Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Live Security Platinum infection


  • Please log in to reply
12 replies to this topic

#1 Twinmum

Twinmum

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 03:46 AM

My daughter has a new computer which for one reason or another, we have not put an antivirus on (I know - our bad) Anyway today she came to me quite upset asking if I could help her as she had a virus. I went it and looked at her computer and there was a screen for Live Security Platinum which said it had scanned her computer and had found a large number of trojans and such. It also said that she needed to buy the platinum version to remove these threats. I tried to open the browser, but it said that it was locked 9or something like that) until all the threats were removed. That immediately set off alarm bells and said to me the warning itself was the offending virus/trojan/malware. As I was a little busy, I told her to shut it down and I would look into it a bit later. Now when we turn it on, we get like a splash screen saying that Windows is starting up, but then the screen goes black with just the curser and it doesn't load any further.

I did a quick search and found something that linked to a page here ( Windows Antivirus Machine Removal Guide - http://www.bleepingcomputer.com/virus-removal/remove-windows-antivirus-machine )but this does not actually mention Live Security Platinum. Do I folow these instructions to remove it or do I need to do something else.

Her operating system is Windows 7

Thanks in advance

Norma

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 05:37 AM

Can you boot into safemode with networking?

#3 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 05:40 AM

Just tried, and yes I got into safe mode with networking.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 05:47 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 05:50 AM

So I post all those reports in a reply here? Off to get started now.Thanks

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 06:01 AM

Yes :)

#7 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 06:05 AM

first up the TDSSKiller report:

20:58:55.0779 1312 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:58:56.0699 1312 ============================================================
20:58:56.0699 1312 Current date / time: 2012/08/04 20:58:56.0699
20:58:56.0699 1312 SystemInfo:
20:58:56.0699 1312
20:58:56.0699 1312 OS Version: 6.1.7601 ServicePack: 1.0
20:58:56.0699 1312 Product type: Workstation
20:58:56.0699 1312 ComputerName: SAMANTHA-PC
20:58:56.0699 1312 UserName: Samantha
20:58:56.0699 1312 Windows directory: C:\Windows
20:58:56.0699 1312 System windows directory: C:\Windows
20:58:56.0699 1312 Running under WOW64
20:58:56.0699 1312 Processor architecture: Intel x64
20:58:56.0699 1312 Number of processors: 4
20:58:56.0699 1312 Page size: 0x1000
20:58:56.0699 1312 Boot type: Safe boot with network
20:58:56.0699 1312 ============================================================
20:58:57.0448 1312 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:58:57.0448 1312 ============================================================
20:58:57.0448 1312 \Device\Harddisk0\DR0:
20:58:57.0448 1312 MBR partitions:
20:58:57.0448 1312 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:58:57.0448 1312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
20:58:57.0448 1312 ============================================================
20:58:57.0479 1312 C: <-> \Device\Harddisk0\DR0\Partition1
20:58:57.0479 1312 ============================================================
20:58:57.0479 1312 Initialize success
20:58:57.0479 1312 ============================================================
20:59:29.0600 1836 ============================================================
20:59:29.0600 1836 Scan started
20:59:29.0600 1836 Mode: Manual; TDLFS;
20:59:29.0600 1836 ============================================================
20:59:30.0520 1836 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:59:30.0520 1836 1394ohci - ok
20:59:30.0551 1836 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:59:30.0551 1836 ACPI - ok
20:59:30.0551 1836 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:59:30.0551 1836 AcpiPmi - ok
20:59:30.0614 1836 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:59:30.0629 1836 AdobeFlashPlayerUpdateSvc - ok
20:59:30.0645 1836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:59:30.0661 1836 adp94xx - ok
20:59:30.0676 1836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:59:30.0676 1836 adpahci - ok
20:59:30.0676 1836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:59:30.0676 1836 adpu320 - ok
20:59:30.0707 1836 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:59:30.0707 1836 AeLookupSvc - ok
20:59:30.0739 1836 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:59:30.0739 1836 AFD - ok
20:59:30.0739 1836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:59:30.0739 1836 agp440 - ok
20:59:30.0754 1836 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:59:30.0754 1836 ALG - ok
20:59:30.0770 1836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:59:30.0770 1836 aliide - ok
20:59:30.0770 1836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:59:30.0770 1836 amdide - ok
20:59:30.0785 1836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:59:30.0785 1836 AmdK8 - ok
20:59:30.0785 1836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:59:30.0785 1836 AmdPPM - ok
20:59:30.0801 1836 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:59:30.0801 1836 amdsata - ok
20:59:30.0817 1836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:59:30.0817 1836 amdsbs - ok
20:59:30.0817 1836 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:59:30.0817 1836 amdxata - ok
20:59:30.0817 1836 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:59:30.0817 1836 AppID - ok
20:59:30.0832 1836 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:59:30.0832 1836 AppIDSvc - ok
20:59:30.0848 1836 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:59:30.0848 1836 Appinfo - ok
20:59:30.0863 1836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:59:30.0863 1836 arc - ok
20:59:30.0863 1836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:59:30.0863 1836 arcsas - ok
20:59:30.0879 1836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:59:30.0879 1836 AsyncMac - ok
20:59:30.0895 1836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:59:30.0895 1836 atapi - ok
20:59:30.0926 1836 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:59:30.0926 1836 AudioEndpointBuilder - ok
20:59:30.0926 1836 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:59:30.0926 1836 AudioSrv - ok
20:59:30.0957 1836 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:59:30.0957 1836 AxInstSV - ok
20:59:30.0988 1836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:59:30.0988 1836 b06bdrv - ok
20:59:31.0035 1836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:59:31.0035 1836 b57nd60a - ok
20:59:31.0035 1836 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:59:31.0051 1836 BDESVC - ok
20:59:31.0051 1836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:59:31.0051 1836 Beep - ok
20:59:31.0066 1836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:59:31.0066 1836 blbdrive - ok
20:59:31.0082 1836 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:59:31.0082 1836 bowser - ok
20:59:31.0082 1836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:59:31.0082 1836 BrFiltLo - ok
20:59:31.0082 1836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:59:31.0082 1836 BrFiltUp - ok
20:59:31.0097 1836 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:59:31.0097 1836 Browser - ok
20:59:31.0097 1836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:59:31.0097 1836 Brserid - ok
20:59:31.0113 1836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:59:31.0113 1836 BrSerWdm - ok
20:59:31.0113 1836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:59:31.0113 1836 BrUsbMdm - ok
20:59:31.0113 1836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:59:31.0113 1836 BrUsbSer - ok
20:59:31.0113 1836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:59:31.0113 1836 BTHMODEM - ok
20:59:31.0129 1836 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:59:31.0129 1836 bthserv - ok
20:59:31.0144 1836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:59:31.0144 1836 cdfs - ok
20:59:31.0160 1836 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:59:31.0160 1836 cdrom - ok
20:59:31.0191 1836 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:59:31.0191 1836 CertPropSvc - ok
20:59:31.0191 1836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:59:31.0191 1836 circlass - ok
20:59:31.0207 1836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:59:31.0207 1836 CLFS - ok
20:59:31.0253 1836 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:59:31.0253 1836 clr_optimization_v2.0.50727_32 - ok
20:59:31.0285 1836 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:59:31.0285 1836 clr_optimization_v2.0.50727_64 - ok
20:59:31.0316 1836 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:59:31.0316 1836 clr_optimization_v4.0.30319_32 - ok
20:59:31.0331 1836 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:59:31.0331 1836 clr_optimization_v4.0.30319_64 - ok
20:59:31.0331 1836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:59:31.0331 1836 CmBatt - ok
20:59:31.0331 1836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:59:31.0331 1836 cmdide - ok
20:59:31.0378 1836 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:59:31.0378 1836 CNG - ok
20:59:31.0378 1836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:59:31.0378 1836 Compbatt - ok
20:59:31.0394 1836 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:59:31.0394 1836 CompositeBus - ok
20:59:31.0394 1836 COMSysApp - ok
20:59:31.0409 1836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:59:31.0409 1836 crcdisk - ok
20:59:31.0441 1836 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:59:31.0441 1836 CryptSvc - ok
20:59:31.0487 1836 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:59:31.0487 1836 DcomLaunch - ok
20:59:31.0519 1836 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:59:31.0519 1836 defragsvc - ok
20:59:31.0534 1836 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:59:31.0534 1836 DfsC - ok
20:59:31.0565 1836 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:59:31.0565 1836 Dhcp - ok
20:59:31.0565 1836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:59:31.0565 1836 discache - ok
20:59:31.0581 1836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:59:31.0581 1836 Disk - ok
20:59:31.0612 1836 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:59:31.0612 1836 Dnscache - ok
20:59:31.0628 1836 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:59:31.0628 1836 dot3svc - ok
20:59:31.0628 1836 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:59:31.0628 1836 DPS - ok
20:59:31.0659 1836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:59:31.0659 1836 drmkaud - ok
20:59:31.0690 1836 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:59:31.0706 1836 DXGKrnl - ok
20:59:31.0706 1836 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:59:31.0706 1836 EapHost - ok
20:59:31.0831 1836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:59:31.0831 1836 ebdrv - ok
20:59:31.0893 1836 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:59:31.0893 1836 EFS - ok
20:59:31.0955 1836 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:59:31.0955 1836 ehRecvr - ok
20:59:31.0987 1836 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:59:31.0987 1836 ehSched - ok
20:59:32.0049 1836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:59:32.0049 1836 elxstor - ok
20:59:32.0065 1836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:59:32.0065 1836 ErrDev - ok
20:59:32.0080 1836 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:59:32.0096 1836 EventSystem - ok
20:59:32.0096 1836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:59:32.0096 1836 exfat - ok
20:59:32.0111 1836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:59:32.0111 1836 fastfat - ok
20:59:32.0158 1836 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:59:32.0158 1836 Fax - ok
20:59:32.0158 1836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:59:32.0158 1836 fdc - ok
20:59:32.0174 1836 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:59:32.0174 1836 fdPHost - ok
20:59:32.0174 1836 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:59:32.0189 1836 FDResPub - ok
20:59:32.0189 1836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:59:32.0189 1836 FileInfo - ok
20:59:32.0205 1836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:59:32.0205 1836 Filetrace - ok
20:59:32.0205 1836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:59:32.0205 1836 flpydisk - ok
20:59:32.0221 1836 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:59:32.0221 1836 FltMgr - ok
20:59:32.0283 1836 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:59:32.0283 1836 FontCache - ok
20:59:32.0330 1836 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:59:32.0330 1836 FontCache3.0.0.0 - ok
20:59:32.0345 1836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:59:32.0345 1836 FsDepends - ok
20:59:32.0361 1836 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:59:32.0361 1836 Fs_Rec - ok
20:59:32.0377 1836 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:59:32.0377 1836 fvevol - ok
20:59:32.0392 1836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:59:32.0392 1836 gagp30kx - ok
20:59:32.0423 1836 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:59:32.0423 1836 gpsvc - ok
20:59:32.0455 1836 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
20:59:32.0455 1836 hamachi - ok
20:59:32.0611 1836 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:59:32.0611 1836 Hamachi2Svc - ok
20:59:32.0673 1836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:59:32.0673 1836 hcw85cir - ok
20:59:32.0689 1836 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:59:32.0689 1836 HdAudAddService - ok
20:59:32.0704 1836 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:59:32.0704 1836 HDAudBus - ok
20:59:32.0704 1836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:59:32.0704 1836 HidBatt - ok
20:59:32.0720 1836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:59:32.0720 1836 HidBth - ok
20:59:32.0735 1836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:59:32.0735 1836 HidIr - ok
20:59:32.0751 1836 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:59:32.0751 1836 hidserv - ok
20:59:32.0767 1836 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:59:32.0767 1836 HidUsb - ok
20:59:32.0782 1836 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:59:32.0782 1836 hkmsvc - ok
20:59:32.0782 1836 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:59:32.0798 1836 HomeGroupListener - ok
20:59:32.0813 1836 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:59:32.0813 1836 HomeGroupProvider - ok
20:59:32.0829 1836 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:59:32.0829 1836 HpSAMD - ok
20:59:32.0876 1836 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:59:32.0876 1836 HTTP - ok
20:59:32.0876 1836 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:59:32.0876 1836 hwpolicy - ok
20:59:32.0891 1836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:59:32.0891 1836 i8042prt - ok
20:59:32.0923 1836 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:59:32.0923 1836 iaStorV - ok
20:59:32.0985 1836 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:59:32.0985 1836 idsvc - ok
20:59:32.0985 1836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:59:32.0985 1836 iirsp - ok
20:59:33.0047 1836 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:59:33.0047 1836 IKEEXT - ok
20:59:33.0266 1836 IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
20:59:33.0281 1836 IntcAzAudAddService - ok
20:59:33.0344 1836 Intel® Capability Licensing Service Interface (832ce330dd987227b7dea8c03f22aefa) C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:59:33.0344 1836 Intel® Capability Licensing Service Interface - ok
20:59:33.0391 1836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:59:33.0391 1836 intelide - ok
20:59:33.0406 1836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:59:33.0406 1836 intelppm - ok
20:59:33.0422 1836 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:59:33.0422 1836 IPBusEnum - ok
20:59:33.0422 1836 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:59:33.0422 1836 IpFilterDriver - ok
20:59:33.0437 1836 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:59:33.0437 1836 IPMIDRV - ok
20:59:33.0437 1836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:59:33.0437 1836 IPNAT - ok
20:59:33.0453 1836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:59:33.0453 1836 IRENUM - ok
20:59:33.0453 1836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:59:33.0453 1836 isapnp - ok
20:59:33.0484 1836 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:59:33.0484 1836 iScsiPrt - ok
20:59:33.0484 1836 iusb3hcs (8e4577c6e0d3114170509159de658907) C:\Windows\system32\DRIVERS\iusb3hcs.sys
20:59:33.0484 1836 iusb3hcs - ok
20:59:33.0515 1836 iusb3hub (fe76346e9b57da575bd1b3bd0ccad7ff) C:\Windows\system32\DRIVERS\iusb3hub.sys
20:59:33.0515 1836 iusb3hub - ok
20:59:33.0547 1836 iusb3xhc (1008cd90da2198ffd250298deb9df160) C:\Windows\system32\DRIVERS\iusb3xhc.sys
20:59:33.0562 1836 iusb3xhc - ok
20:59:33.0609 1836 jhi_service (c44b44e24b929631d9d7368f5b2b40cf) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:59:33.0609 1836 jhi_service - ok
20:59:33.0625 1836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:59:33.0625 1836 kbdclass - ok
20:59:33.0640 1836 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:59:33.0640 1836 kbdhid - ok
20:59:33.0656 1836 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:59:33.0656 1836 KeyIso - ok
20:59:33.0671 1836 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:59:33.0671 1836 KSecDD - ok
20:59:33.0687 1836 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:59:33.0687 1836 KSecPkg - ok
20:59:33.0687 1836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:59:33.0687 1836 ksthunk - ok
20:59:33.0734 1836 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:59:33.0734 1836 KtmRm - ok
20:59:33.0749 1836 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:59:33.0765 1836 LanmanServer - ok
20:59:33.0781 1836 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:59:33.0781 1836 LanmanWorkstation - ok
20:59:33.0812 1836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:59:33.0812 1836 lltdio - ok
20:59:33.0827 1836 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:59:33.0827 1836 lltdsvc - ok
20:59:33.0859 1836 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:59:33.0859 1836 lmhosts - ok
20:59:33.0921 1836 LMS (75f29d77b0540fcf47ee3be000bbabda) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:59:33.0921 1836 LMS - ok
20:59:33.0952 1836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:59:33.0952 1836 LSI_FC - ok
20:59:33.0952 1836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:59:33.0952 1836 LSI_SAS - ok
20:59:33.0952 1836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:59:33.0952 1836 LSI_SAS2 - ok
20:59:33.0968 1836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:59:33.0968 1836 LSI_SCSI - ok
20:59:33.0983 1836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:59:33.0983 1836 luafv - ok
20:59:33.0999 1836 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:59:33.0999 1836 Mcx2Svc - ok
20:59:33.0999 1836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:59:33.0999 1836 megasas - ok
20:59:34.0015 1836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:59:34.0015 1836 MegaSR - ok
20:59:34.0030 1836 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
20:59:34.0030 1836 MEIx64 - ok
20:59:34.0046 1836 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:59:34.0046 1836 MMCSS - ok
20:59:34.0061 1836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:59:34.0061 1836 Modem - ok
20:59:34.0077 1836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:59:34.0077 1836 monitor - ok
20:59:34.0077 1836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:59:34.0077 1836 mouclass - ok
20:59:34.0093 1836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:59:34.0093 1836 mouhid - ok
20:59:34.0108 1836 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:59:34.0108 1836 mountmgr - ok
20:59:34.0155 1836 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:59:34.0155 1836 MozillaMaintenance - ok
20:59:34.0155 1836 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:59:34.0155 1836 mpio - ok
20:59:34.0171 1836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:59:34.0171 1836 mpsdrv - ok
20:59:34.0171 1836 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:59:34.0171 1836 MRxDAV - ok
20:59:34.0186 1836 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:59:34.0186 1836 mrxsmb - ok
20:59:34.0202 1836 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:59:34.0202 1836 mrxsmb10 - ok
20:59:34.0217 1836 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:59:34.0217 1836 mrxsmb20 - ok
20:59:34.0217 1836 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:59:34.0217 1836 msahci - ok
20:59:34.0233 1836 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:59:34.0233 1836 msdsm - ok
20:59:34.0249 1836 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:59:34.0249 1836 MSDTC - ok
20:59:34.0264 1836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:59:34.0264 1836 Msfs - ok
20:59:34.0264 1836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:59:34.0264 1836 mshidkmdf - ok
20:59:34.0280 1836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:59:34.0280 1836 msisadrv - ok
20:59:34.0295 1836 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:59:34.0295 1836 MSiSCSI - ok
20:59:34.0311 1836 msiserver - ok
20:59:34.0327 1836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:59:34.0327 1836 MSKSSRV - ok
20:59:34.0327 1836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:59:34.0327 1836 MSPCLOCK - ok
20:59:34.0327 1836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:59:34.0327 1836 MSPQM - ok
20:59:34.0358 1836 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:59:34.0358 1836 MsRPC - ok
20:59:34.0373 1836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:59:34.0373 1836 mssmbios - ok
20:59:34.0373 1836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:59:34.0373 1836 MSTEE - ok
20:59:34.0373 1836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:59:34.0373 1836 MTConfig - ok
20:59:34.0389 1836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:59:34.0389 1836 Mup - ok
20:59:34.0420 1836 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:59:34.0420 1836 napagent - ok
20:59:34.0467 1836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:59:34.0467 1836 NativeWifiP - ok
20:59:34.0545 1836 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
20:59:34.0545 1836 NAUpdate - ok
20:59:34.0592 1836 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:59:34.0592 1836 NDIS - ok
20:59:34.0607 1836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:59:34.0607 1836 NdisCap - ok
20:59:34.0623 1836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:59:34.0623 1836 NdisTapi - ok
20:59:34.0639 1836 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:59:34.0639 1836 Ndisuio - ok
20:59:34.0639 1836 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:59:34.0639 1836 NdisWan - ok
20:59:34.0639 1836 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:59:34.0639 1836 NDProxy - ok
20:59:34.0654 1836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:59:34.0654 1836 NetBIOS - ok
20:59:34.0670 1836 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:59:34.0670 1836 NetBT - ok
20:59:34.0685 1836 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:59:34.0685 1836 Netlogon - ok
20:59:34.0717 1836 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:59:34.0717 1836 Netman - ok
20:59:34.0732 1836 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:59:34.0732 1836 netprofm - ok
20:59:34.0779 1836 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:59:34.0779 1836 NetTcpPortSharing - ok
20:59:34.0795 1836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:59:34.0795 1836 nfrd960 - ok
20:59:34.0810 1836 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:59:34.0810 1836 NlaSvc - ok
20:59:34.0841 1836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:59:34.0841 1836 Npfs - ok
20:59:34.0873 1836 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:59:34.0873 1836 nsi - ok
20:59:34.0873 1836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:59:34.0873 1836 nsiproxy - ok
20:59:34.0935 1836 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:59:34.0951 1836 Ntfs - ok
20:59:35.0013 1836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:59:35.0013 1836 Null - ok
20:59:35.0044 1836 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
20:59:35.0044 1836 NVHDA - ok
20:59:35.0434 1836 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:59:35.0481 1836 nvlddmkm - ok
20:59:35.0528 1836 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:59:35.0528 1836 nvraid - ok
20:59:35.0543 1836 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:59:35.0543 1836 nvstor - ok
20:59:35.0590 1836 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
20:59:35.0590 1836 nvsvc - ok
20:59:35.0668 1836 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:59:35.0668 1836 nvUpdatusService - ok
20:59:35.0699 1836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:59:35.0699 1836 nv_agp - ok
20:59:35.0699 1836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:59:35.0699 1836 ohci1394 - ok
20:59:35.0731 1836 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:59:35.0731 1836 p2pimsvc - ok
20:59:35.0762 1836 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:59:35.0762 1836 p2psvc - ok
20:59:35.0762 1836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:59:35.0762 1836 Parport - ok
20:59:35.0777 1836 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:59:35.0777 1836 partmgr - ok
20:59:35.0793 1836 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:59:35.0793 1836 PcaSvc - ok
20:59:35.0809 1836 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:59:35.0809 1836 pci - ok
20:59:35.0824 1836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:59:35.0824 1836 pciide - ok
20:59:35.0840 1836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:59:35.0840 1836 pcmcia - ok
20:59:35.0855 1836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:59:35.0855 1836 pcw - ok
20:59:35.0871 1836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:59:35.0871 1836 PEAUTH - ok
20:59:35.0933 1836 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:59:35.0933 1836 PerfHost - ok
20:59:35.0996 1836 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:59:35.0996 1836 pla - ok
20:59:36.0043 1836 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:59:36.0043 1836 PlugPlay - ok
20:59:36.0058 1836 PnkBstrA - ok
20:59:36.0074 1836 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:59:36.0074 1836 PNRPAutoReg - ok
20:59:36.0089 1836 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:59:36.0089 1836 PNRPsvc - ok
20:59:36.0136 1836 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:59:36.0136 1836 PolicyAgent - ok
20:59:36.0152 1836 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:59:36.0152 1836 Power - ok
20:59:36.0199 1836 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:59:36.0199 1836 PptpMiniport - ok
20:59:36.0214 1836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:59:36.0214 1836 Processor - ok
20:59:36.0245 1836 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:59:36.0245 1836 ProfSvc - ok
20:59:36.0261 1836 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:59:36.0261 1836 ProtectedStorage - ok
20:59:36.0261 1836 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:59:36.0261 1836 Psched - ok
20:59:36.0323 1836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:59:36.0323 1836 ql2300 - ok
20:59:36.0370 1836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:59:36.0370 1836 ql40xx - ok
20:59:36.0386 1836 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:59:36.0386 1836 QWAVE - ok
20:59:36.0401 1836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:59:36.0401 1836 QWAVEdrv - ok
20:59:36.0417 1836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:59:36.0417 1836 RasAcd - ok
20:59:36.0433 1836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:59:36.0433 1836 RasAgileVpn - ok
20:59:36.0448 1836 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:59:36.0448 1836 RasAuto - ok
20:59:36.0464 1836 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:59:36.0464 1836 Rasl2tp - ok
20:59:36.0479 1836 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:59:36.0479 1836 RasMan - ok
20:59:36.0495 1836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:59:36.0495 1836 RasPppoe - ok
20:59:36.0511 1836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:59:36.0511 1836 RasSstp - ok
20:59:36.0526 1836 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:59:36.0526 1836 rdbss - ok
20:59:36.0542 1836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:59:36.0542 1836 rdpbus - ok
20:59:36.0557 1836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:59:36.0557 1836 RDPCDD - ok
20:59:36.0557 1836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:59:36.0557 1836 RDPENCDD - ok
20:59:36.0557 1836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:59:36.0557 1836 RDPREFMP - ok
20:59:36.0589 1836 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:59:36.0589 1836 RDPWD - ok
20:59:36.0604 1836 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:59:36.0604 1836 rdyboost - ok
20:59:36.0651 1836 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:59:36.0651 1836 RemoteAccess - ok
20:59:36.0651 1836 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:59:36.0667 1836 RemoteRegistry - ok
20:59:36.0667 1836 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:59:36.0682 1836 RpcEptMapper - ok
20:59:36.0682 1836 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:59:36.0682 1836 RpcLocator - ok
20:59:36.0713 1836 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:59:36.0713 1836 RpcSs - ok
20:59:36.0729 1836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:59:36.0729 1836 rspndr - ok
20:59:36.0776 1836 RTL8167 (7f4f11527af5a7e4526cb6a146b3e40c) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:59:36.0776 1836 RTL8167 - ok
20:59:36.0791 1836 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:59:36.0791 1836 SamSs - ok
20:59:36.0807 1836 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:59:36.0807 1836 sbp2port - ok
20:59:36.0807 1836 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:59:36.0807 1836 SCardSvr - ok
20:59:36.0823 1836 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:59:36.0823 1836 scfilter - ok
20:59:36.0869 1836 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:59:36.0885 1836 Schedule - ok
20:59:36.0885 1836 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:59:36.0885 1836 SCPolicySvc - ok
20:59:36.0901 1836 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:59:36.0901 1836 SDRSVC - ok
20:59:36.0932 1836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:59:36.0932 1836 secdrv - ok
20:59:36.0932 1836 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:59:36.0932 1836 seclogon - ok
20:59:36.0947 1836 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:59:36.0947 1836 SENS - ok
20:59:36.0963 1836 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:59:36.0963 1836 SensrSvc - ok
20:59:36.0963 1836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:59:36.0963 1836 Serenum - ok
20:59:36.0979 1836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:59:36.0979 1836 Serial - ok
20:59:36.0979 1836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:59:36.0979 1836 sermouse - ok
20:59:36.0994 1836 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:59:36.0994 1836 SessionEnv - ok
20:59:36.0994 1836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:59:36.0994 1836 sffdisk - ok
20:59:36.0994 1836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:59:36.0994 1836 sffp_mmc - ok
20:59:37.0010 1836 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:59:37.0010 1836 sffp_sd - ok
20:59:37.0010 1836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:59:37.0010 1836 sfloppy - ok
20:59:37.0025 1836 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:59:37.0025 1836 ShellHWDetection - ok
20:59:37.0041 1836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:59:37.0041 1836 SiSRaid2 - ok
20:59:37.0041 1836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:59:37.0041 1836 SiSRaid4 - ok
20:59:37.0197 1836 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:59:37.0213 1836 Skype C2C Service - ok
20:59:37.0259 1836 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:59:37.0259 1836 SkypeUpdate - ok
20:59:37.0337 1836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:59:37.0337 1836 Smb - ok
20:59:37.0353 1836 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:59:37.0353 1836 SNMPTRAP - ok
20:59:37.0353 1836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:59:37.0353 1836 spldr - ok
20:59:37.0384 1836 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:59:37.0384 1836 Spooler - ok
20:59:37.0509 1836 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:59:37.0525 1836 sppsvc - ok
20:59:37.0556 1836 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:59:37.0556 1836 sppuinotify - ok
20:59:37.0603 1836 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:59:37.0603 1836 srv - ok
20:59:37.0634 1836 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:59:37.0634 1836 srv2 - ok
20:59:37.0649 1836 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:59:37.0649 1836 srvnet - ok
20:59:37.0665 1836 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:59:37.0665 1836 SSDPSRV - ok
20:59:37.0681 1836 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:59:37.0681 1836 SstpSvc - ok
20:59:37.0712 1836 Steam Client Service - ok
20:59:37.0774 1836 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:59:37.0774 1836 Stereo Service - ok
20:59:37.0790 1836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:59:37.0790 1836 stexstor - ok
20:59:37.0821 1836 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:59:37.0837 1836 stisvc - ok
20:59:37.0852 1836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:59:37.0852 1836 swenum - ok
20:59:37.0883 1836 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:59:37.0883 1836 swprv - ok
20:59:37.0946 1836 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:59:37.0946 1836 SysMain - ok
20:59:38.0008 1836 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:59:38.0008 1836 TabletInputService - ok
20:59:38.0024 1836 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:59:38.0024 1836 TapiSrv - ok
20:59:38.0055 1836 TBPanel - ok
20:59:38.0055 1836 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:59:38.0055 1836 TBS - ok
20:59:38.0149 1836 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:59:38.0149 1836 Tcpip - ok
20:59:38.0258 1836 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:59:38.0258 1836 TCPIP6 - ok
20:59:38.0305 1836 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:59:38.0305 1836 tcpipreg - ok
20:59:38.0320 1836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:59:38.0320 1836 TDPIPE - ok
20:59:38.0336 1836 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:59:38.0336 1836 TDTCP - ok
20:59:38.0351 1836 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:59:38.0351 1836 tdx - ok
20:59:38.0492 1836 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
20:59:38.0507 1836 TeamViewer7 - ok
20:59:38.0539 1836 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:59:38.0539 1836 TermDD - ok
20:59:38.0585 1836 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:59:38.0585 1836 TermService - ok
20:59:38.0585 1836 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:59:38.0601 1836 Themes - ok
20:59:38.0617 1836 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:59:38.0617 1836 THREADORDER - ok
20:59:38.0632 1836 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:59:38.0632 1836 TrkWks - ok
20:59:38.0663 1836 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:59:38.0663 1836 TrustedInstaller - ok
20:59:38.0663 1836 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:59:38.0663 1836 tssecsrv - ok
20:59:38.0695 1836 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:59:38.0695 1836 TsUsbFlt - ok
20:59:38.0695 1836 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:59:38.0695 1836 TsUsbGD - ok
20:59:38.0726 1836 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:59:38.0726 1836 tunnel - ok
20:59:38.0726 1836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:59:38.0726 1836 uagp35 - ok
20:59:38.0741 1836 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:59:38.0757 1836 udfs - ok
20:59:38.0757 1836 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:59:38.0757 1836 UI0Detect - ok
20:59:38.0773 1836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:59:38.0773 1836 uliagpkx - ok
20:59:38.0773 1836 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:59:38.0773 1836 umbus - ok
20:59:38.0773 1836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:59:38.0773 1836 UmPass - ok
20:59:38.0835 1836 UNS (193ad338f2a64d17300ad640adfa5d0a) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:59:38.0835 1836 UNS - ok
20:59:38.0866 1836 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:59:38.0866 1836 upnphost - ok
20:59:38.0882 1836 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
20:59:38.0882 1836 usbccgp - ok
20:59:38.0897 1836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:59:38.0897 1836 usbcir - ok
20:59:38.0913 1836 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:59:38.0913 1836 usbehci - ok
20:59:38.0944 1836 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:59:38.0944 1836 usbhub - ok
20:59:38.0960 1836 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:59:38.0960 1836 usbohci - ok
20:59:38.0960 1836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:59:38.0960 1836 usbprint - ok
20:59:38.0991 1836 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:59:38.0991 1836 USBSTOR - ok
20:59:38.0991 1836 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:59:38.0991 1836 usbuhci - ok
20:59:39.0007 1836 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:59:39.0007 1836 UxSms - ok
20:59:39.0022 1836 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:59:39.0022 1836 VaultSvc - ok
20:59:39.0038 1836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:59:39.0038 1836 vdrvroot - ok
20:59:39.0069 1836 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:59:39.0085 1836 vds - ok
20:59:39.0085 1836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:59:39.0085 1836 vga - ok
20:59:39.0085 1836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:59:39.0085 1836 VgaSave - ok
20:59:39.0100 1836 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:59:39.0100 1836 vhdmp - ok
20:59:39.0116 1836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:59:39.0116 1836 viaide - ok
20:59:39.0131 1836 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:59:39.0131 1836 volmgr - ok
20:59:39.0147 1836 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:59:39.0147 1836 volmgrx - ok
20:59:39.0178 1836 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
20:59:39.0178 1836 volsnap - ok
20:59:39.0194 1836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:59:39.0194 1836 vsmraid - ok
20:59:39.0256 1836 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:59:39.0256 1836 VSS - ok
20:59:39.0506 1836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:59:39.0506 1836 vwifibus - ok
20:59:39.0521 1836 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:59:39.0521 1836 W32Time - ok
20:59:39.0537 1836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:59:39.0537 1836 WacomPen - ok
20:59:39.0553 1836 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:59:39.0553 1836 WANARP - ok
20:59:39.0553 1836 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:59:39.0553 1836 Wanarpv6 - ok
20:59:39.0631 1836 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:59:39.0631 1836 WatAdminSvc - ok
20:59:39.0709 1836 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:59:39.0709 1836 wbengine - ok
20:59:39.0740 1836 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:59:39.0740 1836 WbioSrvc - ok
20:59:39.0740 1836 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:59:39.0755 1836 wcncsvc - ok
20:59:39.0755 1836 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:59:39.0755 1836 WcsPlugInService - ok
20:59:39.0771 1836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:59:39.0771 1836 Wd - ok
20:59:39.0818 1836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:59:39.0818 1836 Wdf01000 - ok
20:59:39.0818 1836 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:59:39.0818 1836 WdiServiceHost - ok
20:59:39.0818 1836 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:59:39.0818 1836 WdiSystemHost - ok
20:59:39.0833 1836 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:59:39.0833 1836 WebClient - ok
20:59:39.0849 1836 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:59:39.0849 1836 Wecsvc - ok
20:59:39.0849 1836 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:59:39.0849 1836 wercplsupport - ok
20:59:39.0865 1836 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:59:39.0865 1836 WerSvc - ok
20:59:39.0880 1836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:59:39.0880 1836 WfpLwf - ok
20:59:39.0880 1836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:59:39.0880 1836 WIMMount - ok
20:59:39.0896 1836 WinHttpAutoProxySvc - ok
20:59:39.0927 1836 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:59:39.0927 1836 Winmgmt - ok
20:59:40.0005 1836 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:59:40.0021 1836 WinRM - ok
20:59:40.0130 1836 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:59:40.0130 1836 Wlansvc - ok
20:59:40.0145 1836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:59:40.0145 1836 WmiAcpi - ok
20:59:40.0161 1836 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:59:40.0161 1836 wmiApSrv - ok
20:59:40.0192 1836 WMPNetworkSvc - ok
20:59:40.0192 1836 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:59:40.0208 1836 WPCSvc - ok
20:59:40.0208 1836 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:59:40.0208 1836 WPDBusEnum - ok
20:59:40.0223 1836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:59:40.0223 1836 ws2ifsl - ok
20:59:40.0223 1836 WSearch - ok
20:59:40.0239 1836 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:59:40.0239 1836 WudfPf - ok
20:59:40.0270 1836 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:59:40.0270 1836 WUDFRd - ok
20:59:40.0270 1836 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:59:40.0270 1836 wudfsvc - ok
20:59:40.0301 1836 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:59:40.0301 1836 WwanSvc - ok
20:59:40.0317 1836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:59:40.0520 1836 \Device\Harddisk0\DR0 - ok
20:59:40.0520 1836 Boot (0x1200) (5867778a502be11ee7494ad834b61a6b) \Device\Harddisk0\DR0\Partition0
20:59:40.0520 1836 \Device\Harddisk0\DR0\Partition0 - ok
20:59:40.0520 1836 Boot (0x1200) (2b3bb5854526b74b46f62ac4491a9bc1) \Device\Harddisk0\DR0\Partition1
20:59:40.0520 1836 \Device\Harddisk0\DR0\Partition1 - ok
20:59:40.0520 1836 ============================================================
20:59:40.0520 1836 Scan finished
20:59:40.0520 1836 ============================================================
20:59:40.0520 1912 Detected object count: 0
20:59:40.0520 1912 Actual detected object count: 0

#8 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 06:16 AM

next the aswMBR results

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-04 21:07:48
-----------------------------
21:07:48.047 OS Version: Windows x64 6.1.7601 Service Pack 1
21:07:48.047 Number of processors: 4 586 0x3A09
21:07:48.047 ComputerName: SAMANTHA-PC UserName: Samantha
21:07:48.999 Initialize success
21:09:35.218 AVAST engine defs: 12080400
21:09:43.008 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:09:43.008 Disk 0 Vendor: WDC_WD10EALX-009BA0 15.01H15 Size: 953869MB BusType: 3
21:09:43.018 Disk 0 MBR read successfully
21:09:43.018 Disk 0 MBR scan
21:09:43.018 Disk 0 Windows 7 default MBR code
21:09:43.028 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:09:43.038 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
21:09:43.058 Disk 0 scanning C:\Windows\system32\drivers
21:09:46.618 Service scanning
21:09:56.308 Modules scanning
21:09:56.312 Disk 0 trace - called modules:
21:09:56.321 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:09:56.323 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80075b1060]
21:09:56.649 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80071d29b0]
21:09:56.652 5 ACPI.sys[fffff88000f9f7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007666060]
21:09:58.217 AVAST engine scan C:\Windows
21:09:59.824 AVAST engine scan C:\Windows\system32
21:10:44.666 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:10:45.460 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:11:13.607 AVAST engine scan C:\Windows\system32\drivers
21:11:18.301 AVAST engine scan C:\Users\Samantha
21:11:26.986 File: C:\Users\Samantha\AppData\Local\Temp\certheme.dll **INFECTED** Win32:Trojan-gen
21:11:27.011 File: C:\Users\Samantha\AppData\Local\Temp\certheme64.dll **INFECTED** Win32:Spyware-gen [Spy]
21:11:29.242 File: C:\Users\Samantha\AppData\Local\Temp\msimg32.dll **INFECTED** Win32:Sirefef-ZT [Trj]
21:13:25.655 AVAST engine scan C:\ProgramData
21:13:41.576 Scan finished successfully
21:14:43.162 Disk 0 MBR has been saved successfully to "C:\Users\Samantha\Documents\MBR.dat"
21:14:43.177 The log file has been saved successfully to "C:\Users\Samantha\Documents\aswMBR.txt"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 06:17 AM

We need advanced tools to remove this one

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#10 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 06:21 AM

I was just about to run the ESET scanner.. will I still run it? Aslo it's default setting is Remove found threats.. do I leave that as is?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 06:22 AM

You need not run it now.Create a topic with requested logs

good luck

#12 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:51 PM

Posted 04 August 2012 - 06:25 AM

OK, Thank you for your help.

Norma

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:51 AM

Posted 04 August 2012 - 11:34 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users