Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Typical Google Redirect Virus


  • This topic is locked This topic is locked
4 replies to this topic

#1 Jukeboxx

Jukeboxx

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 21 July 2012 - 02:17 PM

So my little brother's computer has recently been infected by the google redirect virus, and we have tried using both Malwarebytes and Superantispyware. Then we ran the TDSSKiller. Here is the log:


23:36:23.0611 6536 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
23:36:23.0842 6536 ============================================================
23:36:23.0842 6536 Current date / time: 2012/07/16 23:36:23.0842
23:36:23.0842 6536 SystemInfo:
23:36:23.0842 6536
23:36:23.0842 6536 OS Version: 6.1.7601 ServicePack: 1.0
23:36:23.0842 6536 Product type: Workstation
23:36:23.0842 6536 ComputerName: MOPREME
23:36:23.0842 6536 UserName: Inuk
23:36:23.0842 6536 Windows directory: C:\windows
23:36:23.0842 6536 System windows directory: C:\windows
23:36:23.0842 6536 Running under WOW64
23:36:23.0842 6536 Processor architecture: Intel x64
23:36:23.0842 6536 Number of processors: 4
23:36:23.0842 6536 Page size: 0x1000
23:36:23.0842 6536 Boot type: Normal boot
23:36:23.0842 6536 ============================================================
23:36:24.0221 6536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:36:24.0232 6536 ============================================================
23:36:24.0232 6536 \Device\Harddisk0\DR0:
23:36:24.0232 6536 MBR partitions:
23:36:24.0232 6536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:36:24.0232 6536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x19200000
23:36:24.0254 6536 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x19233000, BlocksNum 0x2EB29000
23:36:24.0254 6536 ============================================================
23:36:24.0284 6536 C: <-> \Device\Harddisk0\DR0\Partition1
23:36:24.0326 6536 D: <-> \Device\Harddisk0\DR0\Partition2
23:36:24.0326 6536 ============================================================
23:36:24.0326 6536 Initialize success
23:36:24.0326 6536 ============================================================
23:36:45.0700 1932 ============================================================
23:36:45.0700 1932 Scan started
23:36:45.0700 1932 Mode: Manual;
23:36:45.0700 1932 ============================================================
23:36:46.0526 1932 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:36:46.0542 1932 !SASCORE - ok
23:36:46.0776 1932 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
23:36:46.0792 1932 1394ohci - ok
23:36:46.0901 1932 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
23:36:46.0932 1932 ACPI - ok
23:36:46.0979 1932 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
23:36:46.0979 1932 AcpiPmi - ok
23:36:47.0166 1932 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:36:47.0166 1932 AdobeFlashPlayerUpdateSvc - ok
23:36:47.0228 1932 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
23:36:47.0228 1932 adp94xx - ok
23:36:47.0260 1932 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
23:36:47.0275 1932 adpahci - ok
23:36:47.0291 1932 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
23:36:47.0291 1932 adpu320 - ok
23:36:47.0322 1932 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
23:36:47.0322 1932 AeLookupSvc - ok
23:36:47.0369 1932 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
23:36:47.0384 1932 AFD - ok
23:36:47.0462 1932 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
23:36:47.0462 1932 agp440 - ok
23:36:47.0494 1932 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
23:36:47.0494 1932 ALG - ok
23:36:47.0556 1932 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
23:36:47.0556 1932 aliide - ok
23:36:47.0618 1932 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
23:36:47.0634 1932 amdide - ok
23:36:47.0681 1932 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
23:36:47.0681 1932 AmdK8 - ok
23:36:47.0696 1932 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
23:36:47.0696 1932 AmdPPM - ok
23:36:47.0806 1932 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
23:36:47.0806 1932 amdsata - ok
23:36:47.0852 1932 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
23:36:47.0852 1932 amdsbs - ok
23:36:47.0884 1932 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
23:36:47.0884 1932 amdxata - ok
23:36:48.0040 1932 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
23:36:48.0040 1932 AppID - ok
23:36:48.0102 1932 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
23:36:48.0102 1932 AppIDSvc - ok
23:36:48.0164 1932 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
23:36:48.0164 1932 Appinfo - ok
23:36:48.0258 1932 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
23:36:48.0258 1932 arc - ok
23:36:48.0289 1932 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
23:36:48.0289 1932 arcsas - ok
23:36:48.0336 1932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
23:36:48.0336 1932 AsyncMac - ok
23:36:48.0398 1932 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
23:36:48.0398 1932 atapi - ok
23:36:48.0570 1932 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
23:36:48.0570 1932 AudioEndpointBuilder - ok
23:36:48.0601 1932 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
23:36:48.0617 1932 AudioSrv - ok
23:36:48.0664 1932 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
23:36:48.0664 1932 AxInstSV - ok
23:36:48.0725 1932 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
23:36:48.0745 1932 b06bdrv - ok
23:36:48.0795 1932 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
23:36:48.0795 1932 b57nd60a - ok
23:36:48.0915 1932 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:36:48.0915 1932 BBSvc - ok
23:36:48.0955 1932 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
23:36:48.0965 1932 BDESVC - ok
23:36:49.0005 1932 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
23:36:49.0005 1932 Beep - ok
23:36:49.0175 1932 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
23:36:49.0185 1932 BITS - ok
23:36:49.0225 1932 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
23:36:49.0235 1932 blbdrive - ok
23:36:49.0275 1932 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
23:36:49.0275 1932 bowser - ok
23:36:49.0325 1932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
23:36:49.0335 1932 BrFiltLo - ok
23:36:49.0375 1932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
23:36:49.0375 1932 BrFiltUp - ok
23:36:49.0425 1932 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
23:36:49.0425 1932 Browser - ok
23:36:49.0515 1932 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\system32\DRIVERS\BrSerId.sys
23:36:49.0515 1932 Brserid - ok
23:36:49.0555 1932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
23:36:49.0555 1932 BrSerWdm - ok
23:36:49.0585 1932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
23:36:49.0595 1932 BrUsbMdm - ok
23:36:49.0615 1932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\system32\DRIVERS\BrUsbSer.sys
23:36:49.0615 1932 BrUsbSer - ok
23:36:49.0645 1932 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
23:36:49.0645 1932 BTHMODEM - ok
23:36:49.0685 1932 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
23:36:49.0685 1932 bthserv - ok
23:36:49.0715 1932 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
23:36:49.0715 1932 cdfs - ok
23:36:49.0775 1932 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
23:36:49.0775 1932 cdrom - ok
23:36:49.0855 1932 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
23:36:49.0855 1932 CertPropSvc - ok
23:36:49.0895 1932 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
23:36:49.0905 1932 circlass - ok
23:36:49.0955 1932 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
23:36:49.0955 1932 CLFS - ok
23:36:50.0145 1932 CLKMSVC10_38F51D56 (fe1c81a049e5c5d67c4ab7c31c899f6f) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
23:36:50.0155 1932 CLKMSVC10_38F51D56 - ok
23:36:50.0235 1932 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:50.0245 1932 clr_optimization_v2.0.50727_32 - ok
23:36:50.0335 1932 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:36:50.0335 1932 clr_optimization_v2.0.50727_64 - ok
23:36:50.0415 1932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:50.0415 1932 clr_optimization_v4.0.30319_32 - ok
23:36:50.0485 1932 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:36:50.0485 1932 clr_optimization_v4.0.30319_64 - ok
23:36:50.0595 1932 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
23:36:50.0595 1932 clwvd - ok
23:36:50.0635 1932 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
23:36:50.0645 1932 CmBatt - ok
23:36:50.0665 1932 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
23:36:50.0665 1932 cmdide - ok
23:36:50.0735 1932 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
23:36:50.0735 1932 CNG - ok
23:36:50.0785 1932 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
23:36:50.0785 1932 Compbatt - ok
23:36:50.0835 1932 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
23:36:50.0835 1932 CompositeBus - ok
23:36:50.0915 1932 COMSysApp - ok
23:36:50.0965 1932 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
23:36:50.0965 1932 crcdisk - ok
23:36:51.0015 1932 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
23:36:51.0025 1932 CryptSvc - ok
23:36:51.0205 1932 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\windows\system32\DRIVERS\ctxusbm.sys
23:36:51.0205 1932 ctxusbm - ok
23:36:51.0375 1932 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:36:51.0385 1932 cvhsvc - ok
23:36:51.0475 1932 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\windows\system32\DRIVERS\dc3d.sys
23:36:51.0475 1932 dc3d - ok
23:36:51.0545 1932 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
23:36:51.0545 1932 DcomLaunch - ok
23:36:51.0595 1932 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
23:36:51.0595 1932 defragsvc - ok
23:36:51.0635 1932 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
23:36:51.0635 1932 DfsC - ok
23:36:51.0725 1932 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
23:36:51.0735 1932 Dhcp - ok
23:36:51.0785 1932 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
23:36:51.0785 1932 discache - ok
23:36:51.0885 1932 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
23:36:51.0885 1932 Disk - ok
23:36:51.0945 1932 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
23:36:51.0945 1932 Dnscache - ok
23:36:52.0015 1932 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
23:36:52.0025 1932 dot3svc - ok
23:36:52.0055 1932 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
23:36:52.0065 1932 DPS - ok
23:36:52.0105 1932 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
23:36:52.0105 1932 drmkaud - ok
23:36:52.0195 1932 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
23:36:52.0235 1932 DXGKrnl - ok
23:36:52.0345 1932 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
23:36:52.0355 1932 EapHost - ok
23:36:52.0565 1932 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
23:36:52.0635 1932 ebdrv - ok
23:36:52.0885 1932 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
23:36:52.0885 1932 EFS - ok
23:36:53.0065 1932 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
23:36:53.0135 1932 ehRecvr - ok
23:36:53.0185 1932 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
23:36:53.0185 1932 ehSched - ok
23:36:53.0335 1932 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
23:36:53.0355 1932 elxstor - ok
23:36:53.0395 1932 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
23:36:53.0405 1932 ErrDev - ok
23:36:53.0455 1932 ETD (3bb2c05d9a515601e85dbf353369e672) C:\windows\system32\DRIVERS\ETD.sys
23:36:53.0455 1932 ETD - ok
23:36:53.0495 1932 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
23:36:53.0495 1932 EventSystem - ok
23:36:54.0255 1932 EvtEng (7ee9f35bc1dd0ce1a4976032f9ac5162) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:36:54.0275 1932 EvtEng - ok
23:36:54.0395 1932 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
23:36:54.0405 1932 exfat - ok
23:36:54.0465 1932 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
23:36:54.0465 1932 fastfat - ok
23:36:54.0555 1932 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
23:36:54.0565 1932 Fax - ok
23:36:54.0635 1932 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
23:36:55.0845 1932 fdc - ok
23:36:55.0915 1932 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
23:36:55.0915 1932 fdPHost - ok
23:36:55.0985 1932 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
23:36:55.0985 1932 FDResPub - ok
23:36:56.0025 1932 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
23:36:56.0025 1932 FileInfo - ok
23:36:56.0045 1932 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
23:36:56.0045 1932 Filetrace - ok
23:36:56.0075 1932 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
23:36:56.0075 1932 flpydisk - ok
23:36:56.0105 1932 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
23:36:56.0125 1932 FltMgr - ok
23:36:56.0255 1932 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
23:36:56.0275 1932 FontCache - ok
23:36:56.0415 1932 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:36:56.0415 1932 FontCache3.0.0.0 - ok
23:36:56.0475 1932 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
23:36:56.0475 1932 FsDepends - ok
23:36:56.0545 1932 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
23:36:56.0545 1932 Fs_Rec - ok
23:36:56.0585 1932 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
23:36:56.0595 1932 fvevol - ok
23:36:56.0665 1932 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
23:36:56.0665 1932 gagp30kx - ok
23:36:56.0755 1932 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
23:36:56.0755 1932 GameConsoleService - ok
23:36:56.0845 1932 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
23:36:56.0845 1932 gpsvc - ok
23:36:56.0965 1932 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:56.0965 1932 gupdate - ok
23:36:57.0005 1932 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:57.0005 1932 gupdatem - ok
23:36:57.0045 1932 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
23:36:57.0045 1932 hcw85cir - ok
23:36:57.0145 1932 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
23:36:57.0145 1932 HdAudAddService - ok
23:36:57.0205 1932 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
23:36:57.0205 1932 HDAudBus - ok
23:36:57.0275 1932 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
23:36:57.0275 1932 HidBatt - ok
23:36:57.0300 1932 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
23:36:57.0305 1932 HidBth - ok
23:36:57.0330 1932 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
23:36:57.0330 1932 HidIr - ok
23:36:57.0362 1932 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
23:36:57.0362 1932 hidserv - ok
23:36:57.0460 1932 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
23:36:57.0460 1932 HidUsb - ok
23:36:57.0527 1932 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
23:36:57.0530 1932 hkmsvc - ok
23:36:57.0565 1932 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
23:36:57.0570 1932 HomeGroupListener - ok
23:36:57.0820 1932 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
23:36:57.0820 1932 HomeGroupProvider - ok
23:36:57.0880 1932 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
23:36:57.0880 1932 HpSAMD - ok
23:36:57.0980 1932 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
23:36:58.0032 1932 HTTP - ok
23:36:58.0055 1932 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
23:36:58.0057 1932 hwpolicy - ok
23:36:58.0080 1932 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
23:36:58.0082 1932 i8042prt - ok
23:36:58.0137 1932 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\windows\system32\DRIVERS\iaStor.sys
23:36:58.0140 1932 iaStor - ok
23:36:58.0200 1932 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
23:36:58.0235 1932 iaStorV - ok
23:36:58.0437 1932 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:36:58.0537 1932 idsvc - ok
23:36:59.0407 1932 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\windows\system32\DRIVERS\igdkmd64.sys
23:36:59.0629 1932 igfx - ok
23:36:59.0792 1932 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
23:36:59.0794 1932 iirsp - ok
23:36:59.0964 1932 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
23:36:59.0981 1932 IKEEXT - ok
23:37:00.0206 1932 IntcAzAudAddService (b54138716ec5945bae6914ad8da086c0) C:\windows\system32\drivers\RTKVHD64.sys
23:37:00.0261 1932 IntcAzAudAddService - ok
23:37:00.0483 1932 IntcDAud (ae594cc17c33ac146739494615e14851) C:\windows\system32\DRIVERS\IntcDAud.sys
23:37:00.0487 1932 IntcDAud - ok
23:37:00.0518 1932 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
23:37:00.0519 1932 intelide - ok
23:37:00.0561 1932 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
23:37:00.0563 1932 intelppm - ok
23:37:00.0635 1932 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
23:37:00.0637 1932 IPBusEnum - ok
23:37:00.0671 1932 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
23:37:00.0673 1932 IpFilterDriver - ok
23:37:00.0713 1932 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
23:37:00.0714 1932 IPMIDRV - ok
23:37:00.0788 1932 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
23:37:00.0789 1932 IPNAT - ok
23:37:00.0820 1932 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
23:37:00.0820 1932 IRENUM - ok
23:37:00.0830 1932 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
23:37:00.0831 1932 isapnp - ok
23:37:00.0866 1932 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
23:37:00.0869 1932 iScsiPrt - ok
23:37:00.0885 1932 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
23:37:00.0886 1932 kbdclass - ok
23:37:00.0955 1932 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
23:37:00.0956 1932 kbdhid - ok
23:37:00.0979 1932 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
23:37:00.0980 1932 KeyIso - ok
23:37:01.0017 1932 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
23:37:01.0020 1932 KSecDD - ok
23:37:01.0067 1932 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
23:37:01.0071 1932 KSecPkg - ok
23:37:01.0105 1932 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
23:37:01.0107 1932 ksthunk - ok
23:37:01.0199 1932 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
23:37:01.0224 1932 KtmRm - ok
23:37:01.0296 1932 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
23:37:01.0302 1932 LanmanServer - ok
23:37:01.0397 1932 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
23:37:01.0404 1932 LanmanWorkstation - ok
23:37:01.0460 1932 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
23:37:01.0461 1932 lltdio - ok
23:37:01.0534 1932 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
23:37:01.0539 1932 lltdsvc - ok
23:37:01.0557 1932 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
23:37:01.0558 1932 lmhosts - ok
23:37:01.0720 1932 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:37:01.0720 1932 LMS - ok
23:37:02.0030 1932 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
23:37:03.0320 1932 LSI_FC - ok
23:37:03.0505 1932 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
23:37:03.0510 1932 LSI_SAS - ok
23:37:03.0565 1932 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
23:37:03.0570 1932 LSI_SAS2 - ok
23:37:03.0595 1932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
23:37:03.0595 1932 LSI_SCSI - ok
23:37:03.0660 1932 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
23:37:03.0665 1932 luafv - ok
23:37:03.0881 1932 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
23:37:03.0885 1932 McComponentHostService - ok
23:37:03.0928 1932 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
23:37:03.0932 1932 Mcx2Svc - ok
23:37:03.0951 1932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
23:37:03.0953 1932 megasas - ok
23:37:04.0010 1932 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
23:37:04.0054 1932 MegaSR - ok
23:37:04.0120 1932 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
23:37:04.0122 1932 MEIx64 - ok
23:37:04.0156 1932 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
23:37:04.0158 1932 MMCSS - ok
23:37:04.0200 1932 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
23:37:04.0202 1932 Modem - ok
23:37:04.0244 1932 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
23:37:04.0245 1932 monitor - ok
23:37:04.0302 1932 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
23:37:04.0306 1932 mouclass - ok
23:37:04.0379 1932 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
23:37:04.0380 1932 mouhid - ok
23:37:04.0418 1932 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
23:37:04.0420 1932 mountmgr - ok
23:37:04.0528 1932 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:37:04.0529 1932 MozillaMaintenance - ok
23:37:04.0581 1932 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
23:37:04.0583 1932 mpio - ok
23:37:04.0638 1932 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
23:37:04.0639 1932 mpsdrv - ok
23:37:04.0667 1932 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
23:37:04.0669 1932 MRxDAV - ok
23:37:04.0700 1932 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
23:37:04.0702 1932 mrxsmb - ok
23:37:04.0738 1932 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
23:37:04.0741 1932 mrxsmb10 - ok
23:37:04.0794 1932 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
23:37:04.0796 1932 mrxsmb20 - ok
23:37:04.0828 1932 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
23:37:04.0829 1932 msahci - ok
23:37:04.0847 1932 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
23:37:04.0849 1932 msdsm - ok
23:37:04.0885 1932 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
23:37:04.0887 1932 MSDTC - ok
23:37:04.0956 1932 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
23:37:04.0957 1932 Msfs - ok
23:37:04.0972 1932 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
23:37:04.0973 1932 mshidkmdf - ok
23:37:05.0016 1932 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
23:37:05.0016 1932 msisadrv - ok
23:37:05.0042 1932 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
23:37:05.0044 1932 MSiSCSI - ok
23:37:05.0046 1932 msiserver - ok
23:37:05.0119 1932 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
23:37:05.0120 1932 MSKSSRV - ok
23:37:05.0143 1932 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
23:37:05.0144 1932 MSPCLOCK - ok
23:37:05.0166 1932 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
23:37:05.0167 1932 MSPQM - ok
23:37:05.0253 1932 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
23:37:05.0276 1932 MsRPC - ok
23:37:05.0331 1932 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
23:37:05.0334 1932 mssmbios - ok
23:37:05.0409 1932 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
23:37:05.0410 1932 MSTEE - ok
23:37:05.0428 1932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
23:37:05.0430 1932 MTConfig - ok
23:37:05.0467 1932 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
23:37:05.0468 1932 Mup - ok
23:37:05.0587 1932 MyWiFiDHCPDNS (0cf5580f27918ffd2e165ecafa734103) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:37:05.0602 1932 MyWiFiDHCPDNS - ok
23:37:05.0668 1932 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
23:37:05.0678 1932 napagent - ok
23:37:05.0959 1932 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
23:37:05.0964 1932 NativeWifiP - ok
23:37:06.0123 1932 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
23:37:06.0158 1932 NDIS - ok
23:37:06.0197 1932 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
23:37:06.0198 1932 NdisCap - ok
23:37:06.0250 1932 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
23:37:06.0251 1932 NdisTapi - ok
23:37:06.0295 1932 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
23:37:06.0297 1932 Ndisuio - ok
23:37:06.0331 1932 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
23:37:06.0334 1932 NdisWan - ok
23:37:06.0366 1932 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
23:37:06.0368 1932 NDProxy - ok
23:37:06.0402 1932 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
23:37:06.0403 1932 NetBIOS - ok
23:37:06.0448 1932 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
23:37:06.0464 1932 NetBT - ok
23:37:06.0503 1932 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
23:37:06.0504 1932 Netlogon - ok
23:37:06.0563 1932 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
23:37:06.0568 1932 Netman - ok
23:37:06.0624 1932 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
23:37:06.0629 1932 netprofm - ok
23:37:06.0732 1932 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:37:06.0734 1932 NetTcpPortSharing - ok
23:37:07.0487 1932 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\windows\system32\DRIVERS\NETwNs64.sys
23:37:07.0702 1932 NETwNs64 - ok
23:37:07.0865 1932 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
23:37:07.0867 1932 nfrd960 - ok
23:37:07.0921 1932 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
23:37:07.0924 1932 NlaSvc - ok
23:37:08.0243 1932 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
23:37:08.0348 1932 NOBU - ok
23:37:08.0512 1932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
23:37:08.0512 1932 Npfs - ok
23:37:08.0551 1932 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
23:37:08.0553 1932 nsi - ok
23:37:08.0560 1932 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
23:37:08.0561 1932 nsiproxy - ok
23:37:08.0692 1932 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
23:37:08.0731 1932 Ntfs - ok
23:37:08.0833 1932 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
23:37:08.0834 1932 Null - ok
23:37:08.0872 1932 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\windows\system32\DRIVERS\nusb3hub.sys
23:37:08.0874 1932 nusb3hub - ok
23:37:08.0901 1932 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\windows\system32\DRIVERS\nusb3xhc.sys
23:37:08.0904 1932 nusb3xhc - ok
23:37:09.0747 1932 nvlddmkm (fbe6ac1c3591cb67543fad15abd26bcb) C:\windows\system32\DRIVERS\nvlddmkm.sys
23:37:10.0072 1932 nvlddmkm - ok
23:37:10.0206 1932 nvpciflt (680c5baf7d0190b1485068fc4ba75f1c) C:\windows\system32\DRIVERS\nvpciflt.sys
23:37:10.0207 1932 nvpciflt - ok
23:37:10.0252 1932 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
23:37:10.0256 1932 nvraid - ok
23:37:10.0315 1932 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
23:37:10.0319 1932 nvstor - ok
23:37:10.0433 1932 NVSvc (147b0d17255fd796f990cc6f745605c5) C:\windows\system32\nvvsvc.exe
23:37:10.0452 1932 NVSvc - ok
23:37:10.0670 1932 nvUpdatusService (812bf9531c827e1d8029843cddb2b5d6) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:37:10.0715 1932 nvUpdatusService - ok
23:37:10.0865 1932 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
23:37:10.0868 1932 nv_agp - ok
23:37:10.0894 1932 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
23:37:10.0903 1932 ohci1394 - ok
23:37:11.0019 1932 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:37:11.0023 1932 ose - ok
23:37:11.0291 1932 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:37:11.0341 1932 osppsvc - ok
23:37:11.0484 1932 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
23:37:11.0489 1932 p2pimsvc - ok
23:37:11.0528 1932 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
23:37:11.0536 1932 p2psvc - ok
23:37:11.0633 1932 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
23:37:11.0634 1932 Parport - ok
23:37:11.0670 1932 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
23:37:11.0671 1932 partmgr - ok
23:37:11.0719 1932 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
23:37:11.0722 1932 PcaSvc - ok
23:37:11.0761 1932 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
23:37:11.0764 1932 pci - ok
23:37:11.0784 1932 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
23:37:11.0785 1932 pciide - ok
23:37:11.0812 1932 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
23:37:11.0816 1932 pcmcia - ok
23:37:11.0867 1932 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
23:37:11.0868 1932 pcw - ok
23:37:11.0922 1932 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
23:37:11.0931 1932 PEAUTH - ok
23:37:12.0027 1932 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
23:37:12.0030 1932 PerfHost - ok
23:37:12.0181 1932 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
23:37:12.0200 1932 pla - ok
23:37:12.0306 1932 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
23:37:12.0312 1932 PlugPlay - ok
23:37:12.0344 1932 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
23:37:12.0345 1932 PNRPAutoReg - ok
23:37:12.0411 1932 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
23:37:12.0418 1932 PNRPsvc - ok
23:37:12.0475 1932 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
23:37:12.0487 1932 PolicyAgent - ok
23:37:12.0523 1932 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
23:37:12.0529 1932 Power - ok
23:37:12.0629 1932 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
23:37:12.0632 1932 PptpMiniport - ok
23:37:12.0661 1932 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
23:37:12.0667 1932 Processor - ok
23:37:12.0710 1932 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
23:37:12.0719 1932 ProfSvc - ok
23:37:12.0758 1932 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
23:37:12.0759 1932 ProtectedStorage - ok
23:37:12.0801 1932 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
23:37:12.0803 1932 Psched - ok
23:37:12.0897 1932 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
23:37:12.0932 1932 ql2300 - ok
23:37:13.0082 1932 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
23:37:13.0085 1932 ql40xx - ok
23:37:13.0117 1932 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
23:37:13.0123 1932 QWAVE - ok
23:37:13.0141 1932 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
23:37:13.0142 1932 QWAVEdrv - ok
23:37:13.0156 1932 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
23:37:13.0157 1932 RasAcd - ok
23:37:13.0198 1932 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
23:37:13.0200 1932 RasAgileVpn - ok
23:37:13.0225 1932 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
23:37:13.0229 1932 RasAuto - ok
23:37:13.0294 1932 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
23:37:13.0296 1932 Rasl2tp - ok
23:37:13.0337 1932 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
23:37:13.0345 1932 RasMan - ok
23:37:13.0381 1932 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
23:37:13.0383 1932 RasPppoe - ok
23:37:13.0398 1932 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
23:37:13.0400 1932 RasSstp - ok
23:37:13.0446 1932 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
23:37:13.0451 1932 rdbss - ok
23:37:13.0469 1932 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
23:37:13.0471 1932 rdpbus - ok
23:37:13.0491 1932 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
23:37:13.0492 1932 RDPCDD - ok
23:37:13.0577 1932 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
23:37:13.0577 1932 RDPENCDD - ok
23:37:13.0586 1932 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
23:37:13.0587 1932 RDPREFMP - ok
23:37:13.0626 1932 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
23:37:13.0629 1932 RDPWD - ok
23:37:13.0669 1932 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
23:37:13.0673 1932 rdyboost - ok
23:37:13.0898 1932 RegSrvc (aa9fd849c028ccb441a78061b57db734) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:37:13.0907 1932 RegSrvc - ok
23:37:13.0947 1932 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
23:37:13.0949 1932 RemoteAccess - ok
23:37:13.0993 1932 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
23:37:13.0995 1932 RemoteRegistry - ok
23:37:14.0116 1932 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:37:14.0120 1932 RichVideo - ok
23:37:14.0145 1932 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
23:37:14.0151 1932 RpcEptMapper - ok
23:37:14.0179 1932 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
23:37:14.0182 1932 RpcLocator - ok
23:37:14.0238 1932 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
23:37:14.0246 1932 RpcSs - ok
23:37:14.0327 1932 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
23:37:14.0329 1932 rspndr - ok
23:37:14.0382 1932 RTL8167 (bfe0ef0c4c15820698f50ad73af5e35f) C:\windows\system32\DRIVERS\Rt64win7.sys
23:37:14.0389 1932 RTL8167 - ok
23:37:14.0524 1932 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\windows\SysWOW64\drivers\rtport.sys
23:37:14.0525 1932 rtport - ok
23:37:14.0558 1932 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\windows\system32\Drivers\SABI.sys
23:37:14.0559 1932 SABI - ok
23:37:14.0598 1932 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
23:37:14.0600 1932 SamSs - ok
23:37:14.0681 1932 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\windows\System32\SUPDSvc.exe
23:37:14.0686 1932 Samsung UPD Service - ok
23:37:14.0811 1932 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:37:14.0812 1932 SASDIFSV - ok
23:37:14.0829 1932 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:37:14.0829 1932 SASKUTIL - ok
23:37:14.0878 1932 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
23:37:14.0890 1932 sbp2port - ok
23:37:14.0937 1932 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
23:37:14.0942 1932 SCardSvr - ok
23:37:14.0975 1932 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
23:37:14.0976 1932 scfilter - ok
23:37:15.0043 1932 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
23:37:15.0059 1932 Schedule - ok
23:37:15.0101 1932 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
23:37:15.0102 1932 SCPolicySvc - ok
23:37:15.0156 1932 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
23:37:15.0159 1932 SDRSVC - ok
23:37:15.0257 1932 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:37:15.0259 1932 SeaPort - ok
23:37:15.0332 1932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
23:37:15.0335 1932 secdrv - ok
23:37:15.0370 1932 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
23:37:15.0376 1932 seclogon - ok
23:37:15.0405 1932 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
23:37:15.0408 1932 SENS - ok
23:37:15.0427 1932 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
23:37:15.0429 1932 SensrSvc - ok
23:37:15.0453 1932 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
23:37:15.0454 1932 Serenum - ok
23:37:15.0494 1932 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
23:37:15.0497 1932 Serial - ok
23:37:15.0555 1932 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
23:37:15.0557 1932 sermouse - ok
23:37:15.0617 1932 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
23:37:15.0621 1932 SessionEnv - ok
23:37:15.0653 1932 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
23:37:15.0654 1932 sffdisk - ok
23:37:15.0672 1932 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
23:37:15.0673 1932 sffp_mmc - ok
23:37:15.0685 1932 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
23:37:15.0686 1932 sffp_sd - ok
23:37:15.0707 1932 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
23:37:15.0708 1932 sfloppy - ok
23:37:15.0859 1932 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
23:37:15.0875 1932 Sftfs - ok
23:37:16.0005 1932 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:37:16.0009 1932 sftlist - ok
23:37:16.0051 1932 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
23:37:16.0055 1932 Sftplay - ok
23:37:16.0116 1932 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
23:37:16.0117 1932 Sftredir - ok
23:37:16.0148 1932 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
23:37:16.0149 1932 Sftvol - ok
23:37:16.0176 1932 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:37:16.0177 1932 sftvsa - ok
23:37:16.0228 1932 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
23:37:16.0235 1932 ShellHWDetection - ok
23:37:16.0299 1932 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
23:37:16.0301 1932 SiSRaid2 - ok
23:37:16.0323 1932 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
23:37:16.0326 1932 SiSRaid4 - ok
23:37:16.0389 1932 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:37:16.0394 1932 SkypeUpdate - ok
23:37:16.0477 1932 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
23:37:16.0479 1932 Smb - ok
23:37:16.0530 1932 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
23:37:16.0534 1932 SNMPTRAP - ok
23:37:16.0564 1932 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
23:37:16.0565 1932 spldr - ok
23:37:16.0644 1932 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
23:37:16.0656 1932 Spooler - ok
23:37:16.0998 1932 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
23:37:17.0070 1932 sppsvc - ok
23:37:17.0176 1932 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
23:37:17.0179 1932 sppuinotify - ok
23:37:17.0221 1932 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
23:37:17.0227 1932 srv - ok
23:37:17.0259 1932 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
23:37:17.0264 1932 srv2 - ok
23:37:17.0290 1932 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
23:37:17.0292 1932 srvnet - ok
23:37:17.0335 1932 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
23:37:17.0339 1932 SSDPSRV - ok
23:37:17.0374 1932 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\windows\system32\Drivers\SSPORT.sys
23:37:17.0375 1932 SSPORT - ok
23:37:17.0388 1932 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
23:37:17.0391 1932 SstpSvc - ok
23:37:17.0454 1932 Steam Client Service - ok
23:37:17.0524 1932 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
23:37:17.0525 1932 stexstor - ok
23:37:17.0559 1932 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
23:37:17.0560 1932 StillCam - ok
23:37:17.0624 1932 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
23:37:17.0630 1932 stisvc - ok
23:37:17.0700 1932 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
23:37:17.0701 1932 swenum - ok
23:37:17.0742 1932 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
23:37:17.0748 1932 swprv - ok
23:37:17.0827 1932 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
23:37:17.0838 1932 SysMain - ok
23:37:17.0964 1932 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
23:37:17.0968 1932 TabletInputService - ok
23:37:18.0002 1932 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
23:37:18.0010 1932 TapiSrv - ok
23:37:18.0078 1932 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
23:37:18.0083 1932 TBS - ok
23:37:18.0284 1932 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
23:37:18.0305 1932 Tcpip - ok
23:37:18.0609 1932 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
23:37:18.0639 1932 TCPIP6 - ok
23:37:18.0811 1932 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
23:37:18.0814 1932 tcpipreg - ok
23:37:18.0866 1932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
23:37:18.0869 1932 TDPIPE - ok
23:37:18.0906 1932 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
23:37:18.0908 1932 TDTCP - ok
23:37:18.0950 1932 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
23:37:18.0952 1932 tdx - ok
23:37:18.0986 1932 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
23:37:18.0987 1932 TermDD - ok
23:37:19.0035 1932 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
23:37:19.0045 1932 TermService - ok
23:37:19.0095 1932 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
23:37:19.0097 1932 Themes - ok
23:37:19.0151 1932 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
23:37:19.0153 1932 THREADORDER - ok
23:37:19.0166 1932 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
23:37:19.0168 1932 TrkWks - ok
23:37:19.0242 1932 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
23:37:19.0245 1932 TrustedInstaller - ok
23:37:19.0288 1932 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
23:37:19.0289 1932 tssecsrv - ok
23:37:19.0336 1932 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
23:37:19.0337 1932 TsUsbFlt - ok
23:37:19.0404 1932 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
23:37:19.0406 1932 tunnel - ok
23:37:19.0446 1932 TurboB (48743b69ea47c020a792d8649f753f44) C:\windows\system32\DRIVERS\TurboB.sys
23:37:19.0447 1932 TurboB - ok
23:37:19.0588 1932 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:37:19.0592 1932 TurboBoost - ok
23:37:19.0620 1932 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
23:37:19.0622 1932 uagp35 - ok
23:37:19.0667 1932 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
23:37:19.0675 1932 udfs - ok
23:37:19.0746 1932 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
23:37:19.0748 1932 UI0Detect - ok
23:37:19.0797 1932 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
23:37:19.0800 1932 uliagpkx - ok
23:37:19.0837 1932 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
23:37:19.0839 1932 umbus - ok
23:37:19.0888 1932 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
23:37:19.0890 1932 UmPass - ok
23:37:20.0126 1932 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:37:20.0244 1932 UNS - ok
23:37:20.0459 1932 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
23:37:20.0463 1932 upnphost - ok
23:37:20.0533 1932 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
23:37:20.0535 1932 usbccgp - ok
23:37:20.0578 1932 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
23:37:20.0579 1932 usbcir - ok
23:37:20.0604 1932 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
23:37:20.0605 1932 usbehci - ok
23:37:20.0644 1932 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
23:37:20.0648 1932 usbhub - ok
23:37:20.0665 1932 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
23:37:20.0667 1932 usbohci - ok
23:37:20.0726 1932 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
23:37:20.0727 1932 usbprint - ok
23:37:20.0742 1932 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
23:37:20.0743 1932 usbscan - ok
23:37:20.0772 1932 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
23:37:20.0774 1932 USBSTOR - ok
23:37:20.0792 1932 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
23:37:20.0793 1932 usbuhci - ok
23:37:20.0883 1932 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
23:37:20.0898 1932 usbvideo - ok
23:37:20.0930 1932 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
23:37:20.0932 1932 UxSms - ok
23:37:20.0965 1932 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
23:37:20.0967 1932 VaultSvc - ok
23:37:21.0025 1932 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
23:37:21.0027 1932 vdrvroot - ok
23:37:21.0097 1932 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
23:37:21.0123 1932 vds - ok
23:37:21.0164 1932 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
23:37:21.0165 1932 vga - ok
23:37:21.0185 1932 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
23:37:21.0187 1932 VgaSave - ok
23:37:21.0243 1932 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
23:37:21.0247 1932 vhdmp - ok
23:37:21.0274 1932 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
23:37:21.0276 1932 viaide - ok
23:37:21.0301 1932 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
23:37:21.0304 1932 volmgr - ok
23:37:21.0373 1932 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
23:37:21.0432 1932 volmgrx - ok
23:37:21.0491 1932 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
23:37:21.0548 1932 volsnap - ok
23:37:21.0597 1932 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
23:37:21.0600 1932 vsmraid - ok
23:37:21.0811 1932 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
23:37:21.0847 1932 VSS - ok
23:37:21.0984 1932 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
23:37:21.0985 1932 vwifibus - ok
23:37:22.0088 1932 VWiFiFlt (13a0decd1794de60a8427862c8669d27) C:\windows\system32\DRIVERS\vwififlt.sys
23:37:22.0090 1932 VWiFiFlt - ok
23:37:22.0117 1932 vwifimp (49003b357d101cdc474937437ecf5abc) C:\windows\system32\DRIVERS\vwifimp.sys
23:37:22.0118 1932 vwifimp - ok
23:37:22.0159 1932 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
23:37:22.0179 1932 W32Time - ok
23:37:22.0231 1932 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
23:37:22.0233 1932 WacomPen - ok
23:37:22.0295 1932 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
23:37:22.0298 1932 WANARP - ok
23:37:22.0318 1932 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
23:37:22.0320 1932 Wanarpv6 - ok
23:37:22.0513 1932 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
23:37:22.0545 1932 WatAdminSvc - ok
23:37:22.0678 1932 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
23:37:22.0758 1932 wbengine - ok
23:37:22.0892 1932 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
23:37:22.0899 1932 WbioSrvc - ok
23:37:22.0966 1932 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
23:37:22.0984 1932 wcncsvc - ok
23:37:23.0039 1932 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
23:37:23.0046 1932 WcsPlugInService - ok
23:37:23.0118 1932 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
23:37:23.0119 1932 Wd - ok
23:37:23.0153 1932 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
23:37:23.0153 1932 WDC_SAM - ok
23:37:23.0225 1932 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
23:37:23.0253 1932 Wdf01000 - ok
23:37:23.0281 1932 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
23:37:23.0283 1932 WdiServiceHost - ok
23:37:23.0286 1932 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
23:37:23.0289 1932 WdiSystemHost - ok
23:37:23.0363 1932 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
23:37:23.0365 1932 wdkmd - ok
23:37:23.0418 1932 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
23:37:23.0428 1932 WebClient - ok
23:37:23.0485 1932 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
23:37:23.0492 1932 Wecsvc - ok
23:37:23.0533 1932 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
23:37:23.0536 1932 wercplsupport - ok
23:37:23.0554 1932 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
23:37:23.0557 1932 WerSvc - ok
23:37:23.0582 1932 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
23:37:23.0583 1932 WfpLwf - ok
23:37:23.0609 1932 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
23:37:23.0611 1932 WIMMount - ok
23:37:23.0618 1932 WinHttpAutoProxySvc - ok
23:37:23.0691 1932 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
23:37:23.0694 1932 Winmgmt - ok
23:37:24.0114 1932 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
23:37:24.0168 1932 WinRM - ok
23:37:24.0395 1932 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
23:37:24.0396 1932 WinUsb - ok
23:37:24.0490 1932 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
23:37:24.0499 1932 Wlansvc - ok
23:37:24.0604 1932 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:37:24.0606 1932 wlcrasvc - ok
23:37:24.0841 1932 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:37:24.0938 1932 wlidsvc - ok
23:37:25.0118 1932 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
23:37:25.0119 1932 WmiAcpi - ok
23:37:25.0267 1932 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
23:37:25.0270 1932 wmiApSrv - ok
23:37:25.0313 1932 WMPNetworkSvc - ok
23:37:25.0349 1932 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
23:37:25.0353 1932 WPCSvc - ok
23:37:25.0473 1932 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
23:37:25.0478 1932 WPDBusEnum - ok
23:37:25.0524 1932 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
23:37:25.0526 1932 ws2ifsl - ok
23:37:25.0538 1932 WSearch - ok
23:37:25.0692 1932 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
23:37:25.0719 1932 wuauserv - ok
23:37:25.0885 1932 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
23:37:25.0887 1932 WudfPf - ok
23:37:25.0958 1932 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
23:37:25.0960 1932 WUDFRd - ok
23:37:26.0001 1932 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
23:37:26.0005 1932 wudfsvc - ok
23:37:26.0036 1932 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
23:37:26.0039 1932 WwanSvc - ok
23:37:26.0100 1932 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
23:37:26.0323 1932 \Device\Harddisk0\DR0 - ok
23:37:26.0342 1932 Boot (0x1200) (fb05a3756a8fbf06ab31dcb5a1393388) \Device\Harddisk0\DR0\Partition0
23:37:26.0344 1932 \Device\Harddisk0\DR0\Partition0 - ok
23:37:26.0353 1932 Boot (0x1200) (e7985e10b1fd477c4aed2845c7d4ecdf) \Device\Harddisk0\DR0\Partition1
23:37:26.0355 1932 \Device\Harddisk0\DR0\Partition1 - ok
23:37:26.0379 1932 Boot (0x1200) (cc664193686d6ece8dba5f3ed3e0343d) \Device\Harddisk0\DR0\Partition2
23:37:26.0381 1932 \Device\Harddisk0\DR0\Partition2 - ok
23:37:26.0381 1932 ============================================================
23:37:26.0381 1932 Scan finished
23:37:26.0381 1932 ============================================================
23:37:26.0395 2096 Detected object count: 0
23:37:26.0396 2096 Actual detected object count: 0
23:37:33.0487 1612 Deinitialize success

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 21 July 2012 - 02:31 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

#3 Jukeboxx

Jukeboxx
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 21 July 2012 - 05:09 PM

Here are the logs.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-21 15:56:23
-----------------------------
15:56:23.115 OS Version: Windows x64 6.1.7601 Service Pack 1
15:56:23.115 Number of processors: 4 586 0x2A07
15:56:23.116 ComputerName: MOPREME UserName: Inuk
15:56:48.594 Initialize success
15:57:50.870 AVAST engine defs: 12072100
15:58:32.974 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:58:32.974 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3
15:58:33.024 Disk 0 MBR read successfully
15:58:33.024 Disk 0 MBR scan
15:58:33.074 Disk 0 unknown MBR code
15:58:33.124 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:58:33.154 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 205824 MB offset 206848
15:58:33.164 Disk 0 Partition - 00 0F Extended LBA 382547 MB offset 421734400
15:58:33.454 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 22006 MB offset 1205190656
15:58:33.554 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 382546 MB offset 421736448
15:58:33.734 Disk 0 scanning C:\windows\system32\drivers
15:59:11.514 Service scanning
15:59:37.821 Modules scanning
15:59:38.190 Disk 0 trace - called modules:
15:59:38.218 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:59:38.230 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e2e060]
15:59:38.241 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005fb8050]
15:59:38.725 AVAST engine scan C:\windows
15:59:41.598 AVAST engine scan C:\windows\system32
16:01:15.412 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:01:17.254 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:02:20.252 AVAST engine scan C:\windows\system32\drivers
16:02:35.735 AVAST engine scan C:\Users\Inuk
16:09:49.335 File: C:\Users\Inuk\AppData\Local\Temp\7EE1.tmp **INFECTED** Win32:Malware-gen
16:10:05.363 File: C:\Users\Inuk\AppData\Local\Temp\DF58.tmp **INFECTED** Win32:Malware-gen
16:14:56.913 AVAST engine scan C:\ProgramData
16:18:31.012 Scan finished successfully
16:21:19.261 Disk 0 MBR has been saved successfully to "C:\Users\Inuk\Desktop\MBR.dat"
16:21:19.272 The log file has been saved successfully to "C:\Users\Inuk\Desktop\aswMBR.txt"


and here is the log for the escanner
C:\Users\Inuk\AppData\Local\Temp\7EE1.tmp a variant of Win32/Olmarik.AWG trojan cleaned by deleting - quarantined
C:\Users\Inuk\AppData\Local\Temp\DF58.tmp a variant of Win32/Olmarik.AWG trojan cleaned by deleting - quarantined
C:\Users\Inuk\AppData\Local\Temp\ICReinstall_2Pac.-.Strictly.4.My.N.I.G.G.A.Z.(1993)_downloader.exe a variant of Win32/InstallCore.AF application cleaned by deleting - quarantined
C:\Windows\Installer\{eae2c803-4aaf-fd5d-4796-58d89b9ef80e}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{eae2c803-4aaf-fd5d-4796-58d89b9ef80e}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{eae2c803-4aaf-fd5d-4796-58d89b9ef80e}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 21 July 2012 - 05:30 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,911 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:09 AM

Posted 24 July 2012 - 10:20 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic462332.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users