicrosoft Small BusinessBusiness Contact ManagerBcmSqlStartupSvc.exe

21:38:56.0336 0856 BcmSqlStartupSvc - ok

21:38:56.0407 0856 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:windowsSystem32bdesvc.dll

21:38:56.0411 0856 BDESVC - ok

21:38:56.0479 0856 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:windowssystem32driversBeep.sys

21:38:56.0481 0856 Beep - ok

21:38:56.0545 0856 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:windowsSystem32bfe.dll

21:38:56.0554 0856 BFE - ok

21:38:56.0615 0856 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:windowssystem32qmgr.dll

21:38:56.0645 0856 BITS - ok

21:38:56.0674 0856 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:windowssystem32DRIVERSblbdrive.sys

21:38:56.0677 0856 blbdrive - ok

21:38:56.0700 0856 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:windowssystem32DRIVERSbowser.sys

21:38:56.0702 0856 bowser - ok

21:38:56.0734 0856 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:windowssystem32DRIVERSBrFiltLo.sys

21:38:56.0736 0856 BrFiltLo - ok

21:38:56.0751 0856 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:windowssystem32DRIVERSBrFiltUp.sys

21:38:56.0753 0856 BrFiltUp - ok

21:38:56.0803 0856 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:windowssystem32DRIVERSbridge.sys

21:38:56.0806 0856 BridgeMP - ok

21:38:56.0873 0856 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:windowsSystem32browser.dll

21:38:56.0877 0856 Browser - ok

21:38:56.0923 0856 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:windowsSystem32DriversBrserid.sys

21:38:56.0928 0856 Brserid - ok

21:38:56.0943 0856 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:windowsSystem32DriversBrSerWdm.sys

21:38:56.0946 0856 BrSerWdm - ok

21:38:56.0962 0856 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:windowsSystem32DriversBrUsbMdm.sys

21:38:56.0964 0856 BrUsbMdm - ok

21:38:56.0971 0856 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:windowsSystem32DriversBrUsbSer.sys

21:38:56.0974 0856 BrUsbSer - ok

21:38:56.0989 0856 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:windowssystem32DRIVERSbthmodem.sys

21:38:56.0991 0856 BTHMODEM - ok

21:38:57.0042 0856 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:windowssystem32bthserv.dll

21:38:57.0044 0856 bthserv - ok

21:38:57.0128 0856 catchme - ok

21:38:57.0160 0856 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:windowssystem32DRIVERScdfs.sys

21:38:57.0164 0856 cdfs - ok

21:38:57.0198 0856 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:windowssystem32DRIVERScdrom.sys

21:38:57.0201 0856 cdrom - ok

21:38:57.0252 0856 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:windowsSystem32certprop.dll

21:38:57.0254 0856 CertPropSvc - ok

21:38:57.0352 0856 [ 3653FD7871E8B5B92E9C3E2945BD293D ] cfWiMAXService C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe

21:38:57.0356 0856 cfWiMAXService - ok

21:38:57.0377 0856 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:windowssystem32DRIVERScirclass.sys

21:38:57.0380 0856 circlass - ok

21:38:57.0415 0856 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:windowssystem32CLFS.sys

21:38:57.0419 0856 CLFS - ok

21:38:57.0521 0856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:windowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe

21:38:57.0524 0856 clr_optimization_v2.0.50727_32 - ok

21:38:57.0591 0856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe

21:38:57.0631 0856 clr_optimization_v4.0.30319_32 - ok

21:38:57.0652 0856 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:windowssystem32DRIVERSCmBatt.sys

21:38:57.0655 0856 CmBatt - ok

21:38:57.0683 0856 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:windowssystem32driverscmdide.sys

21:38:57.0684 0856 cmdide - ok

21:38:57.0742 0856 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:windowssystem32Driverscng.sys

21:38:57.0748 0856 CNG - ok

21:38:57.0810 0856 [ 38B2B74DD1515CF70E8E33AB3A16CA07 ] CnxtHdAudService C:windowssystem32driversCHDRT32.sys

21:38:57.0818 0856 CnxtHdAudService - ok

21:38:57.0862 0856 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:windowssystem32DRIVERScompbatt.sys

21:38:57.0865 0856 Compbatt - ok

21:38:57.0909 0856 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:windowssystem32driversCompositeBus.sys

21:38:57.0911 0856 CompositeBus - ok

21:38:57.0923 0856 COMSysApp - ok

21:38:57.0977 0856 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:Program FilesTOSHIBAConfigFreeCFSvcs.exe

21:38:57.0980 0856 ConfigFree Service - ok

21:38:58.0006 0856 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:windowssystem32DRIVERScrcdisk.sys

21:38:58.0008 0856 crcdisk - ok

21:38:58.0061 0856 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:windowssystem32cryptsvc.dll

21:38:58.0065 0856 CryptSvc - ok

21:38:58.0117 0856 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:windowssystem32rpcss.dll

21:38:58.0126 0856 DcomLaunch - ok

21:38:58.0164 0856 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:windowsSystem32defragsvc.dll

21:38:58.0168 0856 defragsvc - ok

21:38:58.0219 0856 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:windowssystem32Driversdfsc.sys

21:38:58.0221 0856 DfsC - ok

21:38:58.0272 0856 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:windowssystem32dhcpcore.dll

21:38:58.0278 0856 Dhcp - ok

21:38:58.0317 0856 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:windowssystem32driversdiscache.sys

21:38:58.0320 0856 discache - ok

21:38:58.0357 0856 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:windowssystem32DRIVERSdisk.sys

21:38:58.0360 0856 Disk - ok

21:38:58.0395 0856 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:windowsSystem32dnsrslvr.dll

21:38:58.0402 0856 Dnscache - ok

21:38:58.0462 0856 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:windowsSystem32dot3svc.dll

21:38:58.0467 0856 dot3svc - ok

21:38:58.0508 0856 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:windowssystem32dps.dll

21:38:58.0512 0856 DPS - ok

21:38:58.0553 0856 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:windowssystem32driversdrmkaud.sys

21:38:58.0555 0856 drmkaud - ok

21:38:58.0604 0856 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:windowsSystem32driversdxgkrnl.sys

21:38:58.0617 0856 DXGKrnl - ok

21:38:58.0633 0856 EagleXNt - ok

21:38:58.0670 0856 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:windowsSystem32eapsvc.dll

21:38:58.0674 0856 EapHost - ok

21:38:58.0788 0856 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:windowssystem32DRIVERSevbdx.sys

21:38:58.0872 0856 ebdrv - ok

21:38:58.0895 0856 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:windowsSystem32lsass.exe

21:38:58.0897 0856 EFS - ok

21:38:58.0983 0856 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:windowsehomeehRecvr.exe

21:38:58.0992 0856 ehRecvr - ok

21:38:59.0024 0856 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:windowsehomeehsched.exe

21:38:59.0026 0856 ehSched - ok

21:38:59.0069 0856 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:windowssystem32DRIVERSelxstor.sys

21:38:59.0077 0856 elxstor - ok

21:38:59.0088 0856 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:windowssystem32driverserrdev.sys

21:38:59.0090 0856 ErrDev - ok

21:38:59.0147 0856 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:windowssystem32es.dll

21:38:59.0153 0856 EventSystem - ok

21:38:59.0177 0856 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:windowssystem32driversexfat.sys

21:38:59.0180 0856 exfat - ok

21:38:59.0197 0856 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:windowssystem32driversfastfat.sys

21:38:59.0200 0856 fastfat - ok

21:38:59.0260 0856 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:windowssystem32fxssvc.exe

21:38:59.0270 0856 Fax - ok

21:38:59.0301 0856 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:windowssystem32DRIVERSfdc.sys

21:38:59.0304 0856 fdc - ok

21:38:59.0342 0856 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:windowssystem32fdPHost.dll

21:38:59.0344 0856 fdPHost - ok

21:38:59.0362 0856 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:windowssystem32fdrespub.dll

21:38:59.0365 0856 FDResPub - ok

21:38:59.0381 0856 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:windowssystem32driversfileinfo.sys

21:38:59.0383 0856 FileInfo - ok

21:38:59.0393 0856 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:windowssystem32driversfiletrace.sys

21:38:59.0396 0856 Filetrace - ok

21:38:59.0424 0856 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:windowssystem32DRIVERSflpydisk.sys

21:38:59.0426 0856 flpydisk - ok

21:38:59.0434 0856 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:windowssystem32driversfltmgr.sys

21:38:59.0438 0856 FltMgr - ok

21:38:59.0492 0856 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:windowssystem32FntCache.dll

21:38:59.0502 0856 FontCache - ok

21:38:59.0562 0856 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:windowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe

21:38:59.0566 0856 FontCache3.0.0.0 - ok

21:38:59.0592 0856 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:windowssystem32driversFsDepends.sys

21:38:59.0594 0856 FsDepends - ok

21:38:59.0625 0856 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:windowssystem32driversFs_Rec.sys

21:38:59.0627 0856 Fs_Rec - ok

21:38:59.0689 0856 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:windowssystem32DRIVERSfvevol.sys

21:38:59.0694 0856 fvevol - ok

21:38:59.0719 0856 [ 0F76E205BDC60364F08A5949082771CA ] FwLnk C:windowssystem32DRIVERSFwLnk.sys

21:38:59.0722 0856 FwLnk - ok

21:38:59.0757 0856 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:windowssystem32DRIVERSgagp30kx.sys

21:38:59.0760 0856 gagp30kx - ok

21:38:59.0810 0856 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:windowsSystem32gpsvc.dll

21:38:59.0821 0856 gpsvc - ok

21:38:59.0869 0856 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:windowssystem32DRIVERShamachi.sys

21:38:59.0871 0856 hamachi - ok

21:38:59.0904 0856 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:windowssystem32drivershcw85cir.sys

21:38:59.0905 0856 hcw85cir - ok

21:38:59.0953 0856 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:windowssystem32driversHdAudio.sys

21:38:59.0958 0856 HdAudAddService - ok

21:38:59.0982 0856 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:windowssystem32driversHDAudBus.sys

21:38:59.0984 0856 HDAudBus - ok

21:39:00.0014 0856 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:windowssystem32DRIVERSHidBatt.sys

21:39:00.0016 0856 HidBatt - ok

21:39:00.0033 0856 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:windowssystem32DRIVERShidbth.sys

21:39:00.0035 0856 HidBth - ok

21:39:00.0062 0856 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:windowssystem32DRIVERShidir.sys

21:39:00.0064 0856 HidIr - ok

21:39:00.0098 0856 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:windowsSystem32hidserv.dll

21:39:00.0100 0856 hidserv - ok

21:39:00.0129 0856 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:windowssystem32DRIVERShidusb.sys

21:39:00.0131 0856 HidUsb - ok

21:39:00.0170 0856 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:windowssystem32kmsvc.dll

21:39:00.0173 0856 hkmsvc - ok

21:39:00.0212 0856 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:windowssystem32ListSvc.dll

21:39:00.0215 0856 HomeGroupListener - ok

21:39:00.0256 0856 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:windowssystem32provsvc.dll

21:39:00.0260 0856 HomeGroupProvider - ok

21:39:00.0312 0856 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:windowssystem32driversHpSAMD.sys

21:39:00.0314 0856 HpSAMD - ok

21:39:00.0377 0856 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:windowssystem32driversHTTP.sys

21:39:00.0387 0856 HTTP - ok

21:39:00.0410 0856 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:windowssystem32drivershwpolicy.sys

21:39:00.0412 0856 hwpolicy - ok

21:39:00.0470 0856 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:windowssystem32driversi8042prt.sys

21:39:00.0473 0856 i8042prt - ok

21:39:00.0516 0856 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:windowssystem32DRIVERSiaStor.sys

21:39:00.0519 0856 iaStor - ok

21:39:00.0557 0856 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:windowssystem32driversiaStorV.sys

21:39:00.0562 0856 iaStorV - ok

21:39:00.0646 0856 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:windowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe

21:39:00.0661 0856 idsvc - ok

21:39:00.0901 0856 [ B3A313080B0F73F4C8292290606FC15D ] igfx C:windowssystem32DRIVERSigdkmd32.sys

21:39:01.0112 0856 igfx - ok

21:39:01.0154 0856 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:windowssystem32DRIVERSiirsp.sys

21:39:01.0156 0856 iirsp - ok

21:39:01.0212 0856 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:windowsSystem32ikeext.dll

21:39:01.0224 0856 IKEEXT - ok

21:39:01.0250 0856 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:windowssystem32driversintelide.sys

21:39:01.0251 0856 intelide - ok

21:39:01.0297 0856 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:windowssystem32DRIVERSintelppm.sys

21:39:01.0298 0856 intelppm - ok

21:39:01.0329 0856 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:windowssystem32ipbusenum.dll

21:39:01.0333 0856 IPBusEnum - ok

21:39:01.0368 0856 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:windowssystem32DRIVERSipfltdrv.sys

21:39:01.0371 0856 IpFilterDriver - ok

21:39:01.0429 0856 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:windowsSystem32iphlpsvc.dll

21:39:01.0438 0856 iphlpsvc - ok

21:39:01.0461 0856 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:windowssystem32driversIPMIDrv.sys

21:39:01.0463 0856 IPMIDRV - ok

21:39:01.0494 0856 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:windowssystem32driversipnat.sys

21:39:01.0496 0856 IPNAT - ok

21:39:01.0520 0856 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:windowssystem32driversirenum.sys

21:39:01.0522 0856 IRENUM - ok

21:39:01.0550 0856 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:windowssystem32driversisapnp.sys

21:39:01.0552 0856 isapnp - ok

21:39:01.0579 0856 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:windowssystem32driversmsiscsi.sys

21:39:01.0583 0856 iScsiPrt - ok

21:39:01.0615 0856 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:windowssystem32driverskbdclass.sys

21:39:01.0617 0856 kbdclass - ok

21:39:01.0665 0856 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:windowssystem32driverskbdhid.sys

21:39:01.0666 0856 kbdhid - ok

21:39:01.0684 0856 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:windowssystem32lsass.exe

21:39:01.0685 0856 KeyIso - ok

21:39:01.0732 0856 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:windowssystem32Driversksecdd.sys

21:39:01.0734 0856 KSecDD - ok

21:39:01.0750 0856 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:windowssystem32Driversksecpkg.sys

21:39:01.0753 0856 KSecPkg - ok

21:39:01.0793 0856 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:windowssystem32msdtckrm.dll

21:39:01.0798 0856 KtmRm - ok

21:39:01.0839 0856 [ 4566FD5F4416E7FEF3600E4B30D086C3 ] L1C C:windowssystem32DRIVERSL1C62x86.sys

21:39:01.0841 0856 L1C - ok

21:39:01.0879 0856 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:windowsSystem32srvsvc.dll

21:39:01.0883 0856 LanmanServer - ok

21:39:01.0944 0856 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:windowsSystem32wkssvc.dll

21:39:01.0947 0856 LanmanWorkstation - ok

21:39:01.0984 0856 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:windowssystem32DRIVERSlltdio.sys

21:39:01.0986 0856 lltdio - ok

21:39:02.0019 0856 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:windowsSystem32lltdsvc.dll

21:39:02.0023 0856 lltdsvc - ok

21:39:02.0033 0856 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:windowsSystem32lmhsvc.dll

21:39:02.0035 0856 lmhosts - ok

21:39:02.0067 0856 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:windowssystem32DRIVERSlsi_fc.sys

21:39:02.0069 0856 LSI_FC - ok

21:39:02.0092 0856 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:windowssystem32DRIVERSlsi_sas.sys

21:39:02.0095 0856 LSI_SAS - ok

21:39:02.0113 0856 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:windowssystem32DRIVERSlsi_sas2.sys

21:39:02.0115 0856 LSI_SAS2 - ok

21:39:02.0132 0856 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:windowssystem32DRIVERSlsi_scsi.sys

21:39:02.0135 0856 LSI_SCSI - ok

21:39:02.0162 0856 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:windowssystem32driversluafv.sys

21:39:02.0164 0856 luafv - ok

21:39:02.0220 0856 [ CA0A6FF40EBB10B19F108EB2404F40A7 ] mbamchameleon C:windowssystem32driversmbamchameleon.sys

21:39:02.0222 0856 mbamchameleon - ok

21:39:02.0284 0856 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:windowssystem32Mcx2Svc.dll

21:39:02.0287 0856 Mcx2Svc - ok

21:39:02.0321 0856 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:windowssystem32DRIVERSmegasas.sys

21:39:02.0323 0856 megasas - ok

21:39:02.0345 0856 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:windowssystem32DRIVERSMegaSR.sys

21:39:02.0349 0856 MegaSR - ok

21:39:02.0383 0856 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:windowssystem32mmcss.dll

21:39:02.0386 0856 MMCSS - ok

21:39:02.0398 0856 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:windowssystem32driversmodem.sys

21:39:02.0400 0856 Modem - ok

21:39:02.0438 0856 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:windowssystem32DRIVERSmonitor.sys

21:39:02.0439 0856 monitor - ok

21:39:02.0474 0856 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:windowssystem32DRIVERSmouclass.sys

21:39:02.0476 0856 mouclass - ok

21:39:02.0496 0856 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:windowssystem32DRIVERSmouhid.sys

21:39:02.0498 0856 mouhid - ok

21:39:02.0542 0856 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:windowssystem32driversmountmgr.sys

21:39:02.0545 0856 mountmgr - ok

21:39:02.0582 0856 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:windowssystem32driversmpio.sys

21:39:02.0585 0856 mpio - ok

21:39:02.0616 0856 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:windowssystem32driversmpsdrv.sys

21:39:02.0618 0856 mpsdrv - ok

21:39:02.0682 0856 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:windowssystem32mpssvc.dll

21:39:02.0691 0856 MpsSvc - ok

21:39:02.0724 0856 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:windowssystem32driversmrxdav.sys

21:39:02.0727 0856 MRxDAV - ok

21:39:02.0778 0856 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:windowssystem32DRIVERSmrxsmb.sys

21:39:02.0780 0856 mrxsmb - ok

21:39:02.0820 0856 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:windowssystem32DRIVERSmrxsmb10.sys

21:39:02.0823 0856 mrxsmb10 - ok

21:39:02.0842 0856 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:windowssystem32DRIVERSmrxsmb20.sys

21:39:02.0844 0856 mrxsmb20 - ok

21:39:02.0855 0856 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:windowssystem32driversmsahci.sys

21:39:02.0856 0856 msahci - ok

21:39:02.0872 0856 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:windowssystem32driversmsdsm.sys

21:39:02.0874 0856 msdsm - ok

21:39:02.0910 0856 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:windowsSystem32msdtc.exe

21:39:02.0914 0856 MSDTC - ok

21:39:02.0966 0856 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:windowssystem32driversMsfs.sys

21:39:02.0967 0856 Msfs - ok

21:39:02.0982 0856 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:windowsSystem32driversmshidkmdf.sys

21:39:02.0984 0856 mshidkmdf - ok

21:39:02.0997 0856 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:windowssystem32driversmsisadrv.sys

21:39:02.0999 0856 msisadrv - ok

21:39:03.0041 0856 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:windowssystem32iscsiexe.dll

21:39:03.0045 0856 MSiSCSI - ok

21:39:03.0051 0856 msiserver - ok

21:39:03.0086 0856 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:windowssystem32driversMSKSSRV.sys

21:39:03.0088 0856 MSKSSRV - ok

21:39:03.0109 0856 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:windowssystem32driversMSPCLOCK.sys

21:39:03.0110 0856 MSPCLOCK - ok

21:39:03.0119 0856 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:windowssystem32driversMSPQM.sys

21:39:03.0120 0856 MSPQM - ok

21:39:03.0134 0856 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:windowssystem32driversMsRPC.sys

21:39:03.0137 0856 MsRPC - ok

21:39:03.0161 0856 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:windowssystem32driversmssmbios.sys

21:39:03.0162 0856 mssmbios - ok

21:39:03.0216 0856 MSSQL$MSSMLBIZ - ok

21:39:03.0263 0856 MSSQL$SQLEXPRESS - ok

21:39:03.0325 0856 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:Program FilesMicrosoft SQL Server90Sharedsqladhlp90.exe

21:39:03.0328 0856 MSSQLServerADHelper - ok

21:39:03.0371 0856 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:windowssystem32driversMSTEE.sys

21:39:03.0373 0856 MSTEE - ok

21:39:03.0386 0856 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:windowssystem32DRIVERSMTConfig.sys

21:39:03.0388 0856 MTConfig - ok

21:39:03.0409 0856 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:windowssystem32Driversmup.sys

21:39:03.0411 0856 Mup - ok

21:39:03.0455 0856 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:windowssystem32qagentRT.dll

21:39:03.0461 0856 napagent - ok

21:39:03.0504 0856 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:windowssystem32DRIVERSnwifi.sys

21:39:03.0508 0856 NativeWifiP - ok

21:39:03.0566 0856 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:windowssystem32driversndis.sys

21:39:03.0578 0856 NDIS - ok

21:39:03.0617 0856 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:windowssystem32DRIVERSndiscap.sys

21:39:03.0621 0856 NdisCap - ok

21:39:03.0655 0856 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:windowssystem32DRIVERSndistapi.sys

21:39:03.0658 0856 NdisTapi - ok

21:39:03.0702 0856 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:windowssystem32DRIVERSndisuio.sys

21:39:03.0705 0856 Ndisuio - ok

21:39:03.0750 0856 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:windowssystem32DRIVERSndiswan.sys

21:39:03.0754 0856 NdisWan - ok

21:39:03.0799 0856 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:windowssystem32driversNDProxy.sys

21:39:03.0802 0856 NDProxy - ok

21:39:03.0836 0856 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:windowssystem32DRIVERSnetbios.sys

21:39:03.0839 0856 NetBIOS - ok

21:39:03.0878 0856 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:windowssystem32DRIVERSnetbt.sys

21:39:03.0883 0856 NetBT - ok

21:39:03.0895 0856 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:windowssystem32lsass.exe

21:39:03.0898 0856 Netlogon - ok

21:39:03.0950 0856 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:windowsSystem32netman.dll

21:39:03.0961 0856 Netman - ok

21:39:03.0986 0856 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:windowsSystem32netprofm.dll

21:39:03.0991 0856 netprofm - ok

21:39:04.0029 0856 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:windowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe

21:39:04.0033 0856 NetTcpPortSharing - ok

21:39:04.0070 0856 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:windowssystem32DRIVERSnfrd960.sys

21:39:04.0073 0856 nfrd960 - ok

21:39:04.0125 0856 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:windowsSystem32nlasvc.dll

21:39:04.0132 0856 NlaSvc - ok

21:39:04.0202 0856 [ 03BBA4DEDEFB48C510061529651B453A ] nocashio C:windowssystem32driversnocashio.sys

21:39:04.0205 0856 nocashio - ok

21:39:04.0225 0856 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:windowssystem32driversNpfs.sys

21:39:04.0228 0856 Npfs - ok

21:39:04.0257 0856 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:windowssystem32nsisvc.dll

21:39:04.0259 0856 nsi - ok

21:39:04.0294 0856 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:windowssystem32driversnsiproxy.sys

21:39:04.0296 0856 nsiproxy - ok

21:39:04.0362 0856 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:windowssystem32driversNtfs.sys

21:39:04.0397 0856 Ntfs - ok

21:39:04.0427 0856 [ F9756A98D69098DCA8945D62858A812C ] Null C:windowssystem32driversNull.sys

21:39:04.0429 0856 Null - ok

21:39:04.0469 0856 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:windowssystem32driversnvraid.sys

21:39:04.0473 0856 nvraid - ok

21:39:04.0493 0856 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:windowssystem32driversnvstor.sys

21:39:04.0497 0856 nvstor - ok

21:39:04.0538 0856 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:windowssystem32driversnv_agp.sys

21:39:04.0541 0856 nv_agp - ok

21:39:04.0580 0856 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:windowssystem32driversohci1394.sys

21:39:04.0583 0856 ohci1394 - ok

21:39:04.0664 0856 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE

21:39:04.0668 0856 ose - ok

21:39:04.0848 0856 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE

21:39:04.0967 0856 osppsvc - ok

21:39:05.0006 0856 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:windowssystem32pnrpsvc.dll

21:39:05.0011 0856 p2pimsvc - ok

21:39:05.0030 0856 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:windowssystem32p2psvc.dll

21:39:05.0036 0856 p2psvc - ok

21:39:05.0077 0856 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:windowssystem32DRIVERSparport.sys

21:39:05.0079 0856 Parport - ok

21:39:05.0109 0856 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:windowssystem32driverspartmgr.sys

21:39:05.0112 0856 partmgr - ok

21:39:05.0135 0856 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:windowssystem32DRIVERSparvdm.sys

21:39:05.0138 0856 Parvdm - ok

21:39:05.0170 0856 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:windowsSystem32pcasvc.dll

21:39:05.0174 0856 PcaSvc - ok

21:39:05.0211 0856 [ 673E55C3498EB970088E812EA820AA8F ] pci C:windowssystem32driverspci.sys

21:39:05.0214 0856 pci - ok

21:39:05.0220 0856 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:windowssystem32driverspciide.sys

21:39:05.0222 0856 pciide - ok

21:39:05.0253 0856 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:windowssystem32DRIVERSpcmcia.sys

21:39:05.0256 0856 pcmcia - ok

21:39:05.0263 0856 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:windowssystem32driverspcw.sys

21:39:05.0266 0856 pcw - ok

21:39:05.0295 0856 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:windowssystem32driverspeauth.sys

21:39:05.0302 0856 PEAUTH - ok

21:39:05.0352 0856 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:windowssystem32DRIVERSpgeffect.sys

21:39:05.0354 0856 PGEffect - ok

21:39:05.0440 0856 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:windowssystem32pla.dll

21:39:05.0465 0856 pla - ok

21:39:05.0505 0856 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:windowssystem32umpnpmgr.dll

21:39:05.0511 0856 PlugPlay - ok

21:39:05.0534 0856 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:windowssystem32pnrpauto.dll

21:39:05.0537 0856 PNRPAutoReg - ok

21:39:05.0561 0856 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:windowssystem32pnrpsvc.dll

21:39:05.0565 0856 PNRPsvc - ok

21:39:05.0607 0856 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:windowsSystem32ipsecsvc.dll

21:39:05.0612 0856 PolicyAgent - ok

21:39:05.0654 0856 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:windowssystem32umpo.dll

21:39:05.0658 0856 Power - ok

21:39:05.0694 0856 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:windowssystem32DRIVERSraspptp.sys

21:39:05.0696 0856 PptpMiniport - ok

21:39:05.0716 0856 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:windowssystem32DRIVERSprocessr.sys

21:39:05.0718 0856 Processor - ok

21:39:05.0759 0856 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:windowssystem32profsvc.dll

21:39:05.0770 0856 ProfSvc - ok

21:39:05.0784 0856 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:windowssystem32lsass.exe

21:39:05.0786 0856 ProtectedStorage - ok

21:39:05.0823 0856 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:windowssystem32DRIVERSpacer.sys

21:39:05.0826 0856 Psched - ok

21:39:05.0878 0856 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:windowssystem32DriversPxHelp20.sys

21:39:05.0880 0856 PxHelp20 - ok

21:39:05.0931 0856 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:windowssystem32DRIVERSql2300.sys

21:39:05.0946 0856 ql2300 - ok

21:39:05.0978 0856 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:windowssystem32DRIVERSql40xx.sys

21:39:05.0980 0856 ql40xx - ok

21:39:06.0019 0856 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:windowssystem32qwave.dll

21:39:06.0023 0856 QWAVE - ok

21:39:06.0038 0856 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:windowssystem32driversqwavedrv.sys

21:39:06.0040 0856 QWAVEdrv - ok

21:39:06.0055 0856 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:windowssystem32DRIVERSrasacd.sys

21:39:06.0057 0856 RasAcd - ok

21:39:06.0098 0856 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:windowssystem32DRIVERSAgileVpn.sys

21:39:06.0100 0856 RasAgileVpn - ok

21:39:06.0123 0856 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:windowsSystem32rasauto.dll

21:39:06.0127 0856 RasAuto - ok

21:39:06.0149 0856 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:windowssystem32DRIVERSrasl2tp.sys

21:39:06.0151 0856 Rasl2tp - ok

21:39:06.0192 0856 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:windowsSystem32rasmans.dll

21:39:06.0201 0856 RasMan - ok

21:39:06.0226 0856 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:windowssystem32DRIVERSraspppoe.sys

21:39:06.0229 0856 RasPppoe - ok

21:39:06.0237 0856 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:windowssystem32DRIVERSrassstp.sys

21:39:06.0240 0856 RasSstp - ok

21:39:06.0282 0856 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:windowssystem32DRIVERSrdbss.sys

21:39:06.0287 0856 rdbss - ok

21:39:06.0319 0856 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:windowssystem32DRIVERSrdpbus.sys

21:39:06.0321 0856 rdpbus - ok

21:39:06.0362 0856 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:windowssystem32DRIVERSRDPCDD.sys

21:39:06.0364 0856 RDPCDD - ok

21:39:06.0403 0856 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:windowssystem32driversrdpencdd.sys

21:39:06.0405 0856 RDPENCDD - ok

21:39:06.0426 0856 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:windowssystem32driversrdprefmp.sys

21:39:06.0428 0856 RDPREFMP - ok

21:39:06.0466 0856 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:windowssystem32driversRDPWD.sys

21:39:06.0469 0856 RDPWD - ok

21:39:06.0561 0856 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:windowssystem32driversrdyboost.sys

21:39:06.0583 0856 rdyboost - ok

21:39:06.0618 0856 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:windowsSystem32mprdim.dll

21:39:06.0622 0856 RemoteAccess - ok

21:39:06.0683 0856 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:windowssystem32regsvc.dll

21:39:06.0688 0856 RemoteRegistry - ok

21:39:06.0739 0856 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:windowsSystem32RpcEpMap.dll

21:39:06.0743 0856 RpcEptMapper - ok

21:39:06.0768 0856 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:windowssystem32locator.exe

21:39:06.0772 0856 RpcLocator - ok

21:39:06.0797 0856 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:windowssystem32rpcss.dll

21:39:06.0804 0856 RpcSs - ok

21:39:06.0845 0856 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:windowssystem32DRIVERSrspndr.sys

21:39:06.0848 0856 rspndr - ok

21:39:06.0893 0856 [ B87F999E05DD9C0312C83A8752E8E66B ] RSUSBSTOR C:windowssystem32DriversRtsUStor.sys

21:39:06.0897 0856 RSUSBSTOR - ok

21:39:06.0918 0856 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:windowssystem32lsass.exe

21:39:06.0921 0856 SamSs - ok

21:39:06.0969 0856 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:windowssystem32driverssbp2port.sys

21:39:06.0973 0856 sbp2port - ok

21:39:07.0008 0856 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:windowsSystem32SCardSvr.dll

21:39:07.0015 0856 SCardSvr - ok

21:39:07.0033 0856 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:windowssystem32DRIVERSscfilter.sys

21:39:07.0036 0856 scfilter - ok

21:39:07.0105 0856 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:windowssystem32schedsvc.dll

21:39:07.0119 0856 Schedule - ok

21:39:07.0141 0856 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:windowsSystem32certprop.dll

21:39:07.0143 0856 SCPolicySvc - ok

21:39:07.0188 0856 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:windowsSystem32SDRSVC.dll

21:39:07.0194 0856 SDRSVC - ok

21:39:07.0222 0856 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:windowssystem32driverssecdrv.sys

21:39:07.0224 0856 secdrv - ok

21:39:07.0251 0856 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:windowssystem32seclogon.dll

21:39:07.0254 0856 seclogon - ok

21:39:07.0272 0856 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:windowssystem32sens.dll

21:39:07.0275 0856 SENS - ok

21:39:07.0295 0856 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:windowssystem32sensrsvc.dll

21:39:07.0298 0856 SensrSvc - ok

21:39:07.0326 0856 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:windowssystem32DRIVERSserenum.sys

21:39:07.0328 0856 Serenum - ok

21:39:07.0352 0856 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:windowssystem32DRIVERSserial.sys

21:39:07.0354 0856 Serial - ok

21:39:07.0373 0856 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:windowssystem32DRIVERSsermouse.sys

21:39:07.0374 0856 sermouse - ok

21:39:07.0421 0856 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:windowssystem32sessenv.dll

21:39:07.0424 0856 SessionEnv - ok

21:39:07.0452 0856 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:windowssystem32driverssffdisk.sys

21:39:07.0453 0856 sffdisk - ok

21:39:07.0468 0856 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:windowssystem32driverssffp_mmc.sys

21:39:07.0469 0856 sffp_mmc - ok

21:39:07.0483 0856 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:windowssystem32driverssffp_sd.sys

21:39:07.0485 0856 sffp_sd - ok

21:39:07.0521 0856 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:windowssystem32DRIVERSsfloppy.sys

21:39:07.0522 0856 sfloppy - ok

21:39:07.0589 0856 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:windowsSystem32ipnathlp.dll

21:39:07.0596 0856 SharedAccess - ok

21:39:07.0643 0856 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:windowsSystem32shsvcs.dll

21:39:07.0652 0856 ShellHWDetection - ok

21:39:07.0670 0856 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:windowssystem32driverssisagp.sys

21:39:07.0673 0856 sisagp - ok

21:39:07.0704 0856 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:windowssystem32DRIVERSSiSRaid2.sys

21:39:07.0706 0856 SiSRaid2 - ok

21:39:07.0719 0856 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:windowssystem32DRIVERSsisraid4.sys

21:39:07.0722 0856 SiSRaid4 - ok

21:39:07.0741 0856 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:windowssystem32DRIVERSsmb.sys

21:39:07.0743 0856 Smb - ok

21:39:07.0783 0856 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:windowsSystem32snmptrap.exe

21:39:07.0786 0856 SNMPTRAP - ok

21:39:07.0817 0856 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:windowssystem32driversspldr.sys

21:39:07.0819 0856 spldr - ok

21:39:07.0851 0856 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:windowsSystem32spoolsv.exe

21:39:07.0857 0856 Spooler - ok

21:39:07.0971 0856 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:windowssystem32sppsvc.exe

21:39:08.0029 0856 sppsvc - ok

21:39:08.0073 0856 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:windowssystem32sppuinotify.dll

21:39:08.0077 0856 sppuinotify - ok

21:39:08.0109 0856 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe

21:39:08.0114 0856 SQLBrowser - ok

21:39:08.0146 0856 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe

21:39:08.0150 0856 SQLWriter - ok

21:39:08.0178 0856 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:windowssystem32DRIVERSsrv.sys

21:39:08.0186 0856 srv - ok

21:39:08.0200 0856 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:windowssystem32DRIVERSsrv2.sys

21:39:08.0205 0856 srv2 - ok

21:39:08.0212 0856 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:windowssystem32DRIVERSsrvnet.sys

21:39:08.0215 0856 srvnet - ok

21:39:08.0241 0856 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:windowsSystem32ssdpsrv.dll

21:39:08.0246 0856 SSDPSRV - ok

21:39:08.0252 0856 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:windowssystem32sstpsvc.dll

21:39:08.0256 0856 SstpSvc - ok

21:39:08.0288 0856 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:windowssystem32DRIVERSstexstor.sys

21:39:08.0290 0856 stexstor - ok

21:39:08.0342 0856 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:windowsSystem32wiaservc.dll

21:39:08.0350 0856 StiSvc - ok

21:39:08.0372 0856 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:windowssystem32driversswenum.sys

21:39:08.0373 0856 swenum - ok

21:39:08.0400 0856 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:windowsSystem32swprv.dll

21:39:08.0406 0856 swprv - ok

21:39:08.0442 0856 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP C:windowssystem32DRIVERSSynTP.sys

21:39:08.0446 0856 SynTP - ok

21:39:08.0524 0856 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:windowssystem32sysmain.dll

21:39:08.0544 0856 SysMain - ok

21:39:08.0595 0856 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:windowsSystem32TabSvc.dll

21:39:08.0601 0856 TabletInputService - ok

21:39:08.0643 0856 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:windowsSystem32tapisrv.dll

21:39:08.0651 0856 TapiSrv - ok

21:39:08.0679 0856 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:windowsSystem32tbssvc.dll

21:39:08.0685 0856 TBS - ok

21:39:08.0745 0856 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:windowssystem32driverstcpip.sys

21:39:08.0766 0856 Tcpip - ok

21:39:08.0845 0856 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:windowssystem32DRIVERStcpip.sys

21:39:08.0859 0856 TCPIP6 - ok

21:39:08.0913 0856 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:windowssystem32driverstcpipreg.sys

21:39:08.0915 0856 tcpipreg - ok

21:39:08.0942 0856 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:windowssystem32DRIVERStdcmdpst.sys

21:39:08.0944 0856 tdcmdpst - ok

21:39:08.0995 0856 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:windowssystem32driverstdpipe.sys

21:39:08.0998 0856 TDPIPE - ok

21:39:09.0033 0856 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:windowssystem32driverstdtcp.sys

21:39:09.0036 0856 TDTCP - ok

21:39:09.0083 0856 [ B459575348C20E8121D6039DA063C704 ] tdx C:windowssystem32DRIVERStdx.sys

21:39:09.0086 0856 tdx - ok

21:39:09.0095 0856 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:windowssystem32driverstermdd.sys

21:39:09.0099 0856 TermDD - ok

21:39:09.0164 0856 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:windowsSystem32termsrv.dll

21:39:09.0176 0856 TermService - ok

21:39:09.0200 0856 TfFsMon - ok

21:39:09.0211 0856 TFSysMon - ok

21:39:09.0244 0856 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:windowssystem32themeservice.dll

21:39:09.0247 0856 Themes - ok

21:39:09.0262 0856 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:windowssystem32mmcss.dll

21:39:09.0264 0856 THREADORDER - ok

21:39:09.0290 0856 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:windowssystem32TODDSrv.exe

21:39:09.0294 0856 TODDSrv - ok

21:39:09.0369 0856 [ 85EDF7A274435E4DF051BB23F8E01581 ] TosCoSrv C:Program FilesTOSHIBAPower SaverTosCoSrv.exe

21:39:09.0375 0856 TosCoSrv - ok

21:39:09.0409 0856 [ 991E324DC137402148E01C2269632C6B ] TOSHIBA HDD SSD Alert Service C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe

21:39:09.0411 0856 TOSHIBA HDD SSD Alert Service - ok

21:39:09.0441 0856 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:windowsSystem32trkwks.dll

21:39:09.0444 0856 TrkWks - ok

21:39:09.0518 0856 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:windowsservicingTrustedInstaller.exe

21:39:09.0523 0856 TrustedInstaller - ok

21:39:09.0543 0856 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:windowssystem32DRIVERStssecsrv.sys

21:39:09.0546 0856 tssecsrv - ok

21:39:09.0610 0856 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:windowssystem32driverstsusbflt.sys

21:39:09.0613 0856 TsUsbFlt - ok

21:39:09.0744 0856 [ 86CD728FB5F6A409112662E1596D987B ] TuneUp.UtilitiesSvc C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesService32.exe

21:39:09.0764 0856 TuneUp.UtilitiesSvc - ok

21:39:09.0831 0856 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesDriver32.sys

21:39:09.0833 0856 TuneUpUtilitiesDrv - ok

21:39:09.0899 0856 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:windowssystem32DRIVERStunnel.sys

21:39:09.0903 0856 tunnel - ok

21:39:09.0948 0856 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:windowssystem32DRIVERSTVALZ_O.SYS

21:39:09.0951 0856 TVALZ - ok

21:39:09.0980 0856 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:windowssystem32DRIVERSuagp35.sys

21:39:09.0983 0856 uagp35 - ok

21:39:10.0033 0856 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:windowssystem32DRIVERSudfs.sys

21:39:10.0038 0856 udfs - ok

21:39:10.0081 0856 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:windowssystem32UI0Detect.exe

21:39:10.0084 0856 UI0Detect - ok

21:39:10.0120 0856 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:windowssystem32driversuliagpkx.sys

21:39:10.0122 0856 uliagpkx - ok

21:39:10.0154 0856 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:windowssystem32driversumbus.sys

21:39:10.0156 0856 umbus - ok

21:39:10.0204 0856 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:windowssystem32DRIVERSumpass.sys

21:39:10.0206 0856 UmPass - ok

21:39:10.0235 0856 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:windowsSystem32upnphost.dll

21:39:10.0240 0856 upnphost - ok

21:39:10.0272 0856 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:windowssystem32DRIVERSusbccgp.sys

21:39:10.0274 0856 usbccgp - ok

21:39:10.0305 0856 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:windowssystem32driversusbcir.sys

21:39:10.0307 0856 usbcir - ok

21:39:10.0328 0856 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:windowssystem32DRIVERSusbehci.sys

21:39:10.0330 0856 usbehci - ok

21:39:10.0359 0856 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:windowssystem32DRIVERSusbhub.sys

21:39:10.0363 0856 usbhub - ok

21:39:10.0388 0856 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:windowssystem32driversusbohci.sys

21:39:10.0390 0856 usbohci - ok

21:39:10.0432 0856 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:windowssystem32DRIVERSusbprint.sys

21:39:10.0434 0856 usbprint - ok

21:39:10.0468 0856 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:windowssystem32DRIVERSusbscan.sys

21:39:10.0470 0856 usbscan - ok

21:39:10.0492 0856 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:windowssystem32DRIVERSUSBSTOR.SYS

21:39:10.0494 0856 USBSTOR - ok

21:39:10.0524 0856 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:windowssystem32DRIVERSusbuhci.sys

21:39:10.0526 0856 usbuhci - ok

21:39:10.0559 0856 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:windowsSystem32Driversusbvideo.sys

21:39:10.0564 0856 usbvideo - ok

21:39:10.0603 0856 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:windowsSystem32uxsms.dll

21:39:10.0609 0856 UxSms - ok

21:39:10.0640 0856 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:windowssystem32lsass.exe

21:39:10.0644 0856 VaultSvc - ok

21:39:10.0682 0856 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:windowssystem32driversvdrvroot.sys

21:39:10.0685 0856 vdrvroot - ok

21:39:10.0740 0856 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:windowsSystem32vds.exe

21:39:10.0747 0856 vds - ok

21:39:10.0787 0856 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:windowssystem32DRIVERSvgapnp.sys

21:39:10.0788 0856 vga - ok

21:39:10.0800 0856 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:windowsSystem32driversvga.sys

21:39:10.0801 0856 VgaSave - ok

21:39:10.0836 0856 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:windowssystem32driversvhdmp.sys

21:39:10.0839 0856 vhdmp - ok

21:39:10.0874 0856 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:windowssystem32driversviaagp.sys

21:39:10.0878 0856 viaagp - ok

21:39:10.0901 0856 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:windowssystem32DRIVERSviac7.sys

21:39:10.0904 0856 ViaC7 - ok

21:39:10.0928 0856 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:windowssystem32driversviaide.sys

21:39:10.0931 0856 viaide - ok

21:39:10.0949 0856 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:windowssystem32driversvolmgr.sys

21:39:10.0951 0856 volmgr - ok

21:39:10.0976 0856 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:windowssystem32driversvolmgrx.sys

21:39:10.0981 0856 volmgrx - ok

21:39:10.0990 0856 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:windowssystem32driversvolsnap.sys

21:39:10.0994 0856 volsnap - ok

21:39:11.0017 0856 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:windowssystem32DRIVERSvsmraid.sys

21:39:11.0020 0856 vsmraid - ok

21:39:11.0089 0856 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:windowssystem32vssvc.exe

21:39:11.0109 0856 VSS - ok

21:39:11.0137 0856 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:windowssystem32DRIVERSvwifibus.sys

21:39:11.0138 0856 vwifibus - ok

21:39:11.0158 0856 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:windowssystem32DRIVERSvwififlt.sys

21:39:11.0160 0856 vwififlt - ok

21:39:11.0191 0856 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:windowssystem32DRIVERSvwifimp.sys

21:39:11.0193 0856 vwifimp - ok

21:39:11.0235 0856 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:windowssystem32w32time.dll

21:39:11.0240 0856 W32Time - ok

21:39:11.0269 0856 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:windowssystem32DRIVERSwacompen.sys

21:39:11.0270 0856 WacomPen - ok

21:39:11.0316 0856 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:windowssystem32DRIVERSwanarp.sys

21:39:11.0318 0856 WANARP - ok

21:39:11.0324 0856 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:windowssystem32DRIVERSwanarp.sys

21:39:11.0327 0856 Wanarpv6 - ok

21:39:11.0411 0856 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:windowssystem32WatWatAdminSvc.exe

21:39:11.0433 0856 WatAdminSvc - ok

21:39:11.0478 0856 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:windowssystem32wbengine.exe

21:39:11.0493 0856 wbengine - ok

21:39:11.0525 0856 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:windowsSystem32wbiosrvc.dll

21:39:11.0530 0856 WbioSrvc - ok

21:39:11.0569 0856 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:windowsSystem32wcncsvc.dll

21:39:11.0574 0856 wcncsvc - ok

21:39:11.0581 0856 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:windowsSystem32WcsPlugInService.dll

21:39:11.0584 0856 WcsPlugInService - ok

21:39:11.0616 0856 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:windowssystem32DRIVERSwd.sys

21:39:11.0617 0856 Wd - ok

21:39:11.0642 0856 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:windowssystem32driversWdf01000.sys

21:39:11.0649 0856 Wdf01000 - ok

21:39:11.0681 0856 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:windowssystem32wdi.dll

21:39:11.0686 0856 WdiServiceHost - ok

21:39:11.0691 0856 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:windowssystem32wdi.dll

21:39:11.0695 0856 WdiSystemHost - ok

21:39:11.0751 0856 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:windowsSystem32webclnt.dll

21:39:11.0759 0856 WebClient - ok

21:39:11.0789 0856 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:windowssystem32wecsvc.dll

21:39:11.0794 0856 Wecsvc - ok

21:39:11.0816 0856 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:windowsSystem32wercplsupport.dll

21:39:11.0821 0856 wercplsupport - ok

21:39:11.0849 0856 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:windowsSystem32WerSvc.dll

21:39:11.0853 0856 WerSvc - ok

21:39:11.0891 0856 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:windowssystem32DRIVERSwfplwf.sys

21:39:11.0893 0856 WfpLwf - ok

21:39:11.0908 0856 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:windowssystem32driverswimmount.sys

21:39:11.0910 0856 WIMMount - ok

21:39:11.0969 0856 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:Program FilesWindows Defendermpsvc.dll

21:39:11.0977 0856 WinDefend - ok

21:39:11.0984 0856 WinHttpAutoProxySvc - ok

21:39:12.0046 0856 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:windowssystem32wbemWMIsvc.dll

21:39:12.0051 0856 Winmgmt - ok

21:39:12.0122 0856 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:windowssystem32WsmSvc.dll

21:39:12.0144 0856 WinRM - ok

21:39:12.0211 0856 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:windowsSystem32wlansvc.dll

21:39:12.0222 0856 Wlansvc - ok

Share this post


Link to post
Share on other sites

21:39:12.0256 0856 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:windowssystem32driverswmiacpi.sys

21:39:12.0257 0856 WmiAcpi - ok

21:39:12.0286 0856 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:windowssystem32wbemWmiApSrv.exe

21:39:12.0289 0856 wmiApSrv - ok

21:39:12.0392 0856 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:Program FilesWindows Media Playerwmpnetwk.exe

21:39:12.0410 0856 WMPNetworkSvc - ok

21:39:12.0435 0856 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:windowsSystem32wpcsvc.dll

21:39:12.0438 0856 WPCSvc - ok

21:39:12.0489 0856 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:windowssystem32wpdbusenum.dll

21:39:12.0495 0856 WPDBusEnum - ok

21:39:12.0531 0856 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:windowssystem32driversws2ifsl.sys

21:39:12.0535 0856 ws2ifsl - ok

21:39:12.0582 0856 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:windowssystem32wscsvc.dll

21:39:12.0588 0856 wscsvc - ok

21:39:12.0595 0856 WSearch - ok

21:39:12.0687 0856 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:windowssystem32wuaueng.dll

21:39:12.0716 0856 wuauserv - ok

21:39:12.0759 0856 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:windowssystem32driversWudfPf.sys

21:39:12.0762 0856 WudfPf - ok

21:39:12.0823 0856 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:windowssystem32DRIVERSWUDFRd.sys

21:39:12.0827 0856 WUDFRd - ok

21:39:12.0865 0856 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:windowsSystem32WUDFSvc.dll

21:39:12.0871 0856 wudfsvc - ok

21:39:12.0904 0856 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:windowsSystem32wwansvc.dll

21:39:12.0912 0856 WwanSvc - ok

21:39:12.0973 0856 XDva390 - ok

21:39:13.0003 0856 ================ Scan global ===============================

21:39:13.0033 0856 [ DAB748AE0439955ED2FA22357533DDDB ] C:windowssystem32basesrv.dll

21:39:13.0057 0856 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:windowssystem32winsrv.dll

21:39:13.0067 0856 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:windowssystem32winsrv.dll

21:39:13.0097 0856 [ 364455805E64882844EE9ACB72522830 ] C:windowssystem32sxssrv.dll

21:39:13.0132 0856 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:windowssystem32services.exe

21:39:13.0137 0856 [Global] - ok

21:39:13.0138 0856 ================ Scan MBR ==================================

21:39:13.0148 0856 [ DD46A7C267D604E9F4DCCBA41BEE648C ] DeviceHarddisk0DR0

21:39:13.0148 0856 Suspicious mbr (Forged): DeviceHarddisk0DR0

21:39:13.0173 0856 DeviceHarddisk0DR0 ( Rootkit.Boot.SST.a ) - infected

21:39:13.0173 0856 DeviceHarddisk0DR0 - detected Rootkit.Boot.SST.a (0)

21:39:13.0174 0856 ================ Scan VBR ==================================

21:39:13.0208 0856 [ 0F437170D383EA27939B79885013F083 ] DeviceHarddisk0DR0Partition1

21:39:13.0210 0856 DeviceHarddisk0DR0Partition1 - ok

21:39:13.0211 0856 ============================================================

21:39:13.0211 0856 Scan finished

21:39:13.0211 0856 ============================================================

21:39:13.0231 5664 Detected object count: 1

21:39:13.0231 5664 Actual detected object count: 1

21:39:23.0282 5664 DeviceHarddisk0DR0# - copied to quarantine

21:39:23.0309 5664 DeviceHarddisk0DR0 - copied to quarantine

21:39:23.0367 5664 DeviceHarddisk0DR0TDLFSmbr - copied to quarantine

21:39:23.0368 5664 DeviceHarddisk0DR0TDLFSvbr - copied to quarantine

21:39:23.0370 5664 DeviceHarddisk0DR0TDLFSbid - copied to quarantine

21:39:23.0372 5664 DeviceHarddisk0DR0TDLFSaffid - copied to quarantine

21:39:23.0374 5664 DeviceHarddisk0DR0TDLFSboot - copied to quarantine

21:39:23.0376 5664 DeviceHarddisk0DR0TDLFScmd32 - copied to quarantine

21:39:23.0379 5664 DeviceHarddisk0DR0TDLFScmd64 - copied to quarantine

21:39:23.0380 5664 DeviceHarddisk0DR0TDLFSdbg32 - copied to quarantine

21:39:23.0383 5664 DeviceHarddisk0DR0TDLFSdbg64 - copied to quarantine

21:39:23.0416 5664 DeviceHarddisk0DR0TDLFSdrv32 - copied to quarantine

21:39:23.0420 5664 DeviceHarddisk0DR0TDLFSdrv64 - copied to quarantine

21:39:23.0424 5664 DeviceHarddisk0DR0TDLFSldr32 - copied to quarantine

21:39:23.0427 5664 DeviceHarddisk0DR0TDLFSldr64 - copied to quarantine

21:39:23.0431 5664 DeviceHarddisk0DR0TDLFSsubid - copied to quarantine

21:39:23.0436 5664 DeviceHarddisk0DR0TDLFStdi32 - copied to quarantine

21:39:23.0440 5664 DeviceHarddisk0DR0TDLFStdi64 - copied to quarantine

21:39:23.0442 5664 DeviceHarddisk0DR0TDLFSmain1 - copied to quarantine

21:39:23.0444 5664 DeviceHarddisk0DR0TDLFSinfo - copied to quarantine

21:39:23.0447 5664 DeviceHarddisk0DR0TDLFSmain - copied to quarantine

21:39:23.0449 5664 DeviceHarddisk0DR0TDLFSmainfb.script - copied to quarantine

21:39:23.0519 5664 DeviceHarddisk0DR0TDLFScom32 - copied to quarantine

21:39:23.0569 5664 DeviceHarddisk0DR0TDLFSbbr232 - copied to quarantine

21:39:23.0615 5664 DeviceHarddisk0DR0TDLFSserf332 - copied to quarantine

21:39:23.0625 5664 DeviceHarddisk0DR0TDLFSserf_conf - copied to quarantine

21:39:23.0893 5664 DeviceHarddisk0DR0TDLFSbbr_conf - copied to quarantine

21:39:23.0961 5664 DeviceHarddisk0DR0 - processing error

21:39:44.0468 5664 DeviceHarddisk0DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure

21:39:51.0587 4320 ============================================================

21:39:51.0587 4320 Scan started

21:39:51.0587 4320 Mode: Manual;

21:39:51.0587 4320 ============================================================

21:39:51.0805 4320 ================ Scan system memory ========================

21:39:51.0805 4320 System memory - ok

21:39:51.0806 4320 ================ Scan services =============================

21:39:51.0913 4320 1394hub - ok

21:39:51.0966 4320 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:windowssystem32drivers1394ohci.sys

21:39:51.0969 4320 1394ohci - ok

21:39:51.0991 4320 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:windowssystem32driversACPI.sys

21:39:51.0995 4320 ACPI - ok

21:39:52.0026 4320 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:windowssystem32driversacpipmi.sys

21:39:52.0027 4320 AcpiPmi - ok

21:39:52.0066 4320 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:windowssystem32DRIVERSadp94xx.sys

21:39:52.0070 4320 adp94xx - ok

21:39:52.0098 4320 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:windowssystem32DRIVERSadpahci.sys

21:39:52.0100 4320 adpahci - ok

21:39:52.0124 4320 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:windowssystem32DRIVERSadpu320.sys

21:39:52.0126 4320 adpu320 - ok

21:39:52.0160 4320 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:windowsSystem32aelupsvc.dll

21:39:52.0161 4320 AeLookupSvc - ok

21:39:52.0201 4320 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:windowssystem32driversafd.sys

21:39:52.0204 4320 AFD - ok

21:39:52.0238 4320 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:windowssystem32driversagp440.sys

21:39:52.0240 4320 agp440 - ok

21:39:52.0271 4320 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:windowssystem32DRIVERSdjsvs.sys

21:39:52.0273 4320 aic78xx - ok

21:39:52.0302 4320 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:windowsSystem32alg.exe

21:39:52.0303 4320 ALG - ok

21:39:52.0321 4320 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:windowssystem32driversaliide.sys

21:39:52.0322 4320 aliide - ok

21:39:52.0354 4320 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:windowssystem32driversamdagp.sys

21:39:52.0355 4320 amdagp - ok

21:39:52.0385 4320 [ CD5914170297126B6266860198D1D4F0 ] amdide C:windowssystem32driversamdide.sys

21:39:52.0386 4320 amdide - ok

21:39:52.0426 4320 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:windowssystem32DRIVERSamdk8.sys

21:39:52.0427 4320 AmdK8 - ok

21:39:52.0439 4320 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:windowssystem32DRIVERSamdppm.sys

21:39:52.0440 4320 AmdPPM - ok

21:39:52.0466 4320 [ D320BF87125326F996D4904FE24300FC ] amdsata C:windowssystem32driversamdsata.sys

21:39:52.0468 4320 amdsata - ok

21:39:52.0485 4320 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:windowssystem32DRIVERSamdsbs.sys

21:39:52.0486 4320 amdsbs - ok

21:39:52.0511 4320 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:windowssystem32driversamdxata.sys

21:39:52.0512 4320 amdxata - ok

21:39:52.0552 4320 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:windowssystem32driversappid.sys

21:39:52.0554 4320 AppID - ok

21:39:52.0597 4320 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:windowsSystem32appidsvc.dll

21:39:52.0598 4320 AppIDSvc - ok

21:39:52.0634 4320 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:windowsSystem32appinfo.dll

21:39:52.0635 4320 Appinfo - ok

21:39:52.0710 4320 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:windowssystem32DRIVERSarc.sys

21:39:52.0712 4320 arc - ok

21:39:52.0756 4320 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:windowssystem32DRIVERSarcsas.sys

21:39:52.0758 4320 arcsas - ok

21:39:52.0771 4320 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:windowssystem32DRIVERSasyncmac.sys

21:39:52.0773 4320 AsyncMac - ok

21:39:52.0800 4320 [ 338C86357871C167A96AB976519BF59E ] atapi C:windowssystem32driversatapi.sys

21:39:52.0801 4320 atapi - ok

21:39:52.0871 4320 [ 0F4B6B99D6CDC1D93DF1FA690796B2F7 ] athr C:windowssystem32DRIVERSathr.sys

21:39:52.0884 4320 athr - ok

21:39:52.0946 4320 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:windowsSystem32Audiosrv.dll

21:39:52.0951 4320 AudioEndpointBuilder - ok

21:39:52.0964 4320 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:windowsSystem32Audiosrv.dll

21:39:52.0969 4320 Audiosrv - ok

21:39:53.0008 4320 [ C46BA2C177DF0B84F9C0BFC1E4574DC7 ] Avgfwfd C:windowssystem32DRIVERSavgfwd6x.sys

21:39:53.0009 4320 Avgfwfd - ok

21:39:53.0145 4320 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:Program FilesAVGAVG2012avgfws.exe

21:39:53.0169 4320 avgfws - ok

21:39:53.0302 4320 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:Program FilesAVGAVG2012avgidsagent.exe

21:39:53.0333 4320 AVGIDSAgent - ok

21:39:53.0361 4320 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:windowssystem32DRIVERSavgidsdriverx.sys

21:39:53.0363 4320 AVGIDSDriver - ok

21:39:53.0379 4320 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:windowssystem32DRIVERSavgidsfilterx.sys

21:39:53.0380 4320 AVGIDSFilter - ok

21:39:53.0389 4320 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:windowssystem32DRIVERSavgidshx.sys

21:39:53.0389 4320 AVGIDSHX - ok

21:39:53.0428 4320 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:windowssystem32DRIVERSavgidsshimx.sys

21:39:53.0428 4320 AVGIDSShim - ok

21:39:53.0457 4320 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:windowssystem32DRIVERSavgldx86.sys

21:39:53.0460 4320 Avgldx86 - ok

21:39:53.0470 4320 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:windowssystem32DRIVERSavgmfx86.sys

21:39:53.0471 4320 Avgmfx86 - ok

21:39:53.0485 4320 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:windowssystem32DRIVERSavgrkx86.sys

21:39:53.0486 4320 Avgrkx86 - ok

21:39:53.0515 4320 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:windowssystem32DRIVERSavgtdix.sys

21:39:53.0518 4320 Avgtdix - ok

21:39:53.0554 4320 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:Program FilesAVGAVG2012avgwdsvc.exe

21:39:53.0556 4320 avgwd - ok

21:39:53.0594 4320 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:windowsSystem32AxInstSV.dll

21:39:53.0597 4320 AxInstSV - ok

21:39:53.0631 4320 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:windowssystem32DRIVERSbxvbdx.sys

21:39:53.0637 4320 b06bdrv - ok

21:39:53.0658 4320 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:windowssystem32DRIVERSb57nd60x.sys

21:39:53.0662 4320 b57nd60x - ok

21:39:53.0734 4320 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:Program FilesMicrosoft Small BusinessBusiness Contact ManagerBcmSqlStartupSvc.exe

21:39:53.0736 4320 BcmSqlStartupSvc - ok

21:39:53.0764 4320 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:windowsSystem32bdesvc.dll

21:39:53.0767 4320 BDESVC - ok

21:39:53.0792 4320 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:windowssystem32driversBeep.sys

21:39:53.0794 4320 Beep - ok

21:39:53.0847 4320 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:windowsSystem32bfe.dll

21:39:53.0853 4320 BFE - ok

21:39:53.0884 4320 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:windowssystem32qmgr.dll

21:39:53.0893 4320 BITS - ok

21:39:53.0920 4320 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:windowssystem32DRIVERSblbdrive.sys

21:39:53.0922 4320 blbdrive - ok

21:39:53.0958 4320 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:windowssystem32DRIVERSbowser.sys

21:39:53.0960 4320 bowser - ok

21:39:53.0992 4320 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:windowssystem32DRIVERSBrFiltLo.sys

21:39:53.0993 4320 BrFiltLo - ok

21:39:54.0009 4320 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:windowssystem32DRIVERSBrFiltUp.sys

21:39:54.0010 4320 BrFiltUp - ok

21:39:54.0038 4320 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:windowssystem32DRIVERSbridge.sys

21:39:54.0040 4320 BridgeMP - ok

21:39:54.0075 4320 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:windowsSystem32browser.dll

21:39:54.0078 4320 Browser - ok

21:39:54.0115 4320 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:windowsSystem32DriversBrserid.sys

21:39:54.0119 4320 Brserid - ok

21:39:54.0134 4320 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:windowsSystem32DriversBrSerWdm.sys

21:39:54.0136 4320 BrSerWdm - ok

21:39:54.0153 4320 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:windowsSystem32DriversBrUsbMdm.sys

21:39:54.0155 4320 BrUsbMdm - ok

21:39:54.0163 4320 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:windowsSystem32DriversBrUsbSer.sys

21:39:54.0164 4320 BrUsbSer - ok

21:39:54.0180 4320 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:windowssystem32DRIVERSbthmodem.sys

21:39:54.0181 4320 BTHMODEM - ok

21:39:54.0211 4320 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:windowssystem32bthserv.dll

21:39:54.0212 4320 bthserv - ok

21:39:54.0275 4320 catchme - ok

21:39:54.0296 4320 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:windowssystem32DRIVERScdfs.sys

21:39:54.0298 4320 cdfs - ok

21:39:54.0322 4320 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:windowssystem32DRIVERScdrom.sys

21:39:54.0323 4320 cdrom - ok

21:39:54.0353 4320 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:windowsSystem32certprop.dll

21:39:54.0355 4320 CertPropSvc - ok

21:39:54.0432 4320 [ 3653FD7871E8B5B92E9C3E2945BD293D ] cfWiMAXService C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe

21:39:54.0435 4320 cfWiMAXService - ok

21:39:54.0457 4320 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:windowssystem32DRIVERScirclass.sys

21:39:54.0459 4320 circlass - ok

21:39:54.0496 4320 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:windowssystem32CLFS.sys

21:39:54.0500 4320 CLFS - ok

21:39:54.0601 4320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:windowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe

21:39:54.0603 4320 clr_optimization_v2.0.50727_32 - ok

21:39:54.0649 4320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe

21:39:54.0651 4320 clr_optimization_v4.0.30319_32 - ok

21:39:54.0665 4320 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:windowssystem32DRIVERSCmBatt.sys

21:39:54.0667 4320 CmBatt - ok

21:39:54.0696 4320 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:windowssystem32driverscmdide.sys

21:39:54.0698 4320 cmdide - ok

21:39:54.0756 4320 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:windowssystem32Driverscng.sys

21:39:54.0761 4320 CNG - ok

21:39:54.0814 4320 [ 38B2B74DD1515CF70E8E33AB3A16CA07 ] CnxtHdAudService C:windowssystem32driversCHDRT32.sys

21:39:54.0821 4320 CnxtHdAudService - ok

21:39:54.0864 4320 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:windowssystem32DRIVERScompbatt.sys

21:39:54.0866 4320 Compbatt - ok

21:39:54.0922 4320 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:windowssystem32driversCompositeBus.sys

21:39:54.0924 4320 CompositeBus - ok

21:39:54.0932 4320 COMSysApp - ok

21:39:54.0969 4320 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:Program FilesTOSHIBAConfigFreeCFSvcs.exe

21:39:54.0970 4320 ConfigFree Service - ok

21:39:55.0030 4320 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:windowssystem32DRIVERScrcdisk.sys

21:39:55.0032 4320 crcdisk - ok

21:39:55.0085 4320 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:windowssystem32cryptsvc.dll

21:39:55.0088 4320 CryptSvc - ok

21:39:55.0142 4320 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:windowssystem32rpcss.dll

21:39:55.0150 4320 DcomLaunch - ok

21:39:55.0189 4320 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:windowsSystem32defragsvc.dll

21:39:55.0193 4320 defragsvc - ok

21:39:55.0233 4320 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:windowssystem32Driversdfsc.sys

21:39:55.0235 4320 DfsC - ok

21:39:55.0285 4320 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:windowssystem32dhcpcore.dll

21:39:55.0290 4320 Dhcp - ok

21:39:55.0330 4320 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:windowssystem32driversdiscache.sys

21:39:55.0332 4320 discache - ok

21:39:55.0348 4320 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:windowssystem32DRIVERSdisk.sys

21:39:55.0351 4320 Disk - ok

21:39:55.0375 4320 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:windowsSystem32dnsrslvr.dll

21:39:55.0377 4320 Dnscache - ok

21:39:55.0419 4320 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:windowsSystem32dot3svc.dll

21:39:55.0422 4320 dot3svc - ok

21:39:55.0465 4320 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:windowssystem32dps.dll

21:39:55.0468 4320 DPS - ok

21:39:55.0499 4320 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:windowssystem32driversdrmkaud.sys

21:39:55.0501 4320 drmkaud - ok

21:39:55.0550 4320 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:windowsSystem32driversdxgkrnl.sys

21:39:55.0559 4320 DXGKrnl - ok

21:39:55.0567 4320 EagleXNt - ok

21:39:55.0594 4320 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:windowsSystem32eapsvc.dll

21:39:55.0597 4320 EapHost - ok

21:39:55.0700 4320 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:windowssystem32DRIVERSevbdx.sys

21:39:55.0725 4320 ebdrv - ok

21:39:55.0741 4320 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:windowsSystem32lsass.exe

21:39:55.0743 4320 EFS - ok

21:39:55.0806 4320 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:windowsehomeehRecvr.exe

21:39:55.0810 4320 ehRecvr - ok

21:39:55.0859 4320 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:windowsehomeehsched.exe

21:39:55.0860 4320 ehSched - ok

21:39:55.0927 4320 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:windowssystem32DRIVERSelxstor.sys

21:39:55.0933 4320 elxstor - ok

21:39:55.0957 4320 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:windowssystem32driverserrdev.sys

21:39:55.0958 4320 ErrDev - ok

21:39:56.0004 4320 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:windowssystem32es.dll

21:39:56.0007 4320 EventSystem - ok

21:39:56.0035 4320 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:windowssystem32driversexfat.sys

21:39:56.0036 4320 exfat - ok

21:39:56.0054 4320 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:windowssystem32driversfastfat.sys

21:39:56.0056 4320 fastfat - ok

21:39:56.0106 4320 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:windowssystem32fxssvc.exe

21:39:56.0110 4320 Fax - ok

21:39:56.0136 4320 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:windowssystem32DRIVERSfdc.sys

21:39:56.0137 4320 fdc - ok

21:39:56.0166 4320 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:windowssystem32fdPHost.dll

21:39:56.0167 4320 fdPHost - ok

21:39:56.0187 4320 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:windowssystem32fdrespub.dll

21:39:56.0188 4320 FDResPub - ok

21:39:56.0206 4320 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:windowssystem32driversfileinfo.sys

21:39:56.0207 4320 FileInfo - ok

21:39:56.0218 4320 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:windowssystem32driversfiletrace.sys

21:39:56.0219 4320 Filetrace - ok

21:39:56.0249 4320 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:windowssystem32DRIVERSflpydisk.sys

21:39:56.0250 4320 flpydisk - ok

21:39:56.0260 4320 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:windowssystem32driversfltmgr.sys

21:39:56.0262 4320 FltMgr - ok

21:39:56.0306 4320 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:windowssystem32FntCache.dll

21:39:56.0312 4320 FontCache - ok

21:39:56.0364 4320 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:windowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe

21:39:56.0366 4320 FontCache3.0.0.0 - ok

21:39:56.0394 4320 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:windowssystem32driversFsDepends.sys

21:39:56.0396 4320 FsDepends - ok

21:39:56.0427 4320 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:windowssystem32driversFs_Rec.sys

21:39:56.0429 4320 Fs_Rec - ok

21:39:56.0480 4320 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:windowssystem32DRIVERSfvevol.sys

21:39:56.0484 4320 fvevol - ok

21:39:56.0521 4320 [ 0F76E205BDC60364F08A5949082771CA ] FwLnk C:windowssystem32DRIVERSFwLnk.sys

21:39:56.0523 4320 FwLnk - ok

21:39:56.0548 4320 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:windowssystem32DRIVERSgagp30kx.sys

21:39:56.0550 4320 gagp30kx - ok

21:39:56.0613 4320 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:windowsSystem32gpsvc.dll

21:39:56.0621 4320 gpsvc - ok

21:39:56.0660 4320 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:windowssystem32DRIVERShamachi.sys

21:39:56.0662 4320 hamachi - ok

21:39:56.0695 4320 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:windowssystem32drivershcw85cir.sys

21:39:56.0697 4320 hcw85cir - ok

21:39:56.0734 4320 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:windowssystem32driversHdAudio.sys

21:39:56.0739 4320 HdAudAddService - ok

21:39:56.0763 4320 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:windowssystem32driversHDAudBus.sys

21:39:56.0765 4320 HDAudBus - ok

21:39:56.0794 4320 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:windowssystem32DRIVERSHidBatt.sys

21:39:56.0796 4320 HidBatt - ok

21:39:56.0813 4320 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:windowssystem32DRIVERShidbth.sys

21:39:56.0816 4320 HidBth - ok

21:39:56.0831 4320 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:windowssystem32DRIVERShidir.sys

21:39:56.0832 4320 HidIr - ok

21:39:56.0866 4320 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:windowsSystem32hidserv.dll

21:39:56.0868 4320 hidserv - ok

21:39:56.0898 4320 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:windowssystem32DRIVERShidusb.sys

21:39:56.0899 4320 HidUsb - ok

21:39:56.0939 4320 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:windowssystem32kmsvc.dll

21:39:56.0941 4320 hkmsvc - ok

21:39:56.0981 4320 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:windowssystem32ListSvc.dll

21:39:56.0986 4320 HomeGroupListener - ok

21:39:57.0026 4320 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:windowssystem32provsvc.dll

21:39:57.0031 4320 HomeGroupProvider - ok

21:39:57.0070 4320 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:windowssystem32driversHpSAMD.sys

21:39:57.0072 4320 HpSAMD - ok

21:39:57.0135 4320 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:windowssystem32driversHTTP.sys

21:39:57.0142 4320 HTTP - ok

21:39:57.0157 4320 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:windowssystem32drivershwpolicy.sys

21:39:57.0159 4320 hwpolicy - ok

21:39:57.0195 4320 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:windowssystem32driversi8042prt.sys

21:39:57.0196 4320 i8042prt - ok

21:39:57.0229 4320 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:windowssystem32DRIVERSiaStor.sys

21:39:57.0232 4320 iaStor - ok

21:39:57.0259 4320 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:windowssystem32driversiaStorV.sys

21:39:57.0262 4320 iaStorV - ok

21:39:57.0337 4320 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:windowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe

21:39:57.0345 4320 idsvc - ok

21:39:57.0571 4320 [ B3A313080B0F73F4C8292290606FC15D ] igfx C:windowssystem32DRIVERSigdkmd32.sys

21:39:57.0756 4320 igfx - ok

21:39:57.0778 4320 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:windowssystem32DRIVERSiirsp.sys

21:39:57.0780 4320 iirsp - ok

21:39:57.0826 4320 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:windowsSystem32ikeext.dll

21:39:57.0838 4320 IKEEXT - ok

21:39:57.0863 4320 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:windowssystem32driversintelide.sys

21:39:57.0864 4320 intelide - ok

21:39:57.0899 4320 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:windowssystem32DRIVERSintelppm.sys

21:39:57.0901 4320 intelppm - ok

21:39:57.0930 4320 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:windowssystem32ipbusenum.dll

21:39:57.0933 4320 IPBusEnum - ok

21:39:57.0948 4320 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:windowssystem32DRIVERSipfltdrv.sys

21:39:57.0950 4320 IpFilterDriver - ok

21:39:57.0996 4320 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:windowsSystem32iphlpsvc.dll

21:39:58.0002 4320 iphlpsvc - ok

21:39:58.0029 4320 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:windowssystem32driversIPMIDrv.sys

21:39:58.0031 4320 IPMIDRV - ok

21:39:58.0062 4320 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:windowssystem32driversipnat.sys

21:39:58.0065 4320 IPNAT - ok

21:39:58.0078 4320 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:windowssystem32driversirenum.sys

21:39:58.0079 4320 IRENUM - ok

21:39:58.0107 4320 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:windowssystem32driversisapnp.sys

21:39:58.0109 4320 isapnp - ok

21:39:58.0126 4320 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:windowssystem32driversmsiscsi.sys

21:39:58.0130 4320 iScsiPrt - ok

21:39:58.0151 4320 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:windowssystem32driverskbdclass.sys

21:39:58.0152 4320 kbdclass - ok

21:39:58.0178 4320 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:windowssystem32driverskbdhid.sys

21:39:58.0180 4320 kbdhid - ok

21:39:58.0197 4320 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:windowssystem32lsass.exe

21:39:58.0199 4320 KeyIso - ok

21:39:58.0245 4320 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:windowssystem32Driversksecdd.sys

21:39:58.0249 4320 KSecDD - ok

21:39:58.0264 4320 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:windowssystem32Driversksecpkg.sys

21:39:58.0268 4320 KSecPkg - ok

21:39:58.0307 4320 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:windowssystem32msdtckrm.dll

21:39:58.0313 4320 KtmRm - ok

21:39:58.0341 4320 [ 4566FD5F4416E7FEF3600E4B30D086C3 ] L1C C:windowssystem32DRIVERSL1C62x86.sys

21:39:58.0343 4320 L1C - ok

21:39:58.0359 4320 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:windowsSystem32srvsvc.dll

21:39:58.0365 4320 LanmanServer - ok

21:39:58.0413 4320 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:windowsSystem32wkssvc.dll

21:39:58.0417 4320 LanmanWorkstation - ok

21:39:58.0453 4320 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:windowssystem32DRIVERSlltdio.sys

21:39:58.0455 4320 lltdio - ok

21:39:58.0488 4320 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:windowsSystem32lltdsvc.dll

21:39:58.0493 4320 lltdsvc - ok

21:39:58.0513 4320 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:windowsSystem32lmhsvc.dll

21:39:58.0516 4320 lmhosts - ok

21:39:58.0536 4320 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:windowssystem32DRIVERSlsi_fc.sys

21:39:58.0538 4320 LSI_FC - ok

21:39:58.0572 4320 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:windowssystem32DRIVERSlsi_sas.sys

21:39:58.0575 4320 LSI_SAS - ok

21:39:58.0593 4320 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:windowssystem32DRIVERSlsi_sas2.sys

21:39:58.0596 4320 LSI_SAS2 - ok

21:39:58.0623 4320 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:windowssystem32DRIVERSlsi_scsi.sys

21:39:58.0626 4320 LSI_SCSI - ok

21:39:58.0642 4320 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:windowssystem32driversluafv.sys

21:39:58.0645 4320 luafv - ok

21:39:58.0678 4320 [ CA0A6FF40EBB10B19F108EB2404F40A7 ] mbamchameleon C:windowssystem32driversmbamchameleon.sys

21:39:58.0680 4320 mbamchameleon - ok

21:39:58.0719 4320 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:windowssystem32Mcx2Svc.dll

21:39:58.0724 4320 Mcx2Svc - ok

21:39:58.0756 4320 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:windowssystem32DRIVERSmegasas.sys

21:39:58.0759 4320 megasas - ok

21:39:58.0781 4320 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:windowssystem32DRIVERSMegaSR.sys

21:39:58.0787 4320 MegaSR - ok

21:39:58.0819 4320 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:windowssystem32mmcss.dll

21:39:58.0823 4320 MMCSS - ok

21:39:58.0835 4320 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:windowssystem32driversmodem.sys

21:39:58.0838 4320 Modem - ok

21:39:58.0863 4320 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:windowssystem32DRIVERSmonitor.sys

21:39:58.0865 4320 monitor - ok

21:39:58.0889 4320 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:windowssystem32DRIVERSmouclass.sys

21:39:58.0890 4320 mouclass - ok

21:39:58.0910 4320 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:windowssystem32DRIVERSmouhid.sys

21:39:58.0912 4320 mouhid - ok

21:39:58.0957 4320 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:windowssystem32driversmountmgr.sys

21:39:58.0959 4320 mountmgr - ok

21:39:58.0997 4320 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:windowssystem32driversmpio.sys

21:39:59.0001 4320 mpio - ok

21:39:59.0030 4320 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:windowssystem32driversmpsdrv.sys

21:39:59.0034 4320 mpsdrv - ok

21:39:59.0086 4320 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:windowssystem32mpssvc.dll

21:39:59.0097 4320 MpsSvc - ok

21:39:59.0138 4320 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:windowssystem32driversmrxdav.sys

21:39:59.0141 4320 MRxDAV - ok

21:39:59.0181 4320 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:windowssystem32DRIVERSmrxsmb.sys

21:39:59.0185 4320 mrxsmb - ok

21:39:59.0223 4320 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:windowssystem32DRIVERSmrxsmb10.sys

21:39:59.0229 4320 mrxsmb10 - ok

21:39:59.0253 4320 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:windowssystem32DRIVERSmrxsmb20.sys

21:39:59.0257 4320 mrxsmb20 - ok

21:39:59.0269 4320 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:windowssystem32driversmsahci.sys

21:39:59.0272 4320 msahci - ok

21:39:59.0286 4320 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:windowssystem32driversmsdsm.sys

21:39:59.0290 4320 msdsm - ok

21:39:59.0325 4320 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:windowsSystem32msdtc.exe

21:39:59.0328 4320 MSDTC - ok

21:39:59.0358 4320 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:windowssystem32driversMsfs.sys

21:39:59.0360 4320 Msfs - ok

21:39:59.0374 4320 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:windowsSystem32driversmshidkmdf.sys

21:39:59.0376 4320 mshidkmdf - ok

21:39:59.0389 4320 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:windowssystem32driversmsisadrv.sys

21:39:59.0391 4320 msisadrv - ok

21:39:59.0411 4320 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:windowssystem32iscsiexe.dll

21:39:59.0414 4320 MSiSCSI - ok

21:39:59.0421 4320 msiserver - ok

21:39:59.0445 4320 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:windowssystem32driversMSKSSRV.sys

21:39:59.0446 4320 MSKSSRV - ok

21:39:59.0468 4320 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:windowssystem32driversMSPCLOCK.sys

21:39:59.0469 4320 MSPCLOCK - ok

21:39:59.0475 4320 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:windowssystem32driversMSPQM.sys

21:39:59.0477 4320 MSPQM - ok

21:39:59.0493 4320 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:windowssystem32driversMsRPC.sys

21:39:59.0496 4320 MsRPC - ok

21:39:59.0531 4320 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:windowssystem32driversmssmbios.sys

21:39:59.0533 4320 mssmbios - ok

21:39:59.0582 4320 MSSQL$MSSMLBIZ - ok

21:39:59.0610 4320 MSSQL$SQLEXPRESS - ok

21:39:59.0672 4320 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:Program FilesMicrosoft SQL Server90Sharedsqladhlp90.exe

21:39:59.0675 4320 MSSQLServerADHelper - ok

21:39:59.0706 4320 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:windowssystem32driversMSTEE.sys

21:39:59.0709 4320 MSTEE - ok

21:39:59.0723 4320 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:windowssystem32DRIVERSMTConfig.sys

21:39:59.0725 4320 MTConfig - ok

21:39:59.0745 4320 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:windowssystem32Driversmup.sys

21:39:59.0747 4320 Mup - ok

21:39:59.0791 4320 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:windowssystem32qagentRT.dll

21:39:59.0797 4320 napagent - ok

21:39:59.0830 4320 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:windowssystem32DRIVERSnwifi.sys

21:39:59.0832 4320 NativeWifiP - ok

21:39:59.0867 4320 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:windowssystem32driversndis.sys

21:39:59.0876 4320 NDIS - ok

21:39:59.0887 4320 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:windowssystem32DRIVERSndiscap.sys

21:39:59.0889 4320 NdisCap - ok

21:39:59.0902 4320 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:windowssystem32DRIVERSndistapi.sys

21:39:59.0904 4320 NdisTapi - ok

21:39:59.0938 4320 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:windowssystem32DRIVERSndisuio.sys

21:39:59.0939 4320 Ndisuio - ok

21:39:59.0962 4320 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:windowssystem32DRIVERSndiswan.sys

21:39:59.0964 4320 NdisWan - ok

21:39:59.0991 4320 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:windowssystem32driversNDProxy.sys

21:39:59.0992 4320 NDProxy - ok

21:40:00.0027 4320 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:windowssystem32DRIVERSnetbios.sys

21:40:00.0028 4320 NetBIOS - ok

21:40:00.0071 4320 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:windowssystem32DRIVERSnetbt.sys

21:40:00.0074 4320 NetBT - ok

21:40:00.0098 4320 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:windowssystem32lsass.exe

21:40:00.0101 4320 Netlogon - ok

21:40:00.0155 4320 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:windowsSystem32netman.dll

21:40:00.0161 4320 Netman - ok

21:40:00.0213 4320 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:windowsSystem32netprofm.dll

21:40:00.0220 4320 netprofm - ok

21:40:00.0266 4320 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:windowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe

21:40:00.0269 4320 NetTcpPortSharing - ok

21:40:00.0295 4320 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:windowssystem32DRIVERSnfrd960.sys

21:40:00.0297 4320 nfrd960 - ok

21:40:00.0350 4320 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:windowsSystem32nlasvc.dll

21:40:00.0356 4320 NlaSvc - ok

21:40:00.0394 4320 [ 03BBA4DEDEFB48C510061529651B453A ] nocashio C:windowssystem32driversnocashio.sys

21:40:00.0395 4320 nocashio - ok

21:40:00.0417 4320 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:windowssystem32driversNpfs.sys

21:40:00.0419 4320 Npfs - ok

21:40:00.0449 4320 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:windowssystem32nsisvc.dll

21:40:00.0453 4320 nsi - ok

21:40:00.0486 4320 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:windowssystem32driversnsiproxy.sys

21:40:00.0488 4320 nsiproxy - ok

21:40:00.0588 4320 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:windowssystem32driversNtfs.sys

21:40:00.0601 4320 Ntfs - ok

21:40:00.0652 4320 [ F9756A98D69098DCA8945D62858A812C ] Null C:windowssystem32driversNull.sys

21:40:00.0653 4320 Null - ok

21:40:00.0716 4320 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:windowssystem32driversnvraid.sys

21:40:00.0719 4320 nvraid - ok

21:40:00.0748 4320 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:windowssystem32driversnvstor.sys

21:40:00.0751 4320 nvstor - ok

21:40:00.0775 4320 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:windowssystem32driversnv_agp.sys

21:40:00.0778 4320 nv_agp - ok

21:40:00.0816 4320 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:windowssystem32driversohci1394.sys

21:40:00.0819 4320 ohci1394 - ok

21:40:00.0889 4320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE

21:40:00.0892 4320 ose - ok

21:40:01.0059 4320 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE

21:40:01.0087 4320 osppsvc - ok

21:40:01.0120 4320 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:windowssystem32pnrpsvc.dll

21:40:01.0124 4320 p2pimsvc - ok

21:40:01.0167 4320 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:windowssystem32p2psvc.dll

21:40:01.0171 4320 p2psvc - ok

21:40:01.0202 4320 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:windowssystem32DRIVERSparport.sys

21:40:01.0203 4320 Parport - ok

21:40:01.0234 4320 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:windowssystem32driverspartmgr.sys

21:40:01.0235 4320 partmgr - ok

21:40:01.0256 4320 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:windowssystem32DRIVERSparvdm.sys

21:40:01.0257 4320 Parvdm - ok

21:40:01.0284 4320 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:windowsSystem32pcasvc.dll

21:40:01.0287 4320 PcaSvc - ok

21:40:01.0314 4320 [ 673E55C3498EB970088E812EA820AA8F ] pci C:windowssystem32driverspci.sys

21:40:01.0316 4320 pci - ok

21:40:01.0324 4320 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:windowssystem32driverspciide.sys

21:40:01.0325 4320 pciide - ok

21:40:01.0356 4320 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:windowssystem32DRIVERSpcmcia.sys

21:40:01.0358 4320 pcmcia - ok

21:40:01.0365 4320 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:windowssystem32driverspcw.sys

21:40:01.0367 4320 pcw - ok

21:40:01.0398 4320 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:windowssystem32driverspeauth.sys

21:40:01.0403 4320 PEAUTH - ok

21:40:01.0443 4320 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:windowssystem32DRIVERSpgeffect.sys

21:40:01.0445 4320 PGEffect - ok

21:40:01.0521 4320 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:windowssystem32pla.dll

21:40:01.0539 4320 pla - ok

21:40:01.0575 4320 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:windowssystem32umpnpmgr.dll

21:40:01.0579 4320 PlugPlay - ok

21:40:01.0604 4320 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:windowssystem32pnrpauto.dll

21:40:01.0606 4320 PNRPAutoReg - ok

21:40:01.0631 4320 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:windowssystem32pnrpsvc.dll

21:40:01.0634 4320 PNRPsvc - ok

21:40:01.0677 4320 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:windowsSystem32ipsecsvc.dll

21:40:01.0681 4320 PolicyAgent - ok

21:40:01.0724 4320 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:windowssystem32umpo.dll

21:40:01.0730 4320 Power - ok

21:40:01.0764 4320 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:windowssystem32DRIVERSraspptp.sys

21:40:01.0766 4320 PptpMiniport - ok

21:40:01.0786 4320 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:windowssystem32DRIVERSprocessr.sys

21:40:01.0788 4320 Processor - ok

21:40:01.0830 4320 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:windowssystem32profsvc.dll

21:40:01.0835 4320 ProfSvc - ok

21:40:01.0853 4320 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:windowssystem32lsass.exe

21:40:01.0857 4320 ProtectedStorage - ok

21:40:01.0871 4320 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:windowssystem32DRIVERSpacer.sys

21:40:01.0873 4320 Psched - ok

21:40:01.0904 4320 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:windowssystem32DriversPxHelp20.sys

21:40:01.0905 4320 PxHelp20 - ok

21:40:01.0956 4320 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:windowssystem32DRIVERSql2300.sys

21:40:01.0965 4320 ql2300 - ok

21:40:02.0003 4320 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:windowssystem32DRIVERSql40xx.sys

21:40:02.0004 4320 ql40xx - ok

21:40:02.0044 4320 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:windowssystem32qwave.dll

21:40:02.0047 4320 QWAVE - ok

21:40:02.0063 4320 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:windowssystem32driversqwavedrv.sys

21:40:02.0064 4320 QWAVEdrv - ok

21:40:02.0080 4320 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:windowssystem32DRIVERSrasacd.sys

21:40:02.0081 4320 RasAcd - ok

21:40:02.0112 4320 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:windowssystem32DRIVERSAgileVpn.sys

21:40:02.0113 4320 RasAgileVpn - ok

21:40:02.0137 4320 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:windowsSystem32rasauto.dll

21:40:02.0140 4320 RasAuto - ok

21:40:02.0163 4320 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:windowssystem32DRIVERSrasl2tp.sys

21:40:02.0165 4320 Rasl2tp - ok

21:40:02.0207 4320 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:windowsSystem32rasmans.dll

21:40:02.0213 4320 RasMan - ok

21:40:02.0229 4320 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:windowssystem32DRIVERSraspppoe.sys

21:40:02.0231 4320 RasPppoe - ok

21:40:02.0239 4320 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:windowssystem32DRIVERSrassstp.sys

21:40:02.0241 4320 RasSstp - ok

21:40:02.0284 4320 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:windowssystem32DRIVERSrdbss.sys

21:40:02.0286 4320 rdbss - ok

21:40:02.0322 4320 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:windowssystem32DRIVERSrdpbus.sys

21:40:02.0323 4320 rdpbus - ok

21:40:02.0366 4320 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:windowssystem32DRIVERSRDPCDD.sys

21:40:02.0367 4320 RDPCDD - ok

21:40:02.0383 4320 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:windowssystem32driversrdpencdd.sys

21:40:02.0384 4320 RDPENCDD - ok

21:40:02.0405 4320 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:windowssystem32driversrdprefmp.sys

21:40:02.0406 4320 RDPREFMP - ok

21:40:02.0446 4320 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:windowssystem32driversRDPWD.sys

21:40:02.0448 4320 RDPWD - ok

21:40:02.0484 4320 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:windowssystem32driversrdyboost.sys

21:40:02.0486 4320 rdyboost - ok

21:40:02.0554 4320 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:windowsSystem32mprdim.dll

21:40:02.0557 4320 RemoteAccess - ok

21:40:02.0597 4320 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:windowssystem32regsvc.dll

21:40:02.0601 4320 RemoteRegistry - ok

21:40:02.0619 4320 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:windowsSystem32RpcEpMap.dll

21:40:02.0623 4320 RpcEptMapper - ok

21:40:02.0682 4320 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:windowssystem32locator.exe

21:40:02.0685 4320 RpcLocator - ok

21:40:02.0710 4320 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:windowssystem32rpcss.dll

21:40:02.0718 4320 RpcSs - ok

21:40:02.0758 4320 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:windowssystem32DRIVERSrspndr.sys

21:40:02.0759 4320 rspndr - ok

21:40:02.0795 4320 [ B87F999E05DD9C0312C83A8752E8E66B ] RSUSBSTOR C:windowssystem32DriversRtsUStor.sys

21:40:02.0797 4320 RSUSBSTOR - ok

21:40:02.0809 4320 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:windowssystem32lsass.exe

21:40:02.0811 4320 SamSs - ok

21:40:02.0849 4320 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:windowssystem32driverssbp2port.sys

21:40:02.0851 4320 sbp2port - ok

21:40:02.0887 4320 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:windowsSystem32SCardSvr.dll

21:40:02.0890 4320 SCardSvr - ok

21:40:02.0913 4320 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:windowssystem32DRIVERSscfilter.sys

21:40:02.0914 4320 scfilter - ok

21:40:02.0971 4320 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:windowssystem32schedsvc.dll

21:40:02.0978 4320 Schedule - ok

21:40:02.0999 4320 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:windowsSystem32certprop.dll

21:40:03.0000 4320 SCPolicySvc - ok

21:40:03.0045 4320 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:windowsSystem32SDRSVC.dll

21:40:03.0050 4320 SDRSVC - ok

21:40:03.0080 4320 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:windowssystem32driverssecdrv.sys

21:40:03.0081 4320 secdrv - ok

21:40:03.0109 4320 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:windowssystem32seclogon.dll

21:40:03.0112 4320 seclogon - ok

21:40:03.0131 4320 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:windowssystem32sens.dll

21:40:03.0134 4320 SENS - ok

21:40:03.0152 4320 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:windowssystem32sensrsvc.dll

21:40:03.0155 4320 SensrSvc - ok

21:40:03.0184 4320 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:windowssystem32DRIVERSserenum.sys

21:40:03.0185 4320 Serenum - ok

21:40:03.0210 4320 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:windowssystem32DRIVERSserial.sys

21:40:03.0211 4320 Serial - ok

21:40:03.0230 4320 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:windowssystem32DRIVERSsermouse.sys

21:40:03.0232 4320 sermouse - ok

21:40:03.0279 4320 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:windowssystem32sessenv.dll

21:40:03.0283 4320 SessionEnv - ok

21:40:03.0310 4320 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:windowssystem32driverssffdisk.sys

21:40:03.0311 4320 sffdisk - ok

21:40:03.0337 4320 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:windowssystem32driverssffp_mmc.sys

21:40:03.0338 4320 sffp_mmc - ok

21:40:03.0352 4320 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:windowssystem32driverssffp_sd.sys

21:40:03.0354 4320 sffp_sd - ok

21:40:03.0389 4320 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:windowssystem32DRIVERSsfloppy.sys

21:40:03.0391 4320 sfloppy - ok

21:40:03.0435 4320 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:windowsSystem32ipnathlp.dll

21:40:03.0441 4320 SharedAccess - ok

21:40:03.0488 4320 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:windowsSystem32shsvcs.dll

21:40:03.0493 4320 ShellHWDetection - ok

21:40:03.0505 4320 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:windowssystem32driverssisagp.sys

21:40:03.0506 4320 sisagp - ok

21:40:03.0528 4320 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:windowssystem32DRIVERSSiSRaid2.sys

21:40:03.0529 4320 SiSRaid2 - ok

21:40:03.0544 4320 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:windowssystem32DRIVERSsisraid4.sys

21:40:03.0545 4320 SiSRaid4 - ok

21:40:03.0554 4320 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:windowssystem32DRIVERSsmb.sys

21:40:03.0555 4320 Smb - ok

21:40:03.0585 4320 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:windowsSystem32snmptrap.exe

21:40:03.0588 4320 SNMPTRAP - ok

21:40:03.0619 4320 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:windowssystem32driversspldr.sys

21:40:03.0620 4320 spldr - ok

21:40:03.0653 4320 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:windowsSystem32spoolsv.exe

21:40:03.0657 4320 Spooler - ok

21:40:03.0772 4320 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:windowssystem32sppsvc.exe

21:40:03.0793 4320 sppsvc - ok

21:40:03.0842 4320 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:windowssystem32sppuinotify.dll

21:40:03.0845 4320 sppuinotify - ok

21:40:03.0878 4320 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe

21:40:03.0882 4320 SQLBrowser - ok

21:40:03.0904 4320 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe

21:40:03.0906 4320 SQLWriter - ok

21:40:03.0935 4320 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:windowssystem32DRIVERSsrv.sys

21:40:03.0938 4320 srv - ok

21:40:03.0948 4320 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:windowssystem32DRIVERSsrv2.sys

21:40:03.0951 4320 srv2 - ok

21:40:03.0962 4320 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:windowssystem32DRIVERSsrvnet.sys

21:40:03.0964 4320 srvnet - ok

21:40:03.0999 4320 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:windowsSystem32ssdpsrv.dll

21:40:04.0002 4320 SSDPSRV - ok

21:40:04.0009 4320 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:windowssystem32sstpsvc.dll

21:40:04.0013 4320 SstpSvc - ok

21:40:04.0046 4320 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:windowssystem32DRIVERSstexstor.sys

21:40:04.0047 4320 stexstor - ok

21:40:04.0102 4320 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:windowsSystem32wiaservc.dll

21:40:04.0111 4320 StiSvc - ok

21:40:04.0141 4320 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:windowssystem32driversswenum.sys

21:40:04.0142 4320 swenum - ok

21:40:04.0172 4320 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:windowsSystem32swprv.dll

21:40:04.0176 4320 swprv - ok

21:40:04.0200 4320 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP C:windowssystem32DRIVERSSynTP.sys

21:40:04.0203 4320 SynTP - ok

21:40:04.0270 4320 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:windowssystem32sysmain.dll

21:40:04.0285 4320 SysMain - ok

21:40:04.0330 4320 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:windowsSystem32TabSvc.dll

21:40:04.0333 4320 TabletInputService - ok

21:40:04.0377 4320 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:windowsSystem32tapisrv.dll

21:40:04.0381 4320 TapiSrv - ok

21:40:04.0415 4320 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:windowsSystem32tbssvc.dll

21:40:04.0418 4320 TBS - ok

21:40:04.0476 4320 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:windowssystem32driverstcpip.sys

21:40:04.0485 4320 Tcpip - ok

21:40:04.0510 4320 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:windowssystem32DRIVERStcpip.sys

21:40:04.0526 4320 TCPIP6 - ok

21:40:04.0582 4320 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:windowssystem32driverstcpipreg.sys

21:40:04.0584 4320 tcpipreg - ok

21:40:04.0633 4320 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:windowssystem32DRIVERStdcmdpst.sys

21:40:04.0636 4320 tdcmdpst - ok

21:40:04.0675 4320 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:windowssystem32driverstdpipe.sys

21:40:04.0677 4320 TDPIPE - ok

21:40:04.0713 4320 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:windowssystem32driverstdtcp.sys

21:40:04.0715 4320 TDTCP - ok

21:40:04.0763 4320 [ B459575348C20E8121D6039DA063C704 ] tdx C:windowssystem32DRIVERStdx.sys

21:40:04.0765 4320 tdx - ok

21:40:04.0775 4320 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:windowssystem32driverstermdd.sys

21:40:04.0777 4320 TermDD - ok

21:40:04.0832 4320 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:windowsSystem32termsrv.dll

21:40:04.0842 4320 TermService - ok

21:40:04.0850 4320 TfFsMon - ok

21:40:04.0860 4320 TFSysMon - ok

21:40:04.0890 4320 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:windowssystem32themeservice.dll

21:40:04.0893 4320 Themes - ok

21:40:04.0909 4320 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:windowssystem32mmcss.dll

21:40:04.0911 4320 THREADORDER - ok

21:40:04.0936 4320 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:windowssystem32TODDSrv.exe

21:40:04.0939 4320 TODDSrv - ok

21:40:04.0995 4320 [ 85EDF7A274435E4DF051BB23F8E01581 ] TosCoSrv C:Program FilesTOSHIBAPower SaverTosCoSrv.exe

21:40:05.0001 4320 TosCoSrv - ok

21:40:05.0033 4320 [ 991E324DC137402148E01C2269632C6B ] TOSHIBA HDD SSD Alert Service C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe

21:40:05.0034 4320 TOSHIBA HDD SSD Alert Service - ok

21:40:05.0065 4320 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:windowsSystem32trkwks.dll

21:40:05.0068 4320 TrkWks - ok

21:40:05.0143 4320 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:windowsservicingTrustedInstaller.exe

21:40:05.0147 4320 TrustedInstaller - ok

21:40:05.0168 4320 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:windowssystem32DRIVERStssecsrv.sys

21:40:05.0170 4320 tssecsrv - ok

21:40:05.0212 4320 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:windowssystem32driverstsusbflt.sys

21:40:05.0213 4320 TsUsbFlt - ok

21:40:05.0290 4320 [ 86CD728FB5F6A409112662E1596D987B ] TuneUp.UtilitiesSvc C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesService32.exe

21:40:05.0300 4320 TuneUp.UtilitiesSvc - ok

21:40:05.0333 4320 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesDriver32.sys

21:40:05.0334 4320 TuneUpUtilitiesDrv - ok

21:40:05.0379 4320 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:windowssystem32DRIVERStunnel.sys

21:40:05.0381 4320 tunnel - ok

21:40:05.0417 4320 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:windowssystem32DRIVERSTVALZ_O.SYS

21:40:05.0418 4320 TVALZ - ok

21:40:05.0449 4320 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:windowssystem32DRIVERSuagp35.sys

21:40:05.0451 4320 uagp35 - ok

21:40:05.0502 4320 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:windowssystem32DRIVERSudfs.sys

21:40:05.0506 4320 udfs - ok

21:40:05.0550 4320 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:windowssystem32UI0Detect.exe

21:40:05.0552 4320 UI0Detect - ok

21:40:05.0578 4320 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:windowssystem32driversuliagpkx.sys

21:40:05.0579 4320 uliagpkx - ok

21:40:05.0612 4320 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:windowssystem32driversumbus.sys

21:40:05.0613 4320 umbus - ok

21:40:05.0640 4320 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:windowssystem32DRIVERSumpass.sys

21:40:05.0641 4320 UmPass - ok

21:40:05.0670 4320 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:windowsSystem32upnphost.dll

21:40:05.0674 4320 upnphost - ok

21:40:05.0707 4320 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:windowssystem32DRIVERSusbccgp.sys

21:40:05.0708 4320 usbccgp - ok

21:40:05.0729 4320 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:windowssystem32driversusbcir.sys

21:40:05.0731 4320 usbcir - ok

21:40:05.0741 4320 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:windowssystem32DRIVERSusbehci.sys

21:40:05.0742 4320 usbehci - ok

21:40:05.0761 4320 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:windowssystem32DRIVERSusbhub.sys

21:40:05.0763 4320 usbhub - ok

21:40:05.0779 4320 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:windowssystem32driversusbohci.sys

21:40:05.0780 4320 usbohci - ok

21:40:05.0812 4320 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:windowssystem32DRIVERSusbprint.sys

21:40:05.0813 4320 usbprint - ok

21:40:05.0848 4320 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:windowssystem32DRIVERSusbscan.sys

21:40:05.0849 4320 usbscan - ok

21:40:05.0872 4320 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:windowssystem32DRIVERSUSBSTOR.SYS

21:40:05.0874 4320 USBSTOR - ok

21:40:05.0904 4320 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:windowssystem32DRIVERSusbuhci.sys

21:40:05.0905 4320 usbuhci - ok

21:40:05.0927 4320 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:windowsSystem32Driversusbvideo.sys

21:40:05.0929 4320 usbvideo - ok

21:40:05.0961 4320 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:windowsSystem32uxsms.dll

21:40:05.0964 4320 UxSms - ok

21:40:05.0976 4320 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:windowssystem32lsass.exe

21:40:05.0977 4320 VaultSvc - ok

21:40:05.0995 4320 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:windowssystem32driversvdrvroot.sys

21:40:05.0996 4320 vdrvroot - ok

21:40:06.0054 4320 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:windowsSystem32vds.exe

21:40:06.0063 4320 vds - ok

21:40:06.0100 4320 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:windowssystem32DRIVERSvgapnp.sys

21:40:06.0102 4320 vga - ok

21:40:06.0124 4320 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:windowsSystem32driversvga.sys

21:40:06.0126 4320 VgaSave - ok

21:40:06.0160 4320 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:windowssystem32driversvhdmp.sys

21:40:06.0162 4320 vhdmp - ok

21:40:06.0176 4320 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:windowssystem32driversviaagp.sys

21:40:06.0178 4320 viaagp - ok

21:40:06.0214 4320 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:windowssystem32DRIVERSviac7.sys

21:40:06.0216 4320 ViaC7 - ok

21:40:06.0241 4320 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:windowssystem32driversviaide.sys

21:40:06.0242 4320 viaide - ok

21:40:06.0262 4320 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:windowssystem32driversvolmgr.sys

21:40:06.0263 4320 volmgr - ok

21:40:06.0273 4320 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:windowssystem32driversvolmgrx.sys

21:40:06.0276 4320 volmgrx - ok

21:40:06.0285 4320 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:windowssystem32driversvolsnap.sys

21:40:06.0287 4320 volsnap - ok

21:40:06.0319 4320 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:windowssystem32DRIVERSvsmraid.sys

21:40:06.0321 4320 vsmraid - ok

21:40:06.0391 4320 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:windowssystem32vssvc.exe

21:40:06.04

Share this post


Link to post
Share on other sites

21:40:06.0405 4320 VSS - ok

21:40:06.0428 4320 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:windowssystem32DRIVERSvwifibus.sys

21:40:06.0429 4320 vwifibus - ok

21:40:06.0449 4320 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:windowssystem32DRIVERSvwififlt.sys

21:40:06.0451 4320 vwififlt - ok

21:40:06.0460 4320 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:windowssystem32DRIVERSvwifimp.sys

21:40:06.0461 4320 vwifimp - ok

21:40:06.0492 4320 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:windowssystem32w32time.dll

21:40:06.0497 4320 W32Time - ok

21:40:06.0560 4320 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:windowssystem32DRIVERSwacompen.sys

21:40:06.0562 4320 WacomPen - ok

21:40:06.0608 4320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:windowssystem32DRIVERSwanarp.sys

21:40:06.0610 4320 WANARP - ok

21:40:06.0616 4320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:windowssystem32DRIVERSwanarp.sys

21:40:06.0619 4320 Wanarpv6 - ok

21:40:06.0713 4320 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:windowssystem32WatWatAdminSvc.exe

21:40:06.0728 4320 WatAdminSvc - ok

21:40:06.0784 4320 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:windowssystem32wbengine.exe

21:40:06.0801 4320 wbengine - ok

21:40:06.0839 4320 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:windowsSystem32wbiosrvc.dll

21:40:06.0846 4320 WbioSrvc - ok

21:40:06.0894 4320 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:windowsSystem32wcncsvc.dll

21:40:06.0902 4320 wcncsvc - ok

21:40:06.0914 4320 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:windowsSystem32WcsPlugInService.dll

21:40:06.0919 4320 WcsPlugInService - ok

21:40:06.0951 4320 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:windowssystem32DRIVERSwd.sys

21:40:06.0952 4320 Wd - ok

21:40:06.0978 4320 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:windowssystem32driversWdf01000.sys

21:40:06.0982 4320 Wdf01000 - ok

21:40:07.0017 4320 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:windowssystem32wdi.dll

21:40:07.0020 4320 WdiServiceHost - ok

21:40:07.0024 4320 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:windowssystem32wdi.dll

21:40:07.0028 4320 WdiSystemHost - ok

21:40:07.0074 4320 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:windowsSystem32webclnt.dll

21:40:07.0078 4320 WebClient - ok

21:40:07.0102 4320 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:windowssystem32wecsvc.dll

21:40:07.0105 4320 Wecsvc - ok

21:40:07.0118 4320 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:windowsSystem32wercplsupport.dll

21:40:07.0121 4320 wercplsupport - ok

21:40:07.0129 4320 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:windowsSystem32WerSvc.dll

21:40:07.0132 4320 WerSvc - ok

21:40:07.0160 4320 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:windowssystem32DRIVERSwfplwf.sys

21:40:07.0161 4320 WfpLwf - ok

21:40:07.0177 4320 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:windowssystem32driverswimmount.sys

21:40:07.0178 4320 WIMMount - ok

21:40:07.0227 4320 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:Program FilesWindows Defendermpsvc.dll

21:40:07.0231 4320 WinDefend - ok

21:40:07.0239 4320 WinHttpAutoProxySvc - ok

21:40:07.0304 4320 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:windowssystem32wbemWMIsvc.dll

21:40:07.0307 4320 Winmgmt - ok

21:40:07.0380 4320 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:windowssystem32WsmSvc.dll

21:40:07.0396 4320 WinRM - ok

21:40:07.0460 4320 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:windowsSystem32wlansvc.dll

21:40:07.0473 4320 Wlansvc - ok

21:40:07.0502 4320 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:windowssystem32driverswmiacpi.sys

21:40:07.0503 4320 WmiAcpi - ok

21:40:07.0533 4320 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:windowssystem32wbemWmiApSrv.exe

21:40:07.0535 4320 wmiApSrv - ok

21:40:07.0628 4320 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:Program FilesWindows Media Playerwmpnetwk.exe

21:40:07.0640 4320 WMPNetworkSvc - ok

21:40:07.0670 4320 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:windowsSystem32wpcsvc.dll

21:40:07.0673 4320 WPCSvc - ok

21:40:07.0713 4320 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:windowssystem32wpdbusenum.dll

21:40:07.0717 4320 WPDBusEnum - ok

21:40:07.0744 4320 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:windowssystem32driversws2ifsl.sys

21:40:07.0746 4320 ws2ifsl - ok

21:40:07.0773 4320 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:windowssystem32wscsvc.dll

21:40:07.0776 4320 wscsvc - ok

21:40:07.0782 4320 WSearch - ok

21:40:07.0866 4320 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:windowssystem32wuaueng.dll

21:40:07.0886 4320 wuauserv - ok

21:40:07.0928 4320 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:windowssystem32driversWudfPf.sys

21:40:07.0930 4320 WudfPf - ok

21:40:07.0981 4320 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:windowssystem32DRIVERSWUDFRd.sys

21:40:07.0984 4320 WUDFRd - ok

21:40:08.0023 4320 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:windowsSystem32WUDFSvc.dll

21:40:08.0028 4320 wudfsvc - ok

21:40:08.0062 4320 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:windowsSystem32wwansvc.dll

21:40:08.0068 4320 WwanSvc - ok

21:40:08.0076 4320 XDva390 - ok

21:40:08.0108 4320 ================ Scan global ===============================

21:40:08.0146 4320 [ DAB748AE0439955ED2FA22357533DDDB ] C:windowssystem32basesrv.dll

21:40:08.0171 4320 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:windowssystem32winsrv.dll

21:40:08.0181 4320 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:windowssystem32winsrv.dll

21:40:08.0210 4320 [ 364455805E64882844EE9ACB72522830 ] C:windowssystem32sxssrv.dll

21:40:08.0245 4320 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:windowssystem32services.exe

21:40:08.0249 4320 [Global] - ok

21:40:08.0250 4320 ================ Scan MBR ==================================

21:40:08.0261 4320 [ DD46A7C267D604E9F4DCCBA41BEE648C ] DeviceHarddisk0DR0

21:40:08.0262 4320 Suspicious mbr (Forged): DeviceHarddisk0DR0

21:40:08.0287 4320 DeviceHarddisk0DR0 ( Rootkit.Boot.SST.a ) - infected

21:40:08.0287 4320 DeviceHarddisk0DR0 - detected Rootkit.Boot.SST.a (0)

21:40:08.0287 4320 ================ Scan VBR ==================================

21:40:08.0321 4320 [ 0F437170D383EA27939B79885013F083 ] DeviceHarddisk0DR0Partition1

21:40:08.0323 4320 DeviceHarddisk0DR0Partition1 - ok

21:40:08.0324 4320 ============================================================

21:40:08.0324 4320 Scan finished

21:40:08.0324 4320 ============================================================

21:40:08.0339 5656 Detected object count: 1

21:40:08.0339 5656 Actual detected object count: 1

21:40:21.0197 5656 DeviceHarddisk0DR0# - copied to quarantine

21:40:21.0254 5656 DeviceHarddisk0DR0 - copied to quarantine

21:40:21.0301 5656 DeviceHarddisk0DR0TDLFSmbr - copied to quarantine

21:40:21.0303 5656 DeviceHarddisk0DR0TDLFSvbr - copied to quarantine

21:40:21.0306 5656 DeviceHarddisk0DR0TDLFSbid - copied to quarantine

21:40:21.0309 5656 DeviceHarddisk0DR0TDLFSaffid - copied to quarantine

21:40:21.0312 5656 DeviceHarddisk0DR0TDLFSboot - copied to quarantine

21:40:21.0315 5656 DeviceHarddisk0DR0TDLFScmd32 - copied to quarantine

21:40:21.0319 5656 DeviceHarddisk0DR0TDLFScmd64 - copied to quarantine

21:40:21.0323 5656 DeviceHarddisk0DR0TDLFSdbg32 - copied to quarantine

21:40:21.0326 5656 DeviceHarddisk0DR0TDLFSdbg64 - copied to quarantine

21:40:21.0363 5656 DeviceHarddisk0DR0TDLFSdrv32 - copied to quarantine

21:40:21.0367 5656 DeviceHarddisk0DR0TDLFSdrv64 - copied to quarantine

21:40:21.0408 5656 DeviceHarddisk0DR0TDLFSldr32 - copied to quarantine

21:40:21.0413 5656 DeviceHarddisk0DR0TDLFSldr64 - copied to quarantine

21:40:21.0417 5656 DeviceHarddisk0DR0TDLFSsubid - copied to quarantine

21:40:21.0421 5656 DeviceHarddisk0DR0TDLFStdi32 - copied to quarantine

21:40:21.0425 5656 DeviceHarddisk0DR0TDLFStdi64 - copied to quarantine

21:40:21.0429 5656 DeviceHarddisk0DR0TDLFSmain1 - copied to quarantine

21:40:21.0432 5656 DeviceHarddisk0DR0TDLFSinfo - copied to quarantine

21:40:21.0434 5656 DeviceHarddisk0DR0TDLFSmain - copied to quarantine

21:40:21.0436 5656 DeviceHarddisk0DR0TDLFSmainfb.script - copied to quarantine

21:40:21.0489 5656 DeviceHarddisk0DR0TDLFScom32 - copied to quarantine

21:40:21.0515 5656 DeviceHarddisk0DR0TDLFSbbr232 - copied to quarantine

21:40:21.0540 5656 DeviceHarddisk0DR0TDLFSserf332 - copied to quarantine

21:40:21.0550 5656 DeviceHarddisk0DR0TDLFSserf_conf - copied to quarantine

21:40:21.0813 5656 DeviceHarddisk0DR0TDLFSbbr_conf - copied to quarantine

21:40:21.0885 5656 DeviceHarddisk0DR0 - processing error

21:40:23.0470 5656 DeviceHarddisk0DR0 - will be restored on reboot

21:40:23.0548 5656 DeviceHarddisk0DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore

21:40:26.0031 2160 Deinitialize success

 

Sorry I don't know why it's such a long log..

Share this post


Link to post
Share on other sites

It's alright :)

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===================================================

 

Download TFC to your desktop

  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean
===================================================

 

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan

 

Note: If you are using Windows Vista/7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

 

*Note

It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.

Please don't go surfing while your resident protection is disabled!

Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.

 

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin

    scanning your computer. Please be patient as this can take some time.

  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:Program FilesESETESET Online Scannerlog.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Make sure you saved the log somewhere else. Select Uninstall application on close check box and push Posted Image
===================================================

 

Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware here and save to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program. (Note to Vista users, please right-click and select Run as Administrator.)
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
Note:
  • The log can also be found here:

    C:Documents and SettingsUsernameApplication DataMalwarebytesMalwarebytes' Anti-MalwareLogsmbam-log-date (time).txt

  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK to either and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.

 

===================================================

 

On your next reply please post :

FSS log

ESET log

MBAM log

 

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

 

Good Day!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...