Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TR/ATRAPS.GEN2

Started by JMAXWORTHY , Jul 07 2012 01:32 AM

  • Please log in to reply
3 replies to this topic

#1 JMAXWORTHY

JMAXWORTHY

    New Member

  • Members
  • Pip
  • 14 posts

Posted 07 July 2012 - 01:32 AM

Hello - I really need help getting rid of TR/ATRAPS.GEN2.

Avira initiates a notice regularlly of it in c:\windows\installer\... and I select "remove" but it returns.

I have run Avira and Malwarebytes in regular mode and in safe mode. Both programs detects it (them) and other trojans / virus, I delete or quarantine them and reboot, but they return.

I am ready for any help that can be offered. Thank you.

John Maxworthy

 

  • BC Ads
  • BleepingComputer.com

#2 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 07 July 2012 - 04:44 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 JMAXWORTHY

JMAXWORTHY

    New Member

  • Members
  • Pip
  • 14 posts

Posted 09 July 2012 - 04:01 PM

Hello - below are the text files from TDSSKILLER, aswMBR and ESET. I believe aswMBR stopped scanning when it found TDSSKILLER. Should I repeat the scans? Thanks.

05:48:32.0447 8504 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
05:48:32.0678 8504 ============================================================
05:48:32.0678 8504 Current date / time: 2012/07/09 05:48:32.0678
05:48:32.0678 8504 SystemInfo:
05:48:32.0678 8504
05:48:32.0678 8504 OS Version: 6.1.7601 ServicePack: 1.0
05:48:32.0678 8504 Product type: Workstation
05:48:32.0678 8504 ComputerName: JMAXWORTHY-PC
05:48:32.0678 8504 UserName: JMAXWORTHY
05:48:32.0678 8504 Windows directory: C:\Windows
05:48:32.0678 8504 System windows directory: C:\Windows
05:48:32.0678 8504 Running under WOW64
05:48:32.0678 8504 Processor architecture: Intel x64
05:48:32.0678 8504 Number of processors: 4
05:48:32.0678 8504 Page size: 0x1000
05:48:32.0678 8504 Boot type: Normal boot
05:48:32.0678 8504 ============================================================
05:48:35.0275 8504 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:48:35.0305 8504 ============================================================
05:48:35.0305 8504 \Device\Harddisk0\DR0:
05:48:35.0325 8504 MBR partitions:
05:48:35.0325 8504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
05:48:35.0325 8504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x729A65B0
05:48:35.0325 8504 ============================================================
05:48:35.0404 8504 C: <-> \Device\Harddisk0\DR0\Partition1
05:48:35.0404 8504 ============================================================
05:48:35.0404 8504 Initialize success
05:48:35.0404 8504 ============================================================
05:49:04.0960 1016 ============================================================
05:49:04.0960 1016 Scan started
05:49:04.0960 1016 Mode: Manual; TDLFS;
05:49:04.0960 1016 ============================================================
05:49:07.0647 1016 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
05:49:07.0656 1016 1394ohci - ok
05:49:07.0757 1016 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
05:49:07.0767 1016 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
05:49:07.0803 1016 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
05:49:07.0810 1016 ACDaemon - ok
05:49:07.0858 1016 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
05:49:07.0861 1016 ACPI - ok
05:49:07.0881 1016 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
05:49:07.0884 1016 AcpiPmi - ok
05:49:08.0000 1016 AdobeActiveFileMonitor10.0 (c245e08ec469a52a622efdc9787a0dcc) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
05:49:08.0001 1016 AdobeActiveFileMonitor10.0 - ok
05:49:08.0072 1016 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
05:49:08.0078 1016 AdobeActiveFileMonitor9.0 - ok
05:49:08.0143 1016 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:49:08.0163 1016 adp94xx - ok
05:49:08.0189 1016 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:49:08.0197 1016 adpahci - ok
05:49:08.0218 1016 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:49:08.0224 1016 adpu320 - ok
05:49:08.0253 1016 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
05:49:08.0254 1016 AeLookupSvc - ok
05:49:08.0307 1016 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
05:49:08.0312 1016 AERTFilters - ok
05:49:08.0394 1016 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
05:49:08.0398 1016 Afc - ok
05:49:08.0448 1016 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
05:49:08.0470 1016 AFD - ok
05:49:08.0500 1016 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
05:49:08.0501 1016 agp440 - ok
05:49:08.0517 1016 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
05:49:08.0524 1016 ALG - ok
05:49:08.0552 1016 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
05:49:08.0555 1016 aliide - ok
05:49:08.0570 1016 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
05:49:08.0573 1016 amdide - ok
05:49:08.0585 1016 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:49:08.0591 1016 AmdK8 - ok
05:49:08.0605 1016 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:49:08.0611 1016 AmdPPM - ok
05:49:08.0636 1016 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
05:49:08.0643 1016 amdsata - ok
05:49:08.0669 1016 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:49:08.0677 1016 amdsbs - ok
05:49:08.0691 1016 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
05:49:08.0695 1016 amdxata - ok
05:49:08.0805 1016 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
05:49:08.0811 1016 AntiVirSchedulerService - ok
05:49:08.0845 1016 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
05:49:08.0847 1016 AntiVirService - ok
05:49:08.0995 1016 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
05:49:09.0013 1016 AppID - ok
05:49:09.0020 1016 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
05:49:09.0025 1016 AppIDSvc - ok
05:49:09.0057 1016 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
05:49:09.0058 1016 Appinfo - ok
05:49:09.0132 1016 Apple Mobile Device (2e3e53a6aef23e24f402c7855b9b1542) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:49:09.0139 1016 Apple Mobile Device - ok
05:49:09.0155 1016 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:49:09.0160 1016 arc - ok
05:49:09.0174 1016 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:49:09.0180 1016 arcsas - ok
05:49:09.0273 1016 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:49:09.0291 1016 aspnet_state - ok
05:49:09.0310 1016 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:49:09.0314 1016 AsyncMac - ok
05:49:09.0325 1016 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
05:49:09.0326 1016 atapi - ok
05:49:09.0421 1016 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
05:49:09.0442 1016 athr - ok
05:49:09.0570 1016 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:49:09.0575 1016 AudioEndpointBuilder - ok
05:49:09.0580 1016 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:49:09.0583 1016 AudioSrv - ok
05:49:09.0636 1016 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
05:49:09.0641 1016 avgntflt - ok
05:49:09.0657 1016 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
05:49:09.0664 1016 avipbb - ok
05:49:09.0702 1016 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
05:49:09.0707 1016 AxInstSV - ok
05:49:09.0754 1016 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:49:09.0773 1016 b06bdrv - ok
05:49:09.0811 1016 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:49:09.0819 1016 b57nd60a - ok
05:49:09.0933 1016 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
05:49:09.0941 1016 BBSvc - ok
05:49:09.0972 1016 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
05:49:09.0977 1016 BDESVC - ok
05:49:09.0989 1016 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:49:09.0991 1016 Beep - ok
05:49:10.0055 1016 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
05:49:10.0062 1016 BITS - ok
05:49:10.0076 1016 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:49:10.0081 1016 blbdrive - ok
05:49:10.0155 1016 Bonjour Service (5ab58c337ac65837fe404462ad6265ab) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
05:49:10.0162 1016 Bonjour Service - ok
05:49:10.0194 1016 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
05:49:10.0199 1016 bowser - ok
05:49:10.0217 1016 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:49:10.0217 1016 BrFiltLo - ok
05:49:10.0226 1016 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:49:10.0226 1016 BrFiltUp - ok
05:49:10.0247 1016 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
05:49:10.0248 1016 Browser - ok
05:49:10.0280 1016 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:49:10.0281 1016 Brserid - ok
05:49:10.0290 1016 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:49:10.0294 1016 BrSerWdm - ok
05:49:10.0303 1016 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:49:10.0306 1016 BrUsbMdm - ok
05:49:10.0309 1016 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:49:10.0312 1016 BrUsbSer - ok
05:49:10.0320 1016 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:49:10.0325 1016 BTHMODEM - ok
05:49:10.0341 1016 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
05:49:10.0346 1016 bthserv - ok
05:49:10.0356 1016 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:49:10.0361 1016 cdfs - ok
05:49:10.0403 1016 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
05:49:10.0410 1016 cdrom - ok
05:49:10.0426 1016 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:49:10.0427 1016 CertPropSvc - ok
05:49:10.0438 1016 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:49:10.0442 1016 circlass - ok
05:49:10.0488 1016 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:49:10.0491 1016 CLFS - ok
05:49:10.0568 1016 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:49:10.0573 1016 clr_optimization_v2.0.50727_32 - ok
05:49:10.0632 1016 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:49:10.0637 1016 clr_optimization_v2.0.50727_64 - ok
05:49:10.0713 1016 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:49:10.0742 1016 clr_optimization_v4.0.30319_32 - ok
05:49:10.0778 1016 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:49:10.0780 1016 clr_optimization_v4.0.30319_64 - ok
05:49:10.0793 1016 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:49:10.0796 1016 CmBatt - ok
05:49:10.0818 1016 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
05:49:10.0822 1016 cmdide - ok
05:49:10.0868 1016 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
05:49:10.0883 1016 CNG - ok
05:49:10.0895 1016 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:49:10.0900 1016 Compbatt - ok
05:49:10.0934 1016 CompFilter64 (11cc395d18ff03e95e8c6a149c84c91b) C:\Windows\system32\DRIVERS\lvbflt64.sys
05:49:10.0938 1016 CompFilter64 - ok
05:49:10.0974 1016 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
05:49:10.0978 1016 CompositeBus - ok
05:49:10.0985 1016 COMSysApp - ok
05:49:11.0000 1016 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:49:11.0005 1016 crcdisk - ok
05:49:11.0047 1016 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
05:49:11.0048 1016 CryptSvc - ok
05:49:11.0104 1016 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:49:11.0108 1016 DcomLaunch - ok
05:49:11.0150 1016 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
05:49:11.0161 1016 defragsvc - ok
05:49:11.0205 1016 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
05:49:11.0210 1016 DfsC - ok
05:49:11.0258 1016 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
05:49:11.0260 1016 Dhcp - ok
05:49:11.0272 1016 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:49:11.0276 1016 discache - ok
05:49:11.0298 1016 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:49:11.0303 1016 Disk - ok
05:49:11.0339 1016 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
05:49:11.0341 1016 Dnscache - ok
05:49:11.0434 1016 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
05:49:11.0440 1016 DockLoginService - ok
05:49:11.0484 1016 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
05:49:11.0485 1016 dot3svc - ok
05:49:11.0509 1016 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
05:49:11.0510 1016 DPS - ok
05:49:11.0559 1016 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:49:11.0559 1016 drmkaud - ok
05:49:11.0631 1016 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
05:49:11.0656 1016 DXGKrnl - ok
05:49:11.0691 1016 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
05:49:11.0692 1016 EapHost - ok
05:49:11.0814 1016 EaseUS Agent (64585b1d85ff7566b99ced303a02f357) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
05:49:11.0818 1016 EaseUS Agent - ok
05:49:11.0989 1016 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:49:12.0033 1016 ebdrv - ok
05:49:12.0123 1016 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
05:49:12.0124 1016 EFS - ok
05:49:12.0216 1016 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
05:49:12.0227 1016 ehRecvr - ok
05:49:12.0262 1016 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
05:49:12.0267 1016 ehSched - ok
05:49:12.0318 1016 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:49:12.0337 1016 elxstor - ok
05:49:12.0361 1016 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
05:49:12.0364 1016 ErrDev - ok
05:49:12.0424 1016 EUBAKUP (bf217be3db6907579c13438c6efe002d) C:\Windows\system32\drivers\eubakup.sys
05:49:12.0429 1016 EUBAKUP - ok
05:49:12.0444 1016 EUBKMON (92e3bd1f7d6d29a10929c1f9f7660fc3) C:\Windows\system32\drivers\EUBKMON.sys
05:49:12.0449 1016 EUBKMON - ok
05:49:12.0455 1016 EUDSKACS (d17446353e4fee5b7d710610e8b18ac4) C:\Windows\system32\drivers\eudskacs.sys
05:49:12.0458 1016 EUDSKACS - ok
05:49:12.0474 1016 EUFDDISK (8ad925da2e4bcd1a6e657a7248ccded2) C:\Windows\system32\drivers\EuFdDisk.sys
05:49:12.0483 1016 EUFDDISK - ok
05:49:12.0528 1016 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
05:49:12.0531 1016 EventSystem - ok
05:49:12.0569 1016 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:49:12.0575 1016 exfat - ok
05:49:12.0608 1016 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:49:12.0614 1016 fastfat - ok
05:49:12.0708 1016 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
05:49:12.0714 1016 Fax - ok
05:49:12.0725 1016 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:49:12.0726 1016 fdc - ok
05:49:12.0736 1016 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
05:49:12.0737 1016 fdPHost - ok
05:49:12.0746 1016 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
05:49:12.0746 1016 FDResPub - ok
05:49:12.0752 1016 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:49:12.0758 1016 FileInfo - ok
05:49:12.0770 1016 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:49:12.0774 1016 Filetrace - ok
05:49:12.0781 1016 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:49:12.0781 1016 flpydisk - ok
05:49:12.0817 1016 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
05:49:12.0826 1016 FltMgr - ok
05:49:12.0903 1016 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
05:49:12.0912 1016 FontCache - ok
05:49:13.0025 1016 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:49:13.0029 1016 FontCache3.0.0.0 - ok
05:49:13.0068 1016 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:49:13.0073 1016 FsDepends - ok
05:49:13.0098 1016 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
05:49:13.0102 1016 Fs_Rec - ok
05:49:13.0146 1016 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:49:13.0156 1016 fvevol - ok
05:49:13.0174 1016 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:49:13.0179 1016 gagp30kx - ok
05:49:13.0287 1016 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
05:49:13.0296 1016 GameConsoleService - ok
05:49:13.0329 1016 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:49:13.0333 1016 GEARAspiWDM - ok
05:49:13.0390 1016 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
05:49:13.0393 1016 GoToAssist - ok
05:49:13.0436 1016 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
05:49:13.0467 1016 gpsvc - ok
05:49:13.0565 1016 Guard Agent (a6a4223573cfcf87843cfcb3a9c237c7) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
05:49:13.0569 1016 Guard Agent - ok
05:49:13.0698 1016 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:49:13.0699 1016 gupdate - ok
05:49:13.0730 1016 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:49:13.0731 1016 gupdatem - ok
05:49:13.0741 1016 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:49:13.0745 1016 hcw85cir - ok
05:49:13.0791 1016 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
05:49:13.0792 1016 HDAudBus - ok
05:49:13.0819 1016 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
05:49:13.0824 1016 HECIx64 - ok
05:49:13.0837 1016 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:49:13.0840 1016 HidBatt - ok
05:49:13.0852 1016 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:49:13.0856 1016 HidBth - ok
05:49:13.0881 1016 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:49:13.0885 1016 HidIr - ok
05:49:13.0917 1016 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
05:49:13.0918 1016 hidserv - ok
05:49:13.0949 1016 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
05:49:13.0953 1016 HidUsb - ok
05:49:13.0976 1016 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
05:49:13.0976 1016 hkmsvc - ok
05:49:14.0010 1016 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
05:49:14.0021 1016 HomeGroupListener - ok
05:49:14.0059 1016 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
05:49:14.0060 1016 HomeGroupProvider - ok
05:49:14.0078 1016 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
05:49:14.0083 1016 HpSAMD - ok
05:49:14.0140 1016 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
05:49:14.0158 1016 HTTP - ok
05:49:14.0185 1016 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
05:49:14.0188 1016 hwpolicy - ok
05:49:14.0203 1016 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
05:49:14.0209 1016 i8042prt - ok
05:49:14.0244 1016 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
05:49:14.0252 1016 iaStorV - ok
05:49:14.0371 1016 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:49:14.0386 1016 idsvc - ok
05:49:14.0408 1016 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:49:14.0412 1016 iirsp - ok
05:49:14.0459 1016 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
05:49:14.0466 1016 IKEEXT - ok
05:49:14.0588 1016 IntcAzAudAddService (f04d22d7a49a1b2210dbadf0b803e870) C:\Windows\system32\drivers\RTKVHD64.sys
05:49:14.0653 1016 IntcAzAudAddService - ok
05:49:14.0776 1016 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
05:49:14.0784 1016 IntcDAud - ok
05:49:14.0800 1016 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
05:49:14.0803 1016 intelide - ok
05:49:14.0823 1016 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:49:14.0824 1016 intelppm - ok
05:49:14.0859 1016 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
05:49:14.0865 1016 IPBusEnum - ok
05:49:14.0907 1016 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:49:14.0912 1016 IpFilterDriver - ok
05:49:14.0923 1016 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
05:49:14.0929 1016 IPMIDRV - ok
05:49:14.0943 1016 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:49:14.0948 1016 IPNAT - ok
05:49:15.0036 1016 iPod Service (24595ec9236d7e421661a2d4ffbd901a) C:\Program Files\iPod\bin\iPodService.exe
05:49:15.0039 1016 iPod Service - ok
05:49:15.0054 1016 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:49:15.0057 1016 IRENUM - ok
05:49:15.0071 1016 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
05:49:15.0075 1016 isapnp - ok
05:49:15.0100 1016 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
05:49:15.0109 1016 iScsiPrt - ok
05:49:15.0163 1016 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
05:49:15.0172 1016 k57nd60a - ok
05:49:15.0186 1016 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
05:49:15.0191 1016 kbdclass - ok
05:49:15.0195 1016 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
05:49:15.0200 1016 kbdhid - ok
05:49:15.0231 1016 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:49:15.0232 1016 KeyIso - ok
05:49:15.0243 1016 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
05:49:15.0250 1016 KSecDD - ok
05:49:15.0269 1016 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
05:49:15.0277 1016 KSecPkg - ok
05:49:15.0292 1016 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:49:15.0295 1016 ksthunk - ok
05:49:15.0340 1016 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
05:49:15.0350 1016 KtmRm - ok
05:49:15.0384 1016 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
05:49:15.0386 1016 LanmanServer - ok
05:49:15.0422 1016 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
05:49:15.0423 1016 LanmanWorkstation - ok
05:49:15.0529 1016 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
05:49:15.0537 1016 LBTServ - ok
05:49:15.0580 1016 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
05:49:15.0585 1016 LHidFilt - ok
05:49:15.0678 1016 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:49:15.0720 1016 lltdio - ok
05:49:15.0758 1016 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
05:49:15.0766 1016 lltdsvc - ok
05:49:15.0778 1016 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
05:49:15.0782 1016 lmhosts - ok
05:49:15.0788 1016 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
05:49:15.0792 1016 LMouFilt - ok
05:49:15.0811 1016 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:49:15.0818 1016 LSI_FC - ok
05:49:15.0832 1016 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:49:15.0839 1016 LSI_SAS - ok
05:49:15.0858 1016 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:49:15.0863 1016 LSI_SAS2 - ok
05:49:15.0871 1016 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:49:15.0871 1016 LSI_SCSI - ok
05:49:15.0890 1016 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:49:15.0891 1016 luafv - ok
05:49:15.0927 1016 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
05:49:15.0932 1016 LVPr2M64 - ok
05:49:15.0934 1016 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
05:49:15.0934 1016 LVPr2Mon - ok
05:49:15.0968 1016 LVPrcS64 (9cd0dc863be5d40a762f7d84f11a8471) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
05:49:15.0969 1016 LVPrcS64 - ok
05:49:16.0009 1016 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
05:49:16.0018 1016 LVRS64 - ok
05:49:16.0217 1016 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
05:49:16.0276 1016 LVUVC64 - ok
05:49:16.0435 1016 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
05:49:16.0436 1016 Mcx2Svc - ok
05:49:16.0463 1016 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:49:16.0468 1016 megasas - ok
05:49:16.0493 1016 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:49:16.0502 1016 MegaSR - ok
05:49:16.0527 1016 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:49:16.0528 1016 MMCSS - ok
05:49:16.0546 1016 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:49:16.0550 1016 Modem - ok
05:49:16.0567 1016 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:49:16.0568 1016 monitor - ok
05:49:16.0604 1016 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:49:16.0609 1016 mouclass - ok
05:49:16.0626 1016 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:49:16.0630 1016 mouhid - ok
05:49:16.0675 1016 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
05:49:16.0681 1016 mountmgr - ok
05:49:16.0756 1016 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:49:16.0762 1016 MozillaMaintenance - ok
05:49:16.0792 1016 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
05:49:16.0799 1016 mpio - ok
05:49:16.0810 1016 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:49:16.0815 1016 mpsdrv - ok
05:49:16.0846 1016 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
05:49:16.0852 1016 MRxDAV - ok
05:49:16.0883 1016 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:49:16.0889 1016 mrxsmb - ok
05:49:16.0935 1016 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:49:16.0943 1016 mrxsmb10 - ok
05:49:16.0959 1016 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:49:16.0964 1016 mrxsmb20 - ok
05:49:16.0973 1016 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
05:49:16.0977 1016 msahci - ok
05:49:16.0996 1016 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
05:49:17.0003 1016 msdsm - ok
05:49:17.0020 1016 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
05:49:17.0027 1016 MSDTC - ok
05:49:17.0047 1016 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:49:17.0050 1016 Msfs - ok
05:49:17.0066 1016 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:49:17.0069 1016 mshidkmdf - ok
05:49:17.0081 1016 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
05:49:17.0085 1016 msisadrv - ok
05:49:17.0125 1016 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
05:49:17.0132 1016 MSiSCSI - ok
05:49:17.0134 1016 msiserver - ok
05:49:17.0157 1016 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:49:17.0160 1016 MSKSSRV - ok
05:49:17.0173 1016 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:49:17.0176 1016 MSPCLOCK - ok
05:49:17.0196 1016 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:49:17.0199 1016 MSPQM - ok
05:49:17.0238 1016 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
05:49:17.0247 1016 MsRPC - ok
05:49:17.0276 1016 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
05:49:17.0276 1016 mssmbios - ok
05:49:17.0287 1016 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:49:17.0290 1016 MSTEE - ok
05:49:17.0300 1016 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:49:17.0304 1016 MTConfig - ok
05:49:17.0314 1016 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:49:17.0319 1016 Mup - ok
05:49:17.0367 1016 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
05:49:17.0372 1016 napagent - ok
05:49:17.0431 1016 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:49:17.0440 1016 NativeWifiP - ok
05:49:17.0521 1016 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
05:49:17.0528 1016 NDIS - ok
05:49:17.0555 1016 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:49:17.0559 1016 NdisCap - ok
05:49:17.0571 1016 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:49:17.0574 1016 NdisTapi - ok
05:49:17.0600 1016 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
05:49:17.0605 1016 Ndisuio - ok
05:49:17.0643 1016 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
05:49:17.0650 1016 NdisWan - ok
05:49:17.0703 1016 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
05:49:17.0708 1016 NDProxy - ok
05:49:17.0717 1016 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:49:17.0721 1016 NetBIOS - ok
05:49:17.0760 1016 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
05:49:17.0769 1016 NetBT - ok
05:49:17.0799 1016 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:49:17.0800 1016 Netlogon - ok
05:49:17.0855 1016 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
05:49:17.0858 1016 Netman - ok
05:49:17.0983 1016 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:49:17.0990 1016 NetMsmqActivator - ok
05:49:17.0992 1016 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:49:17.0993 1016 NetPipeActivator - ok
05:49:18.0026 1016 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
05:49:18.0029 1016 netprofm - ok
05:49:18.0032 1016 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:49:18.0033 1016 NetTcpActivator - ok
05:49:18.0035 1016 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:49:18.0036 1016 NetTcpPortSharing - ok
05:49:18.0079 1016 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:49:18.0083 1016 nfrd960 - ok
05:49:18.0128 1016 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
05:49:18.0130 1016 NlaSvc - ok
05:49:18.0141 1016 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:49:18.0145 1016 Npfs - ok
05:49:18.0175 1016 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
05:49:18.0176 1016 nsi - ok
05:49:18.0179 1016 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:49:18.0183 1016 nsiproxy - ok
05:49:18.0274 1016 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
05:49:18.0319 1016 Ntfs - ok
05:49:18.0411 1016 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:49:18.0414 1016 Null - ok
05:49:18.0454 1016 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
05:49:18.0460 1016 NVHDA - ok
05:49:18.0948 1016 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:49:19.0132 1016 nvlddmkm - ok
05:49:19.0289 1016 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
05:49:19.0295 1016 nvraid - ok
05:49:19.0317 1016 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
05:49:19.0324 1016 nvstor - ok
05:49:19.0378 1016 nvsvc (fce8537bf5d504680212d536a3bfe5e2) C:\Windows\system32\nvvsvc.exe
05:49:19.0386 1016 nvsvc - ok
05:49:19.0427 1016 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
05:49:19.0432 1016 nv_agp - ok
05:49:19.0463 1016 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
05:49:19.0469 1016 ohci1394 - ok
05:49:19.0512 1016 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:49:19.0515 1016 p2pimsvc - ok
05:49:19.0559 1016 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
05:49:19.0563 1016 p2psvc - ok
05:49:19.0654 1016 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:49:19.0674 1016 Parport - ok
05:49:19.0754 1016 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
05:49:19.0761 1016 partmgr - ok
05:49:19.0803 1016 pbfilter - ok
05:49:19.0818 1016 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
05:49:19.0820 1016 PcaSvc - ok
05:49:19.0832 1016 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
05:49:19.0841 1016 pci - ok
05:49:19.0850 1016 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
05:49:19.0853 1016 pciide - ok
05:49:19.0871 1016 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:49:19.0880 1016 pcmcia - ok
05:49:19.0893 1016 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:49:19.0898 1016 pcw - ok
05:49:19.0976 1016 pdfcDispatcher - ok
05:49:20.0012 1016 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:49:20.0032 1016 PEAUTH - ok
05:49:20.0109 1016 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
05:49:20.0114 1016 PerfHost - ok
05:49:20.0203 1016 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
05:49:20.0229 1016 pla - ok
05:49:20.0294 1016 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
05:49:20.0298 1016 PlugPlay - ok
05:49:20.0310 1016 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
05:49:20.0316 1016 PNRPAutoReg - ok
05:49:20.0354 1016 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:49:20.0356 1016 PNRPsvc - ok
05:49:20.0386 1016 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
05:49:20.0407 1016 PolicyAgent - ok
05:49:20.0447 1016 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
05:49:20.0448 1016 Power - ok
05:49:20.0508 1016 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
05:49:20.0514 1016 PptpMiniport - ok
05:49:20.0540 1016 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:49:20.0545 1016 Processor - ok
05:49:20.0569 1016 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
05:49:20.0571 1016 ProfSvc - ok
05:49:20.0598 1016 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:49:20.0599 1016 ProtectedStorage - ok
05:49:20.0639 1016 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
05:49:20.0646 1016 Psched - ok
05:49:20.0674 1016 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
05:49:20.0680 1016 PSSDK42 - ok
05:49:20.0709 1016 PSSDKLBF (07a3500cf1c3325568d1b85683ce4517) C:\Windows\system32\Drivers\pssdklbf.sys
05:49:20.0716 1016 PSSDKLBF - ok
05:49:20.0753 1016 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
05:49:20.0758 1016 PxHlpa64 - ok
05:49:20.0829 1016 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:49:20.0866 1016 ql2300 - ok
05:49:21.0069 1016 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:49:21.0076 1016 ql40xx - ok
05:49:21.0095 1016 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
05:49:21.0103 1016 QWAVE - ok
05:49:21.0115 1016 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:49:21.0119 1016 QWAVEdrv - ok
05:49:21.0131 1016 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:49:21.0134 1016 RasAcd - ok
05:49:21.0152 1016 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:49:21.0156 1016 RasAgileVpn - ok
05:49:21.0188 1016 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
05:49:21.0193 1016 RasAuto - ok
05:49:21.0227 1016 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:49:21.0234 1016 Rasl2tp - ok
05:49:21.0277 1016 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
05:49:21.0290 1016 RasMan - ok
05:49:21.0312 1016 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:49:21.0317 1016 RasPppoe - ok
05:49:21.0326 1016 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:49:21.0332 1016 RasSstp - ok
05:49:21.0365 1016 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
05:49:21.0376 1016 rdbss - ok
05:49:21.0383 1016 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:49:21.0387 1016 rdpbus - ok
05:49:21.0398 1016 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:49:21.0400 1016 RDPCDD - ok
05:49:21.0412 1016 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:49:21.0414 1016 RDPENCDD - ok
05:49:21.0422 1016 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:49:21.0425 1016 RDPREFMP - ok
05:49:21.0463 1016 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
05:49:21.0470 1016 RDPWD - ok
05:49:21.0510 1016 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
05:49:21.0519 1016 rdyboost - ok
05:49:21.0555 1016 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
05:49:21.0561 1016 RemoteAccess - ok
05:49:21.0594 1016 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
05:49:21.0604 1016 RemoteRegistry - ok
05:49:21.0629 1016 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
05:49:21.0633 1016 RimUsb - ok
05:49:21.0645 1016 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
05:49:21.0647 1016 RpcEptMapper - ok
05:49:21.0673 1016 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
05:49:21.0677 1016 RpcLocator - ok
05:49:21.0728 1016 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:49:21.0730 1016 RpcSs - ok
05:49:21.0750 1016 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:49:21.0755 1016 rspndr - ok
05:49:21.0782 1016 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:49:21.0783 1016 SamSs - ok
05:49:21.0845 1016 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
05:49:21.0848 1016 SASDIFSV - ok
05:49:21.0859 1016 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
05:49:21.0863 1016 SASENUM - ok
05:49:21.0891 1016 SASKUTIL (67d2688756dd304af655349baad82bff) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS
05:49:21.0901 1016 SASKUTIL - ok
05:49:21.0929 1016 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
05:49:21.0935 1016 sbp2port - ok
05:49:21.0962 1016 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
05:49:21.0969 1016 SCardSvr - ok
05:49:21.0990 1016 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
05:49:21.0995 1016 scfilter - ok
05:49:22.0063 1016 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
05:49:22.0094 1016 Schedule - ok
05:49:22.0126 1016 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:49:22.0127 1016 SCPolicySvc - ok
05:49:22.0157 1016 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
05:49:22.0159 1016 SDRSVC - ok
05:49:22.0234 1016 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
05:49:22.0243 1016 SeaPort - ok
05:49:22.0282 1016 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:49:22.0286 1016 secdrv - ok
05:49:22.0310 1016 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
05:49:22.0315 1016 seclogon - ok
05:49:22.0328 1016 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
05:49:22.0329 1016 SENS - ok
05:49:22.0335 1016 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
05:49:22.0341 1016 SensrSvc - ok
05:49:22.0356 1016 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:49:22.0359 1016 Serenum - ok
05:49:22.0378 1016 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:49:22.0386 1016 Serial - ok
05:49:22.0410 1016 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:49:22.0414 1016 sermouse - ok
05:49:22.0455 1016 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
05:49:22.0456 1016 SessionEnv - ok
05:49:22.0480 1016 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
05:49:22.0483 1016 sffdisk - ok
05:49:22.0492 1016 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
05:49:22.0496 1016 sffp_mmc - ok
05:49:22.0507 1016 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
05:49:22.0511 1016 sffp_sd - ok
05:49:22.0519 1016 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:49:22.0522 1016 sfloppy - ok
05:49:22.0634 1016 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
05:49:22.0647 1016 SftService - ok
05:49:22.0785 1016 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
05:49:22.0788 1016 ShellHWDetection - ok
05:49:22.0804 1016 silabenm (7799106fee728b907a86d9c9751e02d5) C:\Windows\system32\DRIVERS\silabenm.sys
05:49:22.0808 1016 silabenm - ok
05:49:22.0824 1016 silabser (5779d0aea7f27cab93f7e42265f9b7c5) C:\Windows\system32\DRIVERS\silabser.sys
05:49:22.0830 1016 silabser - ok
05:49:22.0849 1016 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:49:22.0855 1016 SiSRaid2 - ok
05:49:22.0873 1016 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:49:22.0880 1016 SiSRaid4 - ok
05:49:22.0904 1016 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:49:22.0913 1016 Smb - ok
05:49:22.0952 1016 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
05:49:22.0956 1016 SNMPTRAP - ok
05:49:23.0062 1016 SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
05:49:23.0080 1016 SplashtopRemoteService - ok
05:49:23.0090 1016 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:49:23.0095 1016 spldr - ok
05:49:23.0129 1016 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
05:49:23.0134 1016 Spooler - ok
05:49:23.0303 1016 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
05:49:23.0339 1016 sppsvc - ok
05:49:23.0426 1016 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
05:49:23.0433 1016 sppuinotify - ok
05:49:23.0480 1016 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
05:49:23.0495 1016 srv - ok
05:49:23.0547 1016 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
05:49:23.0558 1016 srv2 - ok
05:49:23.0571 1016 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
05:49:23.0579 1016 srvnet - ok
05:49:23.0599 1016 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
05:49:23.0601 1016 SSDPSRV - ok
05:49:23.0615 1016 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
05:49:23.0623 1016 SstpSvc - ok
05:49:23.0708 1016 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
05:49:23.0717 1016 SSUService - ok
05:49:23.0750 1016 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:49:23.0754 1016 stexstor - ok
05:49:23.0811 1016 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
05:49:23.0846 1016 stisvc - ok
05:49:23.0868 1016 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
05:49:23.0871 1016 swenum - ok
05:49:23.0914 1016 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
05:49:23.0918 1016 swprv - ok
05:49:24.0012 1016 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
05:49:24.0026 1016 SysMain - ok
05:49:24.0116 1016 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
05:49:24.0124 1016 TabletInputService - ok
05:49:24.0151 1016 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
05:49:24.0163 1016 TapiSrv - ok
05:49:24.0194 1016 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
05:49:24.0201 1016 TBS - ok
05:49:24.0315 1016 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
05:49:24.0356 1016 Tcpip - ok
05:49:24.0458 1016 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
05:49:24.0465 1016 TCPIP6 - ok
05:49:24.0521 1016 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
05:49:24.0526 1016 tcpipreg - ok
05:49:24.0544 1016 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:49:24.0548 1016 TDPIPE - ok
05:49:24.0572 1016 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
05:49:24.0576 1016 TDTCP - ok
05:49:24.0610 1016 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
05:49:24.0615 1016 tdx - ok
05:49:24.0644 1016 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
05:49:24.0650 1016 TermDD - ok
05:49:24.0708 1016 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
05:49:24.0715 1016 TermService - ok
05:49:24.0727 1016 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
05:49:24.0729 1016 Themes - ok
05:49:24.0927 1016 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:49:24.0928 1016 THREADORDER - ok
05:49:25.0053 1016 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
05:49:25.0054 1016 TrkWks - ok
05:49:25.0086 1016 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
05:49:25.0087 1016 TrustedInstaller - ok
05:49:25.0124 1016 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:49:25.0128 1016 tssecsrv - ok
05:49:25.0166 1016 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
05:49:25.0172 1016 TsUsbFlt - ok
05:49:25.0222 1016 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
05:49:25.0228 1016 tunnel - ok
05:49:25.0243 1016 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:49:25.0249 1016 uagp35 - ok
05:49:25.0286 1016 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
05:49:25.0296 1016 udfs - ok
05:49:25.0307 1016 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
05:49:25.0314 1016 UI0Detect - ok
05:49:25.0330 1016 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
05:49:25.0335 1016 uliagpkx - ok
05:49:25.0369 1016 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
05:49:25.0374 1016 umbus - ok
05:49:25.0383 1016 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:49:25.0386 1016 UmPass - ok
05:49:25.0494 1016 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
05:49:25.0502 1016 UMVPFSrv - ok
05:49:25.0540 1016 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
05:49:25.0544 1016 upnphost - ok
05:49:25.0562 1016 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
05:49:25.0568 1016 usbaudio - ok
05:49:25.0583 1016 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
05:49:25.0589 1016 usbccgp - ok
05:49:25.0622 1016 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
05:49:25.0630 1016 usbcir - ok
05:49:25.0635 1016 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
05:49:25.0639 1016 usbehci - ok
05:49:25.0667 1016 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
05:49:25.0679 1016 usbhub - ok
05:49:25.0688 1016 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
05:49:25.0692 1016 usbohci - ok
05:49:25.0709 1016 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:49:25.0715 1016 usbprint - ok
05:49:25.0776 1016 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
05:49:25.0780 1016 usbscan - ok
05:49:25.0799 1016 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:49:25.0805 1016 USBSTOR - ok
05:49:25.0847 1016 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
05:49:25.0852 1016 usbuhci - ok
05:49:25.0875 1016 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
05:49:25.0876 1016 UxSms - ok
05:49:25.0913 1016 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:49:25.0914 1016 VaultSvc - ok
05:49:25.0961 1016 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
05:49:25.0966 1016 vdrvroot - ok
05:49:26.0025 1016 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
05:49:26.0028 1016 vds - ok
05:49:26.0272 1016 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:49:26.0276 1016 vga - ok
05:49:26.0303 1016 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:49:26.0306 1016 VgaSave - ok
05:49:26.0330 1016 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
05:49:26.0340 1016 vhdmp - ok
05:49:26.0351 1016 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
05:49:26.0355 1016 viaide - ok
05:49:26.0389 1016 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
05:49:26.0395 1016 volmgr - ok
05:49:26.0438 1016 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
05:49:26.0449 1016 volmgrx - ok
05:49:26.0473 1016 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
05:49:26.0484 1016 volsnap - ok
05:49:26.0509 1016 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:49:26.0516 1016 vsmraid - ok
05:49:26.0693 1016 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
05:49:26.0709 1016 VSS - ok
05:49:26.0838 1016 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
05:49:26.0842 1016 vwifibus - ok
05:49:26.0853 1016 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
05:49:26.0858 1016 vwififlt - ok
05:49:26.0877 1016 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
05:49:26.0880 1016 vwifimp - ok
05:49:26.0921 1016 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
05:49:26.0925 1016 W32Time - ok
05:49:26.0972 1016 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:49:26.0977 1016 WacomPen - ok
05:49:27.0021 1016 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:49:27.0027 1016 WANARP - ok
05:49:27.0036 1016 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:49:27.0037 1016 Wanarpv6 - ok
05:49:27.0126 1016 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
05:49:27.0167 1016 WatAdminSvc - ok
05:49:27.0251 1016 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
05:49:27.0282 1016 wbengine - ok
05:49:27.0400 1016 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
05:49:27.0408 1016 WbioSrvc - ok
05:49:27.0457 1016 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
05:49:27.0460 1016 wcncsvc - ok
05:49:27.0474 1016 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
05:49:27.0479 1016 WcsPlugInService - ok
05:49:27.0536 1016 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:49:27.0540 1016 Wd - ok
05:49:27.0577 1016 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:49:27.0602 1016 Wdf01000 - ok
05:49:27.0617 1016 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:49:27.0618 1016 WdiServiceHost - ok
05:49:27.0620 1016 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:49:27.0622 1016 WdiSystemHost - ok
05:49:27.0666 1016 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
05:49:27.0676 1016 WebClient - ok
05:49:27.0696 1016 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
05:49:27.0704 1016 Wecsvc - ok
05:49:27.0721 1016 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
05:49:27.0722 1016 wercplsupport - ok
05:49:27.0743 1016 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
05:49:27.0744 1016 WerSvc - ok
05:49:27.0797 1016 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:49:27.0800 1016 WfpLwf - ok
05:49:27.0845 1016 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
05:49:27.0851 1016 WimFltr - ok
05:49:27.0862 1016 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:49:27.0865 1016 WIMMount - ok
05:49:27.0870 1016 WinHttpAutoProxySvc - ok
05:49:27.0933 1016 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
05:49:27.0943 1016 Winmgmt - ok
05:49:28.0053 1016 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
05:49:28.0089 1016 WinRM - ok
05:49:28.0298 1016 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
05:49:28.0303 1016 WinUsb - ok
05:49:28.0393 1016 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
05:49:28.0418 1016 Wlansvc - ok
05:49:28.0526 1016 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
05:49:28.0531 1016 wlcrasvc - ok
05:49:28.0886 1016 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:49:29.0109 1016 wlidsvc - ok
05:49:29.0217 1016 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
05:49:29.0220 1016 WmiAcpi - ok
05:49:29.0268 1016 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
05:49:29.0275 1016 wmiApSrv - ok
05:49:29.0335 1016 WMPNetworkSvc - ok
05:49:29.0364 1016 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
05:49:29.0367 1016 WPCSvc - ok
05:49:29.0402 1016 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
05:49:29.0403 1016 WPDBusEnum - ok
05:49:29.0428 1016 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:49:29.0431 1016 ws2ifsl - ok
05:49:29.0433 1016 WSearch - ok
05:49:30.0572 1016 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
05:49:30.0595 1016 wuauserv - ok
05:49:30.0743 1016 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
05:49:30.0749 1016 WudfPf - ok
05:49:30.0777 1016 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:49:30.0784 1016 WUDFRd - ok
05:49:30.0813 1016 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
05:49:30.0820 1016 wudfsvc - ok
05:49:30.0838 1016 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
05:49:30.0847 1016 WwanSvc - ok
05:49:30.0854 1016 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
05:49:30.0879 1016 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
05:49:30.0879 1016 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
05:49:30.0905 1016 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:49:30.0905 1016 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:49:30.0933 1016 Boot (0x1200) (2bd812be402c08e0d8789da6cb0d25e2) \Device\Harddisk0\DR0\Partition0
05:49:30.0934 1016 \Device\Harddisk0\DR0\Partition0 - ok
05:49:30.0943 1016 Boot (0x1200) (4d4014dd64287dea6372162158a497aa) \Device\Harddisk0\DR0\Partition1
05:49:30.0944 1016 \Device\Harddisk0\DR0\Partition1 - ok
05:49:30.0945 1016 ============================================================
05:49:30.0945 1016 Scan finished
05:49:30.0945 1016 ============================================================
05:49:30.0954 8408 Detected object count: 2
05:49:30.0954 8408 Actual detected object count: 2
05:50:25.0047 8408 \Device\Harddisk0\DR0\# - copied to quarantine
05:50:25.0048 8408 \Device\Harddisk0\DR0 - copied to quarantine
05:50:25.0073 8408 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
05:50:25.0075 8408 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
05:50:25.0078 8408 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
05:50:25.0082 8408 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
05:50:25.0092 8408 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
05:50:25.0098 8408 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
05:50:25.0100 8408 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
05:50:25.0101 8408 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
05:50:25.0102 8408 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
05:50:25.0105 8408 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
05:50:25.0107 8408 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
05:50:25.0109 8408 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
05:50:25.0110 8408 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
05:50:25.0112 8408 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
05:50:25.0120 8408 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
05:50:25.0136 8408 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
05:50:25.0137 8408 \Device\Harddisk0\DR0 - ok
05:50:25.0265 8408 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
05:50:25.0267 8408 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
05:50:25.0267 8408 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-09 05:55:39
-----------------------------
05:55:39.847 OS Version: Windows x64 6.1.7601 Service Pack 1
05:55:39.847 Number of processors: 4 586 0x2502
05:55:39.848 ComputerName: JMAXWORTHY-PC UserName: JMAXWORTHY
05:55:42.076 Initialize success
05:55:48.669 AVAST engine defs: 12070900
05:55:59.777 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
05:55:59.781 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
05:55:59.792 Disk 0 MBR read successfully
05:55:59.796 Disk 0 MBR scan
05:55:59.825 Disk 0 Windows VISTA default MBR code
05:55:59.828 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
05:55:59.842 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
05:55:59.852 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938828 MB offset 30801920
05:55:59.869 Disk 0 scanning C:\Windows\system32\drivers
05:56:11.210 Service scanning
05:56:34.736 Modules scanning
05:56:34.748 Disk 0 trace - called modules:
05:56:34.765 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
05:56:34.770 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d99060]
05:56:34.773 3 CLASSPNP.SYS[fffff8800199c43f] -> nt!IofCallDriver -> [0xfffffa8007aa6520]
05:56:34.776 5 ACPI.sys[fffff88000f737a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007aa8060]
05:56:36.841 AVAST engine scan C:\Windows
05:56:40.066 AVAST engine scan C:\Windows\system32
05:58:39.129 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
05:58:42.310 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
06:00:13.428 AVAST engine scan C:\Windows\system32\drivers
06:00:33.650 AVAST engine scan C:\Users\JMAXWORTHY
06:14:58.669 Disk 0 MBR has been saved successfully to "C:\Users\JMAXWORTHY\Desktop\MBR.dat"
06:14:58.679 The log file has been saved successfully to "C:\Users\JMAXWORTHY\Desktop\aswMBR.txt"


C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0004.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.07.2012_05.48.32\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\Windows\Installer\{1cb6829e-d982-39ae-20e2-4ea7b15d1943}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{1cb6829e-d982-39ae-20e2-4ea7b15d1943}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{1cb6829e-d982-39ae-20e2-4ea7b15d1943}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#4 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 09 July 2012 - 10:33 PM

We need advanced tools to remove this

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·