Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Repeating BSOD crashes with combofix, Background music/ads


  • Please log in to reply
7 replies to this topic

#1 Virgorival

Virgorival

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 22 June 2012 - 04:42 AM

I'll come out the gate and say I was trying to use Combofix without instruction to fix a few issues i'm having, but everytime I fire it up, it crashes my computer into BSOD everytime, even in safe mode


the issues I'm having are

1.)Music and ads playing in the background that are seemingly coming from nowhere, sometimes they will blip and go away and sometimes they will hang around
mostly when I'm idle
1-2.) Not sure, but I noticed ads hanging in the bottom right corner of my browser. didn't think anything of it till I noticed one Stay in the middle of a page change.

2.)I would leave the computer on at times and find its BSOD after sometime as well, also Each time it BSOD's on me, I seem to lose "keep me log'd in" passwords on a few sites I go to, not sure if thats some kind of failsafe
2-2.) after a BSOD crash, it may BSOD a few times when loading up before it lets me do anything on full restarts

3.)Windows have a backlog of failed updates from the Automatic Windows Update from May, this includes Service Pack 1 for Windows 7, a manual download and install seems to hang up and won't install as well, haven't attempted after my run of Malwarebytes Anti-Malware

4.) Malwarebytes Did find some rootkit, but I think it killed that, but it does keep finding something wrong with svchost.exe as Trojan.Agent that won't go away

5.) and again, Combofix crashes my computer when it gets about halfway installing the folder in C:/



from this point, i'm alil worried of stressing my poor computer anymore then I have and just need a straight operation on how to fix her
orz

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:38 PM

Posted 22 June 2012 - 06:48 AM

Do not use combofix without expert guidance.Lets see if we can fix this without combofix

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 22 June 2012 - 06:48 AM.


#3 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 22 June 2012 - 06:18 PM

TDSS Log



18:14:00.0767 2408 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
18:14:01.0563 2408 ============================================================
18:14:01.0563 2408 Current date / time: 2012/06/22 18:14:01.0563
18:14:01.0563 2408 SystemInfo:
18:14:01.0563 2408
18:14:01.0563 2408 OS Version: 6.1.7600 ServicePack: 0.0
18:14:01.0563 2408 Product type: Workstation
18:14:01.0563 2408 ComputerName: PATCHOULI
18:14:01.0563 2408 UserName: Rival
18:14:01.0563 2408 Windows directory: C:\Windows
18:14:01.0563 2408 System windows directory: C:\Windows
18:14:01.0563 2408 Running under WOW64
18:14:01.0563 2408 Processor architecture: Intel x64
18:14:01.0563 2408 Number of processors: 6
18:14:01.0563 2408 Page size: 0x1000
18:14:01.0563 2408 Boot type: Safe boot with network
18:14:01.0563 2408 ============================================================
18:14:03.0419 2408 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:14:03.0435 2408 ============================================================
18:14:03.0435 2408 \Device\Harddisk0\DR0:
18:14:03.0435 2408 MBR partitions:
18:14:03.0435 2408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1394800, BlocksNum 0x73371800
18:14:03.0435 2408 ============================================================
18:14:03.0466 2408 C: <-> \Device\Harddisk0\DR0\Partition0
18:14:03.0466 2408 ============================================================
18:14:03.0466 2408 Initialize success
18:14:03.0466 2408 ============================================================
18:14:51.0062 2572 ============================================================
18:14:51.0062 2572 Scan started
18:14:51.0062 2572 Mode: Manual; TDLFS;
18:14:51.0062 2572 ============================================================
18:14:53.0339 2572 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:14:53.0339 2572 !SASCORE - ok
18:14:53.0464 2572 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
18:14:53.0464 2572 1394ohci - ok
18:14:53.0480 2572 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
18:14:53.0480 2572 ACPI - ok
18:14:53.0480 2572 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
18:14:53.0480 2572 AcpiPmi - ok
18:14:53.0558 2572 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:14:53.0558 2572 AdobeARMservice - ok
18:14:53.0589 2572 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:14:53.0589 2572 adp94xx - ok
18:14:53.0604 2572 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:14:53.0604 2572 adpahci - ok
18:14:53.0620 2572 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:14:53.0620 2572 adpu320 - ok
18:14:53.0651 2572 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:14:53.0651 2572 AeLookupSvc - ok
18:14:53.0698 2572 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
18:14:53.0698 2572 AFD - ok
18:14:53.0714 2572 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
18:14:53.0714 2572 agp440 - ok
18:14:53.0729 2572 ahcix64s (4b4c16b50fdcd6b5cd21721eda2ed54c) C:\Windows\system32\DRIVERS\ahcix64s.sys
18:14:53.0745 2572 ahcix64s - ok
18:14:53.0776 2572 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:14:53.0776 2572 ALG - ok
18:14:53.0776 2572 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
18:14:53.0776 2572 aliide - ok
18:14:53.0807 2572 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
18:14:53.0807 2572 AMD External Events Utility - ok
18:14:53.0885 2572 AMD FUEL Service - ok
18:14:53.0885 2572 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
18:14:53.0885 2572 amdide - ok
18:14:53.0916 2572 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
18:14:53.0916 2572 amdiox64 - ok
18:14:53.0932 2572 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:14:53.0932 2572 AmdK8 - ok
18:14:54.0462 2572 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
18:14:54.0634 2572 amdkmdag - ok
18:14:54.0712 2572 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
18:14:54.0728 2572 amdkmdap - ok
18:14:54.0743 2572 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:14:54.0743 2572 AmdPPM - ok
18:14:54.0774 2572 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
18:14:54.0774 2572 amdsata - ok
18:14:54.0790 2572 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:14:54.0790 2572 amdsbs - ok
18:14:54.0790 2572 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
18:14:54.0790 2572 amdxata - ok
18:14:54.0868 2572 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
18:14:54.0868 2572 AODDriver4.1 - ok
18:14:54.0899 2572 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:14:54.0899 2572 AppID - ok
18:14:54.0915 2572 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:14:54.0915 2572 AppIDSvc - ok
18:14:54.0930 2572 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
18:14:54.0930 2572 Appinfo - ok
18:14:54.0962 2572 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:14:54.0962 2572 arc - ok
18:14:54.0977 2572 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:14:54.0977 2572 arcsas - ok
18:14:55.0040 2572 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
18:14:55.0040 2572 ASInsHelp - ok
18:14:55.0055 2572 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
18:14:55.0055 2572 AsIO - ok
18:14:55.0071 2572 AsUpIO (26d66e32e78d3059715b3a17bc679cd9) C:\Windows\syswow64\drivers\AsUpIO.sys
18:14:55.0071 2572 AsUpIO - ok
18:14:55.0086 2572 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:14:55.0086 2572 AsyncMac - ok
18:14:55.0102 2572 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
18:14:55.0102 2572 atapi - ok
18:14:55.0133 2572 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
18:14:55.0133 2572 AtiHDAudioService - ok
18:14:55.0149 2572 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
18:14:55.0149 2572 AtiHdmiService - ok
18:14:55.0476 2572 atikmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
18:14:55.0508 2572 atikmdag - ok
18:14:55.0601 2572 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
18:14:55.0601 2572 AtiPcie - ok
18:14:55.0648 2572 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:14:55.0648 2572 AudioEndpointBuilder - ok
18:14:55.0664 2572 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:14:55.0664 2572 AudioSrv - ok
18:14:55.0664 2572 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
18:14:55.0664 2572 AxInstSV - ok
18:14:55.0710 2572 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:14:55.0710 2572 b06bdrv - ok
18:14:55.0742 2572 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:14:55.0742 2572 b57nd60a - ok
18:14:55.0773 2572 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:14:55.0773 2572 BDESVC - ok
18:14:55.0788 2572 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:14:55.0788 2572 Beep - ok
18:14:55.0788 2572 BFE - ok
18:14:55.0835 2572 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
18:14:55.0882 2572 BITS - ok
18:14:55.0898 2572 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:14:55.0898 2572 blbdrive - ok
18:14:55.0913 2572 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:14:55.0913 2572 bowser - ok
18:14:55.0929 2572 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:14:55.0929 2572 BrFiltLo - ok
18:14:55.0944 2572 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:14:55.0944 2572 BrFiltUp - ok
18:14:55.0960 2572 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:14:55.0960 2572 BridgeMP - ok
18:14:55.0976 2572 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
18:14:55.0976 2572 Browser - ok
18:14:55.0991 2572 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:14:55.0991 2572 Brserid - ok
18:14:56.0007 2572 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:14:56.0007 2572 BrSerWdm - ok
18:14:56.0022 2572 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:14:56.0022 2572 BrUsbMdm - ok
18:14:56.0022 2572 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:14:56.0022 2572 BrUsbSer - ok
18:14:56.0038 2572 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:14:56.0038 2572 BTHMODEM - ok
18:14:56.0054 2572 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:14:56.0054 2572 bthserv - ok
18:14:56.0069 2572 catchme - ok
18:14:56.0069 2572 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:14:56.0069 2572 cdfs - ok
18:14:56.0085 2572 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:14:56.0085 2572 cdrom - ok
18:14:56.0100 2572 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:14:56.0100 2572 CertPropSvc - ok
18:14:56.0100 2572 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:14:56.0100 2572 circlass - ok
18:14:56.0147 2572 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:14:56.0163 2572 CLFS - ok
18:14:56.0194 2572 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:14:56.0210 2572 clr_optimization_v2.0.50727_32 - ok
18:14:56.0303 2572 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:14:56.0303 2572 clr_optimization_v2.0.50727_64 - ok
18:14:56.0366 2572 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:14:56.0397 2572 clr_optimization_v4.0.30319_32 - ok
18:14:56.0412 2572 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:14:56.0412 2572 clr_optimization_v4.0.30319_64 - ok
18:14:56.0412 2572 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:14:56.0412 2572 CmBatt - ok
18:14:56.0444 2572 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
18:14:56.0444 2572 cmdide - ok
18:14:56.0475 2572 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
18:14:56.0475 2572 CNG - ok
18:14:56.0490 2572 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:14:56.0490 2572 Compbatt - ok
18:14:56.0537 2572 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:14:56.0537 2572 CompositeBus - ok
18:14:56.0537 2572 COMSysApp - ok
18:14:56.0537 2572 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:14:56.0537 2572 crcdisk - ok
18:14:56.0584 2572 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
18:14:56.0584 2572 CryptSvc - ok
18:14:56.0646 2572 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
18:14:56.0646 2572 DAZContentManagementService - ok
18:14:56.0678 2572 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:14:56.0678 2572 DcomLaunch - ok
18:14:56.0709 2572 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:14:56.0709 2572 defragsvc - ok
18:14:56.0756 2572 Device Handle Service (0a403702cb00432ac818523cd416bf67) C:\Windows\SysWOW64\AsHookDevice.exe
18:14:56.0756 2572 Device Handle Service - ok
18:14:56.0802 2572 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:14:56.0802 2572 DfsC - ok
18:14:56.0834 2572 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
18:14:56.0834 2572 Dhcp - ok
18:14:56.0834 2572 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:14:56.0834 2572 discache - ok
18:14:56.0865 2572 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:14:56.0865 2572 Disk - ok
18:14:56.0896 2572 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
18:14:56.0896 2572 Dnscache - ok
18:14:56.0912 2572 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
18:14:56.0912 2572 dot3svc - ok
18:14:56.0958 2572 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
18:14:56.0958 2572 DPS - ok
18:14:56.0974 2572 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:14:56.0974 2572 drmkaud - ok
18:14:57.0005 2572 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
18:14:57.0005 2572 DXGKrnl - ok
18:14:57.0036 2572 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:14:57.0036 2572 EapHost - ok
18:14:57.0114 2572 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:14:57.0161 2572 ebdrv - ok
18:14:57.0239 2572 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
18:14:57.0239 2572 EFS - ok
18:14:57.0286 2572 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
18:14:57.0286 2572 ehRecvr - ok
18:14:57.0317 2572 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:14:57.0317 2572 ehSched - ok
18:14:57.0364 2572 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:14:57.0364 2572 elxstor - ok
18:14:57.0380 2572 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
18:14:57.0380 2572 ErrDev - ok
18:14:57.0395 2572 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:14:57.0395 2572 EventSystem - ok
18:14:57.0411 2572 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:14:57.0411 2572 exfat - ok
18:14:57.0442 2572 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:14:57.0442 2572 fastfat - ok
18:14:57.0473 2572 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
18:14:57.0489 2572 Fax - ok
18:14:57.0520 2572 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:14:57.0520 2572 fdc - ok
18:14:57.0520 2572 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:14:57.0520 2572 fdPHost - ok
18:14:57.0536 2572 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:14:57.0536 2572 FDResPub - ok
18:14:57.0536 2572 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:14:57.0536 2572 FileInfo - ok
18:14:57.0567 2572 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:14:57.0567 2572 Filetrace - ok
18:14:57.0582 2572 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:14:57.0582 2572 flpydisk - ok
18:14:57.0582 2572 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:14:57.0598 2572 FltMgr - ok
18:14:57.0645 2572 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
18:14:57.0660 2572 FontCache - ok
18:14:57.0707 2572 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:14:57.0707 2572 FontCache3.0.0.0 - ok
18:14:57.0723 2572 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:14:57.0723 2572 FsDepends - ok
18:14:57.0738 2572 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
18:14:57.0754 2572 fssfltr - ok
18:14:57.0848 2572 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:14:57.0879 2572 fsssvc - ok
18:14:57.0972 2572 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
18:14:57.0972 2572 Fs_Rec - ok
18:14:58.0004 2572 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:14:58.0004 2572 fvevol - ok
18:14:58.0019 2572 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:14:58.0019 2572 gagp30kx - ok
18:14:58.0066 2572 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
18:14:58.0066 2572 gpsvc - ok
18:14:58.0144 2572 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:58.0144 2572 gupdate - ok
18:14:58.0144 2572 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:58.0144 2572 gupdatem - ok
18:14:58.0191 2572 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:14:58.0206 2572 gusvc - ok
18:14:58.0206 2572 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:14:58.0206 2572 hcw85cir - ok
18:14:58.0238 2572 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
18:14:58.0238 2572 HdAudAddService - ok
18:14:58.0269 2572 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:14:58.0269 2572 HDAudBus - ok
18:14:58.0269 2572 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:14:58.0269 2572 HidBatt - ok
18:14:58.0284 2572 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:14:58.0284 2572 HidBth - ok
18:14:58.0331 2572 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:14:58.0331 2572 HidIr - ok
18:14:58.0347 2572 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
18:14:58.0347 2572 hidserv - ok
18:14:58.0362 2572 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:14:58.0362 2572 HidUsb - ok
18:14:58.0394 2572 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
18:14:58.0394 2572 hkmsvc - ok
18:14:58.0409 2572 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
18:14:58.0409 2572 HomeGroupListener - ok
18:14:58.0440 2572 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
18:14:58.0456 2572 HomeGroupProvider - ok
18:14:58.0472 2572 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:14:58.0472 2572 HpSAMD - ok
18:14:58.0503 2572 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:14:58.0503 2572 HTTP - ok
18:14:58.0518 2572 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:14:58.0518 2572 hwpolicy - ok
18:14:58.0534 2572 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:14:58.0534 2572 i8042prt - ok
18:14:58.0565 2572 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
18:14:58.0581 2572 iaStorV - ok
18:14:58.0659 2572 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:14:58.0659 2572 idsvc - ok
18:14:58.0830 2572 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:14:58.0908 2572 igfx - ok
18:14:58.0971 2572 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:14:58.0971 2572 iirsp - ok
18:14:59.0033 2572 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
18:14:59.0049 2572 IKEEXT - ok
18:14:59.0080 2572 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
18:14:59.0080 2572 intelide - ok
18:14:59.0096 2572 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:14:59.0096 2572 intelppm - ok
18:14:59.0096 2572 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:14:59.0096 2572 IPBusEnum - ok
18:14:59.0111 2572 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:14:59.0111 2572 IpFilterDriver - ok
18:14:59.0127 2572 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:14:59.0127 2572 IPMIDRV - ok
18:14:59.0142 2572 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:14:59.0142 2572 IPNAT - ok
18:14:59.0142 2572 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:14:59.0142 2572 IRENUM - ok
18:14:59.0158 2572 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
18:14:59.0158 2572 isapnp - ok
18:14:59.0158 2572 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
18:14:59.0158 2572 iScsiPrt - ok
18:14:59.0330 2572 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:14:59.0330 2572 kbdclass - ok
18:14:59.0423 2572 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
18:14:59.0423 2572 kbdhid - ok
18:14:59.0454 2572 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:14:59.0454 2572 KeyIso - ok
18:14:59.0470 2572 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
18:14:59.0470 2572 KSecDD - ok
18:14:59.0501 2572 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
18:14:59.0517 2572 KSecPkg - ok
18:14:59.0517 2572 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:14:59.0517 2572 ksthunk - ok
18:14:59.0532 2572 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:14:59.0532 2572 KtmRm - ok
18:14:59.0579 2572 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
18:14:59.0595 2572 LanmanServer - ok
18:14:59.0610 2572 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
18:14:59.0626 2572 LanmanWorkstation - ok
18:14:59.0642 2572 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:14:59.0642 2572 lltdio - ok
18:14:59.0673 2572 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:14:59.0673 2572 lltdsvc - ok
18:14:59.0688 2572 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:14:59.0688 2572 lmhosts - ok
18:14:59.0704 2572 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:14:59.0704 2572 LSI_FC - ok
18:14:59.0720 2572 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:14:59.0720 2572 LSI_SAS - ok
18:14:59.0720 2572 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:14:59.0735 2572 LSI_SAS2 - ok
18:14:59.0751 2572 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:14:59.0751 2572 LSI_SCSI - ok
18:14:59.0766 2572 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:14:59.0766 2572 luafv - ok
18:14:59.0813 2572 MagicTune (b3b7c5f26f3f8c7992350b7ede64f5c9) C:\Windows\system32\drivers\MTiCtwl.sys
18:14:59.0813 2572 MagicTune - ok
18:14:59.0829 2572 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
18:14:59.0829 2572 Mcx2Svc - ok
18:14:59.0844 2572 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:14:59.0844 2572 megasas - ok
18:14:59.0860 2572 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:14:59.0860 2572 MegaSR - ok
18:14:59.0876 2572 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:14:59.0876 2572 MMCSS - ok
18:14:59.0891 2572 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:14:59.0891 2572 Modem - ok
18:14:59.0907 2572 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:14:59.0907 2572 monitor - ok
18:14:59.0907 2572 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:14:59.0907 2572 mouclass - ok
18:14:59.0922 2572 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:14:59.0922 2572 mouhid - ok
18:14:59.0938 2572 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:14:59.0938 2572 mountmgr - ok
18:15:00.0047 2572 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:15:00.0063 2572 MozillaMaintenance - ok
18:15:00.0078 2572 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
18:15:00.0078 2572 mpio - ok
18:15:00.0078 2572 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:15:00.0078 2572 mpsdrv - ok
18:15:00.0094 2572 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:15:00.0094 2572 MRxDAV - ok
18:15:00.0141 2572 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:15:00.0141 2572 mrxsmb - ok
18:15:00.0141 2572 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:15:00.0156 2572 mrxsmb10 - ok
18:15:00.0156 2572 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:15:00.0156 2572 mrxsmb20 - ok
18:15:00.0188 2572 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
18:15:00.0188 2572 msahci - ok
18:15:00.0203 2572 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
18:15:00.0203 2572 msdsm - ok
18:15:00.0219 2572 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:15:00.0219 2572 MSDTC - ok
18:15:00.0234 2572 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:15:00.0234 2572 Msfs - ok
18:15:00.0250 2572 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:15:00.0250 2572 mshidkmdf - ok
18:15:00.0250 2572 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
18:15:00.0250 2572 msisadrv - ok
18:15:00.0297 2572 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:15:00.0297 2572 MSiSCSI - ok
18:15:00.0312 2572 msiserver - ok
18:15:00.0312 2572 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:15:00.0312 2572 MSKSSRV - ok
18:15:00.0328 2572 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:15:00.0328 2572 MSPCLOCK - ok
18:15:00.0328 2572 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:15:00.0328 2572 MSPQM - ok
18:15:00.0344 2572 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:15:00.0344 2572 MsRPC - ok
18:15:00.0359 2572 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:15:00.0359 2572 mssmbios - ok
18:15:00.0375 2572 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:15:00.0375 2572 MSTEE - ok
18:15:00.0406 2572 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:15:00.0406 2572 MTConfig - ok
18:15:00.0437 2572 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
18:15:00.0437 2572 MTsensor - ok
18:15:00.0453 2572 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:15:00.0453 2572 Mup - ok
18:15:00.0468 2572 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
18:15:00.0468 2572 napagent - ok
18:15:00.0515 2572 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:15:00.0515 2572 NativeWifiP - ok
18:15:00.0562 2572 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:15:00.0562 2572 NDIS - ok
18:15:00.0609 2572 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:15:00.0609 2572 NdisCap - ok
18:15:00.0624 2572 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:15:00.0624 2572 NdisTapi - ok
18:15:00.0640 2572 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:15:00.0640 2572 Ndisuio - ok
18:15:00.0640 2572 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:15:00.0640 2572 NdisWan - ok
18:15:00.0656 2572 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:15:00.0656 2572 NDProxy - ok
18:15:00.0687 2572 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
18:15:00.0687 2572 Net Driver HPZ12 - ok
18:15:00.0702 2572 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:15:00.0702 2572 NetBIOS - ok
18:15:00.0718 2572 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:15:00.0718 2572 NetBT - ok
18:15:00.0749 2572 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:15:00.0749 2572 Netlogon - ok
18:15:00.0765 2572 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:15:00.0765 2572 Netman - ok
18:15:00.0796 2572 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:15:00.0796 2572 netprofm - ok
18:15:00.0843 2572 netr28x (44d4bd55191624c82a2745296ba42814) C:\Windows\system32\DRIVERS\netr28x.sys
18:15:00.0858 2572 netr28x - ok
18:15:00.0936 2572 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:15:00.0936 2572 NetTcpPortSharing - ok
18:15:00.0952 2572 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:15:00.0952 2572 nfrd960 - ok
18:15:00.0968 2572 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
18:15:00.0968 2572 NlaSvc - ok
18:15:00.0983 2572 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:15:00.0983 2572 Npfs - ok
18:15:00.0999 2572 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:15:00.0999 2572 nsi - ok
18:15:00.0999 2572 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:15:00.0999 2572 nsiproxy - ok
18:15:01.0061 2572 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
18:15:01.0077 2572 Ntfs - ok
18:15:01.0124 2572 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:15:01.0124 2572 Null - ok
18:15:01.0170 2572 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
18:15:01.0170 2572 nvraid - ok
18:15:01.0186 2572 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
18:15:01.0186 2572 nvstor - ok
18:15:01.0217 2572 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
18:15:01.0217 2572 nv_agp - ok
18:15:01.0233 2572 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
18:15:01.0233 2572 ohci1394 - ok
18:15:01.0248 2572 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:15:01.0264 2572 p2pimsvc - ok
18:15:01.0280 2572 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:15:01.0280 2572 p2psvc - ok
18:15:01.0295 2572 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:15:01.0295 2572 Parport - ok
18:15:01.0326 2572 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
18:15:01.0326 2572 partmgr - ok
18:15:01.0326 2572 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:15:01.0342 2572 PcaSvc - ok
18:15:01.0358 2572 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
18:15:01.0358 2572 pci - ok
18:15:01.0373 2572 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
18:15:01.0373 2572 pciide - ok
18:15:01.0373 2572 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:15:01.0373 2572 pcmcia - ok
18:15:01.0404 2572 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:15:01.0420 2572 pcw - ok
18:15:01.0451 2572 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:15:01.0451 2572 PEAUTH - ok
18:15:01.0498 2572 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:15:01.0529 2572 PerfHost - ok
18:15:01.0623 2572 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
18:15:01.0638 2572 pla - ok
18:15:01.0701 2572 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
18:15:01.0701 2572 PlugPlay - ok
18:15:01.0732 2572 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
18:15:01.0732 2572 Pml Driver HPZ12 - ok
18:15:01.0748 2572 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:15:01.0748 2572 PNRPAutoReg - ok
18:15:01.0763 2572 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:15:01.0779 2572 PNRPsvc - ok
18:15:01.0794 2572 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
18:15:01.0794 2572 PolicyAgent - ok
18:15:01.0810 2572 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:15:01.0826 2572 Power - ok
18:15:01.0872 2572 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:15:01.0872 2572 PptpMiniport - ok
18:15:01.0872 2572 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:15:01.0872 2572 Processor - ok
18:15:01.0904 2572 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
18:15:01.0904 2572 ProfSvc - ok
18:15:01.0935 2572 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:15:01.0935 2572 ProtectedStorage - ok
18:15:01.0950 2572 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:15:01.0966 2572 Psched - ok
18:15:02.0013 2572 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:15:02.0044 2572 ql2300 - ok
18:15:02.0122 2572 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:15:02.0122 2572 ql40xx - ok
18:15:02.0153 2572 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:15:02.0153 2572 QWAVE - ok
18:15:02.0169 2572 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:15:02.0169 2572 QWAVEdrv - ok
18:15:02.0184 2572 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:15:02.0184 2572 RasAcd - ok
18:15:02.0200 2572 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:15:02.0200 2572 RasAgileVpn - ok
18:15:02.0200 2572 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:15:02.0216 2572 RasAuto - ok
18:15:02.0216 2572 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:15:02.0231 2572 Rasl2tp - ok
18:15:02.0247 2572 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
18:15:02.0262 2572 RasMan - ok
18:15:02.0262 2572 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:15:02.0262 2572 RasPppoe - ok
18:15:02.0278 2572 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:15:02.0278 2572 RasSstp - ok
18:15:02.0294 2572 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:15:02.0294 2572 rdbss - ok
18:15:02.0309 2572 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:15:02.0309 2572 rdpbus - ok
18:15:02.0325 2572 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:15:02.0325 2572 RDPCDD - ok
18:15:02.0340 2572 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:15:02.0340 2572 RDPENCDD - ok
18:15:02.0340 2572 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:15:02.0340 2572 RDPREFMP - ok
18:15:02.0387 2572 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
18:15:02.0387 2572 RDPWD - ok
18:15:02.0387 2572 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:15:02.0403 2572 rdyboost - ok
18:15:02.0450 2572 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:15:02.0450 2572 RemoteAccess - ok
18:15:02.0465 2572 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:15:02.0465 2572 RemoteRegistry - ok
18:15:02.0481 2572 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:15:02.0481 2572 RpcEptMapper - ok
18:15:02.0496 2572 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:15:02.0496 2572 RpcLocator - ok
18:15:02.0528 2572 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:15:02.0528 2572 RpcSs - ok
18:15:02.0528 2572 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:15:02.0528 2572 rspndr - ok
18:15:02.0559 2572 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:15:02.0559 2572 RTL8167 - ok
18:15:02.0590 2572 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:15:02.0590 2572 SamSs - ok
18:15:02.0699 2572 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:15:02.0699 2572 SASDIFSV - ok
18:15:02.0699 2572 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:15:02.0699 2572 SASKUTIL - ok
18:15:02.0715 2572 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
18:15:02.0715 2572 sbp2port - ok
18:15:02.0746 2572 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:15:02.0746 2572 SCardSvr - ok
18:15:02.0762 2572 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:15:02.0762 2572 scfilter - ok
18:15:02.0793 2572 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
18:15:02.0808 2572 Schedule - ok
18:15:02.0840 2572 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:15:02.0840 2572 SCPolicySvc - ok
18:15:02.0855 2572 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
18:15:02.0855 2572 SDRSVC - ok
18:15:02.0902 2572 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:15:02.0902 2572 secdrv - ok
18:15:02.0902 2572 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
18:15:02.0902 2572 seclogon - ok
18:15:02.0918 2572 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
18:15:02.0918 2572 SENS - ok
18:15:02.0933 2572 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:15:02.0933 2572 SensrSvc - ok
18:15:02.0933 2572 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:15:02.0933 2572 Serenum - ok
18:15:02.0949 2572 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:15:02.0949 2572 Serial - ok
18:15:02.0980 2572 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:15:02.0980 2572 sermouse - ok
18:15:02.0996 2572 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
18:15:02.0996 2572 SessionEnv - ok
18:15:03.0011 2572 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
18:15:03.0011 2572 sffdisk - ok
18:15:03.0011 2572 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:15:03.0011 2572 sffp_mmc - ok
18:15:03.0027 2572 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:15:03.0027 2572 sffp_sd - ok
18:15:03.0027 2572 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:15:03.0027 2572 sfloppy - ok
18:15:03.0042 2572 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
18:15:03.0042 2572 ShellHWDetection - ok
18:15:03.0058 2572 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:15:03.0058 2572 SiSRaid2 - ok
18:15:03.0074 2572 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:15:03.0074 2572 SiSRaid4 - ok
18:15:03.0089 2572 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:15:03.0089 2572 Smb - ok
18:15:03.0105 2572 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:15:03.0105 2572 SNMPTRAP - ok
18:15:03.0120 2572 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:15:03.0120 2572 spldr - ok
18:15:03.0136 2572 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
18:15:03.0136 2572 Spooler - ok
18:15:03.0230 2572 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
18:15:03.0276 2572 sppsvc - ok
18:15:03.0370 2572 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:15:03.0370 2572 sppuinotify - ok
18:15:03.0417 2572 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:15:03.0432 2572 srv - ok
18:15:03.0448 2572 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:15:03.0448 2572 srv2 - ok
18:15:03.0464 2572 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:15:03.0464 2572 srvnet - ok
18:15:03.0479 2572 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:15:03.0479 2572 SSDPSRV - ok
18:15:03.0495 2572 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:15:03.0495 2572 SstpSvc - ok
18:15:03.0510 2572 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:15:03.0510 2572 stexstor - ok
18:15:03.0542 2572 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
18:15:03.0542 2572 stisvc - ok
18:15:03.0557 2572 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:15:03.0557 2572 swenum - ok
18:15:03.0666 2572 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:15:03.0666 2572 SwitchBoard - ok
18:15:03.0698 2572 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:15:03.0698 2572 swprv - ok
18:15:03.0744 2572 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
18:15:03.0776 2572 SysMain - ok
18:15:03.0822 2572 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
18:15:03.0822 2572 TabletInputService - ok
18:15:04.0041 2572 TabletServicePen (c4c20cfa4f42e9b7454e895c5c47bcd3) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
18:15:04.0134 2572 TabletServicePen - ok
18:15:04.0228 2572 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
18:15:04.0244 2572 TapiSrv - ok
18:15:04.0244 2572 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:15:04.0259 2572 TBS - ok
18:15:04.0368 2572 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
18:15:04.0400 2572 Tcpip - ok
18:15:04.0868 2572 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
18:15:04.0868 2572 TCPIP6 - ok
18:15:04.0946 2572 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:15:04.0946 2572 tcpipreg - ok
18:15:04.0946 2572 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:15:04.0946 2572 TDPIPE - ok
18:15:04.0977 2572 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
18:15:04.0977 2572 TDTCP - ok
18:15:04.0992 2572 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:15:04.0992 2572 tdx - ok
18:15:05.0024 2572 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
18:15:05.0024 2572 TermDD - ok
18:15:05.0039 2572 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
18:15:05.0055 2572 TermService - ok
18:15:05.0070 2572 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:15:05.0070 2572 Themes - ok
18:15:05.0086 2572 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:15:05.0086 2572 THREADORDER - ok
18:15:05.0133 2572 TouchServicePen (7625dcf246e488e523dc1f64c38abda2) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
18:15:05.0148 2572 TouchServicePen - ok
18:15:05.0148 2572 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:15:05.0148 2572 TrkWks - ok
18:15:05.0195 2572 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
18:15:05.0195 2572 TrustedInstaller - ok
18:15:05.0211 2572 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:15:05.0211 2572 tssecsrv - ok
18:15:05.0226 2572 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:15:05.0226 2572 tunnel - ok
18:15:05.0242 2572 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:15:05.0242 2572 uagp35 - ok
18:15:05.0258 2572 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
18:15:05.0258 2572 udfs - ok
18:15:05.0273 2572 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:15:05.0273 2572 UI0Detect - ok
18:15:05.0304 2572 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:15:05.0320 2572 uliagpkx - ok
18:15:05.0320 2572 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:15:05.0320 2572 umbus - ok
18:15:05.0320 2572 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:15:05.0320 2572 UmPass - ok
18:15:05.0336 2572 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:15:05.0351 2572 upnphost - ok
18:15:05.0382 2572 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:05.0382 2572 usbccgp - ok
18:15:05.0382 2572 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:15:05.0382 2572 usbcir - ok
18:15:05.0398 2572 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
18:15:05.0398 2572 usbehci - ok
18:15:05.0445 2572 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
18:15:05.0445 2572 usbfilter - ok
18:15:05.0460 2572 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
18:15:05.0460 2572 usbhub - ok
18:15:05.0476 2572 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
18:15:05.0476 2572 usbohci - ok
18:15:05.0492 2572 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:15:05.0492 2572 usbprint - ok
18:15:05.0507 2572 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:15:05.0507 2572 USBSTOR - ok
18:15:05.0507 2572 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
18:15:05.0507 2572 usbuhci - ok
18:15:05.0523 2572 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:15:05.0523 2572 UxSms - ok
18:15:05.0570 2572 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:15:05.0570 2572 VaultSvc - ok
18:15:05.0585 2572 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:15:05.0585 2572 vdrvroot - ok
18:15:05.0601 2572 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
18:15:05.0601 2572 vds - ok
18:15:05.0616 2572 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:15:05.0616 2572 vga - ok
18:15:05.0616 2572 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:15:05.0616 2572 VgaSave - ok
18:15:05.0632 2572 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
18:15:05.0632 2572 vhdmp - ok
18:15:05.0710 2572 VIAHdAudAddService (d4944dbf92e07f1f641cb512065966e6) C:\Windows\system32\drivers\viahduaa.sys
18:15:05.0726 2572 VIAHdAudAddService - ok
18:15:05.0819 2572 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
18:15:05.0819 2572 viaide - ok
18:15:05.0819 2572 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
18:15:05.0819 2572 volmgr - ok
18:15:05.0835 2572 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:15:05.0850 2572 volmgrx - ok
18:15:05.0866 2572 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
18:15:05.0882 2572 volsnap - ok
18:15:05.0882 2572 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:15:05.0897 2572 vsmraid - ok
18:15:05.0944 2572 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
18:15:05.0960 2572 VSS - ok
18:15:06.0022 2572 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:15:06.0022 2572 vwifibus - ok
18:15:06.0069 2572 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:15:06.0069 2572 vwififlt - ok
18:15:06.0084 2572 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:15:06.0084 2572 W32Time - ok
18:15:06.0116 2572 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
18:15:06.0116 2572 wacommousefilter - ok
18:15:06.0131 2572 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:15:06.0131 2572 WacomPen - ok
18:15:06.0162 2572 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
18:15:06.0162 2572 wacomvhid - ok
18:15:06.0194 2572 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:15:06.0194 2572 WANARP - ok
18:15:06.0194 2572 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:15:06.0194 2572 Wanarpv6 - ok
18:15:06.0240 2572 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:15:06.0272 2572 WatAdminSvc - ok
18:15:06.0318 2572 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
18:15:06.0334 2572 wbengine - ok
18:15:06.0396 2572 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:15:06.0396 2572 WbioSrvc - ok
18:15:06.0428 2572 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
18:15:06.0428 2572 wcncsvc - ok
18:15:06.0443 2572 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:15:06.0443 2572 WcsPlugInService - ok
18:15:06.0459 2572 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:15:06.0459 2572 Wd - ok
18:15:06.0506 2572 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:15:06.0521 2572 Wdf01000 - ok
18:15:06.0537 2572 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:15:06.0537 2572 WdiServiceHost - ok
18:15:06.0552 2572 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:15:06.0552 2572 WdiSystemHost - ok
18:15:06.0568 2572 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
18:15:06.0568 2572 WebClient - ok
18:15:06.0584 2572 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:15:06.0584 2572 Wecsvc - ok
18:15:06.0599 2572 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:15:06.0599 2572 wercplsupport - ok
18:15:06.0630 2572 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:15:06.0630 2572 WerSvc - ok
18:15:06.0630 2572 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:15:06.0630 2572 WfpLwf - ok
18:15:06.0646 2572 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:15:06.0646 2572 WIMMount - ok
18:15:06.0646 2572 WinHttpAutoProxySvc - ok
18:15:06.0693 2572 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:15:06.0693 2572 Winmgmt - ok
18:15:06.0740 2572 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
18:15:06.0771 2572 WinRM - ok
18:15:06.0880 2572 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
18:15:06.0880 2572 WinUsb - ok
18:15:06.0911 2572 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:15:06.0911 2572 Wlansvc - ok
18:15:06.0958 2572 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:15:06.0974 2572 wlcrasvc - ok
18:15:07.0067 2572 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:15:07.0114 2572 wlidsvc - ok
18:15:07.0161 2572 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:15:07.0176 2572 WmiAcpi - ok
18:15:07.0192 2572 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:15:07.0192 2572 wmiApSrv - ok
18:15:07.0239 2572 WMPNetworkSvc - ok
18:15:07.0239 2572 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:15:07.0239 2572 WPCSvc - ok
18:15:07.0254 2572 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
18:15:07.0254 2572 WPDBusEnum - ok
18:15:07.0270 2572 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:15:07.0270 2572 ws2ifsl - ok
18:15:07.0270 2572 WSearch - ok
18:15:07.0364 2572 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:15:07.0395 2572 wuauserv - ok
18:15:07.0442 2572 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
18:15:07.0457 2572 WudfPf - ok
18:15:07.0457 2572 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:15:07.0457 2572 WUDFRd - ok
18:15:07.0473 2572 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
18:15:07.0473 2572 wudfsvc - ok
18:15:07.0488 2572 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:15:07.0504 2572 WwanSvc - ok
18:15:07.0520 2572 MBR (0x1B8) (4976d4a7a40b83fc7f06ee4bdd84eb9b) \Device\Harddisk0\DR0
18:15:07.0551 2572 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:15:07.0551 2572 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:15:07.0598 2572 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:15:07.0598 2572 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:15:07.0629 2572 Boot (0x1200) (04879ef0d98b65f9854d49c3fe7d1003) \Device\Harddisk0\DR0\Partition0
18:15:07.0629 2572 \Device\Harddisk0\DR0\Partition0 - ok
18:15:07.0629 2572 ============================================================
18:15:07.0629 2572 Scan finished
18:15:07.0629 2572 ============================================================
18:15:07.0644 2564 Detected object count: 2
18:15:07.0644 2564 Actual detected object count: 2

#4 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 22 June 2012 - 06:25 PM

aswMER Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-22 18:18:34
-----------------------------
18:18:34.751 OS Version: Windows x64 6.1.7600
18:18:34.751 Number of processors: 6 586 0xA00
18:18:34.751 ComputerName: PATCHOULI UserName: Rival
18:18:41.549 Initialize success
18:19:28.269 AVAST engine defs: 12062201
18:20:05.560 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:20:05.560 Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
18:20:05.560 Device \Driver\atapi -> MajorFunction fffffa80083635e8
18:20:05.560 Disk 0 MBR read successfully
18:20:05.560 Disk 0 MBR scan
18:20:05.592 Disk 0 unknown MBR code
18:20:05.592 Disk 0 MBR hidden
18:20:05.607 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 10024 MB offset 2048
18:20:05.623 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 943843 MB offset 20531200
18:20:05.638 Disk 0 scanning C:\Windows\system32\drivers
18:20:13.204 Service scanning
18:20:25.965 Modules scanning
18:20:25.965 Disk 0 trace - called modules:
18:20:25.965 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80083635e8]<<
18:20:25.981 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80076ec060]
18:20:25.981 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa80076049b0]
18:20:25.981 5 ACPI.sys[fffff88000f5e781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80076ed060]
18:20:25.981 \Driver\atapi[0xfffffa8008018890] -> IRP_MJ_CREATE -> 0xfffffa80083635e8
18:20:35.263 AVAST engine scan C:\Windows
18:20:39.116 AVAST engine scan C:\Windows\system32
18:22:49.956 AVAST engine scan C:\Windows\system32\drivers
18:23:00.580 AVAST engine scan C:\Users\Rival
18:23:36.382 Disk 0 MBR has been saved successfully to "C:\Users\Rival\Desktop\MBR.dat"
18:23:36.382 The log file has been saved successfully to "C:\Users\Rival\Desktop\aswMBR.txt"

#5 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 22 June 2012 - 10:50 PM

well, I Think i just F-Bar'd her

after the scans, I attempted to install the Windows Updates which installed Windows Sucrity Essentals which ended up putting it in a repeating reboot because it was trying to clean win32/sirefef. (I think it was)

as well as just plain restarting after a warning that the computer was going to restart becuse of an error (no BSOD)
after trying to get it into safe mode to do Anything, it did the same thing just plain restarted

Now the Windows GUI won't even load, not even in safe mode

its just a black screen with my arrow cursor

on my labtop btw

Edited by Virgorival, 22 June 2012 - 10:51 PM.


#6 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 22 June 2012 - 11:12 PM

WAIT!
popped the factory disk in and she loaded and has Not done anything to crash

Don't know whats going on, but shes running again

what do I do from hear so it doesn't happen agian

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:38 PM

Posted 23 June 2012 - 12:44 AM

after the scans, I attempted to install the Windows Updates which installed Windows Sucrity Essentals which ended up putting it in a repeating reboot because it was trying to clean win32/sirefef. (I think it was)

The scans are not over yet.I never advised you to run windows updates when system is infected by malware.

If the system still needs help let me know.I could ask for a help from malware response team.

Note:Do not run any tools unless instructed

#8 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 23 June 2012 - 01:26 AM

I'm not getting background sound and the computer seems to be more stable

If need be I will rerun the scans and reposts the logs




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users