Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer missing menu items and slow


  • Please log in to reply
37 replies to this topic

#1 madoxnola

madoxnola

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 19 May 2012 - 10:17 AM

My laptop was infected with some Trojans and I scan Anti-virus and it removed most of them. The laptop had all kind of pop ups from malware telling my system was infected and it wouldn't do anything. Now the pop ups are now gone and I can now use the computer. All the menu items are missing on the start menu. The laptop is still a little slow.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 19 May 2012 - 10:45 AM

What is your operating system?

Press windows+R key and type

%temp% and click ok

If you have folder called SMTMP,copy it a safe location

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 19 May 2012 - 10:46 AM.


#3 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 19 May 2012 - 11:56 AM

Thank you for your fast respond, I will post once i get back from work.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 19 May 2012 - 02:14 PM

:thumbup2:

#5 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 20 May 2012 - 08:54 AM

Here is the logs

00:11:31.0265 2904 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
00:11:31.0297 2904 ============================================================
00:11:31.0297 2904 Current date / time: 2012/05/20 00:11:31.0297
00:11:31.0297 2904 SystemInfo:
00:11:31.0297 2904
00:11:31.0297 2904 OS Version: 6.0.6002 ServicePack: 2.0
00:11:31.0297 2904 Product type: Workstation
00:11:31.0297 2904 ComputerName: HOUSEPC
00:11:31.0297 2904 UserName: bob
00:11:31.0297 2904 Windows directory: C:\Windows
00:11:31.0297 2904 System windows directory: C:\Windows
00:11:31.0297 2904 Processor architecture: Intel x86
00:11:31.0297 2904 Number of processors: 2
00:11:31.0297 2904 Page size: 0x1000
00:11:31.0297 2904 Boot type: Normal boot
00:11:31.0297 2904 ============================================================
00:11:31.0577 2904 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:11:31.0593 2904 ============================================================
00:11:31.0593 2904 \Device\Harddisk0\DR0:
00:11:31.0593 2904 MBR partitions:
00:11:31.0593 2904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x116577C1
00:11:31.0593 2904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x11657800, BlocksNum 0x13C0800
00:11:31.0593 2904 ============================================================
00:11:31.0593 2904 C: <-> \Device\Harddisk0\DR0\Partition0
00:11:31.0640 2904 D: <-> \Device\Harddisk0\DR0\Partition1
00:11:31.0640 2904 ============================================================
00:11:31.0640 2904 Initialize success
00:11:31.0640 2904 ============================================================
00:11:33.0840 3400 ============================================================
00:11:33.0840 3400 Scan started
00:11:33.0840 3400 Mode: Manual;
00:11:33.0840 3400 ============================================================
00:11:34.0168 3400 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:11:34.0168 3400 ACPI - ok
00:11:34.0246 3400 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:11:34.0246 3400 AdobeFlashPlayerUpdateSvc - ok
00:11:34.0308 3400 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:11:34.0308 3400 adp94xx - ok
00:11:34.0355 3400 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:11:34.0355 3400 adpahci - ok
00:11:34.0371 3400 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:11:34.0371 3400 adpu160m - ok
00:11:34.0402 3400 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:11:34.0402 3400 adpu320 - ok
00:11:34.0433 3400 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:11:34.0433 3400 AeLookupSvc - ok
00:11:34.0496 3400 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:11:34.0496 3400 AFD - ok
00:11:34.0527 3400 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:11:34.0527 3400 agp440 - ok
00:11:34.0542 3400 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:11:34.0542 3400 aic78xx - ok
00:11:34.0574 3400 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:11:34.0574 3400 ALG - ok
00:11:34.0589 3400 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:11:34.0589 3400 aliide - ok
00:11:34.0620 3400 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:11:34.0620 3400 amdagp - ok
00:11:34.0636 3400 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:11:34.0636 3400 amdide - ok
00:11:34.0667 3400 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:11:34.0667 3400 AmdK7 - ok
00:11:34.0698 3400 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
00:11:34.0698 3400 AmdK8 - ok
00:11:34.0730 3400 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:11:34.0730 3400 Appinfo - ok
00:11:34.0854 3400 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:11:34.0854 3400 Apple Mobile Device - ok
00:11:34.0886 3400 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:11:34.0886 3400 arc - ok
00:11:34.0901 3400 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:11:34.0901 3400 arcsas - ok
00:11:34.0932 3400 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:11:34.0932 3400 AsyncMac - ok
00:11:34.0948 3400 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:11:34.0964 3400 atapi - ok
00:11:35.0057 3400 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
00:11:35.0291 3400 athr - ok
00:11:35.0369 3400 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:11:35.0385 3400 AudioEndpointBuilder - ok
00:11:35.0385 3400 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:11:35.0400 3400 Audiosrv - ok
00:11:35.0447 3400 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
00:11:35.0463 3400 BCM43XV - ok
00:11:35.0478 3400 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:11:35.0494 3400 Beep - ok
00:11:35.0572 3400 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
00:11:35.0588 3400 BITS - ok
00:11:35.0650 3400 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:11:35.0650 3400 blbdrive - ok
00:11:35.0728 3400 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:11:35.0744 3400 Bonjour Service - ok
00:11:35.0790 3400 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:11:35.0790 3400 bowser - ok
00:11:35.0806 3400 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:11:35.0806 3400 BrFiltLo - ok
00:11:35.0837 3400 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:11:35.0837 3400 BrFiltUp - ok
00:11:35.0884 3400 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:11:35.0884 3400 Browser - ok
00:11:35.0915 3400 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:11:35.0931 3400 Brserid - ok
00:11:35.0978 3400 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:11:35.0993 3400 BrSerWdm - ok
00:11:36.0024 3400 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:11:36.0024 3400 BrUsbMdm - ok
00:11:36.0056 3400 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:11:36.0056 3400 BrUsbSer - ok
00:11:36.0102 3400 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:11:36.0118 3400 BTHMODEM - ok
00:11:36.0149 3400 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:11:36.0149 3400 cdfs - ok
00:11:36.0212 3400 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:11:36.0212 3400 cdrom - ok
00:11:36.0243 3400 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:11:36.0243 3400 CertPropSvc - ok
00:11:36.0274 3400 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
00:11:36.0274 3400 cfwids - ok
00:11:36.0290 3400 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:11:36.0290 3400 circlass - ok
00:11:36.0352 3400 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:11:36.0368 3400 CLFS - ok
00:11:36.0461 3400 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:11:36.0461 3400 clr_optimization_v2.0.50727_32 - ok
00:11:36.0539 3400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:11:36.0539 3400 clr_optimization_v4.0.30319_32 - ok
00:11:36.0570 3400 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:11:36.0570 3400 CmBatt - ok
00:11:36.0586 3400 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:11:36.0586 3400 cmdide - ok
00:11:36.0633 3400 CnxtHdAudService (e2e93d9deb5d97030122a17ffaad6f73) C:\Windows\system32\drivers\CHDRT32.sys
00:11:36.0804 3400 CnxtHdAudService - ok
00:11:36.0914 3400 Com4QLBEx (7795f8cebc284a426b53f541e538695f) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
00:11:36.0914 3400 Com4QLBEx - ok
00:11:36.0945 3400 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:11:36.0945 3400 Compbatt - ok
00:11:36.0960 3400 COMSysApp - ok
00:11:36.0976 3400 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:11:36.0976 3400 crcdisk - ok
00:11:37.0007 3400 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:11:37.0007 3400 Crusoe - ok
00:11:37.0054 3400 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
00:11:37.0054 3400 CryptSvc - ok
00:11:37.0132 3400 CSS DVP (10d08460d2415b38d4179d91a6ae3a25) C:\Windows\system32\DRIVERS\css-dvp.sys
00:11:37.0148 3400 CSS DVP - ok
00:11:37.0226 3400 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:11:37.0272 3400 DcomLaunch - ok
00:11:37.0335 3400 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:11:37.0335 3400 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 622c41a07ca7e6dd91770f50d532cb6c
00:11:37.0335 3400 DfsC ( LockedFile.Multi.Generic ) - warning
00:11:37.0335 3400 DfsC - detected LockedFile.Multi.Generic (1)
00:11:37.0460 3400 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:11:37.0491 3400 DFSR - ok
00:11:37.0616 3400 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:11:37.0616 3400 Dhcp - ok
00:11:37.0662 3400 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:11:37.0678 3400 disk - ok
00:11:37.0725 3400 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:11:37.0787 3400 Dnscache - ok
00:11:37.0834 3400 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:11:37.0850 3400 dot3svc - ok
00:11:37.0881 3400 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:11:37.0896 3400 DPS - ok
00:11:37.0928 3400 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:11:37.0928 3400 drmkaud - ok
00:11:38.0006 3400 dvpapi (68c9a40ea00417df63f541fd8dfa65a1) C:\Program Files\Common Files\Command Software\dvpapi.exe
00:11:38.0006 3400 dvpapi - ok
00:11:38.0099 3400 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:11:38.0240 3400 DXGKrnl - ok
00:11:38.0271 3400 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:11:38.0271 3400 E1G60 - ok
00:11:38.0318 3400 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:11:38.0318 3400 EapHost - ok
00:11:38.0364 3400 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:11:38.0364 3400 Ecache - ok
00:11:38.0458 3400 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:11:38.0474 3400 ehRecvr - ok
00:11:38.0489 3400 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:11:38.0489 3400 ehSched - ok
00:11:38.0520 3400 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:11:38.0520 3400 ehstart - ok
00:11:38.0552 3400 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:11:38.0552 3400 elxstor - ok
00:11:38.0630 3400 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:11:38.0645 3400 EMDMgmt - ok
00:11:38.0676 3400 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:11:38.0676 3400 ErrDev - ok
00:11:38.0739 3400 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:11:38.0739 3400 EventSystem - ok
00:11:38.0786 3400 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:11:38.0786 3400 exfat - ok
00:11:38.0832 3400 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:11:38.0848 3400 fastfat - ok
00:11:38.0879 3400 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:11:38.0879 3400 fdc - ok
00:11:38.0910 3400 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:11:38.0910 3400 fdPHost - ok
00:11:38.0926 3400 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:11:38.0926 3400 FDResPub - ok
00:11:38.0957 3400 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:11:38.0957 3400 FileInfo - ok
00:11:38.0988 3400 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:11:38.0988 3400 Filetrace - ok
00:11:39.0004 3400 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:11:39.0020 3400 flpydisk - ok
00:11:39.0066 3400 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:11:39.0066 3400 FltMgr - ok
00:11:39.0144 3400 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:11:39.0160 3400 FontCache - ok
00:11:39.0222 3400 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:11:39.0222 3400 FontCache3.0.0.0 - ok
00:11:39.0269 3400 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:11:39.0269 3400 Fs_Rec - ok
00:11:39.0316 3400 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:11:39.0316 3400 gagp30kx - ok
00:11:39.0425 3400 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files\WildTangent Games\App\GamesAppService.exe
00:11:39.0425 3400 GamesAppService - ok
00:11:39.0472 3400 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:11:39.0472 3400 GEARAspiWDM - ok
00:11:39.0566 3400 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:11:39.0597 3400 gpsvc - ok
00:11:39.0690 3400 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:11:39.0690 3400 gupdate - ok
00:11:39.0706 3400 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:11:39.0706 3400 gupdatem - ok
00:11:39.0737 3400 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:11:39.0753 3400 HdAudAddService - ok
00:11:39.0815 3400 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:11:39.0846 3400 HDAudBus - ok
00:11:39.0862 3400 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:11:39.0862 3400 HidBth - ok
00:11:39.0893 3400 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:11:39.0893 3400 HidIr - ok
00:11:39.0940 3400 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:11:39.0940 3400 hidserv - ok
00:11:39.0971 3400 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:11:39.0971 3400 HidUsb - ok
00:11:40.0018 3400 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:11:40.0018 3400 hkmsvc - ok
00:11:40.0080 3400 HP Health Check Service (89f9e1984c1cd9e5f4fe39642d886e11) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:11:40.0080 3400 HP Health Check Service - ok
00:11:40.0127 3400 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:11:40.0127 3400 HpCISSs - ok
00:11:40.0174 3400 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:11:40.0252 3400 HpqKbFiltr - ok
00:11:40.0283 3400 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
00:11:40.0283 3400 HpqRemHid - ok
00:11:40.0314 3400 hpqwmiex (d50fdad1e57aa60f1973cfc77d905f0e) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:11:40.0314 3400 hpqwmiex - ok
00:11:40.0346 3400 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:11:40.0346 3400 HSFHWAZL - ok
00:11:40.0455 3400 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
00:11:40.0455 3400 HSF_DPV - ok
00:11:40.0502 3400 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
00:11:40.0689 3400 HSXHWAZL - ok
00:11:40.0767 3400 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:11:40.0782 3400 HTTP - ok
00:11:40.0814 3400 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:11:40.0829 3400 i2omp - ok
00:11:40.0876 3400 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:11:40.0876 3400 i8042prt - ok
00:11:40.0923 3400 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:11:40.0938 3400 iaStorV - ok
00:11:41.0048 3400 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:11:41.0048 3400 IDriverT - ok
00:11:41.0188 3400 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:11:41.0204 3400 idsvc - ok
00:11:41.0235 3400 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:11:41.0250 3400 iirsp - ok
00:11:41.0313 3400 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:11:41.0344 3400 IKEEXT - ok
00:11:41.0375 3400 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:11:41.0375 3400 intelide - ok
00:11:41.0391 3400 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:11:41.0406 3400 intelppm - ok
00:11:41.0453 3400 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:11:41.0453 3400 IPBusEnum - ok
00:11:41.0484 3400 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:11:41.0484 3400 IpFilterDriver - ok
00:11:41.0547 3400 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:11:41.0562 3400 iphlpsvc - ok
00:11:41.0562 3400 IpInIp - ok
00:11:41.0594 3400 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:11:41.0594 3400 IPMIDRV - ok
00:11:41.0625 3400 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:11:41.0625 3400 IPNAT - ok
00:11:41.0750 3400 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
00:11:41.0750 3400 iPod Service - ok
00:11:41.0765 3400 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:11:41.0765 3400 IRENUM - ok
00:11:41.0796 3400 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:11:41.0796 3400 isapnp - ok
00:11:41.0874 3400 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:11:41.0874 3400 iScsiPrt - ok
00:11:41.0890 3400 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:11:41.0890 3400 iteatapi - ok
00:11:41.0906 3400 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:11:41.0906 3400 iteraid - ok
00:11:41.0937 3400 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:11:41.0937 3400 kbdclass - ok
00:11:41.0984 3400 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:11:41.0984 3400 kbdhid - ok
00:11:42.0015 3400 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:11:42.0015 3400 KeyIso - ok
00:11:42.0077 3400 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:11:42.0077 3400 KSecDD - ok
00:11:42.0124 3400 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:11:42.0140 3400 KtmRm - ok
00:11:42.0186 3400 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:11:42.0186 3400 LanmanServer - ok
00:11:42.0233 3400 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:11:42.0249 3400 LanmanWorkstation - ok
00:11:42.0280 3400 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:11:42.0280 3400 lltdio - ok
00:11:42.0327 3400 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:11:42.0327 3400 lltdsvc - ok
00:11:42.0358 3400 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:11:42.0358 3400 lmhosts - ok
00:11:42.0405 3400 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:11:42.0405 3400 LSI_FC - ok
00:11:42.0420 3400 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:11:42.0420 3400 LSI_SAS - ok
00:11:42.0436 3400 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:11:42.0452 3400 LSI_SCSI - ok
00:11:42.0483 3400 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:11:42.0483 3400 luafv - ok
00:11:42.0483 3400 MBAMSwissArmy - ok
00:11:42.0592 3400 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:11:42.0592 3400 McAfee SiteAdvisor Service - ok
00:11:42.0654 3400 McciCMService (4f74184920b2d6e33024409b4c5c57c1) C:\Program Files\Common Files\Motive\McciCMService.exe
00:11:42.0670 3400 McciCMService - ok
00:11:42.0686 3400 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:11:42.0686 3400 McMPFSvc - ok
00:11:42.0717 3400 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:11:42.0717 3400 mcmscsvc - ok
00:11:42.0732 3400 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:11:42.0748 3400 McNaiAnn - ok
00:11:42.0764 3400 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:11:42.0764 3400 McNASvc - ok
00:11:42.0842 3400 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
00:11:42.0873 3400 McODS - ok
00:11:42.0888 3400 McOobeSv (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:11:42.0888 3400 McOobeSv - ok
00:11:42.0904 3400 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:11:42.0904 3400 McProxy - ok
00:11:42.0966 3400 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:11:42.0982 3400 McShield - ok
00:11:43.0013 3400 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:11:43.0029 3400 Mcx2Svc - ok
00:11:43.0044 3400 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
00:11:43.0060 3400 mdmxsdk - ok
00:11:43.0091 3400 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:11:43.0091 3400 megasas - ok
00:11:43.0138 3400 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:11:43.0154 3400 MegaSR - ok
00:11:43.0185 3400 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
00:11:43.0200 3400 mfeapfk - ok
00:11:43.0232 3400 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
00:11:43.0341 3400 mfeavfk - ok
00:11:43.0356 3400 mfeavfk01 - ok
00:11:43.0372 3400 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
00:11:43.0372 3400 mfebopk - ok
00:11:43.0419 3400 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:11:43.0434 3400 mfefire - ok
00:11:43.0512 3400 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
00:11:43.0512 3400 mfefirek - ok
00:11:43.0575 3400 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\Windows\system32\drivers\mfehidk.sys
00:11:43.0590 3400 mfehidk - ok
00:11:43.0606 3400 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
00:11:43.0622 3400 mfenlfk - ok
00:11:43.0653 3400 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\Windows\system32\drivers\mferkdet.sys
00:11:43.0653 3400 mferkdet - ok
00:11:43.0700 3400 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
00:11:43.0700 3400 mfevtp - ok
00:11:43.0746 3400 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
00:11:43.0762 3400 mfewfpk - ok
00:11:43.0793 3400 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:11:43.0793 3400 MMCSS - ok
00:11:43.0824 3400 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:11:43.0840 3400 Modem - ok
00:11:43.0856 3400 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:11:43.0856 3400 monitor - ok
00:11:43.0871 3400 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:11:43.0871 3400 mouclass - ok
00:11:43.0902 3400 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:11:43.0902 3400 mouhid - ok
00:11:43.0918 3400 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:11:43.0918 3400 MountMgr - ok
00:11:43.0965 3400 MPFP (95675c3398dcc084c8d1dc35cc4e9e01) C:\Windows\system32\Drivers\Mpfp.sys
00:11:43.0965 3400 MPFP - ok
00:11:43.0996 3400 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:11:44.0012 3400 mpio - ok
00:11:44.0027 3400 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:11:44.0043 3400 mpsdrv - ok
00:11:44.0058 3400 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:11:44.0058 3400 Mraid35x - ok
00:11:44.0105 3400 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
00:11:44.0105 3400 MREMP50 - ok
00:11:44.0121 3400 MREMP50a64 - ok
00:11:44.0136 3400 MREMPR5 - ok
00:11:44.0136 3400 MRENDIS5 - ok
00:11:44.0168 3400 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
00:11:44.0168 3400 MRESP50 - ok
00:11:44.0183 3400 MRESP50a64 - ok
00:11:44.0230 3400 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:11:44.0230 3400 MRxDAV - ok
00:11:44.0277 3400 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:11:44.0277 3400 mrxsmb - ok
00:11:44.0324 3400 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:11:44.0339 3400 mrxsmb10 - ok
00:11:44.0370 3400 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:11:44.0370 3400 mrxsmb20 - ok
00:11:44.0402 3400 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:11:44.0402 3400 msahci - ok
00:11:44.0417 3400 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:11:44.0433 3400 msdsm - ok
00:11:44.0495 3400 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:11:44.0495 3400 MSDTC - ok
00:11:44.0542 3400 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:11:44.0542 3400 Msfs - ok
00:11:44.0558 3400 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:11:44.0558 3400 msisadrv - ok
00:11:44.0589 3400 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:11:44.0604 3400 MSiSCSI - ok
00:11:44.0620 3400 msiserver - ok
00:11:44.0651 3400 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:11:44.0651 3400 MSKSSRV - ok
00:11:44.0667 3400 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:11:44.0667 3400 MSPCLOCK - ok
00:11:44.0682 3400 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:11:44.0698 3400 MSPQM - ok
00:11:44.0745 3400 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:11:44.0745 3400 MsRPC - ok
00:11:44.0776 3400 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:11:44.0776 3400 mssmbios - ok
00:11:44.0807 3400 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:11:44.0807 3400 MSTEE - ok
00:11:44.0838 3400 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:11:44.0838 3400 Mup - ok
00:11:44.0901 3400 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:11:44.0901 3400 napagent - ok
00:11:44.0963 3400 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:11:44.0963 3400 NativeWifiP - ok
00:11:45.0010 3400 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:11:45.0026 3400 NDIS - ok
00:11:45.0041 3400 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:11:45.0057 3400 NdisTapi - ok
00:11:45.0072 3400 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:11:45.0072 3400 Ndisuio - ok
00:11:45.0104 3400 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:11:45.0104 3400 NdisWan - ok
00:11:45.0135 3400 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:11:45.0135 3400 NDProxy - ok
00:11:45.0182 3400 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:11:45.0182 3400 NetBIOS - ok
00:11:45.0213 3400 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:11:45.0213 3400 netbt - ok
00:11:45.0228 3400 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:11:45.0228 3400 Netlogon - ok
00:11:45.0275 3400 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:11:45.0291 3400 Netman - ok
00:11:45.0322 3400 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:11:45.0338 3400 netprofm - ok
00:11:45.0400 3400 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:11:45.0400 3400 NetTcpPortSharing - ok
00:11:45.0462 3400 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:11:45.0462 3400 nfrd960 - ok
00:11:45.0525 3400 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:11:45.0540 3400 NlaSvc - ok
00:11:45.0556 3400 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:11:45.0556 3400 Npfs - ok
00:11:45.0587 3400 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:11:45.0587 3400 nsi - ok
00:11:45.0603 3400 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:11:45.0603 3400 nsiproxy - ok
00:11:45.0696 3400 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:11:45.0712 3400 Ntfs - ok
00:11:45.0759 3400 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:11:45.0759 3400 ntrigdigi - ok
00:11:45.0806 3400 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:11:45.0806 3400 Null - ok
00:11:45.0899 3400 NVENETFD (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys
00:11:45.0930 3400 NVENETFD - ok
00:11:45.0946 3400 NVHDA (57945c4c155a79cf3e0f463e3cc9923e) C:\Windows\system32\drivers\nvhda32v.sys
00:11:45.0946 3400 NVHDA - ok
00:11:46.0632 3400 nvlddmkm (9dac05d828e56801fd6ce5fdfced64af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:11:46.0866 3400 nvlddmkm - ok
00:11:46.0991 3400 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:11:46.0991 3400 nvraid - ok
00:11:47.0022 3400 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys
00:11:47.0022 3400 nvsmu - ok
00:11:47.0054 3400 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:11:47.0069 3400 nvstor - ok
00:11:47.0132 3400 nvsvc (51e7f2c26b6ece61c5241f1f731eab2b) C:\Windows\system32\nvvsvc.exe
00:11:47.0147 3400 nvsvc - ok
00:11:47.0194 3400 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:11:47.0194 3400 nv_agp - ok
00:11:47.0225 3400 NwlnkFlt - ok
00:11:47.0241 3400 NwlnkFwd - ok
00:11:47.0272 3400 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
00:11:47.0288 3400 ohci1394 - ok
00:11:47.0350 3400 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:11:47.0366 3400 p2pimsvc - ok
00:11:47.0381 3400 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:11:47.0397 3400 p2psvc - ok
00:11:47.0444 3400 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:11:47.0444 3400 Parport - ok
00:11:47.0490 3400 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:11:47.0490 3400 partmgr - ok
00:11:47.0522 3400 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:11:47.0537 3400 Parvdm - ok
00:11:47.0553 3400 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:11:47.0568 3400 PcaSvc - ok
00:11:47.0615 3400 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:11:47.0615 3400 pci - ok
00:11:47.0646 3400 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:11:47.0646 3400 pciide - ok
00:11:47.0693 3400 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:11:47.0693 3400 pcmcia - ok
00:11:47.0771 3400 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:11:47.0787 3400 PEAUTH - ok
00:11:47.0944 3400 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:11:47.0975 3400 pla - ok
00:11:48.0100 3400 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:11:48.0115 3400 PlugPlay - ok
00:11:48.0193 3400 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:11:48.0209 3400 PNRPAutoReg - ok
00:11:48.0225 3400 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:11:48.0240 3400 PNRPsvc - ok
00:11:48.0287 3400 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:11:48.0318 3400 PolicyAgent - ok
00:11:48.0365 3400 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:11:48.0365 3400 PptpMiniport - ok
00:11:48.0396 3400 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
00:11:48.0396 3400 Processor - ok
00:11:48.0427 3400 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:11:48.0443 3400 ProfSvc - ok
00:11:48.0474 3400 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:11:48.0474 3400 ProtectedStorage - ok
00:11:48.0537 3400 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:11:48.0537 3400 PSched - ok
00:11:48.0630 3400 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:11:48.0646 3400 ql2300 - ok
00:11:48.0677 3400 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:11:48.0677 3400 ql40xx - ok
00:11:48.0708 3400 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:11:48.0724 3400 QWAVE - ok
00:11:48.0755 3400 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:11:48.0755 3400 QWAVEdrv - ok
00:11:48.0771 3400 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:11:48.0771 3400 RasAcd - ok
00:11:48.0802 3400 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:11:48.0817 3400 RasAuto - ok
00:11:48.0849 3400 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:11:48.0849 3400 Rasl2tp - ok
00:11:48.0912 3400 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:11:48.0912 3400 RasMan - ok
00:11:48.0959 3400 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:11:48.0959 3400 RasPppoe - ok
00:11:49.0006 3400 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:11:49.0021 3400 RasSstp - ok
00:11:49.0068 3400 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:11:49.0068 3400 rdbss - ok
00:11:49.0099 3400 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:11:49.0115 3400 RDPCDD - ok
00:11:49.0146 3400 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:11:49.0146 3400 rdpdr - ok
00:11:49.0162 3400 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:11:49.0162 3400 RDPENCDD - ok
00:11:49.0224 3400 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
00:11:49.0396 3400 RDPWD - ok
00:11:49.0505 3400 Recovery Service for Windows (431723f23d0e065bef502389e8ffdc10) C:\Windows\SMINST\BLService.exe
00:11:49.0552 3400 Recovery Service for Windows - ok
00:11:49.0614 3400 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:11:49.0614 3400 RemoteAccess - ok
00:11:49.0661 3400 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:11:49.0676 3400 RemoteRegistry - ok
00:11:49.0770 3400 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:11:49.0786 3400 RichVideo - ok
00:11:49.0817 3400 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:11:49.0817 3400 RpcLocator - ok
00:11:49.0896 3400 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:11:49.0927 3400 RpcSs - ok
00:11:49.0989 3400 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:11:50.0005 3400 rspndr - ok
00:11:50.0052 3400 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:11:50.0052 3400 SamSs - ok
00:11:50.0099 3400 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:11:50.0099 3400 sbp2port - ok
00:11:50.0161 3400 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:11:50.0177 3400 SCardSvr - ok
00:11:50.0270 3400 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:11:50.0301 3400 Schedule - ok
00:11:50.0333 3400 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:11:50.0333 3400 SCPolicySvc - ok
00:11:50.0379 3400 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:11:50.0379 3400 SDRSVC - ok
00:11:50.0411 3400 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:11:50.0411 3400 secdrv - ok
00:11:50.0426 3400 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:11:50.0442 3400 seclogon - ok
00:11:50.0473 3400 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
00:11:50.0489 3400 SENS - ok
00:11:50.0520 3400 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:11:50.0520 3400 Serenum - ok
00:11:50.0567 3400 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:11:50.0582 3400 Serial - ok
00:11:50.0613 3400 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:11:50.0613 3400 sermouse - ok
00:11:50.0660 3400 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:11:50.0660 3400 SessionEnv - ok
00:11:50.0691 3400 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:11:50.0691 3400 sffdisk - ok
00:11:50.0707 3400 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:11:50.0707 3400 sffp_mmc - ok
00:11:50.0738 3400 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:11:50.0738 3400 sffp_sd - ok
00:11:50.0785 3400 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
00:11:50.0785 3400 sfloppy - ok
00:11:50.0832 3400 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:11:50.0832 3400 SharedAccess - ok
00:11:50.0894 3400 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:11:50.0910 3400 ShellHWDetection - ok
00:11:50.0941 3400 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:11:50.0941 3400 sisagp - ok
00:11:50.0972 3400 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:11:50.0972 3400 SiSRaid2 - ok
00:11:50.0988 3400 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:11:50.0988 3400 SiSRaid4 - ok
00:11:51.0222 3400 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:11:51.0300 3400 slsvc - ok
00:11:51.0409 3400 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:11:51.0425 3400 SLUINotify - ok
00:11:51.0471 3400 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:11:51.0471 3400 Smb - ok
00:11:51.0518 3400 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:11:51.0534 3400 SNMPTRAP - ok
00:11:51.0581 3400 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:11:51.0581 3400 spldr - ok
00:11:51.0627 3400 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:11:51.0643 3400 Spooler - ok
00:11:51.0705 3400 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:11:51.0893 3400 srv - ok
00:11:51.0971 3400 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:11:51.0971 3400 srv2 - ok
00:11:52.0017 3400 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:11:52.0017 3400 srvnet - ok
00:11:52.0049 3400 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:11:52.0049 3400 SSDPSRV - ok
00:11:52.0080 3400 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:11:52.0080 3400 SstpSvc - ok
00:11:52.0158 3400 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:11:52.0158 3400 stisvc - ok
00:11:52.0205 3400 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:11:52.0205 3400 swenum - ok
00:11:52.0251 3400 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:11:52.0283 3400 swprv - ok
00:11:52.0298 3400 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:11:52.0298 3400 Symc8xx - ok
00:11:52.0314 3400 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:11:52.0329 3400 Sym_hi - ok
00:11:52.0345 3400 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:11:52.0361 3400 Sym_u3 - ok
00:11:52.0392 3400 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
00:11:52.0485 3400 SynTP - ok
00:11:52.0563 3400 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:11:52.0579 3400 SysMain - ok
00:11:52.0610 3400 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:11:52.0626 3400 TabletInputService - ok
00:11:52.0673 3400 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:11:52.0688 3400 TapiSrv - ok
00:11:52.0719 3400 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:11:52.0719 3400 TBS - ok
00:11:52.0813 3400 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:11:52.0922 3400 Tcpip - ok
00:11:52.0938 3400 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:11:53.0047 3400 Tcpip6 - ok
00:11:53.0094 3400 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:11:53.0094 3400 tcpipreg - ok
00:11:53.0125 3400 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:11:53.0125 3400 TDPIPE - ok
00:11:53.0156 3400 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:11:53.0156 3400 TDTCP - ok
00:11:53.0187 3400 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:11:53.0187 3400 tdx - ok
00:11:53.0281 3400 TeamViewer5 (77d6ea1ed5cafef6209c8a75fd7d22ec) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
00:11:53.0297 3400 TeamViewer5 - ok
00:11:53.0328 3400 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:11:53.0328 3400 TermDD - ok
00:11:53.0390 3400 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:11:53.0421 3400 TermService - ok
00:11:53.0484 3400 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:11:53.0499 3400 Themes - ok
00:11:53.0546 3400 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:11:53.0562 3400 THREADORDER - ok
00:11:53.0733 3400 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:11:53.0874 3400 TrkWks - ok
00:11:53.0936 3400 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:11:53.0952 3400 TrustedInstaller - ok
00:11:54.0014 3400 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:11:54.0014 3400 tssecsrv - ok
00:11:54.0045 3400 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:11:54.0045 3400 tunmp - ok
00:11:54.0092 3400 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:11:54.0092 3400 tunnel - ok
00:11:54.0123 3400 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:11:54.0123 3400 uagp35 - ok
00:11:54.0170 3400 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:11:54.0186 3400 udfs - ok
00:11:54.0233 3400 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:11:54.0248 3400 UI0Detect - ok
00:11:54.0279 3400 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:11:54.0279 3400 uliagpkx - ok
00:11:54.0326 3400 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:11:54.0326 3400 uliahci - ok
00:11:54.0357 3400 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:11:54.0357 3400 UlSata - ok
00:11:54.0373 3400 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:11:54.0373 3400 ulsata2 - ok
00:11:54.0404 3400 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:11:54.0404 3400 umbus - ok
00:11:54.0451 3400 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:11:54.0451 3400 upnphost - ok
00:11:54.0498 3400 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
00:11:54.0498 3400 USBAAPL - ok
00:11:54.0545 3400 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:11:54.0545 3400 usbccgp - ok
00:11:54.0591 3400 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:11:54.0607 3400 usbcir - ok
00:11:54.0654 3400 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:11:54.0654 3400 usbehci - ok
00:11:54.0685 3400 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:11:54.0701 3400 usbhub - ok
00:11:54.0716 3400 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:11:54.0716 3400 usbohci - ok
00:11:54.0763 3400 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:11:54.0763 3400 usbprint - ok
00:11:54.0794 3400 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
00:11:54.0794 3400 usbscan - ok
00:11:54.0825 3400 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:11:54.0825 3400 USBSTOR - ok
00:11:54.0857 3400 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:11:54.0857 3400 usbuhci - ok
00:11:54.0903 3400 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:11:54.0919 3400 UxSms - ok
00:11:54.0981 3400 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:11:54.0997 3400 vds - ok
00:11:55.0028 3400 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:11:55.0028 3400 vga - ok
00:11:55.0059 3400 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:11:55.0059 3400 VgaSave - ok
00:11:55.0106 3400 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:11:55.0106 3400 viaagp - ok
00:11:55.0137 3400 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:11:55.0137 3400 ViaC7 - ok
00:11:55.0169 3400 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:11:55.0169 3400 viaide - ok
00:11:55.0247 3400 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
00:11:55.0247 3400 Viewpoint Manager Service - ok
00:11:55.0278 3400 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:11:55.0278 3400 volmgr - ok
00:11:55.0340 3400 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:11:55.0340 3400 volmgrx - ok
00:11:55.0403 3400 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:11:55.0403 3400 volsnap - ok
00:11:55.0418 3400 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:11:55.0434 3400 vsmraid - ok
00:11:55.0512 3400 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:11:55.0559 3400 VSS - ok
00:11:55.0590 3400 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:11:55.0605 3400 W32Time - ok
00:11:55.0668 3400 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:11:55.0668 3400 WacomPen - ok
00:11:55.0699 3400 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:11:55.0699 3400 Wanarp - ok
00:11:55.0715 3400 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:11:55.0715 3400 Wanarpv6 - ok
00:11:55.0761 3400 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:11:55.0777 3400 wcncsvc - ok
00:11:55.0808 3400 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:11:55.0808 3400 WcsPlugInService - ok
00:11:55.0839 3400 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:11:55.0855 3400 Wd - ok
00:11:55.0902 3400 Wdf01000 (a1bd4ad37b361199dc326cccc9c179de) C:\Windows\system32\drivers\Wdf01000.sys
00:11:55.0917 3400 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: a1bd4ad37b361199dc326cccc9c179de, Fake md5: b6f0a7ad6d4bd325fbcd8bac96cd8d96
00:11:55.0949 3400 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:11:55.0949 3400 WdiServiceHost - ok
00:11:55.0964 3400 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:11:55.0964 3400 WdiSystemHost - ok
00:11:56.0011 3400 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:11:56.0042 3400 WebClient - ok
00:11:56.0089 3400 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:11:56.0089 3400 Wecsvc - ok
00:11:56.0105 3400 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:11:56.0120 3400 wercplsupport - ok
00:11:56.0167 3400 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:11:56.0167 3400 WerSvc - ok
00:11:56.0245 3400 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
00:11:56.0261 3400 winachsf - ok
00:11:56.0339 3400 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:11:56.0354 3400 WinDefend - ok
00:11:56.0385 3400 WinHttpAutoProxySvc - ok
00:11:56.0448 3400 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:11:56.0463 3400 Winmgmt - ok
00:11:56.0619 3400 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:11:56.0682 3400 WinRM - ok
00:11:56.0791 3400 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:11:56.0807 3400 Wlansvc - ok
00:11:57.0009 3400 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:11:57.0056 3400 wlidsvc - ok
00:11:57.0181 3400 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:11:57.0197 3400 WmiAcpi - ok
00:11:57.0290 3400 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:11:57.0306 3400 wmiApSrv - ok
00:11:57.0431 3400 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:11:57.0446 3400 WMPNetworkSvc - ok
00:11:57.0477 3400 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:11:57.0477 3400 WPCSvc - ok
00:11:57.0524 3400 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:11:57.0540 3400 WPDBusEnum - ok
00:11:57.0602 3400 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:11:57.0618 3400 WpdUsb - ok
00:11:57.0821 3400 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:11:57.0836 3400 WPFFontCache_v0400 - ok
00:11:57.0867 3400 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:11:57.0867 3400 ws2ifsl - ok
00:11:57.0899 3400 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:11:57.0914 3400 wscsvc - ok
00:11:57.0930 3400 WSearch - ok
00:11:58.0086 3400 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
00:11:58.0148 3400 wuauserv - ok
00:11:58.0289 3400 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:11:58.0289 3400 WUDFRd - ok
00:11:58.0335 3400 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:11:58.0351 3400 wudfsvc - ok
00:11:58.0367 3400 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
00:11:58.0460 3400 XAudio - ok
00:11:58.0507 3400 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
00:11:58.0523 3400 XAudioService - ok
00:11:58.0554 3400 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
00:11:59.0006 3400 \Device\Harddisk0\DR0 - ok
00:11:59.0022 3400 Boot (0x1200) (bfa90ae0c2826bb56d2025c3970a658f) \Device\Harddisk0\DR0\Partition0
00:11:59.0022 3400 \Device\Harddisk0\DR0\Partition0 - ok
00:11:59.0022 3400 Boot (0x1200) (4922a1dfde9432f207ceb57d39e49357) \Device\Harddisk0\DR0\Partition1
00:11:59.0037 3400 \Device\Harddisk0\DR0\Partition1 - ok
00:11:59.0037 3400 ============================================================
00:11:59.0037 3400 Scan finished
00:11:59.0037 3400 ============================================================
00:11:59.0053 4048 Detected object count: 1
00:11:59.0053 4048 Actual detected object count: 1
00:12:17.0904 4048 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine
00:12:17.0998 4048 DfsC ( LockedFile.Multi.Generic ) - User select action: Quarantine
00:12:35.0938 1408 ============================================================
00:12:35.0938 1408 Scan started
00:12:35.0938 1408 Mode: Manual; TDLFS;
00:12:35.0938 1408 ============================================================
00:12:36.0203 1408 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:12:36.0218 1408 ACPI - ok
00:12:36.0296 1408 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:12:36.0296 1408 AdobeFlashPlayerUpdateSvc - ok
00:12:36.0343 1408 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:12:36.0343 1408 adp94xx - ok
00:12:36.0390 1408 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:12:36.0406 1408 adpahci - ok
00:12:36.0437 1408 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:12:36.0437 1408 adpu160m - ok
00:12:36.0468 1408 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:12:36.0468 1408 adpu320 - ok
00:12:36.0484 1408 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:12:36.0499 1408 AeLookupSvc - ok
00:12:36.0546 1408 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:12:36.0546 1408 AFD - ok
00:12:36.0577 1408 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:12:36.0577 1408 agp440 - ok
00:12:36.0593 1408 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:12:36.0593 1408 aic78xx - ok
00:12:36.0624 1408 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:12:36.0624 1408 ALG - ok
00:12:36.0640 1408 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:12:36.0640 1408 aliide - ok
00:12:36.0671 1408 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:12:36.0671 1408 amdagp - ok
00:12:36.0686 1408 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:12:36.0702 1408 amdide - ok
00:12:36.0718 1408 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:12:36.0733 1408 AmdK7 - ok
00:12:36.0749 1408 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
00:12:36.0749 1408 AmdK8 - ok
00:12:36.0780 1408 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:12:36.0780 1408 Appinfo - ok
00:12:36.0905 1408 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:12:36.0920 1408 Apple Mobile Device - ok
00:12:36.0952 1408 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:12:36.0952 1408 arc - ok
00:12:36.0967 1408 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:12:36.0967 1408 arcsas - ok
00:12:36.0998 1408 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:12:36.0998 1408 AsyncMac - ok
00:12:37.0014 1408 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:12:37.0014 1408 atapi - ok
00:12:37.0108 1408 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
00:12:37.0295 1408 athr - ok
00:12:37.0388 1408 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:12:37.0404 1408 AudioEndpointBuilder - ok
00:12:37.0404 1408 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:12:37.0420 1408 Audiosrv - ok
00:12:37.0466 1408 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
00:12:37.0482 1408 BCM43XV - ok
00:12:37.0513 1408 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:12:37.0513 1408 Beep - ok
00:12:37.0591 1408 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
00:12:37.0622 1408 BITS - ok
00:12:37.0654 1408 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:12:37.0654 1408 blbdrive - ok
00:12:37.0747 1408 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:12:37.0747 1408 Bonjour Service - ok
00:12:37.0794 1408 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:12:37.0794 1408 bowser - ok
00:12:37.0825 1408 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:12:37.0825 1408 BrFiltLo - ok
00:12:37.0856 1408 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:12:37.0856 1408 BrFiltUp - ok
00:12:37.0903 1408 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:12:37.0903 1408 Browser - ok
00:12:37.0950 1408 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:12:37.0966 1408 Brserid - ok
00:12:38.0012 1408 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:12:38.0012 1408 BrSerWdm - ok
00:12:38.0044 1408 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:12:38.0044 1408 BrUsbMdm - ok
00:12:38.0059 1408 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:12:38.0075 1408 BrUsbSer - ok
00:12:38.0106 1408 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:12:38.0106 1408 BTHMODEM - ok
00:12:38.0137 1408 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:12:38.0153 1408 cdfs - ok
00:12:38.0200 1408 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:12:38.0200 1408 cdrom - ok
00:12:38.0246 1408 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:12:38.0246 1408 CertPropSvc - ok
00:12:38.0278 1408 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
00:12:38.0278 1408 cfwids - ok
00:12:38.0309 1408 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:12:38.0309 1408 circlass - ok
00:12:38.0356 1408 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:12:38.0371 1408 CLFS - ok
00:12:38.0418 1408 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:12:38.0418 1408 clr_optimization_v2.0.50727_32 - ok
00:12:38.0496 1408 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:12:38.0496 1408 clr_optimization_v4.0.30319_32 - ok
00:12:38.0512 1408 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:12:38.0512 1408 CmBatt - ok
00:12:38.0527 1408 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:12:38.0527 1408 cmdide - ok
00:12:38.0574 1408 CnxtHdAudService (e2e93d9deb5d97030122a17ffaad6f73) C:\Windows\system32\drivers\CHDRT32.sys
00:12:38.0746 1408 CnxtHdAudService - ok
00:12:38.0808 1408 Com4QLBEx (7795f8cebc284a426b53f541e538695f) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
00:12:38.0824 1408 Com4QLBEx - ok
00:12:38.0839 1408 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:12:38.0839 1408 Compbatt - ok
00:12:38.0855 1408 COMSysApp - ok
00:12:38.0870 1408 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:12:38.0870 1408 crcdisk - ok
00:12:38.0902 1408 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:12:38.0902 1408 Crusoe - ok
00:12:38.0948 1408 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
00:12:38.0964 1408 CryptSvc - ok
00:12:39.0042 1408 CSS DVP (10d08460d2415b38d4179d91a6ae3a25) C:\Windows\system32\DRIVERS\css-dvp.sys
00:12:39.0058 1408 CSS DVP - ok
00:12:39.0136 1408 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:12:39.0136 1408 DcomLaunch - ok
00:12:39.0198 1408 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:12:39.0198 1408 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 622c41a07ca7e6dd91770f50d532cb6c
00:12:39.0198 1408 DfsC ( LockedFile.Multi.Generic ) - warning
00:12:39.0198 1408 DfsC - detected LockedFile.Multi.Generic (1)
00:12:39.0338 1408 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:12:39.0370 1408 DFSR - ok
00:12:39.0479 1408 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:12:39.0494 1408 Dhcp - ok
00:12:39.0541 1408 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:12:39.0541 1408 disk - ok
00:12:39.0588 1408 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:12:39.0650 1408 Dnscache - ok
00:12:39.0697 1408 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:12:39.0713 1408 dot3svc - ok
00:12:39.0760 1408 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:12:39.0760 1408 DPS - ok
00:12:39.0791 1408 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:12:39.0791 1408 drmkaud - ok
00:12:39.0853 1408 dvpapi (68c9a40ea00417df63f541fd8dfa65a1) C:\Program Files\Common Files\Command Software\dvpapi.exe
00:12:39.0869 1408 dvpapi - ok
00:12:39.0947 1408 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:12:40.0118 1408 DXGKrnl - ok
00:12:40.0150 1408 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:12:40.0150 1408 E1G60 - ok
00:12:40.0196 1408 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:12:40.0196 1408 EapHost - ok
00:12:40.0243 1408 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:12:40.0259 1408 Ecache - ok
00:12:40.0290 1408 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:12:40.0290 1408 ehRecvr - ok
00:12:40.0321 1408 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:12:40.0321 1408 ehSched - ok
00:12:40.0337 1408 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:12:40.0337 1408 ehstart - ok
00:12:40.0384 1408 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:12:40.0384 1408 elxstor - ok
00:12:40.0462 1408 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:12:40.0477 1408 EMDMgmt - ok
00:12:40.0508 1408 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:12:40.0508 1408 ErrDev - ok
00:12:40.0555 1408 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:12:40.0555 1408 EventSystem - ok
00:12:40.0618 1408 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:12:40.0618 1408 exfat - ok
00:12:40.0664 1408 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:12:40.0664 1408 fastfat - ok
00:12:40.0696 1408 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:12:40.0696 1408 fdc - ok
00:12:40.0727 1408 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:12:40.0727 1408 fdPHost - ok
00:12:40.0758 1408 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:12:40.0758 1408 FDResPub - ok
00:12:40.0774 1408 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:12:40.0774 1408 FileInfo - ok
00:12:40.0805 1408 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:12:40.0805 1408 Filetrace - ok
00:12:40.0820 1408 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:12:40.0836 1408 flpydisk - ok
00:12:40.0883 1408 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:12:40.0883 1408 FltMgr - ok
00:12:40.0976 1408 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:12:40.0992 1408 FontCache - ok
00:12:41.0039 1408 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:12:41.0054 1408 FontCache3.0.0.0 - ok
00:12:41.0101 1408 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:12:41.0101 1408 Fs_Rec - ok
00:12:41.0132 1408 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:12:41.0148 1408 gagp30kx - ok
00:12:41.0257 1408 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files\WildTangent Games\App\GamesAppService.exe
00:12:41.0257 1408 GamesAppService - ok
00:12:41.0304 1408 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:12:41.0304 1408 GEARAspiWDM - ok
00:12:41.0398 1408 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:12:41.0429 1408 gpsvc - ok
00:12:41.0522 1408 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:12:41.0522 1408 gupdate - ok
00:12:41.0554 1408 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:12:41.0554 1408 gupdatem - ok
00:12:41.0616 1408 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:12:41.0632 1408 HdAudAddService - ok
00:12:41.0694 1408 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:12:41.0710 1408 HDAudBus - ok
00:12:41.0741 1408 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:12:41.0741 1408 HidBth - ok
00:12:41.0772 1408 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:12:41.0772 1408 HidIr - ok
00:12:41.0803 1408 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:12:41.0819 1408 hidserv - ok
00:12:41.0850 1408 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:12:41.0850 1408 HidUsb - ok
00:12:41.0881 1408 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:12:41.0881 1408 hkmsvc - ok
00:12:41.0944 1408 HP Health Check Service (89f9e1984c1cd9e5f4fe39642d886e11) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:12:41.0944 1408 HP Health Check Service - ok
00:12:41.0975 1408 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:12:41.0975 1408 HpCISSs - ok
00:12:41.0990 1408 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:12:42.0084 1408 HpqKbFiltr - ok
00:12:42.0100 1408 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
00:12:42.0100 1408 HpqRemHid - ok
00:12:42.0146 1408 hpqwmiex (d50fdad1e57aa60f1973cfc77d905f0e) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:12:42.0146 1408 hpqwmiex - ok
00:12:42.0178 1408 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:12:42.0178 1408 HSFHWAZL - ok
00:12:42.0287 1408 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
00:12:42.0302 1408 HSF_DPV - ok
00:12:42.0318 1408 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
00:12:42.0490 1408 HSXHWAZL - ok
00:12:42.0583 1408 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:12:42.0599 1408 HTTP - ok
00:12:42.0630 1408 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:12:42.0630 1408 i2omp - ok
00:12:42.0677 1408 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:12:42.0677 1408 i8042prt - ok
00:12:42.0708 1408 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:12:42.0724 1408 iaStorV - ok
00:12:42.0802 1408 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:12:42.0817 1408 IDriverT - ok
00:12:42.0926 1408 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:12:42.0942 1408 idsvc - ok
00:12:42.0973 1408 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:12:42.0989 1408 iirsp - ok
00:12:43.0051 1408 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:12:43.0067 1408 IKEEXT - ok
00:12:43.0082 1408 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:12:43.0098 1408 intelide - ok
00:12:43.0114 1408 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:12:43.0114 1408 intelppm - ok
00:12:43.0160 1408 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:12:43.0160 1408 IPBusEnum - ok
00:12:43.0176 1408 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:12:43.0192 1408 IpFilterDriver - ok
00:12:43.0238 1408 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:12:43.0254 1408 iphlpsvc - ok
00:12:43.0270 1408 IpInIp - ok
00:12:43.0301 1408 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:12:43.0301 1408 IPMIDRV - ok
00:12:43.0316 1408 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:12:43.0332 1408 IPNAT - ok
00:12:43.0441 1408 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
00:12:43.0441 1408 iPod Service - ok
00:12:43.0472 1408 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:12:43.0488 1408 IRENUM - ok
00:12:43.0519 1408 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:12:43.0519 1408 isapnp - ok
00:12:43.0597 1408 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:12:43.0597 1408 iScsiPrt - ok
00:12:43.0613 1408 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:12:43.0613 1408 iteatapi - ok
00:12:43.0628 1408 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:12:43.0628 1408 iteraid - ok
00:12:43.0660 1408 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:12:43.0660 1408 kbdclass - ok
00:12:43.0706 1408 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:12:43.0706 1408 kbdhid - ok
00:12:43.0738 1408 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:12:43.0738 1408 KeyIso - ok
00:12:43.0784 1408 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:12:43.0784 1408 KSecDD - ok
00:12:43.0847 1408 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:12:43.0847 1408 KtmRm - ok
00:12:43.0894 1408 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:12:43.0894 1408 LanmanServer - ok
00:12:43.0940 1408 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:12:43.0956 1408 LanmanWorkstation - ok
00:12:43.0987 1408 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:12:43.0987 1408 lltdio - ok
00:12:44.0034 1408 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:12:44.0034 1408 lltdsvc - ok
00:12:44.0065 1408 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:12:44.0081 1408 lmhosts - ok
00:12:44.0112 1408 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:12:44.0112 1408 LSI_FC - ok
00:12:44.0128 1408 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:12:44.0128 1408 LSI_SAS - ok
00:12:44.0143 1408 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:12:44.0143 1408 LSI_SCSI - ok
00:12:44.0159 1408 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:12:44.0159 1408 luafv - ok
00:12:44.0174 1408 MBAMSwissArmy - ok
00:12:44.0268 1408 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:12:44.0268 1408 McAfee SiteAdvisor Service - ok
00:12:44.0346 1408 McciCMService (4f74184920b2d6e33024409b4c5c57c1) C:\Program Files\Common Files\Motive\McciCMService.exe
00:12:44.0346 1408 McciCMService - ok
00:12:44.0362 1408 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:12:44.0362 1408 McMPFSvc - ok
00:12:44.0377 1408 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:12:44.0377 1408 mcmscsvc - ok
00:12:44.0393 1408 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:12:44.0393 1408 McNaiAnn - ok
00:12:44.0408 1408 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:12:44.0408 1408 McNASvc - ok
00:12:44.0486 1408 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
00:12:44.0486 1408 McODS - ok
00:12:44.0502 1408 McOobeSv (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:12:44.0502 1408 McOobeSv - ok
00:12:44.0518 1408 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:12:44.0518 1408 McProxy - ok
00:12:44.0596 1408 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:12:44.0596 1408 McShield - ok
00:12:44.0642 1408 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:12:44.0658 1408 Mcx2Svc - ok
00:12:44.0689 1408 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
00:12:44.0689 1408 mdmxsdk - ok
00:12:44.0720 1408 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:12:44.0720 1408 megasas - ok
00:12:44.0767 1408 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:12:44.0783 1408 MegaSR - ok
00:12:44.0814 1408 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
00:12:44.0814 1408 mfeapfk - ok
00:12:44.0861 1408 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
00:12:44.0970 1408 mfeavfk - ok
00:12:44.0986 1408 mfeavfk01 - ok
00:12:45.0079 1408 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
00:12:45.0079 1408 mfebopk - ok
00:12:45.0126 1408 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:12:45.0142 1408 mfefire - ok
00:12:45.0188 1408 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
00:12:45.0188 1408 mfefirek - ok
00:12:45.0251 1408 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\Windows\system32\drivers\mfehidk.sys
00:12:45.0266 1408 mfehidk - ok
00:12:45.0298 1408 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
00:12:45.0298 1408 mfenlfk - ok
00:12:45.0329 1408 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\Windows\system32\drivers\mferkdet.sys
00:12:45.0344 1408 mferkdet - ok
00:12:45.0376 1408 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
00:12:45.0376 1408 mfevtp - ok
00:12:45.0422 1408 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
00:12:45.0438 1408 mfewfpk - ok
00:12:45.0469 1408 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:12:45.0469 1408 MMCSS - ok
00:12:45.0500 1408 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:12:45.0516 1408 Modem - ok
00:12:45.0532 1408 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:12:45.0532 1408 monitor - ok
00:12:45.0578 1408 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:12:45.0578 1408 mouclass - ok
00:12:45.0594 1408 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:12:45.0594 1408 mouhid - ok
00:12:45.0610 1408 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:12:45.0625 1408 MountMgr - ok
00:12:45.0656 1408 MPFP (95675c3398dcc084c8d1dc35cc4e9e01) C:\Windows\system32\Drivers\Mpfp.sys
00:12:45.0672 1408 MPFP - ok
00:12:45.0703 1408 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:12:45.0703 1408 mpio - ok
00:12:45.0734 1408 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:12:45.0734 1408 mpsdrv - ok
00:12:45.0750 1408 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:12:45.0766 1408 Mraid35x - ok
00:12:45.0797 1408 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
00:12:45.0812 1408 MREMP50 - ok
00:12:45.0812 1408 MREMP50a64 - ok
00:12:45.0828 1408 MREMPR5 - ok
00:12:45.0828 1408 MRENDIS5 - ok
00:12:45.0859 1408 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
00:12:45.0859 1408 MRESP50 - ok
00:12:45.0859 1408 MRESP50a64 - ok
00:12:45.0922 1408 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:12:45.0937 1408 MRxDAV - ok
00:12:45.0984 1408 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:12:45.0984 1408 mrxsmb - ok
00:12:46.0046 1408 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:12:46.0046 1408 mrxsmb10 - ok
00:12:46.0062 1408 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:12:46.0078 1408 mrxsmb20 - ok
00:12:46.0093 1408 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:12:46.0109 1408 msahci - ok
00:12:46.0124 1408 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:12:46.0140 1408 msdsm - ok
00:12:46.0187 1408 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:12:46.0187 1408 MSDTC - ok
00:12:46.0218 1408 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:12:46.0234 1408 Msfs - ok
00:12:46.0249 1408 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:12:46.0249 1408 msisadrv - ok
00:12:46.0280 1408 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:12:46.0296 1408 MSiSCSI - ok
00:12:46.0312 1408 msiserver - ok
00:12:46.0327 1408 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:12:46.0343 1408 MSKSSRV - ok
00:12:46.0358 1408 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:12:46.0358 1408 MSPCLOCK - ok
00:12:46.0390 1408 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:12:46.0390 1408 MSPQM - ok
00:12:46.0436 1408 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:12:46.0452 1408 MsRPC - ok
00:12:46.0483 1408 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:12:46.0483 1408 mssmbios - ok
00:12:46.0499 1408 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:12:46.0499 1408 MSTEE - ok
00:12:46.0530 1408 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:12:46.0530 1408 Mup - ok
00:12:46.0577 1408 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:12:46.0592 1408 napagent - ok
00:12:46.0639 1408 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:12:46.0639 1408 NativeWifiP - ok
00:12:46.0686 1408 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:12:46.0702 1408 NDIS - ok
00:12:46.0717 1408 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:12:46.0733 1408 NdisTapi - ok
00:12:46.0748 1408 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:12:46.0748 1408 Ndisuio - ok
00:12:46.0764 1408 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:12:46.0764 1408 NdisWan - ok
00:12:46.0795 1408 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:12:46.0795 1408 NDProxy - ok
00:12:46.0842 1408 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:12:46.0842 1408 NetBIOS - ok
00:12:46.0873 1408 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:12:46.0889 1408 netbt - ok
00:12:46.0904 1408 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:12:46.0904 1408 Netlogon - ok
00:12:46.0951 1408 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:12:46.0967 1408 Netman - ok
00:12:46.0998 1408 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:12:47.0014 1408 netprofm - ok
00:12:47.0076 1408 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:12:47.0076 1408 NetTcpPortSharing - ok
00:12:47.0107 1408 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:12:47.0107 1408 nfrd960 - ok
00:12:47.0154 1408 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:12:47.0170 1408 NlaSvc - ok
00:12:47.0185 1408 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:12:47.0201 1408 Npfs - ok
00:12:47.0216 1408 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:12:47.0216 1408 nsi - ok
00:12:47.0232 1408 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:12:47.0232 1408 nsiproxy - ok
00:12:47.0341 1408 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:12:47.0372 1408 Ntfs - ok
00:12:47.0404 1408 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:12:47.0404 1408 ntrigdigi - ok
00:12:47.0435 1408 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:12:47.0435 1408 Null - ok
00:12:47.0513 1408 NVENETFD (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys
00:12:47.0560 1408 NVENETFD - ok
00:12:47.0606 1408 NVHDA (57945c4c155a79cf3e0f463e3cc9923e) C:\Windows\system32\drivers\nvhda32v.sys
00:12:47.0638 1408 NVHDA - ok
00:12:48.0355 1408 nvlddmkm (9dac05d828e56801fd6ce5fdfced64af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:12:48.0605 1408 nvlddmkm - ok
00:12:48.0745 1408 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:12:48.0745 1408 nvraid - ok
00:12:48.0792 1408 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys
00:12:48.0792 1408 nvsmu - ok
00:12:48.0839 1408 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:12:48.0839 1408 nvstor - ok
00:12:48.0917 1408 nvsvc (51e7f2c26b6ece61c5241f1f731eab2b) C:\Windows\system32\nvvsvc.exe
00:12:48.0932 1408 nvsvc - ok
00:12:48.0964 1408 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:12:48.0979 1408 nv_agp - ok
00:12:48.0979 1408 NwlnkFlt - ok
00:12:48.0995 1408 NwlnkFwd - ok
00:12:49.0026 1408 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
00:12:49.0042 1408 ohci1394 - ok
00:12:49.0104 1408 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:12:49.0120 1408 p2pimsvc - ok
00:12:49.0135 1408 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:12:49.0151 1408 p2psvc - ok
00:12:49.0182 1408 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:12:49.0182 1408 Parport - ok
00:12:49.0229 1408 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:12:49.0244 1408 partmgr - ok
00:12:49.0260 1408 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:12:49.0276 1408 Parvdm - ok
00:12:49.0307 1408 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:12:49.0322 1408 PcaSvc - ok
00:12:49.0385 1408 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:12:49.0385 1408 pci - ok
00:12:49.0416 1408 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:12:49.0416 1408 pciide - ok
00:12:49.0447 1408 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:12:49.0463 1408 pcmcia - ok
00:12:49.0525 1408 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:12:49.0556 1408 PEAUTH - ok
00:12:49.0697 1408 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:12:49.0759 1408 pla - ok
00:12:49.0884 1408 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:12:49.0884 1408 PlugPlay - ok
00:12:49.0978 1408 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:12:49.0978 1408 PNRPAutoReg - ok
00:12:50.0009 1408 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:12:50.0024 1408 PNRPsvc - ok
00:12:50.0071 1408 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:12:50.0087 1408 PolicyAgent - ok
00:12:50.0149 1408 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:12:50.0149 1408 PptpMiniport - ok
00:12:50.0165 1408 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
00:12:50.0165 1408 Processor - ok
00:12:50.0196 1408 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:12:50.0196 1408 ProfSvc - ok
00:12:50.0227 1408 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:12:50.0227 1408 ProtectedStorage - ok
00:12:50.0274 1408 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:12:50.0274 1408 PSched - ok
00:12:50.0383 1408 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:12:50.0414 1408 ql2300 - ok
00:12:50.0446 1408 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:12:50.0461 1408 ql40xx - ok
00:12:50.0508 1408 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:12:50.0508 1408 QWAVE - ok
00:12:50.0539 1408 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:12:50.0539 1408 QWAVEdrv - ok
00:12:50.0555 1408 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:12:50.0570 1408 RasAcd - ok
00:12:50.0586 1408 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:12:50.0602 1408 RasAuto - ok
00:12:50.0633 1408 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:12:50.0633 1408 Rasl2tp - ok
00:12:50.0695 1408 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:12:50.0695 1408 RasMan - ok
00:12:50.0773 1408 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:12:50.0773 1408 RasPppoe - ok
00:12:50.0820 1408 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:12:50.0820 1408 RasSstp - ok
00:12:50.0867 1408 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:12:50.0882 1408 rdbss - ok
00:12:50.0914 1408 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:12:50.0914 1408 RDPCDD - ok
00:12:50.0960 1408 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:12:50.0976 1408 rdpdr - ok
00:12:50.0976 1408 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:12:50.0992 1408 RDPENCDD - ok
00:12:51.0054 1408 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
00:12:51.0226 1408 RDPWD - ok
00:12:51.0335 1408 Recovery Service for Windows (431723f23d0e065bef502389e8ffdc10) C:\Windows\SMINST\BLService.exe
00:12:51.0366 1408 Recovery Service for Windows - ok
00:12:51.0413 1408 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:12:51.0413 1408 RemoteAccess - ok
00:12:51.0460 1408 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:12:51.0460 1408 RemoteRegistry - ok
00:12:51.0553 1408 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:12:51.0569 1408 RichVideo - ok
00:12:51.0600 1408 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:12:51.0616 1408 RpcLocator - ok
00:12:51.0694 1408 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:12:51.0725 1408 RpcSs - ok
00:12:51.0803 1408 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:12:51.0818 1408 rspndr - ok
00:12:51.0865 1408 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:12:51.0865 1408 SamSs - ok
00:12:51.0896 1408 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:12:51.0912 1408 sbp2port - ok
00:12:51.0959 1408 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:12:51.0990 1408 SCardSvr - ok
00:12:52.0068 1408 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:12:52.0115 1408 Schedule - ok
00:12:52.0162 1408 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:12:52.0162 1408 SCPolicySvc - ok
00:12:52.0396 1408 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:12:52.0411 1408 SDRSVC - ok
00:12:52.0505 1408 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:12:52.0786 1408 secdrv - ok
00:12:52.0895 1408 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:12:52.0910 1408 seclogon - ok
00:12:53.0176 1408 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
00:12:53.0207 1408 SENS - ok
00:12:53.0269 1408 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:12:53.0269 1408 Serenum - ok
00:12:53.0363 1408 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:12:53.0378 1408 Serial - ok
00:12:53.0456 1408 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:12:53.0456 1408 sermouse - ok
00:12:53.0581 1408 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:12:53.0597 1408 SessionEnv - ok
00:12:53.0628 1408 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:12:53.0628 1408 sffdisk - ok
00:12:53.0675 1408 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:12:53.0675 1408 sffp_mmc - ok
00:12:53.0706 1408 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:12:53.0706 1408 sffp_sd - ok
00:12:53.0737 1408 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
00:12:53.0753 1408 sfloppy - ok
00:12:53.0800 1408 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:12:53.0800 1408 SharedAccess - ok
00:12:53.0862 1408 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:12:53.0878 1408 ShellHWDetection - ok
00:12:53.0909 1408 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:12:53.0909 1408 sisagp - ok
00:12:53.0924 1408 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:12:53.0924 1408 SiSRaid2 - ok
00:12:53.0956 1408 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:12:53.0956 1408 SiSRaid4 - ok
00:12:54.0190 1408 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:12:54.0330 1408 slsvc - ok
00:12:55.0531 1408 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:12:55.0531 1408 SLUINotify - ok
00:12:55.0656 1408 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:12:55.0656 1408 Smb - ok
00:12:55.0718 1408 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:12:55.0718 1408 SNMPTRAP - ok
00:12:55.0750 1408 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:12:55.0750 1408 spldr - ok
00:12:55.0890 1408 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:12:55.0906 1408 Spooler - ok
00:12:56.0046 1408 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:12:56.0233 1408 srv - ok
00:12:56.0311 1408 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:12:56.0327 1408 srv2 - ok
00:12:56.0374 1408 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:12:56.0389 1408 srvnet - ok
00:12:56.0452 1408 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:12:56.0467 1408 SSDPSRV - ok
00:12:56.0514 1408 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:12:56.0514 1408 SstpSvc - ok
00:12:56.0592 1408 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:12:56.0608 1408 stisvc - ok
00:12:56.0639 1408 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:12:56.0639 1408 swenum - ok
00:12:56.0686 1408 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:12:56.0717 1408 swprv - ok
00:12:56.0748 1408 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:12:56.0748 1408 Symc8xx - ok
00:12:56.0779 1408 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:12:56.0779 1408 Sym_hi - ok
00:12:56.0810 1408 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:12:56.0826 1408 Sym_u3 - ok
00:12:56.0873 1408 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
00:12:56.0982 1408 SynTP - ok
00:12:57.0044 1408 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:12:57.0076 1408 SysMain - ok
00:12:57.0107 1408 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:12:57.0107 1408 TabletInputService - ok
00:12:57.0169 1408 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:12:57.0185 1408 TapiSrv - ok
00:12:57.0200 1408 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:12:57.0216 1408 TBS - ok
00:12:57.0294 1408 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:12:57.0450 1408 Tcpip - ok
00:12:57.0466 1408 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:12:57.0575 1408 Tcpip6 - ok
00:12:57.0622 1408 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:12:57.0622 1408 tcpipreg - ok
00:12:57.0700 1408 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:12:57.0700 1408 TDPIPE - ok
00:12:57.0731 1408 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:12:57.0731 1408 TDTCP - ok
00:12:57.0793 1408 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:12:57.0809 1408 tdx - ok
00:12:57.0902 1408 TeamViewer5 (77d6ea1ed5cafef6209c8a75fd7d22ec) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
00:12:57.0918 1408 TeamViewer5 - ok
00:12:57.0934 1408 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:12:57.0934 1408 TermDD - ok
00:12:57.0996 1408 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:12:58.0012 1408 TermService - ok
00:12:58.0058 1408 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:12:58.0074 1408 Themes - ok
00:12:58.0090 1408 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:12:58.0105 1408 THREADORDER - ok
00:12:58.0136 1408 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:12:58.0136 1408 TrkWks - ok
00:12:58.0214 1408 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:12:58.0214 1408 TrustedInstaller - ok
00:12:58.0261 1408 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:12:58.0261 1408 tssecsrv - ok
00:12:58.0292 1408 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:12:58.0292 1408 tunmp - ok
00:12:58.0339 1408 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:12:58.0339 1408 tunnel - ok
00:12:58.0370 1408 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:12:58.0386 1408 uagp35 - ok
00:12:58.0417 1408 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:12:58.0464 1408 udfs - ok
00:12:58.0495 1408 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:12:58.0511 1408 UI0Detect - ok
00:12:58.0542 1408 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:12:58.0542 1408 uliagpkx - ok
00:12:58.0589 1408 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:12:58.0604 1408 uliahci - ok
00:12:58.0620 1408 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:12:58.0620 1408 UlSata - ok
00:12:58.0636 1408 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:12:58.0651 1408 ulsata2 - ok
00:12:58.0667 1408 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:12:58.0682 1408 umbus - ok
00:12:58.0714 1408 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:12:58.0714 1408 upnphost - ok
00:12:58.0776 1408 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
00:12:58.0776 1408 USBAAPL - ok
00:12:58.0823 1408 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:12:58.0823 1408 usbccgp - ok
00:12:58.0854 1408 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:12:58.0870 1408 usbcir - ok
00:12:58.0901 1408 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:12:58.0901 1408 usbehci - ok
00:12:58.0963 1408 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:12:58.0963 1408 usbhub - ok
00:12:58.0979 1408 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:12:58.0994 1408 usbohci - ok
00:12:59.0026 1408 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:12:59.0026 1408 usbprint - ok
00:12:59.0057 1408 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
00:12:59.0057 1408 usbscan - ok
00:12:59.0104 1408 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:12:59.0104 1408 USBSTOR - ok
00:12:59.0135 1408 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:12:59.0135 1408 usbuhci - ok
00:12:59.0182 1408 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:12:59.0197 1408 UxSms - ok
00:12:59.0260 1408 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:12:59.0275 1408 vds - ok
00:12:59.0306 1408 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:12:59.0306 1408 vga - ok
00:12:59.0338 1408 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:12:59.0338 1408 VgaSave - ok
00:12:59.0369 1408 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:12:59.0369 1408 viaagp - ok
00:12:59.0400 1408 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:12:59.0400 1408 ViaC7 - ok
00:12:59.0431 1408 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:12:59.0431 1408 viaide - ok
00:12:59.0525 1408 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
00:12:59.0525 1408 Viewpoint Manager Service - ok
00:12:59.0556 1408 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:12:59.0556 1408 volmgr - ok
00:12:59.0634 1408 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:12:59.0650 1408 volmgrx - ok
00:12:59.0728 1408 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:12:59.0728 1408 volsnap - ok
00:12:59.0774 1408 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:12:59.0790 1408 vsmraid - ok
00:12:59.0868 1408 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:12:59.0899 1408 VSS - ok
00:12:59.0930 1408 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:12:59.0946 1408 W32Time - ok
00:12:59.0993 1408 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:12:59.0993 1408 WacomPen - ok
00:13:00.0024 1408 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:13:00.0024 1408 Wanarp - ok
00:13:00.0040 1408 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:13:00.0040 1408 Wanarpv6 - ok
00:13:00.0086 1408 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:13:00.0102 1408 wcncsvc - ok
00:13:00.0133 1408 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:13:00.0133 1408 WcsPlugInService - ok
00:13:00.0149 1408 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:13:00.0164 1408 Wd - ok
00:13:00.0211 1408 Wdf01000 (a1bd4ad37b361199dc326cccc9c179de) C:\Windows\system32\drivers\Wdf01000.sys
00:13:00.0227 1408 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: a1bd4ad37b361199dc326cccc9c179de, Fake md5: b6f0a7ad6d4bd325fbcd8bac96cd8d96
00:13:00.0258 1408 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:13:00.0274 1408 WdiServiceHost - ok
00:13:00.0289 1408 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:13:00.0289 1408 WdiSystemHost - ok
00:13:00.0352 1408 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:13:00.0367 1408 WebClient - ok
00:13:00.0414 1408 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:13:00.0430 1408 Wecsvc - ok
00:13:00.0476 1408 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:13:00.0476 1408 wercplsupport - ok
00:13:00.0539 1408 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:13:00.0539 1408 WerSvc - ok
00:13:00.0601 1408 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
00:13:00.0632 1408 winachsf - ok
00:13:00.0710 1408 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:13:00.0710 1408 WinDefend - ok
00:13:00.0742 1408 WinHttpAutoProxySvc - ok
00:13:00.0788 1408 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:13:00.0804 1408 Winmgmt - ok
00:13:00.0913 1408 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:13:00.0976 1408 WinRM - ok
00:13:01.0038 1408 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:13:01.0069 1408 Wlansvc - ok
00:13:01.0256 1408 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:13:01.0756 1408 wlidsvc - ok
00:13:02.0052 1408 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:13:02.0052 1408 WmiAcpi - ok
00:13:02.0130 1408 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:13:02.0146 1408 wmiApSrv - ok
00:13:02.0239 1408 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:13:02.0270 1408 WMPNetworkSvc - ok
00:13:02.0302 1408 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:13:02.0317 1408 WPCSvc - ok
00:13:02.0364 1408 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:13:02.0364 1408 WPDBusEnum - ok
00:13:02.0426 1408 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:13:02.0442 1408 WpdUsb - ok
00:13:02.0645 1408 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:13:02.0676 1408 WPFFontCache_v0400 - ok
00:13:02.0723 1408 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:13:02.0723 1408 ws2ifsl - ok
00:13:02.0770 1408 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:13:02.0785 1408 wscsvc - ok
00:13:02.0801 1408 WSearch - ok
00:13:03.0004 1408 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
00:13:03.0066 1408 wuauserv - ok
00:13:03.0191 1408 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:13:03.0206 1408 WUDFRd - ok
00:13:03.0253 1408 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:13:03.0253 1408 wudfsvc - ok
00:13:03.0300 1408 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
00:13:03.0378 1408 XAudio - ok
00:13:03.0409 1408 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
00:13:03.0440 1408 XAudioService - ok
00:13:03.0487 1408 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
00:13:03.0908 1408 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:13:03.0908 1408 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:13:03.0924 1408 Boot (0x1200) (bfa90ae0c2826bb56d2025c3970a658f) \Device\Harddisk0\DR0\Partition0
00:13:03.0924 1408 \Device\Harddisk0\DR0\Partition0 - ok
00:13:03.0924 1408 Boot (0x1200) (4922a1dfde9432f207ceb57d39e49357) \Device\Harddisk0\DR0\Partition1
00:13:03.0924 1408 \Device\Harddisk0\DR0\Partition1 - ok
00:13:03.0924 1408 ============================================================
00:13:03.0924 1408 Scan finished
00:13:03.0924 1408 ============================================================
00:13:03.0955 2320 Detected object count: 2
00:13:03.0955 2320 Actual detected object count: 2
00:13:31.0942 2320 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine
00:13:32.0020 2320 DfsC ( LockedFile.Multi.Generic ) - User select action: Quarantine
00:13:32.0051 2320 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
00:13:32.0066 2320 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
00:13:32.0082 2320 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
00:13:32.0098 2320 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:13:32.0410 2320 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:13:32.0410 2320 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:13:34.0937 2320 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:13:35.0046 2320 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:13:35.0124 2320 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
00:13:35.0140 2320 \Device\Harddisk0\DR0\TDLFS\lsflt7.ver - copied to quarantine
00:13:35.0155 2320 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-20 00:34:42
-----------------------------
00:34:42.074 OS Version: Windows 6.0.6002 Service Pack 2
00:34:42.074 Number of processors: 2 586 0x301
00:34:42.074 ComputerName: HOUSEPC UserName: bob
00:34:43.806 Initialize success
00:35:56.103 AVAST engine defs: 12051901
00:36:25.713 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5
00:36:25.713 Disk 0 Vendor: WDC_WD1600BEVS-60VAT0 12.01A12 Size: 152627MB BusType: 3
00:36:25.744 Disk 0 MBR read successfully
00:36:25.744 Disk 0 MBR scan
00:36:25.760 Disk 0 unknown MBR code
00:36:25.775 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 142510 MB offset 63
00:36:25.807 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10113 MB offset 291862528
00:36:25.822 Disk 0 scanning sectors +312573952
00:36:25.916 Disk 0 scanning C:\Windows\system32\drivers
00:36:53.793 Service scanning
00:37:16.179 Service TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe **HIDDEN**
00:37:18.191 Service Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys **LOCKED** 32
00:37:21.483 Modules scanning
00:37:45.413 Disk 0 trace - called modules:
00:37:45.788 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS >>UNKNOWN [0x870e3071]<<
00:37:45.803 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8614dac8]
00:37:45.835 3 CLASSPNP.SYS[807a28b3] -> nt!IofCallDriver -> [0x858a7918]
00:37:45.850 5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-5[0x8589bb98]
00:37:46.537 AVAST engine scan C:\
01:33:08.083 File: C:\TDSSKiller_Quarantine\20.05.2012_00.09.27\rtkt0000\svc0000\tsk0000.dta **INFECTED** Win32:RLoader-B
01:33:10.860 File: C:\TDSSKiller_Quarantine\20.05.2012_00.11.31\tdlfs0000\tsk0003.dta **INFECTED** Win32:DNSChanger-VJ [Trj]
01:50:54.463 File: C:\Users\bob\AppData\Roaming\Protector-vyiv.exe **INFECTED** Win32:Trojan-gen
08:12:01.907 Scan finished successfully
08:42:31.867 Disk 0 MBR has been saved successfully to "F:\new logs\MBR.dat"
08:42:31.898 The log file has been saved successfully to "F:\new logs\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 20 May 2012 - 09:11 AM

Press windows+R key and type

%temp% and click ok

If you have folder called SMTMP,copy it a safe location


Did you find one?


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Restart the PC

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

and run aswmbr once again and post the new log


good luck

Edited by narenxp, 20 May 2012 - 09:12 AM.


#7 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 20 May 2012 - 09:37 AM

Sorry... Yes I have a folder called If you have folder called SMTMP and Icopy it a safe location. BTW I have a Windows 32 bit system.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 20 May 2012 - 09:56 AM

Sorry... Yes I have a folder called If you have folder called SMTMP and Icopy it a safe location. BTW I have a Windows 32 bit system.

Grt :thumbsup: we will work on it later.please follow previous instructions :thumbup2:

#9 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 20 May 2012 - 10:48 AM

For some reason, the mouse is not working anymore in normal mode, I will try in safe mode. I will post after I return from work.

#10 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 20 May 2012 - 10:53 AM

BTW I don't have a folder called lcopy.

#11 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 20 May 2012 - 11:32 AM

Looks the computer turned itself off in the middle of the scan.

Edited by madoxnola, 20 May 2012 - 11:44 AM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 20 May 2012 - 12:17 PM

BTW I don't have a folder called lcopy.

I asked you to copy SMTMP folder to safe location

Looks the computer turned itself off in the middle of the scan.

Try to run a scan in safemode with networking.

#13 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 21 May 2012 - 01:19 AM

Yes, I coy my SMTMP folder to a thumb drive.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:28 PM

Posted 21 May 2012 - 01:23 AM

what happened to your scans?

Are you able to run it?

#15 madoxnola

madoxnola
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 21 May 2012 - 01:29 AM

Here is the eset scan in safe mode. I couldn't get it to run in normal mode.

C:\Users\bob\AppData\Roaming\Protector-vyiv.exe a variant of Win32/Adware.WintionalityChecker.AF application cleaned by deleting - quarantined
C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1D39KG7U\yndqgoimcoxma[1].pdf JS/Exploit.Pdfka.PGF.Gen trojan cleaned by deleting - quarantined

Edited by madoxnola, 21 May 2012 - 01:30 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users