Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect


  • This topic is locked This topic is locked
8 replies to this topic

#1 armyman1031

armyman1031

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 18 July 2012 - 08:39 AM

I am using Windows 7 Home Premium SP1 and Mozilla Firefox 13.0.1. Every time I use Google search and click a search result it redirects me to some other site or search engine and even when i just do a search if i leave it on the results page a new tab opens with some other search engine.

BC AdBot (Login to Remove)

 


#2 armyman1031

armyman1031
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 18 July 2012 - 08:40 AM

I am using Windows 7 Home Premium SP1 and AVG Anti-Virus Free 2012.0.2197 and real time protection detected "Trojan horse Patched_c.LXT" "c:\Windows\System32\services.exe", "Trojan horse BackDoor.Generic15.AXLA" "c:\Windows\assembly\GAC_32\Desktop.ini", "Trojan horse Generic28.ANIC" "c:\Windows\assembly\GAC_64\Desktop.ini"

Merged this one with the one above
Roger

Edited by rotor123, 18 July 2012 - 03:14 PM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:15 AM

Posted 18 July 2012 - 03:02 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 armyman1031

armyman1031
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 18 July 2012 - 03:19 PM

16:17:51.0368 1448 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
16:17:51.0757 1448 ============================================================
16:17:51.0757 1448 Current date / time: 2012/07/18 16:17:51.0757
16:17:51.0757 1448 SystemInfo:
16:17:51.0757 1448
16:17:51.0757 1448 OS Version: 6.1.7601 ServicePack: 1.0
16:17:51.0757 1448 Product type: Workstation
16:17:51.0757 1448 ComputerName: TIBURON
16:17:51.0757 1448 UserName: Isaiah
16:17:51.0757 1448 Windows directory: C:\windows
16:17:51.0758 1448 System windows directory: C:\windows
16:17:51.0758 1448 Running under WOW64
16:17:51.0758 1448 Processor architecture: Intel x64
16:17:51.0758 1448 Number of processors: 4
16:17:51.0758 1448 Page size: 0x1000
16:17:51.0758 1448 Boot type: Normal boot
16:17:51.0758 1448 ============================================================
16:17:52.0260 1448 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:17:52.0270 1448 ============================================================
16:17:52.0270 1448 \Device\Harddisk0\DR0:
16:17:52.0270 1448 MBR partitions:
16:17:52.0270 1448 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48733000
16:17:52.0271 1448 ============================================================
16:17:52.0299 1448 C: <-> \Device\Harddisk0\DR0\Partition0
16:17:52.0300 1448 ============================================================
16:17:52.0300 1448 Initialize success
16:17:52.0300 1448 ============================================================
16:18:22.0286 5936 ============================================================
16:18:22.0286 5936 Scan started
16:18:22.0286 5936 Mode: Manual; TDLFS;
16:18:22.0286 5936 ============================================================
16:18:23.0656 5936 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:18:23.0660 5936 !SASCORE - ok
16:18:23.0908 5936 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
16:18:23.0912 5936 1394ohci - ok
16:18:23.0997 5936 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
16:18:24.0003 5936 ACPI - ok
16:18:24.0031 5936 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
16:18:24.0032 5936 AcpiPmi - ok
16:18:24.0109 5936 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:18:24.0111 5936 AdobeARMservice - ok
16:18:24.0319 5936 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:18:24.0324 5936 AdobeFlashPlayerUpdateSvc - ok
16:18:24.0411 5936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
16:18:24.0420 5936 adp94xx - ok
16:18:24.0490 5936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
16:18:24.0496 5936 adpahci - ok
16:18:24.0524 5936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
16:18:24.0528 5936 adpu320 - ok
16:18:24.0563 5936 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
16:18:24.0565 5936 AeLookupSvc - ok
16:18:24.0688 5936 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
16:18:24.0696 5936 AFD - ok
16:18:24.0736 5936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
16:18:24.0738 5936 agp440 - ok
16:18:24.0808 5936 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
16:18:24.0810 5936 ALG - ok
16:18:24.0852 5936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
16:18:24.0854 5936 aliide - ok
16:18:24.0862 5936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
16:18:24.0864 5936 amdide - ok
16:18:24.0912 5936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
16:18:24.0914 5936 AmdK8 - ok
16:18:24.0922 5936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
16:18:24.0924 5936 AmdPPM - ok
16:18:24.0956 5936 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
16:18:24.0957 5936 amdsata - ok
16:18:24.0983 5936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
16:18:24.0986 5936 amdsbs - ok
16:18:25.0004 5936 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
16:18:25.0005 5936 amdxata - ok
16:18:25.0080 5936 AnyDVD (30682a098e12e2c85fa65518e1618195) C:\windows\system32\Drivers\AnyDVD.sys
16:18:25.0083 5936 AnyDVD - ok
16:18:25.0122 5936 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
16:18:25.0123 5936 AppID - ok
16:18:25.0152 5936 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
16:18:25.0153 5936 AppIDSvc - ok
16:18:25.0172 5936 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
16:18:25.0173 5936 Appinfo - ok
16:18:25.0228 5936 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
16:18:25.0231 5936 arc - ok
16:18:25.0249 5936 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
16:18:25.0252 5936 arcsas - ok
16:18:25.0359 5936 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:18:25.0361 5936 aspnet_state - ok
16:18:25.0406 5936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
16:18:25.0407 5936 AsyncMac - ok
16:18:25.0443 5936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
16:18:25.0445 5936 atapi - ok
16:18:25.0514 5936 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:18:25.0528 5936 AudioEndpointBuilder - ok
16:18:25.0546 5936 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:18:25.0558 5936 AudioSrv - ok
16:18:25.0873 5936 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
16:18:25.0982 5936 AVGIDSAgent - ok
16:18:26.0112 5936 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
16:18:26.0115 5936 AVGIDSDriver - ok
16:18:26.0148 5936 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
16:18:26.0149 5936 AVGIDSFilter - ok
16:18:26.0172 5936 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
16:18:26.0173 5936 AVGIDSHA - ok
16:18:26.0215 5936 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
16:18:26.0220 5936 Avgldx64 - ok
16:18:26.0234 5936 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
16:18:26.0236 5936 Avgmfx64 - ok
16:18:26.0269 5936 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
16:18:26.0270 5936 Avgrkx64 - ok
16:18:26.0304 5936 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
16:18:26.0309 5936 Avgtdia - ok
16:18:26.0385 5936 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:18:26.0389 5936 avgwd - ok
16:18:26.0437 5936 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
16:18:26.0440 5936 AxInstSV - ok
16:18:26.0502 5936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
16:18:26.0510 5936 b06bdrv - ok
16:18:26.0530 5936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
16:18:26.0534 5936 b57nd60a - ok
16:18:26.0575 5936 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
16:18:26.0576 5936 BDESVC - ok
16:18:26.0603 5936 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
16:18:26.0603 5936 Beep - ok
16:18:26.0664 5936 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
16:18:26.0674 5936 BFE - ok
16:18:26.0732 5936 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
16:18:26.0745 5936 BITS - ok
16:18:26.0800 5936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
16:18:26.0802 5936 blbdrive - ok
16:18:26.0849 5936 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
16:18:26.0851 5936 bowser - ok
16:18:26.0871 5936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
16:18:26.0874 5936 BrFiltLo - ok
16:18:26.0901 5936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
16:18:26.0902 5936 BrFiltUp - ok
16:18:26.0924 5936 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
16:18:26.0927 5936 BridgeMP - ok
16:18:26.0954 5936 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
16:18:26.0957 5936 Browser - ok
16:18:26.0981 5936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
16:18:26.0985 5936 Brserid - ok
16:18:27.0006 5936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
16:18:27.0008 5936 BrSerWdm - ok
16:18:27.0048 5936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
16:18:27.0049 5936 BrUsbMdm - ok
16:18:27.0053 5936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
16:18:27.0054 5936 BrUsbSer - ok
16:18:27.0076 5936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
16:18:27.0078 5936 BTHMODEM - ok
16:18:27.0121 5936 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
16:18:27.0123 5936 bthserv - ok
16:18:27.0153 5936 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
16:18:27.0155 5936 cdfs - ok
16:18:27.0194 5936 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
16:18:27.0197 5936 cdrom - ok
16:18:27.0232 5936 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:18:27.0234 5936 CertPropSvc - ok
16:18:27.0272 5936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
16:18:27.0275 5936 circlass - ok
16:18:27.0306 5936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
16:18:27.0315 5936 CLFS - ok
16:18:27.0380 5936 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:18:27.0383 5936 clr_optimization_v2.0.50727_32 - ok
16:18:27.0422 5936 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:18:27.0425 5936 clr_optimization_v2.0.50727_64 - ok
16:18:27.0499 5936 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:18:27.0502 5936 clr_optimization_v4.0.30319_32 - ok
16:18:27.0528 5936 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:18:27.0531 5936 clr_optimization_v4.0.30319_64 - ok
16:18:27.0556 5936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
16:18:27.0558 5936 CmBatt - ok
16:18:27.0580 5936 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
16:18:27.0582 5936 cmdide - ok
16:18:27.0625 5936 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
16:18:27.0629 5936 CNG - ok
16:18:27.0657 5936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
16:18:27.0658 5936 Compbatt - ok
16:18:27.0672 5936 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
16:18:27.0673 5936 CompositeBus - ok
16:18:27.0680 5936 COMSysApp - ok
16:18:27.0702 5936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
16:18:27.0703 5936 crcdisk - ok
16:18:27.0751 5936 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
16:18:27.0754 5936 CryptSvc - ok
16:18:27.0819 5936 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:18:27.0826 5936 DcomLaunch - ok
16:18:27.0873 5936 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
16:18:27.0878 5936 defragsvc - ok
16:18:27.0906 5936 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
16:18:27.0909 5936 DfsC - ok
16:18:27.0954 5936 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
16:18:27.0960 5936 Dhcp - ok
16:18:27.0974 5936 DIRECTIO - ok
16:18:27.0993 5936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
16:18:27.0995 5936 discache - ok
16:18:28.0044 5936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
16:18:28.0046 5936 Disk - ok
16:18:28.0085 5936 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
16:18:28.0088 5936 Dnscache - ok
16:18:28.0102 5936 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
16:18:28.0107 5936 dot3svc - ok
16:18:28.0117 5936 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
16:18:28.0119 5936 DPS - ok
16:18:28.0139 5936 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
16:18:28.0140 5936 drmkaud - ok
16:18:28.0188 5936 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
16:18:28.0199 5936 DXGKrnl - ok
16:18:28.0214 5936 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
16:18:28.0215 5936 EapHost - ok
16:18:28.0355 5936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
16:18:28.0386 5936 ebdrv - ok
16:18:28.0476 5936 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
16:18:28.0479 5936 EFS - ok
16:18:28.0558 5936 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
16:18:28.0567 5936 ehRecvr - ok
16:18:28.0590 5936 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
16:18:28.0591 5936 ehSched - ok
16:18:28.0686 5936 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\windows\system32\Drivers\ElbyCDIO.sys
16:18:28.0687 5936 ElbyCDIO - ok
16:18:28.0775 5936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
16:18:28.0787 5936 elxstor - ok
16:18:28.0807 5936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
16:18:28.0809 5936 ErrDev - ok
16:18:28.0851 5936 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
16:18:28.0854 5936 EventSystem - ok
16:18:28.0880 5936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
16:18:28.0884 5936 exfat - ok
16:18:28.0909 5936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
16:18:28.0913 5936 fastfat - ok
16:18:28.0959 5936 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
16:18:28.0968 5936 Fax - ok
16:18:29.0000 5936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
16:18:29.0002 5936 fdc - ok
16:18:29.0043 5936 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
16:18:29.0045 5936 fdPHost - ok
16:18:29.0067 5936 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
16:18:29.0070 5936 FDResPub - ok
16:18:29.0102 5936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
16:18:29.0103 5936 FileInfo - ok
16:18:29.0119 5936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
16:18:29.0121 5936 Filetrace - ok
16:18:29.0146 5936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
16:18:29.0148 5936 flpydisk - ok
16:18:29.0175 5936 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
16:18:29.0180 5936 FltMgr - ok
16:18:29.0255 5936 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
16:18:29.0271 5936 FontCache - ok
16:18:29.0332 5936 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:18:29.0334 5936 FontCache3.0.0.0 - ok
16:18:29.0394 5936 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
16:18:29.0397 5936 FsDepends - ok
16:18:29.0426 5936 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
16:18:29.0428 5936 Fs_Rec - ok
16:18:29.0467 5936 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
16:18:29.0472 5936 fvevol - ok
16:18:29.0507 5936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
16:18:29.0510 5936 gagp30kx - ok
16:18:29.0593 5936 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:18:29.0598 5936 GamesAppService - ok
16:18:29.0656 5936 GFNEXSrv (fa07ec01952729ddddc5bf4bae06b09e) C:\Windows\System32\GFNEXSrv.exe
16:18:29.0661 5936 GFNEXSrv - ok
16:18:29.0721 5936 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
16:18:29.0733 5936 gpsvc - ok
16:18:29.0814 5936 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:29.0817 5936 gupdate - ok
16:18:29.0837 5936 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:29.0839 5936 gupdatem - ok
16:18:29.0864 5936 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:18:29.0868 5936 gusvc - ok
16:18:29.0943 5936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
16:18:29.0946 5936 hcw85cir - ok
16:18:29.0980 5936 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
16:18:29.0989 5936 HdAudAddService - ok
16:18:30.0023 5936 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
16:18:30.0027 5936 HDAudBus - ok
16:18:30.0045 5936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
16:18:30.0047 5936 HidBatt - ok
16:18:30.0079 5936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
16:18:30.0081 5936 HidBth - ok
16:18:30.0098 5936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
16:18:30.0101 5936 HidIr - ok
16:18:30.0134 5936 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
16:18:30.0137 5936 hidserv - ok
16:18:30.0173 5936 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
16:18:30.0175 5936 HidUsb - ok
16:18:30.0210 5936 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
16:18:30.0213 5936 hkmsvc - ok
16:18:30.0242 5936 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
16:18:30.0246 5936 HomeGroupListener - ok
16:18:30.0289 5936 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
16:18:30.0294 5936 HomeGroupProvider - ok
16:18:30.0330 5936 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
16:18:30.0333 5936 HpSAMD - ok
16:18:30.0443 5936 HPSLPSVC (5ecec779312ad35b1b19951a4b53fac1) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:18:30.0453 5936 HPSLPSVC - ok
16:18:30.0510 5936 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
16:18:30.0519 5936 HTTP - ok
16:18:30.0543 5936 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
16:18:30.0544 5936 hwpolicy - ok
16:18:30.0580 5936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
16:18:30.0582 5936 i8042prt - ok
16:18:30.0631 5936 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys
16:18:30.0635 5936 iaStor - ok
16:18:30.0684 5936 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
16:18:30.0690 5936 iaStorV - ok
16:18:30.0778 5936 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:18:30.0796 5936 idsvc - ok
16:18:31.0332 5936 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
16:18:31.0602 5936 igfx - ok
16:18:31.0718 5936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
16:18:31.0722 5936 iirsp - ok
16:18:31.0850 5936 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
16:18:31.0868 5936 IKEEXT - ok
16:18:32.0039 5936 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\windows\system32\drivers\RTKVHD64.sys
16:18:32.0056 5936 IntcAzAudAddService - ok
16:18:32.0167 5936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
16:18:32.0170 5936 intelide - ok
16:18:32.0197 5936 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
16:18:32.0200 5936 intelppm - ok
16:18:32.0244 5936 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
16:18:32.0247 5936 IPBusEnum - ok
16:18:32.0279 5936 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:18:32.0281 5936 IpFilterDriver - ok
16:18:32.0327 5936 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
16:18:32.0335 5936 iphlpsvc - ok
16:18:32.0354 5936 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
16:18:32.0356 5936 IPMIDRV - ok
16:18:32.0387 5936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
16:18:32.0390 5936 IPNAT - ok
16:18:32.0428 5936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
16:18:32.0429 5936 IRENUM - ok
16:18:32.0444 5936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
16:18:32.0445 5936 isapnp - ok
16:18:32.0465 5936 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
16:18:32.0470 5936 iScsiPrt - ok
16:18:32.0485 5936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
16:18:32.0487 5936 kbdclass - ok
16:18:32.0514 5936 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
16:18:32.0515 5936 kbdhid - ok
16:18:32.0542 5936 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:18:32.0544 5936 KeyIso - ok
16:18:32.0581 5936 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
16:18:32.0583 5936 KSecDD - ok
16:18:32.0593 5936 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
16:18:32.0595 5936 KSecPkg - ok
16:18:32.0632 5936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
16:18:32.0633 5936 ksthunk - ok
16:18:32.0689 5936 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
16:18:32.0695 5936 KtmRm - ok
16:18:32.0744 5936 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
16:18:32.0751 5936 LanmanServer - ok
16:18:32.0785 5936 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
16:18:32.0789 5936 LanmanWorkstation - ok
16:18:32.0825 5936 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
16:18:32.0827 5936 lltdio - ok
16:18:32.0862 5936 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
16:18:32.0869 5936 lltdsvc - ok
16:18:32.0889 5936 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
16:18:32.0890 5936 lmhosts - ok
16:18:32.0973 5936 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:18:32.0977 5936 LMS - ok
16:18:33.0002 5936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
16:18:33.0005 5936 LSI_FC - ok
16:18:33.0032 5936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
16:18:33.0035 5936 LSI_SAS - ok
16:18:33.0051 5936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
16:18:33.0054 5936 LSI_SAS2 - ok
16:18:33.0072 5936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
16:18:33.0074 5936 LSI_SCSI - ok
16:18:33.0088 5936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
16:18:33.0089 5936 luafv - ok
16:18:33.0134 5936 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\windows\system32\DRIVERS\mcdbus.sys
16:18:33.0141 5936 mcdbus - ok
16:18:33.0174 5936 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
16:18:33.0177 5936 Mcx2Svc - ok
16:18:33.0212 5936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
16:18:33.0214 5936 megasas - ok
16:18:33.0256 5936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
16:18:33.0260 5936 MegaSR - ok
16:18:33.0289 5936 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
16:18:33.0290 5936 MEIx64 - ok
16:18:33.0313 5936 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:18:33.0316 5936 MMCSS - ok
16:18:33.0345 5936 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
16:18:33.0347 5936 Modem - ok
16:18:33.0373 5936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
16:18:33.0374 5936 monitor - ok
16:18:33.0391 5936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
16:18:33.0393 5936 mouclass - ok
16:18:33.0424 5936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
16:18:33.0426 5936 mouhid - ok
16:18:33.0451 5936 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
16:18:33.0453 5936 mountmgr - ok
16:18:33.0524 5936 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:18:33.0527 5936 MozillaMaintenance - ok
16:18:33.0549 5936 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
16:18:33.0552 5936 mpio - ok
16:18:33.0574 5936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
16:18:33.0575 5936 mpsdrv - ok
16:18:33.0593 5936 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
16:18:33.0595 5936 MRxDAV - ok
16:18:33.0612 5936 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
16:18:33.0614 5936 mrxsmb - ok
16:18:33.0634 5936 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:18:33.0638 5936 mrxsmb10 - ok
16:18:33.0659 5936 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:18:33.0661 5936 mrxsmb20 - ok
16:18:33.0671 5936 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys
16:18:33.0672 5936 msahci - ok
16:18:33.0696 5936 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
16:18:33.0699 5936 msdsm - ok
16:18:33.0807 5936 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
16:18:33.0812 5936 MSDTC - ok
16:18:33.0838 5936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
16:18:33.0839 5936 Msfs - ok
16:18:33.0862 5936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
16:18:33.0863 5936 mshidkmdf - ok
16:18:33.0884 5936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
16:18:33.0885 5936 msisadrv - ok
16:18:33.0923 5936 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
16:18:33.0925 5936 MSiSCSI - ok
16:18:33.0930 5936 msiserver - ok
16:18:33.0975 5936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
16:18:33.0977 5936 MSKSSRV - ok
16:18:33.0994 5936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
16:18:33.0995 5936 MSPCLOCK - ok
16:18:34.0010 5936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
16:18:34.0012 5936 MSPQM - ok
16:18:34.0037 5936 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
16:18:34.0040 5936 MsRPC - ok
16:18:34.0060 5936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
16:18:34.0060 5936 mssmbios - ok
16:18:34.0076 5936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
16:18:34.0077 5936 MSTEE - ok
16:18:34.0109 5936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
16:18:34.0110 5936 MTConfig - ok
16:18:34.0129 5936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
16:18:34.0131 5936 Mup - ok
16:18:34.0167 5936 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
16:18:34.0173 5936 napagent - ok
16:18:34.0230 5936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
16:18:34.0235 5936 NativeWifiP - ok
16:18:34.0294 5936 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
16:18:34.0306 5936 NDIS - ok
16:18:34.0339 5936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
16:18:34.0340 5936 NdisCap - ok
16:18:34.0374 5936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
16:18:34.0375 5936 NdisTapi - ok
16:18:34.0412 5936 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
16:18:34.0415 5936 Ndisuio - ok
16:18:34.0437 5936 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
16:18:34.0441 5936 NdisWan - ok
16:18:34.0458 5936 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
16:18:34.0460 5936 NDProxy - ok
16:18:34.0489 5936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
16:18:34.0490 5936 NetBIOS - ok
16:18:34.0502 5936 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
16:18:34.0506 5936 NetBT - ok
16:18:34.0531 5936 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:18:34.0533 5936 Netlogon - ok
16:18:34.0571 5936 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
16:18:34.0578 5936 Netman - ok
16:18:34.0689 5936 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:18:34.0694 5936 NetMsmqActivator - ok
16:18:34.0719 5936 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:18:34.0723 5936 NetPipeActivator - ok
16:18:34.0771 5936 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
16:18:34.0777 5936 netprofm - ok
16:18:34.0789 5936 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:18:34.0791 5936 NetTcpActivator - ok
16:18:34.0795 5936 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:18:34.0797 5936 NetTcpPortSharing - ok
16:18:34.0879 5936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
16:18:34.0882 5936 nfrd960 - ok
16:18:34.0932 5936 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
16:18:34.0937 5936 NlaSvc - ok
16:18:34.0954 5936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
16:18:34.0954 5936 Npfs - ok
16:18:34.0965 5936 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
16:18:34.0966 5936 nsi - ok
16:18:34.0989 5936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
16:18:34.0989 5936 nsiproxy - ok
16:18:35.0059 5936 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
16:18:35.0074 5936 Ntfs - ok
16:18:35.0173 5936 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
16:18:35.0175 5936 Null - ok
16:18:35.0213 5936 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
16:18:35.0218 5936 nvraid - ok
16:18:35.0231 5936 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
16:18:35.0235 5936 nvstor - ok
16:18:35.0272 5936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
16:18:35.0275 5936 nv_agp - ok
16:18:35.0311 5936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
16:18:35.0313 5936 ohci1394 - ok
16:18:35.0357 5936 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:18:35.0363 5936 p2pimsvc - ok
16:18:35.0393 5936 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
16:18:35.0400 5936 p2psvc - ok
16:18:35.0423 5936 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
16:18:35.0426 5936 Parport - ok
16:18:35.0446 5936 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
16:18:35.0447 5936 partmgr - ok
16:18:35.0484 5936 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
16:18:35.0487 5936 PcaSvc - ok
16:18:35.0554 5936 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
16:18:35.0556 5936 PCCUJobMgr - ok
16:18:35.0591 5936 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
16:18:35.0593 5936 pci - ok
16:18:35.0608 5936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
16:18:35.0609 5936 pciide - ok
16:18:35.0633 5936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
16:18:35.0637 5936 pcmcia - ok
16:18:35.0683 5936 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\windows\system32\Drivers\pcouffin.sys
16:18:35.0684 5936 pcouffin - ok
16:18:35.0706 5936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
16:18:35.0708 5936 pcw - ok
16:18:35.0748 5936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
16:18:35.0758 5936 PEAUTH - ok
16:18:35.0830 5936 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
16:18:35.0832 5936 PerfHost - ok
16:18:35.0879 5936 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys
16:18:35.0881 5936 PGEffect - ok
16:18:35.0955 5936 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
16:18:35.0969 5936 pla - ok
16:18:36.0019 5936 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
16:18:36.0031 5936 PlugPlay - ok
16:18:36.0046 5936 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
16:18:36.0051 5936 PNRPAutoReg - ok
16:18:36.0091 5936 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:18:36.0095 5936 PNRPsvc - ok
16:18:36.0136 5936 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
16:18:36.0144 5936 PolicyAgent - ok
16:18:36.0183 5936 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
16:18:36.0190 5936 Power - ok
16:18:36.0261 5936 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
16:18:36.0265 5936 PptpMiniport - ok
16:18:36.0296 5936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
16:18:36.0300 5936 Processor - ok
16:18:36.0336 5936 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
16:18:36.0342 5936 ProfSvc - ok
16:18:36.0364 5936 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:18:36.0366 5936 ProtectedStorage - ok
16:18:36.0396 5936 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
16:18:36.0398 5936 Psched - ok
16:18:36.0476 5936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
16:18:36.0491 5936 ql2300 - ok
16:18:36.0603 5936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
16:18:36.0605 5936 ql40xx - ok
16:18:36.0639 5936 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
16:18:36.0643 5936 QWAVE - ok
16:18:36.0664 5936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
16:18:36.0666 5936 QWAVEdrv - ok
16:18:36.0696 5936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
16:18:36.0698 5936 RasAcd - ok
16:18:36.0734 5936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
16:18:36.0735 5936 RasAgileVpn - ok
16:18:36.0756 5936 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
16:18:36.0758 5936 RasAuto - ok
16:18:36.0781 5936 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
16:18:36.0784 5936 Rasl2tp - ok
16:18:36.0830 5936 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
16:18:36.0835 5936 RasMan - ok
16:18:36.0864 5936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
16:18:36.0867 5936 RasPppoe - ok
16:18:36.0900 5936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
16:18:36.0902 5936 RasSstp - ok
16:18:36.0925 5936 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
16:18:36.0929 5936 rdbss - ok
16:18:36.0952 5936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
16:18:36.0953 5936 rdpbus - ok
16:18:36.0972 5936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
16:18:36.0972 5936 RDPCDD - ok
16:18:36.0995 5936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
16:18:36.0996 5936 RDPENCDD - ok
16:18:37.0012 5936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
16:18:37.0013 5936 RDPREFMP - ok
16:18:37.0051 5936 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
16:18:37.0054 5936 RDPWD - ok
16:18:37.0104 5936 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
16:18:37.0108 5936 rdyboost - ok
16:18:37.0150 5936 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
16:18:37.0153 5936 RemoteAccess - ok
16:18:37.0189 5936 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
16:18:37.0193 5936 RemoteRegistry - ok
16:18:37.0207 5936 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
16:18:37.0210 5936 RpcEptMapper - ok
16:18:37.0239 5936 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
16:18:37.0241 5936 RpcLocator - ok
16:18:37.0271 5936 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:18:37.0277 5936 RpcSs - ok
16:18:37.0326 5936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
16:18:37.0329 5936 rspndr - ok
16:18:37.0375 5936 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
16:18:37.0378 5936 RSUSBSTOR - ok
16:18:37.0427 5936 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
16:18:37.0435 5936 RTL8167 - ok
16:18:37.0517 5936 RTL8192Ce (e7d79600575f755614dd5d79b044d588) C:\windows\system32\DRIVERS\rtl8192Ce.sys
16:18:37.0534 5936 RTL8192Ce - ok
16:18:37.0553 5936 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:18:37.0555 5936 SamSs - ok
16:18:37.0643 5936 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:18:37.0644 5936 SASDIFSV - ok
16:18:37.0659 5936 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:18:37.0660 5936 SASKUTIL - ok
16:18:37.0689 5936 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
16:18:37.0692 5936 sbp2port - ok
16:18:37.0805 5936 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:18:37.0825 5936 SBSDWSCService - ok
16:18:37.0878 5936 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
16:18:37.0885 5936 SCardSvr - ok
16:18:37.0928 5936 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
16:18:37.0931 5936 scfilter - ok
16:18:37.0982 5936 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
16:18:37.0999 5936 Schedule - ok
16:18:38.0021 5936 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:18:38.0022 5936 SCPolicySvc - ok
16:18:38.0051 5936 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
16:18:38.0054 5936 SDRSVC - ok
16:18:38.0107 5936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
16:18:38.0109 5936 secdrv - ok
16:18:38.0133 5936 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
16:18:38.0136 5936 seclogon - ok
16:18:38.0181 5936 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
16:18:38.0185 5936 SENS - ok
16:18:38.0200 5936 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
16:18:38.0204 5936 SensrSvc - ok
16:18:38.0250 5936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
16:18:38.0253 5936 Serenum - ok
16:18:38.0291 5936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
16:18:38.0295 5936 Serial - ok
16:18:38.0312 5936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
16:18:38.0315 5936 sermouse - ok
16:18:38.0354 5936 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
16:18:38.0356 5936 SessionEnv - ok
16:18:38.0360 5936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
16:18:38.0363 5936 sffdisk - ok
16:18:38.0425 5936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
16:18:38.0426 5936 sffp_mmc - ok
16:18:38.0429 5936 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
16:18:38.0430 5936 sffp_sd - ok
16:18:38.0433 5936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
16:18:38.0434 5936 sfloppy - ok
16:18:38.0458 5936 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
16:18:38.0463 5936 ShellHWDetection - ok
16:18:38.0481 5936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
16:18:38.0482 5936 SiSRaid2 - ok
16:18:38.0492 5936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
16:18:38.0494 5936 SiSRaid4 - ok
16:18:38.0557 5936 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:18:38.0562 5936 SkypeUpdate - ok
16:18:38.0602 5936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
16:18:38.0606 5936 Smb - ok
16:18:38.0656 5936 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
16:18:38.0659 5936 SNMPTRAP - ok
16:18:38.0682 5936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
16:18:38.0683 5936 spldr - ok
16:18:38.0721 5936 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
16:18:38.0731 5936 Spooler - ok
16:18:38.0864 5936 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
16:18:38.0890 5936 sppsvc - ok
16:18:38.0982 5936 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
16:18:38.0985 5936 sppuinotify - ok
16:18:39.0032 5936 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
16:18:39.0038 5936 srv - ok
16:18:39.0057 5936 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
16:18:39.0060 5936 srv2 - ok
16:18:39.0083 5936 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
16:18:39.0085 5936 srvnet - ok
16:18:39.0131 5936 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
16:18:39.0134 5936 SSDPSRV - ok
16:18:39.0145 5936 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
16:18:39.0147 5936 SstpSvc - ok
16:18:39.0179 5936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
16:18:39.0181 5936 stexstor - ok
16:18:39.0219 5936 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
16:18:39.0221 5936 StillCam - ok
16:18:39.0273 5936 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
16:18:39.0285 5936 stisvc - ok
16:18:39.0305 5936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
16:18:39.0306 5936 swenum - ok
16:18:39.0344 5936 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
16:18:39.0350 5936 swprv - ok
16:18:39.0429 5936 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys
16:18:39.0440 5936 SynTP - ok
16:18:39.0603 5936 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
16:18:39.0616 5936 SysMain - ok
16:18:39.0714 5936 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
16:18:39.0719 5936 TabletInputService - ok
16:18:39.0754 5936 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
16:18:39.0761 5936 TapiSrv - ok
16:18:39.0768 5936 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
16:18:39.0771 5936 TBS - ok
16:18:39.0903 5936 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
16:18:39.0931 5936 Tcpip - ok
16:18:40.0157 5936 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
16:18:40.0175 5936 TCPIP6 - ok
16:18:40.0279 5936 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
16:18:40.0281 5936 tcpipreg - ok
16:18:40.0321 5936 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
16:18:40.0323 5936 tdcmdpst - ok
16:18:40.0334 5936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
16:18:40.0335 5936 TDPIPE - ok
16:18:40.0370 5936 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
16:18:40.0371 5936 TDTCP - ok
16:18:40.0398 5936 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
16:18:40.0401 5936 tdx - ok
16:18:40.0421 5936 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
16:18:40.0423 5936 TermDD - ok
16:18:40.0473 5936 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
16:18:40.0485 5936 TermService - ok
16:18:40.0498 5936 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
16:18:40.0500 5936 Themes - ok
16:18:40.0524 5936 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:18:40.0525 5936 THREADORDER - ok
16:18:40.0605 5936 TMachInfo (71c321649b28638ee80a2eeb164c1dc8) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:18:40.0607 5936 TMachInfo - ok
16:18:40.0642 5936 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\windows\system32\TODDSrv.exe
16:18:40.0647 5936 TODDSrv - ok
16:18:40.0741 5936 TosCoSrv (1c73689b900428c7d054a41c4687f55c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:18:40.0749 5936 TosCoSrv - ok
16:18:40.0786 5936 TOSHIBA HDD SSD Alert Service (29d0886cf250fcef1bf9e65ab8d2c0c8) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:18:40.0788 5936 TOSHIBA HDD SSD Alert Service - ok
16:18:40.0869 5936 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
16:18:40.0877 5936 tos_sps64 - ok
16:18:40.0912 5936 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
16:18:40.0915 5936 TrkWks - ok
16:18:40.0971 5936 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
16:18:40.0973 5936 TrustedInstaller - ok
16:18:40.0998 5936 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
16:18:41.0000 5936 tssecsrv - ok
16:18:41.0051 5936 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
16:18:41.0053 5936 TsUsbFlt - ok
16:18:41.0065 5936 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
16:18:41.0066 5936 TsUsbGD - ok
16:18:41.0095 5936 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
16:18:41.0097 5936 tunnel - ok
16:18:41.0137 5936 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:18:41.0139 5936 TVALZ - ok
16:18:41.0166 5936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
16:18:41.0167 5936 uagp35 - ok
16:18:41.0203 5936 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
16:18:41.0206 5936 udfs - ok
16:18:41.0242 5936 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
16:18:41.0245 5936 UI0Detect - ok
16:18:41.0277 5936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
16:18:41.0280 5936 uliagpkx - ok
16:18:41.0312 5936 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
16:18:41.0313 5936 umbus - ok
16:18:41.0332 5936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
16:18:41.0333 5936 UmPass - ok
16:18:41.0509 5936 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:18:41.0526 5936 UNS - ok
16:18:41.0648 5936 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
16:18:41.0657 5936 upnphost - ok
16:18:41.0701 5936 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
16:18:41.0704 5936 usbccgp - ok
16:18:41.0753 5936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
16:18:41.0755 5936 usbcir - ok
16:18:41.0776 5936 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
16:18:41.0778 5936 usbehci - ok
16:18:41.0813 5936 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
16:18:41.0819 5936 usbhub - ok
16:18:41.0845 5936 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
16:18:41.0847 5936 usbohci - ok
16:18:41.0878 5936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
16:18:41.0880 5936 usbprint - ok
16:18:41.0913 5936 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
16:18:41.0915 5936 usbscan - ok
16:18:41.0953 5936 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
16:18:41.0956 5936 USBSTOR - ok
16:18:41.0973 5936 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
16:18:41.0975 5936 usbuhci - ok
16:18:42.0038 5936 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
16:18:42.0041 5936 usbvideo - ok
16:18:42.0065 5936 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
16:18:42.0067 5936 UxSms - ok
16:18:42.0087 5936 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:18:42.0088 5936 VaultSvc - ok
16:18:42.0120 5936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
16:18:42.0121 5936 vdrvroot - ok
16:18:42.0195 5936 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
16:18:42.0206 5936 vds - ok
16:18:42.0260 5936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
16:18:42.0263 5936 vga - ok
16:18:42.0294 5936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
16:18:42.0296 5936 VgaSave - ok
16:18:42.0359 5936 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
16:18:42.0364 5936 vhdmp - ok
16:18:42.0377 5936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
16:18:42.0379 5936 viaide - ok
16:18:42.0402 5936 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
16:18:42.0403 5936 volmgr - ok
16:18:42.0489 5936 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
16:18:42.0497 5936 volmgrx - ok
16:18:42.0538 5936 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys
16:18:42.0543 5936 volsnap - ok
16:18:42.0605 5936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
16:18:42.0610 5936 vsmraid - ok
16:18:42.0699 5936 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
16:18:42.0717 5936 VSS - ok
16:18:42.0819 5936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
16:18:42.0823 5936 vwifibus - ok
16:18:42.0839 5936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
16:18:42.0843 5936 vwififlt - ok
16:18:42.0889 5936 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
16:18:42.0898 5936 W32Time - ok
16:18:42.0921 5936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
16:18:42.0924 5936 WacomPen - ok
16:18:42.0959 5936 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:18:42.0963 5936 WANARP - ok
16:18:42.0967 5936 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:18:42.0969 5936 Wanarpv6 - ok
16:18:43.0060 5936 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
16:18:43.0074 5936 WatAdminSvc - ok
16:18:43.0144 5936 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
16:18:43.0165 5936 wbengine - ok
16:18:43.0271 5936 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
16:18:43.0279 5936 WbioSrvc - ok
16:18:43.0309 5936 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
16:18:43.0315 5936 wcncsvc - ok
16:18:43.0336 5936 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
16:18:43.0338 5936 WcsPlugInService - ok
16:18:43.0376 5936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
16:18:43.0377 5936 Wd - ok
16:18:43.0413 5936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
16:18:43.0422 5936 Wdf01000 - ok
16:18:43.0459 5936 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:18:43.0462 5936 WdiServiceHost - ok
16:18:43.0468 5936 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:18:43.0470 5936 WdiSystemHost - ok
16:18:43.0489 5936 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
16:18:43.0493 5936 WebClient - ok
16:18:43.0503 5936 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
16:18:43.0507 5936 Wecsvc - ok
16:18:43.0512 5936 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
16:18:43.0513 5936 wercplsupport - ok
16:18:43.0533 5936 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
16:18:43.0534 5936 WerSvc - ok
16:18:43.0602 5936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
16:18:43.0605 5936 WfpLwf - ok
16:18:43.0631 5936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
16:18:43.0634 5936 WIMMount - ok
16:18:43.0681 5936 WinDefend - ok
16:18:43.0702 5936 WinHttpAutoProxySvc - ok
16:18:43.0766 5936 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
16:18:43.0772 5936 Winmgmt - ok
16:18:43.0925 5936 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
16:18:43.0953 5936 WinRM - ok
16:18:44.0110 5936 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
16:18:44.0130 5936 Wlansvc - ok
16:18:44.0209 5936 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:18:44.0212 5936 wlcrasvc - ok
16:18:44.0363 5936 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:18:44.0380 5936 wlidsvc - ok
16:18:44.0498 5936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
16:18:44.0500 5936 WmiAcpi - ok
16:18:44.0553 5936 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
16:18:44.0558 5936 wmiApSrv - ok
16:18:44.0606 5936 WMPNetworkSvc - ok
16:18:44.0627 5936 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
16:18:44.0632 5936 WPCSvc - ok
16:18:44.0656 5936 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
16:18:44.0660 5936 WPDBusEnum - ok
16:18:44.0691 5936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
16:18:44.0692 5936 ws2ifsl - ok
16:18:44.0757 5936 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
16:18:44.0763 5936 wscsvc - ok
16:18:44.0801 5936 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\windows\system32\DRIVERS\WSDPrint.sys
16:18:44.0803 5936 WSDPrintDevice - ok
16:18:44.0809 5936 WSearch - ok
16:18:44.0943 5936 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
16:18:44.0979 5936 wuauserv - ok
16:18:45.0085 5936 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
16:18:45.0088 5936 WudfPf - ok
16:18:45.0114 5936 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
16:18:45.0118 5936 WUDFRd - ok
16:18:45.0145 5936 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
16:18:45.0148 5936 wudfsvc - ok
16:18:45.0173 5936 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
16:18:45.0179 5936 WwanSvc - ok
16:18:45.0206 5936 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
16:18:46.0325 5936 \Device\Harddisk0\DR0 - ok
16:18:46.0365 5936 Boot (0x1200) (2423424004f267d537af242b28a7f4ed) \Device\Harddisk0\DR0\Partition0
16:18:46.0368 5936 \Device\Harddisk0\DR0\Partition0 - ok
16:18:46.0369 5936 ============================================================
16:18:46.0369 5936 Scan finished
16:18:46.0369 5936 ============================================================
16:18:46.0387 3804 Detected object count: 0
16:18:46.0387 3804 Actual detected object count: 0

#5 armyman1031

armyman1031
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 18 July 2012 - 05:47 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 18:12:02
-----------------------------
18:12:02.278 OS Version: Windows x64 6.1.7601 Service Pack 1
18:12:02.278 Number of processors: 4 586 0x2A07
18:12:02.278 ComputerName: TIBURON UserName:
18:12:03.635 Initialize success
18:12:52.916 AVAST engine defs: 12071800
18:12:59.374 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:12:59.374 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 3
18:12:59.390 Disk 0 MBR read successfully
18:12:59.390 Disk 0 MBR scan
18:12:59.390 Disk 0 Windows VISTA default MBR code
18:12:59.405 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:12:59.436 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593510 MB offset 3074048
18:12:59.468 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15469 MB offset 1218582528
18:12:59.499 Disk 0 scanning C:\windows\system32\drivers
18:13:07.174 Service scanning
18:13:34.583 Modules scanning
18:13:34.583 Disk 0 trace - called modules:
18:13:34.646 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
18:13:34.646 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800502d060]
18:13:34.661 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa800368a800]
18:13:34.661 5 ACPI.sys[fffff88000f897a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800452f050]
18:13:35.862 AVAST engine scan C:\windows
18:13:37.844 AVAST engine scan C:\windows\system32
18:14:56.530 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:14:57.809 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:15:44.672 AVAST engine scan C:\windows\system32\drivers
18:15:53.954 AVAST engine scan C:\Users\Administrator
18:15:56.871 AVAST engine scan C:\ProgramData
18:16:21.379 Scan finished successfully
18:16:57.930 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat"
18:16:57.930 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:15 AM

Posted 18 July 2012 - 05:49 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#7 armyman1031

armyman1031
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 18 July 2012 - 06:19 PM

Thank You for your help :thumbsup:

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:15 AM

Posted 18 July 2012 - 08:41 PM

You're welcome :thumbsup:

#9 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,849 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:15 AM

Posted 20 July 2012 - 11:10 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic461309.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users