Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse patched_c.lxt for me, too


  • Please log in to reply
8 replies to this topic

#1 BullwinkleJ

BullwinkleJ

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 13 July 2012 - 02:22 PM

It seems my Vista laptop has contracted the trojan patched_c.lxt problem.

AVG finds it but can't do anything about it.

Things I've read online talk about tweaking the registry in ways that don't seem to apply to my system. But people seem to have luck here, so I'm hoping someone can help me.

One odd thing is that I've read this is a 32-bit system trojan and my OS is 64-bit. Not sure if that changes anything, but I thought I'd mention it.

Help! What do I do?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:09 PM

Posted 13 July 2012 - 02:40 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BullwinkleJ

BullwinkleJ
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 14 July 2012 - 11:27 AM

Thank you so much.

Here are the TDSSKiller results:

19:07:15.0926 3856 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
19:07:16.0269 3856 ============================================================
19:07:16.0269 3856 Current date / time: 2012/07/13 19:07:16.0269
19:07:16.0269 3856 SystemInfo:
19:07:16.0269 3856
19:07:16.0269 3856 OS Version: 6.1.7601 ServicePack: 1.0
19:07:16.0269 3856 Product type: Workstation
19:07:16.0269 3856 ComputerName: BULLWINKLE-LAP2
19:07:16.0269 3856 UserName: Bullwinkle
19:07:16.0269 3856 Windows directory: C:\Windows
19:07:16.0269 3856 System windows directory: C:\Windows
19:07:16.0269 3856 Running under WOW64
19:07:16.0269 3856 Processor architecture: Intel x64
19:07:16.0269 3856 Number of processors: 2
19:07:16.0269 3856 Page size: 0x1000
19:07:16.0269 3856 Boot type: Normal boot
19:07:16.0269 3856 ============================================================
19:07:19.0997 3856 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x3632C9, SectorsPerTrack: 0x2C, TracksPerCylinder: 0x4, Type 'K0', Flags 0x00000040
19:07:20.0075 3856 ============================================================
19:07:20.0075 3856 \Device\Harddisk0\DR0:
19:07:20.0122 3856 MBR partitions:
19:07:20.0122 3856 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x157B000, BlocksNum 0x12A17000
19:07:20.0153 3856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13F92800, BlocksNum 0x1149B7F8
19:07:20.0153 3856 ============================================================
19:07:20.0450 3856 C: <-> \Device\Harddisk0\DR0\Partition0
19:07:20.0855 3856 D: <-> \Device\Harddisk0\DR0\Partition1
19:07:20.0855 3856 ============================================================
19:07:20.0855 3856 Initialize success
19:07:20.0855 3856 ============================================================
19:07:47.0517 7040 ============================================================
19:07:47.0517 7040 Scan started
19:07:47.0517 7040 Mode: Manual; TDLFS;
19:07:47.0517 7040 ============================================================
19:07:56.0456 7040 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:07:56.0503 7040 1394ohci - ok
19:07:56.0721 7040 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:07:56.0752 7040 ACPI - ok
19:07:56.0939 7040 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:07:56.0955 7040 AcpiPmi - ok
19:07:57.0314 7040 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:57.0345 7040 AdobeARMservice - ok
19:07:57.0532 7040 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:57.0626 7040 AdobeFlashPlayerUpdateSvc - ok
19:07:57.0719 7040 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:07:57.0782 7040 adp94xx - ok
19:07:57.0813 7040 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:07:57.0860 7040 adpahci - ok
19:07:57.0875 7040 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:07:57.0907 7040 adpu320 - ok
19:07:58.0031 7040 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
19:07:58.0328 7040 ADSMService - ok
19:07:58.0406 7040 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:07:58.0406 7040 AeLookupSvc - ok
19:07:58.0531 7040 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:07:58.0546 7040 AFD - ok
19:07:58.0967 7040 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:07:58.0999 7040 agp440 - ok
19:07:59.0030 7040 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:07:59.0077 7040 ALG - ok
19:07:59.0217 7040 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:07:59.0233 7040 aliide - ok
19:07:59.0342 7040 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
19:07:59.0435 7040 Amazon Download Agent - ok
19:07:59.0560 7040 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:07:59.0576 7040 amdide - ok
19:07:59.0654 7040 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:07:59.0685 7040 AmdK8 - ok
19:07:59.0701 7040 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:07:59.0763 7040 AmdPPM - ok
19:07:59.0794 7040 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:07:59.0888 7040 amdsata - ok
19:07:59.0903 7040 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:07:59.0950 7040 amdsbs - ok
19:07:59.0997 7040 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:08:00.0028 7040 amdxata - ok
19:08:00.0075 7040 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:08:00.0153 7040 AppID - ok
19:08:00.0215 7040 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:08:00.0387 7040 AppIDSvc - ok
19:08:00.0465 7040 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:08:00.0496 7040 Appinfo - ok
19:08:00.0637 7040 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:08:00.0730 7040 Apple Mobile Device - ok
19:08:00.0980 7040 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:08:01.0042 7040 AppMgmt - ok
19:08:01.0214 7040 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:08:01.0245 7040 arc - ok
19:08:01.0261 7040 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:08:01.0307 7040 arcsas - ok
19:08:01.0339 7040 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
19:08:01.0385 7040 AsDsm - ok
19:08:01.0448 7040 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
19:08:01.0557 7040 ASLDRService - ok
19:08:01.0744 7040 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:08:01.0822 7040 aspnet_state - ok
19:08:01.0900 7040 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:01.0916 7040 AsyncMac - ok
19:08:01.0963 7040 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:08:01.0963 7040 atapi - ok
19:08:02.0087 7040 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
19:08:02.0134 7040 atksgt - ok
19:08:02.0275 7040 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:08:02.0321 7040 AudioEndpointBuilder - ok
19:08:02.0337 7040 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:08:02.0337 7040 AudioSrv - ok
19:08:03.0055 7040 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:08:03.0164 7040 AVGIDSAgent - ok
19:08:03.0351 7040 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:08:03.0382 7040 AVGIDSDriver - ok
19:08:03.0398 7040 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:08:03.0413 7040 AVGIDSFilter - ok
19:08:03.0429 7040 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
19:08:03.0460 7040 AVGIDSHA - ok
19:08:03.0507 7040 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:08:03.0554 7040 Avgldx64 - ok
19:08:03.0569 7040 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:08:03.0632 7040 Avgmfx64 - ok
19:08:03.0694 7040 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:08:03.0710 7040 Avgrkx64 - ok
19:08:03.0741 7040 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
19:08:03.0772 7040 Avgtdia - ok
19:08:03.0881 7040 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:08:03.0991 7040 avgwd - ok
19:08:04.0069 7040 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:08:04.0147 7040 AxInstSV - ok
19:08:04.0271 7040 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:08:04.0318 7040 b06bdrv - ok
19:08:04.0412 7040 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:08:04.0583 7040 b57nd60a - ok
19:08:04.0786 7040 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:08:04.0880 7040 BBSvc - ok
19:08:04.0927 7040 bcbtums (f01759fa97126cc69dfa85ceda0717a1) C:\Windows\system32\drivers\bcbtums.sys
19:08:05.0005 7040 bcbtums - ok
19:08:05.0036 7040 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:08:05.0067 7040 BDESVC - ok
19:08:05.0083 7040 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:08:05.0161 7040 Beep - ok
19:08:05.0239 7040 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:08:05.0426 7040 BITS - ok
19:08:05.0504 7040 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:05.0582 7040 blbdrive - ok
19:08:05.0800 7040 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:08:05.0847 7040 Bonjour Service - ok
19:08:05.0909 7040 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:08:05.0956 7040 bowser - ok
19:08:05.0987 7040 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:08:06.0034 7040 BrFiltLo - ok
19:08:06.0050 7040 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:08:06.0081 7040 BrFiltUp - ok
19:08:06.0128 7040 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:08:06.0190 7040 Browser - ok
19:08:06.0362 7040 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:08:06.0440 7040 Brserid - ok
19:08:06.0502 7040 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:06.0533 7040 BrSerWdm - ok
19:08:06.0549 7040 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:06.0627 7040 BrUsbMdm - ok
19:08:06.0643 7040 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:06.0674 7040 BrUsbSer - ok
19:08:06.0721 7040 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
19:08:06.0877 7040 BthEnum - ok
19:08:06.0908 7040 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:08:06.0986 7040 BTHMODEM - ok
19:08:07.0017 7040 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:08:07.0079 7040 BthPan - ok
19:08:07.0126 7040 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:08:07.0220 7040 BTHPORT - ok
19:08:07.0267 7040 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:08:07.0360 7040 bthserv - ok
19:08:07.0391 7040 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:08:07.0454 7040 BTHUSB - ok
19:08:07.0501 7040 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
19:08:07.0594 7040 btusbflt - ok
19:08:07.0688 7040 btwampfl (3aff6dc496b8a8d12c867e3fc7c86fac) C:\Windows\system32\drivers\btwampfl.sys
19:08:07.0750 7040 btwampfl - ok
19:08:07.0797 7040 btwaudio (336bba0909b3636ab7d06a71d7b1c0dc) C:\Windows\system32\drivers\btwaudio.sys
19:08:07.0828 7040 btwaudio - ok
19:08:07.0859 7040 btwavdt (9ff58f76024d25784755b01f926b00be) C:\Windows\system32\drivers\btwavdt.sys
19:08:07.0875 7040 btwavdt - ok
19:08:08.0047 7040 btwdins (26a80d7aca49e03a403806418b5fed46) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:08:08.0140 7040 btwdins - ok
19:08:08.0218 7040 btwl2cap (b1acfd00cdd13b48d86f46bfec153bf9) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:08:08.0218 7040 btwl2cap - ok
19:08:08.0281 7040 btwrchid (edd953d635f3aa89ef902e3f82d60d22) C:\Windows\system32\DRIVERS\btwrchid.sys
19:08:08.0312 7040 btwrchid - ok
19:08:08.0421 7040 BTWUSB (a765f4a60a1b5b2a3cd2544b324dda23) C:\Windows\system32\Drivers\btwusb.sys
19:08:08.0437 7040 BTWUSB - ok
19:08:08.0499 7040 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:08:08.0561 7040 cdfs - ok
19:08:08.0639 7040 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:08:08.0655 7040 cdrom - ok
19:08:08.0717 7040 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:08:08.0764 7040 CertPropSvc - ok
19:08:08.0873 7040 CFUACProxy_officeguardianv2n35 (1581f2a27df18292bdfb948963e12b31) C:\ProgramData\OfficeGuardianV2N35\UACProxy.exe
19:08:09.0014 7040 CFUACProxy_officeguardianv2n35 - ok
19:08:09.0076 7040 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:08:09.0154 7040 circlass - ok
19:08:09.0201 7040 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:08:09.0232 7040 CLFS - ok
19:08:09.0310 7040 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:09.0326 7040 clr_optimization_v2.0.50727_32 - ok
19:08:09.0404 7040 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:08:09.0419 7040 clr_optimization_v2.0.50727_64 - ok
19:08:09.0497 7040 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:08:09.0560 7040 clr_optimization_v4.0.30319_32 - ok
19:08:09.0669 7040 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:08:09.0778 7040 clr_optimization_v4.0.30319_64 - ok
19:08:09.0809 7040 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:08:09.0841 7040 CmBatt - ok
19:08:09.0872 7040 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:08:09.0919 7040 cmdide - ok
19:08:09.0950 7040 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:08:10.0012 7040 CNG - ok
19:08:10.0043 7040 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:08:10.0090 7040 Compbatt - ok
19:08:10.0106 7040 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:08:10.0121 7040 CompositeBus - ok
19:08:10.0153 7040 COMSysApp - ok
19:08:10.0168 7040 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:08:10.0262 7040 crcdisk - ok
19:08:10.0371 7040 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:08:10.0465 7040 CryptSvc - ok
19:08:10.0621 7040 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:08:10.0714 7040 CSC - ok
19:08:11.0713 7040 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:08:11.0744 7040 CscService - ok
19:08:11.0943 7040 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
19:08:11.0963 7040 dc3d - ok
19:08:12.0427 7040 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:08:12.0460 7040 DcomLaunch - ok
19:08:12.0593 7040 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:08:12.0745 7040 defragsvc - ok
19:08:12.0869 7040 Desura Install Service (d3b405f5830a21d7cc86f8d6028fbd25) C:\Program Files (x86)\Common Files\Desura\desura_service.exe
19:08:13.0103 7040 Desura Install Service - ok
19:08:13.0150 7040 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:08:13.0259 7040 DfsC - ok
19:08:13.0353 7040 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:08:13.0415 7040 Dhcp - ok
19:08:13.0525 7040 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:08:13.0525 7040 discache - ok
19:08:13.0556 7040 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:08:13.0634 7040 Disk - ok
19:08:13.0681 7040 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:08:13.0759 7040 Dnscache - ok
19:08:13.0805 7040 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:08:13.0946 7040 dot3svc - ok
19:08:14.0289 7040 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:08:14.0336 7040 DPS - ok
19:08:14.0445 7040 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:08:14.0461 7040 drmkaud - ok
19:08:14.0648 7040 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:08:14.0726 7040 DXGKrnl - ok
19:08:14.0944 7040 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:08:15.0022 7040 EapHost - ok
19:08:16.0099 7040 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:08:16.0208 7040 ebdrv - ok
19:08:16.0348 7040 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:08:16.0364 7040 EFS - ok
19:08:16.0489 7040 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:08:16.0582 7040 ehRecvr - ok
19:08:16.0816 7040 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:08:16.0832 7040 ehSched - ok
19:08:18.0532 7040 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:08:19.0936 7040 elxstor - ok
19:08:20.0248 7040 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:08:20.0295 7040 ErrDev - ok
19:08:20.0404 7040 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:08:20.0435 7040 EventSystem - ok
19:08:20.0545 7040 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:08:20.0685 7040 exfat - ok
19:08:20.0888 7040 ezGOSvc (bc680dc833672e54db07f5f39d259b03) C:\Windows\SysWOW64\ezGOSvc.dll
19:08:20.0903 7040 ezGOSvc - ok
19:08:20.0919 7040 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:08:20.0935 7040 fastfat - ok
19:08:20.0997 7040 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:08:21.0044 7040 Fax - ok
19:08:21.0091 7040 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:08:21.0153 7040 fdc - ok
19:08:21.0184 7040 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:08:21.0309 7040 fdPHost - ok
19:08:21.0325 7040 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:08:21.0340 7040 FDResPub - ok
19:08:21.0356 7040 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:08:21.0371 7040 FileInfo - ok
19:08:21.0387 7040 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:08:21.0387 7040 Filetrace - ok
19:08:21.0574 7040 FlipShare Service (072e7fe333bb59ace1bd7cb9c93fc5d9) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
19:08:22.0042 7040 FlipShare Service - ok
19:08:22.0089 7040 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:08:22.0183 7040 flpydisk - ok
19:08:22.0276 7040 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:08:22.0292 7040 FltMgr - ok
19:08:22.0370 7040 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:08:22.0417 7040 FontCache - ok
19:08:22.0651 7040 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:22.0666 7040 FontCache3.0.0.0 - ok
19:08:22.0885 7040 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:08:22.0900 7040 FsDepends - ok
19:08:22.0978 7040 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
19:08:22.0978 7040 fssfltr - ok
19:08:23.0181 7040 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:08:23.0228 7040 fsssvc - ok
19:08:23.0353 7040 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:08:23.0368 7040 Fs_Rec - ok
19:08:23.0431 7040 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:08:23.0431 7040 fvevol - ok
19:08:23.0462 7040 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:08:23.0462 7040 gagp30kx - ok
19:08:23.0727 7040 GameConsoleService (229730c40a585d85ccb031a1161bfa66) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
19:08:23.0758 7040 GameConsoleService - ok
19:08:23.0821 7040 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:23.0836 7040 GEARAspiWDM - ok
19:08:23.0899 7040 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:08:23.0930 7040 gpsvc - ok
19:08:23.0961 7040 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
19:08:23.0977 7040 grmnusb - ok
19:08:24.0164 7040 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:24.0304 7040 gupdate - ok
19:08:24.0367 7040 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:24.0367 7040 gupdatem - ok
19:08:24.0429 7040 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:08:24.0491 7040 hcw85cir - ok
19:08:24.0647 7040 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:08:24.0725 7040 HdAudAddService - ok
19:08:24.0772 7040 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:08:24.0788 7040 HDAudBus - ok
19:08:24.0819 7040 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:08:24.0819 7040 HidBatt - ok
19:08:24.0897 7040 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:08:24.0913 7040 HidBth - ok
19:08:24.0928 7040 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:08:24.0944 7040 HidIr - ok
19:08:24.0975 7040 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:08:24.0991 7040 hidserv - ok
19:08:25.0037 7040 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:08:25.0053 7040 HidUsb - ok
19:08:25.0084 7040 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:08:25.0100 7040 hkmsvc - ok
19:08:25.0147 7040 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:08:25.0178 7040 HomeGroupListener - ok
19:08:25.0209 7040 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:08:25.0240 7040 HomeGroupProvider - ok
19:08:25.0303 7040 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:08:25.0303 7040 HpSAMD - ok
19:08:25.0739 7040 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:08:25.0771 7040 HTTP - ok
19:08:25.0864 7040 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:08:25.0864 7040 hwpolicy - ok
19:08:25.0927 7040 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:08:25.0927 7040 i8042prt - ok
19:08:26.0020 7040 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:08:26.0036 7040 IAANTMON - ok
19:08:26.0098 7040 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
19:08:26.0098 7040 iaStor - ok
19:08:26.0145 7040 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:08:26.0161 7040 iaStorV - ok
19:08:26.0285 7040 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:08:26.0457 7040 IDriverT - ok
19:08:26.0691 7040 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:26.0722 7040 idsvc - ok
19:08:26.0831 7040 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:08:26.0831 7040 iirsp - ok
19:08:26.0925 7040 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:08:27.0003 7040 IKEEXT - ok
19:08:27.0159 7040 IntcAzAudAddService (e8017f1662d9142f45ceab694d013c00) C:\Windows\system32\drivers\RTKVHD64.sys
19:08:27.0237 7040 IntcAzAudAddService - ok
19:08:27.0377 7040 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:08:27.0455 7040 intelide - ok
19:08:27.0502 7040 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:08:27.0518 7040 intelppm - ok
19:08:27.0596 7040 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:08:27.0799 7040 IPBusEnum - ok
19:08:27.0861 7040 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:27.0923 7040 IpFilterDriver - ok
19:08:28.0033 7040 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:08:28.0048 7040 IPMIDRV - ok
19:08:28.0157 7040 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:08:28.0360 7040 IPNAT - ok
19:08:28.0485 7040 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:08:28.0547 7040 iPod Service - ok
19:08:28.0579 7040 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:08:28.0610 7040 IRENUM - ok
19:08:28.0641 7040 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:08:28.0657 7040 isapnp - ok
19:08:28.0703 7040 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:08:28.0750 7040 iScsiPrt - ok
19:08:28.0797 7040 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
19:08:28.0875 7040 itecir - ok
19:08:28.0937 7040 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
19:08:28.0984 7040 ivusb - ok
19:08:29.0000 7040 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:29.0031 7040 kbdclass - ok
19:08:29.0031 7040 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:08:29.0093 7040 kbdhid - ok
19:08:29.0125 7040 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:08:29.0156 7040 kbfiltr - ok
19:08:29.0203 7040 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:08:29.0203 7040 KeyIso - ok
19:08:29.0218 7040 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:08:29.0249 7040 KSecDD - ok
19:08:29.0296 7040 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:08:29.0343 7040 KSecPkg - ok
19:08:29.0374 7040 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:08:29.0437 7040 ksthunk - ok
19:08:29.0499 7040 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:08:29.0655 7040 KtmRm - ok
19:08:31.0262 7040 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:08:31.0511 7040 LanmanServer - ok
19:08:31.0870 7040 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:08:31.0979 7040 LanmanWorkstation - ok
19:08:32.0120 7040 LightScribeService (c34411a244029f1c08687f7c752c4563) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:08:32.0369 7040 LightScribeService - ok
19:08:32.0416 7040 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
19:08:32.0447 7040 lirsgt - ok
19:08:32.0525 7040 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:08:32.0619 7040 lltdio - ok
19:08:32.0681 7040 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:08:32.0744 7040 lltdsvc - ok
19:08:32.0759 7040 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:08:32.0791 7040 lmhosts - ok
19:08:32.0853 7040 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:08:33.0383 7040 LSI_FC - ok
19:08:33.0602 7040 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:08:33.0664 7040 LSI_SAS - ok
19:08:33.0836 7040 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:08:33.0851 7040 LSI_SAS2 - ok
19:08:34.0070 7040 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:08:34.0117 7040 LSI_SCSI - ok
19:08:34.0226 7040 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:08:34.0335 7040 luafv - ok
19:08:34.0397 7040 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
19:08:34.0397 7040 lullaby - ok
19:08:34.0585 7040 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:08:34.0663 7040 Mcx2Svc - ok
19:08:34.0709 7040 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:08:34.0772 7040 megasas - ok
19:08:34.0881 7040 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:08:34.0959 7040 MegaSR - ok
19:08:35.0131 7040 MemeoBackgroundService (5757f4347b2ed82ee13dd45d0f4829c3) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
19:08:35.0177 7040 MemeoBackgroundService - ok
19:08:35.0209 7040 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:08:35.0224 7040 MMCSS - ok
19:08:35.0240 7040 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:08:35.0255 7040 Modem - ok
19:08:35.0287 7040 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:08:35.0333 7040 monitor - ok
19:08:35.0380 7040 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:08:35.0411 7040 mouclass - ok
19:08:35.0458 7040 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:08:35.0521 7040 mouhid - ok
19:08:35.0552 7040 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:08:35.0567 7040 mountmgr - ok
19:08:35.0645 7040 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:08:35.0708 7040 MpFilter - ok
19:08:35.0739 7040 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:08:35.0786 7040 mpio - ok
19:08:35.0817 7040 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:08:35.0864 7040 mpsdrv - ok
19:08:35.0942 7040 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:08:35.0973 7040 MRxDAV - ok
19:08:36.0004 7040 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:36.0129 7040 mrxsmb - ok
19:08:36.0644 7040 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:36.0753 7040 mrxsmb10 - ok
19:08:36.0800 7040 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:36.0878 7040 mrxsmb20 - ok
19:08:36.0925 7040 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:08:36.0956 7040 msahci - ok
19:08:37.0003 7040 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:08:37.0049 7040 msdsm - ok
19:08:37.0174 7040 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:08:37.0237 7040 MSDTC - ok
19:08:37.0299 7040 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:08:37.0393 7040 Msfs - ok
19:08:37.0408 7040 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:08:37.0486 7040 mshidkmdf - ok
19:08:37.0502 7040 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:08:37.0533 7040 msisadrv - ok
19:08:37.0580 7040 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:08:37.0751 7040 MSiSCSI - ok
19:08:37.0751 7040 msiserver - ok
19:08:37.0783 7040 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:08:37.0876 7040 MSKSSRV - ok
19:08:37.0907 7040 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:37.0985 7040 MSPCLOCK - ok
19:08:38.0001 7040 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:08:38.0063 7040 MSPQM - ok
19:08:38.0110 7040 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:08:38.0204 7040 MsRPC - ok
19:08:38.0282 7040 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:08:38.0313 7040 mssmbios - ok
19:08:38.0344 7040 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:08:38.0391 7040 MSTEE - ok
19:08:38.0438 7040 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:08:38.0453 7040 MTConfig - ok
19:08:38.0547 7040 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
19:08:38.0578 7040 MTsensor - ok
19:08:38.0625 7040 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:08:38.0812 7040 Mup - ok
19:08:38.0890 7040 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:08:39.0077 7040 napagent - ok
19:08:39.0155 7040 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:08:39.0202 7040 NativeWifiP - ok
19:08:39.0436 7040 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
19:08:39.0530 7040 NAUpdate - ok
19:08:39.0592 7040 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:08:39.0608 7040 NDIS - ok
19:08:39.0655 7040 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:39.0701 7040 NdisCap - ok
19:08:39.0733 7040 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:39.0779 7040 NdisTapi - ok
19:08:39.0857 7040 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:39.0873 7040 Ndisuio - ok
19:08:40.0029 7040 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:40.0045 7040 NdisWan - ok
19:08:40.0138 7040 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:08:40.0294 7040 NDProxy - ok
19:08:40.0372 7040 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:08:40.0403 7040 NetBIOS - ok
19:08:40.0466 7040 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:08:40.0497 7040 NetBT - ok
19:08:40.0544 7040 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:08:40.0559 7040 Netlogon - ok
19:08:40.0622 7040 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:08:40.0684 7040 Netman - ok
19:08:40.0809 7040 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0840 7040 NetMsmqActivator - ok
19:08:40.0856 7040 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0856 7040 NetPipeActivator - ok
19:08:40.0887 7040 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:08:40.0949 7040 netprofm - ok
19:08:40.0949 7040 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0949 7040 NetTcpActivator - ok
19:08:40.0965 7040 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0965 7040 NetTcpPortSharing - ok
19:08:41.0386 7040 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
19:08:41.0667 7040 NETw5s64 - ok
19:08:41.0870 7040 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:08:41.0932 7040 nfrd960 - ok
19:08:42.0041 7040 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:08:42.0073 7040 NisDrv - ok
19:08:42.0697 7040 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
19:08:42.0759 7040 NisSrv - ok
19:08:42.0993 7040 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:08:43.0071 7040 NlaSvc - ok
19:08:43.0087 7040 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:08:43.0227 7040 Npfs - ok
19:08:43.0243 7040 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:08:43.0321 7040 nsi - ok
19:08:43.0367 7040 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:08:43.0367 7040 nsiproxy - ok
19:08:43.0461 7040 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:08:43.0726 7040 Ntfs - ok
19:08:43.0867 7040 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:08:43.0976 7040 Null - ok
19:08:44.0023 7040 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
19:08:44.0054 7040 NVHDA - ok
19:08:56.0425 7040 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:08:56.0737 7040 nvlddmkm - ok
19:08:58.0952 7040 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:08:58.0952 7040 nvraid - ok
19:08:59.0264 7040 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:08:59.0279 7040 nvstor - ok
19:09:00.0309 7040 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
19:09:00.0574 7040 nvsvc - ok
19:09:11.0663 7040 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:09:11.0788 7040 nvUpdatusService - ok
19:09:17.0092 7040 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:09:17.0170 7040 nv_agp - ok
19:09:17.0466 7040 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:09:17.0528 7040 ohci1394 - ok
19:09:18.0106 7040 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:09:18.0121 7040 ose - ok
19:09:26.0438 7040 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:09:26.0688 7040 osppsvc - ok
19:09:29.0606 7040 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:09:29.0715 7040 p2pimsvc - ok
19:09:30.0714 7040 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:09:30.0776 7040 p2psvc - ok
19:09:31.0416 7040 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:09:31.0494 7040 Parport - ok
19:09:31.0696 7040 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:09:31.0712 7040 partmgr - ok
19:09:32.0274 7040 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:09:32.0367 7040 PcaSvc - ok
19:09:33.0194 7040 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:09:33.0288 7040 pci - ok
19:09:33.0412 7040 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:09:33.0444 7040 pciide - ok
19:09:34.0318 7040 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:09:34.0459 7040 pcmcia - ok
19:09:34.0755 7040 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:09:34.0786 7040 pcw - ok
19:09:37.0173 7040 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:09:37.0360 7040 PEAUTH - ok
19:09:41.0369 7040 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:09:41.0572 7040 PeerDistSvc - ok
19:09:43.0507 7040 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:09:43.0600 7040 PerfHost - ok
19:09:49.0481 7040 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:09:49.0606 7040 pla - ok
19:09:49.0715 7040 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:09:49.0778 7040 PlugPlay - ok
19:09:49.0856 7040 PnkBstrA - ok
19:09:49.0965 7040 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:09:50.0059 7040 PNRPAutoReg - ok
19:09:50.0152 7040 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:09:50.0152 7040 PNRPsvc - ok
19:09:50.0386 7040 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:09:50.0386 7040 Point64 - ok
19:09:51.0057 7040 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:09:51.0104 7040 PolicyAgent - ok
19:09:52.0024 7040 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:09:52.0040 7040 Power - ok
19:09:52.0913 7040 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:09:52.0929 7040 PptpMiniport - ok
19:09:53.0350 7040 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:09:53.0397 7040 Processor - ok
19:09:53.0834 7040 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:09:53.0990 7040 ProfSvc - ok
19:09:54.0083 7040 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:09:54.0230 7040 ProtectedStorage - ok
19:09:54.0963 7040 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:09:55.0041 7040 Psched - ok
19:10:00.0652 7040 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:10:00.0840 7040 ql2300 - ok
19:10:04.0662 7040 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:10:04.0755 7040 ql40xx - ok
19:10:05.0254 7040 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:10:06.0066 7040 QWAVE - ok
19:10:06.0409 7040 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:10:06.0471 7040 QWAVEdrv - ok
19:10:06.0721 7040 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:10:06.0768 7040 RasAcd - ok
19:10:07.0080 7040 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:10:07.0220 7040 RasAgileVpn - ok
19:10:07.0759 7040 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:10:07.0919 7040 RasAuto - ok
19:10:08.0572 7040 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:10:08.0618 7040 Rasl2tp - ok
19:10:10.0288 7040 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:10:10.0397 7040 RasMan - ok
19:10:10.0990 7040 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:10:11.0177 7040 RasPppoe - ok
19:10:11.0489 7040 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:10:11.0598 7040 RasSstp - ok
19:10:12.0784 7040 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:10:12.0877 7040 rdbss - ok
19:10:13.0049 7040 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:10:13.0189 7040 rdpbus - ok
19:10:13.0220 7040 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:10:13.0252 7040 RDPCDD - ok
19:10:13.0985 7040 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:10:13.0985 7040 RDPDR - ok
19:10:14.0125 7040 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:10:14.0125 7040 RDPENCDD - ok
19:10:14.0234 7040 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:10:14.0375 7040 RDPREFMP - ok
19:10:14.0531 7040 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:10:14.0609 7040 RDPWD - ok
19:10:15.0248 7040 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:10:15.0264 7040 rdyboost - ok
19:10:15.0436 7040 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:10:15.0514 7040 RemoteAccess - ok
19:10:15.0748 7040 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:10:15.0826 7040 RemoteRegistry - ok
19:10:15.0935 7040 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:10:16.0060 7040 RFCOMM - ok
19:10:16.0153 7040 rimmptsk (4ccf35f5086cdbf5e6c51a1cfbd0b269) C:\Windows\system32\DRIVERS\rimmpx64.sys
19:10:16.0216 7040 rimmptsk - ok
19:10:16.0434 7040 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
19:10:16.0465 7040 rimsptsk - ok
19:10:16.0574 7040 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:10:16.0590 7040 RimUsb - ok
19:10:16.0699 7040 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:10:16.0855 7040 RimVSerPort - ok
19:10:16.0933 7040 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
19:10:17.0042 7040 rismxdp - ok
19:10:17.0370 7040 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
19:10:17.0542 7040 RivaTuner64 - ok
19:10:17.0682 7040 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:10:17.0682 7040 ROOTMODEM - ok
19:10:17.0854 7040 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:10:17.0869 7040 RpcEptMapper - ok
19:10:17.0963 7040 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:10:17.0978 7040 RpcLocator - ok
19:10:18.0961 7040 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:10:18.0992 7040 RpcSs - ok
19:10:19.0507 7040 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:10:19.0570 7040 rspndr - ok
19:10:21.0208 7040 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:10:21.0317 7040 RTL8167 - ok
19:10:21.0598 7040 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
19:10:21.0785 7040 RTL8169 - ok
19:10:21.0941 7040 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:10:22.0019 7040 s3cap - ok
19:10:23.0516 7040 SacNetAgentService_C57C4F854F53 (005febc09635beae5d4ebd2cc2b5a499) C:\ProgramData\OfficeGuardianV2N35\Reminder\SacNetAgent.exe
19:10:24.0203 7040 SacNetAgentService_C57C4F854F53 - ok
19:10:24.0359 7040 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:10:24.0374 7040 SamSs - ok
19:10:24.0671 7040 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:10:24.0733 7040 sbp2port - ok
19:10:28.0774 7040 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:10:28.0930 7040 SBSDWSCService - ok
19:10:30.0942 7040 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:10:31.0020 7040 SCardSvr - ok
19:10:31.0550 7040 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:10:31.0613 7040 scfilter - ok
19:10:32.0830 7040 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:10:32.0908 7040 Schedule - ok
19:10:33.0017 7040 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:10:33.0032 7040 SCPolicySvc - ok
19:10:35.0716 7040 ScrybeUpdater (b60e9769655ddee8368e3abb6668e076) C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
19:10:35.0778 7040 ScrybeUpdater - ok
19:10:37.0198 7040 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:10:37.0198 7040 sdbus - ok
19:10:37.0556 7040 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:10:37.0619 7040 SDRSVC - ok
19:10:37.0978 7040 SeagateDashboardService (4ac81391f3cb5ccf5daac23f9e18295b) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:10:38.0009 7040 SeagateDashboardService - ok
19:10:38.0383 7040 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:10:38.0430 7040 SeaPort - ok
19:10:38.0539 7040 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:10:38.0555 7040 secdrv - ok
19:10:38.0664 7040 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:10:38.0758 7040 seclogon - ok
19:10:38.0836 7040 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:10:38.0851 7040 SENS - ok
19:10:39.0038 7040 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:10:39.0085 7040 SensrSvc - ok
19:10:39.0179 7040 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:10:39.0179 7040 Serenum - ok
19:10:39.0319 7040 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:10:39.0397 7040 Serial - ok
19:10:39.0491 7040 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:10:39.0491 7040 sermouse - ok
19:10:39.0787 7040 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:10:39.0803 7040 SessionEnv - ok
19:10:39.0865 7040 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:10:39.0928 7040 sffdisk - ok
19:10:39.0959 7040 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:10:40.0006 7040 sffp_mmc - ok
19:10:40.0052 7040 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:10:40.0052 7040 sffp_sd - ok
19:10:40.0130 7040 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:10:40.0130 7040 sfloppy - ok
19:10:40.0489 7040 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:10:40.0536 7040 ShellHWDetection - ok
19:10:40.0661 7040 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:10:40.0676 7040 SiSRaid2 - ok
19:10:40.0723 7040 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:10:40.0723 7040 SiSRaid4 - ok
19:10:41.0519 7040 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:10:41.0581 7040 Skype C2C Service - ok
19:10:42.0096 7040 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:10:42.0127 7040 SkypeUpdate - ok
19:10:43.0048 7040 SmartDefragDriver - ok
19:10:43.0219 7040 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:10:43.0250 7040 Smb - ok
19:10:43.0360 7040 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:10:43.0406 7040 SNMPTRAP - ok
19:10:44.0077 7040 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
19:10:44.0249 7040 SNP2UVC - ok
19:10:44.0857 7040 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:10:44.0873 7040 spldr - ok
19:10:45.0216 7040 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:10:45.0278 7040 Spooler - ok
19:10:47.0651 7040 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:10:47.0775 7040 sppsvc - ok
19:10:48.0025 7040 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:10:48.0087 7040 sppuinotify - ok
19:10:48.0945 7040 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:10:49.0179 7040 srv - ok
19:10:49.0445 7040 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:10:49.0538 7040 srv2 - ok
19:10:49.0632 7040 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:10:49.0647 7040 srvnet - ok
19:10:50.0022 7040 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:10:50.0100 7040 SSDPSRV - ok
19:10:50.0739 7040 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:10:50.0771 7040 SstpSvc - ok
19:10:50.0849 7040 Steam Client Service - ok
19:10:51.0301 7040 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:10:51.0348 7040 Stereo Service - ok
19:10:51.0441 7040 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:10:51.0441 7040 stexstor - ok
19:10:51.0488 7040 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:10:51.0504 7040 StillCam - ok
19:10:51.0629 7040 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:10:51.0722 7040 stisvc - ok
19:10:51.0925 7040 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:10:51.0941 7040 storflt - ok
19:10:52.0050 7040 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
19:10:52.0065 7040 StorSvc - ok
19:10:52.0487 7040 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:10:52.0518 7040 storvsc - ok
19:10:52.0689 7040 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:10:52.0689 7040 swenum - ok
19:10:53.0532 7040 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:10:53.0594 7040 swprv - ok
19:10:55.0513 7040 SynTP (1bfdd504f8c2e76b74e86ccf11283368) C:\Windows\system32\DRIVERS\SynTP.sys
19:10:55.0560 7040 SynTP - ok
19:10:58.0040 7040 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:10:58.0149 7040 SysMain - ok
19:10:58.0976 7040 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:10:59.0039 7040 TabletInputService - ok
19:10:59.0444 7040 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:10:59.0538 7040 TapiSrv - ok
19:10:59.0803 7040 tbhsd (380aa9606d56e3c7d05fbf3655ec64ea) C:\Windows\system32\drivers\tbhsd.sys
19:10:59.0865 7040 tbhsd - ok
19:10:59.0943 7040 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:10:59.0959 7040 TBS - ok
19:11:00.0895 7040 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:11:00.0942 7040 Tcpip - ok
19:11:01.0987 7040 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:11:02.0003 7040 TCPIP6 - ok
19:11:02.0783 7040 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:11:02.0814 7040 tcpipreg - ok
19:11:02.0892 7040 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:11:02.0892 7040 TDPIPE - ok
19:11:02.0970 7040 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:11:02.0985 7040 TDTCP - ok
19:11:03.0157 7040 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:11:03.0173 7040 tdx - ok
19:11:03.0266 7040 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:11:03.0297 7040 TermDD - ok
19:11:03.0765 7040 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:11:03.0859 7040 TermService - ok
19:11:03.0921 7040 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:11:03.0953 7040 Themes - ok
19:11:04.0046 7040 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:11:04.0046 7040 THREADORDER - ok
19:11:04.0077 7040 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:11:04.0140 7040 TrkWks - ok
19:11:04.0327 7040 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:11:04.0374 7040 TrustedInstaller - ok
19:11:04.0467 7040 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:11:04.0499 7040 tssecsrv - ok
19:11:04.0686 7040 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:11:04.0701 7040 TsUsbFlt - ok
19:11:04.0904 7040 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:11:04.0935 7040 tunnel - ok
19:11:05.0029 7040 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:11:05.0076 7040 uagp35 - ok
19:11:05.0279 7040 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:11:05.0294 7040 udfs - ok
19:11:05.0372 7040 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:11:05.0450 7040 UI0Detect - ok
19:11:05.0544 7040 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:11:05.0544 7040 uliagpkx - ok
19:11:05.0606 7040 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:11:05.0622 7040 umbus - ok
19:11:05.0637 7040 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:11:05.0653 7040 UmPass - ok
19:11:05.0715 7040 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:11:05.0731 7040 UmRdpService - ok
19:11:05.0762 7040 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:11:05.0809 7040 upnphost - ok
19:11:05.0887 7040 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:11:05.0996 7040 USBAAPL64 - ok
19:11:06.0074 7040 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:11:06.0090 7040 usbaudio - ok
19:11:06.0121 7040 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:11:06.0137 7040 usbccgp - ok
19:11:06.0355 7040 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:11:06.0402 7040 usbcir - ok
19:11:06.0589 7040 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:11:06.0651 7040 usbehci - ok
19:11:07.0104 7040 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:11:07.0151 7040 usbhub - ok
19:11:07.0213 7040 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
19:11:07.0229 7040 usbohci - ok
19:11:07.0307 7040 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:11:07.0322 7040 usbprint - ok
19:11:07.0463 7040 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:11:07.0463 7040 usbscan - ok
19:11:07.0650 7040 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:11:07.0681 7040 USBSTOR - ok
19:11:07.0728 7040 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:11:07.0743 7040 usbuhci - ok
19:11:07.0806 7040 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:11:07.0837 7040 UxSms - ok
19:11:07.0868 7040 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:11:07.0884 7040 VaultSvc - ok
19:11:07.0931 7040 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:11:07.0946 7040 vdrvroot - ok
19:11:08.0009 7040 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:11:08.0087 7040 vds - ok
19:11:08.0102 7040 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:11:08.0102 7040 vga - ok
19:11:08.0118 7040 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:11:08.0133 7040 VgaSave - ok
19:11:08.0227 7040 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:11:08.0258 7040 vhdmp - ok
19:11:08.0289 7040 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:11:08.0305 7040 viaide - ok
19:11:08.0523 7040 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:11:08.0539 7040 vmbus - ok
19:11:08.0555 7040 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:11:08.0570 7040 VMBusHID - ok
19:11:08.0633 7040 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys
19:11:08.0648 7040 vmm - ok
19:11:08.0757 7040 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:11:08.0757 7040 volmgr - ok
19:11:09.0054 7040 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:11:09.0085 7040 volmgrx - ok
19:11:09.0132 7040 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:11:09.0147 7040 volsnap - ok
19:11:09.0194 7040 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:11:09.0194 7040 vsmraid - ok
19:11:09.0288 7040 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:11:09.0335 7040 VSS - ok
19:11:09.0725 7040 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:11:09.0740 7040 vwifibus - ok
19:11:09.0803 7040 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:11:09.0818 7040 vwififlt - ok
19:11:09.0881 7040 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:11:09.0896 7040 vwifimp - ok
19:11:09.0974 7040 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:11:10.0005 7040 W32Time - ok
19:11:10.0021 7040 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:11:10.0021 7040 WacomPen - ok
19:11:10.0068 7040 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:11:10.0083 7040 WANARP - ok
19:11:10.0083 7040 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:11:10.0083 7040 Wanarpv6 - ok
19:11:10.0256 7040 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:11:10.0287 7040 WatAdminSvc - ok
19:11:10.0428 7040 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:11:10.0490 7040 wbengine - ok
19:11:10.0849 7040 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:11:10.0896 7040 WbioSrvc - ok
19:11:10.0989 7040 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:11:11.0098 7040 wcncsvc - ok
19:11:11.0114 7040 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:11:11.0145 7040 WcsPlugInService - ok
19:11:11.0255 7040 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:11:11.0271 7040 Wd - ok
19:11:11.0318 7040 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
19:11:11.0349 7040 WDC_SAM - ok
19:11:11.0396 7040 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:11:11.0427 7040 Wdf01000 - ok
19:11:11.0443 7040 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:11:11.0489 7040 WdiServiceHost - ok
19:11:11.0489 7040 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:11:11.0521 7040 WdiSystemHost - ok
19:11:11.0599 7040 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:11:11.0630 7040 WebClient - ok
19:11:11.0739 7040 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:11:11.0770 7040 Wecsvc - ok
19:11:11.0786 7040 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:11:11.0801 7040 wercplsupport - ok
19:11:11.0833 7040 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:11:11.0848 7040 WerSvc - ok
19:11:11.0911 7040 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:11:11.0957 7040 WfpLwf - ok
19:11:11.0973 7040 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:11:11.0989 7040 WIMMount - ok
19:11:12.0004 7040 WinHttpAutoProxySvc - ok
19:11:12.0380 7040 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:11:12.0520 7040 Winmgmt - ok
19:11:12.0863 7040 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:11:12.0957 7040 WinRM - ok
19:11:13.0768 7040 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:11:13.0768 7040 winusb - ok
19:11:13.0893 7040 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:11:13.0924 7040 Wlansvc - ok
19:11:14.0252 7040 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:11:14.0252 7040 wlcrasvc - ok
19:11:14.0938 7040 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:11:15.0047 7040 wlidsvc - ok
19:11:15.0359 7040 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:11:15.0359 7040 WmiAcpi - ok
19:11:15.0515 7040 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:11:15.0531 7040 wmiApSrv - ok
19:11:15.0702 7040 WMPNetworkSvc - ok
19:11:15.0843 7040 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) c:\Program Files\Zune\WMZuneComm.exe
19:11:16.0810 7040 WMZuneComm - ok
19:11:16.0872 7040 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:11:16.0982 7040 WPCSvc - ok
19:11:17.0028 7040 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:11:17.0060 7040 WPDBusEnum - ok
19:11:17.0153 7040 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:11:17.0153 7040 ws2ifsl - ok
19:11:17.0153 7040 WSearch - ok
19:11:17.0356 7040 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:11:17.0434 7040 wuauserv - ok
19:11:17.0699 7040 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:11:17.0699 7040 WudfPf - ok
19:11:17.0793 7040 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:11:17.0808 7040 WUDFRd - ok
19:11:17.0871 7040 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:11:17.0902 7040 wudfsvc - ok
19:11:18.0152 7040 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:11:18.0198 7040 WwanSvc - ok
19:11:18.0323 7040 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
19:11:18.0323 7040 xusb21 - ok
19:11:18.0791 7040 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) c:\Program Files\Zune\ZuneNss.exe
19:11:18.0979 7040 ZuneNetworkSvc - ok
19:11:19.0057 7040 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:11:19.0088 7040 ZuneWlanCfgSvc - ok
19:11:19.0322 7040 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:11:19.0743 7040 \Device\Harddisk0\DR0 - ok
19:11:19.0743 7040 Boot (0x1200) (e8c76bf502aec450cec41c5d720199fc) \Device\Harddisk0\DR0\Partition0
19:11:19.0743 7040 \Device\Harddisk0\DR0\Partition0 - ok
19:11:19.0774 7040 Boot (0x1200) (3e47cf65285fdcb1f867d6f9f324cee6) \Device\Harddisk0\DR0\Partition1
19:11:19.0774 7040 \Device\Harddisk0\DR0\Partition1 - ok
19:11:19.0774 7040 ============================================================
19:11:19.0774 7040 Scan finished
19:11:19.0774 7040 ============================================================
19:11:19.0805 0712 Detected object count: 0
19:11:19.0805 0712 Actual detected object count: 0



AVAST results will follow. I ran it, but had to restart. However, I wanted to mention that it found additional infected files. There was a message about potentially crashing the computer, which I didn't want to happen, so I opted not to do anything about them. When I run it again, should I leave them alone? Should I run it a third time after getting the log and have it remove those files?

#4 BullwinkleJ

BullwinkleJ
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 14 July 2012 - 12:57 PM

Also, how can I tell when AVAST is done? It seems to have stopped while scanning a Windows Live\Installer\Cata... folder. The Scan button is still greyed out.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:09 PM

Posted 14 July 2012 - 01:18 PM

Run aswmbr in safemode.If that fails continue with ESET scan

#6 BullwinkleJ

BullwinkleJ
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 14 July 2012 - 01:36 PM

Here's AVAST. It seems to have finished, but let me know if it's incomplete, somehow, and I'll run it again in safe mode.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-14 12:30:08
-----------------------------
12:30:08.442 OS Version: Windows x64 6.1.7601 Service Pack 1
12:30:08.442 Number of processors: 2 586 0x1706
12:30:08.443 ComputerName: BULLWINKLE-LAP2 UserName: Bullwinkle
12:30:11.904 Initialize success
12:30:19.006 AVAST engine defs: 12071301
12:30:38.495 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:30:38.497 Disk 0 Vendor: ST932042 SD13 Size: 305245MB BusType: 3
12:30:38.514 Disk 0 MBR read successfully
12:30:38.517 Disk 0 MBR scan
12:30:38.524 Disk 0 Windows 7 default MBR code
12:30:38.530 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10997 MB offset 63
12:30:38.550 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152622 MB offset 22523904
12:30:38.556 Disk 0 Partition - 00 0F Extended LBA 141624 MB offset 335093760
12:30:38.589 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 141622 MB offset 335095808
12:30:38.629 Disk 0 scanning C:\Windows\system32\drivers
12:31:11.069 Service scanning
12:31:46.075 Service TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe **HIDDEN**
12:31:53.214 Modules scanning
12:31:53.598 Disk 0 trace - called modules:
12:31:53.676 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
12:31:53.684 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c5a660]
12:31:53.712 3 CLASSPNP.SYS[fffff88001ba243f] -> nt!IofCallDriver -> [0xfffffa80046fca30]
12:31:53.716 5 ACPI.sys[fffff88000fa67a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004711050]
12:31:56.954 AVAST engine scan C:\Windows
12:32:11.077 AVAST engine scan C:\Windows\system32
12:35:41.438 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:35:47.211 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:40:12.958 AVAST engine scan C:\Windows\system32\drivers
12:40:47.887 AVAST engine scan C:\Users\Bullwinkle
14:33:16.639 Disk 0 MBR has been saved successfully to "C:\Users\Bullwinkle\Desktop\MBR.dat"
14:33:16.746 The log file has been saved successfully to "C:\Users\Bullwinkle\Desktop\aswMBR.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:09 PM

Posted 14 July 2012 - 01:41 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#8 BullwinkleJ

BullwinkleJ
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 15 July 2012 - 01:32 AM

Ugh, okay. Thanks for trying.

I'll post the last one here for posterity anyway.

ESET:

C:\ProgramData\Spybot - Search & Destroy\Recovery\WildTangent60.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WildTangent60.zip Win32/Bagle.gen.zip worm
C:\Users\Bullwinkle\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120602191931655.rsc probably a variant of Java/Exploit.CVE-2012-0507.CD trojan
C:\Windows\Installer\{19a2a5f3-c061-7e4d-3c11-aec43a182be1}\U\00000008.@ Win64/Agent.BA trojan
C:\Windows\Installer\{19a2a5f3-c061-7e4d-3c11-aec43a182be1}\U\80000000.@ Win64/Sirefef.AE trojan
C:\Windows\Installer\{19a2a5f3-c061-7e4d-3c11-aec43a182be1}\U\80000032.@ a variant of Win32/Sirefef.FD trojan
Operating memory multiple threats

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:09 PM

Posted 15 July 2012 - 08:28 AM

:thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users