Windows 7 Forums
Join Forum | Login | Today's Posts | Tutorials | Vista Forum | Windows 8 Forum


Windows 7: Need Help

30 Oct 2012   #1

windows 7 ultimate 32 bit [x86]
1 posts
 
 
Need Help
Plz Tell Me Whats the Problem Here i cant Understand Whats this
Tds Killer is Showing three Threats



Kaspersky TDS Killer Report
Quote:
18:31:48.0150 3668 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
18:31:48.0951 3668 ============================================================
18:31:48.0951 3668 Current date / time: 2012/10/30 18:31:48.0951
18:31:48.0951 3668 SystemInfo:
18:31:48.0951 3668
18:31:48.0951 3668 OS Version: 6.1.7601 ServicePack: 1.0
18:31:48.0951 3668 Product type: Workstation
18:31:48.0951 3668 ComputerName: ITSMEBILAL95-PC
18:31:48.0951 3668 UserName: itsmebilal95
18:31:48.0951 3668 Windows directory: C:\Windows
18:31:48.0951 3668 System windows directory: C:\Windows
18:31:48.0951 3668 Processor architecture: Intel x86
18:31:48.0952 3668 Number of processors: 2
18:31:48.0952 3668 Page size: 0x1000
18:31:48.0952 3668 Boot type: Normal boot
18:31:48.0952 3668 ============================================================
18:31:50.0315 3668 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:31:50.0320 3668 ============================================================
18:31:50.0320 3668 \Device\Harddisk0\DR0:
18:31:50.0320 3668 MBR partitions:
18:31:50.0320 3668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x251B5B7
18:31:50.0339 3668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x251B635, BlocksNum 0x2561F49
18:31:50.0339 3668 ============================================================
18:31:50.0376 3668 C: <-> \Device\Harddisk0\DR0\Partition1
18:31:50.0397 3668 D: <-> \Device\Harddisk0\DR0\Partition2
18:31:50.0397 3668 ============================================================
18:31:50.0397 3668 Initialize success
18:31:50.0397 3668 ============================================================
18:31:54.0330 3828 ============================================================
18:31:54.0330 3828 Scan started
18:31:54.0330 3828 Mode: Manual; SigCheck; TDLFS;
18:31:54.0330 3828 ============================================================
18:31:55.0806 3828 ================ Scan system memory ========================
18:31:55.0806 3828 System memory - ok
18:31:55.0807 3828 ================ Scan services =============================
18:31:55.0962 3828 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:31:56.0139 3828 1394ohci - ok
18:31:56.0190 3828 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:31:56.0219 3828 ACPI - ok
18:31:56.0265 3828 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:31:56.0334 3828 AcpiPmi - ok
18:31:56.0383 3828 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:56.0427 3828 adp94xx - ok
18:31:56.0449 3828 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:31:56.0493 3828 adpahci - ok
18:31:56.0517 3828 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:31:56.0541 3828 adpu320 - ok
18:31:56.0569 3828 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:31:56.0669 3828 AeLookupSvc - ok
18:31:56.0719 3828 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:31:56.0819 3828 AFD - ok
18:31:56.0856 3828 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:31:56.0878 3828 agp440 - ok
18:31:56.0921 3828 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:31:56.0942 3828 aic78xx - ok
18:31:56.0981 3828 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:31:57.0041 3828 ALG - ok
18:31:57.0066 3828 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:31:57.0084 3828 aliide - ok
18:31:57.0110 3828 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:31:57.0133 3828 amdagp - ok
18:31:57.0159 3828 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:31:57.0199 3828 amdide - ok
18:31:57.0274 3828 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:31:57.0355 3828 AmdK8 - ok
18:31:57.0370 3828 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:31:57.0415 3828 AmdPPM - ok
18:31:57.0461 3828 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:31:57.0481 3828 amdsata - ok
18:31:57.0519 3828 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:57.0545 3828 amdsbs - ok
18:31:57.0557 3828 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:31:57.0577 3828 amdxata - ok
18:31:57.0615 3828 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:31:57.0722 3828 AppID - ok
18:31:57.0759 3828 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:31:57.0812 3828 AppIDSvc - ok
18:31:57.0848 3828 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:31:57.0897 3828 Appinfo - ok
18:31:57.0946 3828 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:31:58.0020 3828 AppMgmt - ok
18:31:58.0044 3828 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:31:58.0069 3828 arc - ok
18:31:58.0082 3828 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:31:58.0103 3828 arcsas - ok
18:31:58.0140 3828 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:58.0284 3828 AsyncMac - ok
18:31:58.0312 3828 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:31:58.0331 3828 atapi - ok
18:31:58.0377 3828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:31:58.0441 3828 AudioEndpointBuilder - ok
18:31:58.0467 3828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:31:58.0509 3828 Audiosrv - ok
18:31:58.0553 3828 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:31:58.0639 3828 AxInstSV - ok
18:31:58.0691 3828 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:31:58.0783 3828 b06bdrv - ok
18:31:58.0835 3828 [ 4BA3FE0B9F565A5E437227B53EF6F436 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:31:58.0927 3828 b57nd60x - ok
18:31:58.0981 3828 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:31:59.0060 3828 BDESVC - ok
18:31:59.0096 3828 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:31:59.0157 3828 Beep - ok
18:31:59.0217 3828 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:31:59.0291 3828 BFE - ok
18:31:59.0338 3828 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:31:59.0441 3828 BITS - ok
18:31:59.0463 3828 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:59.0500 3828 blbdrive - ok
18:31:59.0537 3828 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:31:59.0580 3828 bowser - ok
18:31:59.0607 3828 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:59.0708 3828 BrFiltLo - ok
18:31:59.0715 3828 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:59.0757 3828 BrFiltUp - ok
18:31:59.0799 3828 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:31:59.0845 3828 BridgeMP - ok
18:31:59.0874 3828 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:31:59.0929 3828 Browser - ok
18:31:59.0953 3828 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:32:00.0011 3828 Brserid - ok
18:32:00.0035 3828 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:32:00.0080 3828 BrSerWdm - ok
18:32:00.0112 3828 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:32:00.0145 3828 BrUsbMdm - ok
18:32:00.0158 3828 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:32:00.0206 3828 BrUsbSer - ok
18:32:00.0215 3828 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:32:00.0254 3828 BTHMODEM - ok
18:32:00.0300 3828 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:32:00.0355 3828 bthserv - ok
18:32:00.0391 3828 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:32:00.0449 3828 cdfs - ok
18:32:00.0491 3828 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:32:00.0528 3828 cdrom - ok
18:32:00.0570 3828 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:32:00.0612 3828 CertPropSvc - ok
18:32:00.0653 3828 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:32:00.0685 3828 circlass - ok
18:32:00.0723 3828 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:32:00.0752 3828 CLFS - ok
18:32:00.0851 3828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:32:00.0871 3828 clr_optimization_v2.0.50727_32 - ok
18:32:00.0940 3828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:32:01.0002 3828 clr_optimization_v4.0.30319_32 - ok
18:32:01.0022 3828 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:32:01.0051 3828 CmBatt - ok
18:32:01.0084 3828 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:32:01.0102 3828 cmdide - ok
18:32:01.0148 3828 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
18:32:01.0213 3828 CNG - ok
18:32:01.0240 3828 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:32:01.0262 3828 Compbatt - ok
18:32:01.0299 3828 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:32:01.0344 3828 CompositeBus - ok
18:32:01.0365 3828 COMSysApp - ok
18:32:01.0388 3828 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:32:01.0415 3828 crcdisk - ok
18:32:01.0460 3828 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:32:01.0536 3828 CryptSvc - ok
18:32:01.0571 3828 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:32:01.0649 3828 CSC - ok
18:32:01.0689 3828 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:32:01.0732 3828 CscService - ok
18:32:01.0764 3828 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:32:01.0816 3828 DcomLaunch - ok
18:32:01.0853 3828 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:32:01.0906 3828 defragsvc - ok
18:32:01.0952 3828 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:32:02.0013 3828 DfsC - ok
18:32:02.0066 3828 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:32:02.0125 3828 Dhcp - ok
18:32:02.0155 3828 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:32:02.0208 3828 discache - ok
18:32:02.0238 3828 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:32:02.0262 3828 Disk - ok
18:32:02.0295 3828 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:32:02.0384 3828 Dnscache - ok
18:32:02.0422 3828 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:32:02.0475 3828 dot3svc - ok
18:32:02.0506 3828 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:32:02.0563 3828 DPS - ok
18:32:02.0598 3828 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:32:02.0632 3828 drmkaud - ok
18:32:02.0673 3828 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:32:02.0726 3828 DXGKrnl - ok
18:32:02.0754 3828 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:32:02.0804 3828 EapHost - ok
18:32:02.0943 3828 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:32:03.0096 3828 ebdrv - ok
18:32:03.0137 3828 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:32:03.0174 3828 EFS - ok
18:32:03.0240 3828 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:32:03.0300 3828 ehRecvr - ok
18:32:03.0333 3828 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:32:03.0385 3828 ehSched - ok
18:32:03.0434 3828 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:32:03.0478 3828 elxstor - ok
18:32:03.0502 3828 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:32:03.0534 3828 ErrDev - ok
18:32:03.0580 3828 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:32:03.0653 3828 EventSystem - ok
18:32:03.0669 3828 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:32:03.0741 3828 exfat - ok
18:32:03.0763 3828 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:32:03.0842 3828 fastfat - ok
18:32:03.0893 3828 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:32:03.0977 3828 Fax - ok
18:32:04.0004 3828 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:32:04.0039 3828 fdc - ok
18:32:04.0061 3828 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:32:04.0124 3828 fdPHost - ok
18:32:04.0144 3828 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:32:04.0209 3828 FDResPub - ok
18:32:04.0230 3828 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:32:04.0260 3828 FileInfo - ok
18:32:04.0288 3828 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:32:04.0347 3828 Filetrace - ok
18:32:04.0369 3828 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:32:04.0394 3828 flpydisk - ok
18:32:04.0419 3828 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:32:04.0456 3828 FltMgr - ok
18:32:04.0503 3828 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:32:04.0641 3828 FontCache - ok
18:32:04.0699 3828 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:32:04.0719 3828 FontCache3.0.0.0 - ok
18:32:04.0736 3828 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:32:04.0762 3828 FsDepends - ok
18:32:04.0792 3828 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:32:04.0820 3828 Fs_Rec - ok
18:32:04.0856 3828 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:32:04.0892 3828 fvevol - ok
18:32:04.0914 3828 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:32:04.0944 3828 gagp30kx - ok
18:32:04.0990 3828 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:32:05.0091 3828 gpsvc - ok
18:32:05.0209 3828 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:32:05.0230 3828 gupdate - ok
18:32:05.0234 3828 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:32:05.0250 3828 gupdatem - ok
18:32:05.0281 3828 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:32:05.0367 3828 hcw85cir - ok
18:32:05.0401 3828 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:32:05.0452 3828 HdAudAddService - ok
18:32:05.0478 3828 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:32:05.0522 3828 HDAudBus - ok
18:32:05.0550 3828 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:32:05.0582 3828 HidBatt - ok
18:32:05.0613 3828 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:32:05.0644 3828 HidBth - ok
18:32:05.0674 3828 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:32:05.0717 3828 HidIr - ok
18:32:05.0740 3828 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
18:32:05.0791 3828 hidserv - ok
18:32:05.0864 3828 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:32:05.0976 3828 HidUsb - ok
18:32:06.0003 3828 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:32:06.0062 3828 hkmsvc - ok
18:32:06.0091 3828 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:32:06.0169 3828 HomeGroupListener - ok
18:32:06.0196 3828 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:32:06.0240 3828 HomeGroupProvider - ok
18:32:06.0291 3828 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:32:06.0313 3828 HpSAMD - ok
18:32:06.0387 3828 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
18:32:06.0403 3828 HssDRV6 - ok
18:32:06.0446 3828 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:32:06.0496 3828 HTTP - ok
18:32:06.0525 3828 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:32:06.0542 3828 hwpolicy - ok
18:32:06.0579 3828 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:32:06.0617 3828 i8042prt - ok
18:32:06.0651 3828 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:32:06.0688 3828 iaStorV - ok
18:32:06.0731 3828 [ D0FAD0D98D723A3D32F9EF5A2CDE201D ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
18:32:06.0748 3828 IDMWFP - ok
18:32:06.0806 3828 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:32:06.0826 3828 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:32:06.0826 3828 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:32:06.0881 3828 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:32:06.0931 3828 idsvc - ok
18:32:07.0101 3828 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:32:07.0404 3828 igfx - ok
18:32:07.0434 3828 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:32:07.0455 3828 iirsp - ok
18:32:07.0558 3828 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:32:07.0660 3828 IKEEXT - ok
18:32:07.0786 3828 [ C4A01E7F7AA61256A153A1D8B463F89F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:32:07.0917 3828 IntcAzAudAddService - ok
18:32:07.0949 3828 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:32:07.0967 3828 intelide - ok
18:32:07.0999 3828 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:32:08.0035 3828 intelppm - ok
18:32:08.0065 3828 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:32:08.0122 3828 IPBusEnum - ok
18:32:08.0137 3828 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:32:08.0194 3828 IpFilterDriver - ok
18:32:08.0244 3828 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:32:08.0310 3828 iphlpsvc - ok
18:32:08.0347 3828 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:32:08.0377 3828 IPMIDRV - ok
18:32:08.0391 3828 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:32:08.0441 3828 IPNAT - ok
18:32:08.0468 3828 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:32:08.0550 3828 IRENUM - ok
18:32:08.0579 3828 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:32:08.0602 3828 isapnp - ok
18:32:08.0631 3828 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:32:08.0656 3828 iScsiPrt - ok
18:32:08.0684 3828 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:32:08.0704 3828 kbdclass - ok
18:32:08.0738 3828 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:32:08.0769 3828 kbdhid - ok
18:32:08.0788 3828 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:32:08.0809 3828 KeyIso - ok
18:32:08.0835 3828 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:32:08.0856 3828 KSecDD - ok
18:32:08.0880 3828 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:32:08.0903 3828 KSecPkg - ok
18:32:08.0955 3828 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:32:09.0014 3828 KtmRm - ok
18:32:09.0049 3828 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
18:32:09.0111 3828 LanmanServer - ok
18:32:09.0134 3828 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:32:09.0193 3828 LanmanWorkstation - ok
18:32:09.0241 3828 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:32:09.0292 3828 lltdio - ok
18:32:09.0321 3828 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:32:09.0367 3828 lltdsvc - ok
18:32:09.0378 3828 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:32:09.0425 3828 lmhosts - ok
18:32:09.0451 3828 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:32:09.0476 3828 LSI_FC - ok
18:32:09.0507 3828 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:32:09.0564 3828 LSI_SAS - ok
18:32:09.0573 3828 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:32:09.0598 3828 LSI_SAS2 - ok
18:32:09.0613 3828 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:32:09.0635 3828 LSI_SCSI - ok
18:32:09.0645 3828 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:32:09.0699 3828 luafv - ok
18:32:09.0750 3828 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:32:09.0771 3828 MBAMProtector - ok
18:32:09.0833 3828 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:32:09.0869 3828 MBAMScheduler - ok
18:32:09.0915 3828 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:32:09.0966 3828 MBAMService - ok
18:32:09.0995 3828 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:32:10.0019 3828 Mcx2Svc - ok
18:32:10.0048 3828 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:32:10.0069 3828 megasas - ok
18:32:10.0085 3828 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:32:10.0114 3828 MegaSR - ok
18:32:10.0142 3828 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:32:10.0200 3828 MMCSS - ok
18:32:10.0208 3828 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:32:10.0263 3828 Modem - ok
18:32:10.0303 3828 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:32:10.0342 3828 monitor - ok
18:32:10.0378 3828 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:32:10.0400 3828 mouclass - ok
18:32:10.0442 3828 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:32:10.0477 3828 mouhid - ok
18:32:10.0508 3828 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:32:10.0532 3828 mountmgr - ok
18:32:10.0595 3828 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:32:10.0619 3828 MozillaMaintenance - ok
18:32:10.0665 3828 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:32:10.0705 3828 MpFilter - ok
18:32:10.0718 3828 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:32:10.0744 3828 mpio - ok
18:32:10.0913 3828 [ A69630D039C38018689190234F866D77 ] MpKsl3a503ada C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04F77673-3788-441F-8DB0-CC5EC4D3DD29}\MpKsl3a503ada.sys
18:32:10.0914 3828 Suspicious file (Forged): C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04F77673-3788-441F-8DB0-CC5EC4D3DD29}\MpKsl3a503ada.sys. Real md5: A69630D039C38018689190234F866D77, Fake md5: 4137EE420481D10734DA3018D0325582
18:32:10.0914 3828 MpKsl3a503ada ( ForgedFile.Multi.Generic ) - warning
18:32:10.0915 3828 MpKsl3a503ada - detected ForgedFile.Multi.Generic (1)
18:32:10.0977 3828 [ A69630D039C38018689190234F866D77 ] MpKslff99d8b4 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04F77673-3788-441F-8DB0-CC5EC4D3DD29}\MpKslff99d8b4.sys
18:32:10.0997 3828 MpKslff99d8b4 - ok
18:32:11.0027 3828 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:32:11.0089 3828 mpsdrv - ok
18:32:11.0129 3828 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:32:11.0266 3828 MpsSvc - ok
18:32:11.0320 3828 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:32:11.0540 3828 MRxDAV - ok
18:32:11.0598 3828 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:32:11.0993 3828 mrxsmb - ok
18:32:12.0068 3828 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:32:12.0128 3828 mrxsmb10 - ok
18:32:12.0207 3828 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:32:12.0343 3828 mrxsmb20 - ok
18:32:12.0396 3828 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:32:12.0473 3828 msahci - ok
18:32:12.0522 3828 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:32:12.0601 3828 msdsm - ok
18:32:12.0661 3828 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:32:12.0760 3828 MSDTC - ok
18:32:12.0842 3828 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:32:13.0083 3828 Msfs - ok
18:32:13.0106 3828 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:32:13.0182 3828 mshidkmdf - ok
18:32:13.0193 3828 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:32:13.0219 3828 msisadrv - ok
18:32:13.0262 3828 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:32:13.0382 3828 MSiSCSI - ok
18:32:13.0389 3828 msiserver - ok
18:32:13.0425 3828 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:32:13.0486 3828 MSKSSRV - ok
18:32:13.0597 3828 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:32:13.0638 3828 MsMpSvc - ok
18:32:13.0700 3828 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:32:13.0751 3828 MSPCLOCK - ok
18:32:13.0800 3828 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:32:13.0878 3828 MSPQM - ok
18:32:13.0962 3828 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:32:14.0038 3828 MsRPC - ok
18:32:14.0153 3828 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:32:14.0179 3828 mssmbios - ok
18:32:14.0207 3828 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:32:14.0264 3828 MSTEE - ok
18:32:14.0272 3828 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:32:14.0300 3828 MTConfig - ok
18:32:14.0318 3828 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:32:14.0354 3828 Mup - ok
18:32:14.0421 3828 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:32:14.0517 3828 napagent - ok
18:32:14.0577 3828 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:32:14.0611 3828 NativeWifiP - ok
18:32:14.0656 3828 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:32:14.0706 3828 NDIS - ok
18:32:14.0732 3828 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:32:14.0798 3828 NdisCap - ok
18:32:14.0825 3828 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:14.0875 3828 NdisTapi - ok
18:32:14.0912 3828 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:14.0958 3828 Ndisuio - ok
18:32:14.0985 3828 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:15.0050 3828 NdisWan - ok
18:32:15.0066 3828 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:32:15.0125 3828 NDProxy - ok
18:32:15.0164 3828 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:32:15.0211 3828 NetBIOS - ok
18:32:15.0238 3828 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:32:15.0274 3828 NetBT - ok
18:32:15.0287 3828 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:32:15.0316 3828 Netlogon - ok
18:32:15.0394 3828 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:32:15.0446 3828 Netman - ok
18:32:15.0474 3828 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:32:15.0555 3828 netprofm - ok
18:32:15.0587 3828 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:32:15.0614 3828 NetTcpPortSharing - ok
18:32:15.0639 3828 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:32:15.0658 3828 nfrd960 - ok
18:32:15.0696 3828 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:32:15.0714 3828 NisDrv - ok
18:32:15.0750 3828 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
18:32:15.0777 3828 NisSrv - ok
18:32:15.0806 3828 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:32:15.0858 3828 NlaSvc - ok
18:32:15.0876 3828 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:32:15.0951 3828 Npfs - ok
18:32:15.0977 3828 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:32:16.0021 3828 nsi - ok
18:32:16.0040 3828 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:32:16.0090 3828 nsiproxy - ok
18:32:16.0142 3828 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:32:16.0207 3828 Ntfs - ok
18:32:16.0236 3828 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:32:16.0317 3828 Null - ok
18:32:16.0347 3828 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:32:16.0368 3828 nvraid - ok
18:32:16.0387 3828 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:32:16.0408 3828 nvstor - ok
18:32:16.0434 3828 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:32:16.0455 3828 nv_agp - ok
18:32:16.0471 3828 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:32:16.0500 3828 ohci1394 - ok
18:32:16.0531 3828 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:32:16.0633 3828 p2pimsvc - ok
18:32:16.0679 3828 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:32:16.0739 3828 p2psvc - ok
18:32:16.0776 3828 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:32:16.0797 3828 Parport - ok
18:32:16.0834 3828 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:32:16.0870 3828 partmgr - ok
18:32:16.0896 3828 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:32:16.0933 3828 Parvdm - ok
18:32:16.0968 3828 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:32:17.0017 3828 PcaSvc - ok
18:32:17.0046 3828 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:32:17.0070 3828 pci - ok
18:32:17.0097 3828 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:32:17.0116 3828 pciide - ok
18:32:17.0139 3828 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:17.0180 3828 pcmcia - ok
18:32:17.0198 3828 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:32:17.0231 3828 pcw - ok
18:32:17.0307 3828 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:32:17.0436 3828 PEAUTH - ok
18:32:17.0625 3828 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:32:17.0730 3828 PeerDistSvc - ok
18:32:17.0792 3828 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:32:17.0935 3828 pla - ok
18:32:18.0174 3828 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:32:18.0403 3828 PlugPlay - ok
18:32:18.0459 3828 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:32:18.0521 3828 PNRPAutoReg - ok
18:32:18.0536 3828 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:32:18.0582 3828 PNRPsvc - ok
18:32:18.0619 3828 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:32:18.0700 3828 PolicyAgent - ok
18:32:18.0756 3828 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:32:18.0848 3828 Power - ok
18:32:18.0910 3828 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:32:19.0004 3828 PptpMiniport - ok
18:32:19.0051 3828 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:32:19.0140 3828 Processor - ok
18:32:19.0194 3828 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:32:19.0548 3828 ProfSvc - ok
18:32:19.0599 3828 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:32:19.0645 3828 ProtectedStorage - ok
18:32:19.0832 3828 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:32:20.0118 3828 Psched - ok
18:32:20.0185 3828 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:32:20.0299 3828 ql2300 - ok
18:32:20.0332 3828 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:32:20.0376 3828 ql40xx - ok
18:32:20.0417 3828 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:32:20.0474 3828 QWAVE - ok
18:32:20.0489 3828 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:32:20.0530 3828 QWAVEdrv - ok
18:32:20.0556 3828 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:32:20.0620 3828 RasAcd - ok
18:32:20.0653 3828 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:32:20.0789 3828 RasAgileVpn - ok
18:32:20.0920 3828 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:32:21.0202 3828 RasAuto - ok
18:32:21.0412 3828 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:21.0656 3828 Rasl2tp - ok
18:32:21.0711 3828 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:32:21.0786 3828 RasMan - ok
18:32:21.0812 3828 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:21.0858 3828 RasPppoe - ok
18:32:21.0888 3828 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:32:21.0945 3828 RasSstp - ok
18:32:21.0980 3828 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:32:22.0052 3828 rdbss - ok
18:32:22.0072 3828 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:32:22.0095 3828 rdpbus - ok
18:32:22.0121 3828 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:32:22.0183 3828 RDPCDD - ok
18:32:22.0211 3828 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:32:22.0281 3828 RDPDR - ok
18:32:22.0357 3828 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:32:22.0433 3828 RDPENCDD - ok
18:32:22.0451 3828 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:32:22.0509 3828 RDPREFMP - ok
18:32:22.0566 3828 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:32:22.0625 3828 RdpVideoMiniport - ok
18:32:22.0655 3828 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:32:22.0713 3828 RDPWD - ok
18:32:22.0768 3828 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:32:22.0791 3828 rdyboost - ok
18:32:22.0821 3828 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:32:22.0872 3828 RemoteAccess - ok
18:32:22.0900 3828 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:32:22.0951 3828 RemoteRegistry - ok
18:32:22.0973 3828 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:32:23.0011 3828 RpcEptMapper - ok
18:32:23.0033 3828 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:32:23.0074 3828 RpcLocator - ok
18:32:23.0099 3828 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:32:23.0139 3828 RpcSs - ok
18:32:23.0173 3828 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:32:23.0220 3828 rspndr - ok
18:32:23.0264 3828 [ 166911EADA13CD34DD8F8C667707BE94 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
18:32:23.0317 3828 RTL8023xp - ok
18:32:23.0338 3828 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:32:23.0398 3828 s3cap - ok
18:32:23.0416 3828 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:32:23.0455 3828 SamSs - ok
18:32:23.0476 3828 SASKUTIL - ok
18:32:23.0500 3828 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:32:23.0521 3828 sbp2port - ok
18:32:23.0545 3828 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:32:23.0604 3828 SCardSvr - ok
18:32:23.0654 3828 [ BC7C602A9202429D37CCD07E7EBB6404 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
18:32:23.0677 3828 SCDEmu - ok
18:32:23.0706 3828 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:32:23.0752 3828 scfilter - ok
18:32:23.0794 3828 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:32:23.0868 3828 Schedule - ok
18:32:23.0886 3828 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:32:23.0923 3828 SCPolicySvc - ok
18:32:23.0954 3828 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:32:24.0028 3828 SDRSVC - ok
18:32:24.0064 3828 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:32:24.0109 3828 secdrv - ok
18:32:24.0136 3828 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:32:24.0181 3828 seclogon - ok
18:32:24.0218 3828 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:32:24.0269 3828 SENS - ok
18:32:24.0291 3828 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:32:24.0360 3828 SensrSvc - ok
18:32:24.0388 3828 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:32:24.0408 3828 Serenum - ok
18:32:24.0422 3828 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:32:24.0454 3828 Serial - ok
18:32:24.0471 3828 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:32:24.0509 3828 sermouse - ok
18:32:24.0541 3828 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:32:24.0586 3828 SessionEnv - ok
18:32:24.0614 3828 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:32:24.0659 3828 sffdisk - ok
18:32:24.0664 3828 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:32:24.0696 3828 sffp_mmc - ok
18:32:24.0700 3828 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:32:24.0734 3828 sffp_sd - ok
18:32:24.0755 3828 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:32:24.0788 3828 sfloppy - ok
18:32:24.0814 3828 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:32:24.0883 3828 SharedAccess - ok
18:32:24.0913 3828 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:32:24.0960 3828 ShellHWDetection - ok
18:32:24.0982 3828 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:32:25.0002 3828 sisagp - ok
18:32:25.0030 3828 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:32:25.0048 3828 SiSRaid2 - ok
18:32:25.0073 3828 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:32:25.0092 3828 SiSRaid4 - ok
18:32:25.0171 3828 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:32:25.0190 3828 SkypeUpdate - ok
18:32:25.0221 3828 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:32:25.0258 3828 Smb - ok
18:32:25.0303 3828 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:32:25.0326 3828 SNMPTRAP - ok
18:32:25.0338 3828 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:32:25.0356 3828 spldr - ok
18:32:25.0397 3828 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:32:25.0481 3828 Spooler - ok
18:32:25.0597 3828 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:32:25.0764 3828 sppsvc - ok
18:32:25.0792 3828 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:32:25.0841 3828 sppuinotify - ok
18:32:25.0883 3828 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:32:25.0961 3828 srv - ok
18:32:25.0997 3828 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:32:26.0040 3828 srv2 - ok
18:32:26.0066 3828 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:32:26.0102 3828 srvnet - ok
18:32:26.0129 3828 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:32:26.0172 3828 SSDPSRV - ok
18:32:26.0190 3828 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:32:26.0282 3828 SstpSvc - ok
18:32:26.0312 3828 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:32:26.0339 3828 stexstor - ok
18:32:26.0375 3828 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:32:26.0444 3828 StiSvc - ok
18:32:26.0468 3828 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:32:26.0500 3828 storflt - ok
18:32:26.0539 3828 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:32:26.0567 3828 storvsc - ok
18:32:26.0606 3828 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:32:26.0648 3828 swenum - ok
18:32:26.0680 3828 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:32:26.0768 3828 swprv - ok
18:32:26.0786 3828 Synth3dVsc - ok
18:32:27.0007 3828 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:32:27.0117 3828 SysMain - ok
18:32:27.0166 3828 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:32:27.0196 3828 TabletInputService - ok
18:32:27.0231 3828 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
18:32:27.0246 3828 taphss - ok
18:32:27.0297 3828 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:32:27.0430 3828 TapiSrv - ok
18:32:27.0476 3828 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:32:27.0567 3828 TBS - ok
18:32:27.0640 3828 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:32:27.0707 3828 Tcpip - ok
18:32:27.0762 3828 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:32:27.0801 3828 TCPIP6 - ok
18:32:27.0833 3828 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:32:27.0889 3828 tcpipreg - ok
18:32:27.0929 3828 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:32:27.0986 3828 TDPIPE - ok
18:32:28.0001 3828 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:32:28.0034 3828 TDTCP - ok
18:32:28.0057 3828 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:32:28.0155 3828 tdx - ok
18:32:28.0188 3828 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:32:28.0208 3828 TermDD - ok
18:32:28.0251 3828 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:32:28.0319 3828 TermService - ok
18:32:28.0358 3828 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:32:28.0398 3828 Themes - ok
18:32:28.0416 3828 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:32:28.0454 3828 THREADORDER - ok
18:32:28.0483 3828 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:32:28.0534 3828 TrkWks - ok
18:32:28.0582 3828 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:32:28.0643 3828 TrustedInstaller - ok
18:32:28.0686 3828 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:32:28.0719 3828 tssecsrv - ok
18:32:28.0766 3828 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:32:28.0859 3828 TsUsbFlt - ok
18:32:28.0864 3828 tsusbhub - ok
18:32:29.0014 3828 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:32:29.0199 3828 tunnel - ok
18:32:29.0313 3828 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:32:29.0363 3828 uagp35 - ok
18:32:29.0379 3828 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:32:29.0426 3828 udfs - ok
18:32:29.0451 3828 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:32:29.0500 3828 UI0Detect - ok
18:32:29.0524 3828 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:32:29.0545 3828 uliagpkx - ok
18:32:29.0583 3828 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:32:29.0621 3828 umbus - ok
18:32:29.0651 3828 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:32:29.0688 3828 UmPass - ok
18:32:29.0734 3828 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:32:29.0775 3828 UmRdpService - ok
18:32:29.0809 3828 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:32:29.0871 3828 upnphost - ok
18:32:29.0915 3828 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:32:29.0938 3828 usbaudio - ok
18:32:29.0964 3828 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:32:29.0996 3828 usbccgp - ok
18:32:30.0041 3828 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:32:30.0077 3828 usbcir - ok
18:32:30.0104 3828 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:32:30.0124 3828 usbehci - ok
18:32:30.0149 3828 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:32:30.0189 3828 usbhub - ok
18:32:30.0217 3828 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:32:30.0241 3828 usbohci - ok
18:32:30.0262 3828 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:32:30.0284 3828 usbprint - ok
18:32:30.0302 3828 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:32:30.0348 3828 USBSTOR - ok
18:32:30.0372 3828 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:32:30.0393 3828 usbuhci - ok
18:32:30.0441 3828 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:32:30.0521 3828 UxSms - ok
18:32:30.0532 3828 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:32:30.0570 3828 VaultSvc - ok
18:32:30.0597 3828 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:32:30.0620 3828 vdrvroot - ok
18:32:30.0656 3828 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:32:30.0719 3828 vds - ok
18:32:30.0750 3828 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:32:30.0784 3828 vga - ok
18:32:30.0799 3828 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:32:30.0833 3828 VgaSave - ok
18:32:30.0838 3828 VGPU - ok
18:32:30.0863 3828 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:32:30.0890 3828 vhdmp - ok
18:32:30.0929 3828 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:32:30.0953 3828 viaagp - ok
18:32:30.0981 3828 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:32:31.0011 3828 ViaC7 - ok
18:32:31.0037 3828 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:32:31.0056 3828 viaide - ok
18:32:31.0085 3828 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:32:31.0112 3828 vmbus - ok
18:32:31.0127 3828 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:32:31.0156 3828 VMBusHID - ok
18:32:31.0174 3828 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:32:31.0194 3828 volmgr - ok
18:32:31.0229 3828 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:32:31.0278 3828 volmgrx - ok
18:32:31.0305 3828 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:32:31.0331 3828 volsnap - ok
18:32:31.0357 3828 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:32:31.0378 3828 vsmraid - ok
18:32:31.0433 3828 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:32:31.0541 3828 VSS - ok
18:32:31.0557 3828 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:32:31.0599 3828 vwifibus - ok
18:32:31.0642 3828 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:32:31.0722 3828 W32Time - ok
18:32:31.0758 3828 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:32:31.0790 3828 WacomPen - ok
18:32:31.0833 3828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:32:31.0868 3828 WANARP - ok
18:32:31.0871 3828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:32:31.0904 3828 Wanarpv6 - ok
18:32:31.0984 3828 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:32:32.0051 3828 WatAdminSvc - ok
18:32:32.0103 3828 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:32:32.0170 3828 wbengine - ok
18:32:32.0207 3828 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:32:32.0276 3828 WbioSrvc - ok
18:32:32.0350 3828 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:32:32.0416 3828 wcncsvc - ok
18:32:32.0446 3828 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:32:32.0498 3828 WcsPlugInService - ok
18:32:32.0522 3828 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:32:32.0541 3828 Wd - ok
18:32:32.0581 3828 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:32:32.0629 3828 Wdf01000 - ok
18:32:32.0647 3828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:32:32.0732 3828 WdiServiceHost - ok
18:32:32.0737 3828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:32:32.0761 3828 WdiSystemHost - ok
18:32:32.0808 3828 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:32:32.0911 3828 WebClient - ok
18:32:32.0939 3828 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:32:33.0023 3828 Wecsvc - ok
18:32:33.0029 3828 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:32:33.0087 3828 wercplsupport - ok
18:32:33.0122 3828 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:32:33.0187 3828 WerSvc - ok
18:32:33.0218 3828 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:32:33.0256 3828 WfpLwf - ok
18:32:33.0281 3828 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:32:33.0300 3828 WIMMount - ok
18:32:33.0378 3828 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:32:33.0443 3828 WinDefend - ok
18:32:33.0449 3828 WinHttpAutoProxySvc - ok
18:32:33.0507 3828 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:32:33.0543 3828 Winmgmt - ok
18:32:33.0595 3828 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:32:33.0708 3828 WinRM - ok
18:32:33.0759 3828 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:32:33.0814 3828 Wlansvc - ok
18:32:34.0079 3828 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:32:34.0241 3828 wlidsvc - ok
18:32:34.0302 3828 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:32:34.0359 3828 WmiAcpi - ok
18:32:34.0413 3828 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:32:34.0510 3828 wmiApSrv - ok
18:32:35.0199 3828 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:32:35.0374 3828 WMPNetworkSvc - ok
18:32:35.0552 3828 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:32:35.0850 3828 WPCSvc - ok
18:32:35.0946 3828 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:32:36.0454 3828 WPDBusEnum - ok
18:32:36.0537 3828 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:32:36.0721 3828 ws2ifsl - ok
18:32:36.0816 3828 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
18:32:36.0896 3828 wscsvc - ok
18:32:36.0902 3828 WSearch - ok
18:32:37.0191 3828 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:32:37.0336 3828 wuauserv - ok
18:32:37.0374 3828 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:32:37.0579 3828 WudfPf - ok
18:32:37.0700 3828 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:32:37.0773 3828 WUDFRd - ok
18:32:37.0827 3828 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:32:37.0888 3828 wudfsvc - ok
18:32:37.0946 3828 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:32:38.0015 3828 WwanSvc - ok
18:32:38.0040 3828 ================ Scan global ===============================
18:32:38.0090 3828 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:32:38.0135 3828 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:32:38.0168 3828 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:32:38.0200 3828 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:32:38.0245 3828 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:32:38.0261 3828 [Global] - ok
18:32:38.0265 3828 ================ Scan MBR ==================================
18:32:38.0273 3828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:32:39.0205 3828 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:32:39.0205 3828 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:32:39.0206 3828 ================ Scan VBR ==================================
18:32:39.0213 3828 [ FEFCB4DB6F76742332800E5274AEC4AC ] \Device\Harddisk0\DR0\Partition1
18:32:39.0222 3828 \Device\Harddisk0\DR0\Partition1 - ok
18:32:39.0253 3828 [ DBA5F9AE89926F583E8503A634FEE870 ] \Device\Harddisk0\DR0\Partition2
18:32:39.0269 3828 \Device\Harddisk0\DR0\Partition2 - ok
18:32:39.0272 3828 ============================================================
18:32:39.0273 3828 Scan finished
18:32:39.0273 3828 ============================================================
18:32:39.0277 3292 Detected object count: 3
18:32:39.0277 3292 Actual detected object count: 3
18:34:32.0621 3292 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:32.0621 3292 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:32.0622 3292 MpKsl3a503ada ( ForgedFile.Multi.Generic ) - skipped by user
18:34:32.0622 3292 MpKsl3a503ada ( ForgedFile.Multi.Generic ) - User select action: Skip
18:34:32.0623 3292 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:34:32.0623 3292 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Hijack this Log
Quote:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:41:34 PM, on 10/30/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\CMMON32.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Connect Communications
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{291B33CA-EBA8-4FFE-95B7-F0A9E762912B}: NameServer = 10.101.10.5 10.101.10.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{291B33CA-EBA8-4FFE-95B7-F0A9E762912B}: NameServer = 10.101.10.5 10.101.10.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{291B33CA-EBA8-4FFE-95B7-F0A9E762912B}: NameServer = 10.101.10.5 10.101.10.10
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5215 bytes
AswMBR Log
Quote:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-30 06:00:42
-----------------------------
06:00:42.098 OS Version: Windows 6.1.7601 Service Pack 1
06:00:42.098 Number of processors: 2 586 0x403
06:00:42.101 ComputerName: ITSMEBILAL95-PC UserName: itsmebilal95
06:00:52.102 Initialize success
06:01:09.180 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
06:01:09.184 Disk 0 Vendor: WDC_WD400BD-75JMA0 05.01C05 Size: 38146MB BusType: 3
06:01:09.205 Disk 0 MBR read successfully
06:01:09.208 Disk 0 MBR scan
06:01:09.212 Disk 0 Windows 7 default MBR code
06:01:09.219 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 18998 MB offset 63
06:01:09.224 Disk 0 Partition - 00 0F Extended LBA 19139 MB offset 38909430
06:01:09.245 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 19139 MB offset 38909493
06:01:09.254 Disk 0 scanning sectors +78108030
06:01:09.311 Disk 0 scanning C:\Windows\system32\drivers
06:01:17.618 Service scanning
06:01:29.771 Service MpKsl0fb89da5 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04F77673-3788-441F-8DB0-CC5EC4D3DD29}\MpKsl0fb89da5.sys **LOCKED** 32
06:01:46.973 Modules scanning
06:02:01.765 Disk 0 trace - called modules:
06:02:01.804 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
06:02:01.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85546358]
06:02:01.821 3 CLASSPNP.SYS[875a959e] -> nt!IofCallDriver -> [0x8546d790]
06:02:01.829 5 ACPI.sys[837a53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0x8547a908]
06:02:01.837 Scan finished successfully
06:02:26.274 Disk 0 MBR has been saved successfully to "C:\Users\itsmebilal95\Desktop\MBR.dat"
06:02:26.291 The log file has been saved successfully to "C:\Users\itsmebilal95\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-30 18:43:11
-----------------------------
18:43:11.588 OS Version: Windows 6.1.7601 Service Pack 1
18:43:11.588 Number of processors: 2 586 0x403
18:43:11.592 ComputerName: ITSMEBILAL95-PC UserName: itsmebilal95
18:43:12.911 Initialize success
18:43:19.348 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
18:43:19.351 Disk 0 Vendor: WDC_WD400BD-75JMA0 05.01C05 Size: 38146MB BusType: 3
18:43:19.376 Disk 0 MBR read successfully
18:43:19.380 Disk 0 MBR scan
18:43:19.384 Disk 0 Windows 7 default MBR code
18:43:19.392 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 18998 MB offset 63
18:43:19.397 Disk 0 Partition - 00 0F Extended LBA 19139 MB offset 38909430
18:43:19.416 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 19139 MB offset 38909493
18:43:19.427 Disk 0 scanning sectors +78108030
18:43:19.482 Disk 0 scanning C:\Windows\system32\drivers
18:43:26.332 Service scanning
18:44:05.208 Modules scanning
18:44:24.369 Disk 0 trace - called modules:
18:44:24.400 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
18:44:24.422 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f40648]
18:44:24.430 3 CLASSPNP.SYS[86fc959e] -> nt!IofCallDriver -> [0x84e7a328]
18:44:24.439 5 ACPI.sys[86c8c3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0x84e74908]
18:44:24.448 Scan finished successfully
18:44:38.749 Disk 0 MBR has been saved successfully to "C:\Users\itsmebilal95\Desktop\MBR.dat"
18:44:38.756 The log file has been saved successfully to "C:\Users\itsmebilal95\Desktop\aswMBR.txt"

Plz Tell Me What Should i do ?

My System SpecsSystem Spec

30 Oct 2012   #2

Windows 7 Ultimate 32bit SP1
7,012 posts
 
 
You're showing an infection. What anti-virus did you scan with? Was the result possibly a ZACCESS/SIREFEF Rootkit?
My System SpecsSystem Spec
Reply

 Need Help problems?



« Disable or Reset Access Control | Help needed: Installing certificate for IPsec VPN »
Thread Tools




All times are GMT -5. The time now is 12:22 PM.

Contact Us - Windows 8 Support - Windows Vista Support - Legal - Privacy and cookies - Top

Seven Forums Android App Seven Forums IOS App Follow us on Facebook

Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32