Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google hijacking, some websites wont load

Started by Lorreign , Mar 26 2012 12:45 AM

  • Please log in to reply
27 replies to this topic

#1 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 26 March 2012 - 12:45 AM

So the other day I get on the computer and Microsoft Security Essentials says that there are some things it could not remove and to download this other program (from Microsoft) to finish the job. So I did that and it said it was all cleaned. So I restart it again and run a quick scan just to be sure and I get the same thing over again. Every time I run a quick scan, it keeps saying it removed trojans and exploits and backdoors. The same ones are either coming back or not there or were never there.

Performance wise, the only thing it's causing problems with is web browsing (so far, I know these things can get worse). If you go to search in google, sometimes:

the search won't load at all
you can click one of the results and it will take you to another search engine instead
you can click on one of the results and it takes you to a "404 Not Found | nginx" page

And some addresses you can type in and it immediately says 'server not found' while it works on another computer. It seems to only do it in firefox because it will work in Chrome.

When I run malwarebytes, it gives me a list of things (things I swear I clicked remove before) but one of the files it shows infected is a system32 file (sytem32/grpconv.exe) and I wasn't sure if I should remove that one.

Also, if you tell me to run combofix, before you do so can you advise me on the fact that even though I know without a doubt that both norton and microsoft have realtime protection disabled (because I was going to attempt to run it, I've done this before. Saved my moms old computer from nasty viruses about 5 times), combofix would tell me that they were both still very active. So I didn't run it because I didn't want anything really bad to happen.

Could it be a rootkit? I'm at the end of my wits here. Help!

windows 7 64bit OS

Edited by Lorreign, 26 March 2012 - 12:45 AM.

 

  • BC Ads
  • BleepingComputer.com

#2 TheForgottenGod

TheForgottenGod

    Member

  • Members
  • PipPip
  • 39 posts
  • Gender:Male

Posted 26 March 2012 - 02:00 AM

My friend has same issue I used tdsskiller and hitman pro (Malwarebytes in safe mode) I belive it is a rootkit

#3 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 26 March 2012 - 03:57 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 26 March 2012 - 03:58 AM.

#4 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 09:59 AM

TDSSKiller log:

10:51:33.0954 2228 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
10:51:34.0266 2228 ============================================================
10:51:34.0266 2228 Current date / time: 2012/03/27 10:51:34.0266
10:51:34.0266 2228 SystemInfo:
10:51:34.0266 2228
10:51:34.0266 2228 OS Version: 6.1.7600 ServicePack: 0.0
10:51:34.0266 2228 Product type: Workstation
10:51:34.0266 2228 ComputerName: MICHELLE-PC
10:51:34.0500 2228 UserName: Michelle
10:51:34.0500 2228 Windows directory: C:\Windows
10:51:34.0500 2228 System windows directory: C:\Windows
10:51:34.0500 2228 Running under WOW64
10:51:34.0500 2228 Processor architecture: Intel x64
10:51:34.0500 2228 Number of processors: 1
10:51:34.0500 2228 Page size: 0x1000
10:51:34.0500 2228 Boot type: Normal boot
10:51:34.0500 2228 ============================================================
10:51:36.0887 2228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
10:51:36.0887 2228 \Device\Harddisk0\DR0:
10:51:36.0887 2228 MBR used
10:51:36.0887 2228 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:51:36.0887 2228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38E09800
10:51:36.0887 2228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38E3C000, BlocksNum 0x1549800
10:51:36.0996 2228 Initialize success
10:51:36.0996 2228 ============================================================
10:51:53.0111 4924 ============================================================
10:51:53.0111 4924 Scan started
10:51:53.0111 4924 Mode: Manual; TDLFS;
10:51:53.0111 4924 ============================================================
10:51:59.0179 4924 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
10:51:59.0226 4924 1394ohci - ok
10:51:59.0335 4924 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:51:59.0335 4924 ACPI - ok
10:51:59.0413 4924 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:51:59.0429 4924 AcpiPmi - ok
10:51:59.0819 4924 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:51:59.0834 4924 adp94xx - ok
10:52:00.0021 4924 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:52:00.0053 4924 adpahci - ok
10:52:00.0224 4924 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:52:00.0240 4924 adpu320 - ok
10:52:00.0365 4924 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:52:00.0380 4924 AeLookupSvc - ok
10:52:00.0536 4924 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
10:52:00.0552 4924 AFD - ok
10:52:00.0645 4924 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:52:00.0645 4924 agp440 - ok
10:52:00.0723 4924 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:52:00.0739 4924 ALG - ok
10:52:00.0911 4924 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:52:00.0942 4924 aliide - ok
10:52:01.0082 4924 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:52:01.0098 4924 amdide - ok
10:52:01.0191 4924 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:52:01.0191 4924 AmdK8 - ok
10:52:01.0269 4924 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:52:01.0269 4924 AmdPPM - ok
10:52:01.0394 4924 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:52:01.0410 4924 amdsata - ok
10:52:01.0550 4924 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:52:01.0566 4924 amdsbs - ok
10:52:01.0613 4924 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:52:01.0628 4924 amdxata - ok
10:52:01.0769 4924 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:52:01.0784 4924 AppID - ok
10:52:01.0831 4924 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:52:01.0831 4924 AppIDSvc - ok
10:52:01.0893 4924 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
10:52:01.0893 4924 Appinfo - ok
10:52:02.0003 4924 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:52:02.0003 4924 Apple Mobile Device - ok
10:52:02.0081 4924 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:52:02.0112 4924 arc - ok
10:52:02.0205 4924 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:52:02.0205 4924 arcsas - ok
10:52:02.0361 4924 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:52:02.0361 4924 AsyncMac - ok
10:52:02.0424 4924 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:52:02.0424 4924 atapi - ok
10:52:02.0486 4924 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:52:02.0502 4924 AudioEndpointBuilder - ok
10:52:02.0517 4924 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:52:02.0533 4924 AudioSrv - ok
10:52:02.0673 4924 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
10:52:02.0720 4924 AxInstSV - ok
10:52:02.0876 4924 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:52:02.0939 4924 b06bdrv - ok
10:52:03.0110 4924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:52:03.0126 4924 b57nd60a - ok
10:52:03.0485 4924 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:52:03.0485 4924 BDESVC - ok
10:52:03.0531 4924 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:52:03.0547 4924 Beep - ok
10:52:03.0797 4924 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
10:52:03.0812 4924 BFE - ok
10:52:04.0592 4924 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:52:04.0670 4924 BHDrvx64 - ok
10:52:04.0904 4924 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
10:52:04.0935 4924 BITS - ok
10:52:05.0310 4924 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:52:05.0341 4924 blbdrive - ok
10:52:05.0653 4924 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:52:05.0653 4924 Bonjour Service - ok
10:52:05.0840 4924 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:52:05.0856 4924 bowser - ok
10:52:05.0903 4924 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:52:05.0934 4924 BrFiltLo - ok
10:52:05.0965 4924 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:52:05.0965 4924 BrFiltUp - ok
10:52:06.0012 4924 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
10:52:06.0012 4924 Browser - ok
10:52:06.0168 4924 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:52:06.0199 4924 Brserid - ok
10:52:06.0371 4924 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:52:06.0371 4924 BrSerWdm - ok
10:52:06.0495 4924 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:52:06.0558 4924 BrUsbMdm - ok
10:52:06.0636 4924 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:52:06.0714 4924 BrUsbSer - ok
10:52:06.0854 4924 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:52:06.0885 4924 BthEnum - ok
10:52:06.0948 4924 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:52:06.0963 4924 BTHMODEM - ok
10:52:07.0088 4924 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:52:07.0135 4924 BthPan - ok
10:52:07.0307 4924 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
10:52:07.0369 4924 BTHPORT - ok
10:52:11.0472 4924 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:52:11.0519 4924 bthserv - ok
10:52:13.0094 4924 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
10:52:13.0141 4924 BTHUSB - ok
10:52:13.0422 4924 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
10:52:13.0422 4924 btusbflt - ok
10:52:13.0703 4924 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
10:52:13.0703 4924 btwaudio - ok
10:52:14.0015 4924 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
10:52:14.0046 4924 btwavdt - ok
10:52:14.0405 4924 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:52:14.0420 4924 btwdins - ok
10:52:14.0795 4924 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:52:14.0810 4924 btwl2cap - ok
10:52:15.0075 4924 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
10:52:15.0122 4924 btwrchid - ok
10:52:15.0434 4924 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:52:15.0434 4924 cdfs - ok
10:52:15.0575 4924 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:52:15.0575 4924 cdrom - ok
10:52:15.0746 4924 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:52:15.0746 4924 CertPropSvc - ok
10:52:16.0043 4924 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:52:16.0058 4924 circlass - ok
10:52:16.0167 4924 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:52:16.0230 4924 CLFS - ok
10:52:16.0401 4924 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:52:16.0433 4924 clr_optimization_v2.0.50727_32 - ok
10:52:16.0589 4924 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:52:16.0589 4924 clr_optimization_v2.0.50727_64 - ok
10:52:16.0745 4924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:52:16.0745 4924 clr_optimization_v4.0.30319_32 - ok
10:52:16.0791 4924 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:52:16.0791 4924 clr_optimization_v4.0.30319_64 - ok
10:52:16.0947 4924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:52:16.0963 4924 CmBatt - ok
10:52:17.0010 4924 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:52:17.0010 4924 cmdide - ok
10:52:17.0119 4924 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
10:52:17.0135 4924 CNG - ok
10:52:17.0166 4924 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:52:17.0166 4924 Compbatt - ok
10:52:17.0228 4924 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:52:17.0228 4924 CompositeBus - ok
10:52:17.0259 4924 COMSysApp - ok
10:52:17.0337 4924 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:52:17.0337 4924 crcdisk - ok
10:52:17.0447 4924 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
10:52:17.0447 4924 CryptSvc - ok
10:52:17.0743 4924 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:52:17.0759 4924 cvhsvc - ok
10:52:17.0868 4924 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:52:17.0883 4924 DcomLaunch - ok
10:52:18.0086 4924 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:52:18.0102 4924 defragsvc - ok
10:52:18.0273 4924 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:52:18.0320 4924 DfsC - ok
10:52:18.0445 4924 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
10:52:18.0461 4924 Dhcp - ok
10:52:18.0585 4924 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:52:18.0585 4924 discache - ok
10:52:18.0726 4924 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:52:18.0726 4924 Disk - ok
10:52:18.0819 4924 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
10:52:18.0819 4924 Dnscache - ok
10:52:18.0991 4924 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
10:52:18.0991 4924 dot3svc - ok
10:52:19.0038 4924 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
10:52:19.0053 4924 DPS - ok
10:52:19.0225 4924 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:52:19.0225 4924 drmkaud - ok
10:52:19.0287 4924 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:52:19.0303 4924 DXGKrnl - ok
10:52:19.0397 4924 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:52:19.0412 4924 EapHost - ok
10:52:19.0599 4924 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:52:19.0662 4924 ebdrv - ok
10:52:19.0787 4924 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:52:19.0802 4924 eeCtrl - ok
10:52:19.0880 4924 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
10:52:19.0880 4924 EFS - ok
10:52:19.0958 4924 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
10:52:19.0974 4924 ehRecvr - ok
10:52:20.0005 4924 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:52:20.0005 4924 ehSched - ok
10:52:20.0083 4924 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:52:20.0099 4924 elxstor - ok
10:52:20.0239 4924 EraserUtilDrv11122 (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys
10:52:20.0239 4924 EraserUtilDrv11122 - ok
10:52:20.0364 4924 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:52:20.0364 4924 ErrDev - ok
10:52:20.0473 4924 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:52:20.0489 4924 EventSystem - ok
10:52:20.0535 4924 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:52:20.0567 4924 exfat - ok
10:52:20.0613 4924 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:52:20.0613 4924 fastfat - ok
10:52:20.0801 4924 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
10:52:20.0816 4924 Fax - ok
10:52:20.0941 4924 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:52:20.0941 4924 fdc - ok
10:52:21.0487 4924 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:52:21.0503 4924 fdPHost - ok
10:52:21.0565 4924 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:52:21.0596 4924 FDResPub - ok
10:52:21.0674 4924 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:52:21.0690 4924 FileInfo - ok
10:52:21.0752 4924 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:52:21.0783 4924 Filetrace - ok
10:52:21.0877 4924 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:52:21.0908 4924 flpydisk - ok
10:52:22.0033 4924 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:52:22.0049 4924 FltMgr - ok
10:52:22.0158 4924 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
10:52:22.0205 4924 FontCache - ok
10:52:22.0314 4924 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:52:22.0314 4924 FontCache3.0.0.0 - ok
10:52:22.0392 4924 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:52:22.0392 4924 FsDepends - ok
10:52:22.0423 4924 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:52:22.0423 4924 Fs_Rec - ok
10:52:22.0501 4924 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:52:22.0501 4924 fvevol - ok
10:52:22.0532 4924 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:52:22.0532 4924 gagp30kx - ok
10:52:22.0610 4924 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:52:22.0626 4924 GameConsoleService - ok
10:52:22.0704 4924 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:52:22.0719 4924 GEARAspiWDM - ok
10:52:22.0766 4924 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
10:52:22.0782 4924 gpsvc - ok
10:52:22.0907 4924 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:52:22.0938 4924 gusvc - ok
10:52:22.0985 4924 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:52:22.0985 4924 hcw85cir - ok
10:52:23.0047 4924 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:52:23.0047 4924 HDAudBus - ok
10:52:23.0078 4924 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:52:23.0094 4924 HidBatt - ok
10:52:23.0125 4924 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:52:23.0125 4924 HidBth - ok
10:52:23.0141 4924 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:52:23.0156 4924 HidIr - ok
10:52:23.0203 4924 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:52:23.0203 4924 hidserv - ok
10:52:23.0297 4924 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:52:23.0297 4924 HidUsb - ok
10:52:23.0328 4924 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
10:52:23.0328 4924 hkmsvc - ok
10:52:23.0359 4924 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
10:52:23.0375 4924 HomeGroupListener - ok
10:52:23.0406 4924 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
10:52:23.0406 4924 HomeGroupProvider - ok
10:52:23.0499 4924 HP Health Check Service - ok
10:52:23.0515 4924 hpqwmiex - ok
10:52:23.0624 4924 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:52:23.0624 4924 HpSAMD - ok
10:52:23.0671 4924 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:52:23.0687 4924 HTTP - ok
10:52:23.0718 4924 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:52:23.0718 4924 hwpolicy - ok
10:52:23.0811 4924 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:52:23.0811 4924 i8042prt - ok
10:52:23.0905 4924 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:52:23.0921 4924 iaStorV - ok
10:52:24.0092 4924 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:52:24.0123 4924 idsvc - ok
10:52:24.0357 4924 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120323.002\IDSvia64.sys
10:52:24.0373 4924 IDSVia64 - ok
10:52:24.0498 4924 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:52:24.0513 4924 iirsp - ok
10:52:24.0560 4924 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
10:52:24.0576 4924 IKEEXT - ok
10:52:24.0888 4924 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
10:52:24.0935 4924 IntcAzAudAddService - ok
10:52:25.0013 4924 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
10:52:25.0013 4924 intelide - ok
10:52:25.0106 4924 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:52:25.0122 4924 intelppm - ok
10:52:25.0231 4924 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
10:52:25.0231 4924 IntuitUpdateService - ok
10:52:25.0387 4924 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:52:25.0387 4924 IntuitUpdateServiceV4 - ok
10:52:25.0449 4924 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:52:25.0449 4924 IPBusEnum - ok
10:52:25.0496 4924 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:52:25.0512 4924 IpFilterDriver - ok
10:52:25.0574 4924 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
10:52:25.0590 4924 iphlpsvc - ok
10:52:25.0652 4924 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:52:25.0652 4924 IPMIDRV - ok
10:52:25.0699 4924 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:52:25.0699 4924 IPNAT - ok
10:52:25.0761 4924 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
10:52:25.0777 4924 iPod Service - ok
10:52:25.0871 4924 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:52:25.0871 4924 IRENUM - ok
10:52:25.0902 4924 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
10:52:25.0902 4924 isapnp - ok
10:52:25.0949 4924 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
10:52:25.0949 4924 iScsiPrt - ok
10:52:26.0042 4924 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:52:26.0042 4924 kbdclass - ok
10:52:26.0136 4924 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:52:26.0136 4924 kbdhid - ok
10:52:26.0183 4924 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
10:52:26.0183 4924 KeyIso - ok
10:52:26.0229 4924 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
10:52:26.0229 4924 KSecDD - ok
10:52:26.0432 4924 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
10:52:26.0432 4924 KSecPkg - ok
10:52:26.0885 4924 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:52:26.0900 4924 ksthunk - ok
10:52:27.0025 4924 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:52:27.0025 4924 KtmRm - ok
10:52:27.0119 4924 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
10:52:27.0119 4924 LanmanServer - ok
10:52:27.0165 4924 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
10:52:27.0165 4924 LanmanWorkstation - ok
10:52:27.0259 4924 LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:52:27.0259 4924 LightScribeService - ok
10:52:27.0368 4924 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:52:27.0384 4924 lltdio - ok
10:52:27.0431 4924 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:52:27.0462 4924 lltdsvc - ok
10:52:27.0540 4924 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:52:27.0540 4924 lmhosts - ok
10:52:27.0602 4924 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:52:27.0618 4924 LSI_FC - ok
10:52:27.0649 4924 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:52:27.0649 4924 LSI_SAS - ok
10:52:27.0680 4924 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:52:27.0696 4924 LSI_SAS2 - ok
10:52:27.0743 4924 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:52:27.0743 4924 LSI_SCSI - ok
10:52:27.0930 4924 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:52:27.0930 4924 luafv - ok
10:52:28.0023 4924 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
10:52:28.0039 4924 Mcx2Svc - ok
10:52:28.0117 4924 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:52:28.0133 4924 megasas - ok
10:52:28.0179 4924 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:52:28.0195 4924 MegaSR - ok
10:52:28.0257 4924 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:52:28.0273 4924 MMCSS - ok
10:52:28.0507 4924 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:52:28.0523 4924 Modem - ok
10:52:28.0632 4924 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:52:28.0632 4924 monitor - ok
10:52:28.0757 4924 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:52:28.0757 4924 mouclass - ok
10:52:28.0944 4924 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:52:28.0944 4924 mouhid - ok
10:52:29.0037 4924 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:52:29.0037 4924 mountmgr - ok
10:52:29.0115 4924 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:52:29.0131 4924 MpFilter - ok
10:52:29.0209 4924 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
10:52:29.0209 4924 mpio - ok
10:52:29.0349 4924 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:52:29.0365 4924 MpNWMon - ok
10:52:29.0412 4924 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:52:29.0427 4924 mpsdrv - ok
10:52:29.0521 4924 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
10:52:29.0521 4924 MpsSvc - ok
10:52:29.0583 4924 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:52:29.0583 4924 MRxDAV - ok
10:52:29.0661 4924 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:52:29.0677 4924 mrxsmb - ok
10:52:29.0771 4924 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:52:29.0802 4924 mrxsmb10 - ok
10:52:29.0849 4924 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:52:29.0849 4924 mrxsmb20 - ok
10:52:29.0911 4924 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
10:52:29.0911 4924 msahci - ok
10:52:29.0958 4924 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
10:52:29.0973 4924 msdsm - ok
10:52:30.0020 4924 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:52:30.0020 4924 MSDTC - ok
10:52:30.0083 4924 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:52:30.0098 4924 Msfs - ok
10:52:30.0207 4924 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:52:30.0207 4924 mshidkmdf - ok
10:52:30.0332 4924 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
10:52:30.0332 4924 msisadrv - ok
10:52:30.0816 4924 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:52:30.0925 4924 MSiSCSI - ok
10:52:31.0689 4924 msiserver - ok
10:52:32.0173 4924 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:52:32.0189 4924 MSKSSRV - ok
10:52:32.0703 4924 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:52:32.0703 4924 MsMpSvc - ok
10:52:33.0218 4924 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:52:33.0234 4924 MSPCLOCK - ok
10:52:33.0905 4924 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:52:33.0920 4924 MSPQM - ok
10:52:34.0965 4924 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:52:35.0090 4924 MsRPC - ok
10:52:36.0213 4924 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:52:36.0213 4924 mssmbios - ok
10:52:39.0770 4924 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:52:39.0801 4924 MSTEE - ok
10:52:40.0316 4924 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:52:40.0332 4924 MTConfig - ok
10:52:41.0658 4924 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:52:41.0751 4924 Mup - ok
10:52:42.0859 4924 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
10:52:42.0890 4924 napagent - ok
10:52:44.0247 4924 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:52:44.0263 4924 NativeWifiP - ok
10:52:44.0778 4924 NAV (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe
10:52:44.0809 4924 NAV - ok
10:52:45.0651 4924 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120324.019\ENG64.SYS
10:52:45.0667 4924 NAVENG - ok
10:52:48.0501 4924 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120324.019\EX64.SYS
10:52:48.0588 4924 NAVEX15 - ok
10:52:50.0905 4924 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:52:50.0931 4924 NDIS - ok
10:52:51.0092 4924 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:52:51.0300 4924 NdisCap - ok
10:52:51.0487 4924 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:52:51.0505 4924 NdisTapi - ok
10:52:51.0991 4924 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:52:52.0002 4924 Ndisuio - ok
10:52:52.0682 4924 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:52:52.0716 4924 NdisWan - ok
10:52:53.0806 4924 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:52:53.0820 4924 NDProxy - ok
10:52:54.0914 4924 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:52:54.0914 4924 NetBIOS - ok
10:52:55.0007 4924 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:52:55.0007 4924 NetBT - ok
10:52:55.0163 4924 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
10:52:55.0163 4924 Netlogon - ok
10:52:56.0052 4924 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:52:56.0146 4924 Netman - ok
10:52:56.0832 4924 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:52:56.0864 4924 netprofm - ok
10:52:57.0675 4924 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys
10:52:57.0737 4924 netr28ux - ok
10:52:58.0626 4924 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:52:58.0626 4924 NetTcpPortSharing - ok
10:52:59.0796 4924 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:52:59.0796 4924 nfrd960 - ok
10:52:59.0935 4924 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:52:59.0967 4924 NisDrv - ok
10:53:00.0221 4924 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:53:00.0259 4924 NisSrv - ok
10:53:00.0505 4924 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
10:53:00.0520 4924 NlaSvc - ok
10:53:00.0692 4924 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:53:00.0723 4924 Npfs - ok
10:53:01.0160 4924 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:53:01.0191 4924 nsi - ok
10:53:01.0551 4924 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:53:01.0582 4924 nsiproxy - ok
10:53:01.0972 4924 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
10:53:02.0034 4924 Ntfs - ok
10:53:02.0253 4924 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:53:02.0284 4924 Null - ok
10:53:03.0002 4924 nvlddmkm (c967514483fa30a0a352e70bb6414d1d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:53:09.0257 4924 nvlddmkm - ok
10:53:09.0772 4924 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
10:53:09.0834 4924 NVNET - ok
10:53:09.0975 4924 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
10:53:10.0006 4924 nvraid - ok
10:53:10.0037 4924 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
10:53:10.0053 4924 nvstor - ok
10:53:10.0084 4924 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
10:53:10.0084 4924 nvstor64 - ok
10:53:10.0162 4924 nvsvc (e26706a65d97ef9188b1d7bfa23c96c2) C:\Windows\system32\nvvsvc.exe
10:53:10.0193 4924 nvsvc - ok
10:53:10.0224 4924 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
10:53:10.0240 4924 nv_agp - ok
10:53:10.0271 4924 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
10:53:10.0271 4924 ohci1394 - ok
10:53:10.0349 4924 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:10.0365 4924 ose - ok
10:53:10.0536 4924 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:53:10.0661 4924 osppsvc - ok
10:53:10.0848 4924 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:53:10.0848 4924 p2pimsvc - ok
10:53:11.0020 4924 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:53:11.0020 4924 p2psvc - ok
10:53:11.0145 4924 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:53:11.0145 4924 Parport - ok
10:53:11.0176 4924 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:53:11.0192 4924 partmgr - ok
10:53:11.0348 4924 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
10:53:11.0379 4924 pbfilter - ok
10:53:11.0441 4924 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:53:11.0457 4924 PcaSvc - ok
10:53:11.0504 4924 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
10:53:11.0519 4924 pci - ok
10:53:11.0550 4924 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
10:53:11.0550 4924 pciide - ok
10:53:11.0613 4924 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:53:11.0628 4924 pcmcia - ok
10:53:11.0675 4924 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:53:11.0691 4924 pcw - ok
10:53:11.0753 4924 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:53:11.0769 4924 PEAUTH - ok
10:53:11.0847 4924 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:53:11.0847 4924 PerfHost - ok
10:53:11.0956 4924 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
10:53:11.0987 4924 pla - ok
10:53:12.0050 4924 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
10:53:12.0096 4924 PlugPlay - ok
10:53:12.0159 4924 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:53:12.0159 4924 PNRPAutoReg - ok
10:53:12.0190 4924 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:53:12.0190 4924 PNRPsvc - ok
10:53:12.0237 4924 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
10:53:12.0268 4924 PolicyAgent - ok
10:53:12.0330 4924 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:53:12.0330 4924 Power - ok
10:53:12.0408 4924 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:53:12.0408 4924 PptpMiniport - ok
10:53:12.0440 4924 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:53:12.0440 4924 Processor - ok
10:53:12.0486 4924 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
10:53:12.0502 4924 ProfSvc - ok
10:53:12.0549 4924 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
10:53:12.0549 4924 ProtectedStorage - ok
10:53:12.0611 4924 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:53:12.0611 4924 Psched - ok
10:53:12.0767 4924 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:53:12.0830 4924 ql2300 - ok
10:53:12.0876 4924 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:53:12.0876 4924 ql40xx - ok
10:53:12.0908 4924 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:53:12.0923 4924 QWAVE - ok
10:53:12.0954 4924 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:53:12.0954 4924 QWAVEdrv - ok
10:53:12.0970 4924 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:53:12.0986 4924 RasAcd - ok
10:53:13.0048 4924 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:13.0048 4924 RasAgileVpn - ok
10:53:13.0079 4924 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:53:13.0095 4924 RasAuto - ok
10:53:13.0126 4924 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:13.0126 4924 Rasl2tp - ok
10:53:13.0188 4924 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
10:53:13.0188 4924 RasMan - ok
10:53:13.0266 4924 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:13.0266 4924 RasPppoe - ok
10:53:13.0298 4924 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:53:13.0298 4924 RasSstp - ok
10:53:13.0329 4924 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:53:13.0329 4924 rdbss - ok
10:53:13.0360 4924 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:53:13.0360 4924 rdpbus - ok
10:53:13.0391 4924 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:13.0391 4924 RDPCDD - ok
10:53:13.0485 4924 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:53:13.0485 4924 RDPENCDD - ok
10:53:13.0516 4924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:53:13.0516 4924 RDPREFMP - ok
10:53:13.0563 4924 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
10:53:13.0578 4924 RDPWD - ok
10:53:13.0656 4924 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
10:53:13.0672 4924 rdyboost - ok
10:53:13.0719 4924 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:53:13.0719 4924 RemoteAccess - ok
10:53:13.0766 4924 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:53:13.0781 4924 RemoteRegistry - ok
10:53:13.0859 4924 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:53:13.0890 4924 RFCOMM - ok
10:53:13.0968 4924 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:53:13.0968 4924 RpcEptMapper - ok
10:53:14.0000 4924 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:53:14.0000 4924 RpcLocator - ok
10:53:14.0062 4924 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:53:14.0062 4924 RpcSs - ok
10:53:14.0312 4924 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:53:14.0343 4924 rspndr - ok
10:53:14.0655 4924 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys
10:53:14.0670 4924 RTL8192su - ok
10:53:14.0733 4924 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
10:53:14.0733 4924 SamSs - ok
10:53:14.0795 4924 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
10:53:14.0795 4924 sbp2port - ok
10:53:15.0778 4924 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:53:15.0794 4924 SCardSvr - ok
10:53:16.0012 4924 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:53:16.0012 4924 scfilter - ok
10:53:16.0215 4924 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
10:53:16.0262 4924 Schedule - ok
10:53:16.0324 4924 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:53:16.0324 4924 SCPolicySvc - ok
10:53:16.0386 4924 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
10:53:16.0402 4924 SDRSVC - ok
10:53:16.0480 4924 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:53:16.0480 4924 secdrv - ok
10:53:16.0605 4924 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
10:53:16.0683 4924 seclogon - ok
10:53:16.0792 4924 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:53:16.0792 4924 SENS - ok
10:53:16.0886 4924 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:53:16.0917 4924 SensrSvc - ok
10:53:17.0010 4924 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:53:17.0010 4924 Serenum - ok
10:53:17.0057 4924 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:53:17.0057 4924 Serial - ok
10:53:17.0104 4924 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:53:17.0120 4924 sermouse - ok
10:53:17.0198 4924 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
10:53:17.0198 4924 SessionEnv - ok
10:53:17.0229 4924 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
10:53:17.0244 4924 sffdisk - ok
10:53:17.0432 4924 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:53:17.0432 4924 sffp_mmc - ok
10:53:17.0884 4924 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:53:17.0884 4924 sffp_sd - ok
10:53:17.0931 4924 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:53:17.0931 4924 sfloppy - ok
10:53:19.0241 4924 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:53:19.0288 4924 Sftfs - ok
10:53:19.0584 4924 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:53:19.0600 4924 sftlist - ok
10:53:20.0333 4924 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:53:20.0349 4924 Sftplay - ok
10:53:20.0396 4924 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:53:20.0411 4924 Sftredir - ok
10:53:20.0520 4924 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:53:20.0598 4924 Sftvol - ok
10:53:20.0801 4924 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:53:20.0817 4924 sftvsa - ok
10:53:20.0942 4924 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:53:20.0942 4924 SharedAccess - ok
10:53:21.0144 4924 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
10:53:21.0160 4924 ShellHWDetection - ok
10:53:21.0472 4924 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:53:21.0488 4924 SiSRaid2 - ok
10:53:21.0628 4924 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:53:21.0659 4924 SiSRaid4 - ok
10:53:21.0924 4924 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:53:21.0940 4924 Smb - ok
10:53:22.0268 4924 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:53:22.0283 4924 SNMPTRAP - ok
10:53:22.0720 4924 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:53:22.0736 4924 spldr - ok
10:53:23.0094 4924 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
10:53:23.0126 4924 Spooler - ok
10:53:23.0906 4924 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
10:53:23.0984 4924 sppsvc - ok
10:53:24.0202 4924 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:53:24.0202 4924 sppuinotify - ok
10:53:24.0545 4924 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS
10:53:24.0576 4924 SRTSP - ok
10:53:25.0029 4924 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS
10:53:25.0044 4924 SRTSPX - ok
10:53:25.0372 4924 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:53:25.0466 4924 srv - ok
10:53:25.0965 4924 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:53:26.0058 4924 srv2 - ok
10:53:26.0199 4924 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:53:26.0214 4924 srvnet - ok
10:53:26.0386 4924 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:53:26.0402 4924 SSDPSRV - ok
10:53:26.0480 4924 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:53:26.0526 4924 SstpSvc - ok
10:53:26.0698 4924 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:53:26.0729 4924 stexstor - ok
10:53:26.0838 4924 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
10:53:26.0870 4924 stisvc - ok
10:53:27.0119 4924 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:53:27.0119 4924 swenum - ok
10:53:27.0182 4924 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:53:27.0197 4924 swprv - ok
10:53:27.0369 4924 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS
10:53:27.0384 4924 SymDS - ok
10:53:27.0431 4924 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS
10:53:27.0431 4924 SymEFA - ok
10:53:27.0494 4924 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:53:27.0494 4924 SymEvent - ok
10:53:27.0525 4924 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS
10:53:27.0540 4924 SymIRON - ok
10:53:27.0650 4924 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS
10:53:27.0665 4924 SymNetS - ok
10:53:27.0728 4924 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
10:53:28.0055 4924 SysMain - ok
10:53:28.0305 4924 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
10:53:28.0305 4924 TabletInputService - ok
10:53:28.0352 4924 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
10:53:28.0352 4924 TapiSrv - ok
10:53:28.0383 4924 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:53:28.0383 4924 TBS - ok
10:53:28.0710 4924 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:53:28.0835 4924 Tcpip - ok
10:53:29.0693 4924 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:53:29.0740 4924 TCPIP6 - ok
10:53:30.0177 4924 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:53:30.0208 4924 tcpipreg - ok
10:53:30.0645 4924 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:53:30.0645 4924 TDPIPE - ok
10:53:30.0941 4924 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
10:53:30.0941 4924 TDTCP - ok
10:53:31.0066 4924 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:53:31.0066 4924 tdx - ok
10:53:31.0222 4924 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
10:53:31.0253 4924 TermDD - ok
10:53:31.0394 4924 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
10:53:31.0409 4924 TermService - ok
10:53:31.0440 4924 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:53:31.0472 4924 Themes - ok
10:53:31.0565 4924 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:53:31.0565 4924 THREADORDER - ok
10:53:31.0643 4924 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:53:31.0659 4924 TrkWks - ok
10:53:31.0784 4924 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
10:53:31.0784 4924 TrustedInstaller - ok
10:53:32.0267 4924 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:32.0283 4924 tssecsrv - ok
10:53:33.0110 4924 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:53:33.0110 4924 tunnel - ok
10:53:33.0406 4924 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:53:33.0437 4924 uagp35 - ok
10:53:33.0515 4924 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
10:53:33.0515 4924 udfs - ok
10:53:33.0578 4924 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:53:33.0609 4924 UI0Detect - ok
10:53:33.0671 4924 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:53:33.0687 4924 uliagpkx - ok
10:53:33.0780 4924 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:53:33.0780 4924 umbus - ok
10:53:33.0827 4924 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:53:33.0827 4924 UmPass - ok
10:53:33.0905 4924 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:53:33.0921 4924 upnphost - ok
10:53:34.0092 4924 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:53:34.0108 4924 USBAAPL64 - ok
10:53:34.0202 4924 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:34.0202 4924 usbccgp - ok
10:53:34.0248 4924 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
10:53:34.0248 4924 usbcir - ok
10:53:34.0295 4924 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
10:53:34.0295 4924 usbehci - ok
10:53:34.0358 4924 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
10:53:34.0389 4924 usbhub - ok
10:53:34.0436 4924 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
10:53:34.0436 4924 usbohci - ok
10:53:34.0498 4924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:53:34.0498 4924 usbprint - ok
10:53:34.0545 4924 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:53:34.0560 4924 usbscan - ok
10:53:34.0607 4924 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:34.0607 4924 USBSTOR - ok
10:53:34.0654 4924 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
10:53:34.0654 4924 usbuhci - ok
10:53:34.0701 4924 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:53:34.0701 4924 UxSms - ok
10:53:34.0748 4924 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
10:53:34.0748 4924 VaultSvc - ok
10:53:34.0810 4924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:53:34.0826 4924 vdrvroot - ok
10:53:34.0857 4924 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
10:53:34.0857 4924 vds - ok
10:53:34.0904 4924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:34.0919 4924 vga - ok
10:53:34.0966 4924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:53:34.0966 4924 VgaSave - ok
10:53:34.0997 4924 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
10:53:35.0013 4924 vhdmp - ok
10:53:35.0044 4924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
10:53:35.0044 4924 viaide - ok
10:53:35.0091 4924 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
10:53:35.0091 4924 volmgr - ok
10:53:35.0138 4924 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:53:35.0138 4924 volmgrx - ok
10:53:35.0184 4924 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
10:53:35.0200 4924 volsnap - ok
10:53:35.0231 4924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:53:35.0247 4924 vsmraid - ok
10:53:35.0325 4924 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
10:53:35.0356 4924 VSS - ok
10:53:35.0434 4924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:53:35.0434 4924 vwifibus - ok
10:53:35.0465 4924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:53:35.0465 4924 vwififlt - ok
10:53:35.0528 4924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:53:35.0528 4924 vwifimp - ok
10:53:35.0559 4924 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:53:35.0559 4924 W32Time - ok
10:53:35.0621 4924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:53:35.0621 4924 WacomPen - ok
10:53:35.0715 4924 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:53:35.0715 4924 WANARP - ok
10:53:35.0715 4924 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:53:35.0715 4924 Wanarpv6 - ok
10:53:35.0871 4924 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:53:35.0933 4924 WatAdminSvc - ok
10:53:36.0136 4924 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
10:53:36.0214 4924 wbengine - ok
10:53:36.0323 4924 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:53:36.0339 4924 WbioSrvc - ok
10:53:36.0401 4924 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
10:53:36.0417 4924 wcncsvc - ok
10:53:36.0479 4924 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:53:36.0479 4924 WcsPlugInService - ok
10:53:36.0510 4924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:53:36.0510 4924 Wd - ok
10:53:36.0573 4924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:53:36.0588 4924 Wdf01000 - ok
10:53:36.0620 4924 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:53:36.0620 4924 WdiServiceHost - ok
10:53:36.0620 4924 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:53:36.0635 4924 WdiSystemHost - ok
10:53:36.0682 4924 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
10:53:36.0698 4924 WebClient - ok
10:53:36.0729 4924 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:53:36.0760 4924 Wecsvc - ok
10:53:36.0807 4924 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:53:36.0807 4924 wercplsupport - ok
10:53:36.0869 4924 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:53:36.0869 4924 WerSvc - ok
10:53:36.0947 4924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:53:36.0947 4924 WfpLwf - ok
10:53:36.0978 4924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:53:36.0978 4924 WIMMount - ok
10:53:37.0010 4924 WinDefend - ok
10:53:37.0025 4924 WinHttpAutoProxySvc - ok
10:53:37.0166 4924 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:53:37.0181 4924 Winmgmt - ok
10:53:37.0368 4924 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
10:53:37.0415 4924 WinRM - ok
10:53:37.0571 4924 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
10:53:37.0587 4924 WinUsb - ok
10:53:37.0634 4924 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:53:37.0649 4924 Wlansvc - ok
10:53:37.0821 4924 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:53:37.0836 4924 wlcrasvc - ok
10:53:37.0992 4924 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:53:38.0070 4924 wlidsvc - ok
10:53:38.0226 4924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:53:38.0226 4924 WmiAcpi - ok
10:53:38.0367 4924 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:53:38.0367 4924 wmiApSrv - ok
10:53:38.0398 4924 WMPNetworkSvc - ok
10:53:38.0492 4924 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:53:38.0507 4924 WPCSvc - ok
10:53:38.0554 4924 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
10:53:38.0554 4924 WPDBusEnum - ok
10:53:38.0616 4924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:53:38.0632 4924 ws2ifsl - ok
10:53:38.0710 4924 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
10:53:38.0710 4924 wscsvc - ok
10:53:38.0757 4924 WSearch - ok
10:53:38.0882 4924 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
10:53:38.0944 4924 wuauserv - ok
10:53:39.0006 4924 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
10:53:39.0006 4924 WudfPf - ok
10:53:39.0069 4924 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:53:39.0084 4924 WUDFRd - ok
10:53:39.0116 4924 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
10:53:39.0116 4924 wudfsvc - ok
10:53:39.0162 4924 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:53:39.0178 4924 WwanSvc - ok
10:53:39.0287 4924 MBR (0x1B8) (22a989b08cd088728d4e9fc470755d79) \Device\Harddisk0\DR0
10:53:39.0303 4924 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
10:53:39.0303 4924 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
10:53:39.0381 4924 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:53:39.0381 4924 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:53:39.0412 4924 Boot (0x1200) (572e3775cf86c05dd76b2bdc6c56ddd7) \Device\Harddisk0\DR0\Partition0
10:53:39.0412 4924 \Device\Harddisk0\DR0\Partition0 - ok
10:53:39.0428 4924 Boot (0x1200) (baa1490312ae4e609d4d476be29d421a) \Device\Harddisk0\DR0\Partition1
10:53:39.0443 4924 \Device\Harddisk0\DR0\Partition1 - ok
10:53:39.0474 4924 Boot (0x1200) (3bde9d8e097e05b9eacea4aa2fcdb297) \Device\Harddisk0\DR0\Partition2
10:53:39.0474 4924 \Device\Harddisk0\DR0\Partition2 - ok
10:53:39.0474 4924 ============================================================
10:53:39.0474 4924 Scan finished
10:53:39.0474 4924 ============================================================
10:53:39.0506 3240 Detected object count: 2
10:53:39.0506 3240 Actual detected object count: 2
10:54:14.0931 3240 \Device\Harddisk0\DR0\# - copied to quarantine
10:54:14.0947 3240 \Device\Harddisk0\DR0 - copied to quarantine
10:54:15.0228 3240 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
10:54:15.0228 3240 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
10:54:15.0243 3240 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
10:54:15.0243 3240 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
10:54:15.0306 3240 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
10:54:15.0321 3240 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
10:54:15.0321 3240 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
10:54:15.0321 3240 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
10:54:15.0337 3240 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
10:54:15.0337 3240 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
10:54:15.0352 3240 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
10:54:15.0352 3240 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
10:54:15.0399 3240 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
10:54:15.0415 3240 \Device\Harddisk0\DR0 - ok
10:54:15.0930 3240 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
10:54:15.0945 3240 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:54:15.0945 3240 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
10:55:17.0862 2992 Deinitialize success

#5 quietman7

quietman7

    Bleepin' Janitor

  • Global Moderator
  • PipPipPipPipPipPip
  • 26,101 posts
  • Gender:Male
  • Location:Virginia, USA

Posted 27 March 2012 - 10:15 AM

Your log indicates an infection was found and will be cured on reboot.

Please reboot if you have not done so already. Rerun TDSSKiller again and post a new log for narenxp to review and confirm the infection was cured.

Also continued with the rest of the instructions provided by narenxp.
Microsoft MVP - Consumer Security 2007-2013 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#6 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 10:47 AM

aswMBR log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-27 11:13:14
-----------------------------
11:13:14.231 OS Version: Windows x64 6.1.7600
11:13:14.232 Number of processors: 1 586 0x603
11:13:14.232 ComputerName: MICHELLE-PC UserName: Michelle
11:13:41.344 Initialize success
11:13:53.710 AVAST engine defs: 12032701
11:14:03.509 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
11:14:03.512 Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 3
11:14:03.524 Disk 0 MBR read successfully
11:14:03.527 Disk 0 MBR scan
11:14:03.567 Disk 0 unknown MBR code
11:14:03.576 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:14:03.652 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465939 MB offset 206848
11:14:03.781 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10899 MB offset 954449920
11:14:03.938 Disk 0 scanning C:\Windows\system32\drivers
11:14:24.934 Service scanning
11:15:08.129 Modules scanning
11:15:08.142 Disk 0 trace - called modules:
11:15:08.167 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
11:15:08.530 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800457c060]
11:15:08.538 3 CLASSPNP.SYS[fffff88000fb743f] -> nt!IofCallDriver -> [0xfffffa8004282710]
11:15:08.545 5 ACPI.sys[fffff88000e38781] -> nt!IofCallDriver -> \Device\00000064[0xfffffa80042829c0]
11:15:23.417 AVAST engine scan C:\Windows
11:15:30.510 AVAST engine scan C:\Windows\system32
11:24:06.770 AVAST engine scan C:\Windows\system32\drivers
11:24:34.099 AVAST engine scan C:\Users\Michelle
11:32:52.313 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
11:32:52.588 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
11:36:08.521 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\aswar0.dll **INFECTED** Win32:Malware-gen
11:36:09.115 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\updldr0.bin **INFECTED** Win32:Malware-gen
11:46:57.203 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
11:46:57.345 The log file has been saved successfully to "C:\aswMBR.txt"

#7 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 10:48 AM

second TDSSKiller log

11:02:38.0869 4072 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
11:02:39.0228 4072 ============================================================
11:02:39.0228 4072 Current date / time: 2012/03/27 11:02:39.0228
11:02:39.0228 4072 SystemInfo:
11:02:39.0228 4072
11:02:39.0228 4072 OS Version: 6.1.7600 ServicePack: 0.0
11:02:39.0228 4072 Product type: Workstation
11:02:39.0228 4072 ComputerName: MICHELLE-PC
11:02:39.0228 4072 UserName: Michelle
11:02:39.0228 4072 Windows directory: C:\Windows
11:02:39.0228 4072 System windows directory: C:\Windows
11:02:39.0228 4072 Running under WOW64
11:02:39.0228 4072 Processor architecture: Intel x64
11:02:39.0228 4072 Number of processors: 1
11:02:39.0228 4072 Page size: 0x1000
11:02:39.0228 4072 Boot type: Normal boot
11:02:39.0228 4072 ============================================================
11:02:40.0647 4072 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:02:40.0663 4072 \Device\Harddisk0\DR0:
11:02:40.0663 4072 MBR used
11:02:40.0663 4072 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:02:40.0663 4072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38E09800
11:02:40.0663 4072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38E3C000, BlocksNum 0x1549800
11:02:40.0819 4072 Initialize success
11:02:40.0819 4072 ============================================================
11:02:49.0804 3612 ============================================================
11:02:49.0804 3612 Scan started
11:02:49.0804 3612 Mode: Manual; TDLFS;
11:02:49.0804 3612 ============================================================
11:02:51.0988 3612 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:02:51.0988 3612 1394ohci - ok
11:02:52.0129 3612 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:02:52.0160 3612 ACPI - ok
11:02:52.0238 3612 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:02:52.0238 3612 AcpiPmi - ok
11:02:52.0456 3612 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:02:52.0488 3612 adp94xx - ok
11:02:52.0722 3612 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:02:52.0737 3612 adpahci - ok
11:02:52.0862 3612 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:02:52.0878 3612 adpu320 - ok
11:02:53.0065 3612 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:02:53.0080 3612 AeLookupSvc - ok
11:02:53.0455 3612 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:02:53.0470 3612 AFD - ok
11:02:53.0704 3612 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:02:53.0720 3612 agp440 - ok
11:02:53.0829 3612 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:02:53.0829 3612 ALG - ok
11:02:53.0954 3612 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:02:53.0954 3612 aliide - ok
11:02:54.0048 3612 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:02:54.0048 3612 amdide - ok
11:02:54.0219 3612 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:02:54.0219 3612 AmdK8 - ok
11:02:54.0375 3612 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:02:54.0375 3612 AmdPPM - ok
11:02:54.0438 3612 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:02:54.0438 3612 amdsata - ok
11:02:54.0547 3612 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:02:54.0547 3612 amdsbs - ok
11:02:54.0734 3612 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:02:54.0734 3612 amdxata - ok
11:02:54.0874 3612 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:02:54.0874 3612 AppID - ok
11:02:54.0937 3612 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:02:54.0937 3612 AppIDSvc - ok
11:02:54.0984 3612 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:02:54.0999 3612 Appinfo - ok
11:02:55.0093 3612 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:02:55.0108 3612 Apple Mobile Device - ok
11:02:55.0264 3612 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:02:55.0280 3612 arc - ok
11:02:55.0483 3612 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:02:55.0483 3612 arcsas - ok
11:02:55.0639 3612 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:02:55.0639 3612 AsyncMac - ok
11:02:55.0701 3612 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:02:55.0701 3612 atapi - ok
11:02:55.0951 3612 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:02:55.0982 3612 AudioEndpointBuilder - ok
11:02:56.0044 3612 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:02:56.0060 3612 AudioSrv - ok
11:02:56.0263 3612 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:02:56.0294 3612 AxInstSV - ok
11:02:56.0450 3612 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:02:56.0450 3612 b06bdrv - ok
11:02:56.0637 3612 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:02:56.0653 3612 b57nd60a - ok
11:02:56.0871 3612 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:02:56.0871 3612 BDESVC - ok
11:02:56.0918 3612 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:02:56.0918 3612 Beep - ok
11:02:57.0121 3612 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:02:57.0136 3612 BFE - ok
11:02:57.0448 3612 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
11:02:57.0464 3612 BHDrvx64 - ok
11:02:57.0573 3612 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:02:57.0573 3612 BITS - ok
11:02:57.0636 3612 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:02:57.0651 3612 blbdrive - ok
11:02:57.0792 3612 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:02:57.0823 3612 Bonjour Service - ok
11:02:57.0948 3612 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:02:57.0948 3612 bowser - ok
11:02:57.0979 3612 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:02:57.0979 3612 BrFiltLo - ok
11:02:58.0010 3612 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:02:58.0010 3612 BrFiltUp - ok
11:02:58.0041 3612 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:02:58.0041 3612 Browser - ok
11:02:58.0104 3612 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:02:58.0119 3612 Brserid - ok
11:02:58.0182 3612 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:02:58.0182 3612 BrSerWdm - ok
11:02:58.0275 3612 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:02:58.0291 3612 BrUsbMdm - ok
11:02:58.0478 3612 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:02:58.0494 3612 BrUsbSer - ok
11:02:58.0681 3612 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
11:02:58.0681 3612 BthEnum - ok
11:02:58.0712 3612 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:02:58.0728 3612 BTHMODEM - ok
11:02:58.0806 3612 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:02:58.0806 3612 BthPan - ok
11:02:58.0884 3612 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
11:02:58.0884 3612 BTHPORT - ok
11:02:59.0008 3612 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:02:59.0008 3612 bthserv - ok
11:02:59.0102 3612 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
11:02:59.0118 3612 BTHUSB - ok
11:02:59.0164 3612 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
11:02:59.0164 3612 btusbflt - ok
11:02:59.0320 3612 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
11:02:59.0336 3612 btwaudio - ok
11:02:59.0554 3612 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
11:02:59.0554 3612 btwavdt - ok
11:03:00.0116 3612 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:03:00.0147 3612 btwdins - ok
11:03:00.0256 3612 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
11:03:00.0256 3612 btwl2cap - ok
11:03:00.0381 3612 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
11:03:00.0381 3612 btwrchid - ok
11:03:00.0475 3612 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:03:00.0506 3612 cdfs - ok
11:03:00.0662 3612 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:03:00.0693 3612 cdrom - ok
11:03:00.0865 3612 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:03:00.0865 3612 CertPropSvc - ok
11:03:01.0052 3612 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:03:01.0052 3612 circlass - ok
11:03:01.0161 3612 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:03:01.0161 3612 CLFS - ok
11:03:01.0208 3612 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:03:01.0239 3612 clr_optimization_v2.0.50727_32 - ok
11:03:01.0286 3612 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:03:01.0286 3612 clr_optimization_v2.0.50727_64 - ok
11:03:01.0458 3612 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:03:01.0489 3612 clr_optimization_v4.0.30319_32 - ok
11:03:01.0551 3612 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:03:01.0567 3612 clr_optimization_v4.0.30319_64 - ok
11:03:01.0692 3612 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:03:01.0692 3612 CmBatt - ok
11:03:01.0723 3612 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:03:01.0723 3612 cmdide - ok
11:03:01.0848 3612 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:03:01.0848 3612 CNG - ok
11:03:01.0879 3612 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:03:01.0879 3612 Compbatt - ok
11:03:01.0957 3612 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:03:01.0957 3612 CompositeBus - ok
11:03:02.0128 3612 COMSysApp - ok
11:03:02.0175 3612 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:03:02.0222 3612 crcdisk - ok
11:03:02.0456 3612 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:03:02.0456 3612 CryptSvc - ok
11:03:02.0908 3612 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:03:02.0955 3612 cvhsvc - ok
11:03:03.0174 3612 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:03:03.0189 3612 DcomLaunch - ok
11:03:03.0236 3612 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:03:03.0252 3612 defragsvc - ok
11:03:03.0330 3612 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:03:03.0361 3612 DfsC - ok
11:03:03.0408 3612 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:03:03.0439 3612 Dhcp - ok
11:03:03.0532 3612 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:03:03.0548 3612 discache - ok
11:03:03.0610 3612 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:03:03.0673 3612 Disk - ok
11:03:03.0751 3612 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:03:03.0813 3612 Dnscache - ok
11:03:03.0876 3612 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:03:03.0891 3612 dot3svc - ok
11:03:03.0907 3612 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:03:03.0969 3612 DPS - ok
11:03:04.0094 3612 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:03:04.0094 3612 drmkaud - ok
11:03:04.0359 3612 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:03:04.0437 3612 DXGKrnl - ok
11:03:04.0671 3612 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:03:04.0734 3612 EapHost - ok
11:03:05.0498 3612 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:03:05.0623 3612 ebdrv - ok
11:03:05.0794 3612 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:03:05.0794 3612 eeCtrl - ok
11:03:05.0997 3612 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:03:06.0013 3612 EFS - ok
11:03:06.0184 3612 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:03:06.0200 3612 ehRecvr - ok
11:03:06.0247 3612 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:03:06.0294 3612 ehSched - ok
11:03:06.0840 3612 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:03:06.0871 3612 elxstor - ok
11:03:07.0027 3612 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:03:07.0167 3612 EraserUtilRebootDrv - ok
11:03:07.0635 3612 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:03:07.0651 3612 ErrDev - ok
11:03:08.0134 3612 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:03:08.0134 3612 EventSystem - ok
11:03:08.0400 3612 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:03:08.0478 3612 exfat - ok
11:03:09.0086 3612 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:03:09.0102 3612 fastfat - ok
11:03:09.0741 3612 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:03:09.0804 3612 Fax - ok
11:03:10.0303 3612 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:03:10.0350 3612 fdc - ok
11:03:10.0724 3612 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:03:10.0740 3612 fdPHost - ok
11:03:10.0833 3612 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:03:10.0833 3612 FDResPub - ok
11:03:11.0036 3612 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:03:11.0036 3612 FileInfo - ok
11:03:11.0067 3612 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:03:11.0114 3612 Filetrace - ok
11:03:11.0176 3612 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:03:11.0176 3612 flpydisk - ok
11:03:11.0254 3612 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:03:11.0286 3612 FltMgr - ok
11:03:11.0410 3612 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
11:03:11.0488 3612 FontCache - ok
11:03:11.0551 3612 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:03:11.0582 3612 FontCache3.0.0.0 - ok
11:03:11.0644 3612 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:03:11.0676 3612 FsDepends - ok
11:03:11.0722 3612 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:03:11.0785 3612 Fs_Rec - ok
11:03:11.0863 3612 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:03:11.0894 3612 fvevol - ok
11:03:11.0941 3612 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:03:11.0941 3612 gagp30kx - ok
11:03:12.0253 3612 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:03:12.0300 3612 GameConsoleService - ok
11:03:12.0487 3612 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:03:12.0487 3612 GEARAspiWDM - ok
11:03:12.0721 3612 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:03:12.0846 3612 gpsvc - ok
11:03:12.0908 3612 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:03:12.0939 3612 gusvc - ok
11:03:13.0080 3612 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:03:13.0080 3612 hcw85cir - ok
11:03:13.0158 3612 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:03:13.0204 3612 HDAudBus - ok
11:03:13.0360 3612 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:03:13.0360 3612 HidBatt - ok
11:03:13.0423 3612 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:03:13.0470 3612 HidBth - ok
11:03:13.0501 3612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:03:13.0563 3612 HidIr - ok
11:03:13.0641 3612 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:03:13.0688 3612 hidserv - ok
11:03:14.0078 3612 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:03:14.0156 3612 HidUsb - ok
11:03:14.0218 3612 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:03:14.0234 3612 hkmsvc - ok
11:03:14.0312 3612 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:03:14.0328 3612 HomeGroupListener - ok
11:03:14.0359 3612 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:03:14.0390 3612 HomeGroupProvider - ok
11:03:14.0452 3612 HP Health Check Service - ok
11:03:14.0562 3612 hpqwmiex - ok
11:03:14.0749 3612 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:03:14.0842 3612 HpSAMD - ok
11:03:15.0310 3612 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:03:15.0357 3612 HTTP - ok
11:03:15.0654 3612 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:03:15.0654 3612 hwpolicy - ok
11:03:16.0044 3612 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:03:16.0044 3612 i8042prt - ok
11:03:16.0449 3612 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:03:16.0480 3612 iaStorV - ok
11:03:16.0870 3612 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:03:16.0917 3612 idsvc - ok
11:03:17.0354 3612 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120323.002\IDSvia64.sys
11:03:17.0385 3612 IDSVia64 - ok
11:03:17.0682 3612 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:03:17.0682 3612 iirsp - ok
11:03:18.0025 3612 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:03:18.0056 3612 IKEEXT - ok
11:03:18.0618 3612 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
11:03:18.0633 3612 IntcAzAudAddService - ok
11:03:18.0976 3612 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:03:18.0976 3612 intelide - ok
11:03:19.0335 3612 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:03:19.0335 3612 intelppm - ok
11:03:19.0850 3612 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
11:03:19.0959 3612 IntuitUpdateService - ok
11:03:20.0334 3612 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
11:03:20.0427 3612 IntuitUpdateServiceV4 - ok
11:03:20.0474 3612 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:03:20.0521 3612 IPBusEnum - ok
11:03:20.0661 3612 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:03:20.0661 3612 IpFilterDriver - ok
11:03:20.0895 3612 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:03:20.0926 3612 iphlpsvc - ok
11:03:21.0098 3612 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:03:21.0098 3612 IPMIDRV - ok
11:03:21.0129 3612 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:03:21.0129 3612 IPNAT - ok
11:03:21.0394 3612 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
11:03:21.0441 3612 iPod Service - ok
11:03:21.0566 3612 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:03:21.0582 3612 IRENUM - ok
11:03:21.0675 3612 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:03:21.0675 3612 isapnp - ok
11:03:21.0769 3612 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:03:21.0769 3612 iScsiPrt - ok
11:03:21.0816 3612 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:03:21.0816 3612 kbdclass - ok
11:03:21.0909 3612 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:03:21.0909 3612 kbdhid - ok
11:03:21.0956 3612 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:03:21.0956 3612 KeyIso - ok
11:03:22.0486 3612 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:03:22.0502 3612 KSecDD - ok
11:03:22.0580 3612 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:03:22.0580 3612 KSecPkg - ok
11:03:22.0845 3612 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:03:22.0892 3612 ksthunk - ok
11:03:23.0329 3612 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:03:23.0344 3612 KtmRm - ok
11:03:23.0625 3612 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
11:03:23.0625 3612 LanmanServer - ok
11:03:23.0734 3612 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:03:23.0750 3612 LanmanWorkstation - ok
11:03:23.0984 3612 LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:03:25.0544 3612 LightScribeService - ok
11:03:25.0950 3612 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:03:25.0981 3612 lltdio - ok
11:03:26.0605 3612 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:03:26.0698 3612 lltdsvc - ok
11:03:26.0823 3612 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:03:26.0917 3612 lmhosts - ok
11:03:26.0979 3612 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:03:27.0057 3612 LSI_FC - ok
11:03:27.0088 3612 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:03:27.0104 3612 LSI_SAS - ok
11:03:27.0135 3612 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:03:27.0213 3612 LSI_SAS2 - ok
11:03:27.0260 3612 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:03:27.0369 3612 LSI_SCSI - ok
11:03:27.0666 3612 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:03:27.0666 3612 luafv - ok
11:03:28.0149 3612 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:03:28.0149 3612 Mcx2Svc - ok
11:03:28.0446 3612 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:03:28.0461 3612 megasas - ok
11:03:29.0038 3612 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:03:29.0070 3612 MegaSR - ok
11:03:29.0210 3612 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:03:29.0226 3612 MMCSS - ok
11:03:29.0335 3612 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:03:29.0335 3612 Modem - ok
11:03:29.0475 3612 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:03:29.0475 3612 monitor - ok
11:03:29.0553 3612 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:03:29.0553 3612 mouclass - ok
11:03:29.0616 3612 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:03:29.0616 3612 mouhid - ok
11:03:29.0662 3612 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:03:29.0662 3612 mountmgr - ok
11:03:29.0756 3612 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
11:03:29.0772 3612 MpFilter - ok
11:03:29.0865 3612 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:03:29.0881 3612 mpio - ok
11:03:29.0974 3612 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:03:29.0974 3612 MpNWMon - ok
11:03:30.0052 3612 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:03:30.0068 3612 mpsdrv - ok
11:03:30.0271 3612 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:03:30.0286 3612 MpsSvc - ok
11:03:30.0396 3612 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:03:30.0411 3612 MRxDAV - ok
11:03:30.0474 3612 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:03:30.0505 3612 mrxsmb - ok
11:03:30.0614 3612 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:03:30.0614 3612 mrxsmb10 - ok
11:03:30.0676 3612 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:03:30.0676 3612 mrxsmb20 - ok
11:03:30.0754 3612 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:03:30.0754 3612 msahci - ok
11:03:30.0832 3612 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:03:30.0910 3612 msdsm - ok
11:03:30.0957 3612 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:03:31.0020 3612 MSDTC - ok
11:03:31.0129 3612 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:03:31.0129 3612 Msfs - ok
11:03:31.0191 3612 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:03:31.0191 3612 mshidkmdf - ok
11:03:31.0285 3612 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:03:31.0300 3612 msisadrv - ok
11:03:31.0410 3612 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:03:31.0488 3612 MSiSCSI - ok
11:03:31.0503 3612 msiserver - ok
11:03:31.0690 3612 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:03:31.0706 3612 MSKSSRV - ok
11:03:32.0018 3612 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11:03:32.0018 3612 MsMpSvc - ok
11:03:32.0143 3612 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:03:32.0268 3612 MSPCLOCK - ok
11:03:32.0455 3612 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:03:32.0470 3612 MSPQM - ok
11:03:32.0814 3612 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:03:32.0876 3612 MsRPC - ok
11:03:33.0266 3612 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:03:33.0266 3612 mssmbios - ok
11:03:33.0469 3612 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:03:33.0484 3612 MSTEE - ok
11:03:33.0640 3612 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:03:33.0656 3612 MTConfig - ok
11:03:33.0812 3612 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:03:33.0828 3612 Mup - ok
11:03:34.0030 3612 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:03:34.0030 3612 napagent - ok
11:03:34.0374 3612 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:03:34.0374 3612 NativeWifiP - ok
11:03:34.0654 3612 NAV (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe
11:03:34.0670 3612 NAV - ok
11:03:34.0951 3612 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120324.019\ENG64.SYS
11:03:34.0951 3612 NAVENG - ok
11:03:35.0450 3612 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120324.019\EX64.SYS
11:03:35.0466 3612 NAVEX15 - ok
11:03:35.0934 3612 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:03:35.0965 3612 NDIS - ok
11:03:36.0807 3612 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:03:36.0901 3612 NdisCap - ok
11:03:36.0963 3612 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:03:37.0026 3612 NdisTapi - ok
11:03:37.0182 3612 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:03:37.0275 3612 Ndisuio - ok
11:03:37.0868 3612 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:03:37.0884 3612 NdisWan - ok
11:03:38.0336 3612 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:03:38.0352 3612 NDProxy - ok
11:03:38.0570 3612 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:03:38.0570 3612 NetBIOS - ok
11:03:38.0757 3612 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:03:38.0773 3612 NetBT - ok
11:03:38.0835 3612 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:03:38.0835 3612 Netlogon - ok
11:03:39.0241 3612 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:03:39.0272 3612 Netman - ok
11:03:39.0522 3612 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:03:39.0568 3612 netprofm - ok
11:03:39.0958 3612 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys
11:03:39.0974 3612 netr28ux - ok
11:03:40.0130 3612 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:03:40.0146 3612 NetTcpPortSharing - ok
11:03:40.0536 3612 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:03:40.0551 3612 nfrd960 - ok
11:03:40.0692 3612 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:03:40.0692 3612 NisDrv - ok
11:03:40.0988 3612 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:03:41.0019 3612 NisSrv - ok
11:03:41.0222 3612 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:03:41.0222 3612 NlaSvc - ok
11:03:41.0362 3612 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:03:41.0394 3612 Npfs - ok
11:03:41.0472 3612 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:03:41.0518 3612 nsi - ok
11:03:41.0596 3612 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:03:41.0628 3612 nsiproxy - ok
11:03:42.0018 3612 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:03:42.0127 3612 Ntfs - ok
11:03:42.0205 3612 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:03:42.0205 3612 Null - ok
11:03:43.0344 3612 nvlddmkm (c967514483fa30a0a352e70bb6414d1d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:03:43.0453 3612 nvlddmkm - ok
11:03:43.0609 3612 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
11:03:43.0624 3612 NVNET - ok
11:03:43.0765 3612 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:03:43.0780 3612 nvraid - ok
11:03:43.0905 3612 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:03:43.0921 3612 nvstor - ok
11:03:44.0014 3612 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
11:03:44.0014 3612 nvstor64 - ok
11:03:44.0514 3612 nvsvc (e26706a65d97ef9188b1d7bfa23c96c2) C:\Windows\system32\nvvsvc.exe
11:03:44.0514 3612 nvsvc - ok
11:03:44.0592 3612 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:03:44.0607 3612 nv_agp - ok
11:03:44.0685 3612 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:03:44.0701 3612 ohci1394 - ok
11:03:44.0794 3612 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:03:44.0841 3612 ose - ok
11:03:45.0434 3612 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:03:45.0590 3612 osppsvc - ok
11:03:45.0902 3612 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:03:45.0918 3612 p2pimsvc - ok
11:03:45.0996 3612 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:03:46.0042 3612 p2psvc - ok
11:03:46.0105 3612 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:03:46.0136 3612 Parport - ok
11:03:46.0245 3612 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:03:46.0245 3612 partmgr - ok
11:03:46.0386 3612 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
11:03:46.0464 3612 pbfilter - ok
11:03:46.0604 3612 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:03:46.0620 3612 PcaSvc - ok
11:03:46.0760 3612 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:03:46.0776 3612 pci - ok
11:03:47.0025 3612 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:03:47.0025 3612 pciide - ok
11:03:47.0197 3612 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:03:47.0212 3612 pcmcia - ok
11:03:47.0353 3612 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:03:47.0415 3612 pcw - ok
11:03:47.0680 3612 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:03:47.0712 3612 PEAUTH - ok
11:03:47.0821 3612 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:03:47.0852 3612 PerfHost - ok
11:03:47.0930 3612 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:03:47.0977 3612 pla - ok
11:03:48.0055 3612 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:03:48.0070 3612 PlugPlay - ok
11:03:48.0102 3612 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:03:48.0117 3612 PNRPAutoReg - ok
11:03:48.0180 3612 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:03:48.0180 3612 PNRPsvc - ok
11:03:48.0398 3612 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:03:48.0429 3612 PolicyAgent - ok
11:03:48.0492 3612 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:03:48.0523 3612 Power - ok
11:03:48.0616 3612 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:03:48.0632 3612 PptpMiniport - ok
11:03:48.0710 3612 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:03:48.0710 3612 Processor - ok
11:03:48.0850 3612 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:03:48.0850 3612 ProfSvc - ok
11:03:48.0975 3612 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:03:48.0975 3612 ProtectedStorage - ok
11:03:49.0474 3612 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:03:49.0521 3612 Psched - ok
11:03:49.0646 3612 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:03:49.0708 3612 ql2300 - ok
11:03:49.0740 3612 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:03:49.0755 3612 ql40xx - ok
11:03:50.0613 3612 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:03:50.0613 3612 QWAVE - ok
11:03:50.0816 3612 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:03:50.0878 3612 QWAVEdrv - ok
11:03:50.0910 3612 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:03:50.0925 3612 RasAcd - ok
11:03:50.0972 3612 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:03:50.0972 3612 RasAgileVpn - ok
11:03:51.0019 3612 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:03:51.0034 3612 RasAuto - ok
11:03:51.0066 3612 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:03:51.0097 3612 Rasl2tp - ok
11:03:51.0144 3612 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:03:51.0206 3612 RasMan - ok
11:03:51.0253 3612 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:03:51.0284 3612 RasPppoe - ok
11:03:51.0378 3612 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:03:51.0409 3612 RasSstp - ok
11:03:51.0456 3612 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:03:51.0487 3612 rdbss - ok
11:03:51.0518 3612 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:03:51.0549 3612 rdpbus - ok
11:03:51.0596 3612 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:03:52.0220 3612 RDPCDD - ok
11:03:52.0392 3612 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:03:52.0392 3612 RDPENCDD - ok
11:03:52.0438 3612 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:03:52.0454 3612 RDPREFMP - ok
11:03:52.0532 3612 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
11:03:52.0626 3612 RDPWD - ok
11:03:52.0766 3612 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:03:52.0953 3612 rdyboost - ok
11:03:52.0984 3612 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:03:53.0047 3612 RemoteAccess - ok
11:03:53.0172 3612 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:03:53.0250 3612 RemoteRegistry - ok
11:03:53.0390 3612 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:03:53.0437 3612 RFCOMM - ok
11:03:53.0530 3612 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:03:53.0546 3612 RpcEptMapper - ok
11:03:53.0577 3612 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:03:53.0624 3612 RpcLocator - ok
11:03:53.0671 3612 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:03:53.0796 3612 RpcSs - ok
11:03:53.0889 3612 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:03:53.0905 3612 rspndr - ok
11:03:54.0061 3612 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:03:54.0108 3612 RTL8192su - ok
11:03:54.0264 3612 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:03:54.0264 3612 SamSs - ok
11:03:54.0310 3612 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:03:54.0342 3612 sbp2port - ok
11:03:54.0388 3612 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:03:54.0420 3612 SCardSvr - ok
11:03:54.0466 3612 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:03:54.0482 3612 scfilter - ok
11:03:54.0529 3612 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:03:54.0591 3612 Schedule - ok
11:03:54.0638 3612 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:03:54.0700 3612 SCPolicySvc - ok
11:03:54.0763 3612 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:03:54.0794 3612 SDRSVC - ok
11:03:54.0872 3612 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:03:54.0903 3612 secdrv - ok
11:03:54.0919 3612 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:03:54.0950 3612 seclogon - ok
11:03:54.0981 3612 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:03:55.0012 3612 SENS - ok
11:03:55.0028 3612 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:03:55.0075 3612 SensrSvc - ok
11:03:55.0122 3612 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:03:55.0168 3612 Serenum - ok
11:03:55.0184 3612 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:03:55.0200 3612 Serial - ok
11:03:55.0231 3612 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:03:55.0231 3612 sermouse - ok
11:03:55.0309 3612 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:03:55.0387 3612 SessionEnv - ok
11:03:55.0434 3612 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:03:55.0527 3612 sffdisk - ok
11:03:55.0543 3612 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:03:55.0636 3612 sffp_mmc - ok
11:03:55.0668 3612 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:03:55.0730 3612 sffp_sd - ok
11:03:55.0777 3612 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:03:55.0870 3612 sfloppy - ok
11:03:55.0933 3612 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:03:55.0948 3612 Sftfs - ok
11:03:56.0042 3612 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:03:56.0104 3612 sftlist - ok
11:03:56.0167 3612 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:03:56.0182 3612 Sftplay - ok
11:03:56.0229 3612 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:03:56.0245 3612 Sftredir - ok
11:03:56.0307 3612 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:03:56.0338 3612 Sftvol - ok
11:03:56.0416 3612 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:03:56.0432 3612 sftvsa - ok
11:03:56.0463 3612 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:03:56.0510 3612 SharedAccess - ok
11:03:56.0541 3612 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:03:56.0588 3612 ShellHWDetection - ok
11:03:56.0619 3612 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:03:56.0635 3612 SiSRaid2 - ok
11:03:56.0697 3612 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:03:56.0760 3612 SiSRaid4 - ok
11:03:56.0806 3612 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:03:57.0852 3612 Smb - ok
11:03:57.0945 3612 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:03:58.0008 3612 SNMPTRAP - ok
11:03:58.0039 3612 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:03:58.0054 3612 spldr - ok
11:03:58.0086 3612 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:03:58.0132 3612 Spooler - ok
11:03:58.0257 3612 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:03:58.0366 3612 sppsvc - ok
11:03:58.0429 3612 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:03:58.0460 3612 sppuinotify - ok
11:03:58.0585 3612 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS
11:03:58.0600 3612 SRTSP - ok
11:03:58.0632 3612 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS
11:03:58.0678 3612 SRTSPX - ok
11:03:58.0741 3612 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:03:58.0756 3612 srv - ok
11:03:58.0803 3612 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:03:58.0819 3612 srv2 - ok
11:03:58.0850 3612 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:03:58.0897 3612 srvnet - ok
11:03:59.0068 3612 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:03:59.0115 3612 SSDPSRV - ok
11:03:59.0146 3612 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:03:59.0240 3612 SstpSvc - ok
11:03:59.0302 3612 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:03:59.0334 3612 stexstor - ok
11:03:59.0412 3612 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:03:59.0458 3612 stisvc - ok
11:03:59.0521 3612 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:03:59.0552 3612 swenum - ok
11:03:59.0599 3612 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:03:59.0661 3612 swprv - ok
11:03:59.0802 3612 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS
11:03:59.0833 3612 SymDS - ok
11:03:59.0864 3612 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS
11:04:00.0036 3612 SymEFA - ok
11:04:00.0160 3612 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:04:00.0176 3612 SymEvent - ok
11:04:00.0316 3612 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS
11:04:00.0363 3612 SymIRON - ok
11:04:00.0441 3612 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS
11:04:00.0472 3612 SymNetS - ok
11:04:00.0550 3612 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:04:00.0628 3612 SysMain - ok
11:04:00.0691 3612 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:04:00.0706 3612 TabletInputService - ok
11:04:00.0722 3612 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:04:00.0753 3612 TapiSrv - ok
11:04:00.0784 3612 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:04:00.0831 3612 TBS - ok
11:04:00.0940 3612 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:04:01.0018 3612 Tcpip - ok
11:04:01.0143 3612 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:04:01.0159 3612 TCPIP6 - ok
11:04:01.0206 3612 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:04:01.0221 3612 tcpipreg - ok
11:04:01.0268 3612 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:04:01.0315 3612 TDPIPE - ok
11:04:01.0346 3612 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:04:01.0440 3612 TDTCP - ok
11:04:01.0486 3612 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:04:01.0502 3612 tdx - ok
11:04:01.0611 3612 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:04:01.0642 3612 TermDD - ok
11:04:01.0689 3612 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:04:01.0736 3612 TermService - ok
11:04:01.0752 3612 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:04:01.0783 3612 Themes - ok
11:04:01.0845 3612 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:04:01.0876 3612 THREADORDER - ok
11:04:01.0923 3612 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:04:01.0923 3612 TrkWks - ok
11:04:01.0970 3612 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:04:01.0986 3612 TrustedInstaller - ok
11:04:02.0048 3612 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:04:02.0048 3612 tssecsrv - ok
11:04:02.0110 3612 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:04:02.0157 3612 tunnel - ok
11:04:02.0204 3612 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:04:02.0251 3612 uagp35 - ok
11:04:02.0298 3612 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:04:02.0344 3612 udfs - ok
11:04:02.0391 3612 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:04:02.0422 3612 UI0Detect - ok
11:04:02.0454 3612 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:04:02.0485 3612 uliagpkx - ok
11:04:02.0547 3612 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:04:02.0578 3612 umbus - ok
11:04:02.0594 3612 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:04:02.0641 3612 UmPass - ok
11:04:02.0688 3612 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:04:02.0703 3612 upnphost - ok
11:04:02.0766 3612 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:04:02.0797 3612 USBAAPL64 - ok
11:04:02.0890 3612 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:04:02.0937 3612 usbccgp - ok
11:04:02.0968 3612 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:04:02.0984 3612 usbcir - ok
11:04:03.0031 3612 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:04:03.0062 3612 usbehci - ok
11:04:03.0187 3612 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:04:03.0249 3612 usbhub - ok
11:04:03.0312 3612 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
11:04:03.0343 3612 usbohci - ok
11:04:03.0374 3612 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:04:03.0421 3612 usbprint - ok
11:04:03.0452 3612 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:04:03.0499 3612 usbscan - ok
11:04:03.0546 3612 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:04:03.0561 3612 USBSTOR - ok
11:04:03.0608 3612 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
11:04:03.0624 3612 usbuhci - ok
11:04:03.0670 3612 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:04:03.0686 3612 UxSms - ok
11:04:03.0717 3612 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:04:03.0717 3612 VaultSvc - ok
11:04:03.0780 3612 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:04:03.0826 3612 vdrvroot - ok
11:04:03.0889 3612 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:04:03.0920 3612 vds - ok
11:04:03.0951 3612 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:04:03.0982 3612 vga - ok
11:04:03.0998 3612 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:04:04.0045 3612 VgaSave - ok
11:04:04.0092 3612 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:04:04.0107 3612 vhdmp - ok
11:04:04.0138 3612 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:04:04.0154 3612 viaide - ok
11:04:04.0185 3612 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:04:04.0216 3612 volmgr - ok
11:04:04.0248 3612 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:04:04.0279 3612 volmgrx - ok
11:04:04.0357 3612 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:04:04.0388 3612 volsnap - ok
11:04:04.0450 3612 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:04:04.0466 3612 vsmraid - ok
11:04:04.0513 3612 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:04:04.0544 3612 VSS - ok
11:04:04.0606 3612 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:04:04.0638 3612 vwifibus - ok
11:04:04.0653 3612 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:04:04.0700 3612 vwififlt - ok
11:04:04.0731 3612 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:04:04.0762 3612 vwifimp - ok
11:04:04.0809 3612 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:04:04.0840 3612 W32Time - ok
11:04:04.0887 3612 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:04:04.0918 3612 WacomPen - ok
11:04:04.0996 3612 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:04:05.0043 3612 WANARP - ok
11:04:05.0043 3612 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:04:05.0043 3612 Wanarpv6 - ok
11:04:05.0137 3612 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:04:05.0215 3612 WatAdminSvc - ok
11:04:05.0324 3612 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:04:05.0371 3612 wbengine - ok
11:04:05.0402 3612 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:04:05.0418 3612 WbioSrvc - ok
11:04:05.0449 3612 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:04:05.0480 3612 wcncsvc - ok
11:04:05.0496 3612 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:04:05.0542 3612 WcsPlugInService - ok
11:04:05.0636 3612 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:04:05.0667 3612 Wd - ok
11:04:05.0714 3612 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:04:05.0730 3612 Wdf01000 - ok
11:04:05.0776 3612 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:04:05.0792 3612 WdiServiceHost - ok
11:04:05.0808 3612 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:04:05.0808 3612 WdiSystemHost - ok
11:04:05.0917 3612 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:04:05.0948 3612 WebClient - ok
11:04:05.0995 3612 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:04:05.0995 3612 Wecsvc - ok
11:04:06.0026 3612 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:04:06.0057 3612 wercplsupport - ok
11:04:06.0120 3612 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:04:06.0166 3612 WerSvc - ok
11:04:06.0244 3612 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:04:06.0291 3612 WfpLwf - ok
11:04:06.0354 3612 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:04:06.0369 3612 WIMMount - ok
11:04:06.0432 3612 WinDefend - ok
11:04:06.0447 3612 WinHttpAutoProxySvc - ok
11:04:06.0666 3612 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:04:06.0728 3612 Winmgmt - ok
11:04:07.0009 3612 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:04:07.0102 3612 WinRM - ok
11:04:07.0274 3612 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
11:04:07.0305 3612 WinUsb - ok
11:04:07.0352 3612 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:04:07.0430 3612 Wlansvc - ok
11:04:07.0586 3612 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:04:07.0648 3612 wlcrasvc - ok
11:04:07.0726 3612 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:04:07.0882 3612 wlidsvc - ok
11:04:07.0976 3612 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:04:08.0007 3612 WmiAcpi - ok
11:04:08.0132 3612 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:04:08.0179 3612 wmiApSrv - ok
11:04:08.0257 3612 WMPNetworkSvc - ok
11:04:08.0335 3612 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:04:08.0382 3612 WPCSvc - ok
11:04:08.0444 3612 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:04:08.0491 3612 WPDBusEnum - ok
11:04:08.0538 3612 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:04:08.0538 3612 ws2ifsl - ok
11:04:08.0584 3612 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
11:04:08.0616 3612 wscsvc - ok
11:04:08.0631 3612 WSearch - ok
11:04:08.0772 3612 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:04:08.0865 3612 wuauserv - ok
11:04:08.0990 3612 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:04:09.0021 3612 WudfPf - ok
11:04:09.0084 3612 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:04:09.0115 3612 WUDFRd - ok
11:04:09.0130 3612 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:04:09.0177 3612 wudfsvc - ok
11:04:09.0208 3612 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:04:09.0255 3612 WwanSvc - ok
11:04:09.0380 3612 MBR (0x1B8) (e9e1952e8c9ff3cb45f3696d0c75f6d8) \Device\Harddisk0\DR0
11:04:09.0583 3612 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:04:09.0583 3612 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:04:09.0583 3612 Boot (0x1200) (572e3775cf86c05dd76b2bdc6c56ddd7) \Device\Harddisk0\DR0\Partition0
11:04:09.0583 3612 \Device\Harddisk0\DR0\Partition0 - ok
11:04:09.0614 3612 Boot (0x1200) (baa1490312ae4e609d4d476be29d421a) \Device\Harddisk0\DR0\Partition1
11:04:09.0614 3612 \Device\Harddisk0\DR0\Partition1 - ok
11:04:09.0645 3612 Boot (0x1200) (3bde9d8e097e05b9eacea4aa2fcdb297) \Device\Harddisk0\DR0\Partition2
11:04:09.0645 3612 \Device\Harddisk0\DR0\Partition2 - ok
11:04:09.0645 3612 ============================================================
11:04:09.0645 3612 Scan finished
11:04:09.0645 3612 ============================================================
11:04:09.0661 0696 Detected object count: 1
11:04:09.0661 0696 Actual detected object count: 1
11:04:13.0218 0696 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:04:13.0218 0696 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:04:18.0537 4404 Deinitialize success

#8 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 10:51 AM

also I scanned malwarebytes after I did the TDSSKiller and here is the log from it if it helps

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.23.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Michelle :: MICHELLE-PC [administrator]

3/27/2012 11:11:07 AM
mbam-log-2012-03-27 (11-50-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193299
Time elapsed: 21 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.
C:\Users\Michelle\Downloads\SvchostAnalyzer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

(end)

#9 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 27 March 2012 - 02:03 PM

11:04:13.0218 0696 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Run TDSSkiller once again and make sure to select DELETE for TDSS file system

C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

Run mbam again,click on SHOW infections,select all and remove it ,post the clean log

Waiting for other logs too :thumbup2:

#10 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 02:44 PM

heres the complete aswMBR log.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-27 12:19:56
-----------------------------
12:19:56.874 OS Version: Windows x64 6.1.7600
12:19:56.874 Number of processors: 1 586 0x603
12:19:56.874 ComputerName: MICHELLE-PC UserName: Michelle
12:20:00.477 Initialize success
12:20:09.588 AVAST engine defs: 12032701
12:20:11.475 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
12:20:11.475 Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 3
12:20:11.491 Disk 0 MBR read successfully
12:20:11.506 Disk 0 MBR scan
12:20:11.506 Disk 0 unknown MBR code
12:20:11.522 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:20:11.569 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465939 MB offset 206848
12:20:11.616 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10899 MB offset 954449920
12:20:11.740 Disk 0 scanning C:\Windows\system32\drivers
12:20:26.046 Service scanning
12:20:57.105 Modules scanning
12:20:57.121 Disk 0 trace - called modules:
12:20:57.136 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
12:20:57.651 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045d4060]
12:20:57.651 3 CLASSPNP.SYS[fffff88001ae543f] -> nt!IofCallDriver -> [0xfffffa800405ad30]
12:20:57.667 5 ACPI.sys[fffff88000ef1781] -> nt!IofCallDriver -> \Device\00000063[0xfffffa80040b46c0]
12:21:04.032 AVAST engine scan C:\Windows
12:21:06.902 AVAST engine scan C:\Windows\system32
12:26:32.977 AVAST engine scan C:\Windows\system32\drivers
12:26:51.010 AVAST engine scan C:\Users\Michelle
12:29:33.534 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
12:29:33.706 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
12:32:48.165 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\aswar0.dll **INFECTED** Win32:Malware-gen
12:32:48.789 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\updldr0.bin **INFECTED** Win32:Malware-gen
12:46:10.664 AVAST engine scan C:\ProgramData
12:48:37.446 File: C:\ProgramData\Microsoft\Windows\DRM\E590.tmp **INFECTED** Win32:Malware-gen
12:48:37.508 File: C:\ProgramData\Microsoft\Windows\DRM\E5A1.tmp **INFECTED** Win32:Malware-gen
12:50:43.260 Scan finished successfully
15:27:02.733 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
15:27:02.827 The log file has been saved successfully to "C:\aswMBR2.txt"


latest TDSSKiller log

15:44:45.0999 3856 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
15:44:46.0265 3856 ============================================================
15:44:46.0265 3856 Current date / time: 2012/03/27 15:44:46.0265
15:44:46.0265 3856 SystemInfo:
15:44:46.0265 3856
15:44:46.0265 3856 OS Version: 6.1.7600 ServicePack: 0.0
15:44:46.0265 3856 Product type: Workstation
15:44:46.0265 3856 ComputerName: MICHELLE-PC
15:44:46.0265 3856 UserName: Michelle
15:44:46.0265 3856 Windows directory: C:\Windows
15:44:46.0265 3856 System windows directory: C:\Windows
15:44:46.0265 3856 Running under WOW64
15:44:46.0265 3856 Processor architecture: Intel x64
15:44:46.0265 3856 Number of processors: 1
15:44:46.0265 3856 Page size: 0x1000
15:44:46.0265 3856 Boot type: Normal boot
15:44:46.0265 3856 ============================================================
15:44:47.0403 3856 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:44:47.0419 3856 \Device\Harddisk0\DR0:
15:44:47.0419 3856 MBR used
15:44:47.0419 3856 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:44:47.0419 3856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38E09800
15:44:47.0419 3856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38E3C000, BlocksNum 0x1549800
15:44:47.0544 3856 Initialize success
15:44:47.0544 3856 ============================================================
15:44:52.0411 3604 ============================================================
15:44:52.0411 3604 Scan started
15:44:52.0411 3604 Mode: Manual; TDLFS;
15:44:52.0411 3604 ============================================================
15:44:53.0113 3604 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:44:53.0113 3604 1394ohci - ok
15:44:53.0175 3604 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:44:53.0191 3604 ACPI - ok
15:44:53.0222 3604 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:44:53.0222 3604 AcpiPmi - ok
15:44:53.0253 3604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:44:53.0269 3604 adp94xx - ok
15:44:53.0300 3604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:44:53.0300 3604 adpahci - ok
15:44:53.0331 3604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:44:53.0347 3604 adpu320 - ok
15:44:53.0363 3604 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:44:53.0378 3604 AeLookupSvc - ok
15:44:53.0456 3604 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
15:44:53.0472 3604 AFD - ok
15:44:53.0534 3604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:44:53.0534 3604 agp440 - ok
15:44:53.0565 3604 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:44:53.0565 3604 ALG - ok
15:44:53.0612 3604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:44:53.0628 3604 aliide - ok
15:44:53.0659 3604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:44:53.0659 3604 amdide - ok
15:44:53.0721 3604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:44:53.0737 3604 AmdK8 - ok
15:44:53.0768 3604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:44:53.0768 3604 AmdPPM - ok
15:44:53.0815 3604 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:44:53.0815 3604 amdsata - ok
15:44:53.0846 3604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:44:53.0846 3604 amdsbs - ok
15:44:53.0862 3604 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:44:53.0862 3604 amdxata - ok
15:44:53.0924 3604 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:44:53.0940 3604 AppID - ok
15:44:53.0971 3604 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:44:53.0987 3604 AppIDSvc - ok
15:44:54.0002 3604 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:44:54.0002 3604 Appinfo - ok
15:44:54.0096 3604 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:54.0096 3604 Apple Mobile Device - ok
15:44:54.0158 3604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:44:54.0174 3604 arc - ok
15:44:54.0221 3604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:44:54.0221 3604 arcsas - ok
15:44:54.0283 3604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:54.0283 3604 AsyncMac - ok
15:44:54.0345 3604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:44:54.0345 3604 atapi - ok
15:44:54.0423 3604 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:44:54.0439 3604 AudioEndpointBuilder - ok
15:44:54.0455 3604 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:44:54.0455 3604 AudioSrv - ok
15:44:54.0517 3604 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:44:54.0533 3604 AxInstSV - ok
15:44:54.0673 3604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:44:54.0689 3604 b06bdrv - ok
15:44:54.0767 3604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:44:54.0767 3604 b57nd60a - ok
15:44:54.0813 3604 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:44:54.0813 3604 BDESVC - ok
15:44:54.0829 3604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:44:54.0829 3604 Beep - ok
15:44:54.0891 3604 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
15:44:54.0907 3604 BFE - ok
15:44:55.0063 3604 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
15:44:55.0094 3604 BHDrvx64 - ok
15:44:55.0172 3604 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:44:55.0203 3604 BITS - ok
15:44:55.0266 3604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:44:55.0266 3604 blbdrive - ok
15:44:55.0359 3604 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:44:55.0375 3604 Bonjour Service - ok
15:44:55.0406 3604 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:44:55.0422 3604 bowser - ok
15:44:55.0453 3604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:44:55.0453 3604 BrFiltLo - ok
15:44:55.0469 3604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:44:55.0484 3604 BrFiltUp - ok
15:44:55.0500 3604 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:44:55.0515 3604 Browser - ok
15:44:55.0547 3604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:44:55.0562 3604 Brserid - ok
15:44:55.0578 3604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:44:55.0578 3604 BrSerWdm - ok
15:44:55.0625 3604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:44:55.0625 3604 BrUsbMdm - ok
15:44:55.0656 3604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:44:55.0656 3604 BrUsbSer - ok
15:44:55.0718 3604 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:44:55.0718 3604 BthEnum - ok
15:44:55.0749 3604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:44:55.0765 3604 BTHMODEM - ok
15:44:55.0812 3604 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:44:55.0827 3604 BthPan - ok
15:44:55.0859 3604 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
15:44:55.0874 3604 BTHPORT - ok
15:44:55.0905 3604 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:44:55.0921 3604 bthserv - ok
15:44:55.0937 3604 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
15:44:55.0937 3604 BTHUSB - ok
15:44:55.0983 3604 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
15:44:55.0983 3604 btusbflt - ok
15:44:56.0046 3604 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
15:44:56.0046 3604 btwaudio - ok
15:44:56.0108 3604 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
15:44:56.0124 3604 btwavdt - ok
15:44:56.0233 3604 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:44:56.0249 3604 btwdins - ok
15:44:56.0311 3604 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:44:56.0311 3604 btwl2cap - ok
15:44:56.0342 3604 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
15:44:56.0342 3604 btwrchid - ok
15:44:56.0389 3604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:44:56.0389 3604 cdfs - ok
15:44:56.0451 3604 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:44:56.0451 3604 cdrom - ok
15:44:56.0498 3604 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:44:56.0498 3604 CertPropSvc - ok
15:44:56.0561 3604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:44:56.0561 3604 circlass - ok
15:44:56.0592 3604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:44:56.0592 3604 CLFS - ok
15:44:56.0654 3604 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:56.0654 3604 clr_optimization_v2.0.50727_32 - ok
15:44:56.0717 3604 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:56.0717 3604 clr_optimization_v2.0.50727_64 - ok
15:44:56.0779 3604 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:56.0795 3604 clr_optimization_v4.0.30319_32 - ok
15:44:56.0826 3604 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:44:56.0826 3604 clr_optimization_v4.0.30319_64 - ok
15:44:56.0904 3604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:56.0919 3604 CmBatt - ok
15:44:56.0951 3604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:44:56.0951 3604 cmdide - ok
15:44:57.0013 3604 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
15:44:57.0013 3604 CNG - ok
15:44:57.0044 3604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:44:57.0060 3604 Compbatt - ok
15:44:57.0138 3604 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:44:57.0138 3604 CompositeBus - ok
15:44:57.0169 3604 COMSysApp - ok
15:44:57.0216 3604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:44:57.0216 3604 crcdisk - ok
15:44:57.0278 3604 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
15:44:57.0278 3604 CryptSvc - ok
15:44:57.0387 3604 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:44:57.0403 3604 cvhsvc - ok
15:44:57.0497 3604 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:44:57.0512 3604 DcomLaunch - ok
15:44:57.0528 3604 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:44:57.0543 3604 defragsvc - ok
15:44:57.0621 3604 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:44:57.0637 3604 DfsC - ok
15:44:57.0699 3604 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:44:57.0699 3604 Dhcp - ok
15:44:57.0746 3604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:44:57.0746 3604 discache - ok
15:44:57.0809 3604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:44:57.0809 3604 Disk - ok
15:44:57.0855 3604 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
15:44:57.0855 3604 Dnscache - ok
15:44:57.0887 3604 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:44:57.0902 3604 dot3svc - ok
15:44:57.0933 3604 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:44:57.0933 3604 DPS - ok
15:44:57.0996 3604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:44:57.0996 3604 drmkaud - ok
15:44:58.0058 3604 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
15:44:58.0074 3604 DXGKrnl - ok
15:44:58.0136 3604 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:44:58.0136 3604 EapHost - ok
15:44:58.0214 3604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:44:58.0277 3604 ebdrv - ok
15:44:58.0401 3604 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:44:58.0417 3604 eeCtrl - ok
15:44:58.0479 3604 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
15:44:58.0495 3604 EFS - ok
15:44:58.0589 3604 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
15:44:58.0604 3604 ehRecvr - ok
15:44:58.0651 3604 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:44:58.0651 3604 ehSched - ok
15:44:58.0729 3604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:44:58.0745 3604 elxstor - ok
15:44:58.0854 3604 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:44:58.0869 3604 EraserUtilRebootDrv - ok
15:44:58.0932 3604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:44:58.0932 3604 ErrDev - ok
15:44:59.0025 3604 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:44:59.0025 3604 EventSystem - ok
15:44:59.0072 3604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:44:59.0072 3604 exfat - ok
15:44:59.0103 3604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:44:59.0103 3604 fastfat - ok
15:44:59.0181 3604 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:44:59.0197 3604 Fax - ok
15:44:59.0228 3604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:44:59.0228 3604 fdc - ok
15:44:59.0291 3604 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:44:59.0291 3604 fdPHost - ok
15:44:59.0322 3604 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:44:59.0322 3604 FDResPub - ok
15:44:59.0337 3604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:44:59.0337 3604 FileInfo - ok
15:44:59.0369 3604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:44:59.0369 3604 Filetrace - ok
15:44:59.0400 3604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:59.0415 3604 flpydisk - ok
15:44:59.0462 3604 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:44:59.0462 3604 FltMgr - ok
15:44:59.0540 3604 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
15:44:59.0556 3604 FontCache - ok
15:44:59.0618 3604 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:59.0618 3604 FontCache3.0.0.0 - ok
15:44:59.0681 3604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:44:59.0681 3604 FsDepends - ok
15:44:59.0712 3604 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:44:59.0712 3604 Fs_Rec - ok
15:44:59.0774 3604 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:44:59.0790 3604 fvevol - ok
15:44:59.0852 3604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:44:59.0852 3604 gagp30kx - ok
15:44:59.0961 3604 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:44:59.0961 3604 GameConsoleService - ok
15:45:00.0008 3604 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:45:00.0008 3604 GEARAspiWDM - ok
15:45:00.0055 3604 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:45:00.0071 3604 gpsvc - ok
15:45:00.0102 3604 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:45:00.0117 3604 gusvc - ok
15:45:00.0149 3604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:45:00.0164 3604 hcw85cir - ok
15:45:00.0211 3604 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:45:00.0211 3604 HDAudBus - ok
15:45:00.0242 3604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:45:00.0242 3604 HidBatt - ok
15:45:00.0273 3604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:45:00.0273 3604 HidBth - ok
15:45:00.0305 3604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:45:00.0320 3604 HidIr - ok
15:45:00.0336 3604 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:45:00.0336 3604 hidserv - ok
15:45:00.0414 3604 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:45:00.0414 3604 HidUsb - ok
15:45:00.0461 3604 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:45:00.0461 3604 hkmsvc - ok
15:45:00.0492 3604 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:45:00.0507 3604 HomeGroupListener - ok
15:45:00.0539 3604 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:45:00.0539 3604 HomeGroupProvider - ok
15:45:00.0585 3604 HP Health Check Service - ok
15:45:00.0601 3604 hpqwmiex - ok
15:45:00.0679 3604 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:45:00.0695 3604 HpSAMD - ok
15:45:00.0741 3604 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:45:00.0757 3604 HTTP - ok
15:45:00.0788 3604 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:45:00.0788 3604 hwpolicy - ok
15:45:00.0835 3604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:45:00.0835 3604 i8042prt - ok
15:45:00.0897 3604 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:45:00.0913 3604 iaStorV - ok
15:45:01.0007 3604 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:45:01.0022 3604 idsvc - ok
15:45:01.0178 3604 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120324.004\IDSvia64.sys
15:45:01.0209 3604 IDSVia64 - ok
15:45:01.0272 3604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:45:01.0272 3604 iirsp - ok
15:45:01.0319 3604 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:45:01.0334 3604 IKEEXT - ok
15:45:01.0459 3604 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
15:45:01.0490 3604 IntcAzAudAddService - ok
15:45:01.0521 3604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:45:01.0521 3604 intelide - ok
15:45:01.0553 3604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:45:01.0553 3604 intelppm - ok
15:45:01.0631 3604 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:45:01.0646 3604 IntuitUpdateService - ok
15:45:01.0709 3604 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:45:01.0709 3604 IntuitUpdateServiceV4 - ok
15:45:01.0755 3604 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:45:01.0755 3604 IPBusEnum - ok
15:45:01.0787 3604 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:45:01.0787 3604 IpFilterDriver - ok
15:45:01.0818 3604 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
15:45:01.0833 3604 iphlpsvc - ok
15:45:01.0865 3604 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:45:01.0865 3604 IPMIDRV - ok
15:45:01.0896 3604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:45:01.0896 3604 IPNAT - ok
15:45:01.0943 3604 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
15:45:01.0958 3604 iPod Service - ok
15:45:02.0005 3604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:45:02.0005 3604 IRENUM - ok
15:45:02.0021 3604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:45:02.0021 3604 isapnp - ok
15:45:02.0052 3604 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:45:02.0052 3604 iScsiPrt - ok
15:45:02.0099 3604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:45:02.0099 3604 kbdclass - ok
15:45:02.0130 3604 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:45:02.0130 3604 kbdhid - ok
15:45:02.0177 3604 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:02.0177 3604 KeyIso - ok
15:45:02.0223 3604 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
15:45:02.0223 3604 KSecDD - ok
15:45:02.0255 3604 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
15:45:02.0255 3604 KSecPkg - ok
15:45:02.0348 3604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:45:02.0348 3604 ksthunk - ok
15:45:02.0395 3604 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:45:02.0411 3604 KtmRm - ok
15:45:02.0489 3604 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
15:45:02.0489 3604 LanmanServer - ok
15:45:02.0535 3604 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:45:02.0535 3604 LanmanWorkstation - ok
15:45:02.0582 3604 LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:45:02.0629 3604 LightScribeService - ok
15:45:02.0723 3604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:45:02.0723 3604 lltdio - ok
15:45:02.0769 3604 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:45:02.0785 3604 lltdsvc - ok
15:45:02.0816 3604 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:45:02.0816 3604 lmhosts - ok
15:45:02.0879 3604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:45:02.0879 3604 LSI_FC - ok
15:45:02.0910 3604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:45:02.0910 3604 LSI_SAS - ok
15:45:02.0925 3604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:45:02.0925 3604 LSI_SAS2 - ok
15:45:02.0957 3604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:45:02.0972 3604 LSI_SCSI - ok
15:45:03.0035 3604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:45:03.0035 3604 luafv - ok
15:45:03.0097 3604 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:45:03.0097 3604 Mcx2Svc - ok
15:45:03.0128 3604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:45:03.0128 3604 megasas - ok
15:45:03.0159 3604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:45:03.0159 3604 MegaSR - ok
15:45:03.0222 3604 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:45:03.0237 3604 MMCSS - ok
15:45:03.0253 3604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:45:03.0253 3604 Modem - ok
15:45:03.0300 3604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:45:03.0315 3604 monitor - ok
15:45:03.0362 3604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:45:03.0362 3604 mouclass - ok
15:45:03.0456 3604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:45:03.0456 3604 mouhid - ok
15:45:03.0518 3604 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:45:03.0518 3604 mountmgr - ok
15:45:03.0596 3604 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
15:45:03.0612 3604 MpFilter - ok
15:45:03.0643 3604 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:45:03.0659 3604 mpio - ok
15:45:03.0674 3604 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:45:03.0674 3604 MpNWMon - ok
15:45:03.0705 3604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:45:03.0721 3604 mpsdrv - ok
15:45:03.0752 3604 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
15:45:03.0768 3604 MpsSvc - ok
15:45:03.0783 3604 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:45:03.0799 3604 MRxDAV - ok
15:45:03.0830 3604 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:45:03.0830 3604 mrxsmb - ok
15:45:03.0893 3604 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:45:03.0893 3604 mrxsmb10 - ok
15:45:03.0908 3604 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:45:03.0908 3604 mrxsmb20 - ok
15:45:03.0939 3604 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:45:03.0955 3604 msahci - ok
15:45:03.0971 3604 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:45:03.0971 3604 msdsm - ok
15:45:04.0002 3604 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:45:04.0017 3604 MSDTC - ok
15:45:04.0049 3604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:45:04.0049 3604 Msfs - ok
15:45:04.0064 3604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:45:04.0080 3604 mshidkmdf - ok
15:45:04.0095 3604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:45:04.0095 3604 msisadrv - ok
15:45:04.0127 3604 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:45:04.0142 3604 MSiSCSI - ok
15:45:04.0142 3604 msiserver - ok
15:45:04.0236 3604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:45:04.0236 3604 MSKSSRV - ok
15:45:04.0376 3604 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
15:45:04.0376 3604 MsMpSvc - ok
15:45:04.0439 3604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:45:04.0439 3604 MSPCLOCK - ok
15:45:04.0485 3604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:45:04.0485 3604 MSPQM - ok
15:45:04.0517 3604 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:45:04.0517 3604 MsRPC - ok
15:45:04.0563 3604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:45:04.0563 3604 mssmbios - ok
15:45:04.0595 3604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:45:04.0595 3604 MSTEE - ok
15:45:04.0626 3604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:45:04.0626 3604 MTConfig - ok
15:45:04.0657 3604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:45:04.0673 3604 Mup - ok
15:45:04.0704 3604 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:45:04.0719 3604 napagent - ok
15:45:04.0797 3604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:45:04.0797 3604 NativeWifiP - ok
15:45:04.0907 3604 NAV (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe
15:45:04.0922 3604 NAV - ok
15:45:05.0047 3604 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120327.008\ENG64.SYS
15:45:05.0063 3604 NAVENG - ok
15:45:05.0141 3604 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120327.008\EX64.SYS
15:45:05.0187 3604 NAVEX15 - ok
15:45:05.0297 3604 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:45:05.0312 3604 NDIS - ok
15:45:05.0359 3604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:45:05.0359 3604 NdisCap - ok
15:45:05.0406 3604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:45:05.0421 3604 NdisTapi - ok
15:45:05.0453 3604 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:45:05.0453 3604 Ndisuio - ok
15:45:05.0484 3604 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:45:05.0484 3604 NdisWan - ok
15:45:05.0515 3604 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:45:05.0515 3604 NDProxy - ok
15:45:05.0531 3604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:45:05.0546 3604 NetBIOS - ok
15:45:05.0577 3604 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:45:05.0577 3604 NetBT - ok
15:45:05.0609 3604 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:05.0609 3604 Netlogon - ok
15:45:05.0687 3604 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:45:05.0702 3604 Netman - ok
15:45:05.0733 3604 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:45:05.0749 3604 netprofm - ok
15:45:05.0827 3604 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys
15:45:05.0843 3604 netr28ux - ok
15:45:05.0889 3604 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:45:05.0889 3604 NetTcpPortSharing - ok
15:45:05.0967 3604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:45:05.0967 3604 nfrd960 - ok
15:45:06.0014 3604 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:45:06.0014 3604 NisDrv - ok
15:45:06.0123 3604 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
15:45:06.0139 3604 NisSrv - ok
15:45:06.0217 3604 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:45:06.0217 3604 NlaSvc - ok
15:45:06.0264 3604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:45:06.0264 3604 Npfs - ok
15:45:06.0295 3604 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:45:06.0295 3604 nsi - ok
15:45:06.0311 3604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:45:06.0311 3604 nsiproxy - ok
15:45:06.0389 3604 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:45:06.0420 3604 Ntfs - ok
15:45:06.0451 3604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:45:06.0451 3604 Null - ok
15:45:06.0732 3604 nvlddmkm (c967514483fa30a0a352e70bb6414d1d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:45:06.0950 3604 nvlddmkm - ok
15:45:06.0997 3604 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
15:45:06.0997 3604 NVNET - ok
15:45:07.0044 3604 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:45:07.0044 3604 nvraid - ok
15:45:07.0075 3604 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:45:07.0075 3604 nvstor - ok
15:45:07.0106 3604 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
15:45:07.0122 3604 nvstor64 - ok
15:45:07.0200 3604 nvsvc (e26706a65d97ef9188b1d7bfa23c96c2) C:\Windows\system32\nvvsvc.exe
15:45:07.0231 3604 nvsvc - ok
15:45:07.0278 3604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:45:07.0278 3604 nv_agp - ok
15:45:07.0309 3604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:45:07.0309 3604 ohci1394 - ok
15:45:07.0403 3604 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:45:07.0403 3604 ose - ok
15:45:07.0559 3604 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:45:07.0637 3604 osppsvc - ok
15:45:07.0699 3604 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:45:07.0699 3604 p2pimsvc - ok
15:45:07.0730 3604 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:45:07.0730 3604 p2psvc - ok
15:45:07.0777 3604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:45:07.0777 3604 Parport - ok
15:45:07.0808 3604 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:45:07.0808 3604 partmgr - ok
15:45:07.0917 3604 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
15:45:07.0933 3604 pbfilter - ok
15:45:07.0964 3604 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:45:07.0964 3604 PcaSvc - ok
15:45:07.0995 3604 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:45:07.0995 3604 pci - ok
15:45:08.0027 3604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:45:08.0027 3604 pciide - ok
15:45:08.0058 3604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:45:08.0058 3604 pcmcia - ok
15:45:08.0105 3604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:45:08.0105 3604 pcw - ok
15:45:08.0136 3604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:45:08.0136 3604 PEAUTH - ok
15:45:08.0198 3604 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:45:08.0198 3604 PerfHost - ok
15:45:08.0276 3604 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:45:08.0292 3604 pla - ok
15:45:08.0370 3604 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
15:45:08.0370 3604 PlugPlay - ok
15:45:08.0417 3604 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:45:08.0417 3604 PNRPAutoReg - ok
15:45:08.0448 3604 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:45:08.0448 3604 PNRPsvc - ok
15:45:08.0479 3604 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:45:08.0495 3604 PolicyAgent - ok
15:45:08.0526 3604 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:45:08.0541 3604 Power - ok
15:45:08.0588 3604 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:45:08.0604 3604 PptpMiniport - ok
15:45:08.0651 3604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:45:08.0651 3604 Processor - ok
15:45:08.0713 3604 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
15:45:08.0713 3604 ProfSvc - ok
15:45:08.0760 3604 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:08.0760 3604 ProtectedStorage - ok
15:45:08.0822 3604 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:45:08.0822 3604 Psched - ok
15:45:08.0885 3604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:45:08.0931 3604 ql2300 - ok
15:45:08.0947 3604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:45:08.0963 3604 ql40xx - ok
15:45:08.0994 3604 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:45:08.0994 3604 QWAVE - ok
15:45:09.0025 3604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:45:09.0025 3604 QWAVEdrv - ok
15:45:09.0041 3604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:45:09.0041 3604 RasAcd - ok
15:45:09.0087 3604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:45:09.0103 3604 RasAgileVpn - ok
15:45:09.0119 3604 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:45:09.0119 3604 RasAuto - ok
15:45:09.0150 3604 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:45:09.0150 3604 Rasl2tp - ok
15:45:09.0181 3604 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:45:09.0181 3604 RasMan - ok
15:45:09.0212 3604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:45:09.0228 3604 RasPppoe - ok
15:45:09.0243 3604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:45:09.0243 3604 RasSstp - ok
15:45:09.0275 3604 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:45:09.0275 3604 rdbss - ok
15:45:09.0306 3604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:45:09.0306 3604 rdpbus - ok
15:45:09.0337 3604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:45:09.0337 3604 RDPCDD - ok
15:45:09.0353 3604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:45:09.0353 3604 RDPENCDD - ok
15:45:09.0384 3604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:45:09.0384 3604 RDPREFMP - ok
15:45:09.0431 3604 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
15:45:09.0431 3604 RDPWD - ok
15:45:09.0446 3604 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:45:09.0462 3604 rdyboost - ok
15:45:09.0493 3604 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:45:09.0493 3604 RemoteAccess - ok
15:45:09.0524 3604 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:45:09.0540 3604 RemoteRegistry - ok
15:45:09.0602 3604 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:45:09.0602 3604 RFCOMM - ok
15:45:09.0665 3604 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:45:09.0680 3604 RpcEptMapper - ok
15:45:09.0711 3604 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:45:09.0711 3604 RpcLocator - ok
15:45:09.0758 3604 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:45:09.0774 3604 RpcSs - ok
15:45:09.0852 3604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:45:09.0852 3604 rspndr - ok
15:45:09.0945 3604 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys
15:45:09.0961 3604 RTL8192su - ok
15:45:09.0992 3604 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:10.0008 3604 SamSs - ok
15:45:10.0039 3604 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:45:10.0039 3604 sbp2port - ok
15:45:10.0070 3604 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:45:10.0086 3604 SCardSvr - ok
15:45:10.0117 3604 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:45:10.0117 3604 scfilter - ok
15:45:10.0164 3604 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
15:45:10.0195 3604 Schedule - ok
15:45:10.0226 3604 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:45:10.0226 3604 SCPolicySvc - ok
15:45:10.0273 3604 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:45:10.0289 3604 SDRSVC - ok
15:45:10.0320 3604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:45:10.0320 3604 secdrv - ok
15:45:10.0351 3604 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:45:10.0351 3604 seclogon - ok
15:45:10.0382 3604 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:45:10.0382 3604 SENS - ok
15:45:10.0429 3604 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:45:10.0429 3604 SensrSvc - ok
15:45:10.0460 3604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:45:10.0460 3604 Serenum - ok
15:45:10.0491 3604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:45:10.0507 3604 Serial - ok
15:45:10.0538 3604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:45:10.0538 3604 sermouse - ok
15:45:10.0569 3604 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:45:10.0569 3604 SessionEnv - ok
15:45:10.0616 3604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:45:10.0616 3604 sffdisk - ok
15:45:10.0632 3604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:45:10.0632 3604 sffp_mmc - ok
15:45:10.0663 3604 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:45:10.0663 3604 sffp_sd - ok
15:45:10.0694 3604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:45:10.0694 3604 sfloppy - ok
15:45:10.0772 3604 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:45:10.0788 3604 Sftfs - ok
15:45:10.0897 3604 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:45:10.0897 3604 sftlist - ok
15:45:10.0944 3604 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:45:10.0944 3604 Sftplay - ok
15:45:10.0975 3604 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:45:10.0975 3604 Sftredir - ok
15:45:11.0022 3604 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:45:11.0022 3604 Sftvol - ok
15:45:11.0069 3604 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:45:11.0069 3604 sftvsa - ok
15:45:11.0115 3604 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:45:11.0115 3604 SharedAccess - ok
15:45:11.0147 3604 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:45:11.0162 3604 ShellHWDetection - ok
15:45:11.0225 3604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:45:11.0225 3604 SiSRaid2 - ok
15:45:11.0271 3604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:45:11.0287 3604 SiSRaid4 - ok
15:45:11.0334 3604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:45:11.0334 3604 Smb - ok
15:45:11.0396 3604 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:45:11.0396 3604 SNMPTRAP - ok
15:45:11.0443 3604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:45:11.0443 3604 spldr - ok
15:45:11.0505 3604 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
15:45:11.0505 3604 Spooler - ok
15:45:11.0599 3604 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:45:11.0661 3604 sppsvc - ok
15:45:11.0693 3604 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:45:11.0693 3604 sppuinotify - ok
15:45:11.0802 3604 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS
15:45:11.0833 3604 SRTSP - ok
15:45:11.0864 3604 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS
15:45:11.0880 3604 SRTSPX - ok
15:45:11.0927 3604 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:45:11.0927 3604 srv - ok
15:45:11.0958 3604 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:45:11.0973 3604 srv2 - ok
15:45:11.0989 3604 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:45:12.0005 3604 srvnet - ok
15:45:12.0051 3604 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:45:12.0051 3604 SSDPSRV - ok
15:45:12.0083 3604 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:45:12.0083 3604 SstpSvc - ok
15:45:12.0114 3604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:45:12.0114 3604 stexstor - ok
15:45:12.0176 3604 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:45:12.0192 3604 stisvc - ok
15:45:12.0223 3604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:45:12.0223 3604 swenum - ok
15:45:12.0254 3604 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:45:12.0270 3604 swprv - ok
15:45:12.0363 3604 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS
15:45:12.0379 3604 SymDS - ok
15:45:12.0426 3604 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS
15:45:12.0426 3604 SymEFA - ok
15:45:12.0488 3604 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:45:12.0488 3604 SymEvent - ok
15:45:12.0504 3604 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS
15:45:12.0519 3604 SymIRON - ok
15:45:12.0551 3604 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS
15:45:12.0566 3604 SymNetS - ok
15:45:12.0613 3604 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:45:12.0644 3604 SysMain - ok
15:45:12.0691 3604 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:45:12.0691 3604 TabletInputService - ok
15:45:12.0722 3604 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:45:12.0722 3604 TapiSrv - ok
15:45:12.0753 3604 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:45:12.0753 3604 TBS - ok
15:45:12.0831 3604 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
15:45:12.0863 3604 Tcpip - ok
15:45:12.0941 3604 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
15:45:12.0941 3604 TCPIP6 - ok
15:45:12.0987 3604 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:45:12.0987 3604 tcpipreg - ok
15:45:13.0019 3604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:45:13.0019 3604 TDPIPE - ok
15:45:13.0050 3604 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
15:45:13.0065 3604 TDTCP - ok
15:45:13.0097 3604 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:45:13.0112 3604 tdx - ok
15:45:13.0143 3604 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:45:13.0143 3604 TermDD - ok
15:45:13.0175 3604 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:45:13.0190 3604 TermService - ok
15:45:13.0221 3604 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:45:13.0221 3604 Themes - ok
15:45:13.0253 3604 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:45:13.0253 3604 THREADORDER - ok
15:45:13.0315 3604 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:45:13.0331 3604 TrkWks - ok
15:45:13.0362 3604 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:45:13.0362 3604 TrustedInstaller - ok
15:45:13.0393 3604 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:13.0409 3604 tssecsrv - ok
15:45:13.0455 3604 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:45:13.0455 3604 tunnel - ok
15:45:13.0487 3604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:45:13.0502 3604 uagp35 - ok
15:45:13.0533 3604 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:45:13.0533 3604 udfs - ok
15:45:13.0565 3604 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:45:13.0580 3604 UI0Detect - ok
15:45:13.0627 3604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:45:13.0643 3604 uliagpkx - ok
15:45:13.0705 3604 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:45:13.0721 3604 umbus - ok
15:45:13.0752 3604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:45:13.0752 3604 UmPass - ok
15:45:13.0783 3604 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:45:13.0799 3604 upnphost - ok
15:45:13.0845 3604 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:45:13.0845 3604 USBAAPL64 - ok
15:45:13.0892 3604 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:13.0892 3604 usbccgp - ok
15:45:13.0955 3604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:45:13.0955 3604 usbcir - ok
15:45:14.0017 3604 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
15:45:14.0017 3604 usbehci - ok
15:45:14.0095 3604 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
15:45:14.0095 3604 usbhub - ok
15:45:14.0142 3604 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
15:45:14.0142 3604 usbohci - ok
15:45:14.0173 3604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:45:14.0173 3604 usbprint - ok
15:45:14.0220 3604 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:45:14.0220 3604 usbscan - ok
15:45:14.0251 3604 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:14.0267 3604 USBSTOR - ok
15:45:14.0298 3604 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
15:45:14.0313 3604 usbuhci - ok
15:45:14.0345 3604 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:45:14.0345 3604 UxSms - ok
15:45:14.0391 3604 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:14.0391 3604 VaultSvc - ok
15:45:14.0438 3604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:45:14.0438 3604 vdrvroot - ok
15:45:14.0485 3604 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:45:14.0485 3604 vds - ok
15:45:14.0516 3604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:14.0516 3604 vga - ok
15:45:14.0547 3604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:45:14.0547 3604 VgaSave - ok
15:45:14.0579 3604 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:45:14.0579 3604 vhdmp - ok
15:45:14.0610 3604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:45:14.0625 3604 viaide - ok
15:45:14.0641 3604 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:45:14.0641 3604 volmgr - ok
15:45:14.0672 3604 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:45:14.0672 3604 volmgrx - ok
15:45:14.0719 3604 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:45:14.0719 3604 volsnap - ok
15:45:14.0766 3604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:45:14.0766 3604 vsmraid - ok
15:45:14.0828 3604 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:45:14.0859 3604 VSS - ok
15:45:14.0906 3604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:45:14.0922 3604 vwifibus - ok
15:45:14.0953 3604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:45:14.0953 3604 vwififlt - ok
15:45:15.0000 3604 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:45:15.0015 3604 vwifimp - ok
15:45:15.0047 3604 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:45:15.0062 3604 W32Time - ok
15:45:15.0093 3604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:45:15.0093 3604 WacomPen - ok
15:45:15.0140 3604 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:15.0140 3604 WANARP - ok
15:45:15.0156 3604 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:15.0156 3604 Wanarpv6 - ok
15:45:15.0234 3604 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:45:15.0265 3604 WatAdminSvc - ok
15:45:15.0327 3604 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:45:15.0359 3604 wbengine - ok
15:45:15.0390 3604 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:45:15.0390 3604 WbioSrvc - ok
15:45:15.0437 3604 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
15:45:15.0452 3604 wcncsvc - ok
15:45:15.0468 3604 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:45:15.0468 3604 WcsPlugInService - ok
15:45:15.0515 3604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:45:15.0515 3604 Wd - ok
15:45:15.0546 3604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:45:15.0561 3604 Wdf01000 - ok
15:45:15.0577 3604 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:15.0577 3604 WdiServiceHost - ok
15:45:15.0593 3604 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:15.0593 3604 WdiSystemHost - ok
15:45:15.0639 3604 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
15:45:15.0639 3604 WebClient - ok
15:45:15.0671 3604 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:45:15.0671 3604 Wecsvc - ok
15:45:15.0702 3604 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:45:15.0702 3604 wercplsupport - ok
15:45:15.0733 3604 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:45:15.0733 3604 WerSvc - ok
15:45:15.0811 3604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:45:15.0811 3604 WfpLwf - ok
15:45:15.0842 3604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:45:15.0842 3604 WIMMount - ok
15:45:15.0858 3604 WinDefend - ok
15:45:15.0873 3604 WinHttpAutoProxySvc - ok
15:45:15.0920 3604 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:45:15.0936 3604 Winmgmt - ok
15:45:16.0014 3604 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:45:16.0045 3604 WinRM - ok
15:45:16.0154 3604 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:45:16.0154 3604 WinUsb - ok
15:45:16.0185 3604 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:45:16.0201 3604 Wlansvc - ok
15:45:16.0310 3604 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:45:16.0310 3604 wlcrasvc - ok
15:45:16.0451 3604 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:45:16.0497 3604 wlidsvc - ok
15:45:16.0575 3604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:45:16.0575 3604 WmiAcpi - ok
15:45:16.0622 3604 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:45:16.0638 3604 wmiApSrv - ok
15:45:16.0653 3604 WMPNetworkSvc - ok
15:45:16.0685 3604 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:45:16.0685 3604 WPCSvc - ok
15:45:16.0716 3604 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:45:16.0716 3604 WPDBusEnum - ok
15:45:16.0747 3604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:45:16.0747 3604 ws2ifsl - ok
15:45:16.0794 3604 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
15:45:16.0794 3604 wscsvc - ok
15:45:16.0809 3604 WSearch - ok
15:45:16.0887 3604 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
15:45:16.0934 3604 wuauserv - ok
15:45:16.0965 3604 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:45:16.0965 3604 WudfPf - ok
15:45:17.0028 3604 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:45:17.0028 3604 WUDFRd - ok
15:45:17.0059 3604 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:45:17.0059 3604 wudfsvc - ok
15:45:17.0090 3604 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:45:17.0090 3604 WwanSvc - ok
15:45:17.0199 3604 MBR (0x1B8) (e9e1952e8c9ff3cb45f3696d0c75f6d8) \Device\Harddisk0\DR0
15:45:17.0527 3604 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:45:17.0527 3604 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:45:17.0543 3604 Boot (0x1200) (572e3775cf86c05dd76b2bdc6c56ddd7) \Device\Harddisk0\DR0\Partition0
15:45:17.0543 3604 \Device\Harddisk0\DR0\Partition0 - ok
15:45:17.0558 3604 Boot (0x1200) (baa1490312ae4e609d4d476be29d421a) \Device\Harddisk0\DR0\Partition1
15:45:17.0558 3604 \Device\Harddisk0\DR0\Partition1 - ok
15:45:17.0605 3604 Boot (0x1200) (3bde9d8e097e05b9eacea4aa2fcdb297) \Device\Harddisk0\DR0\Partition2
15:45:17.0605 3604 \Device\Harddisk0\DR0\Partition2 - ok
15:45:17.0605 3604 ============================================================
15:45:17.0605 3604 Scan finished
15:45:17.0605 3604 ============================================================
15:45:17.0621 4956 Detected object count: 1
15:45:17.0621 4956 Actual detected object count: 1
15:45:24.0344 4956 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

Edited by Lorreign, 27 March 2012 - 02:46 PM.

#11 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 27 March 2012 - 08:43 PM

Still need MBAM clean log :thumbup2:

#12 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 27 March 2012 - 11:22 PM

oh sorry didn't know you wanted that one too. I ran it and it came back clean afterwards but I will get you a log tomorrow when I get home from class. Everything else is showing clean now except for a brief period where microsoft security essentials kept popping up that something was detected and then removed over and over a few times. Is it okay that the aswMBR log keeps saying this

12:29:33.534 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
12:29:33.706 File: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
12:32:48.165 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\aswar0.dll **INFECTED** Win32:Malware-gen
12:32:48.789 File: C:\Users\Michelle\AppData\Local\Temp\_av4_\data\updldr0.bin **INFECTED** Win32:Malware-gen
12:46:10.664 AVAST engine scan C:\ProgramData
12:48:37.446 File: C:\ProgramData\Microsoft\Windows\DRM\E590.tmp **INFECTED** Win32:Malware-gen
12:48:37.508 File: C:\ProgramData\Microsoft\Windows\DRM\E5A1.tmp **INFECTED** Win32:Malware-gen

when nothing else comes up with anything? I found that a bit troubling.

anyway, will get you the logs tomorrow and await further instructions :)

#13 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 28 March 2012 - 02:14 AM

Lets look at aswmbr log after i get this log

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#14 Lorreign

Lorreign

    Member

  • Members
  • PipPip
  • 31 posts

Posted 29 March 2012 - 05:15 PM

heres malwarebytes log

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.23.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Michelle :: MICHELLE-PC [administrator]

3/29/2012 9:02:16 AM
mbam-log-2012-03-29 (18-12-27).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 447299
Time elapsed: 1 hour(s), 10 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\TDSSKiller_Quarantine\27.03.2012_10.51.34\mbr0000\tdlfs0000\tsk0004.dta (Rootkit.Agent.Gen) -> No action taken.
C:\TDSSKiller_Quarantine\27.03.2012_15.44.46\tdlfs0000\tsk0001.dta (Rootkit.Agent.Gen) -> No action taken.

(end)

#15 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 29 March 2012 - 08:31 PM

Go to C drive,delete TDSS quarantine folder

Waiting for other logs
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·