Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HALPPPP! Repeated "Trojan has been quarantined" popup from McAfee


  • Please log in to reply
7 replies to this topic

#1 miaminick1

miaminick1

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 30 July 2012 - 08:24 AM

ZEROACCESS.EE and ZEROACCESS.DS and ZEROACcESS.EL and ZEROACCESS.EH - This is happening 3X times ever 5 minutes.

Need help here lets get my PC some BC.COM-PENICILLIN =\

Edited by miaminick1, 30 July 2012 - 08:25 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 30 July 2012 - 08:31 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 miaminick1

miaminick1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 30 July 2012 - 03:28 PM

TDSS

09:46:48.0685 3760 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
09:46:49.0138 3760 ============================================================
09:46:49.0138 3760 Current date / time: 2012/07/30 09:46:49.0138
09:46:49.0139 3760 SystemInfo:
09:46:49.0139 3760
09:46:49.0139 3760 OS Version: 6.0.6002 ServicePack: 2.0
09:46:49.0139 3760 Product type: Workstation
09:46:49.0139 3760 ComputerName: ROSESIX
09:46:49.0139 3760 UserName: Henry
09:46:49.0139 3760 Windows directory: C:\Windows
09:46:49.0139 3760 System windows directory: C:\Windows
09:46:49.0139 3760 Processor architecture: Intel x86
09:46:49.0139 3760 Number of processors: 2
09:46:49.0139 3760 Page size: 0x1000
09:46:49.0139 3760 Boot type: Normal boot
09:46:49.0140 3760 ============================================================
09:46:51.0531 3760 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:46:51.0533 3760 ============================================================
09:46:51.0533 3760 \Device\Harddisk0\DR0:
09:46:51.0534 3760 MBR partitions:
09:46:51.0534 3760 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
09:46:51.0534 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x80E6800
09:46:51.0534 3760 ============================================================
09:46:51.0569 3760 C: <-> \Device\Harddisk0\DR0\Partition1
09:46:51.0612 3760 D: <-> \Device\Harddisk0\DR0\Partition0
09:46:51.0612 3760 ============================================================
09:46:51.0612 3760 Initialize success
09:46:51.0612 3760 ============================================================
09:47:07.0743 4768 ============================================================
09:47:07.0743 4768 Scan started
09:47:07.0743 4768 Mode: Manual; TDLFS;
09:47:07.0743 4768 ============================================================
09:47:10.0755 4768 0326041343630946mcinstcleanup - ok
09:47:10.0868 4768 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
09:47:10.0881 4768 ACPI - ok
09:47:10.0940 4768 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
09:47:11.0001 4768 adp94xx - ok
09:47:11.0042 4768 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
09:47:11.0061 4768 adpahci - ok
09:47:11.0079 4768 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
09:47:11.0090 4768 adpu160m - ok
09:47:11.0117 4768 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
09:47:11.0137 4768 adpu320 - ok
09:47:11.0177 4768 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
09:47:11.0184 4768 AeLookupSvc - ok
09:47:11.0268 4768 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
09:47:11.0498 4768 AFD - ok
09:47:11.0550 4768 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
09:47:11.0558 4768 agp440 - ok
09:47:11.0608 4768 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
09:47:11.0617 4768 aic78xx - ok
09:47:11.0647 4768 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
09:47:11.0653 4768 ALG - ok
09:47:11.0669 4768 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
09:47:11.0679 4768 aliide - ok
09:47:11.0698 4768 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
09:47:11.0703 4768 amdagp - ok
09:47:11.0716 4768 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
09:47:11.0727 4768 amdide - ok
09:47:11.0747 4768 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
09:47:11.0752 4768 AmdK7 - ok
09:47:11.0781 4768 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
09:47:11.0787 4768 AmdK8 - ok
09:47:11.0837 4768 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
09:47:11.0840 4768 Appinfo - ok
09:47:11.0927 4768 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:47:12.0053 4768 Apple Mobile Device - ok
09:47:12.0105 4768 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
09:47:12.0116 4768 arc - ok
09:47:12.0154 4768 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
09:47:12.0167 4768 arcsas - ok
09:47:12.0200 4768 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
09:47:12.0203 4768 AsyncMac - ok
09:47:12.0224 4768 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
09:47:12.0225 4768 atapi - ok
09:47:12.0309 4768 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
09:47:12.0319 4768 AudioEndpointBuilder - ok
09:47:12.0325 4768 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
09:47:12.0328 4768 Audiosrv - ok
09:47:12.0516 4768 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
09:47:12.0681 4768 BBSvc - ok
09:47:12.0736 4768 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
09:47:12.0739 4768 Beep - ok
09:47:12.0769 4768 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
09:47:12.0773 4768 blbdrive - ok
09:47:12.0856 4768 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
09:47:12.0977 4768 Bonjour Service - ok
09:47:13.0046 4768 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
09:47:13.0134 4768 bowser - ok
09:47:13.0282 4768 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
09:47:13.0350 4768 BrFiltLo - ok
09:47:13.0413 4768 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
09:47:13.0467 4768 BrFiltUp - ok
09:47:14.0225 4768 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
09:47:14.0294 4768 Browser - ok
09:47:15.0056 4768 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
09:47:15.0080 4768 Brserid - ok
09:47:15.0353 4768 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
09:47:15.0403 4768 BrSerWdm - ok
09:47:15.0481 4768 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
09:47:15.0495 4768 BrUsbMdm - ok
09:47:15.0543 4768 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
09:47:15.0579 4768 BrUsbSer - ok
09:47:15.0775 4768 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
09:47:15.0791 4768 BTHMODEM - ok
09:47:15.0991 4768 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
09:47:15.0999 4768 cdfs - ok
09:47:16.0122 4768 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
09:47:16.0135 4768 cdrom - ok
09:47:16.0327 4768 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
09:47:16.0359 4768 CertPropSvc - ok
09:47:16.0475 4768 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
09:47:16.0483 4768 cfwids - ok
09:47:16.0653 4768 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
09:47:16.0690 4768 circlass - ok
09:47:17.0914 4768 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
09:47:18.0014 4768 CLFS - ok
09:47:18.0406 4768 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:47:18.0452 4768 clr_optimization_v2.0.50727_32 - ok
09:47:19.0666 4768 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:47:19.0680 4768 clr_optimization_v4.0.30319_32 - ok
09:47:19.0709 4768 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
09:47:19.0716 4768 cmdide - ok
09:47:19.0736 4768 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
09:47:19.0740 4768 Compbatt - ok
09:47:19.0761 4768 COMSysApp - ok
09:47:19.0785 4768 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
09:47:19.0791 4768 crcdisk - ok
09:47:19.0816 4768 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
09:47:19.0825 4768 Crusoe - ok
09:47:19.0873 4768 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
09:47:19.0882 4768 CryptSvc - ok
09:47:19.0984 4768 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
09:47:20.0024 4768 DcomLaunch - ok
09:47:20.0087 4768 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
09:47:20.0202 4768 DfsC - ok
09:47:20.0358 4768 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
09:47:20.0475 4768 DFSR - ok
09:47:20.0613 4768 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
09:47:20.0660 4768 Dhcp - ok
09:47:20.0729 4768 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
09:47:20.0739 4768 disk - ok
09:47:20.0764 4768 dlbu_device - ok
09:47:20.0853 4768 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
09:47:20.0951 4768 Dnscache - ok
09:47:21.0002 4768 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
09:47:21.0053 4768 dot3svc - ok
09:47:21.0085 4768 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
09:47:21.0092 4768 DPS - ok
09:47:21.0123 4768 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
09:47:21.0134 4768 drmkaud - ok
09:47:21.0192 4768 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
09:47:21.0216 4768 DXGKrnl - ok
09:47:21.0266 4768 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
09:47:21.0304 4768 e1express - ok
09:47:21.0369 4768 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
09:47:21.0382 4768 E1G60 - ok
09:47:21.0435 4768 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
09:47:21.0448 4768 EapHost - ok
09:47:21.0531 4768 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
09:47:21.0551 4768 Ecache - ok
09:47:21.0597 4768 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
09:47:21.0644 4768 elxstor - ok
09:47:21.0703 4768 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
09:47:21.0727 4768 EMDMgmt - ok
09:47:21.0752 4768 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
09:47:21.0756 4768 ErrDev - ok
09:47:21.0805 4768 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
09:47:21.0818 4768 EventSystem - ok
09:47:21.0860 4768 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
09:47:21.0910 4768 exfat - ok
09:47:21.0946 4768 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
09:47:22.0000 4768 fastfat - ok
09:47:22.0011 4768 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
09:47:22.0021 4768 fdc - ok
09:47:22.0101 4768 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
09:47:22.0109 4768 fdPHost - ok
09:47:22.0120 4768 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
09:47:22.0125 4768 FDResPub - ok
09:47:22.0154 4768 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
09:47:22.0159 4768 FileInfo - ok
09:47:22.0192 4768 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
09:47:22.0197 4768 Filetrace - ok
09:47:22.0214 4768 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:47:22.0221 4768 flpydisk - ok
09:47:22.0273 4768 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
09:47:22.0289 4768 FltMgr - ok
09:47:22.0459 4768 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
09:47:22.0508 4768 FontCache - ok
09:47:22.0613 4768 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:47:22.0623 4768 FontCache3.0.0.0 - ok
09:47:22.0656 4768 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
09:47:22.0743 4768 Fs_Rec - ok
09:47:22.0763 4768 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
09:47:22.0774 4768 gagp30kx - ok
09:47:22.0795 4768 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:47:22.0916 4768 GEARAspiWDM - ok
09:47:23.0011 4768 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:47:23.0014 4768 GoogleDesktopManager-051210-111108 - ok
09:47:23.0062 4768 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
09:47:23.0117 4768 gpsvc - ok
09:47:23.0175 4768 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:47:23.0199 4768 HDAudBus - ok
09:47:23.0224 4768 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
09:47:23.0232 4768 HidBth - ok
09:47:23.0253 4768 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
09:47:23.0261 4768 HidIr - ok
09:47:23.0293 4768 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
09:47:23.0299 4768 hidserv - ok
09:47:23.0327 4768 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
09:47:23.0337 4768 HidUsb - ok
09:47:23.0371 4768 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
09:47:23.0378 4768 hkmsvc - ok
09:47:23.0410 4768 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
09:47:23.0419 4768 HpCISSs - ok
09:47:23.0465 4768 HPSIService (ea75dcc2096a7fb0f3bf43aea1020467) C:\Windows\system32\HPSIsvc.exe
09:47:23.0629 4768 HPSIService - ok
09:47:23.0669 4768 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
09:47:23.0729 4768 HTTP - ok
09:47:23.0765 4768 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
09:47:23.0775 4768 i2omp - ok
09:47:23.0823 4768 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
09:47:23.0832 4768 i8042prt - ok
09:47:23.0880 4768 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
09:47:24.0052 4768 iaStor - ok
09:47:24.0095 4768 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
09:47:24.0120 4768 iaStorV - ok
09:47:24.0641 4768 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:47:24.0666 4768 idsvc - ok
09:47:24.0795 4768 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
09:47:25.0105 4768 igfx - ok
09:47:25.0250 4768 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
09:47:25.0260 4768 iirsp - ok
09:47:25.0334 4768 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
09:47:25.0571 4768 IKEEXT - ok
09:47:25.0737 4768 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
09:47:26.0169 4768 IntcAzAudAddService - ok
09:47:26.0225 4768 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
09:47:26.0231 4768 intelide - ok
09:47:26.0261 4768 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
09:47:26.0263 4768 intelppm - ok
09:47:26.0302 4768 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
09:47:26.0315 4768 IPBusEnum - ok
09:47:26.0348 4768 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:47:26.0355 4768 IpFilterDriver - ok
09:47:26.0361 4768 IpInIp - ok
09:47:26.0388 4768 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
09:47:26.0396 4768 IPMIDRV - ok
09:47:26.0428 4768 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
09:47:26.0438 4768 IPNAT - ok
09:47:26.0579 4768 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
09:47:26.0619 4768 iPod Service - ok
09:47:26.0648 4768 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
09:47:26.0658 4768 IRENUM - ok
09:47:26.0685 4768 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
09:47:26.0692 4768 isapnp - ok
09:47:26.0736 4768 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
09:47:26.0756 4768 iScsiPrt - ok
09:47:26.0782 4768 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
09:47:26.0792 4768 iteatapi - ok
09:47:26.0836 4768 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
09:47:26.0843 4768 iteraid - ok
09:47:26.0867 4768 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:47:26.0873 4768 kbdclass - ok
09:47:26.0952 4768 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
09:47:27.0063 4768 kbdhid - ok
09:47:27.0174 4768 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
09:47:27.0472 4768 KeyIso - ok
09:47:27.0608 4768 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
09:47:27.0786 4768 KSecDD - ok
09:47:27.0860 4768 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
09:47:27.0880 4768 KtmRm - ok
09:47:27.0924 4768 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
09:47:28.0034 4768 LanmanServer - ok
09:47:28.0080 4768 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
09:47:28.0102 4768 LanmanWorkstation - ok
09:47:28.0231 4768 LBTServ (3af6b73a3ad1fc37c5933441f66ceb91) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
09:47:28.0346 4768 LBTServ - ok
09:47:28.0440 4768 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:47:28.0531 4768 LHidFilt - ok
09:47:28.0571 4768 LKNUCMP (3551e061112d88caa52f7e90330a772e) C:\Windows\system32\DRIVERS\lknucmp.sys
09:47:28.0694 4768 LKNUCMP - ok
09:47:28.0737 4768 lknuhst (056837b70e190f3dcce1be3bb2901eb3) C:\Windows\system32\DRIVERS\lknuhst.sys
09:47:28.0824 4768 lknuhst - ok
09:47:28.0836 4768 LKNUHUB (5b800defebf61bf8b8eee2918143b654) C:\Windows\system32\DRIVERS\lknuhub.sys
09:47:28.0952 4768 LKNUHUB - ok
09:47:28.0999 4768 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
09:47:29.0008 4768 lltdio - ok
09:47:29.0045 4768 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
09:47:29.0096 4768 lltdsvc - ok
09:47:29.0116 4768 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
09:47:29.0128 4768 lmhosts - ok
09:47:29.0158 4768 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:47:29.0273 4768 LMouFilt - ok
09:47:29.0327 4768 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
09:47:29.0340 4768 LSI_FC - ok
09:47:29.0366 4768 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
09:47:29.0374 4768 LSI_SAS - ok
09:47:29.0392 4768 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
09:47:29.0407 4768 LSI_SCSI - ok
09:47:29.0435 4768 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
09:47:29.0445 4768 luafv - ok
09:47:29.0580 4768 McAfee SiteAdvisor Service (0455b5115f102e1aae62f2c8485bca2a) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
09:47:29.0949 4768 McAfee SiteAdvisor Service - ok
09:47:30.0110 4768 McAWFwk (3a346239cd2d75be7f54be7e28eb5e4f) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
09:47:30.0284 4768 McAWFwk - ok
09:47:30.0439 4768 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:47:30.0443 4768 McMPFSvc - ok
09:47:30.0474 4768 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:47:30.0477 4768 mcmscsvc - ok
09:47:30.0523 4768 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:47:30.0526 4768 McNaiAnn - ok
09:47:30.0535 4768 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:47:30.0538 4768 McNASvc - ok
09:47:30.0702 4768 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
09:47:30.0709 4768 McODS - ok
09:47:30.0716 4768 McOobeSv (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:47:30.0719 4768 McOobeSv - ok
09:47:30.0760 4768 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:47:30.0763 4768 McProxy - ok
09:47:30.0828 4768 McPvDrv (000751813ecef491689176e72b3a8bee) C:\Windows\system32\drivers\McPvDrv.sys
09:47:31.0104 4768 McPvDrv - ok
09:47:31.0188 4768 McShield (85db8ddd2d664716bb5b2d3405f9ef92) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:47:31.0191 4768 McShield - ok
09:47:31.0240 4768 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
09:47:31.0244 4768 megasas - ok
09:47:31.0304 4768 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
09:47:31.0332 4768 MegaSR - ok
09:47:31.0371 4768 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
09:47:31.0374 4768 mfeapfk - ok
09:47:31.0422 4768 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
09:47:31.0582 4768 mfeavfk - ok
09:47:31.0588 4768 mfeavfk01 - ok
09:47:31.0641 4768 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
09:47:31.0644 4768 mfebopk - ok
09:47:31.0709 4768 mfefire (183ab9dce971e029c50223765671839c) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:47:31.0856 4768 mfefire - ok
09:47:31.0900 4768 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
09:47:32.0137 4768 mfefirek - ok
09:47:32.0207 4768 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
09:47:32.0583 4768 mfehidk - ok
09:47:32.0605 4768 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
09:47:32.0699 4768 mfenlfk - ok
09:47:32.0756 4768 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
09:47:32.0759 4768 mferkdet - ok
09:47:32.0820 4768 mfevtp (2b8dfc60edddaa33eb5e9f7c91b48acd) C:\Windows\system32\mfevtps.exe
09:47:32.0958 4768 mfevtp - ok
09:47:32.0992 4768 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
09:47:33.0158 4768 mfewfpk - ok
09:47:33.0202 4768 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
09:47:33.0212 4768 MMCSS - ok
09:47:33.0250 4768 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
09:47:33.0259 4768 Modem - ok
09:47:33.0292 4768 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
09:47:33.0294 4768 monitor - ok
09:47:33.0333 4768 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
09:47:33.0338 4768 mouclass - ok
09:47:33.0385 4768 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
09:47:33.0394 4768 mouhid - ok
09:47:33.0405 4768 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
09:47:33.0410 4768 MountMgr - ok
09:47:33.0520 4768 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:47:33.0648 4768 MozillaMaintenance - ok
09:47:33.0677 4768 MPFP (4fc96dab9d75c1f544ba45ccbafcae7e) C:\Windows\system32\Drivers\Mpfp.sys
09:47:33.0889 4768 MPFP - ok
09:47:33.0982 4768 MpfService - ok
09:47:34.0014 4768 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
09:47:34.0021 4768 mpio - ok
09:47:34.0047 4768 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
09:47:34.0054 4768 mpsdrv - ok
09:47:34.0072 4768 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
09:47:34.0080 4768 Mraid35x - ok
09:47:34.0117 4768 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
09:47:34.0133 4768 MRxDAV - ok
09:47:34.0190 4768 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:47:34.0325 4768 mrxsmb - ok
09:47:34.0397 4768 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:47:34.0605 4768 mrxsmb10 - ok
09:47:34.0618 4768 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:47:34.0829 4768 mrxsmb20 - ok
09:47:34.0873 4768 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
09:47:34.0882 4768 msahci - ok
09:47:34.0901 4768 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
09:47:34.0916 4768 msdsm - ok
09:47:34.0961 4768 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
09:47:35.0018 4768 MSDTC - ok
09:47:35.0080 4768 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
09:47:35.0088 4768 Msfs - ok
09:47:35.0126 4768 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
09:47:35.0132 4768 msisadrv - ok
09:47:35.0219 4768 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
09:47:35.0241 4768 MSiSCSI - ok
09:47:35.0252 4768 msiserver - ok
09:47:35.0381 4768 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:47:35.0386 4768 MSK80Service - ok
09:47:35.0432 4768 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
09:47:35.0441 4768 MSKSSRV - ok
09:47:35.0471 4768 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
09:47:35.0474 4768 MSPCLOCK - ok
09:47:35.0522 4768 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
09:47:35.0528 4768 MSPQM - ok
09:47:35.0591 4768 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
09:47:35.0612 4768 MsRPC - ok
09:47:35.0635 4768 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
09:47:35.0637 4768 mssmbios - ok
09:47:35.0658 4768 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
09:47:35.0666 4768 MSTEE - ok
09:47:35.0719 4768 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
09:47:35.0726 4768 Mup - ok
09:47:35.0803 4768 mvusbews (1889385f1825c0782c5c179a0518d490) C:\Windows\system32\Drivers\mvusbews.sys
09:47:35.0928 4768 mvusbews - ok
09:47:35.0992 4768 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
09:47:36.0005 4768 napagent - ok
09:47:36.0042 4768 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
09:47:36.0056 4768 NativeWifiP - ok
09:47:36.0091 4768 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
09:47:36.0106 4768 NDIS - ok
09:47:36.0137 4768 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
09:47:36.0140 4768 NdisTapi - ok
09:47:36.0154 4768 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
09:47:36.0160 4768 Ndisuio - ok
09:47:36.0190 4768 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:47:36.0201 4768 NdisWan - ok
09:47:36.0262 4768 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
09:47:36.0267 4768 NDProxy - ok
09:47:36.0297 4768 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\Windows\system32\DRIVERS\netaapl.sys
09:47:36.0356 4768 Netaapl - ok
09:47:36.0394 4768 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
09:47:36.0400 4768 NetBIOS - ok
09:47:36.0473 4768 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
09:47:36.0515 4768 netbt - ok
09:47:36.0570 4768 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
09:47:36.0572 4768 Netlogon - ok
09:47:36.0607 4768 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
09:47:36.0636 4768 Netman - ok
09:47:36.0659 4768 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
09:47:36.0676 4768 netprofm - ok
09:47:36.0802 4768 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:47:36.0811 4768 NetTcpPortSharing - ok
09:47:36.0835 4768 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
09:47:36.0845 4768 nfrd960 - ok
09:47:36.0871 4768 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
09:47:36.0918 4768 NlaSvc - ok
09:47:36.0954 4768 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
09:47:36.0958 4768 Npfs - ok
09:47:36.0980 4768 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
09:47:36.0992 4768 nsi - ok
09:47:37.0001 4768 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
09:47:37.0006 4768 nsiproxy - ok
09:47:37.0364 4768 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
09:47:37.0398 4768 Ntfs - ok
09:47:37.0435 4768 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
09:47:37.0443 4768 ntrigdigi - ok
09:47:37.0464 4768 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
09:47:37.0472 4768 Null - ok
09:47:37.0505 4768 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
09:47:37.0519 4768 nvraid - ok
09:47:37.0542 4768 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
09:47:37.0551 4768 nvstor - ok
09:47:37.0583 4768 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
09:47:37.0595 4768 nv_agp - ok
09:47:37.0601 4768 NwlnkFlt - ok
09:47:37.0613 4768 NwlnkFwd - ok
09:47:37.0648 4768 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
09:47:37.0655 4768 ohci1394 - ok
09:47:37.0758 4768 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
09:47:37.0889 4768 p2pimsvc - ok
09:47:37.0904 4768 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
09:47:37.0914 4768 p2psvc - ok
09:47:37.0945 4768 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
09:47:37.0951 4768 Parport - ok
09:47:37.0982 4768 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
09:47:38.0209 4768 partmgr - ok
09:47:38.0259 4768 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
09:47:38.0265 4768 Parvdm - ok
09:47:38.0347 4768 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
09:47:38.0354 4768 PcaSvc - ok
09:47:38.0425 4768 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
09:47:38.0433 4768 pci - ok
09:47:38.0520 4768 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
09:47:38.0525 4768 pciide - ok
09:47:38.0780 4768 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
09:47:38.0823 4768 pcmcia - ok
09:47:38.0937 4768 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
09:47:38.0995 4768 PEAUTH - ok
09:47:39.0242 4768 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
09:47:39.0413 4768 pla - ok
09:47:39.0986 4768 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
09:47:40.0007 4768 PlugPlay - ok
09:47:40.0064 4768 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
09:47:40.0074 4768 PNRPAutoReg - ok
09:47:40.0087 4768 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
09:47:40.0097 4768 PNRPsvc - ok
09:47:40.0177 4768 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
09:47:40.0204 4768 PolicyAgent - ok
09:47:40.0269 4768 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
09:47:40.0280 4768 PptpMiniport - ok
09:47:40.0325 4768 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
09:47:40.0333 4768 Processor - ok
09:47:40.0422 4768 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
09:47:40.0470 4768 ProfSvc - ok
09:47:40.0539 4768 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
09:47:40.0543 4768 ProtectedStorage - ok
09:47:40.0566 4768 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
09:47:40.0569 4768 PSched - ok
09:47:40.0601 4768 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
09:47:40.0766 4768 PxHelp20 - ok
09:47:40.0875 4768 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
09:47:40.0940 4768 ql2300 - ok
09:47:40.0973 4768 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
09:47:40.0983 4768 ql40xx - ok
09:47:41.0031 4768 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
09:47:41.0054 4768 QWAVE - ok
09:47:41.0073 4768 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
09:47:41.0082 4768 QWAVEdrv - ok
09:47:41.0219 4768 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
09:47:41.0346 4768 R300 - ok
09:47:41.0534 4768 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
09:47:41.0542 4768 RasAcd - ok
09:47:41.0566 4768 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
09:47:41.0619 4768 RasAuto - ok
09:47:41.0662 4768 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:47:41.0674 4768 Rasl2tp - ok
09:47:41.0751 4768 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
09:47:41.0770 4768 RasMan - ok
09:47:41.0788 4768 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
09:47:41.0799 4768 RasPppoe - ok
09:47:41.0822 4768 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
09:47:41.0834 4768 RasSstp - ok
09:47:41.0868 4768 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
09:47:41.0889 4768 rdbss - ok
09:47:41.0896 4768 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:47:41.0901 4768 RDPCDD - ok
09:47:41.0940 4768 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
09:47:41.0983 4768 rdpdr - ok
09:47:41.0989 4768 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
09:47:42.0001 4768 RDPENCDD - ok
09:47:42.0040 4768 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
09:47:42.0289 4768 RDPWD - ok
09:47:42.0330 4768 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
09:47:42.0339 4768 RemoteAccess - ok
09:47:42.0413 4768 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
09:47:42.0424 4768 RemoteRegistry - ok
09:47:42.0454 4768 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
09:47:42.0585 4768 RimUsb - ok
09:47:42.0644 4768 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
09:47:42.0655 4768 RpcLocator - ok
09:47:42.0706 4768 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
09:47:42.0715 4768 RpcSs - ok
09:47:42.0745 4768 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
09:47:42.0756 4768 rspndr - ok
09:47:42.0813 4768 RTL8187 (9a2de9aa2e270c4d73bdcf3a545271a9) C:\Windows\system32\DRIVERS\RTL8187.sys
09:47:42.0948 4768 RTL8187 - ok
09:47:42.0994 4768 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
09:47:42.0997 4768 SamSs - ok
09:47:43.0019 4768 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
09:47:43.0030 4768 sbp2port - ok
09:47:43.0070 4768 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
09:47:43.0115 4768 SCardSvr - ok
09:47:43.0166 4768 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
09:47:43.0191 4768 Schedule - ok
09:47:43.0223 4768 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
09:47:43.0225 4768 SCPolicySvc - ok
09:47:43.0261 4768 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
09:47:43.0278 4768 SDRSVC - ok
09:47:43.0456 4768 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
09:47:43.0609 4768 SeaPort - ok
09:47:43.0633 4768 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:47:43.0638 4768 secdrv - ok
09:47:43.0664 4768 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
09:47:43.0676 4768 seclogon - ok
09:47:43.0743 4768 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
09:47:43.0748 4768 SENS - ok
09:47:43.0778 4768 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
09:47:43.0785 4768 Serenum - ok
09:47:43.0819 4768 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
09:47:43.0830 4768 Serial - ok
09:47:43.0862 4768 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
09:47:43.0867 4768 sermouse - ok
09:47:43.0920 4768 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
09:47:43.0927 4768 SessionEnv - ok
09:47:43.0960 4768 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
09:47:43.0964 4768 sffdisk - ok
09:47:43.0978 4768 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
09:47:43.0983 4768 sffp_mmc - ok
09:47:43.0994 4768 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
09:47:44.0001 4768 sffp_sd - ok
09:47:44.0019 4768 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
09:47:44.0028 4768 sfloppy - ok
09:47:44.0068 4768 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
09:47:44.0082 4768 ShellHWDetection - ok
09:47:44.0111 4768 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
09:47:44.0116 4768 sisagp - ok
09:47:44.0129 4768 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
09:47:44.0141 4768 SiSRaid2 - ok
09:47:44.0157 4768 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
09:47:44.0163 4768 SiSRaid4 - ok
09:47:44.0332 4768 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
09:47:44.0690 4768 slsvc - ok
09:47:45.0678 4768 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
09:47:45.0722 4768 SLUINotify - ok
09:47:45.0780 4768 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
09:47:45.0787 4768 Smb - ok
09:47:45.0869 4768 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
09:47:45.0879 4768 SNMPTRAP - ok
09:47:45.0908 4768 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
09:47:45.0916 4768 spldr - ok
09:47:45.0951 4768 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
09:47:46.0050 4768 Spooler - ok
09:47:46.0121 4768 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
09:47:46.0402 4768 srv - ok
09:47:46.0573 4768 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
09:47:46.0798 4768 srv2 - ok
09:47:46.0849 4768 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
09:47:46.0980 4768 srvnet - ok
09:47:47.0019 4768 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
09:47:47.0045 4768 SSDPSRV - ok
09:47:47.0208 4768 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
09:47:47.0215 4768 SstpSvc - ok
09:47:47.0259 4768 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
09:47:47.0284 4768 stisvc - ok
09:47:47.0361 4768 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:47:47.0499 4768 stllssvr - ok
09:47:47.0533 4768 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
09:47:47.0537 4768 swenum - ok
09:47:47.0575 4768 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
09:47:47.0601 4768 swprv - ok
09:47:47.0637 4768 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
09:47:47.0643 4768 Symc8xx - ok
09:47:47.0689 4768 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
09:47:47.0693 4768 Sym_hi - ok
09:47:47.0709 4768 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
09:47:47.0714 4768 Sym_u3 - ok
09:47:47.0768 4768 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
09:47:47.0790 4768 SysMain - ok
09:47:47.0815 4768 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
09:47:47.0825 4768 TabletInputService - ok
09:47:47.0856 4768 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
09:47:47.0870 4768 TapiSrv - ok
09:47:47.0880 4768 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
09:47:47.0884 4768 TBS - ok
09:47:47.0941 4768 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
09:47:48.0119 4768 Tcpip - ok
09:47:48.0138 4768 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
09:47:48.0149 4768 Tcpip6 - ok
09:47:48.0192 4768 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
09:47:48.0200 4768 tcpipreg - ok
09:47:48.0233 4768 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
09:47:48.0241 4768 TDPIPE - ok
09:47:48.0260 4768 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
09:47:48.0269 4768 TDTCP - ok
09:47:48.0308 4768 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
09:47:48.0320 4768 tdx - ok
09:47:48.0357 4768 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
09:47:48.0367 4768 TermDD - ok
09:47:48.0418 4768 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
09:47:48.0447 4768 TermService - ok
09:47:48.0485 4768 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
09:47:48.0500 4768 Themes - ok
09:47:49.0124 4768 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
09:47:49.0184 4768 THREADORDER - ok
09:47:49.0371 4768 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
09:47:49.0386 4768 TrkWks - ok
09:47:49.0438 4768 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
09:47:49.0444 4768 TrustedInstaller - ok
09:47:49.0559 4768 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:47:49.0568 4768 tssecsrv - ok
09:47:49.0652 4768 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
09:47:49.0659 4768 tunmp - ok
09:47:49.0710 4768 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
09:47:49.0720 4768 tunnel - ok
09:47:49.0799 4768 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
09:47:49.0807 4768 uagp35 - ok
09:47:49.0923 4768 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
09:47:49.0972 4768 udfs - ok
09:47:50.0042 4768 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
09:47:50.0053 4768 UI0Detect - ok
09:47:50.0121 4768 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
09:47:50.0127 4768 uliagpkx - ok
09:47:50.0211 4768 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
09:47:50.0255 4768 uliahci - ok
09:47:50.0324 4768 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
09:47:50.0337 4768 UlSata - ok
09:47:50.0365 4768 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
09:47:50.0376 4768 ulsata2 - ok
09:47:50.0404 4768 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
09:47:50.0413 4768 umbus - ok
09:47:50.0442 4768 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
09:47:50.0472 4768 upnphost - ok
09:47:50.0540 4768 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
09:47:50.0776 4768 USBAAPL - ok
09:47:50.0880 4768 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
09:47:50.0890 4768 usbccgp - ok
09:47:50.0920 4768 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
09:47:50.0930 4768 usbcir - ok
09:47:50.0958 4768 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
09:47:50.0965 4768 usbehci - ok
09:47:51.0001 4768 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
09:47:51.0044 4768 usbhub - ok
09:47:51.0064 4768 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
09:47:51.0069 4768 usbohci - ok
09:47:51.0102 4768 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
09:47:51.0113 4768 usbprint - ok
09:47:51.0158 4768 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
09:47:51.0165 4768 usbscan - ok
09:47:51.0184 4768 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:47:51.0191 4768 USBSTOR - ok
09:47:51.0215 4768 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
09:47:51.0223 4768 usbuhci - ok
09:47:51.0260 4768 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
09:47:51.0268 4768 UxSms - ok
09:47:51.0350 4768 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
09:47:51.0371 4768 vds - ok
09:47:51.0411 4768 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
09:47:51.0419 4768 vga - ok
09:47:51.0459 4768 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
09:47:51.0469 4768 VgaSave - ok
09:47:51.0515 4768 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
09:47:51.0776 4768 viaagp - ok
09:47:51.0813 4768 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
09:47:51.0818 4768 ViaC7 - ok
09:47:51.0849 4768 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
09:47:51.0854 4768 viaide - ok
09:47:51.0878 4768 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
09:47:51.0884 4768 volmgr - ok
09:47:51.0922 4768 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
09:47:51.0939 4768 volmgrx - ok
09:47:52.0093 4768 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
09:47:52.0131 4768 volsnap - ok
09:47:52.0167 4768 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
09:47:52.0177 4768 vsmraid - ok
09:47:52.0250 4768 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
09:47:52.0307 4768 VSS - ok
09:47:52.0396 4768 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
09:47:52.0421 4768 W32Time - ok
09:47:52.0485 4768 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
09:47:52.0489 4768 WacomPen - ok
09:47:52.0527 4768 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:47:52.0542 4768 Wanarp - ok
09:47:52.0551 4768 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:47:52.0562 4768 Wanarpv6 - ok
09:47:52.0760 4768 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
09:47:52.0944 4768 wcncsvc - ok
09:47:52.0971 4768 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
09:47:52.0992 4768 WcsPlugInService - ok
09:47:53.0014 4768 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
09:47:53.0018 4768 Wd - ok
09:47:53.0071 4768 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:47:53.0117 4768 Wdf01000 - ok
09:47:53.0253 4768 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
09:47:53.0259 4768 WdiServiceHost - ok
09:47:53.0265 4768 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
09:47:53.0271 4768 WdiSystemHost - ok
09:47:53.0322 4768 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
09:47:53.0351 4768 WebClient - ok
09:47:53.0394 4768 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
09:47:53.0488 4768 Wecsvc - ok
09:47:53.0510 4768 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
09:47:53.0516 4768 wercplsupport - ok
09:47:53.0544 4768 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
09:47:53.0561 4768 WerSvc - ok
09:47:53.0574 4768 WinHttpAutoProxySvc - ok
09:47:53.0622 4768 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
09:47:53.0641 4768 Winmgmt - ok
09:47:53.0716 4768 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
09:47:53.0832 4768 WinRM - ok
09:47:53.0889 4768 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
09:47:53.0926 4768 Wlansvc - ok
09:47:54.0180 4768 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:47:54.0334 4768 wlidsvc - ok
09:47:54.0462 4768 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
09:47:54.0471 4768 WmiAcpi - ok
09:47:54.0544 4768 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
09:47:54.0556 4768 wmiApSrv - ok
09:47:54.0687 4768 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:47:54.0717 4768 WMPNetworkSvc - ok
09:47:54.0746 4768 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
09:47:54.0762 4768 WPCSvc - ok
09:47:54.0788 4768 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
09:47:54.0811 4768 WPDBusEnum - ok
09:47:54.0874 4768 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
09:47:54.0879 4768 WpdUsb - ok
09:47:55.0057 4768 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:47:55.0247 4768 WPFFontCache_v0400 - ok
09:47:55.0273 4768 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
09:47:55.0278 4768 ws2ifsl - ok
09:47:55.0294 4768 WSearch - ok
09:47:55.0543 4768 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:47:55.0581 4768 WUDFRd - ok
09:47:55.0611 4768 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
09:47:55.0624 4768 wudfsvc - ok
09:47:55.0655 4768 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:47:56.0217 4768 \Device\Harddisk0\DR0 - ok
09:47:56.0251 4768 Boot (0x1200) (4c9ecd6d3e60451aa952e77ae58ff5eb) \Device\Harddisk0\DR0\Partition0
09:47:56.0252 4768 \Device\Harddisk0\DR0\Partition0 - ok
09:47:56.0258 4768 Boot (0x1200) (95691e9622cba4b0406c917a317a7bd3) \Device\Harddisk0\DR0\Partition1
09:47:56.0260 4768 \Device\Harddisk0\DR0\Partition1 - ok
09:47:56.0262 4768 ============================================================
09:47:56.0262 4768 Scan finished
09:47:56.0262 4768 ============================================================
09:47:56.0287 1092 Detected object count: 0
09:47:56.0287 1092 Actual detected object count: 0


aswmbr

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 09:55:49
-----------------------------
09:55:49.989 OS Version: Windows 6.0.6002 Service Pack 2
09:55:49.989 Number of processors: 2 586 0xF0D
09:55:49.990 ComputerName: ROSESIX UserName: Henry
09:56:29.951 Initialize success
10:05:04.840 AVAST engine defs: 12073000
10:08:05.019 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:08:05.022 Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
10:08:05.060 Disk 0 MBR read successfully
10:08:05.064 Disk 0 MBR scan
10:08:05.072 Disk 0 Windows VISTA default MBR code
10:08:05.076 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
10:08:05.089 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
10:08:05.112 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 65997 MB offset 21084160
10:08:05.123 Disk 0 scanning sectors +156246016
10:08:05.201 Disk 0 scanning C:\Windows\system32\drivers
10:08:21.408 Service scanning
10:09:29.354 Modules scanning
10:09:52.680 Disk 0 trace - called modules:
10:09:53.081 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
10:09:53.089 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8521f0b8]
10:09:53.097 3 CLASSPNP.SYS[87e078b3] -> nt!IofCallDriver -> [0x84bf5918]
10:09:53.106 5 acpi.sys[806906bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x842638a0]
10:09:55.016 AVAST engine scan C:\Windows
10:10:06.698 AVAST engine scan C:\Windows\system32
10:19:53.621 AVAST engine scan C:\Windows\system32\drivers
10:20:21.725 AVAST engine scan C:\Users\Henry
10:35:18.068 Disk 0 MBR has been saved successfully to "C:\Users\Henry\Desktop\MBR.dat"
10:35:18.091 The log file has been saved successfully to "C:\Users\Henry\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 09:55:49
-----------------------------
09:55:49.989 OS Version: Windows 6.0.6002 Service Pack 2
09:55:49.989 Number of processors: 2 586 0xF0D
09:55:49.990 ComputerName: ROSESIX UserName: Henry
09:56:29.951 Initialize success
10:05:04.840 AVAST engine defs: 12073000
10:08:05.019 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:08:05.022 Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
10:08:05.060 Disk 0 MBR read successfully
10:08:05.064 Disk 0 MBR scan
10:08:05.072 Disk 0 Windows VISTA default MBR code
10:08:05.076 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
10:08:05.089 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
10:08:05.112 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 65997 MB offset 21084160
10:08:05.123 Disk 0 scanning sectors +156246016
10:08:05.201 Disk 0 scanning C:\Windows\system32\drivers
10:08:21.408 Service scanning
10:09:29.354 Modules scanning
10:09:52.680 Disk 0 trace - called modules:
10:09:53.081 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
10:09:53.089 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8521f0b8]
10:09:53.097 3 CLASSPNP.SYS[87e078b3] -> nt!IofCallDriver -> [0x84bf5918]
10:09:53.106 5 acpi.sys[806906bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x842638a0]
10:09:55.016 AVAST engine scan C:\Windows
10:10:06.698 AVAST engine scan C:\Windows\system32
10:19:53.621 AVAST engine scan C:\Windows\system32\drivers
10:20:21.725 AVAST engine scan C:\Users\Henry
10:35:18.068 Disk 0 MBR has been saved successfully to "C:\Users\Henry\Desktop\MBR.dat"
10:35:18.091 The log file has been saved successfully to "C:\Users\Henry\Desktop\aswMBR.txt"
10:36:26.802 Disk 0 MBR has been saved successfully to "C:\Users\Henry\Desktop\MBR.dat"
10:36:26.821 The log file has been saved successfully to "C:\Users\Henry\Desktop\aswMBR.txt"


ESET FOUND

C:\Users\Henry\AppData\Local\Temp\plugtmp-2\plugin-lib.pdf PDF/Exploit.Gen trojan cleaned by deleting - quarantined
C:\Users\Henry\AppData\Local\{8d7a8756-435a-a547-fbbc-896a164b1661}\n Win32/Sirefef.EV trojan cleaned by deleting (after the next restart) - quarantined
C:\Windows\System32\services.tmp Win32/Sirefef.FB.Gen trojan deleted (after the next restart) - quarantined
Operating memory Win32/Sirefef.EV trojan

#4 miaminick1

miaminick1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 30 July 2012 - 03:30 PM

Note: On ESET.... 4 infected objects found.... 3 objects cleaned. (Im guessing the last one wasnt cleaned)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 30 July 2012 - 07:42 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{8d7a8756-435a-a547-fbbc-896a164b1661}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 miaminick1

miaminick1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 02 August 2012 - 08:57 AM

Well.... now this issue has gotten worse:

I completed systemlook and completed round one of MBAM - However, upon being prompted to restart after the MBAM scan (which, by the way... seemed like a fishy prompt. Never have I seen the words "URGENT: Must restart now etc etc" from that program).

Anyways, after restart... I lost access to ALL OF MY PROGRAMS. No network. No folders. Nothing. I keep getting "The specified service does not exist as an installed service." :(

This is the same thing that is happening to me : http://answers.microsoft.com/en-us/windows/forum/windows_vista-system/the-specified-service-does-not-exist-as-an/3cb5a667-b9d8-4666-a0df-47154668d339

I can access the PC in safe mode. (Currently posting from another PC)

#7 miaminick1

miaminick1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 02 August 2012 - 09:13 AM

***Note: I performed a "WINDOWS/SYSTEM32/SCANNOW" at the recommendation of some random posts and it said that "Windows Resource Protection has found some correct files but is unable to fix them. Details are includes in the CBS.log in windir\Logs\CBS\CBS.log"

Will await further instruction

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 02 August 2012 - 09:32 AM

Please post the system look log alone




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users