Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Dropper.Generic_c.MMI


  • This topic is locked This topic is locked
6 replies to this topic

#1 klathus

klathus

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 09 July 2012 - 10:38 AM

I dont know much about computers, but I know enough to remove viruses before and this one is difficult and doing some damage. can you please help??!! the name from AVG is "Trojan horse Dropper.Generic_c.MMI"

Edit: Moved topic from Introductions to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 09 July 2012 - 11:22 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 klathus

klathus
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 09 July 2012 - 01:36 PM

TDSSkiler finished... the rest to come

13:03:55.0961 3356 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
13:03:56.0637 3356 ============================================================
13:03:56.0637 3356 Current date / time: 2012/07/09 13:03:56.0637
13:03:56.0637 3356 SystemInfo:
13:03:56.0637 3356
13:03:56.0637 3356 OS Version: 6.1.7601 ServicePack: 1.0
13:03:56.0637 3356 Product type: Workstation
13:03:56.0638 3356 ComputerName: KODY-PC
13:03:56.0638 3356 UserName: Kody
13:03:56.0638 3356 Windows directory: C:\windows
13:03:56.0638 3356 System windows directory: C:\windows
13:03:56.0638 3356 Running under WOW64
13:03:56.0638 3356 Processor architecture: Intel x64
13:03:56.0638 3356 Number of processors: 4
13:03:56.0638 3356 Page size: 0x1000
13:03:56.0638 3356 Boot type: Normal boot
13:03:56.0638 3356 ============================================================
13:03:57.0329 3356 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:03:57.0343 3356 ============================================================
13:03:57.0343 3356 \Device\Harddisk0\DR0:
13:03:57.0344 3356 MBR partitions:
13:03:57.0344 3356 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38BC8000
13:03:57.0344 3356 ============================================================
13:03:57.0371 3356 C: <-> \Device\Harddisk0\DR0\Partition0
13:03:57.0371 3356 ============================================================
13:03:57.0371 3356 Initialize success
13:03:57.0371 3356 ============================================================
13:04:14.0541 7140 ============================================================
13:04:14.0541 7140 Scan started
13:04:14.0541 7140 Mode: Manual; TDLFS;
13:04:14.0541 7140 ============================================================
13:04:15.0476 7140 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
13:04:15.0481 7140 1394ohci - ok
13:04:15.0536 7140 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
13:04:15.0542 7140 ACPI - ok
13:04:15.0602 7140 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
13:04:15.0619 7140 AcpiPmi - ok
13:04:15.0785 7140 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:04:15.0790 7140 AdobeFlashPlayerUpdateSvc - ok
13:04:15.0857 7140 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
13:04:15.0865 7140 adp94xx - ok
13:04:15.0913 7140 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
13:04:15.0919 7140 adpahci - ok
13:04:15.0956 7140 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
13:04:15.0960 7140 adpu320 - ok
13:04:16.0004 7140 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
13:04:16.0007 7140 AeLookupSvc - ok
13:04:16.0049 7140 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
13:04:16.0057 7140 AFD - ok
13:04:16.0110 7140 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
13:04:16.0112 7140 agp440 - ok
13:04:16.0127 7140 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
13:04:16.0131 7140 ALG - ok
13:04:16.0171 7140 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
13:04:16.0172 7140 aliide - ok
13:04:16.0193 7140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
13:04:16.0195 7140 amdide - ok
13:04:16.0233 7140 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
13:04:16.0236 7140 AmdK8 - ok
13:04:16.0243 7140 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
13:04:16.0246 7140 AmdPPM - ok
13:04:16.0315 7140 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
13:04:16.0318 7140 amdsata - ok
13:04:16.0366 7140 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
13:04:16.0370 7140 amdsbs - ok
13:04:16.0413 7140 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
13:04:16.0415 7140 amdxata - ok
13:04:16.0470 7140 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
13:04:16.0473 7140 AppID - ok
13:04:16.0510 7140 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
13:04:16.0512 7140 AppIDSvc - ok
13:04:16.0549 7140 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
13:04:16.0556 7140 Appinfo - ok
13:04:16.0602 7140 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
13:04:16.0605 7140 arc - ok
13:04:16.0623 7140 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
13:04:16.0626 7140 arcsas - ok
13:04:16.0646 7140 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
13:04:16.0647 7140 AsyncMac - ok
13:04:16.0690 7140 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
13:04:16.0692 7140 atapi - ok
13:04:16.0769 7140 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
13:04:16.0781 7140 AudioEndpointBuilder - ok
13:04:16.0794 7140 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
13:04:16.0803 7140 AudioSrv - ok
13:04:17.0170 7140 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
13:04:17.0244 7140 AVGIDSAgent - ok
13:04:17.0376 7140 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
13:04:17.0379 7140 AVGIDSDriver - ok
13:04:17.0417 7140 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
13:04:17.0420 7140 AVGIDSEH - ok
13:04:17.0430 7140 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
13:04:17.0432 7140 AVGIDSFilter - ok
13:04:17.0476 7140 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
13:04:17.0482 7140 Avgldx64 - ok
13:04:17.0515 7140 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
13:04:17.0518 7140 Avgmfx64 - ok
13:04:17.0570 7140 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
13:04:17.0572 7140 Avgrkx64 - ok
13:04:17.0627 7140 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
13:04:17.0634 7140 Avgtdia - ok
13:04:17.0726 7140 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
13:04:17.0731 7140 avgwd - ok
13:04:17.0780 7140 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
13:04:17.0786 7140 AxInstSV - ok
13:04:17.0845 7140 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
13:04:17.0854 7140 b06bdrv - ok
13:04:17.0914 7140 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
13:04:17.0919 7140 b57nd60a - ok
13:04:17.0959 7140 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
13:04:17.0962 7140 BDESVC - ok
13:04:17.0978 7140 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
13:04:17.0980 7140 Beep - ok
13:04:18.0072 7140 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
13:04:18.0088 7140 BITS - ok
13:04:18.0125 7140 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
13:04:18.0127 7140 blbdrive - ok
13:04:18.0182 7140 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
13:04:18.0187 7140 bowser - ok
13:04:18.0210 7140 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
13:04:18.0215 7140 BrFiltLo - ok
13:04:18.0235 7140 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
13:04:18.0236 7140 BrFiltUp - ok
13:04:18.0291 7140 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
13:04:18.0294 7140 Browser - ok
13:04:18.0342 7140 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
13:04:18.0348 7140 Brserid - ok
13:04:18.0369 7140 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
13:04:18.0371 7140 BrSerWdm - ok
13:04:18.0391 7140 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
13:04:18.0393 7140 BrUsbMdm - ok
13:04:18.0410 7140 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
13:04:18.0412 7140 BrUsbSer - ok
13:04:18.0419 7140 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
13:04:18.0422 7140 BTHMODEM - ok
13:04:18.0468 7140 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
13:04:18.0471 7140 bthserv - ok
13:04:18.0487 7140 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
13:04:18.0489 7140 cdfs - ok
13:04:18.0553 7140 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
13:04:18.0556 7140 cdrom - ok
13:04:18.0602 7140 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
13:04:18.0604 7140 CertPropSvc - ok
13:04:18.0720 7140 cfWiMAXService (adbdc69a0c25361870a1ac009d29f960) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
13:04:18.0726 7140 cfWiMAXService - ok
13:04:18.0767 7140 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
13:04:18.0769 7140 circlass - ok
13:04:18.0821 7140 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
13:04:18.0828 7140 CLFS - ok
13:04:18.0893 7140 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:04:18.0919 7140 clr_optimization_v2.0.50727_32 - ok
13:04:18.0967 7140 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:04:18.0970 7140 clr_optimization_v2.0.50727_64 - ok
13:04:18.0994 7140 clwvd - ok
13:04:19.0024 7140 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
13:04:19.0026 7140 CmBatt - ok
13:04:19.0058 7140 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
13:04:19.0061 7140 cmdide - ok
13:04:19.0130 7140 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
13:04:19.0138 7140 CNG - ok
13:04:19.0176 7140 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
13:04:19.0178 7140 Compbatt - ok
13:04:19.0219 7140 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
13:04:19.0222 7140 CompositeBus - ok
13:04:19.0231 7140 COMSysApp - ok
13:04:19.0323 7140 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
13:04:19.0325 7140 ConfigFree Service - ok
13:04:19.0340 7140 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
13:04:19.0342 7140 crcdisk - ok
13:04:19.0400 7140 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
13:04:19.0404 7140 CryptSvc - ok
13:04:19.0478 7140 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
13:04:19.0488 7140 DcomLaunch - ok
13:04:19.0526 7140 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
13:04:19.0532 7140 defragsvc - ok
13:04:19.0581 7140 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
13:04:19.0584 7140 DfsC - ok
13:04:19.0647 7140 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
13:04:19.0653 7140 Dhcp - ok
13:04:19.0706 7140 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
13:04:19.0708 7140 discache - ok
13:04:19.0752 7140 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
13:04:19.0755 7140 Disk - ok
13:04:19.0801 7140 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
13:04:19.0806 7140 Dnscache - ok
13:04:19.0853 7140 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
13:04:19.0859 7140 dot3svc - ok
13:04:19.0886 7140 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
13:04:19.0890 7140 DPS - ok
13:04:19.0919 7140 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
13:04:19.0921 7140 drmkaud - ok
13:04:19.0937 7140 DVDAccss - ok
13:04:20.0023 7140 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
13:04:20.0041 7140 DXGKrnl - ok
13:04:20.0073 7140 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
13:04:20.0078 7140 EapHost - ok
13:04:20.0291 7140 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
13:04:20.0344 7140 ebdrv - ok
13:04:20.0464 7140 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
13:04:20.0467 7140 EFS - ok
13:04:20.0559 7140 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
13:04:20.0573 7140 ehRecvr - ok
13:04:20.0607 7140 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
13:04:20.0612 7140 ehSched - ok
13:04:20.0709 7140 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
13:04:20.0720 7140 elxstor - ok
13:04:20.0759 7140 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
13:04:20.0774 7140 ErrDev - ok
13:04:20.0828 7140 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
13:04:20.0836 7140 EventSystem - ok
13:04:20.0887 7140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
13:04:20.0891 7140 exfat - ok
13:04:20.0915 7140 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
13:04:20.0920 7140 fastfat - ok
13:04:20.0995 7140 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
13:04:21.0009 7140 Fax - ok
13:04:21.0042 7140 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
13:04:21.0045 7140 fdc - ok
13:04:21.0088 7140 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
13:04:21.0090 7140 fdPHost - ok
13:04:21.0108 7140 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
13:04:21.0110 7140 FDResPub - ok
13:04:21.0127 7140 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
13:04:21.0130 7140 FileInfo - ok
13:04:21.0140 7140 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
13:04:21.0143 7140 Filetrace - ok
13:04:21.0177 7140 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
13:04:21.0178 7140 flpydisk - ok
13:04:21.0235 7140 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
13:04:21.0240 7140 FltMgr - ok
13:04:21.0332 7140 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
13:04:21.0353 7140 FontCache - ok
13:04:21.0427 7140 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:04:21.0430 7140 FontCache3.0.0.0 - ok
13:04:21.0478 7140 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
13:04:21.0481 7140 FsDepends - ok
13:04:21.0503 7140 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
13:04:21.0505 7140 Fs_Rec - ok
13:04:21.0556 7140 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
13:04:21.0561 7140 fvevol - ok
13:04:21.0613 7140 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
13:04:21.0615 7140 FwLnk - ok
13:04:21.0660 7140 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
13:04:21.0663 7140 gagp30kx - ok
13:04:21.0777 7140 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
13:04:21.0792 7140 gpsvc - ok
13:04:21.0813 7140 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
13:04:21.0815 7140 hcw85cir - ok
13:04:21.0879 7140 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
13:04:21.0886 7140 HdAudAddService - ok
13:04:21.0932 7140 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
13:04:21.0934 7140 HDAudBus - ok
13:04:21.0971 7140 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
13:04:21.0974 7140 HECIx64 - ok
13:04:22.0002 7140 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
13:04:22.0004 7140 HidBatt - ok
13:04:22.0024 7140 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
13:04:22.0028 7140 HidBth - ok
13:04:22.0049 7140 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
13:04:22.0052 7140 HidIr - ok
13:04:22.0085 7140 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
13:04:22.0088 7140 hidserv - ok
13:04:22.0149 7140 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
13:04:22.0151 7140 HidUsb - ok
13:04:22.0186 7140 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
13:04:22.0190 7140 hkmsvc - ok
13:04:22.0234 7140 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
13:04:22.0241 7140 HomeGroupListener - ok
13:04:22.0280 7140 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
13:04:22.0286 7140 HomeGroupProvider - ok
13:04:22.0308 7140 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
13:04:22.0311 7140 HpSAMD - ok
13:04:22.0385 7140 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
13:04:22.0397 7140 HTTP - ok
13:04:22.0434 7140 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
13:04:22.0436 7140 hwpolicy - ok
13:04:22.0467 7140 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
13:04:22.0470 7140 i8042prt - ok
13:04:22.0520 7140 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\windows\system32\DRIVERS\iaStor.sys
13:04:22.0527 7140 iaStor - ok
13:04:22.0586 7140 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:04:22.0588 7140 IAStorDataMgrSvc - ok
13:04:22.0666 7140 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
13:04:22.0673 7140 iaStorV - ok
13:04:22.0797 7140 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:04:22.0812 7140 idsvc - ok
13:04:23.0261 7140 igfx (0372c154226f7074cd150f475a4870a6) C:\windows\system32\DRIVERS\igdkmd64.sys
13:04:23.0435 7140 igfx - ok
13:04:23.0585 7140 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
13:04:23.0587 7140 iirsp - ok
13:04:23.0705 7140 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
13:04:23.0721 7140 IKEEXT - ok
13:04:23.0760 7140 Impcd (36fdf367a1dabff903e2214023d71368) C:\windows\system32\DRIVERS\Impcd.sys
13:04:23.0765 7140 Impcd - ok
13:04:23.0964 7140 IntcAzAudAddService (450bec18b45bccfdc923e11f856dbda7) C:\windows\system32\drivers\RTKVHD64.sys
13:04:24.0017 7140 IntcAzAudAddService - ok
13:04:24.0163 7140 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\windows\system32\DRIVERS\IntcDAud.sys
13:04:24.0181 7140 IntcDAud - ok
13:04:24.0216 7140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
13:04:24.0218 7140 intelide - ok
13:04:24.0263 7140 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
13:04:24.0265 7140 intelppm - ok
13:04:24.0302 7140 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
13:04:24.0305 7140 IPBusEnum - ok
13:04:24.0337 7140 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
13:04:24.0340 7140 IpFilterDriver - ok
13:04:24.0366 7140 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
13:04:24.0368 7140 IPMIDRV - ok
13:04:24.0421 7140 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
13:04:24.0425 7140 IPNAT - ok
13:04:24.0457 7140 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
13:04:24.0459 7140 IRENUM - ok
13:04:24.0481 7140 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
13:04:24.0483 7140 isapnp - ok
13:04:24.0520 7140 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
13:04:24.0526 7140 iScsiPrt - ok
13:04:24.0559 7140 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
13:04:24.0561 7140 kbdclass - ok
13:04:24.0601 7140 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
13:04:24.0604 7140 kbdhid - ok
13:04:24.0631 7140 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:04:24.0633 7140 KeyIso - ok
13:04:24.0645 7140 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
13:04:24.0649 7140 KSecDD - ok
13:04:24.0687 7140 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
13:04:24.0691 7140 KSecPkg - ok
13:04:24.0728 7140 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
13:04:24.0730 7140 ksthunk - ok
13:04:24.0783 7140 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
13:04:24.0793 7140 KtmRm - ok
13:04:24.0858 7140 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
13:04:24.0865 7140 LanmanServer - ok
13:04:24.0910 7140 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
13:04:24.0916 7140 LanmanWorkstation - ok
13:04:24.0954 7140 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
13:04:24.0957 7140 lltdio - ok
13:04:25.0006 7140 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
13:04:25.0013 7140 lltdsvc - ok
13:04:25.0032 7140 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
13:04:25.0035 7140 lmhosts - ok
13:04:25.0131 7140 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:04:25.0135 7140 LMS - ok
13:04:25.0205 7140 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
13:04:25.0209 7140 LSI_FC - ok
13:04:25.0220 7140 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
13:04:25.0223 7140 LSI_SAS - ok
13:04:25.0244 7140 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
13:04:25.0247 7140 LSI_SAS2 - ok
13:04:25.0270 7140 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
13:04:25.0274 7140 LSI_SCSI - ok
13:04:25.0299 7140 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
13:04:25.0302 7140 luafv - ok
13:04:25.0341 7140 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\windows\system32\DRIVERS\ManyCam_x64.sys
13:04:25.0344 7140 ManyCam - ok
13:04:25.0382 7140 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
13:04:25.0386 7140 Mcx2Svc - ok
13:04:25.0412 7140 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
13:04:25.0414 7140 megasas - ok
13:04:25.0459 7140 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
13:04:25.0466 7140 MegaSR - ok
13:04:25.0501 7140 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:04:25.0505 7140 MMCSS - ok
13:04:25.0518 7140 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
13:04:25.0521 7140 Modem - ok
13:04:25.0548 7140 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
13:04:25.0549 7140 monitor - ok
13:04:25.0593 7140 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
13:04:25.0596 7140 mouclass - ok
13:04:25.0616 7140 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
13:04:25.0621 7140 mouhid - ok
13:04:25.0678 7140 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
13:04:25.0680 7140 mountmgr - ok
13:04:25.0746 7140 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:04:25.0749 7140 MozillaMaintenance - ok
13:04:25.0787 7140 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
13:04:25.0792 7140 mpio - ok
13:04:25.0831 7140 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
13:04:25.0834 7140 mpsdrv - ok
13:04:25.0869 7140 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
13:04:25.0873 7140 MRxDAV - ok
13:04:25.0911 7140 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
13:04:25.0915 7140 mrxsmb - ok
13:04:25.0964 7140 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
13:04:25.0970 7140 mrxsmb10 - ok
13:04:26.0000 7140 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
13:04:26.0004 7140 mrxsmb20 - ok
13:04:26.0039 7140 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
13:04:26.0042 7140 msahci - ok
13:04:26.0068 7140 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
13:04:26.0072 7140 msdsm - ok
13:04:26.0110 7140 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
13:04:26.0115 7140 MSDTC - ok
13:04:26.0147 7140 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
13:04:26.0150 7140 Msfs - ok
13:04:26.0164 7140 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
13:04:26.0166 7140 mshidkmdf - ok
13:04:26.0178 7140 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
13:04:26.0180 7140 msisadrv - ok
13:04:26.0210 7140 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
13:04:26.0215 7140 MSiSCSI - ok
13:04:26.0219 7140 msiserver - ok
13:04:26.0251 7140 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
13:04:26.0253 7140 MSKSSRV - ok
13:04:26.0270 7140 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
13:04:26.0271 7140 MSPCLOCK - ok
13:04:26.0280 7140 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
13:04:26.0284 7140 MSPQM - ok
13:04:26.0333 7140 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
13:04:26.0339 7140 MsRPC - ok
13:04:26.0377 7140 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
13:04:26.0378 7140 mssmbios - ok
13:04:26.0391 7140 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
13:04:26.0394 7140 MSTEE - ok
13:04:26.0414 7140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
13:04:26.0416 7140 MTConfig - ok
13:04:26.0431 7140 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
13:04:26.0434 7140 Mup - ok
13:04:26.0477 7140 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
13:04:26.0486 7140 napagent - ok
13:04:26.0553 7140 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
13:04:26.0564 7140 NativeWifiP - ok
13:04:26.0650 7140 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
13:04:26.0665 7140 NDIS - ok
13:04:26.0690 7140 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
13:04:26.0692 7140 NdisCap - ok
13:04:26.0720 7140 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
13:04:26.0722 7140 NdisTapi - ok
13:04:26.0761 7140 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
13:04:26.0764 7140 Ndisuio - ok
13:04:26.0797 7140 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
13:04:26.0801 7140 NdisWan - ok
13:04:26.0833 7140 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
13:04:26.0836 7140 NDProxy - ok
13:04:26.0868 7140 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
13:04:26.0871 7140 NetBIOS - ok
13:04:26.0913 7140 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
13:04:26.0918 7140 NetBT - ok
13:04:26.0953 7140 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:04:26.0956 7140 Netlogon - ok
13:04:26.0992 7140 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
13:04:27.0000 7140 Netman - ok
13:04:27.0039 7140 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
13:04:27.0048 7140 netprofm - ok
13:04:27.0120 7140 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:04:27.0123 7140 NetTcpPortSharing - ok
13:04:27.0158 7140 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
13:04:27.0161 7140 nfrd960 - ok
13:04:27.0225 7140 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
13:04:27.0233 7140 NlaSvc - ok
13:04:27.0249 7140 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
13:04:27.0252 7140 Npfs - ok
13:04:27.0285 7140 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
13:04:27.0288 7140 nsi - ok
13:04:27.0299 7140 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
13:04:27.0301 7140 nsiproxy - ok
13:04:27.0436 7140 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
13:04:27.0465 7140 Ntfs - ok
13:04:27.0628 7140 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
13:04:27.0630 7140 Null - ok
13:04:27.0672 7140 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
13:04:27.0677 7140 nvraid - ok
13:04:27.0718 7140 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
13:04:27.0722 7140 nvstor - ok
13:04:27.0771 7140 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
13:04:27.0774 7140 nv_agp - ok
13:04:27.0907 7140 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:04:27.0915 7140 odserv - ok
13:04:27.0948 7140 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
13:04:27.0951 7140 ohci1394 - ok
13:04:28.0031 7140 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:04:28.0036 7140 ose - ok
13:04:28.0074 7140 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:04:28.0082 7140 p2pimsvc - ok
13:04:28.0118 7140 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
13:04:28.0128 7140 p2psvc - ok
13:04:28.0159 7140 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
13:04:28.0163 7140 Parport - ok
13:04:28.0189 7140 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
13:04:28.0192 7140 partmgr - ok
13:04:28.0223 7140 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
13:04:28.0229 7140 PcaSvc - ok
13:04:28.0278 7140 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
13:04:28.0283 7140 pci - ok
13:04:28.0297 7140 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
13:04:28.0300 7140 pciide - ok
13:04:28.0331 7140 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
13:04:28.0337 7140 pcmcia - ok
13:04:28.0353 7140 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
13:04:28.0355 7140 pcw - ok
13:04:28.0407 7140 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
13:04:28.0420 7140 PEAUTH - ok
13:04:28.0499 7140 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
13:04:28.0503 7140 PerfHost - ok
13:04:28.0532 7140 pfc - ok
13:04:28.0639 7140 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
13:04:28.0663 7140 pla - ok
13:04:28.0732 7140 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
13:04:28.0741 7140 PlugPlay - ok
13:04:28.0786 7140 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
13:04:28.0790 7140 PNRPAutoReg - ok
13:04:28.0827 7140 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:04:28.0833 7140 PNRPsvc - ok
13:04:28.0897 7140 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
13:04:28.0907 7140 PolicyAgent - ok
13:04:28.0952 7140 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
13:04:28.0959 7140 Power - ok
13:04:29.0036 7140 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
13:04:29.0039 7140 PptpMiniport - ok
13:04:29.0075 7140 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
13:04:29.0079 7140 Processor - ok
13:04:29.0118 7140 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
13:04:29.0124 7140 ProfSvc - ok
13:04:29.0164 7140 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:04:29.0166 7140 ProtectedStorage - ok
13:04:29.0232 7140 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
13:04:29.0236 7140 Psched - ok
13:04:29.0270 7140 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
13:04:29.0278 7140 PxHlpa64 - ok
13:04:29.0390 7140 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
13:04:29.0419 7140 ql2300 - ok
13:04:29.0562 7140 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
13:04:29.0566 7140 ql40xx - ok
13:04:29.0611 7140 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
13:04:29.0621 7140 QWAVE - ok
13:04:29.0662 7140 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
13:04:29.0666 7140 QWAVEdrv - ok
13:04:29.0707 7140 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
13:04:29.0709 7140 RasAcd - ok
13:04:29.0761 7140 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
13:04:29.0764 7140 RasAgileVpn - ok
13:04:29.0803 7140 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
13:04:29.0809 7140 RasAuto - ok
13:04:29.0861 7140 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
13:04:29.0865 7140 Rasl2tp - ok
13:04:29.0926 7140 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
13:04:29.0935 7140 RasMan - ok
13:04:29.0962 7140 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
13:04:29.0966 7140 RasPppoe - ok
13:04:29.0995 7140 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
13:04:29.0998 7140 RasSstp - ok
13:04:30.0041 7140 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
13:04:30.0048 7140 rdbss - ok
13:04:30.0071 7140 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
13:04:30.0073 7140 rdpbus - ok
13:04:30.0096 7140 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
13:04:30.0098 7140 RDPCDD - ok
13:04:30.0118 7140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
13:04:30.0120 7140 RDPENCDD - ok
13:04:30.0141 7140 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
13:04:30.0144 7140 RDPREFMP - ok
13:04:30.0173 7140 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
13:04:30.0193 7140 RDPWD - ok
13:04:30.0253 7140 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
13:04:30.0258 7140 rdyboost - ok
13:04:30.0296 7140 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
13:04:30.0300 7140 RemoteAccess - ok
13:04:30.0338 7140 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
13:04:30.0344 7140 RemoteRegistry - ok
13:04:30.0371 7140 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
13:04:30.0374 7140 rimspci - ok
13:04:30.0397 7140 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
13:04:30.0401 7140 risdpcie - ok
13:04:30.0419 7140 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
13:04:30.0422 7140 rixdpcie - ok
13:04:30.0439 7140 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
13:04:30.0443 7140 RpcEptMapper - ok
13:04:30.0472 7140 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
13:04:30.0476 7140 RpcLocator - ok
13:04:30.0532 7140 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
13:04:30.0541 7140 RpcSs - ok
13:04:30.0583 7140 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
13:04:30.0587 7140 rspndr - ok
13:04:30.0656 7140 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
13:04:30.0667 7140 RTL8167 - ok
13:04:30.0770 7140 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
13:04:30.0805 7140 rtl8192se - ok
13:04:30.0841 7140 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:04:30.0844 7140 SamSs - ok
13:04:30.0882 7140 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
13:04:30.0885 7140 sbp2port - ok
13:04:30.0924 7140 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
13:04:30.0930 7140 SCardSvr - ok
13:04:30.0959 7140 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
13:04:30.0961 7140 scfilter - ok
13:04:31.0049 7140 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
13:04:31.0070 7140 Schedule - ok
13:04:31.0102 7140 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
13:04:31.0103 7140 SCPolicySvc - ok
13:04:31.0169 7140 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
13:04:31.0171 7140 sdbus - ok
13:04:31.0207 7140 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
13:04:31.0212 7140 SDRSVC - ok
13:04:31.0238 7140 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
13:04:31.0240 7140 secdrv - ok
13:04:31.0282 7140 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
13:04:31.0285 7140 seclogon - ok
13:04:31.0306 7140 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
13:04:31.0310 7140 SENS - ok
13:04:31.0324 7140 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
13:04:31.0327 7140 SensrSvc - ok
13:04:31.0365 7140 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
13:04:31.0368 7140 Serenum - ok
13:04:31.0402 7140 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
13:04:31.0406 7140 Serial - ok
13:04:31.0439 7140 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
13:04:31.0455 7140 sermouse - ok
13:04:31.0500 7140 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
13:04:31.0504 7140 SessionEnv - ok
13:04:31.0526 7140 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
13:04:31.0529 7140 sffdisk - ok
13:04:31.0569 7140 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
13:04:31.0584 7140 sffp_mmc - ok
13:04:31.0591 7140 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
13:04:31.0607 7140 sffp_sd - ok
13:04:31.0625 7140 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
13:04:31.0627 7140 sfloppy - ok
13:04:31.0703 7140 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
13:04:31.0712 7140 ShellHWDetection - ok
13:04:31.0754 7140 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
13:04:31.0756 7140 SiSRaid2 - ok
13:04:31.0792 7140 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
13:04:31.0796 7140 SiSRaid4 - ok
13:04:31.0837 7140 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
13:04:31.0840 7140 Smb - ok
13:04:31.0872 7140 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
13:04:31.0876 7140 SNMPTRAP - ok
13:04:31.0896 7140 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
13:04:31.0898 7140 spldr - ok
13:04:31.0950 7140 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
13:04:31.0960 7140 Spooler - ok
13:04:32.0217 7140 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
13:04:32.0280 7140 sppsvc - ok
13:04:32.0401 7140 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
13:04:32.0406 7140 sppuinotify - ok
13:04:32.0483 7140 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
13:04:32.0491 7140 srv - ok
13:04:32.0555 7140 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
13:04:32.0565 7140 srv2 - ok
13:04:32.0619 7140 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
13:04:32.0625 7140 SrvHsfHDA - ok
13:04:32.0735 7140 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
13:04:32.0761 7140 SrvHsfV92 - ok
13:04:32.0933 7140 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
13:04:32.0947 7140 SrvHsfWinac - ok
13:04:32.0983 7140 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
13:04:32.0988 7140 srvnet - ok
13:04:33.0022 7140 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
13:04:33.0028 7140 SSDPSRV - ok
13:04:33.0043 7140 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
13:04:33.0049 7140 SstpSvc - ok
13:04:33.0070 7140 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
13:04:33.0072 7140 stexstor - ok
13:04:33.0145 7140 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
13:04:33.0158 7140 stisvc - ok
13:04:33.0235 7140 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:04:33.0238 7140 stllssvr - ok
13:04:33.0268 7140 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
13:04:33.0270 7140 swenum - ok
13:04:33.0326 7140 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
13:04:33.0339 7140 swprv - ok
13:04:33.0389 7140 SynTP (e28ca52ecf8cb6eb04b34de440ba260e) C:\windows\system32\DRIVERS\SynTP.sys
13:04:33.0395 7140 SynTP - ok
13:04:33.0504 7140 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
13:04:33.0534 7140 SysMain - ok
13:04:33.0686 7140 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
13:04:33.0691 7140 TabletInputService - ok
13:04:33.0737 7140 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
13:04:33.0745 7140 TapiSrv - ok
13:04:33.0777 7140 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
13:04:33.0780 7140 TBS - ok
13:04:33.0979 7140 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
13:04:34.0006 7140 Tcpip - ok
13:04:34.0324 7140 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
13:04:34.0347 7140 TCPIP6 - ok
13:04:34.0489 7140 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
13:04:34.0492 7140 tcpipreg - ok
13:04:34.0531 7140 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
13:04:34.0533 7140 tdcmdpst - ok
13:04:34.0565 7140 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
13:04:34.0567 7140 TDPIPE - ok
13:04:34.0591 7140 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
13:04:34.0594 7140 TDTCP - ok
13:04:34.0634 7140 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
13:04:34.0637 7140 tdx - ok
13:04:34.0667 7140 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
13:04:34.0670 7140 TermDD - ok
13:04:34.0731 7140 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
13:04:34.0745 7140 TermService - ok
13:04:34.0781 7140 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
13:04:34.0785 7140 Themes - ok
13:04:34.0822 7140 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
13:04:34.0824 7140 Thpdrv - ok
13:04:34.0834 7140 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
13:04:34.0837 7140 Thpevm - ok
13:04:34.0891 7140 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
13:04:34.0901 7140 Thpsrv - ok
13:04:34.0934 7140 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:04:34.0937 7140 THREADORDER - ok
13:04:35.0009 7140 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:04:35.0012 7140 TMachInfo - ok
13:04:35.0049 7140 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
13:04:35.0055 7140 TODDSrv - ok
13:04:35.0151 7140 TosCoSrv (f82188fc76cfe174dc35a46e0bfc4da7) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
13:04:35.0159 7140 TosCoSrv - ok
13:04:35.0214 7140 TOSHIBA eco Utility Service (6938cbd31b47092b042420a5fd2e9aae) C:\Program Files\TOSHIBA\TECO\TecoService.exe
13:04:35.0219 7140 TOSHIBA eco Utility Service - ok
13:04:35.0279 7140 TOSHIBA HDD SSD Alert Service (4218356616e08518e6c2cb102ac3798a) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
13:04:35.0283 7140 TOSHIBA HDD SSD Alert Service - ok
13:04:35.0372 7140 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
13:04:35.0405 7140 tos_sps64 - ok
13:04:35.0487 7140 TPCHSrv (270cebd8b5dd9f232cd50d18d19c10a0) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
13:04:35.0502 7140 TPCHSrv - ok
13:04:35.0652 7140 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
13:04:35.0657 7140 TrkWks - ok
13:04:35.0704 7140 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
13:04:35.0707 7140 TrustedInstaller - ok
13:04:35.0774 7140 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
13:04:35.0777 7140 tssecsrv - ok
13:04:35.0821 7140 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
13:04:35.0824 7140 TsUsbFlt - ok
13:04:35.0881 7140 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
13:04:35.0884 7140 tunnel - ok
13:04:35.0932 7140 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
13:04:35.0934 7140 TVALZ - ok
13:04:35.0970 7140 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
13:04:35.0972 7140 TVALZFL - ok
13:04:36.0012 7140 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
13:04:36.0015 7140 uagp35 - ok
13:04:36.0066 7140 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
13:04:36.0075 7140 udfs - ok
13:04:36.0115 7140 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
13:04:36.0120 7140 UI0Detect - ok
13:04:36.0157 7140 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
13:04:36.0164 7140 uliagpkx - ok
13:04:36.0213 7140 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
13:04:36.0216 7140 umbus - ok
13:04:36.0260 7140 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
13:04:36.0262 7140 UmPass - ok
13:04:36.0501 7140 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:04:36.0539 7140 UNS - ok
13:04:36.0671 7140 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
13:04:36.0680 7140 upnphost - ok
13:04:36.0731 7140 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
13:04:36.0735 7140 usbccgp - ok
13:04:36.0771 7140 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
13:04:36.0774 7140 usbcir - ok
13:04:36.0796 7140 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
13:04:36.0800 7140 usbehci - ok
13:04:36.0846 7140 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
13:04:36.0854 7140 usbhub - ok
13:04:36.0886 7140 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
13:04:36.0901 7140 usbohci - ok
13:04:36.0939 7140 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
13:04:36.0941 7140 usbprint - ok
13:04:36.0965 7140 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
13:04:36.0968 7140 usbscan - ok
13:04:37.0002 7140 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
13:04:37.0023 7140 USBSTOR - ok
13:04:37.0046 7140 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
13:04:37.0061 7140 usbuhci - ok
13:04:37.0123 7140 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
13:04:37.0128 7140 usbvideo - ok
13:04:37.0155 7140 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
13:04:37.0160 7140 UxSms - ok
13:04:37.0198 7140 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:04:37.0201 7140 VaultSvc - ok
13:04:37.0220 7140 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
13:04:37.0223 7140 vdrvroot - ok
13:04:37.0283 7140 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
13:04:37.0295 7140 vds - ok
13:04:37.0326 7140 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
13:04:37.0329 7140 vga - ok
13:04:37.0349 7140 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
13:04:37.0351 7140 VgaSave - ok
13:04:37.0398 7140 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
13:04:37.0403 7140 vhdmp - ok
13:04:37.0417 7140 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
13:04:37.0419 7140 viaide - ok
13:04:37.0438 7140 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
13:04:37.0441 7140 volmgr - ok
13:04:37.0497 7140 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
13:04:37.0504 7140 volmgrx - ok
13:04:37.0539 7140 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
13:04:37.0545 7140 volsnap - ok
13:04:37.0618 7140 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
13:04:37.0622 7140 vsmraid - ok
13:04:37.0762 7140 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
13:04:37.0793 7140 VSS - ok
13:04:37.0917 7140 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
13:04:37.0920 7140 vwifibus - ok
13:04:37.0937 7140 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
13:04:37.0940 7140 vwififlt - ok
13:04:37.0968 7140 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
13:04:37.0970 7140 vwifimp - ok
13:04:38.0029 7140 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
13:04:38.0039 7140 W32Time - ok
13:04:38.0075 7140 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
13:04:38.0079 7140 WacomPen - ok
13:04:38.0128 7140 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
13:04:38.0131 7140 WANARP - ok
13:04:38.0140 7140 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
13:04:38.0142 7140 Wanarpv6 - ok
13:04:38.0244 7140 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
13:04:38.0266 7140 WatAdminSvc - ok
13:04:38.0368 7140 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
13:04:38.0396 7140 wbengine - ok
13:04:38.0515 7140 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
13:04:38.0522 7140 WbioSrvc - ok
13:04:38.0570 7140 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
13:04:38.0579 7140 wcncsvc - ok
13:04:38.0597 7140 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
13:04:38.0603 7140 WcsPlugInService - ok
13:04:38.0652 7140 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
13:04:38.0655 7140 Wd - ok
13:04:38.0712 7140 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
13:04:38.0725 7140 Wdf01000 - ok
13:04:38.0760 7140 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:04:38.0765 7140 WdiServiceHost - ok
13:04:38.0771 7140 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:04:38.0775 7140 WdiSystemHost - ok
13:04:38.0824 7140 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
13:04:38.0832 7140 WebClient - ok
13:04:38.0865 7140 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
13:04:38.0872 7140 Wecsvc - ok
13:04:38.0894 7140 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
13:04:38.0899 7140 wercplsupport - ok
13:04:38.0924 7140 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
13:04:38.0928 7140 WerSvc - ok
13:04:38.0985 7140 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
13:04:38.0988 7140 WfpLwf - ok
13:04:39.0006 7140 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
13:04:39.0008 7140 WIMMount - ok
13:04:39.0018 7140 WinHttpAutoProxySvc - ok
13:04:39.0087 7140 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
13:04:39.0097 7140 Winmgmt - ok
13:04:39.0254 7140 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
13:04:39.0291 7140 WinRM - ok
13:04:39.0480 7140 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
13:04:39.0483 7140 WinUsb - ok
13:04:39.0606 7140 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
13:04:39.0622 7140 Wlansvc - ok
13:04:39.0654 7140 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
13:04:39.0656 7140 WmiAcpi - ok
13:04:39.0735 7140 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
13:04:39.0740 7140 wmiApSrv - ok
13:04:39.0807 7140 WMPNetworkSvc - ok
13:04:39.0832 7140 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
13:04:39.0837 7140 WPCSvc - ok
13:04:39.0885 7140 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
13:04:39.0890 7140 WPDBusEnum - ok
13:04:39.0921 7140 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
13:04:39.0924 7140 ws2ifsl - ok
13:04:39.0929 7140 WSearch - ok
13:04:40.0113 7140 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
13:04:40.0156 7140 wuauserv - ok
13:04:40.0282 7140 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
13:04:40.0286 7140 WudfPf - ok
13:04:40.0322 7140 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
13:04:40.0327 7140 WUDFRd - ok
13:04:40.0367 7140 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
13:04:40.0372 7140 wudfsvc - ok
13:04:40.0410 7140 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
13:04:40.0418 7140 WwanSvc - ok
13:04:40.0486 7140 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
13:04:40.0811 7140 \Device\Harddisk0\DR0 - ok
13:04:40.0846 7140 Boot (0x1200) (a929511bccd67685bc1d3913ac6bc708) \Device\Harddisk0\DR0\Partition0
13:04:40.0849 7140 \Device\Harddisk0\DR0\Partition0 - ok
13:04:40.0851 7140 ============================================================
13:04:40.0851 7140 Scan finished
13:04:40.0851 7140 ============================================================
13:04:40.0873 3036 Detected object count: 0
13:04:40.0873 3036 Actual detected object count: 0
13:11:50.0882 2380 Deinitialize success

#4 klathus

klathus
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 09 July 2012 - 01:46 PM

aswMBR finished...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-09 13:34:12
-----------------------------
13:34:12.955 OS Version: Windows x64 6.1.7601 Service Pack 1
13:34:12.955 Number of processors: 4 586 0x2502
13:34:12.955 ComputerName: KODY-PC UserName: Kody
13:34:28.274 Initialize success
13:34:38.430 AVAST engine defs: 12070900
13:34:55.261 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:34:55.885 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
13:34:55.932 Disk 0 MBR read successfully
13:34:55.932 Disk 0 MBR scan
13:34:55.947 Disk 0 Windows VISTA default MBR code
13:34:55.978 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
13:34:56.041 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 464784 MB offset 3074048
13:34:56.119 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10655 MB offset 954951680
13:34:56.197 Disk 0 scanning C:\windows\system32\drivers
13:35:23.200 Service scanning
13:36:14.400 Modules scanning
13:36:14.415 Disk 0 trace - called modules:
13:36:14.447 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
13:36:14.977 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c3f060]
13:36:14.977 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004c3e060]
13:36:17.645 AVAST engine scan C:\windows
13:36:23.073 AVAST engine scan C:\windows\system32
13:38:43.489 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
13:38:47.982 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
13:40:15.966 AVAST engine scan C:\windows\system32\drivers
13:40:29.757 AVAST engine scan C:\Users\Kody
13:41:48.751 AVAST engine scan C:\ProgramData
13:42:54.754 Scan finished successfully
13:45:28.710 Disk 0 MBR has been saved successfully to "C:\Users\Kody\Documents\MBR.dat"
13:45:28.726 The log file has been saved successfully to "C:\Users\Kody\Documents\aswMBR.txt"

#5 klathus

klathus
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 09 July 2012 - 02:54 PM

and finally ESET

C:\Users\Kody\Downloads\movie_player_1280.exe a variant of Win32/InstallIQ application
C:\Windows\Installer\{5e52bfba-36e4-b6eb-58b5-eff0d3ca0cd0}\U\00000008.@ Win64/Agent.BA trojan
C:\Windows\Installer\{5e52bfba-36e4-b6eb-58b5-eff0d3ca0cd0}\U\80000000.@ Win64/Sirefef.AE trojan
C:\Windows\Installer\{5e52bfba-36e4-b6eb-58b5-eff0d3ca0cd0}\U\80000032.@ a variant of Win32/Sirefef.FD trojan
Operating memory multiple threats

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 09 July 2012 - 10:31 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 AM

Posted 10 July 2012 - 08:50 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users