Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have to left click multiple times, no right click, no start menu icons


  • Please log in to reply
3 replies to this topic

#1 lonelyhouse

lonelyhouse

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:33 AM

Posted 27 May 2012 - 01:19 AM

Hello,

My wallpaper has been changed to some eerie yellow color, and it takes multiple left clicks to click on anything. Right click does not work at all. Also, there were no start menu icons or quick launch icons, until I ran unhide... I'm not sure if I was supposed to do that yet though, since from the looks of the forums we're supposed to do that after removal of the virus. I ran Malwarebytes and it removed 2 things after a full scan, but nothing has changed. Help would be greatly appreciated... thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:33 AM

Posted 27 May 2012 - 01:26 AM

Boot the PC in safemode with networking

Press Windows+R key and type

cmd and click ok


If your task manager is disabled,copy and run this command

Echo y | reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr

Press ENTER

If you're desktop is blank and unable to right click on it ,run this command

Echo y | reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop

After the command is successful

Restart your PC in safemode with networking

Press WIndows+R key and type

%temp% and click ok

If you find a folder called SMTMP,Copy the folder to a safe location.

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

#3 lonelyhouse

lonelyhouse
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:33 AM

Posted 28 May 2012 - 11:23 PM

Hi, thanks so much for the help. I didn't run either of the commands in cmd because task manager was working, and right click had come back. Here is the log for tdsskiller:


22:24:17.0086 5020 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
22:24:18.0448 5020 ============================================================
22:24:18.0448 5020 Current date / time: 2012/05/24 22:24:18.0448
22:24:18.0448 5020 SystemInfo:
22:24:18.0448 5020
22:24:18.0449 5020 OS Version: 6.0.6002 ServicePack: 2.0
22:24:18.0449 5020 Product type: Workstation
22:24:18.0449 5020 ComputerName: SHIN1
22:24:18.0449 5020 UserName: Brian
22:24:18.0449 5020 Windows directory: C:\Windows
22:24:18.0449 5020 System windows directory: C:\Windows
22:24:18.0449 5020 Running under WOW64
22:24:18.0449 5020 Processor architecture: Intel x64
22:24:18.0449 5020 Number of processors: 2
22:24:18.0449 5020 Page size: 0x1000
22:24:18.0449 5020 Boot type: Normal boot
22:24:18.0449 5020 ============================================================
22:24:19.0083 5020 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:24:19.0101 5020 ============================================================
22:24:19.0101 5020 \Device\Harddisk0\DR0:
22:24:19.0105 5020 MBR partitions:
22:24:19.0105 5020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x389D35B5
22:24:19.0105 5020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x389D35F4, BlocksNum 0x19B164D
22:24:19.0105 5020 ============================================================
22:24:19.0173 5020 C: <-> \Device\Harddisk0\DR0\Partition0
22:24:19.0397 5020 D: <-> \Device\Harddisk0\DR0\Partition1
22:24:19.0397 5020 ============================================================
22:24:19.0397 5020 Initialize success
22:24:19.0397 5020 ============================================================
22:24:41.0319 5060 ============================================================
22:24:41.0319 5060 Scan started
22:24:41.0319 5060 Mode: Manual; TDLFS;
22:24:41.0319 5060 ============================================================
22:24:41.0651 5060 Scan interrupted by user!
22:24:41.0651 5060 Scan interrupted by user!
22:24:41.0651 5060 Scan interrupted by user!
22:24:41.0651 5060 ============================================================
22:24:41.0651 5060 Scan finished
22:24:41.0651 5060 ============================================================
22:24:41.0663 1820 Detected object count: 0
22:24:41.0663 1820 Actual detected object count: 0
22:24:57.0534 4600 ============================================================
22:24:57.0534 4600 Scan started
22:24:57.0534 4600 Mode: Manual; TDLFS;
22:24:57.0534 4600 ============================================================
22:24:57.0869 4600 61883 (78e902fb660bd5003fe726b9bef300b6) C:\Windows\system32\DRIVERS\61883.sys
22:24:57.0874 4600 61883 - ok
22:24:57.0933 4600 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
22:24:57.0935 4600 ACPI - ok
22:24:58.0004 4600 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
22:24:58.0016 4600 adp94xx - ok
22:24:58.0058 4600 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
22:24:58.0068 4600 adpahci - ok
22:24:58.0105 4600 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
22:24:58.0111 4600 adpu160m - ok
22:24:58.0155 4600 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
22:24:58.0161 4600 adpu320 - ok
22:24:58.0196 4600 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
22:24:58.0197 4600 AeLookupSvc - ok
22:24:58.0281 4600 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
22:24:58.0327 4600 AFD - ok
22:24:58.0376 4600 AgereModemAudio (734088cb57aea704ca716c1c6bc5e0e6) C:\Program Files\LSI SoftModem\agr64svc.exe
22:24:58.0419 4600 AgereModemAudio - ok
22:24:58.0489 4600 AgereSoftModem (70e15cda25e151dfc60636ef73f5a7be) C:\Windows\system32\DRIVERS\agrsm64.sys
22:24:58.0545 4600 AgereSoftModem - ok
22:24:58.0580 4600 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
22:24:58.0584 4600 agp440 - ok
22:24:58.0640 4600 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
22:24:58.0646 4600 aic78xx - ok
22:24:58.0679 4600 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
22:24:58.0680 4600 ALG - ok
22:24:58.0706 4600 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
22:24:58.0709 4600 aliide - ok
22:24:58.0724 4600 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
22:24:58.0727 4600 amdide - ok
22:24:58.0758 4600 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
22:24:58.0762 4600 AmdK8 - ok
22:24:58.0806 4600 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
22:24:58.0812 4600 Appinfo - ok
22:24:58.0888 4600 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:24:58.0940 4600 Apple Mobile Device - ok
22:24:58.0988 4600 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
22:24:58.0993 4600 arc - ok
22:24:59.0036 4600 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
22:24:59.0041 4600 arcsas - ok
22:24:59.0073 4600 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
22:24:59.0077 4600 AsyncMac - ok
22:24:59.0097 4600 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
22:24:59.0102 4600 atapi - ok
22:24:59.0190 4600 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
22:24:59.0197 4600 AudioEndpointBuilder - ok
22:24:59.0206 4600 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
22:24:59.0211 4600 AudioSrv - ok
22:24:59.0419 4600 AutoInstallEJCD (88d02c0bd94e22fa7e3b98e96cb83bad) C:\Users\Brian\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSVC.exe
22:24:59.0493 4600 AutoInstallEJCD - ok
22:24:59.0565 4600 Avc (295fa2878ff499c0edfa0ebcc8c6ec66) C:\Windows\system32\DRIVERS\avc.sys
22:24:59.0570 4600 Avc - ok
22:24:59.0665 4600 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
22:24:59.0674 4600 BFE - ok
22:24:59.0787 4600 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
22:24:59.0797 4600 BITS - ok
22:24:59.0858 4600 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
22:24:59.0862 4600 blbdrive - ok
22:24:59.0964 4600 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:25:00.0061 4600 Bonjour Service - ok
22:25:00.0128 4600 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
22:25:00.0174 4600 bowser - ok
22:25:00.0202 4600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
22:25:00.0208 4600 BrFiltLo - ok
22:25:00.0225 4600 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
22:25:00.0231 4600 BrFiltUp - ok
22:25:00.0264 4600 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
22:25:00.0267 4600 Browser - ok
22:25:00.0297 4600 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
22:25:00.0303 4600 Brserid - ok
22:25:00.0320 4600 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
22:25:00.0325 4600 BrSerWdm - ok
22:25:00.0343 4600 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
22:25:00.0350 4600 BrUsbMdm - ok
22:25:00.0357 4600 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
22:25:00.0361 4600 BrUsbSer - ok
22:25:00.0381 4600 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
22:25:00.0386 4600 BTHMODEM - ok
22:25:00.0417 4600 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
22:25:00.0421 4600 cdfs - ok
22:25:00.0491 4600 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
22:25:00.0495 4600 cdrom - ok
22:25:00.0557 4600 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
22:25:00.0558 4600 CertPropSvc - ok
22:25:00.0605 4600 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
22:25:00.0656 4600 cfwids - ok
22:25:00.0694 4600 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
22:25:00.0700 4600 circlass - ok
22:25:00.0760 4600 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
22:25:00.0768 4600 CLFS - ok
22:25:00.0854 4600 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:25:00.0860 4600 clr_optimization_v2.0.50727_32 - ok
22:25:00.0939 4600 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:25:00.0947 4600 clr_optimization_v2.0.50727_64 - ok
22:25:01.0047 4600 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:25:01.0115 4600 clr_optimization_v4.0.30319_32 - ok
22:25:01.0187 4600 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:25:01.0259 4600 clr_optimization_v4.0.30319_64 - ok
22:25:01.0288 4600 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
22:25:01.0292 4600 cmdide - ok
22:25:01.0305 4600 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
22:25:01.0310 4600 Compbatt - ok
22:25:01.0316 4600 COMSysApp - ok
22:25:01.0333 4600 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
22:25:01.0338 4600 crcdisk - ok
22:25:01.0417 4600 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
22:25:01.0419 4600 CryptSvc - ok
22:25:01.0506 4600 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
22:25:01.0512 4600 DcomLaunch - ok
22:25:01.0579 4600 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
22:25:01.0621 4600 DfsC - ok
22:25:01.0829 4600 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
22:25:01.0876 4600 DFSR - ok
22:25:02.0026 4600 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
22:25:02.0029 4600 Dhcp - ok
22:25:02.0098 4600 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
22:25:02.0103 4600 disk - ok
22:25:02.0186 4600 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
22:25:02.0189 4600 Dnscache - ok
22:25:02.0242 4600 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
22:25:02.0245 4600 dot3svc - ok
22:25:02.0296 4600 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
22:25:02.0303 4600 Dot4 - ok
22:25:02.0348 4600 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:25:02.0354 4600 Dot4Print - ok
22:25:02.0399 4600 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
22:25:02.0405 4600 dot4usb - ok
22:25:02.0437 4600 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
22:25:02.0439 4600 DPS - ok
22:25:02.0468 4600 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
22:25:02.0471 4600 drmkaud - ok
22:25:02.0569 4600 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
22:25:02.0639 4600 DXGKrnl - ok
22:25:02.0691 4600 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:25:02.0697 4600 E1G60 - ok
22:25:02.0737 4600 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
22:25:02.0739 4600 EapHost - ok
22:25:02.0796 4600 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
22:25:02.0801 4600 Ecache - ok
22:25:02.0853 4600 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
22:25:02.0856 4600 ehRecvr - ok
22:25:02.0874 4600 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
22:25:02.0876 4600 ehSched - ok
22:25:02.0895 4600 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
22:25:02.0896 4600 ehstart - ok
22:25:02.0967 4600 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys
22:25:03.0032 4600 ElbyCDFL - ok
22:25:03.0048 4600 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys
22:25:03.0113 4600 ElbyCDIO - ok
22:25:03.0156 4600 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
22:25:03.0172 4600 elxstor - ok
22:25:03.0243 4600 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
22:25:03.0248 4600 EMDMgmt - ok
22:25:03.0260 4600 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
22:25:03.0265 4600 ErrDev - ok
22:25:03.0349 4600 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
22:25:03.0354 4600 EventSystem - ok
22:25:03.0411 4600 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
22:25:03.0419 4600 exfat - ok
22:25:03.0485 4600 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
22:25:03.0493 4600 fastfat - ok
22:25:03.0538 4600 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
22:25:03.0547 4600 fdc - ok
22:25:03.0565 4600 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
22:25:03.0568 4600 fdPHost - ok
22:25:03.0581 4600 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
22:25:03.0584 4600 FDResPub - ok
22:25:03.0601 4600 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
22:25:03.0607 4600 FileInfo - ok
22:25:03.0637 4600 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
22:25:03.0645 4600 Filetrace - ok
22:25:03.0674 4600 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:25:03.0680 4600 flpydisk - ok
22:25:03.0749 4600 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
22:25:03.0760 4600 FltMgr - ok
22:25:03.0889 4600 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
22:25:03.0901 4600 FontCache - ok
22:25:03.0989 4600 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:25:03.0995 4600 FontCache3.0.0.0 - ok
22:25:04.0094 4600 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
22:25:04.0140 4600 Fs_Rec - ok
22:25:04.0169 4600 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
22:25:04.0175 4600 gagp30kx - ok
22:25:04.0242 4600 GameConsoleService (73a2ec1a8dd15f85f92f8ac303a7e39b) C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
22:25:04.0299 4600 GameConsoleService - ok
22:25:04.0369 4600 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:25:04.0412 4600 GEARAspiWDM - ok
22:25:04.0490 4600 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
22:25:04.0504 4600 gpsvc - ok
22:25:04.0569 4600 gupdate1c9dcdeaf5dd97f (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:25:04.0570 4600 gupdate1c9dcdeaf5dd97f - ok
22:25:04.0585 4600 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:25:04.0587 4600 gupdatem - ok
22:25:04.0656 4600 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
22:25:04.0666 4600 HdAudAddService - ok
22:25:04.0758 4600 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:25:04.0776 4600 HDAudBus - ok
22:25:04.0803 4600 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
22:25:04.0809 4600 HidBth - ok
22:25:04.0837 4600 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
22:25:04.0842 4600 HidIr - ok
22:25:04.0892 4600 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
22:25:04.0894 4600 hidserv - ok
22:25:04.0920 4600 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
22:25:04.0925 4600 HidUsb - ok
22:25:04.0949 4600 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
22:25:04.0956 4600 hkmsvc - ok
22:25:05.0035 4600 HP Health Check Service (aa9ef0b395097f24d289f64445b2fd2e) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:25:05.0123 4600 HP Health Check Service - ok
22:25:05.0156 4600 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
22:25:05.0161 4600 HpCISSs - ok
22:25:05.0223 4600 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:25:05.0226 4600 hpqcxs08 - ok
22:25:05.0255 4600 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:25:05.0268 4600 hpqddsvc - ok
22:25:05.0351 4600 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
22:25:05.0371 4600 HTTP - ok
22:25:05.0393 4600 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
22:25:05.0401 4600 i2omp - ok
22:25:05.0429 4600 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
22:25:05.0433 4600 i8042prt - ok
22:25:05.0485 4600 IAANTMON (1117af8c53aa278a4c5b7ef1b00e08f4) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:25:05.0665 4600 IAANTMON - ok
22:25:05.0708 4600 iaStor (5979854e6fda990107e3170327022117) C:\Windows\system32\drivers\iastor.sys
22:25:05.0711 4600 iaStor - ok
22:25:05.0757 4600 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
22:25:05.0766 4600 iaStorV - ok
22:25:05.0884 4600 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:25:05.0899 4600 idsvc - ok
22:25:06.0376 4600 igfx (0bf3c74edf8056617de75054a4825767) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:25:06.0601 4600 igfx - ok
22:25:06.0712 4600 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
22:25:06.0717 4600 iirsp - ok
22:25:06.0778 4600 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
22:25:06.0785 4600 IKEEXT - ok
22:25:06.0878 4600 IntcAzAudAddService (dc64d46ef8ace3bd1cec3a4a61608d4e) C:\Windows\system32\drivers\RTKVHD64.sys
22:25:06.0947 4600 IntcAzAudAddService - ok
22:25:06.0988 4600 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
22:25:06.0993 4600 intelide - ok
22:25:07.0008 4600 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
22:25:07.0013 4600 intelppm - ok
22:25:07.0045 4600 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
22:25:07.0051 4600 IPBusEnum - ok
22:25:07.0100 4600 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:25:07.0104 4600 IpFilterDriver - ok
22:25:07.0173 4600 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
22:25:07.0177 4600 iphlpsvc - ok
22:25:07.0181 4600 IpInIp - ok
22:25:07.0221 4600 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
22:25:07.0228 4600 IPMIDRV - ok
22:25:07.0259 4600 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
22:25:07.0263 4600 IPNAT - ok
22:25:07.0353 4600 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
22:25:07.0419 4600 iPod Service - ok
22:25:07.0439 4600 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
22:25:07.0442 4600 IRENUM - ok
22:25:07.0470 4600 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
22:25:07.0473 4600 isapnp - ok
22:25:07.0540 4600 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
22:25:07.0548 4600 iScsiPrt - ok
22:25:07.0570 4600 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
22:25:07.0574 4600 iteatapi - ok
22:25:07.0620 4600 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
22:25:07.0624 4600 iteraid - ok
22:25:07.0657 4600 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
22:25:07.0660 4600 kbdclass - ok
22:25:07.0677 4600 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:25:07.0682 4600 kbdhid - ok
22:25:07.0731 4600 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
22:25:07.0732 4600 KeyIso - ok
22:25:07.0809 4600 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
22:25:07.0850 4600 KSecDD - ok
22:25:07.0859 4600 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
22:25:07.0864 4600 ksthunk - ok
22:25:07.0908 4600 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
22:25:07.0916 4600 KtmRm - ok
22:25:07.0958 4600 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
22:25:07.0963 4600 LanmanServer - ok
22:25:08.0039 4600 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
22:25:08.0044 4600 LanmanWorkstation - ok
22:25:08.0117 4600 libusb0 (6ef4b6a31d8ac172620bb9c5ae8602ed) C:\Windows\system32\DRIVERS\libusb0.sys
22:25:08.0169 4600 libusb0 - ok
22:25:08.0237 4600 LightScribeService (d571c606e4391449293a706588cc4bdd) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:25:08.0286 4600 LightScribeService - ok
22:25:08.0299 4600 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
22:25:08.0304 4600 lltdio - ok
22:25:08.0344 4600 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
22:25:08.0353 4600 lltdsvc - ok
22:25:08.0375 4600 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
22:25:08.0379 4600 lmhosts - ok
22:25:08.0423 4600 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
22:25:08.0428 4600 LSI_FC - ok
22:25:08.0457 4600 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
22:25:08.0462 4600 LSI_SAS - ok
22:25:08.0483 4600 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
22:25:08.0487 4600 LSI_SCSI - ok
22:25:08.0519 4600 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
22:25:08.0525 4600 luafv - ok
22:25:08.0530 4600 LVcKap64 - ok
22:25:08.0546 4600 LVPr2M64 - ok
22:25:08.0750 4600 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
22:25:08.0852 4600 LVUVC64 - ok
22:25:08.0906 4600 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:08.0908 4600 McAfee SiteAdvisor Service - ok
22:25:08.0915 4600 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:08.0917 4600 McMPFSvc - ok
22:25:08.0932 4600 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:08.0935 4600 mcmscsvc - ok
22:25:08.0941 4600 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:08.0944 4600 McNaiAnn - ok
22:25:08.0951 4600 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:08.0954 4600 McNASvc - ok
22:25:09.0033 4600 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
22:25:09.0037 4600 McODS - ok
22:25:09.0043 4600 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:09.0046 4600 McProxy - ok
22:25:09.0131 4600 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
22:25:09.0133 4600 McShield - ok
22:25:09.0231 4600 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
22:25:09.0236 4600 Mcx2Svc - ok
22:25:09.0288 4600 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
22:25:09.0293 4600 megasas - ok
22:25:09.0357 4600 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
22:25:09.0367 4600 MegaSR - ok
22:25:09.0413 4600 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
22:25:09.0466 4600 mfeapfk - ok
22:25:09.0507 4600 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
22:25:09.0563 4600 mfeavfk - ok
22:25:09.0568 4600 mfeavfk01 - ok
22:25:09.0602 4600 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:25:09.0604 4600 mfefire - ok
22:25:09.0642 4600 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
22:25:09.0694 4600 mfefirek - ok
22:25:09.0771 4600 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
22:25:09.0826 4600 mfehidk - ok
22:25:09.0847 4600 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
22:25:09.0898 4600 mfenlfk - ok
22:25:09.0931 4600 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
22:25:09.0983 4600 mferkdet - ok
22:25:10.0019 4600 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
22:25:10.0069 4600 mfevtp - ok
22:25:10.0115 4600 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
22:25:10.0167 4600 mfewfpk - ok
22:25:10.0198 4600 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
22:25:10.0200 4600 MMCSS - ok
22:25:10.0217 4600 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
22:25:10.0221 4600 Modem - ok
22:25:10.0280 4600 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
22:25:10.0286 4600 monitor - ok
22:25:10.0296 4600 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
22:25:10.0299 4600 mouclass - ok
22:25:10.0330 4600 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
22:25:10.0335 4600 mouhid - ok
22:25:10.0356 4600 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
22:25:10.0360 4600 MountMgr - ok
22:25:10.0377 4600 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
22:25:10.0385 4600 mpio - ok
22:25:10.0406 4600 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
22:25:10.0413 4600 mpsdrv - ok
22:25:10.0484 4600 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
22:25:10.0501 4600 MpsSvc - ok
22:25:10.0527 4600 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
22:25:10.0532 4600 Mraid35x - ok
22:25:10.0586 4600 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
22:25:10.0593 4600 MRxDAV - ok
22:25:10.0664 4600 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:25:10.0721 4600 mrxsmb - ok
22:25:10.0782 4600 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:25:10.0847 4600 mrxsmb10 - ok
22:25:10.0857 4600 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:25:10.0919 4600 mrxsmb20 - ok
22:25:10.0944 4600 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
22:25:10.0948 4600 msahci - ok
22:25:10.0968 4600 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
22:25:10.0974 4600 msdsm - ok
22:25:11.0005 4600 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
22:25:11.0015 4600 MSDTC - ok
22:25:11.0071 4600 MSDV (df674ba7da5a4753d839a905b66d2fd9) C:\Windows\system32\DRIVERS\msdv.sys
22:25:11.0075 4600 MSDV - ok
22:25:11.0092 4600 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
22:25:11.0099 4600 Msfs - ok
22:25:11.0118 4600 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
22:25:11.0123 4600 msisadrv - ok
22:25:11.0165 4600 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
22:25:11.0174 4600 MSiSCSI - ok
22:25:11.0181 4600 msiserver - ok
22:25:11.0248 4600 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:25:11.0252 4600 MSK80Service - ok
22:25:11.0274 4600 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
22:25:11.0279 4600 MSKSSRV - ok
22:25:11.0300 4600 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
22:25:11.0304 4600 MSPCLOCK - ok
22:25:11.0322 4600 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
22:25:11.0330 4600 MSPQM - ok
22:25:11.0400 4600 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
22:25:11.0414 4600 MsRPC - ok
22:25:11.0431 4600 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
22:25:11.0438 4600 mssmbios - ok
22:25:11.0460 4600 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
22:25:11.0468 4600 MSTEE - ok
22:25:11.0490 4600 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
22:25:11.0499 4600 Mup - ok
22:25:11.0581 4600 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
22:25:11.0599 4600 napagent - ok
22:25:11.0673 4600 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
22:25:11.0680 4600 NativeWifiP - ok
22:25:11.0777 4600 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
22:25:11.0799 4600 NDIS - ok
22:25:11.0815 4600 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
22:25:11.0825 4600 NdisTapi - ok
22:25:11.0839 4600 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
22:25:11.0848 4600 Ndisuio - ok
22:25:11.0910 4600 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
22:25:11.0918 4600 NdisWan - ok
22:25:11.0934 4600 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
22:25:11.0942 4600 NDProxy - ok
22:25:11.0973 4600 Net Driver HPZ12 (59267d2f0328599aa3b5408c2e06126f) C:\Windows\system32\HPZinw12.dll
22:25:12.0040 4600 Net Driver HPZ12 - ok
22:25:12.0059 4600 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
22:25:12.0064 4600 NetBIOS - ok
22:25:12.0133 4600 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
22:25:12.0141 4600 netbt - ok
22:25:12.0196 4600 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
22:25:12.0198 4600 Netlogon - ok
22:25:12.0250 4600 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
22:25:12.0253 4600 Netman - ok
22:25:12.0305 4600 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
22:25:12.0309 4600 netprofm - ok
22:25:12.0407 4600 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:25:12.0412 4600 NetTcpPortSharing - ok
22:25:12.0450 4600 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
22:25:12.0454 4600 nfrd960 - ok
22:25:12.0492 4600 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
22:25:12.0495 4600 NlaSvc - ok
22:25:12.0553 4600 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
22:25:12.0557 4600 Npfs - ok
22:25:12.0601 4600 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
22:25:12.0604 4600 nsi - ok
22:25:12.0614 4600 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
22:25:12.0617 4600 nsiproxy - ok
22:25:12.0736 4600 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
22:25:12.0765 4600 Ntfs - ok
22:25:12.0846 4600 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
22:25:12.0850 4600 Null - ok
22:25:12.0913 4600 NVHDA (17a7e888e330c7dfe59c97be44ddcf16) C:\Windows\system32\drivers\nvhda64v.sys
22:25:12.0976 4600 NVHDA - ok
22:25:13.0543 4600 nvlddmkm (feffc8474be060ea7349a172b9810415) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:25:13.0781 4600 nvlddmkm - ok
22:25:13.0895 4600 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
22:25:13.0902 4600 nvraid - ok
22:25:13.0929 4600 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
22:25:13.0933 4600 nvstor - ok
22:25:14.0006 4600 nvsvc (18aa5ff4ee3fe45a64b98589c62b7fc0) C:\Windows\system32\nvvsvc.exe
22:25:14.0058 4600 nvsvc - ok
22:25:14.0098 4600 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
22:25:14.0103 4600 nv_agp - ok
22:25:14.0109 4600 NwlnkFlt - ok
22:25:14.0116 4600 NwlnkFwd - ok
22:25:14.0263 4600 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:25:14.0326 4600 odserv - ok
22:25:14.0416 4600 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
22:25:14.0422 4600 ohci1394 - ok
22:25:14.0506 4600 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:25:14.0558 4600 ose - ok
22:25:15.0234 4600 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
22:25:15.0253 4600 p2pimsvc - ok
22:25:15.0266 4600 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
22:25:15.0278 4600 p2psvc - ok
22:25:15.0314 4600 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
22:25:15.0319 4600 Parport - ok
22:25:15.0376 4600 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
22:25:15.0422 4600 partmgr - ok
22:25:15.0466 4600 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
22:25:15.0469 4600 PcaSvc - ok
22:25:15.0536 4600 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
22:25:15.0541 4600 pci - ok
22:25:15.0579 4600 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
22:25:15.0584 4600 pciide - ok
22:25:15.0606 4600 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
22:25:15.0613 4600 pcmcia - ok
22:25:15.0772 4600 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
22:25:15.0787 4600 PEAUTH - ok
22:25:15.0883 4600 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
22:25:15.0886 4600 PerfHost - ok
22:25:15.0981 4600 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
22:25:15.0992 4600 pla - ok
22:25:16.0053 4600 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
22:25:16.0064 4600 PlugPlay - ok
22:25:16.0101 4600 Pml Driver HPZ12 (5261a2fd55183ac6993145ab6662cddf) C:\Windows\system32\HPZipm12.dll
22:25:16.0154 4600 Pml Driver HPZ12 - ok
22:25:16.0241 4600 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
22:25:16.0254 4600 PNRPAutoReg - ok
22:25:16.0266 4600 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
22:25:16.0279 4600 PNRPsvc - ok
22:25:16.0360 4600 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
22:25:16.0368 4600 PolicyAgent - ok
22:25:16.0448 4600 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
22:25:16.0454 4600 PptpMiniport - ok
22:25:16.0480 4600 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
22:25:16.0486 4600 Processor - ok
22:25:16.0549 4600 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
22:25:16.0553 4600 ProfSvc - ok
22:25:16.0612 4600 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
22:25:16.0614 4600 ProtectedStorage - ok
22:25:16.0644 4600 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
22:25:16.0688 4600 Ps2 - ok
22:25:16.0978 4600 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
22:25:16.0982 4600 PSched - ok
22:25:17.0078 4600 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
22:25:17.0108 4600 ql2300 - ok
22:25:17.0137 4600 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
22:25:17.0147 4600 ql40xx - ok
22:25:17.0254 4600 QW720V64 (ae06d75f402de21c922bcecb30f8fb50) C:\Windows\system32\DRIVERS\WLANUHN.sys
22:25:17.0303 4600 QW720V64 - ok
22:25:17.0344 4600 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
22:25:17.0357 4600 QWAVE - ok
22:25:17.0374 4600 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
22:25:17.0379 4600 QWAVEdrv - ok
22:25:17.0472 4600 RapiMgr (ed4e69c31ef566266be13638ebe9da56) C:\Windows\WindowsMobile\rapimgr.dll
22:25:17.0474 4600 RapiMgr - ok
22:25:17.0484 4600 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
22:25:17.0487 4600 RasAcd - ok
22:25:17.0516 4600 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
22:25:17.0518 4600 RasAuto - ok
22:25:17.0594 4600 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:25:17.0602 4600 Rasl2tp - ok
22:25:17.0625 4600 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
22:25:17.0630 4600 RasMan - ok
22:25:17.0679 4600 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
22:25:17.0684 4600 RasPppoe - ok
22:25:17.0737 4600 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
22:25:17.0743 4600 RasSstp - ok
22:25:17.0803 4600 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
22:25:17.0813 4600 rdbss - ok
22:25:17.0836 4600 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:25:17.0840 4600 RDPCDD - ok
22:25:17.0872 4600 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
22:25:17.0884 4600 rdpdr - ok
22:25:17.0891 4600 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
22:25:17.0895 4600 RDPENCDD - ok
22:25:17.0971 4600 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
22:25:18.0035 4600 RDPWD - ok
22:25:18.0077 4600 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
22:25:18.0080 4600 RemoteAccess - ok
22:25:18.0156 4600 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
22:25:18.0160 4600 RemoteRegistry - ok
22:25:18.0176 4600 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
22:25:18.0180 4600 RpcLocator - ok
22:25:18.0262 4600 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
22:25:18.0268 4600 RpcSs - ok
22:25:18.0287 4600 RpcSs32 - ok
22:25:18.0313 4600 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
22:25:18.0318 4600 rspndr - ok
22:25:18.0360 4600 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
22:25:18.0362 4600 RTL8169 - ok
22:25:18.0420 4600 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
22:25:18.0422 4600 SamSs - ok
22:25:18.0452 4600 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
22:25:18.0455 4600 sbp2port - ok
22:25:18.0503 4600 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
22:25:18.0506 4600 SCardSvr - ok
22:25:18.0609 4600 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
22:25:18.0617 4600 Schedule - ok
22:25:18.0670 4600 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
22:25:18.0671 4600 SCPolicySvc - ok
22:25:18.0703 4600 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
22:25:18.0706 4600 SDRSVC - ok
22:25:18.0726 4600 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:25:18.0730 4600 secdrv - ok
22:25:18.0743 4600 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
22:25:18.0746 4600 seclogon - ok
22:25:18.0759 4600 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
22:25:18.0762 4600 SENS - ok
22:25:18.0782 4600 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
22:25:18.0785 4600 Serenum - ok
22:25:18.0813 4600 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
22:25:18.0820 4600 Serial - ok
22:25:18.0853 4600 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
22:25:18.0861 4600 sermouse - ok
22:25:18.0898 4600 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
22:25:18.0901 4600 SessionEnv - ok
22:25:18.0918 4600 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
22:25:18.0924 4600 sffdisk - ok
22:25:18.0939 4600 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
22:25:18.0944 4600 sffp_mmc - ok
22:25:18.0959 4600 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
22:25:18.0964 4600 sffp_sd - ok
22:25:18.0977 4600 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
22:25:18.0982 4600 sfloppy - ok
22:25:19.0020 4600 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
22:25:19.0031 4600 SharedAccess - ok
22:25:19.0111 4600 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
22:25:19.0118 4600 ShellHWDetection - ok
22:25:19.0137 4600 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
22:25:19.0142 4600 SiSRaid2 - ok
22:25:19.0171 4600 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
22:25:19.0177 4600 SiSRaid4 - ok
22:25:19.0347 4600 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
22:25:19.0401 4600 slsvc - ok
22:25:19.0523 4600 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
22:25:19.0527 4600 SLUINotify - ok
22:25:19.0634 4600 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
22:25:19.0641 4600 Smb - ok
22:25:19.0684 4600 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
22:25:19.0696 4600 SNMPTRAP - ok
22:25:19.0750 4600 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
22:25:19.0754 4600 spldr - ok
22:25:19.0822 4600 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
22:25:19.0828 4600 Spooler - ok
22:25:19.0888 4600 sprtlisten - ok
22:25:19.0972 4600 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
22:25:19.0972 4600 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
22:25:19.0975 4600 sptd ( LockedFile.Multi.Generic ) - warning
22:25:19.0975 4600 sptd - detected LockedFile.Multi.Generic (1)
22:25:20.0060 4600 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
22:25:20.0149 4600 srv - ok
22:25:20.0192 4600 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
22:25:20.0239 4600 srv2 - ok
22:25:20.0251 4600 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
22:25:20.0297 4600 srvnet - ok
22:25:20.0351 4600 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
22:25:20.0355 4600 SSDPSRV - ok
22:25:20.0373 4600 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
22:25:20.0380 4600 SstpSvc - ok
22:25:20.0459 4600 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
22:25:20.0469 4600 stisvc - ok
22:25:20.0588 4600 SupportSoft RemoteAssist (2e5586392cdfbd1d73badb20e9ed6386) C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
22:25:20.0694 4600 SupportSoft RemoteAssist - ok
22:25:20.0749 4600 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
22:25:20.0754 4600 swenum - ok
22:25:20.0835 4600 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
22:25:20.0840 4600 swprv - ok
22:25:20.0868 4600 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
22:25:20.0874 4600 Symc8xx - ok
22:25:20.0894 4600 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
22:25:20.0901 4600 Sym_hi - ok
22:25:20.0940 4600 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
22:25:20.0944 4600 Sym_u3 - ok
22:25:21.0034 4600 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
22:25:21.0049 4600 SysMain - ok
22:25:21.0073 4600 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
22:25:21.0077 4600 TabletInputService - ok
22:25:21.0151 4600 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
22:25:21.0159 4600 TapiSrv - ok
22:25:21.0174 4600 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
22:25:21.0177 4600 TBS - ok
22:25:21.0294 4600 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
22:25:21.0391 4600 Tcpip - ok
22:25:21.0517 4600 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
22:25:21.0532 4600 Tcpip6 - ok
22:25:21.0610 4600 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
22:25:21.0616 4600 tcpipreg - ok
22:25:21.0640 4600 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
22:25:21.0645 4600 TDPIPE - ok
22:25:21.0669 4600 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
22:25:21.0678 4600 TDTCP - ok
22:25:21.0740 4600 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
22:25:21.0747 4600 tdx - ok
22:25:21.0786 4600 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
22:25:21.0795 4600 TermDD - ok
22:25:21.0868 4600 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
22:25:21.0881 4600 TermService - ok
22:25:21.0960 4600 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
22:25:21.0966 4600 Themes - ok
22:25:21.0987 4600 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
22:25:21.0990 4600 THREADORDER - ok
22:25:22.0020 4600 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
22:25:22.0025 4600 TrkWks - ok
22:25:22.0098 4600 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
22:25:22.0100 4600 TrustedInstaller - ok
22:25:22.0161 4600 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:25:22.0164 4600 tssecsrv - ok
22:25:22.0208 4600 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
22:25:22.0213 4600 tunmp - ok
22:25:22.0272 4600 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
22:25:22.0276 4600 tunnel - ok
22:25:22.0410 4600 TVCapSvc (862e9dec4b802dd58d897a151a17c527) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
22:25:22.0473 4600 TVCapSvc - ok
22:25:22.0506 4600 TVSched (5dce4656bf1eba4eb475d192f23b0b56) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
22:25:22.0565 4600 TVSched - ok
22:25:22.0618 4600 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
22:25:22.0621 4600 uagp35 - ok
22:25:22.0674 4600 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
22:25:22.0682 4600 udfs - ok
22:25:22.0716 4600 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
22:25:22.0722 4600 UI0Detect - ok
22:25:22.0758 4600 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
22:25:22.0762 4600 uliagpkx - ok
22:25:22.0803 4600 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
22:25:22.0811 4600 uliahci - ok
22:25:22.0830 4600 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
22:25:22.0836 4600 UlSata - ok
22:25:22.0854 4600 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
22:25:22.0861 4600 ulsata2 - ok
22:25:22.0881 4600 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
22:25:22.0887 4600 umbus - ok
22:25:23.0012 4600 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:25:23.0080 4600 UMVPFSrv - ok
22:25:23.0112 4600 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
22:25:23.0116 4600 upnphost - ok
22:25:23.0192 4600 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:25:23.0242 4600 USBAAPL64 - ok
22:25:23.0307 4600 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
22:25:23.0312 4600 usbaudio - ok
22:25:23.0349 4600 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
22:25:23.0354 4600 usbccgp - ok
22:25:23.0384 4600 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
22:25:23.0392 4600 usbcir - ok
22:25:23.0446 4600 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
22:25:23.0453 4600 usbehci - ok
22:25:23.0487 4600 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
22:25:23.0497 4600 usbhub - ok
22:25:23.0537 4600 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
22:25:23.0542 4600 usbohci - ok
22:25:23.0568 4600 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
22:25:23.0572 4600 usbprint - ok
22:25:23.0602 4600 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
22:25:23.0605 4600 usbscan - ok
22:25:23.0665 4600 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:25:23.0670 4600 USBSTOR - ok
22:25:23.0687 4600 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
22:25:23.0692 4600 usbuhci - ok
22:25:23.0756 4600 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
22:25:23.0764 4600 usbvideo - ok
22:25:23.0807 4600 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
22:25:23.0810 4600 usb_rndisx - ok
22:25:23.0869 4600 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
22:25:23.0873 4600 UxSms - ok
22:25:23.0945 4600 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
22:25:23.0962 4600 vds - ok
22:25:23.0988 4600 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
22:25:23.0997 4600 vga - ok
22:25:24.0019 4600 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
22:25:24.0027 4600 VgaSave - ok
22:25:24.0045 4600 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
22:25:24.0051 4600 viaide - ok
22:25:24.0066 4600 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
22:25:24.0072 4600 volmgr - ok
22:25:24.0142 4600 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
22:25:24.0156 4600 volmgrx - ok
22:25:24.0184 4600 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
22:25:24.0193 4600 volsnap - ok
22:25:24.0220 4600 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
22:25:24.0226 4600 vsmraid - ok
22:25:24.0338 4600 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
22:25:24.0359 4600 VSS - ok
22:25:24.0459 4600 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
22:25:24.0466 4600 W32Time - ok
22:25:24.0526 4600 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
22:25:24.0532 4600 WacomPen - ok
22:25:24.0595 4600 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:25:24.0599 4600 Wanarp - ok
22:25:24.0604 4600 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:25:24.0608 4600 Wanarpv6 - ok
22:25:24.0701 4600 WcesComm (382a7b0b632ec98de5f0658da9de6159) C:\Windows\WindowsMobile\wcescomm.dll
22:25:24.0704 4600 WcesComm - ok
22:25:24.0782 4600 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
22:25:24.0788 4600 wcncsvc - ok
22:25:24.0805 4600 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
22:25:24.0809 4600 WcsPlugInService - ok
22:25:24.0832 4600 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
22:25:24.0837 4600 Wd - ok
22:25:24.0892 4600 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
22:25:24.0910 4600 Wdf01000 - ok
22:25:24.0929 4600 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
22:25:24.0932 4600 WdiServiceHost - ok
22:25:24.0936 4600 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
22:25:24.0940 4600 WdiSystemHost - ok
22:25:24.0965 4600 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
22:25:24.0969 4600 WebClient - ok
22:25:25.0046 4600 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
22:25:25.0050 4600 Wecsvc - ok
22:25:25.0062 4600 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
22:25:25.0067 4600 wercplsupport - ok
22:25:25.0083 4600 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
22:25:25.0089 4600 WerSvc - ok
22:25:25.0112 4600 WinDefend - ok
22:25:25.0122 4600 WinHttpAutoProxySvc - ok
22:25:25.0211 4600 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
22:25:25.0215 4600 Winmgmt - ok
22:25:25.0338 4600 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
22:25:25.0399 4600 WinRM - ok
22:25:25.0522 4600 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
22:25:25.0532 4600 Wlansvc - ok
22:25:25.0589 4600 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
22:25:25.0592 4600 WmiAcpi - ok
22:25:25.0685 4600 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
22:25:25.0688 4600 wmiApSrv - ok
22:25:25.0723 4600 WMPNetworkSvc - ok
22:25:25.0759 4600 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
22:25:25.0768 4600 WPCSvc - ok
22:25:25.0831 4600 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
22:25:25.0835 4600 WPDBusEnum - ok
22:25:25.0888 4600 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
22:25:25.0894 4600 WpdUsb - ok
22:25:26.0169 4600 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:25:26.0181 4600 WPFFontCache_v0400 - ok
22:25:26.0224 4600 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
22:25:26.0232 4600 ws2ifsl - ok
22:25:26.0301 4600 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
22:25:26.0308 4600 wscsvc - ok
22:25:26.0314 4600 WSearch - ok
22:25:26.0450 4600 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
22:25:26.0478 4600 wuauserv - ok
22:25:26.0569 4600 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:25:26.0576 4600 WUDFRd - ok
22:25:26.0624 4600 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
22:25:26.0627 4600 wudfsvc - ok
22:25:26.0689 4600 ZDCNDIS6a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\ZDCNDIS6a64.sys
22:25:26.0742 4600 ZDCNDIS6a64 - ok
22:25:26.0830 4600 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
22:25:26.0891 4600 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
22:25:26.0936 4600 MBR (0x1B8) (03ba8f890b47c0be359a4d5a636d214d) \Device\Harddisk0\DR0
22:25:27.0227 4600 \Device\Harddisk0\DR0 - ok
22:25:27.0232 4600 Boot (0x1200) (103702a19989b6d3a9b75154e6c08f52) \Device\Harddisk0\DR0\Partition0
22:25:27.0234 4600 \Device\Harddisk0\DR0\Partition0 - ok
22:25:27.0241 4600 Boot (0x1200) (8d6626a07c0010a5dbc07b32be3acebe) \Device\Harddisk0\DR0\Partition1
22:25:27.0243 4600 \Device\Harddisk0\DR0\Partition1 - ok
22:25:27.0247 4600 ============================================================
22:25:27.0247 4600 Scan finished
22:25:27.0247 4600 ============================================================
22:25:27.0259 1988 Detected object count: 1
22:25:27.0259 1988 Actual detected object count: 1

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:33 AM

Posted 29 May 2012 - 01:50 AM

22:25:27.0259 1988 Detected object count: 1

Run TDSSkiller once again and post the new log

Waiting for malwarebytes log :thumbup2:


Press WIndows+R key and type

%temp% and click ok

If you find a folder called SMTMP,Copy the folder to a safe location.


??

Edited by narenxp, 29 May 2012 - 02:55 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users