Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit won't go away! Even after RKill and Malwarebytes


  • Please log in to reply
5 replies to this topic

#1 jobrien

jobrien

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 23 May 2012 - 11:37 AM

Hi There,

I've been trying to rid my computer of a virus for a few days now. It is down to one file (hidden file) now, I believe. I have run RKill and Malwarebytes, and have tried running TDSS (which won't run, even if I rename it). Neither RKill or Malwarebytes show any infections, yet when I run an AVG scan, I recieve the following result:

Rootkit
File: "";"<unknown>"; Infection: "IRP hook, \Driver\atapi IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xFFFFFA80045E9334"; Result: "Object is hidden".

I can then remove the threat (as power user), at which time I am prompted to restart my computer. After doing so, my nasty little rootkit friend is still there.

Any thoughts on how to proceed? Any help would be very much appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:47 AM

Posted 23 May 2012 - 11:51 AM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot,click on REPAIR

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 jobrien

jobrien
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 23 May 2012 - 12:17 PM

Please find below the log report:

11:14:06.0845 2628 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
11:14:08.0873 2628 ============================================================
11:14:08.0873 2628 Current date / time: 2012/05/23 11:14:08.0873
11:14:08.0873 2628 SystemInfo:
11:14:08.0873 2628
11:14:08.0873 2628 OS Version: 6.1.7600 ServicePack: 0.0
11:14:08.0873 2628 Product type: Workstation
11:14:08.0873 2628 ComputerName: JESSE-PC
11:14:08.0873 2628 UserName: Jesse
11:14:08.0873 2628 Windows directory: C:\Windows
11:14:08.0873 2628 System windows directory: C:\Windows
11:14:08.0873 2628 Running under WOW64
11:14:08.0873 2628 Processor architecture: Intel x64
11:14:08.0873 2628 Number of processors: 4
11:14:08.0873 2628 Page size: 0x1000
11:14:08.0873 2628 Boot type: Normal boot
11:14:08.0873 2628 ============================================================
11:14:10.0979 2628 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:10.0979 2628 ============================================================
11:14:10.0979 2628 \Device\Harddisk0\DR0:
11:14:10.0979 2628 MBR partitions:
11:14:10.0979 2628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:14:10.0979 2628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A34E830
11:14:10.0979 2628 ============================================================
11:14:11.0011 2628 C: <-> \Device\Harddisk0\DR0\Partition1
11:14:11.0011 2628 ============================================================
11:14:11.0011 2628 Initialize success
11:14:11.0011 2628 ============================================================
11:14:36.0735 1036 ============================================================
11:14:36.0735 1036 Scan started
11:14:36.0735 1036 Mode: Manual; TDLFS;
11:14:36.0735 1036 ============================================================
11:14:38.0014 1036 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:14:38.0014 1036 1394ohci - ok
11:14:38.0123 1036 ACDaemon (769db4f484957cc98153b3c1b5d1162f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:14:38.0123 1036 ACDaemon - ok
11:14:38.0170 1036 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:14:38.0186 1036 ACPI - ok
11:14:38.0201 1036 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:14:38.0201 1036 AcpiPmi - ok
11:14:38.0295 1036 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:14:38.0295 1036 AdobeARMservice - ok
11:14:38.0435 1036 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:14:38.0451 1036 AdobeFlashPlayerUpdateSvc - ok
11:14:38.0529 1036 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:14:38.0545 1036 adp94xx - ok
11:14:38.0607 1036 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:14:38.0607 1036 adpahci - ok
11:14:38.0654 1036 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:14:38.0669 1036 adpu320 - ok
11:14:38.0701 1036 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:14:38.0701 1036 AeLookupSvc - ok
11:14:38.0794 1036 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
11:14:38.0825 1036 AFD - ok
11:14:38.0841 1036 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:14:38.0841 1036 agp440 - ok
11:14:38.0872 1036 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:14:38.0872 1036 ALG - ok
11:14:38.0888 1036 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:14:38.0888 1036 aliide - ok
11:14:38.0919 1036 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:14:38.0919 1036 amdide - ok
11:14:38.0950 1036 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:14:38.0950 1036 AmdK8 - ok
11:14:38.0966 1036 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:14:38.0966 1036 AmdPPM - ok
11:14:39.0013 1036 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
11:14:39.0013 1036 amdsata - ok
11:14:39.0059 1036 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:14:39.0059 1036 amdsbs - ok
11:14:39.0075 1036 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
11:14:39.0091 1036 amdxata - ok
11:14:39.0153 1036 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:14:39.0153 1036 ApfiltrService - ok
11:14:39.0215 1036 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:14:39.0215 1036 AppID - ok
11:14:39.0262 1036 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:14:39.0262 1036 AppIDSvc - ok
11:14:39.0278 1036 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:14:39.0278 1036 Appinfo - ok
11:14:39.0403 1036 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:14:39.0403 1036 Apple Mobile Device - ok
11:14:39.0434 1036 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:14:39.0449 1036 AppMgmt - ok
11:14:39.0465 1036 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:14:39.0481 1036 arc - ok
11:14:39.0512 1036 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:14:39.0512 1036 arcsas - ok
11:14:39.0543 1036 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:14:39.0543 1036 AsyncMac - ok
11:14:39.0559 1036 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:14:39.0559 1036 atapi - ok
11:14:39.0699 1036 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
11:14:39.0777 1036 athr - ok
11:14:39.0964 1036 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:14:39.0964 1036 AudioEndpointBuilder - ok
11:14:39.0964 1036 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:14:39.0980 1036 AudioSrv - ok
11:14:40.0011 1036 AVFSFilter - ok
11:14:40.0401 1036 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
11:14:40.0479 1036 AVGIDSAgent - ok
11:14:40.0604 1036 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:14:40.0604 1036 AVGIDSDriver - ok
11:14:40.0651 1036 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:14:40.0651 1036 AVGIDSFilter - ok
11:14:40.0697 1036 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:14:40.0713 1036 AVGIDSHA - ok
11:14:40.0760 1036 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:14:40.0760 1036 Avgldx64 - ok
11:14:40.0775 1036 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:14:40.0775 1036 Avgmfx64 - ok
11:14:40.0822 1036 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:14:40.0822 1036 Avgrkx64 - ok
11:14:40.0885 1036 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:14:40.0916 1036 Avgtdia - ok
11:14:41.0087 1036 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:14:41.0087 1036 avgwd - ok
11:14:41.0119 1036 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:14:41.0119 1036 AxInstSV - ok
11:14:41.0197 1036 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:14:41.0212 1036 b06bdrv - ok
11:14:41.0243 1036 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:14:41.0259 1036 b57nd60a - ok
11:14:41.0321 1036 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:14:41.0321 1036 BDESVC - ok
11:14:41.0337 1036 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:14:41.0337 1036 Beep - ok
11:14:41.0415 1036 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:14:41.0431 1036 BITS - ok
11:14:41.0477 1036 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:14:41.0477 1036 blbdrive - ok
11:14:41.0587 1036 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:14:41.0602 1036 Bonjour Service - ok
11:14:41.0618 1036 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
11:14:41.0618 1036 bowser - ok
11:14:41.0633 1036 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:14:41.0649 1036 BrFiltLo - ok
11:14:41.0665 1036 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:14:41.0665 1036 BrFiltUp - ok
11:14:41.0711 1036 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:14:41.0711 1036 Browser - ok
11:14:41.0789 1036 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:14:41.0805 1036 Brserid - ok
11:14:41.0821 1036 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:14:41.0821 1036 BrSerWdm - ok
11:14:41.0836 1036 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:14:41.0852 1036 BrUsbMdm - ok
11:14:41.0867 1036 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:14:41.0867 1036 BrUsbSer - ok
11:14:41.0930 1036 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:14:41.0930 1036 BthEnum - ok
11:14:41.0945 1036 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:14:41.0945 1036 BTHMODEM - ok
11:14:41.0977 1036 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:14:41.0977 1036 BthPan - ok
11:14:42.0039 1036 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
11:14:42.0039 1036 BTHPORT - ok
11:14:42.0070 1036 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:14:42.0070 1036 bthserv - ok
11:14:42.0070 1036 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
11:14:42.0086 1036 BTHUSB - ok
11:14:42.0101 1036 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
11:14:42.0133 1036 btusbflt - ok
11:14:42.0179 1036 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
11:14:42.0179 1036 btwaudio - ok
11:14:42.0195 1036 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
11:14:42.0195 1036 btwavdt - ok
11:14:42.0351 1036 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:14:42.0367 1036 btwdins - ok
11:14:42.0382 1036 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
11:14:42.0398 1036 btwl2cap - ok
11:14:42.0429 1036 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
11:14:42.0429 1036 btwrchid - ok
11:14:42.0476 1036 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:14:42.0476 1036 cdfs - ok
11:14:42.0523 1036 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:14:42.0523 1036 cdrom - ok
11:14:42.0554 1036 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:14:42.0554 1036 CertPropSvc - ok
11:14:42.0585 1036 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:14:42.0585 1036 circlass - ok
11:14:42.0632 1036 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:14:42.0632 1036 CLFS - ok
11:14:42.0710 1036 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:42.0710 1036 clr_optimization_v2.0.50727_32 - ok
11:14:42.0757 1036 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:14:42.0772 1036 clr_optimization_v2.0.50727_64 - ok
11:14:42.0788 1036 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:14:42.0803 1036 CmBatt - ok
11:14:42.0803 1036 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:14:42.0803 1036 cmdide - ok
11:14:42.0866 1036 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
11:14:42.0866 1036 CNG - ok
11:14:42.0913 1036 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:14:42.0928 1036 Compbatt - ok
11:14:42.0959 1036 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:14:42.0959 1036 CompositeBus - ok
11:14:42.0975 1036 COMSysApp - ok
11:14:42.0991 1036 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:14:42.0991 1036 crcdisk - ok
11:14:43.0022 1036 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:14:43.0022 1036 CryptSvc - ok
11:14:43.0115 1036 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
11:14:43.0131 1036 CSC - ok
11:14:43.0193 1036 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
11:14:43.0193 1036 CscService - ok
11:14:43.0256 1036 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:14:43.0256 1036 DcomLaunch - ok
11:14:43.0287 1036 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:14:43.0303 1036 defragsvc - ok
11:14:43.0365 1036 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
11:14:43.0365 1036 DfsC - ok
11:14:43.0412 1036 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:14:43.0427 1036 Dhcp - ok
11:14:43.0443 1036 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:14:43.0443 1036 discache - ok
11:14:43.0490 1036 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:14:43.0490 1036 Disk - ok
11:14:43.0537 1036 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
11:14:43.0537 1036 Dnscache - ok
11:14:43.0568 1036 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:14:43.0583 1036 dot3svc - ok
11:14:43.0615 1036 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:14:43.0615 1036 DPS - ok
11:14:43.0661 1036 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:14:43.0661 1036 drmkaud - ok
11:14:43.0771 1036 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
11:14:43.0802 1036 DXGKrnl - ok
11:14:43.0849 1036 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:14:43.0849 1036 EapHost - ok
11:14:44.0051 1036 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:14:44.0114 1036 ebdrv - ok
11:14:44.0223 1036 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
11:14:44.0223 1036 EFS - ok
11:14:44.0317 1036 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
11:14:44.0348 1036 ehRecvr - ok
11:14:44.0379 1036 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:14:44.0379 1036 ehSched - ok
11:14:44.0473 1036 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:14:44.0488 1036 elxstor - ok
11:14:44.0504 1036 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:14:44.0504 1036 ErrDev - ok
11:14:44.0566 1036 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:14:44.0597 1036 EventSystem - ok
11:14:44.0629 1036 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:14:44.0629 1036 exfat - ok
11:14:44.0660 1036 f5ipfw (cabdb2a7eadbbe7f881d1ad931b53ed2) C:\Windows\system32\drivers\urfltv64.sys
11:14:44.0660 1036 f5ipfw - ok
11:14:44.0675 1036 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:14:44.0707 1036 fastfat - ok
11:14:44.0800 1036 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:14:44.0863 1036 Fax - ok
11:14:44.0894 1036 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:14:44.0894 1036 fdc - ok
11:14:44.0909 1036 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:14:44.0909 1036 fdPHost - ok
11:14:44.0925 1036 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:14:44.0925 1036 FDResPub - ok
11:14:44.0941 1036 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:14:44.0941 1036 FileInfo - ok
11:14:44.0956 1036 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:14:44.0956 1036 Filetrace - ok
11:14:44.0987 1036 FixTDSS (00940c5e43282206994659d16b4ac412) C:\Windows\system32\drivers\FixTDSS.sys
11:14:45.0003 1036 FixTDSS - ok
11:14:45.0003 1036 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:14:45.0003 1036 flpydisk - ok
11:14:45.0034 1036 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:14:45.0034 1036 FltMgr - ok
11:14:45.0143 1036 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
11:14:45.0159 1036 FontCache - ok
11:14:45.0253 1036 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:14:45.0253 1036 FontCache3.0.0.0 - ok
11:14:45.0315 1036 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:14:45.0315 1036 FsDepends - ok
11:14:45.0346 1036 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:14:45.0346 1036 Fs_Rec - ok
11:14:45.0393 1036 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
11:14:45.0393 1036 fvevol - ok
11:14:45.0409 1036 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:14:45.0409 1036 gagp30kx - ok
11:14:45.0455 1036 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:14:45.0455 1036 GEARAspiWDM - ok
11:14:45.0533 1036 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:14:45.0549 1036 gpsvc - ok
11:14:45.0549 1036 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:14:45.0549 1036 hcw85cir - ok
11:14:45.0627 1036 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:14:45.0643 1036 HdAudAddService - ok
11:14:45.0674 1036 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:14:45.0689 1036 HDAudBus - ok
11:14:45.0721 1036 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:14:45.0721 1036 HECIx64 - ok
11:14:45.0752 1036 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:14:45.0752 1036 HidBatt - ok
11:14:45.0783 1036 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:14:45.0783 1036 HidBth - ok
11:14:45.0799 1036 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:14:45.0799 1036 HidIr - ok
11:14:45.0830 1036 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:14:45.0830 1036 hidserv - ok
11:14:45.0877 1036 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:14:45.0892 1036 HidUsb - ok
11:14:45.0923 1036 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:14:45.0923 1036 hkmsvc - ok
11:14:45.0955 1036 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:14:46.0017 1036 HomeGroupListener - ok
11:14:46.0064 1036 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:14:46.0064 1036 HomeGroupProvider - ok
11:14:46.0079 1036 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:14:46.0079 1036 HpSAMD - ok
11:14:46.0157 1036 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:14:46.0157 1036 HTTP - ok
11:14:46.0173 1036 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:14:46.0173 1036 hwpolicy - ok
11:14:46.0220 1036 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:14:46.0220 1036 i8042prt - ok
11:14:46.0298 1036 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
11:14:46.0298 1036 iaStorV - ok
11:14:46.0423 1036 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:14:46.0438 1036 idsvc - ok
11:14:46.0984 1036 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:14:47.0125 1036 igfx - ok
11:14:47.0249 1036 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:14:47.0249 1036 iirsp - ok
11:14:47.0343 1036 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:14:47.0359 1036 IKEEXT - ok
11:14:47.0405 1036 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
11:14:47.0421 1036 Impcd - ok
11:14:47.0608 1036 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
11:14:47.0624 1036 IntcAzAudAddService - ok
11:14:47.0795 1036 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:14:47.0842 1036 IntcDAud - ok
11:14:47.0873 1036 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:14:47.0873 1036 intelide - ok
11:14:47.0905 1036 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:14:47.0905 1036 intelppm - ok
11:14:47.0920 1036 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:14:47.0936 1036 IPBusEnum - ok
11:14:47.0951 1036 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:14:47.0951 1036 IpFilterDriver - ok
11:14:47.0967 1036 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:14:47.0967 1036 IPMIDRV - ok
11:14:48.0014 1036 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:14:48.0014 1036 IPNAT - ok
11:14:48.0139 1036 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
11:14:48.0154 1036 iPod Service - ok
11:14:48.0170 1036 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:14:48.0170 1036 IRENUM - ok
11:14:48.0201 1036 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:14:48.0201 1036 isapnp - ok
11:14:48.0248 1036 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:14:48.0248 1036 iScsiPrt - ok
11:14:48.0263 1036 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:14:48.0263 1036 kbdclass - ok
11:14:48.0279 1036 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:14:48.0279 1036 kbdhid - ok
11:14:48.0310 1036 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:14:48.0310 1036 KeyIso - ok
11:14:48.0326 1036 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
11:14:48.0341 1036 KSecDD - ok
11:14:48.0357 1036 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
11:14:48.0357 1036 KSecPkg - ok
11:14:48.0388 1036 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:14:48.0388 1036 ksthunk - ok
11:14:48.0451 1036 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:14:48.0451 1036 KtmRm - ok
11:14:48.0513 1036 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\system32\srvsvc.dll
11:14:48.0513 1036 LanmanServer - ok
11:14:48.0560 1036 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:14:48.0560 1036 LanmanWorkstation - ok
11:14:48.0591 1036 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:14:48.0591 1036 lltdio - ok
11:14:48.0653 1036 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:14:48.0669 1036 lltdsvc - ok
11:14:48.0685 1036 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:14:48.0685 1036 lmhosts - ok
11:14:48.0794 1036 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:14:48.0794 1036 LMS - ok
11:14:48.0856 1036 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:14:48.0856 1036 LSI_FC - ok
11:14:48.0903 1036 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:14:48.0903 1036 LSI_SAS - ok
11:14:48.0919 1036 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:14:48.0919 1036 LSI_SAS2 - ok
11:14:48.0934 1036 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:14:48.0934 1036 LSI_SCSI - ok
11:14:48.0965 1036 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:14:48.0965 1036 luafv - ok
11:14:49.0028 1036 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
11:14:49.0028 1036 MBAMProtector - ok
11:14:49.0137 1036 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:14:49.0153 1036 MBAMService - ok
11:14:49.0168 1036 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:14:49.0184 1036 Mcx2Svc - ok
11:14:49.0199 1036 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:14:49.0199 1036 megasas - ok
11:14:49.0246 1036 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:14:49.0262 1036 MegaSR - ok
11:14:49.0324 1036 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:14:49.0324 1036 Microsoft Office Groove Audit Service - ok
11:14:49.0355 1036 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:14:49.0355 1036 MMCSS - ok
11:14:49.0371 1036 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:14:49.0371 1036 Modem - ok
11:14:49.0402 1036 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:14:49.0402 1036 monitor - ok
11:14:49.0418 1036 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:14:49.0418 1036 mouclass - ok
11:14:49.0449 1036 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:14:49.0465 1036 mouhid - ok
11:14:49.0480 1036 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:14:49.0480 1036 mountmgr - ok
11:14:49.0527 1036 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
11:14:49.0543 1036 MpFilter - ok
11:14:49.0558 1036 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:14:49.0574 1036 mpio - ok
11:14:49.0589 1036 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:14:49.0589 1036 MpNWMon - ok
11:14:49.0605 1036 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:14:49.0605 1036 mpsdrv - ok
11:14:49.0636 1036 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:14:49.0636 1036 MRxDAV - ok
11:14:49.0652 1036 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:14:49.0667 1036 mrxsmb - ok
11:14:49.0699 1036 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:14:49.0699 1036 mrxsmb10 - ok
11:14:49.0761 1036 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:14:49.0761 1036 mrxsmb20 - ok
11:14:49.0777 1036 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:14:49.0777 1036 msahci - ok
11:14:49.0808 1036 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:14:49.0808 1036 msdsm - ok
11:14:49.0839 1036 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:14:49.0839 1036 MSDTC - ok
11:14:49.0870 1036 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:14:49.0870 1036 Msfs - ok
11:14:49.0886 1036 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:14:49.0886 1036 mshidkmdf - ok
11:14:49.0901 1036 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:14:49.0901 1036 msisadrv - ok
11:14:49.0948 1036 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:14:49.0948 1036 MSiSCSI - ok
11:14:49.0948 1036 msiserver - ok
11:14:49.0979 1036 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:14:49.0979 1036 MSKSSRV - ok
11:14:50.0057 1036 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11:14:50.0057 1036 MsMpSvc - ok
11:14:50.0089 1036 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:14:50.0104 1036 MSPCLOCK - ok
11:14:50.0120 1036 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:14:50.0120 1036 MSPQM - ok
11:14:50.0151 1036 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:14:50.0151 1036 MsRPC - ok
11:14:50.0167 1036 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:14:50.0167 1036 mssmbios - ok
11:14:50.0182 1036 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:14:50.0182 1036 MSTEE - ok
11:14:50.0198 1036 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:14:50.0198 1036 MTConfig - ok
11:14:50.0229 1036 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:14:50.0229 1036 Mup - ok
11:14:50.0276 1036 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:14:50.0291 1036 napagent - ok
11:14:50.0369 1036 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:14:50.0369 1036 NativeWifiP - ok
11:14:50.0463 1036 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:14:50.0463 1036 NDIS - ok
11:14:50.0494 1036 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:14:50.0494 1036 NdisCap - ok
11:14:50.0510 1036 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:14:50.0510 1036 NdisTapi - ok
11:14:50.0541 1036 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:14:50.0541 1036 Ndisuio - ok
11:14:50.0572 1036 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:14:50.0588 1036 NdisWan - ok
11:14:50.0603 1036 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:14:50.0603 1036 NDProxy - ok
11:14:50.0619 1036 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:14:50.0619 1036 NetBIOS - ok
11:14:50.0650 1036 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:14:50.0666 1036 NetBT - ok
11:14:50.0697 1036 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:14:50.0697 1036 Netlogon - ok
11:14:50.0759 1036 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:14:50.0759 1036 Netman - ok
11:14:50.0822 1036 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:14:50.0822 1036 netprofm - ok
11:14:50.0962 1036 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:14:50.0962 1036 NetTcpPortSharing - ok
11:14:50.0993 1036 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:14:50.0993 1036 nfrd960 - ok
11:14:51.0009 1036 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:14:51.0025 1036 NisDrv - ok
11:14:51.0118 1036 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:14:51.0118 1036 NisSrv - ok
11:14:51.0181 1036 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:14:51.0181 1036 NlaSvc - ok
11:14:51.0196 1036 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:14:51.0196 1036 Npfs - ok
11:14:51.0212 1036 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:14:51.0212 1036 nsi - ok
11:14:51.0243 1036 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:14:51.0259 1036 nsiproxy - ok
11:14:51.0383 1036 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
11:14:51.0383 1036 Ntfs - ok
11:14:51.0508 1036 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:14:51.0508 1036 Null - ok
11:14:51.0555 1036 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
11:14:51.0555 1036 nvraid - ok
11:14:51.0602 1036 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
11:14:51.0617 1036 nvstor - ok
11:14:51.0649 1036 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:14:51.0649 1036 nv_agp - ok
11:14:51.0789 1036 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:14:51.0836 1036 odserv - ok
11:14:51.0867 1036 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:14:51.0883 1036 ohci1394 - ok
11:14:51.0945 1036 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:14:51.0961 1036 ose - ok
11:14:52.0023 1036 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:14:52.0023 1036 p2pimsvc - ok
11:14:52.0085 1036 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:14:52.0101 1036 p2psvc - ok
11:14:52.0132 1036 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:14:52.0132 1036 Parport - ok
11:14:52.0148 1036 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:14:52.0148 1036 partmgr - ok
11:14:52.0179 1036 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:14:52.0179 1036 PcaSvc - ok
11:14:52.0210 1036 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:14:52.0210 1036 pci - ok
11:14:52.0241 1036 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:14:52.0241 1036 pciide - ok
11:14:52.0257 1036 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:14:52.0273 1036 pcmcia - ok
11:14:52.0288 1036 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:14:52.0288 1036 pcw - ok
11:14:52.0335 1036 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:14:52.0335 1036 PEAUTH - ok
11:14:52.0460 1036 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:14:52.0491 1036 PeerDistSvc - ok
11:14:52.0569 1036 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:14:52.0569 1036 PerfHost - ok
11:14:52.0803 1036 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:14:52.0834 1036 pla - ok
11:14:52.0897 1036 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
11:14:52.0897 1036 PlugPlay - ok
11:14:52.0912 1036 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:14:52.0912 1036 PNRPAutoReg - ok
11:14:52.0943 1036 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:14:52.0959 1036 PNRPsvc - ok
11:14:53.0021 1036 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:14:53.0037 1036 PolicyAgent - ok
11:14:53.0084 1036 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:14:53.0099 1036 Power - ok
11:14:53.0193 1036 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:14:53.0193 1036 PptpMiniport - ok
11:14:53.0209 1036 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:14:53.0209 1036 Processor - ok
11:14:53.0271 1036 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:14:53.0271 1036 ProfSvc - ok
11:14:53.0302 1036 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:14:53.0302 1036 ProtectedStorage - ok
11:14:53.0365 1036 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:14:53.0380 1036 Psched - ok
11:14:53.0583 1036 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:14:53.0630 1036 ql2300 - ok
11:14:53.0817 1036 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:14:53.0817 1036 ql40xx - ok
11:14:53.0833 1036 qmtppebj - ok
11:14:53.0879 1036 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:14:53.0895 1036 QWAVE - ok
11:14:53.0942 1036 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:14:53.0942 1036 QWAVEdrv - ok
11:14:53.0957 1036 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:14:53.0957 1036 RasAcd - ok
11:14:54.0004 1036 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:14:54.0004 1036 RasAgileVpn - ok
11:14:54.0082 1036 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:14:54.0098 1036 RasAuto - ok
11:14:54.0113 1036 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:14:54.0113 1036 Rasl2tp - ok
11:14:54.0191 1036 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:14:54.0191 1036 RasMan - ok
11:14:54.0316 1036 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:14:54.0347 1036 RasPppoe - ok
11:14:54.0379 1036 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:14:54.0379 1036 RasSstp - ok
11:14:54.0410 1036 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:14:54.0441 1036 rdbss - ok
11:14:54.0488 1036 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:14:54.0488 1036 rdpbus - ok
11:14:54.0519 1036 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:14:54.0519 1036 RDPCDD - ok
11:14:54.0613 1036 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
11:14:54.0628 1036 RDPDR - ok
11:14:54.0628 1036 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:14:54.0644 1036 RDPENCDD - ok
11:14:54.0659 1036 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:14:54.0659 1036 RDPREFMP - ok
11:14:54.0691 1036 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
11:14:54.0691 1036 RDPWD - ok
11:14:54.0784 1036 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:14:54.0784 1036 rdyboost - ok
11:14:54.0847 1036 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:14:54.0847 1036 RemoteAccess - ok
11:14:54.0909 1036 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:14:54.0909 1036 RemoteRegistry - ok
11:14:54.0971 1036 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:14:54.0971 1036 RFCOMM - ok
11:14:55.0034 1036 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\DRIVERS\rimssne64.sys
11:14:55.0034 1036 rimspci - ok
11:14:55.0081 1036 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:14:55.0081 1036 RpcEptMapper - ok
11:14:55.0112 1036 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:14:55.0112 1036 RpcLocator - ok
11:14:55.0190 1036 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:14:55.0205 1036 RpcSs - ok
11:14:55.0268 1036 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:14:55.0268 1036 rspndr - ok
11:14:55.0299 1036 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
11:14:55.0299 1036 s3cap - ok
11:14:55.0549 1036 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:14:55.0549 1036 SamSs - ok
11:14:55.0580 1036 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:14:55.0580 1036 sbp2port - ok
11:14:55.0783 1036 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:14:55.0798 1036 SBSDWSCService - ok
11:14:55.0861 1036 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:14:55.0861 1036 SCardSvr - ok
11:14:55.0939 1036 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:14:55.0939 1036 scfilter - ok
11:14:56.0079 1036 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
11:14:56.0079 1036 Schedule - ok
11:14:56.0126 1036 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:14:56.0126 1036 SCPolicySvc - ok
11:14:56.0173 1036 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
11:14:56.0173 1036 sdbus - ok
11:14:56.0204 1036 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:14:56.0219 1036 SDRSVC - ok
11:14:56.0235 1036 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:14:56.0251 1036 secdrv - ok
11:14:56.0251 1036 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:14:56.0251 1036 seclogon - ok
11:14:56.0297 1036 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:14:56.0297 1036 SENS - ok
11:14:56.0313 1036 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:14:56.0313 1036 SensrSvc - ok
11:14:56.0329 1036 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:14:56.0344 1036 Serenum - ok
11:14:56.0391 1036 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:14:56.0391 1036 Serial - ok
11:14:56.0407 1036 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:14:56.0407 1036 sermouse - ok
11:14:56.0438 1036 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:14:56.0453 1036 SessionEnv - ok
11:14:56.0485 1036 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
11:14:56.0485 1036 SFEP - ok
11:14:56.0500 1036 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:14:56.0500 1036 sffdisk - ok
11:14:56.0516 1036 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:14:56.0516 1036 sffp_mmc - ok
11:14:56.0516 1036 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:14:56.0516 1036 sffp_sd - ok
11:14:56.0531 1036 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:14:56.0531 1036 sfloppy - ok
11:14:56.0594 1036 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:14:56.0609 1036 SharedAccess - ok
11:14:56.0656 1036 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:14:56.0672 1036 ShellHWDetection - ok
11:14:56.0734 1036 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:14:56.0734 1036 SiSRaid2 - ok
11:14:56.0750 1036 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:14:56.0765 1036 SiSRaid4 - ok
11:14:56.0797 1036 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:14:56.0797 1036 Smb - ok
11:14:56.0828 1036 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:14:56.0828 1036 SNMPTRAP - ok
11:14:56.0859 1036 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:14:56.0859 1036 spldr - ok
11:14:56.0921 1036 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
11:14:56.0921 1036 Spooler - ok
11:14:57.0171 1036 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:14:57.0187 1036 sppsvc - ok
11:14:57.0296 1036 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:14:57.0296 1036 sppuinotify - ok
11:14:57.0374 1036 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
11:14:57.0374 1036 srv - ok
11:14:57.0421 1036 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
11:14:57.0421 1036 srv2 - ok
11:14:57.0452 1036 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
11:14:57.0452 1036 srvnet - ok
11:14:57.0499 1036 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:14:57.0514 1036 SSDPSRV - ok
11:14:57.0530 1036 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:14:57.0530 1036 SstpSvc - ok
11:14:57.0561 1036 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:14:57.0561 1036 stexstor - ok
11:14:57.0608 1036 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:14:57.0639 1036 stisvc - ok
11:14:57.0655 1036 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
11:14:57.0655 1036 storflt - ok
11:14:57.0670 1036 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
11:14:57.0670 1036 storvsc - ok
11:14:57.0670 1036 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:14:57.0670 1036 swenum - ok
11:14:57.0748 1036 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:14:57.0764 1036 swprv - ok
11:14:57.0920 1036 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:14:57.0935 1036 SysMain - ok
11:14:58.0045 1036 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:14:58.0045 1036 TabletInputService - ok
11:14:58.0076 1036 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:14:58.0091 1036 TapiSrv - ok
11:14:58.0107 1036 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:14:58.0107 1036 TBS - ok
11:14:58.0279 1036 Tcpip (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\drivers\tcpip.sys
11:14:58.0294 1036 Tcpip - ok
11:14:58.0559 1036 TCPIP6 (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\DRIVERS\tcpip.sys
11:14:58.0559 1036 TCPIP6 - ok
11:14:58.0653 1036 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:14:58.0653 1036 tcpipreg - ok
11:14:58.0669 1036 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:14:58.0669 1036 TDPIPE - ok
11:14:58.0669 1036 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:14:58.0669 1036 TDTCP - ok
11:14:59.0589 1036 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:14:59.0605 1036 tdx - ok
11:14:59.0620 1036 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:14:59.0620 1036 TermDD - ok
11:14:59.0698 1036 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:14:59.0698 1036 TermService - ok
11:14:59.0761 1036 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:14:59.0761 1036 Themes - ok
11:14:59.0792 1036 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:14:59.0792 1036 THREADORDER - ok
11:14:59.0807 1036 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:14:59.0807 1036 TrkWks - ok
11:14:59.0885 1036 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:14:59.0885 1036 TrustedInstaller - ok
11:14:59.0901 1036 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:14:59.0901 1036 tssecsrv - ok
11:14:59.0948 1036 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:14:59.0948 1036 tunnel - ok
11:14:59.0979 1036 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:14:59.0979 1036 uagp35 - ok
11:15:00.0010 1036 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:15:00.0026 1036 udfs - ok
11:15:00.0057 1036 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:15:00.0057 1036 UI0Detect - ok
11:15:00.0088 1036 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:15:00.0088 1036 uliagpkx - ok
11:15:00.0119 1036 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:15:00.0119 1036 umbus - ok
11:15:00.0151 1036 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:15:00.0151 1036 UmPass - ok
11:15:00.0182 1036 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
11:15:00.0197 1036 UmRdpService - ok
11:15:00.0447 1036 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:15:00.0494 1036 UNS - ok
11:15:00.0634 1036 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:15:00.0650 1036 upnphost - ok
11:15:00.0712 1036 urvpndrv (e082a25008d29f1215d6398f59d74f4e) C:\Windows\system32\DRIVERS\covpnv64.sys
11:15:00.0712 1036 urvpndrv - ok
11:15:00.0744 1036 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:15:00.0790 1036 USBAAPL64 - ok
11:15:00.0853 1036 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
11:15:00.0868 1036 usbccgp - ok
11:15:00.0884 1036 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:15:00.0900 1036 usbcir - ok
11:15:00.0915 1036 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
11:15:00.0915 1036 usbehci - ok
11:15:00.0962 1036 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
11:15:00.0978 1036 usbhub - ok
11:15:00.0993 1036 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
11:15:00.0993 1036 usbohci - ok
11:15:01.0009 1036 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:15:01.0009 1036 usbprint - ok
11:15:01.0024 1036 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:15:01.0040 1036 USBSTOR - ok
11:15:01.0056 1036 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:15:01.0056 1036 usbuhci - ok
11:15:01.0102 1036 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
11:15:01.0118 1036 usbvideo - ok
11:15:01.0149 1036 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:15:01.0149 1036 UxSms - ok
11:15:01.0165 1036 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:15:01.0165 1036 VaultSvc - ok
11:15:01.0212 1036 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:15:01.0212 1036 vdrvroot - ok
11:15:01.0274 1036 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:15:01.0290 1036 vds - ok
11:15:01.0305 1036 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:15:01.0321 1036 vga - ok
11:15:01.0336 1036 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:15:01.0336 1036 VgaSave - ok
11:15:01.0368 1036 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:15:01.0368 1036 vhdmp - ok
11:15:01.0383 1036 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:15:01.0383 1036 viaide - ok
11:15:01.0414 1036 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
11:15:01.0414 1036 vmbus - ok
11:15:01.0430 1036 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
11:15:01.0430 1036 VMBusHID - ok
11:15:01.0446 1036 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:15:01.0446 1036 volmgr - ok
11:15:01.0539 1036 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:15:01.0539 1036 volmgrx - ok
11:15:01.0570 1036 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:15:01.0586 1036 volsnap - ok
11:15:01.0602 1036 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:15:01.0617 1036 vsmraid - ok
11:15:02.0538 1036 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:15:02.0569 1036 VSS - ok
11:15:02.0709 1036 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:15:02.0709 1036 vwifibus - ok
11:15:02.0725 1036 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:15:02.0740 1036 vwififlt - ok
11:15:02.0787 1036 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:15:02.0834 1036 W32Time - ok
11:15:02.0881 1036 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:15:02.0881 1036 WacomPen - ok
11:15:02.0912 1036 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:15:02.0912 1036 WANARP - ok
11:15:02.0928 1036 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:15:02.0928 1036 Wanarpv6 - ok
11:15:03.0037 1036 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:15:03.0068 1036 wbengine - ok
11:15:03.0208 1036 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:15:03.0224 1036 WbioSrvc - ok
11:15:03.0255 1036 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
11:15:03.0271 1036 wcncsvc - ok
11:15:03.0286 1036 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:15:03.0286 1036 WcsPlugInService - ok
11:15:03.0333 1036 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:15:03.0333 1036 Wd - ok
11:15:03.0396 1036 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:15:03.0396 1036 Wdf01000 - ok
11:15:03.0411 1036 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:15:03.0411 1036 WdiServiceHost - ok
11:15:03.0411 1036 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:15:03.0411 1036 WdiSystemHost - ok
11:15:03.0458 1036 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
11:15:03.0474 1036 WebClient - ok
11:15:03.0505 1036 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:15:03.0505 1036 Wecsvc - ok
11:15:03.0536 1036 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:15:03.0536 1036 wercplsupport - ok
11:15:03.0567 1036 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:15:03.0583 1036 WerSvc - ok
11:15:03.0645 1036 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:15:03.0645 1036 WfpLwf - ok
11:15:03.0661 1036 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:15:03.0661 1036 WIMMount - ok
11:15:03.0661 1036 WinHttpAutoProxySvc - ok
11:15:03.0739 1036 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:15:03.0739 1036 Winmgmt - ok
11:15:03.0926 1036 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:15:03.0957 1036 WinRM - ok
11:15:04.0160 1036 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:15:04.0160 1036 Wlansvc - ok
11:15:04.0222 1036 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:15:04.0222 1036 WmiAcpi - ok
11:15:04.0300 1036 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:15:04.0300 1036 wmiApSrv - ok
11:15:04.0332 1036 WMPNetworkSvc - ok
11:15:04.0378 1036 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:15:04.0378 1036 WPCSvc - ok
11:15:04.0394 1036 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:15:04.0410 1036 WPDBusEnum - ok
11:15:04.0425 1036 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:15:04.0425 1036 ws2ifsl - ok
11:15:04.0425 1036 WSearch - ok
11:15:04.0597 1036 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:15:04.0644 1036 wuauserv - ok
11:15:04.0800 1036 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:15:04.0800 1036 WudfPf - ok
11:15:04.0831 1036 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:15:04.0846 1036 WUDFRd - ok
11:15:04.0878 1036 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:15:04.0878 1036 wudfsvc - ok
11:15:04.0909 1036 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:15:04.0924 1036 WwanSvc - ok
11:15:05.0002 1036 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
11:15:05.0034 1036 yukonw7 - ok
11:15:05.0080 1036 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:15:05.0361 1036 \Device\Harddisk0\DR0 - ok
11:15:05.0361 1036 Boot (0x1200) (83ce1053fc22ef0f6df011f2a2cb2396) \Device\Harddisk0\DR0\Partition0
11:15:05.0361 1036 \Device\Harddisk0\DR0\Partition0 - ok
11:15:05.0392 1036 Boot (0x1200) (2767a70509d7d70d2c5e5c1f0f58d856) \Device\Harddisk0\DR0\Partition1
11:15:05.0392 1036 \Device\Harddisk0\DR0\Partition1 - ok
11:15:05.0392 1036 ============================================================
11:15:05.0392 1036 Scan finished
11:15:05.0392 1036 ============================================================
11:15:05.0408 4864 Detected object count: 0
11:15:05.0408 4864 Actual detected object count: 0

#4 jobrien

jobrien
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 23 May 2012 - 12:41 PM

And here is the other log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-23 11:17:58
-----------------------------
11:17:58.471 OS Version: Windows x64 6.1.7600
11:17:58.471 Number of processors: 4 586 0x2502
11:17:58.471 ComputerName: JESSE-PC UserName: Jesse
11:18:00.062 Initialize success
11:19:30.165 AVAST engine defs: 12051401
11:20:01.568 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:20:01.568 Disk 0 Vendor: Size: 0MB BusType: 0
11:20:01.568 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006c
11:20:01.584 Disk 1 Vendor: RICOH 02 Size: 0MB BusType: 0
11:20:01.584 Disk 0 MBR read successfully
11:20:01.599 Disk 0 MBR scan
11:20:01.599 Disk 0 Windows 7 default MBR code
11:20:01.599 Disk 0 MBR hidden
11:20:01.615 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:20:01.630 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476829 MB offset 206848
11:20:01.708 Disk 0 scanning C:\Windows\system32\drivers
11:20:12.067 Service scanning
11:20:56.324 Modules scanning
11:20:56.324 Disk 0 trace - called modules:
11:20:56.371 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:20:56.371 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f1060]
11:20:56.371 3 CLASSPNP.SYS[fffff8800189943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004355060]
11:20:57.822 AVAST engine scan C:\Windows
11:21:00.833 AVAST engine scan C:\Windows\system32
11:23:51.811 AVAST engine scan C:\Windows\system32\drivers
11:24:04.306 AVAST engine scan C:\Users\Jesse
11:29:37.663 AVAST engine scan C:\ProgramData
11:30:08.037 Scan finished successfully
11:39:36.108 Disk 0 MBR has been saved successfully to "C:\Users\Jesse\Desktop\MBR.dat"
11:39:36.123 The log file has been saved successfully to "C:\Users\Jesse\Desktop\aswMBR.txt"

#5 jobrien

jobrien
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 23 May 2012 - 12:58 PM

This seems to have solved the problem! The AVG scan does not reveal anything this time round, and windows explorer is no longer using up 600,000 k of memory. Thank you very much for your help!!!!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:47 AM

Posted 23 May 2012 - 10:22 PM

We still have a few scans left out

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users