Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Patched_c.LXT in system32


  • This topic is locked This topic is locked
6 replies to this topic

#1 seabro

seabro

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 31 July 2012 - 01:57 PM

Hi,

An hour ago AVG reported a threat:

Trojan horse Patched_c.LXT

So I ran a full AVG scan, which found only the one (same) threat:

Trojan horse Patched_c.LXT
C:\Windows\System32\services.exe
Result: Object is white-listed (critical/system file that should not be removed)

AVG does not want to get rid of it, so what should I do next?


Help would be very much appreciated!
-Sean

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 31 July 2012 - 02:07 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 seabro

seabro
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 31 July 2012 - 05:49 PM

Thank you for your quick reply! The scans themselves took some time, but here are the results:

21:12:11.0201 20472 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:12:11.0544 20472 ============================================================
21:12:11.0544 20472 Current date / time: 2012/07/31 21:12:11.0544
21:12:11.0544 20472 SystemInfo:
21:12:11.0544 20472
21:12:11.0544 20472 OS Version: 6.1.7600 ServicePack: 0.0
21:12:11.0544 20472 Product type: Workstation
21:12:11.0545 20472 ComputerName: COMPTER
21:12:11.0545 20472 UserName: Sean
21:12:11.0545 20472 Windows directory: C:\Windows
21:12:11.0545 20472 System windows directory: C:\Windows
21:12:11.0545 20472 Running under WOW64
21:12:11.0545 20472 Processor architecture: Intel x64
21:12:11.0545 20472 Number of processors: 4
21:12:11.0545 20472 Page size: 0x1000
21:12:11.0545 20472 Boot type: Normal boot
21:12:11.0545 20472 ============================================================
21:12:12.0455 20472 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:12.0468 20472 ============================================================
21:12:12.0468 20472 \Device\Harddisk0\DR0:
21:12:12.0468 20472 MBR partitions:
21:12:12.0468 20472 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:12:12.0469 20472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x378EA000
21:12:12.0469 20472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3794E000, BlocksNum 0x2A04000
21:12:12.0469 20472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
21:12:12.0469 20472 ============================================================
21:12:12.0497 20472 C: <-> \Device\Harddisk0\DR0\Partition1
21:12:12.0542 20472 D: <-> \Device\Harddisk0\DR0\Partition2
21:12:12.0554 20472 E: <-> \Device\Harddisk0\DR0\Partition3
21:12:12.0554 20472 ============================================================
21:12:12.0554 20472 Initialize success
21:12:12.0554 20472 ============================================================
21:12:38.0757 16208 ============================================================
21:12:38.0757 16208 Scan started
21:12:38.0757 16208 Mode: Manual; TDLFS;
21:12:38.0757 16208 ============================================================
21:12:40.0659 16208 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
21:12:40.0680 16208 1394ohci - ok
21:12:40.0711 16208 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:12:40.0713 16208 Accelerometer - ok
21:12:40.0769 16208 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
21:12:40.0783 16208 ACPI - ok
21:12:40.0870 16208 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
21:12:40.0886 16208 AcpiPmi - ok
21:12:40.0982 16208 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:12:40.0985 16208 AdobeARMservice - ok
21:12:41.0050 16208 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:12:41.0068 16208 adp94xx - ok
21:12:41.0131 16208 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:12:41.0149 16208 adpahci - ok
21:12:41.0203 16208 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:12:41.0227 16208 adpu320 - ok
21:12:41.0262 16208 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:12:41.0265 16208 AeLookupSvc - ok
21:12:41.0358 16208 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
21:12:41.0362 16208 AESTFilters - ok
21:12:41.0440 16208 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
21:12:41.0450 16208 AFD - ok
21:12:41.0496 16208 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
21:12:41.0500 16208 agp440 - ok
21:12:41.0527 16208 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:12:41.0537 16208 ALG - ok
21:12:41.0573 16208 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
21:12:41.0576 16208 aliide - ok
21:12:41.0591 16208 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
21:12:41.0595 16208 amdide - ok
21:12:41.0620 16208 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:12:41.0624 16208 AmdK8 - ok
21:12:41.0646 16208 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:12:41.0648 16208 AmdPPM - ok
21:12:41.0683 16208 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:12:41.0697 16208 amdsata - ok
21:12:41.0729 16208 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:12:41.0752 16208 amdsbs - ok
21:12:41.0769 16208 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:12:41.0773 16208 amdxata - ok
21:12:41.0805 16208 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:12:41.0809 16208 AppID - ok
21:12:41.0832 16208 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:12:41.0835 16208 AppIDSvc - ok
21:12:41.0850 16208 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
21:12:41.0854 16208 Appinfo - ok
21:12:41.0930 16208 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:12:41.0934 16208 Apple Mobile Device - ok
21:12:41.0978 16208 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:12:41.0982 16208 arc - ok
21:12:42.0010 16208 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:12:42.0014 16208 arcsas - ok
21:12:42.0069 16208 aspnet_state - ok
21:12:42.0101 16208 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:12:42.0106 16208 AsyncMac - ok
21:12:42.0136 16208 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
21:12:42.0139 16208 atapi - ok
21:12:42.0210 16208 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
21:12:42.0243 16208 AudioEndpointBuilder - ok
21:12:42.0263 16208 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
21:12:42.0272 16208 AudioSrv - ok
21:12:42.0621 16208 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
21:12:42.0738 16208 AVGIDSAgent - ok
21:12:42.0851 16208 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:12:42.0863 16208 AVGIDSDriver - ok
21:12:42.0887 16208 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
21:12:42.0890 16208 AVGIDSFilter - ok
21:12:42.0921 16208 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
21:12:42.0924 16208 AVGIDSHA - ok
21:12:42.0983 16208 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
21:12:43.0000 16208 Avgldx64 - ok
21:12:43.0041 16208 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
21:12:43.0044 16208 Avgmfx64 - ok
21:12:43.0064 16208 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
21:12:43.0066 16208 Avgrkx64 - ok
21:12:43.0125 16208 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
21:12:43.0137 16208 Avgtdia - ok
21:12:43.0204 16208 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
21:12:43.0217 16208 avgwd - ok
21:12:43.0254 16208 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
21:12:43.0263 16208 AxInstSV - ok
21:12:43.0321 16208 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:12:43.0343 16208 b06bdrv - ok
21:12:43.0399 16208 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:12:43.0415 16208 b57nd60a - ok
21:12:43.0451 16208 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:12:43.0460 16208 BDESVC - ok
21:12:43.0473 16208 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:12:43.0476 16208 Beep - ok
21:12:43.0562 16208 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
21:12:43.0580 16208 BFE - ok
21:12:43.0641 16208 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:12:43.0656 16208 blbdrive - ok
21:12:43.0765 16208 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:12:43.0791 16208 Bonjour Service - ok
21:12:43.0850 16208 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:12:43.0854 16208 bowser - ok
21:12:43.0889 16208 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:12:43.0892 16208 BrFiltLo - ok
21:12:43.0905 16208 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:12:43.0908 16208 BrFiltUp - ok
21:12:43.0935 16208 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
21:12:43.0939 16208 Browser - ok
21:12:43.0976 16208 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:12:43.0992 16208 Brserid - ok
21:12:44.0009 16208 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:12:44.0012 16208 BrSerWdm - ok
21:12:44.0032 16208 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:12:44.0035 16208 BrUsbMdm - ok
21:12:44.0043 16208 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:12:44.0045 16208 BrUsbSer - ok
21:12:44.0073 16208 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:12:44.0077 16208 BTHMODEM - ok
21:12:44.0115 16208 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:12:44.0118 16208 bthserv - ok
21:12:44.0145 16208 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:12:44.0149 16208 cdfs - ok
21:12:44.0190 16208 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
21:12:44.0197 16208 cdrom - ok
21:12:44.0226 16208 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
21:12:44.0229 16208 CertPropSvc - ok
21:12:44.0254 16208 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:12:44.0256 16208 circlass - ok
21:12:44.0295 16208 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:12:44.0325 16208 CLFS - ok
21:12:44.0391 16208 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:12:44.0395 16208 clr_optimization_v2.0.50727_32 - ok
21:12:44.0450 16208 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:12:44.0460 16208 clr_optimization_v2.0.50727_64 - ok
21:12:44.0571 16208 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:12:44.0579 16208 clr_optimization_v4.0.30319_32 - ok
21:12:44.0620 16208 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:12:44.0627 16208 clr_optimization_v4.0.30319_64 - ok
21:12:44.0664 16208 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:12:44.0667 16208 CmBatt - ok
21:12:44.0682 16208 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
21:12:44.0684 16208 cmdide - ok
21:12:44.0738 16208 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
21:12:44.0761 16208 CNG - ok
21:12:44.0802 16208 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:12:44.0804 16208 Compbatt - ok
21:12:44.0834 16208 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:12:44.0838 16208 CompositeBus - ok
21:12:44.0850 16208 COMSysApp - ok
21:12:45.0015 16208 CoordinatorServiceHost (3236c22802d036f7216b9dedf8c7895f) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
21:12:45.0026 16208 CoordinatorServiceHost - ok
21:12:45.0072 16208 cpuz134 - ok
21:12:45.0094 16208 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:12:45.0106 16208 crcdisk - ok
21:12:45.0147 16208 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
21:12:45.0183 16208 CryptSvc - ok
21:12:45.0257 16208 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
21:12:45.0292 16208 DcomLaunch - ok
21:12:45.0367 16208 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:12:45.0390 16208 defragsvc - ok
21:12:45.0439 16208 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:12:45.0450 16208 DfsC - ok
21:12:45.0517 16208 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
21:12:45.0543 16208 Dhcp - ok
21:12:45.0588 16208 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:12:45.0590 16208 discache - ok
21:12:45.0614 16208 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:12:45.0621 16208 Disk - ok
21:12:45.0657 16208 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
21:12:45.0665 16208 Dnscache - ok
21:12:45.0715 16208 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
21:12:45.0744 16208 dot3svc - ok
21:12:45.0797 16208 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
21:12:45.0828 16208 DPS - ok
21:12:45.0852 16208 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:12:45.0854 16208 drmkaud - ok
21:12:45.0874 16208 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
21:12:45.0904 16208 DVMIO - ok
21:12:45.0994 16208 DvmMDES (291a3dee24999ee4618ed0c7a9a8db7a) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
21:12:46.0139 16208 DvmMDES - ok
21:12:46.0238 16208 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:12:46.0280 16208 DXGKrnl - ok
21:12:46.0310 16208 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:12:46.0320 16208 EapHost - ok
21:12:46.0533 16208 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:12:46.0609 16208 ebdrv - ok
21:12:46.0708 16208 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
21:12:46.0713 16208 EFS - ok
21:12:46.0805 16208 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
21:12:46.0821 16208 ehRecvr - ok
21:12:46.0848 16208 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:12:46.0858 16208 ehSched - ok
21:12:46.0923 16208 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:12:46.0945 16208 elxstor - ok
21:12:46.0975 16208 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
21:12:46.0978 16208 ErrDev - ok
21:12:47.0041 16208 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:12:47.0053 16208 EventSystem - ok
21:12:47.0273 16208 EvtEng (1db6bec3d57c289f0107d7a34d5ef8f9) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:12:47.0307 16208 EvtEng - ok
21:12:47.0437 16208 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:12:47.0452 16208 exfat - ok
21:12:47.0480 16208 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:12:47.0494 16208 fastfat - ok
21:12:47.0564 16208 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
21:12:47.0584 16208 Fax - ok
21:12:47.0602 16208 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:12:47.0606 16208 fdc - ok
21:12:47.0625 16208 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:12:47.0630 16208 fdPHost - ok
21:12:47.0648 16208 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:12:47.0651 16208 FDResPub - ok
21:12:47.0667 16208 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:12:47.0671 16208 FileInfo - ok
21:12:47.0685 16208 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:12:47.0688 16208 Filetrace - ok
21:12:47.0815 16208 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:12:47.0863 16208 FLEXnet Licensing Service - ok
21:12:48.0023 16208 FLEXnet Licensing Service 64 (f1a9c61436e12a637a647870dd6d9eef) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
21:12:48.0056 16208 FLEXnet Licensing Service 64 - ok
21:12:48.0151 16208 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:12:48.0154 16208 flpydisk - ok
21:12:48.0200 16208 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:12:48.0210 16208 FltMgr - ok
21:12:48.0333 16208 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
21:12:48.0389 16208 FontCache - ok
21:12:48.0447 16208 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:12:48.0465 16208 FontCache3.0.0.0 - ok
21:12:48.0496 16208 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:12:48.0499 16208 FsDepends - ok
21:12:48.0533 16208 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
21:12:48.0536 16208 Fs_Rec - ok
21:12:48.0573 16208 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:12:48.0578 16208 fvevol - ok
21:12:48.0593 16208 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:12:48.0597 16208 gagp30kx - ok
21:12:48.0627 16208 GameConsoleService - ok
21:12:48.0668 16208 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:12:48.0671 16208 GEARAspiWDM - ok
21:12:48.0745 16208 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
21:12:48.0765 16208 gpsvc - ok
21:12:48.0835 16208 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:12:48.0839 16208 gupdate - ok
21:12:48.0865 16208 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:12:48.0868 16208 gupdatem - ok
21:12:48.0917 16208 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:12:48.0920 16208 hamachi - ok
21:12:48.0972 16208 hcmon (ea5935fa5f07a18268bd5f2715242df4) C:\Windows\system32\drivers\hcmon.sys
21:12:48.0986 16208 hcmon - ok
21:12:49.0012 16208 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:12:49.0014 16208 hcw85cir - ok
21:12:49.0055 16208 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:12:49.0069 16208 HdAudAddService - ok
21:12:49.0101 16208 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:12:49.0110 16208 HDAudBus - ok
21:12:49.0148 16208 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:12:49.0151 16208 HECIx64 - ok
21:12:49.0166 16208 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:12:49.0172 16208 HidBatt - ok
21:12:49.0205 16208 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:12:49.0209 16208 HidBth - ok
21:12:49.0254 16208 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:12:49.0257 16208 HidIr - ok
21:12:49.0291 16208 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:12:49.0294 16208 hidserv - ok
21:12:49.0314 16208 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
21:12:49.0317 16208 HidUsb - ok
21:12:49.0343 16208 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
21:12:49.0353 16208 hkmsvc - ok
21:12:49.0387 16208 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
21:12:49.0397 16208 HomeGroupListener - ok
21:12:49.0447 16208 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
21:12:49.0459 16208 HomeGroupProvider - ok
21:12:49.0522 16208 HP Support Assistant Service - ok
21:12:49.0578 16208 HP Wireless Assistant Service (a2de0a67c77ebc6dfad3d55232790add) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
21:12:49.0590 16208 HP Wireless Assistant Service - ok
21:12:49.0627 16208 hpdoccardsvc (cecf7cb10e778f921cf41858c653ea15) C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe
21:12:49.0679 16208 hpdoccardsvc - ok
21:12:49.0715 16208 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:12:49.0718 16208 hpdskflt - ok
21:12:49.0872 16208 hpqwmiex (0955c23c041451fb4e7099d6b2cf1c06) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:12:49.0890 16208 hpqwmiex - ok
21:12:49.0925 16208 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
21:12:49.0929 16208 HpSAMD - ok
21:12:49.0966 16208 HPSIService (5a539a3cbd6ec1609d5333b486d5f74c) C:\Windows\system32\HPSIsvc.exe
21:12:49.0975 16208 HPSIService - ok
21:12:50.0000 16208 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
21:12:50.0004 16208 hpsrv - ok
21:12:50.0049 16208 HPWMISVC (b6492d01712a22ff3fea25a999dbd321) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:12:50.0063 16208 HPWMISVC - ok
21:12:50.0131 16208 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:12:50.0143 16208 HTTP - ok
21:12:50.0160 16208 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:12:50.0162 16208 hwpolicy - ok
21:12:50.0194 16208 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:12:50.0197 16208 i8042prt - ok
21:12:50.0269 16208 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
21:12:50.0276 16208 iaStor - ok
21:12:50.0338 16208 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:12:50.0352 16208 iaStorV - ok
21:12:50.0458 16208 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:12:50.0482 16208 idsvc - ok
21:12:51.0063 16208 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:12:51.0288 16208 igfx - ok
21:12:51.0399 16208 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:12:51.0403 16208 iirsp - ok
21:12:51.0482 16208 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
21:12:51.0499 16208 IKEEXT - ok
21:12:51.0548 16208 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
21:12:51.0556 16208 Impcd - ok
21:12:51.0601 16208 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:12:51.0611 16208 IntcDAud - ok
21:12:51.0632 16208 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
21:12:51.0635 16208 intelide - ok
21:12:51.0677 16208 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:12:51.0680 16208 intelppm - ok
21:12:51.0698 16208 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:12:51.0709 16208 IPBusEnum - ok
21:12:51.0734 16208 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:51.0738 16208 IpFilterDriver - ok
21:12:51.0761 16208 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:12:51.0764 16208 IPMIDRV - ok
21:12:51.0787 16208 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:12:51.0798 16208 IPNAT - ok
21:12:51.0943 16208 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
21:12:51.0963 16208 iPod Service - ok
21:12:51.0989 16208 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:12:51.0991 16208 IRENUM - ok
21:12:52.0010 16208 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
21:12:52.0013 16208 isapnp - ok
21:12:52.0049 16208 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
21:12:52.0062 16208 iScsiPrt - ok
21:12:52.0082 16208 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:52.0104 16208 kbdclass - ok
21:12:52.0125 16208 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:52.0128 16208 kbdhid - ok
21:12:52.0166 16208 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
21:12:52.0171 16208 KeyIso - ok
21:12:52.0196 16208 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
21:12:52.0200 16208 KSecDD - ok
21:12:52.0231 16208 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
21:12:52.0239 16208 KSecPkg - ok
21:12:52.0256 16208 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:12:52.0259 16208 ksthunk - ok
21:12:52.0305 16208 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:12:52.0320 16208 KtmRm - ok
21:12:52.0381 16208 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
21:12:52.0392 16208 LanmanServer - ok
21:12:52.0418 16208 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
21:12:52.0426 16208 LanmanWorkstation - ok
21:12:52.0456 16208 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:12:52.0459 16208 lltdio - ok
21:12:52.0504 16208 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:12:52.0521 16208 lltdsvc - ok
21:12:52.0537 16208 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:12:52.0542 16208 lmhosts - ok
21:12:52.0630 16208 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:12:52.0638 16208 LMS - ok
21:12:52.0670 16208 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:12:52.0675 16208 LSI_FC - ok
21:12:52.0695 16208 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:12:52.0699 16208 LSI_SAS - ok
21:12:52.0727 16208 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:12:52.0731 16208 LSI_SAS2 - ok
21:12:52.0757 16208 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:12:52.0768 16208 LSI_SCSI - ok
21:12:52.0803 16208 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:12:52.0807 16208 luafv - ok
21:12:52.0831 16208 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
21:12:52.0843 16208 Mcx2Svc - ok
21:12:52.0872 16208 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:12:52.0875 16208 megasas - ok
21:12:52.0910 16208 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:12:52.0920 16208 MegaSR - ok
21:12:52.0988 16208 Microsoft SharePoint Workspace Audit Service - ok
21:12:53.0017 16208 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:12:53.0022 16208 MMCSS - ok
21:12:53.0040 16208 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:12:53.0043 16208 Modem - ok
21:12:53.0069 16208 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:12:53.0070 16208 monitor - ok
21:12:53.0098 16208 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:12:53.0102 16208 mouclass - ok
21:12:53.0122 16208 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:12:53.0124 16208 mouhid - ok
21:12:53.0163 16208 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:12:53.0166 16208 mountmgr - ok
21:12:53.0190 16208 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
21:12:53.0198 16208 mpio - ok
21:12:53.0217 16208 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:12:53.0221 16208 mpsdrv - ok
21:12:53.0247 16208 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:12:53.0256 16208 MRxDAV - ok
21:12:53.0303 16208 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:53.0311 16208 mrxsmb - ok
21:12:53.0369 16208 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:53.0378 16208 mrxsmb10 - ok
21:12:53.0400 16208 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:53.0408 16208 mrxsmb20 - ok
21:12:53.0425 16208 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
21:12:53.0428 16208 msahci - ok
21:12:53.0463 16208 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
21:12:53.0471 16208 msdsm - ok
21:12:53.0501 16208 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:12:53.0510 16208 MSDTC - ok
21:12:53.0544 16208 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:12:53.0546 16208 Msfs - ok
21:12:53.0566 16208 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:12:53.0569 16208 mshidkmdf - ok
21:12:53.0587 16208 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
21:12:53.0589 16208 msisadrv - ok
21:12:53.0620 16208 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:12:53.0635 16208 MSiSCSI - ok
21:12:53.0641 16208 msiserver - ok
21:12:53.0671 16208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:12:53.0673 16208 MSKSSRV - ok
21:12:53.0685 16208 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:53.0688 16208 MSPCLOCK - ok
21:12:53.0701 16208 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:12:53.0703 16208 MSPQM - ok
21:12:53.0742 16208 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:12:53.0752 16208 MsRPC - ok
21:12:53.0768 16208 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:12:53.0771 16208 mssmbios - ok
21:12:53.0787 16208 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:12:53.0789 16208 MSTEE - ok
21:12:53.0800 16208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:12:53.0803 16208 MTConfig - ok
21:12:53.0821 16208 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:12:53.0824 16208 Mup - ok
21:12:53.0862 16208 mvusbews (8fa52b6049596fe2fdbc8a5e8b14ebfc) C:\Windows\system32\Drivers\mvusbews.sys
21:12:53.0866 16208 mvusbews - ok
21:12:54.0011 16208 MyWiFiDHCPDNS (400e39127aed6aed73e564c7aaedd14a) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:12:54.0024 16208 MyWiFiDHCPDNS - ok
21:12:54.0082 16208 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
21:12:54.0096 16208 napagent - ok
21:12:54.0149 16208 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:12:54.0162 16208 NativeWifiP - ok
21:12:54.0252 16208 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
21:12:54.0269 16208 NDIS - ok
21:12:54.0286 16208 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:54.0289 16208 NdisCap - ok
21:12:54.0312 16208 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:54.0315 16208 NdisTapi - ok
21:12:54.0336 16208 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:54.0339 16208 Ndisuio - ok
21:12:54.0369 16208 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:54.0380 16208 NdisWan - ok
21:12:54.0397 16208 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:12:54.0401 16208 NDProxy - ok
21:12:54.0415 16208 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:12:54.0418 16208 NetBIOS - ok
21:12:54.0451 16208 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:12:54.0457 16208 NetBT - ok
21:12:54.0508 16208 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
21:12:54.0511 16208 Netlogon - ok
21:12:54.0565 16208 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:12:54.0579 16208 Netman - ok
21:12:54.0629 16208 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:12:54.0641 16208 netprofm - ok
21:12:54.0706 16208 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:12:54.0713 16208 NetTcpPortSharing - ok
21:12:55.0236 16208 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
21:12:55.0413 16208 NETw5s64 - ok
21:12:55.0886 16208 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
21:12:56.0011 16208 netw5v64 - ok
21:12:56.0631 16208 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
21:12:56.0814 16208 NETwNs64 - ok
21:12:56.0890 16208 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:12:56.0893 16208 nfrd960 - ok
21:12:56.0942 16208 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
21:12:56.0957 16208 NlaSvc - ok
21:12:56.0982 16208 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:12:56.0986 16208 Npfs - ok
21:12:57.0001 16208 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:12:57.0004 16208 nsi - ok
21:12:57.0020 16208 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:12:57.0022 16208 nsiproxy - ok
21:12:57.0213 16208 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:12:57.0299 16208 Ntfs - ok
21:12:57.0366 16208 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:12:57.0368 16208 Null - ok
21:12:57.0416 16208 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:12:57.0423 16208 nvraid - ok
21:12:57.0473 16208 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:12:57.0487 16208 nvstor - ok
21:12:57.0512 16208 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
21:12:57.0520 16208 nv_agp - ok
21:12:57.0549 16208 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
21:12:57.0559 16208 ohci1394 - ok
21:12:57.0650 16208 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:12:57.0664 16208 ose - ok
21:12:58.0166 16208 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:12:58.0300 16208 osppsvc - ok
21:12:58.0424 16208 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:12:58.0433 16208 p2pimsvc - ok
21:12:58.0478 16208 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:12:58.0492 16208 p2psvc - ok
21:12:58.0542 16208 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:12:58.0548 16208 Parport - ok
21:12:58.0593 16208 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
21:12:58.0596 16208 partmgr - ok
21:12:58.0637 16208 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:12:58.0648 16208 PcaSvc - ok
21:12:58.0679 16208 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
21:12:58.0691 16208 pci - ok
21:12:58.0708 16208 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
21:12:58.0710 16208 pciide - ok
21:12:58.0745 16208 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:12:58.0756 16208 pcmcia - ok
21:12:58.0780 16208 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:12:58.0783 16208 pcw - ok
21:12:58.0842 16208 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:12:58.0855 16208 PEAUTH - ok
21:12:58.0936 16208 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:12:58.0940 16208 PerfHost - ok
21:12:59.0123 16208 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
21:12:59.0165 16208 pla - ok
21:12:59.0241 16208 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
21:12:59.0256 16208 PlugPlay - ok
21:12:59.0274 16208 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:12:59.0279 16208 PNRPAutoReg - ok
21:12:59.0323 16208 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:12:59.0331 16208 PNRPsvc - ok
21:12:59.0392 16208 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
21:12:59.0411 16208 PolicyAgent - ok
21:12:59.0444 16208 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:12:59.0451 16208 Power - ok
21:12:59.0502 16208 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:12:59.0511 16208 PptpMiniport - ok
21:12:59.0533 16208 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:12:59.0537 16208 Processor - ok
21:12:59.0591 16208 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
21:12:59.0601 16208 ProfSvc - ok
21:12:59.0642 16208 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
21:12:59.0646 16208 ProtectedStorage - ok
21:12:59.0685 16208 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:12:59.0688 16208 Psched - ok
21:12:59.0819 16208 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:12:59.0858 16208 ql2300 - ok
21:12:59.0949 16208 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:12:59.0958 16208 ql40xx - ok
21:12:59.0998 16208 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:13:00.0019 16208 QWAVE - ok
21:13:00.0036 16208 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:13:00.0046 16208 QWAVEdrv - ok
21:13:00.0068 16208 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:13:00.0071 16208 RasAcd - ok
21:13:00.0091 16208 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:13:00.0094 16208 RasAgileVpn - ok
21:13:00.0123 16208 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:13:00.0146 16208 RasAuto - ok
21:13:00.0175 16208 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:13:00.0189 16208 Rasl2tp - ok
21:13:00.0238 16208 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
21:13:00.0255 16208 RasMan - ok
21:13:00.0293 16208 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:13:00.0297 16208 RasPppoe - ok
21:13:00.0333 16208 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:13:00.0343 16208 RasSstp - ok
21:13:00.0389 16208 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:13:00.0403 16208 rdbss - ok
21:13:00.0422 16208 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:13:00.0425 16208 rdpbus - ok
21:13:00.0444 16208 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:13:00.0446 16208 RDPCDD - ok
21:13:00.0471 16208 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:13:00.0472 16208 RDPENCDD - ok
21:13:00.0491 16208 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:13:00.0492 16208 RDPREFMP - ok
21:13:00.0529 16208 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
21:13:00.0540 16208 RDPWD - ok
21:13:00.0585 16208 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
21:13:00.0594 16208 rdyboost - ok
21:13:00.0769 16208 RegSrvc (c8a442e4dcf89d03c4d7c7616ce293ae) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:13:00.0792 16208 RegSrvc - ok
21:13:00.0887 16208 Remote Solver for Flow Simulation 2010 (6850b6ef0b19178e5a4529616f1c91cb) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
21:13:00.0933 16208 Remote Solver for Flow Simulation 2010 - ok
21:13:00.0974 16208 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:13:00.0982 16208 RemoteAccess - ok
21:13:01.0024 16208 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:13:01.0039 16208 RemoteRegistry - ok
21:13:01.0069 16208 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:13:01.0078 16208 RpcEptMapper - ok
21:13:01.0100 16208 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:13:01.0107 16208 RpcLocator - ok
21:13:01.0163 16208 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
21:13:01.0173 16208 RpcSs - ok
21:13:01.0219 16208 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:13:01.0228 16208 rspndr - ok
21:13:01.0268 16208 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
21:13:01.0331 16208 RSUSBSTOR - ok
21:13:01.0400 16208 RTL8167 (777fc2c418465404e3d8a290dc247d24) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:13:01.0440 16208 RTL8167 - ok
21:13:01.0501 16208 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
21:13:01.0504 16208 SamSs - ok
21:13:01.0538 16208 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
21:13:01.0546 16208 sbp2port - ok
21:13:01.0584 16208 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:13:01.0603 16208 SCardSvr - ok
21:13:01.0681 16208 SCDEmu (b2f50286dc82b93c013e3fc57ba1a956) C:\Windows\system32\drivers\SCDEmu.sys
21:13:01.0708 16208 SCDEmu - ok
21:13:01.0724 16208 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:13:01.0728 16208 scfilter - ok
21:13:01.0861 16208 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
21:13:01.0888 16208 Schedule - ok
21:13:01.0917 16208 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
21:13:01.0919 16208 SCPolicySvc - ok
21:13:01.0944 16208 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
21:13:01.0955 16208 sdbus - ok
21:13:01.0986 16208 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
21:13:02.0002 16208 SDRSVC - ok
21:13:02.0027 16208 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:13:02.0031 16208 secdrv - ok
21:13:02.0056 16208 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
21:13:02.0061 16208 seclogon - ok
21:13:02.0086 16208 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:13:02.0095 16208 SENS - ok
21:13:02.0128 16208 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:13:02.0134 16208 SensrSvc - ok
21:13:02.0156 16208 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:13:02.0159 16208 Serenum - ok
21:13:02.0181 16208 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:13:02.0185 16208 Serial - ok
21:13:02.0209 16208 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:13:02.0212 16208 sermouse - ok
21:13:02.0249 16208 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
21:13:02.0274 16208 SessionEnv - ok
21:13:02.0303 16208 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
21:13:02.0306 16208 sffdisk - ok
21:13:02.0331 16208 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:13:02.0334 16208 sffp_mmc - ok
21:13:02.0351 16208 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:13:02.0353 16208 sffp_sd - ok
21:13:02.0377 16208 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:13:02.0380 16208 sfloppy - ok
21:13:02.0439 16208 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
21:13:02.0462 16208 ShellHWDetection - ok
21:13:02.0494 16208 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:13:02.0498 16208 SiSRaid2 - ok
21:13:02.0540 16208 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:13:02.0553 16208 SiSRaid4 - ok
21:13:02.0614 16208 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:13:02.0621 16208 SkypeUpdate - ok
21:13:02.0644 16208 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:13:02.0648 16208 Smb - ok
21:13:02.0679 16208 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:13:02.0685 16208 SNMPTRAP - ok
21:13:02.0737 16208 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
21:13:02.0770 16208 SolidWorks Licensing Service - ok
21:13:02.0795 16208 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:13:02.0798 16208 spldr - ok
21:13:02.0859 16208 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
21:13:02.0884 16208 Spooler - ok
21:13:03.0094 16208 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
21:13:03.0180 16208 sppsvc - ok
21:13:03.0265 16208 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:13:03.0279 16208 sppuinotify - ok
21:13:03.0353 16208 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:13:03.0405 16208 srv - ok
21:13:03.0449 16208 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:13:03.0461 16208 srv2 - ok
21:13:03.0512 16208 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:13:03.0522 16208 SrvHsfHDA - ok
21:13:03.0635 16208 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:13:03.0670 16208 SrvHsfV92 - ok
21:13:03.0781 16208 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:13:03.0800 16208 SrvHsfWinac - ok
21:13:03.0845 16208 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:13:03.0852 16208 srvnet - ok
21:13:03.0890 16208 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:13:03.0904 16208 SSDPSRV - ok
21:13:03.0924 16208 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:13:03.0936 16208 SstpSvc - ok
21:13:04.0021 16208 STacSV (b00068ba94f5f306911b14b425aaeb56) C:\Program Files\IDT\WDM\STacSV64.exe
21:13:04.0032 16208 STacSV - ok
21:13:04.0088 16208 Steam Client Service - ok
21:13:04.0133 16208 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:13:04.0136 16208 stexstor - ok
21:13:04.0214 16208 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys
21:13:04.0229 16208 STHDA - ok
21:13:04.0285 16208 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
21:13:04.0305 16208 stisvc - ok
21:13:04.0325 16208 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:13:04.0328 16208 swenum - ok
21:13:04.0430 16208 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:13:04.0445 16208 SwitchBoard - ok
21:13:04.0492 16208 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:13:04.0507 16208 swprv - ok
21:13:04.0646 16208 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
21:13:04.0683 16208 SynTP - ok
21:13:04.0874 16208 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
21:13:04.0918 16208 SysMain - ok
21:13:04.0979 16208 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
21:13:04.0990 16208 TabletInputService - ok
21:13:05.0022 16208 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
21:13:05.0039 16208 TapiSrv - ok
21:13:05.0059 16208 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:13:05.0065 16208 TBS - ok
21:13:05.0255 16208 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
21:13:05.0318 16208 Tcpip - ok
21:13:05.0482 16208 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
21:13:05.0503 16208 TCPIP6 - ok
21:13:05.0563 16208 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:13:05.0566 16208 tcpipreg - ok
21:13:05.0587 16208 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:13:05.0590 16208 TDPIPE - ok
21:13:05.0630 16208 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
21:13:05.0633 16208 TDTCP - ok
21:13:05.0668 16208 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:13:05.0671 16208 tdx - ok
21:13:05.0699 16208 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
21:13:05.0703 16208 TermDD - ok
21:13:05.0762 16208 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
21:13:05.0785 16208 TermService - ok
21:13:05.0803 16208 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:13:05.0809 16208 Themes - ok
21:13:05.0834 16208 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:13:05.0839 16208 THREADORDER - ok
21:13:05.0862 16208 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:13:05.0872 16208 TrkWks - ok
21:13:05.0913 16208 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
21:13:05.0927 16208 TrustedInstaller - ok
21:13:05.0949 16208 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:13:05.0952 16208 tssecsrv - ok
21:13:05.0990 16208 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:13:05.0999 16208 tunnel - ok
21:13:06.0022 16208 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:13:06.0026 16208 uagp35 - ok
21:13:06.0071 16208 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
21:13:06.0088 16208 udfs - ok
21:13:06.0170 16208 ufad-ws60 (215462ae7e6a897d675e84dd1e3b3b56) C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
21:13:06.0202 16208 ufad-ws60 - ok
21:13:06.0237 16208 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:13:06.0245 16208 UI0Detect - ok
21:13:06.0262 16208 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
21:13:06.0266 16208 uliagpkx - ok
21:13:06.0297 16208 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
21:13:06.0301 16208 umbus - ok
21:13:06.0326 16208 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:13:06.0329 16208 UmPass - ok
21:13:06.0516 16208 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:13:06.0580 16208 UNS - ok
21:13:06.0688 16208 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:13:06.0699 16208 upnphost - ok
21:13:06.0743 16208 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
21:13:06.0763 16208 USBAAPL64 - ok
21:13:06.0779 16208 usbbus - ok
21:13:06.0808 16208 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
21:13:06.0812 16208 usbccgp - ok
21:13:06.0845 16208 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
21:13:06.0849 16208 usbcir - ok
21:13:06.0857 16208 UsbDiag - ok
21:13:06.0897 16208 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
21:13:06.0900 16208 usbehci - ok
21:13:06.0966 16208 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
21:13:06.0981 16208 usbhub - ok
21:13:06.0999 16208 USBModem - ok
21:13:07.0027 16208 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
21:13:07.0030 16208 usbohci - ok
21:13:07.0054 16208 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:13:07.0057 16208 usbprint - ok
21:13:07.0096 16208 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:13:07.0100 16208 usbscan - ok
21:13:07.0145 16208 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:13:07.0160 16208 USBSTOR - ok
21:13:07.0188 16208 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
21:13:07.0192 16208 usbuhci - ok
21:13:07.0240 16208 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
21:13:07.0271 16208 usbvideo - ok
21:13:07.0305 16208 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:13:07.0312 16208 UxSms - ok
21:13:07.0337 16208 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
21:13:07.0341 16208 VaultSvc - ok
21:13:07.0382 16208 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
21:13:07.0385 16208 vdrvroot - ok
21:13:07.0437 16208 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
21:13:07.0460 16208 vds - ok
21:13:07.0478 16208 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:13:07.0481 16208 vga - ok
21:13:07.0496 16208 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:13:07.0499 16208 VgaSave - ok
21:13:07.0533 16208 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
21:13:07.0555 16208 vhdmp - ok
21:13:07.0593 16208 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
21:13:07.0597 16208 viaide - ok
21:13:07.0725 16208 VMAuthdService (c6543f46394797dbde0cb1bb33c8afd5) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
21:13:07.0736 16208 VMAuthdService - ok
21:13:07.0785 16208 vmci (8c736952a2a468795c7d8138e7910a4c) C:\Windows\system32\drivers\vmci.sys
21:13:07.0788 16208 vmci - ok
21:13:07.0829 16208 vmkbd (13a431ded1f857725e36c2d9f11e6ec7) C:\Windows\system32\drivers\VMkbd.sys
21:13:07.0832 16208 vmkbd - ok
21:13:07.0856 16208 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:13:07.0859 16208 VMnetAdapter - ok
21:13:07.0886 16208 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:13:07.0889 16208 VMnetBridge - ok
21:13:07.0915 16208 VMnetDHCP - ok
21:13:07.0934 16208 VMnetuserif (1dc8427979a1646d6b9fae32f3c4a27a) C:\Windows\system32\drivers\vmnetuserif.sys
21:13:07.0937 16208 VMnetuserif - ok
21:13:08.0027 16208 VMUSBArbService (d73daf6961c4fefe92b914dfabeea98f) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
21:13:08.0040 16208 VMUSBArbService - ok
21:13:08.0054 16208 VMware NAT Service - ok
21:13:08.0073 16208 vmx86 (2403100ecf1383ca6d96be6be5bbc8e8) C:\Windows\system32\drivers\vmx86.sys
21:13:08.0076 16208 vmx86 - ok
21:13:08.0088 16208 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
21:13:08.0091 16208 volmgr - ok
21:13:08.0131 16208 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:13:08.0138 16208 volmgrx - ok
21:13:08.0174 16208 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
21:13:08.0184 16208 volsnap - ok
21:13:08.0212 16208 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:13:08.0217 16208 vsmraid - ok
21:13:08.0339 16208 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
21:13:08.0381 16208 VSS - ok
21:13:08.0471 16208 vstor2-ws60 (e61c910e2ddf4797c1b1f9239636e894) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
21:13:08.0475 16208 vstor2-ws60 - ok
21:13:08.0566 16208 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:13:08.0569 16208 vwifibus - ok
21:13:08.0598 16208 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:13:08.0602 16208 vwififlt - ok
21:13:08.0626 16208 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:13:08.0630 16208 vwifimp - ok
21:13:08.0681 16208 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:13:08.0703 16208 W32Time - ok
21:13:08.0735 16208 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:13:08.0738 16208 WacomPen - ok
21:13:08.0774 16208 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:13:08.0778 16208 WANARP - ok
21:13:08.0793 16208 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:13:08.0795 16208 Wanarpv6 - ok
21:13:08.0916 16208 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:13:08.0948 16208 WatAdminSvc - ok
21:13:09.0074 16208 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
21:13:09.0119 16208 wbengine - ok
21:13:09.0209 16208 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:13:09.0245 16208 WbioSrvc - ok
21:13:09.0308 16208 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
21:13:09.0330 16208 wcncsvc - ok
21:13:09.0373 16208 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:13:09.0387 16208 WcsPlugInService - ok
21:13:09.0421 16208 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:13:09.0424 16208 Wd - ok
21:13:09.0490 16208 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:13:09.0505 16208 Wdf01000 - ok
21:13:09.0530 16208 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:13:09.0541 16208 WdiServiceHost - ok
21:13:09.0551 16208 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:13:09.0556 16208 WdiSystemHost - ok
21:13:09.0607 16208 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
21:13:09.0627 16208 WebClient - ok
21:13:09.0660 16208 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:13:09.0679 16208 Wecsvc - ok
21:13:09.0713 16208 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:13:09.0729 16208 wercplsupport - ok
21:13:09.0763 16208 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:13:09.0776 16208 WerSvc - ok
21:13:09.0796 16208 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:13:09.0799 16208 WfpLwf - ok
21:13:09.0820 16208 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:13:09.0823 16208 WIMMount - ok
21:13:09.0836 16208 WinHttpAutoProxySvc - ok
21:13:09.0891 16208 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:13:09.0903 16208 Winmgmt - ok
21:13:10.0043 16208 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
21:13:10.0105 16208 WinRM - ok
21:13:10.0233 16208 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
21:13:10.0237 16208 WinUsb - ok
21:13:10.0311 16208 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:13:10.0333 16208 Wlansvc - ok
21:13:10.0545 16208 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:13:10.0589 16208 wlidsvc - ok
21:13:10.0668 16208 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:13:10.0671 16208 WmiAcpi - ok
21:13:10.0752 16208 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:13:10.0757 16208 wmiApSrv - ok
21:13:10.0784 16208 WMPNetworkSvc - ok
21:13:10.0803 16208 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:13:10.0811 16208 WPCSvc - ok
21:13:10.0835 16208 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
21:13:10.0854 16208 WPDBusEnum - ok
21:13:10.0874 16208 WPRO_40_1340 - ok
21:13:10.0895 16208 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:13:10.0899 16208 ws2ifsl - ok
21:13:10.0934 16208 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:13:10.0938 16208 WSDPrintDevice - ok
21:13:10.0946 16208 WSearch - ok
21:13:10.0986 16208 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:13:10.0991 16208 WudfPf - ok
21:13:11.0026 16208 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:13:11.0042 16208 WUDFRd - ok
21:13:11.0068 16208 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
21:13:11.0082 16208 wudfsvc - ok
21:13:11.0112 16208 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:13:11.0147 16208 WwanSvc - ok
21:13:11.0202 16208 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
21:13:11.0215 16208 yukonw7 - ok
21:13:11.0287 16208 MBR (0x1B8) (9818b3a1a5ac3cbdf707d51af18309fd) \Device\Harddisk0\DR0
21:13:11.0608 16208 \Device\Harddisk0\DR0 - ok
21:13:11.0617 16208 Boot (0x1200) (68a2c9346e01a355256a948f1b035de7) \Device\Harddisk0\DR0\Partition0
21:13:11.0621 16208 \Device\Harddisk0\DR0\Partition0 - ok
21:13:11.0656 16208 Boot (0x1200) (772d80617739859061bd6b0d73f2245f) \Device\Harddisk0\DR0\Partition1
21:13:11.0659 16208 \Device\Harddisk0\DR0\Partition1 - ok
21:13:11.0695 16208 Boot (0x1200) (021f779cec360e6c34d1ed7a5cfbc4d2) \Device\Harddisk0\DR0\Partition2
21:13:11.0699 16208 \Device\Harddisk0\DR0\Partition2 - ok
21:13:11.0719 16208 Boot (0x1200) (5f3507fdb9a60b7f73d602bd9866ccb8) \Device\Harddisk0\DR0\Partition3
21:13:11.0721 16208 \Device\Harddisk0\DR0\Partition3 - ok
21:13:11.0723 16208 ============================================================
21:13:11.0723 16208 Scan finished
21:13:11.0723 16208 ============================================================
21:13:11.0761 21268 Detected object count: 0
21:13:11.0761 21268 Actual detected object count: 0



Here is the avast scan log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-31 21:17:11
-----------------------------
21:17:11.132 OS Version: Windows x64 6.1.7600
21:17:11.133 Number of processors: 4 586 0x2502
21:17:11.134 ComputerName: COMPTER UserName: Sean
21:17:12.846 Initialize success
21:27:07.628 AVAST engine defs: 12073101
21:29:09.952 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:29:09.957 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
21:29:09.979 Disk 0 MBR read successfully
21:29:09.984 Disk 0 MBR scan
21:29:09.994 Disk 0 unknown MBR code
21:29:10.003 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
21:29:10.023 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 455124 MB offset 409600
21:29:10.062 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21512 MB offset 932503552
21:29:10.085 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
21:29:10.172 Disk 0 scanning C:\Windows\system32\drivers
21:29:23.888 Service scanning
21:30:04.989 Modules scanning
21:30:05.020 Disk 0 trace - called modules:
21:30:05.094 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
21:30:05.118 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005210060]
21:30:05.139 3 CLASSPNP.SYS[fffff88001b4643f] -> nt!IofCallDriver -> [0xfffffa80050b3b10]
21:30:05.157 5 hpdskflt.sys[fffff8800165c289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f9c050]
21:30:07.491 AVAST engine scan C:\Windows
21:30:11.848 AVAST engine scan C:\Windows\system32
21:33:25.814 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:33:30.598 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:37:46.760 AVAST engine scan C:\Windows\system32\drivers
21:38:19.486 AVAST engine scan C:\Users\Sean
22:26:12.288 AVAST engine scan C:\ProgramData
22:49:56.450 Scan finished successfully
22:50:11.058 Disk 0 MBR has been saved successfully to "C:\Users\Sean\Desktop\MBR.dat"
22:50:11.063 The log file has been saved successfully to "C:\Users\Sean\Desktop\aswMBR.txt"



And the last scan:


C:\Windows\Installer\{c3ce6307-0540-63e7-3279-df494f5927e5}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{c3ce6307-0540-63e7-3279-df494f5927e5}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{c3ce6307-0540-63e7-3279-df494f5927e5}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{c3ce6307-0540-63e7-3279-df494f5927e5}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats


-Sean

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 31 July 2012 - 07:12 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 seabro

seabro
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 31 July 2012 - 11:57 PM

Ok thanks for your help.

I made a back up point about a month ago using the Windows 7 tool, if I reverted to that would everything be cured?

-Sean

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 01 August 2012 - 06:23 AM

Its better to remove them than trying a system restore. :thumbup2:

Ofcourse system restore would help but we cannot be sure that system is clean.

Edited by narenxp, 01 August 2012 - 06:26 AM.


#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 PM

Posted 01 August 2012 - 04:24 PM

Malware topic here: http://www.bleepingcomputer.com/forums/topic463434.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users