Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting google redirects and random pop ups


  • Please log in to reply
3 replies to this topic

#1 IGNF

IGNF

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 07 August 2012 - 12:19 PM

This virus has rendered google useless to me. whenever i click a link in a google search I'll get redirected elsewhere. This also happens with some other search engines for forums or some sites but not all. I'll also get random pop up tabs when browsing the internet. I use windows 7 64 bit and use mozilla as my browser. when I run malwarebytes it sometimes says it found infections but it has yet to actually stop the problem. I'm not sure what else to try, please help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:52 PM

Posted 07 August 2012 - 12:45 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 IGNF

IGNF
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 07 August 2012 - 03:56 PM

thanks for the quick reply


14:03:22.0653 1304 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:03:23.0000 1304 ============================================================
14:03:23.0000 1304 Current date / time: 2012/08/07 14:03:23.0000
14:03:23.0000 1304 SystemInfo:
14:03:23.0000 1304
14:03:23.0000 1304 OS Version: 6.1.7601 ServicePack: 1.0
14:03:23.0000 1304 Product type: Workstation
14:03:23.0000 1304 ComputerName: NATE-PC
14:03:23.0001 1304 UserName: Nate
14:03:23.0001 1304 Windows directory: C:\Windows
14:03:23.0001 1304 System windows directory: C:\Windows
14:03:23.0001 1304 Running under WOW64
14:03:23.0001 1304 Processor architecture: Intel x64
14:03:23.0001 1304 Number of processors: 4
14:03:23.0001 1304 Page size: 0x1000
14:03:23.0001 1304 Boot type: Normal boot
14:03:23.0001 1304 ============================================================
14:03:27.0362 1304 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:03:27.0377 1304 ============================================================
14:03:27.0377 1304 \Device\Harddisk0\DR0:
14:03:27.0386 1304 MBR partitions:
14:03:27.0386 1304 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:03:27.0386 1304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
14:03:27.0386 1304 ============================================================
14:03:27.0422 1304 C: <-> \Device\Harddisk0\DR0\Partition1
14:03:27.0435 1304 ============================================================
14:03:27.0435 1304 Initialize success
14:03:27.0435 1304 ============================================================
14:03:29.0231 1928 ============================================================
14:03:29.0231 1928 Scan started
14:03:29.0231 1928 Mode: Manual;
14:03:29.0231 1928 ============================================================
14:03:30.0837 1928 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:03:30.0842 1928 !SASCORE - ok
14:03:31.0329 1928 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:03:31.0342 1928 1394ohci - ok
14:03:31.0403 1928 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:03:31.0408 1928 ACPI - ok
14:03:31.0447 1928 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:03:31.0448 1928 AcpiPmi - ok
14:03:31.0701 1928 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:03:31.0715 1928 AdobeARMservice - ok
14:03:32.0143 1928 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:03:32.0145 1928 AdobeFlashPlayerUpdateSvc - ok
14:03:32.0580 1928 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:03:32.0605 1928 adp94xx - ok
14:03:32.0778 1928 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:03:32.0783 1928 adpahci - ok
14:03:32.0877 1928 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:03:32.0891 1928 adpu320 - ok
14:03:32.0922 1928 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:03:32.0924 1928 AeLookupSvc - ok
14:03:32.0965 1928 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:03:32.0970 1928 AFD - ok
14:03:33.0028 1928 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:03:33.0029 1928 agp440 - ok
14:03:33.0043 1928 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:03:33.0044 1928 ALG - ok
14:03:33.0059 1928 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:03:33.0060 1928 aliide - ok
14:03:33.0067 1928 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:03:33.0068 1928 amdide - ok
14:03:33.0081 1928 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:03:33.0082 1928 AmdK8 - ok
14:03:33.0111 1928 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
14:03:33.0112 1928 AmdPPM - ok
14:03:33.0491 1928 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:03:33.0500 1928 amdsata - ok
14:03:33.0592 1928 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:03:33.0606 1928 amdsbs - ok
14:03:33.0648 1928 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:03:33.0659 1928 amdxata - ok
14:03:33.0732 1928 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:03:33.0738 1928 AppID - ok
14:03:33.0785 1928 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:03:33.0786 1928 AppIDSvc - ok
14:03:33.0843 1928 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:03:33.0854 1928 Appinfo - ok
14:03:34.0053 1928 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:03:34.0080 1928 AppMgmt - ok
14:03:34.0128 1928 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:03:34.0130 1928 arc - ok
14:03:34.0193 1928 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:03:34.0197 1928 arcsas - ok
14:03:34.0233 1928 AsrAppCharger (912a215ce180a6e7c923c662d7ec777d) C:\Windows\system32\DRIVERS\AsrAppCharger.sys
14:03:34.0241 1928 AsrAppCharger - ok
14:03:34.0297 1928 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:03:34.0298 1928 AsyncMac - ok
14:03:34.0345 1928 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:03:34.0345 1928 atapi - ok
14:03:34.0404 1928 AthBTPort (c647c19b70b4717106f6b59e80d6f38f) C:\Windows\system32\DRIVERS\btath_flt.sys
14:03:34.0405 1928 AthBTPort - ok
14:03:34.0482 1928 AthDfu (17d367ae1ad05852303a8bdfab5d028b) C:\Windows\system32\Drivers\AthDfu.sys
14:03:34.0498 1928 AthDfu - ok
14:03:34.0777 1928 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:03:34.0782 1928 AudioEndpointBuilder - ok
14:03:34.0789 1928 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:03:34.0795 1928 AudioSrv - ok
14:03:34.0980 1928 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:03:35.0004 1928 AxInstSV - ok
14:03:35.0206 1928 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:03:35.0226 1928 b06bdrv - ok
14:03:35.0334 1928 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:03:35.0352 1928 b57nd60a - ok
14:03:35.0422 1928 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:03:35.0423 1928 BDESVC - ok
14:03:35.0425 1928 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:03:35.0426 1928 Beep - ok
14:03:35.0456 1928 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:03:35.0457 1928 blbdrive - ok
14:03:35.0490 1928 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:03:35.0491 1928 bowser - ok
14:03:35.0503 1928 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:03:35.0504 1928 BrFiltLo - ok
14:03:35.0511 1928 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:03:35.0512 1928 BrFiltUp - ok
14:03:35.0611 1928 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:03:35.0622 1928 Browser - ok
14:03:35.0677 1928 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:03:35.0682 1928 Brserid - ok
14:03:35.0724 1928 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:03:35.0725 1928 BrSerWdm - ok
14:03:35.0747 1928 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:03:35.0758 1928 BrUsbMdm - ok
14:03:35.0778 1928 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:03:35.0778 1928 BrUsbSer - ok
14:03:35.0873 1928 BTATH_A2DP (f5b0c8426147f8455a58470753355a86) C:\Windows\system32\drivers\btath_a2dp.sys
14:03:35.0878 1928 BTATH_A2DP - ok
14:03:35.0939 1928 BTATH_BUS (613a1fd0db78f8df45fc0091868f1032) C:\Windows\system32\DRIVERS\btath_bus.sys
14:03:35.0951 1928 BTATH_BUS - ok
14:03:36.0145 1928 BTATH_HCRP (30c1769f1dbf567a2f31492e819cbdc2) C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:03:36.0176 1928 BTATH_HCRP - ok
14:03:36.0257 1928 BTATH_RCP (6b476536c991f953ded4b92cc505b3a8) C:\Windows\system32\DRIVERS\btath_rcp.sys
14:03:36.0260 1928 BTATH_RCP - ok
14:03:36.0339 1928 BtFilter (e808a9b7dbd8db51d6a02beba677ae88) C:\Windows\system32\DRIVERS\btfilter.sys
14:03:36.0349 1928 BtFilter - ok
14:03:36.0364 1928 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
14:03:36.0365 1928 BthEnum - ok
14:03:36.0454 1928 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
14:03:36.0469 1928 BTHMODEM - ok
14:03:36.0554 1928 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:03:36.0568 1928 BthPan - ok
14:03:36.0854 1928 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
14:03:36.0874 1928 BTHPORT - ok
14:03:36.0931 1928 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:03:36.0945 1928 bthserv - ok
14:03:36.0977 1928 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
14:03:36.0979 1928 BTHUSB - ok
14:03:37.0055 1928 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:03:37.0071 1928 cdfs - ok
14:03:37.0319 1928 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:03:37.0348 1928 cdrom - ok
14:03:37.0497 1928 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:03:37.0517 1928 CertPropSvc - ok
14:03:37.0633 1928 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:03:37.0647 1928 circlass - ok
14:03:38.0152 1928 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:03:38.0168 1928 CLFS - ok
14:03:38.0394 1928 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:03:38.0435 1928 clr_optimization_v2.0.50727_32 - ok
14:03:38.0801 1928 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:03:38.0836 1928 clr_optimization_v2.0.50727_64 - ok
14:03:39.0128 1928 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:03:39.0166 1928 clr_optimization_v4.0.30319_32 - ok
14:03:39.0220 1928 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:03:39.0230 1928 clr_optimization_v4.0.30319_64 - ok
14:03:39.0346 1928 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:03:39.0353 1928 CmBatt - ok
14:03:39.0396 1928 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:03:39.0413 1928 cmdide - ok
14:03:39.0634 1928 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
14:03:39.0652 1928 CNG - ok
14:03:39.0679 1928 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:03:39.0682 1928 Compbatt - ok
14:03:39.0792 1928 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:03:39.0808 1928 CompositeBus - ok
14:03:39.0820 1928 COMSysApp - ok
14:03:39.0894 1928 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:03:39.0895 1928 crcdisk - ok
14:03:40.0084 1928 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:03:40.0086 1928 Creative ALchemy AL6 Licensing Service - ok
14:03:40.0217 1928 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:03:40.0251 1928 Creative Audio Engine Licensing Service - ok
14:03:40.0566 1928 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
14:03:40.0569 1928 CryptSvc - ok
14:03:40.0855 1928 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:03:40.0866 1928 CSC - ok
14:03:41.0032 1928 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:03:41.0040 1928 CscService - ok
14:03:41.0240 1928 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:03:41.0245 1928 CTAudSvcService - ok
14:03:41.0563 1928 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
14:03:41.0565 1928 DAUpdaterSvc - ok
14:03:41.0767 1928 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:03:41.0854 1928 DcomLaunch - ok
14:03:41.0995 1928 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:03:41.0999 1928 defragsvc - ok
14:03:42.0168 1928 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:03:42.0169 1928 DfsC - ok
14:03:42.0390 1928 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:03:42.0420 1928 Dhcp - ok
14:03:42.0454 1928 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:03:42.0533 1928 discache - ok
14:03:43.0069 1928 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:03:43.0106 1928 Disk - ok
14:03:43.0364 1928 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
14:03:43.0365 1928 dmvsc - ok
14:03:43.0508 1928 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:03:43.0515 1928 Dnscache - ok
14:03:43.0923 1928 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:03:43.0931 1928 dot3svc - ok
14:03:44.0034 1928 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:03:44.0037 1928 DPS - ok
14:03:44.0150 1928 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:03:44.0159 1928 drmkaud - ok
14:03:44.0447 1928 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:03:44.0474 1928 dtsoftbus01 - ok
14:03:44.0917 1928 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:03:44.0941 1928 DXGKrnl - ok
14:03:45.0080 1928 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:03:45.0094 1928 EapHost - ok
14:03:45.0156 1928 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys
14:03:45.0157 1928 easytether - ok
14:03:47.0129 1928 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:03:47.0185 1928 ebdrv - ok
14:03:47.0467 1928 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:03:47.0468 1928 EFS - ok
14:03:47.0629 1928 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:03:47.0651 1928 ehRecvr - ok
14:03:47.0685 1928 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:03:47.0687 1928 ehSched - ok
14:03:47.0791 1928 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:03:47.0802 1928 elxstor - ok
14:03:47.0829 1928 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:03:47.0830 1928 ErrDev - ok
14:03:47.0884 1928 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:03:47.0886 1928 EventSystem - ok
14:03:47.0956 1928 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:03:47.0958 1928 exfat - ok
14:03:48.0008 1928 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:03:48.0010 1928 fastfat - ok
14:03:48.0261 1928 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:03:48.0271 1928 Fax - ok
14:03:48.0323 1928 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:03:48.0323 1928 fdc - ok
14:03:48.0361 1928 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:03:48.0372 1928 fdPHost - ok
14:03:48.0418 1928 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:03:48.0420 1928 FDResPub - ok
14:03:48.0445 1928 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:03:48.0446 1928 FileInfo - ok
14:03:48.0474 1928 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:03:48.0474 1928 Filetrace - ok
14:03:48.0513 1928 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:03:48.0513 1928 flpydisk - ok
14:03:48.0856 1928 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:03:48.0864 1928 FltMgr - ok
14:03:48.0933 1928 FNETURPX (7c3c4b4c951ec1bdfd4f769d05e2cc68) C:\Windows\system32\drivers\FNETURPX.SYS
14:03:48.0980 1928 FNETURPX - ok
14:03:49.0329 1928 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:03:49.0354 1928 FontCache - ok
14:03:49.0564 1928 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:03:49.0566 1928 FontCache3.0.0.0 - ok
14:03:49.0662 1928 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:03:49.0663 1928 FsDepends - ok
14:03:49.0715 1928 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:03:49.0716 1928 Fs_Rec - ok
14:03:49.0759 1928 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:03:49.0766 1928 fvevol - ok
14:03:49.0871 1928 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:03:49.0872 1928 gagp30kx - ok
14:03:50.0168 1928 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:03:50.0203 1928 gpsvc - ok
14:03:50.0436 1928 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:03:50.0439 1928 gupdate - ok
14:03:50.0448 1928 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:03:50.0449 1928 gupdatem - ok
14:03:50.0596 1928 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:03:50.0608 1928 hcw85cir - ok
14:03:50.0707 1928 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:03:50.0710 1928 HdAudAddService - ok
14:03:50.0740 1928 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:03:50.0740 1928 HDAudBus - ok
14:03:50.0882 1928 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:03:50.0883 1928 HidBatt - ok
14:03:51.0008 1928 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:03:51.0008 1928 HidBth - ok
14:03:51.0047 1928 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:03:51.0048 1928 HidIr - ok
14:03:51.0076 1928 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:03:51.0077 1928 hidserv - ok
14:03:51.0085 1928 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:03:51.0085 1928 HidUsb - ok
14:03:51.0119 1928 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:03:51.0120 1928 hkmsvc - ok
14:03:51.0179 1928 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:03:51.0182 1928 HomeGroupListener - ok
14:03:51.0269 1928 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:03:51.0271 1928 HomeGroupProvider - ok
14:03:51.0314 1928 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:03:51.0325 1928 HpSAMD - ok
14:03:51.0411 1928 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:03:51.0418 1928 HTTP - ok
14:03:51.0452 1928 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:03:51.0452 1928 hwpolicy - ok
14:03:51.0509 1928 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:03:51.0511 1928 i8042prt - ok
14:03:51.0913 1928 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:03:51.0918 1928 iaStorV - ok
14:03:52.0020 1928 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:03:52.0021 1928 IDriverT - ok
14:03:52.0166 1928 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:03:52.0175 1928 idsvc - ok
14:03:52.0394 1928 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:03:52.0395 1928 iirsp - ok
14:03:52.0532 1928 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:03:52.0542 1928 IKEEXT - ok
14:03:53.0315 1928 IntcAzAudAddService (895c6dd2a3cab8c2baedb201dd1a7d40) C:\Windows\system32\drivers\RTKVHD64.sys
14:03:53.0370 1928 IntcAzAudAddService - ok
14:03:53.0861 1928 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:03:53.0862 1928 intelide - ok
14:03:54.0000 1928 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:03:54.0001 1928 intelppm - ok
14:03:54.0080 1928 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:03:54.0096 1928 IPBusEnum - ok
14:03:54.0179 1928 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:03:54.0180 1928 IpFilterDriver - ok
14:03:54.0351 1928 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:03:54.0352 1928 IPMIDRV - ok
14:03:54.0558 1928 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:03:54.0567 1928 IPNAT - ok
14:03:54.0625 1928 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:03:54.0625 1928 IRENUM - ok
14:03:54.0665 1928 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:03:54.0666 1928 isapnp - ok
14:03:55.0188 1928 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:03:55.0217 1928 iScsiPrt - ok
14:03:55.0380 1928 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:03:55.0382 1928 kbdclass - ok
14:03:55.0473 1928 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:03:55.0484 1928 kbdhid - ok
14:03:55.0575 1928 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:03:55.0576 1928 KeyIso - ok
14:03:55.0686 1928 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
14:03:55.0698 1928 KSecDD - ok
14:03:55.0816 1928 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
14:03:55.0842 1928 KSecPkg - ok
14:03:55.0935 1928 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:03:55.0936 1928 ksthunk - ok
14:03:56.0077 1928 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:03:56.0100 1928 KtmRm - ok
14:03:56.0192 1928 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
14:03:56.0200 1928 L1C - ok
14:03:56.0289 1928 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:03:56.0295 1928 LanmanServer - ok
14:03:56.0500 1928 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:03:56.0506 1928 LanmanWorkstation - ok
14:03:56.0786 1928 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:03:56.0791 1928 LBTServ - ok
14:03:56.0855 1928 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
14:03:56.0868 1928 LGBusEnum - ok
14:03:56.0906 1928 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
14:03:56.0907 1928 LGVirHid - ok
14:03:56.0970 1928 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:03:56.0971 1928 LHidFilt - ok
14:03:57.0448 1928 Linksys_adapter_H (584528bf596a54b2bf6be5067adda44a) C:\Windows\system32\DRIVERS\AE2500w764.sys
14:03:57.0560 1928 Linksys_adapter_H - ok
14:03:57.0702 1928 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:03:57.0712 1928 lltdio - ok
14:03:57.0845 1928 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:03:57.0850 1928 lltdsvc - ok
14:03:57.0855 1928 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:03:57.0857 1928 lmhosts - ok
14:03:57.0903 1928 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:03:57.0905 1928 LMouFilt - ok
14:03:58.0330 1928 LMS (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:03:58.0335 1928 LMS - ok
14:03:58.0368 1928 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:03:58.0369 1928 LSI_FC - ok
14:03:58.0426 1928 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:03:58.0428 1928 LSI_SAS - ok
14:03:58.0482 1928 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:03:58.0484 1928 LSI_SAS2 - ok
14:03:58.0533 1928 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:03:58.0535 1928 LSI_SCSI - ok
14:03:58.0567 1928 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:03:58.0583 1928 luafv - ok
14:03:58.0643 1928 LUsbFilt (11ddb1d900078fbe3691df7b878aec28) C:\Windows\system32\Drivers\LUsbFilt.Sys
14:03:58.0644 1928 LUsbFilt - ok
14:03:58.0697 1928 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
14:03:58.0698 1928 MBAMProtector - ok
14:03:58.0906 1928 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:03:58.0923 1928 MBAMService - ok
14:03:58.0971 1928 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:03:58.0974 1928 Mcx2Svc - ok
14:03:59.0012 1928 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:03:59.0020 1928 megasas - ok
14:03:59.0075 1928 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:03:59.0092 1928 MegaSR - ok
14:03:59.0158 1928 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
14:03:59.0160 1928 MEIx64 - ok
14:03:59.0208 1928 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:03:59.0209 1928 MMCSS - ok
14:03:59.0235 1928 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:03:59.0236 1928 Modem - ok
14:03:59.0272 1928 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:03:59.0273 1928 monitor - ok
14:03:59.0302 1928 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:03:59.0303 1928 mouclass - ok
14:03:59.0358 1928 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:03:59.0372 1928 mouhid - ok
14:03:59.0455 1928 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:03:59.0456 1928 mountmgr - ok
14:03:59.0610 1928 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:03:59.0613 1928 MozillaMaintenance - ok
14:03:59.0715 1928 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:03:59.0718 1928 mpio - ok
14:03:59.0746 1928 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:03:59.0748 1928 mpsdrv - ok
14:03:59.0773 1928 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:03:59.0783 1928 MRxDAV - ok
14:03:59.0872 1928 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:03:59.0893 1928 mrxsmb - ok
14:03:59.0966 1928 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:03:59.0971 1928 mrxsmb10 - ok
14:04:00.0067 1928 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:00.0076 1928 mrxsmb20 - ok
14:04:00.0104 1928 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:04:00.0120 1928 msahci - ok
14:04:00.0175 1928 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:04:00.0189 1928 msdsm - ok
14:04:00.0250 1928 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:04:00.0253 1928 MSDTC - ok
14:04:00.0287 1928 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:04:00.0288 1928 Msfs - ok
14:04:00.0313 1928 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:04:00.0314 1928 mshidkmdf - ok
14:04:00.0340 1928 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:04:00.0341 1928 msisadrv - ok
14:04:00.0462 1928 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:04:00.0474 1928 MSiSCSI - ok
14:04:00.0477 1928 msiserver - ok
14:04:00.0500 1928 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:04:00.0515 1928 MSKSSRV - ok
14:04:00.0526 1928 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:00.0527 1928 MSPCLOCK - ok
14:04:00.0548 1928 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:04:00.0549 1928 MSPQM - ok
14:04:00.0974 1928 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:04:00.0998 1928 MsRPC - ok
14:04:01.0060 1928 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:04:01.0061 1928 mssmbios - ok
14:04:01.0089 1928 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:04:01.0099 1928 MSTEE - ok
14:04:01.0172 1928 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:04:01.0188 1928 MTConfig - ok
14:04:01.0331 1928 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:04:01.0335 1928 Mup - ok
14:04:02.0317 1928 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:04:02.0352 1928 napagent - ok
14:04:03.0116 1928 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:04:03.0151 1928 NativeWifiP - ok
14:04:05.0073 1928 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:04:05.0109 1928 NDIS - ok
14:04:05.0210 1928 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:04:05.0217 1928 NdisCap - ok
14:04:05.0459 1928 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:05.0470 1928 NdisTapi - ok
14:04:05.0663 1928 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:05.0667 1928 Ndisuio - ok
14:04:06.0042 1928 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:06.0069 1928 NdisWan - ok
14:04:06.0213 1928 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:04:06.0215 1928 NDProxy - ok
14:04:06.0351 1928 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:04:06.0362 1928 NetBIOS - ok
14:04:06.0758 1928 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:04:06.0782 1928 NetBT - ok
14:04:06.0871 1928 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:04:06.0882 1928 Netlogon - ok
14:04:07.0261 1928 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:04:07.0873 1928 Netman - ok
14:04:09.0020 1928 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:04:09.0396 1928 netprofm - ok
14:04:10.0761 1928 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:10.0817 1928 NetTcpPortSharing - ok
14:04:11.0030 1928 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:04:11.0230 1928 nfrd960 - ok
14:04:12.0227 1928 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:04:12.0461 1928 NlaSvc - ok
14:04:12.0689 1928 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:04:12.0726 1928 Npfs - ok
14:04:12.0936 1928 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:04:12.0961 1928 nsi - ok
14:04:13.0204 1928 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:04:13.0365 1928 nsiproxy - ok
14:04:15.0644 1928 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:04:15.0863 1928 Ntfs - ok
14:04:16.0948 1928 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:04:17.0075 1928 Null - ok
14:04:17.0532 1928 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
14:04:17.0558 1928 NVHDA - ok
14:04:33.0661 1928 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:04:34.0437 1928 nvlddmkm - ok
14:04:35.0498 1928 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:04:35.0510 1928 nvraid - ok
14:04:35.0838 1928 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:04:36.0158 1928 nvstor - ok
14:04:37.0428 1928 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
14:04:37.0836 1928 NVSvc - ok
14:04:40.0042 1928 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:04:40.0600 1928 nvUpdatusService - ok
14:04:41.0469 1928 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:04:41.0960 1928 nv_agp - ok
14:04:42.0317 1928 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:04:42.0340 1928 ohci1394 - ok
14:04:42.0612 1928 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:04:43.0473 1928 p2pimsvc - ok
14:04:44.0560 1928 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:04:44.0585 1928 p2psvc - ok
14:04:44.0915 1928 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:04:44.0943 1928 Parport - ok
14:04:45.0083 1928 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
14:04:45.0092 1928 partmgr - ok
14:04:45.0392 1928 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:04:45.0431 1928 PcaSvc - ok
14:04:45.0879 1928 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:04:45.0902 1928 pci - ok
14:04:46.0018 1928 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:04:46.0019 1928 pciide - ok
14:04:46.0299 1928 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:04:46.0335 1928 pcmcia - ok
14:04:46.0452 1928 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:04:46.0457 1928 pcw - ok
14:04:47.0416 1928 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:04:47.0433 1928 PEAUTH - ok
14:04:50.0641 1928 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:04:50.0685 1928 PeerDistSvc - ok
14:04:51.0327 1928 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:04:51.0338 1928 PerfHost - ok
14:04:55.0055 1928 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:04:55.0800 1928 pla - ok
14:04:57.0117 1928 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:04:57.0519 1928 PlugPlay - ok
14:04:57.0800 1928 PnkBstrA - ok
14:04:58.0032 1928 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:04:58.0055 1928 PNRPAutoReg - ok
14:04:58.0800 1928 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:04:59.0014 1928 PNRPsvc - ok
14:04:59.0880 1928 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:05:00.0071 1928 PolicyAgent - ok
14:05:00.0412 1928 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:05:00.0426 1928 Power - ok
14:05:00.0568 1928 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:05:00.0754 1928 PptpMiniport - ok
14:05:00.0944 1928 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:05:00.0951 1928 Processor - ok
14:05:01.0229 1928 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
14:05:01.0413 1928 ProfSvc - ok
14:05:01.0539 1928 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:05:01.0551 1928 ProtectedStorage - ok
14:05:02.0374 1928 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:05:02.0594 1928 Psched - ok
14:05:05.0396 1928 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:05:05.0440 1928 ql2300 - ok
14:05:06.0006 1928 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:05:06.0690 1928 ql40xx - ok
14:05:07.0891 1928 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:05:07.0902 1928 QWAVE - ok
14:05:07.0991 1928 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:05:08.0001 1928 QWAVEdrv - ok
14:05:08.0081 1928 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:05:08.0083 1928 RasAcd - ok
14:05:08.0265 1928 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:05:08.0268 1928 RasAgileVpn - ok
14:05:08.0453 1928 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:05:08.0475 1928 RasAuto - ok
14:05:08.0726 1928 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:05:08.0770 1928 Rasl2tp - ok
14:05:08.0893 1928 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:05:09.0674 1928 RasMan - ok
14:05:10.0507 1928 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:05:10.0532 1928 RasPppoe - ok
14:05:10.0735 1928 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:05:12.0234 1928 RasSstp - ok
14:05:13.0284 1928 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:05:14.0143 1928 rdbss - ok
14:05:14.0504 1928 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:05:14.0518 1928 rdpbus - ok
14:05:14.0609 1928 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:05:14.0622 1928 RDPCDD - ok
14:05:15.0316 1928 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:05:15.0772 1928 RDPDR - ok
14:05:15.0912 1928 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:05:15.0913 1928 RDPENCDD - ok
14:05:15.0997 1928 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:05:15.0998 1928 RDPREFMP - ok
14:05:16.0341 1928 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
14:05:16.0378 1928 RdpVideoMiniport - ok
14:05:17.0107 1928 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
14:05:17.0379 1928 RDPWD - ok
14:05:17.0999 1928 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:05:18.0230 1928 rdyboost - ok
14:05:18.0548 1928 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:05:18.0582 1928 RemoteAccess - ok
14:05:19.0123 1928 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:05:19.0288 1928 RemoteRegistry - ok
14:05:20.0018 1928 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:05:20.0052 1928 RFCOMM - ok
14:05:20.0447 1928 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:05:20.0620 1928 RpcEptMapper - ok
14:05:20.0696 1928 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:05:20.0725 1928 RpcLocator - ok
14:05:21.0617 1928 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:05:21.0661 1928 RpcSs - ok
14:05:22.0079 1928 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:05:22.0099 1928 rspndr - ok
14:05:22.0160 1928 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:05:22.0207 1928 s3cap - ok
14:05:22.0491 1928 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:05:22.0492 1928 SamSs - ok
14:05:22.0936 1928 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:05:22.0983 1928 SASDIFSV - ok
14:05:23.0055 1928 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:05:23.0244 1928 SASKUTIL - ok
14:05:23.0632 1928 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:05:23.0692 1928 sbp2port - ok
14:05:24.0166 1928 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:05:25.0055 1928 SCardSvr - ok
14:05:25.0309 1928 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:05:25.0339 1928 scfilter - ok
14:05:26.0172 1928 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:05:26.0767 1928 Schedule - ok
14:05:27.0081 1928 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:05:27.0082 1928 SCPolicySvc - ok
14:05:27.0681 1928 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:05:28.0101 1928 SDRSVC - ok
14:05:28.0527 1928 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:05:28.0565 1928 secdrv - ok
14:05:28.0616 1928 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:05:28.0825 1928 seclogon - ok
14:05:28.0971 1928 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:05:28.0995 1928 SENS - ok
14:05:29.0217 1928 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:05:29.0236 1928 SensrSvc - ok
14:05:29.0413 1928 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:05:29.0434 1928 Serenum - ok
14:05:29.0652 1928 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:05:29.0837 1928 Serial - ok
14:05:30.0021 1928 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:05:30.0038 1928 sermouse - ok
14:05:30.0796 1928 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:05:30.0820 1928 SessionEnv - ok
14:05:30.0870 1928 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:05:30.0967 1928 sffdisk - ok
14:05:31.0186 1928 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:05:31.0202 1928 sffp_mmc - ok
14:05:31.0260 1928 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:05:31.0262 1928 sffp_sd - ok
14:05:31.0342 1928 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:05:31.0378 1928 sfloppy - ok
14:05:31.0816 1928 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:05:31.0990 1928 ShellHWDetection - ok
14:05:32.0139 1928 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:05:32.0154 1928 SiSRaid2 - ok
14:05:32.0467 1928 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:05:32.0667 1928 SiSRaid4 - ok
14:05:32.0924 1928 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:05:32.0961 1928 Smb - ok
14:05:33.0190 1928 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:05:33.0410 1928 SNMPTRAP - ok
14:05:33.0905 1928 Sound Blaster X-Fi MB Licensing Service (ffc5f7ed77aa59aa0a6b70f3d7a22a93) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
14:05:34.0100 1928 Sound Blaster X-Fi MB Licensing Service - ok
14:05:34.0212 1928 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:05:34.0226 1928 spldr - ok
14:05:35.0205 1928 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:05:35.0423 1928 Spooler - ok
14:05:38.0162 1928 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:05:38.0402 1928 sppsvc - ok
14:05:39.0473 1928 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:05:39.0499 1928 sppuinotify - ok
14:05:40.0486 1928 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:05:40.0513 1928 srv - ok
14:05:41.0086 1928 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:05:41.0105 1928 srv2 - ok
14:05:41.0351 1928 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:05:41.0373 1928 srvnet - ok
14:05:41.0733 1928 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:05:41.0759 1928 SSDPSRV - ok
14:05:41.0934 1928 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:05:41.0952 1928 SstpSvc - ok
14:05:42.0159 1928 Steam Client Service - ok
14:05:43.0346 1928 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:05:43.0372 1928 Stereo Service - ok
14:05:43.0446 1928 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:05:43.0451 1928 stexstor - ok
14:05:44.0218 1928 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:05:44.0265 1928 stisvc - ok
14:05:44.0350 1928 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:05:44.0366 1928 storflt - ok
14:05:44.0439 1928 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:05:44.0448 1928 storvsc - ok
14:05:44.0517 1928 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:05:44.0520 1928 swenum - ok
14:05:45.0132 1928 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:05:45.0163 1928 swprv - ok
14:05:45.0296 1928 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
14:05:45.0312 1928 Synth3dVsc - ok
14:05:47.0447 1928 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:05:47.0507 1928 SysMain - ok
14:05:48.0778 1928 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:05:48.0786 1928 TabletInputService - ok
14:05:49.0006 1928 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:05:49.0639 1928 TapiSrv - ok
14:05:49.0943 1928 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:05:49.0980 1928 TBS - ok
14:05:52.0464 1928 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
14:05:53.0704 1928 Tcpip - ok
14:05:57.0035 1928 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
14:05:57.0706 1928 TCPIP6 - ok
14:05:58.0943 1928 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:05:59.0207 1928 tcpipreg - ok
14:05:59.0378 1928 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:05:59.0385 1928 TDPIPE - ok
14:05:59.0612 1928 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:05:59.0656 1928 TDTCP - ok
14:06:00.0201 1928 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:06:00.0250 1928 tdx - ok
14:06:00.0489 1928 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
14:06:00.0523 1928 TermDD - ok
14:06:00.0671 1928 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
14:06:01.0140 1928 terminpt - ok
14:06:03.0008 1928 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:06:03.0061 1928 TermService - ok
14:06:03.0220 1928 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:06:03.0236 1928 Themes - ok
14:06:03.0401 1928 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:06:03.0454 1928 THREADORDER - ok
14:06:03.0753 1928 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:06:03.0785 1928 TrkWks - ok
14:06:04.0188 1928 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:06:04.0209 1928 TrustedInstaller - ok
14:06:04.0304 1928 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:06:04.0306 1928 tssecsrv - ok
14:06:04.0469 1928 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:06:04.0471 1928 TsUsbFlt - ok
14:06:04.0561 1928 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
14:06:04.0570 1928 TsUsbGD - ok
14:06:04.0914 1928 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
14:06:04.0941 1928 tsusbhub - ok
14:06:05.0219 1928 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:06:05.0934 1928 tunnel - ok
14:06:06.0186 1928 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:06:06.0198 1928 uagp35 - ok
14:06:07.0144 1928 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:06:07.0181 1928 udfs - ok
14:06:07.0266 1928 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:06:07.0277 1928 UI0Detect - ok
14:06:07.0330 1928 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:06:07.0332 1928 uliagpkx - ok
14:06:07.0409 1928 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
14:06:07.0410 1928 umbus - ok
14:06:07.0493 1928 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:06:07.0498 1928 UmPass - ok
14:06:07.0764 1928 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:06:07.0787 1928 UmRdpService - ok
14:06:10.0602 1928 UNS (7a78ed1088890114dfde2c4ab038d6b6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:06:11.0495 1928 UNS - ok
14:06:12.0830 1928 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:06:13.0571 1928 upnphost - ok
14:06:14.0281 1928 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
14:06:14.0293 1928 usbaudio - ok
14:06:14.0431 1928 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:06:14.0434 1928 usbccgp - ok
14:06:14.0603 1928 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:06:14.0613 1928 usbcir - ok
14:06:14.0679 1928 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:06:14.0687 1928 usbehci - ok
14:06:15.0094 1928 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:06:15.0113 1928 usbhub - ok
14:06:15.0184 1928 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:06:15.0185 1928 usbohci - ok
14:06:15.0423 1928 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:06:15.0424 1928 usbprint - ok
14:06:15.0658 1928 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:06:15.0676 1928 usbscan - ok
14:06:15.0799 1928 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:06:15.0801 1928 USBSTOR - ok
14:06:15.0845 1928 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:06:15.0853 1928 usbuhci - ok
14:06:16.0168 1928 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
14:06:16.0190 1928 usbvideo - ok
14:06:16.0307 1928 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:06:16.0333 1928 UxSms - ok
14:06:16.0420 1928 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:06:16.0422 1928 VaultSvc - ok
14:06:16.0561 1928 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:06:16.0570 1928 vdrvroot - ok
14:06:17.0470 1928 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:06:17.0517 1928 vds - ok
14:06:17.0664 1928 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:06:17.0676 1928 vga - ok
14:06:17.0764 1928 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:06:17.0783 1928 VgaSave - ok
14:06:17.0786 1928 VGPU - ok
14:06:18.0108 1928 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:06:18.0129 1928 vhdmp - ok
14:06:18.0215 1928 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:06:18.0230 1928 viaide - ok
14:06:18.0477 1928 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:06:18.0505 1928 vmbus - ok
14:06:18.0556 1928 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:06:18.0571 1928 VMBusHID - ok
14:06:18.0667 1928 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:06:18.0690 1928 volmgr - ok
14:06:19.0056 1928 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:06:19.0075 1928 volmgrx - ok
14:06:19.0411 1928 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:06:19.0444 1928 volsnap - ok
14:06:19.0772 1928 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:06:19.0791 1928 vsmraid - ok
14:06:21.0337 1928 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:06:21.0740 1928 VSS - ok
14:06:22.0290 1928 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:06:22.0456 1928 vwifibus - ok
14:06:22.0670 1928 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:06:22.0689 1928 vwififlt - ok
14:06:22.0949 1928 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:06:23.0167 1928 W32Time - ok
14:06:23.0345 1928 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:06:23.0359 1928 WacomPen - ok
14:06:24.0168 1928 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:06:24.0200 1928 WANARP - ok
14:06:24.0244 1928 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:06:24.0245 1928 Wanarpv6 - ok
14:06:24.0409 1928 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:06:24.0568 1928 WatAdminSvc - ok
14:06:25.0594 1928 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:06:25.0753 1928 wbengine - ok
14:06:26.0448 1928 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:06:26.0663 1928 WbioSrvc - ok
14:06:27.0630 1928 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:06:27.0846 1928 wcncsvc - ok
14:06:27.0957 1928 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:06:27.0984 1928 WcsPlugInService - ok
14:06:28.0216 1928 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:06:28.0235 1928 Wd - ok
14:06:29.0363 1928 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:06:29.0384 1928 Wdf01000 - ok
14:06:29.0498 1928 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:06:29.0509 1928 WdiServiceHost - ok
14:06:29.0512 1928 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:06:29.0514 1928 WdiSystemHost - ok
14:06:29.0844 1928 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:06:29.0856 1928 WebClient - ok
14:06:30.0121 1928 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:06:30.0130 1928 Wecsvc - ok
14:06:30.0264 1928 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:06:30.0275 1928 wercplsupport - ok
14:06:30.0383 1928 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:06:30.0395 1928 WerSvc - ok
14:06:30.0676 1928 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:06:30.0696 1928 WfpLwf - ok
14:06:30.0765 1928 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:06:30.0779 1928 WIMMount - ok
14:06:30.0815 1928 WinHttpAutoProxySvc - ok
14:06:31.0506 1928 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:06:31.0650 1928 Winmgmt - ok
14:06:32.0743 1928 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:06:33.0198 1928 WinRM - ok
14:06:34.0628 1928 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:06:35.0159 1928 WinUsb - ok
14:06:37.0210 1928 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:06:37.0240 1928 Wlansvc - ok
14:06:40.0906 1928 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:06:40.0988 1928 wlidsvc - ok
14:06:42.0573 1928 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:06:42.0579 1928 WmiAcpi - ok
14:06:43.0030 1928 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:06:43.0065 1928 wmiApSrv - ok
14:06:43.0274 1928 WMPNetworkSvc - ok
14:06:43.0365 1928 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:06:43.0367 1928 WPCSvc - ok
14:06:43.0613 1928 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:06:43.0656 1928 WPDBusEnum - ok
14:06:43.0766 1928 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:06:43.0767 1928 ws2ifsl - ok
14:06:43.0770 1928 WSearch - ok
14:06:44.0144 1928 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:06:44.0146 1928 WudfPf - ok
14:06:44.0457 1928 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:06:44.0919 1928 WUDFRd - ok
14:06:45.0994 1928 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:06:46.0030 1928 wudfsvc - ok
14:06:46.0361 1928 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:06:47.0301 1928 WwanSvc - ok
14:06:47.0653 1928 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
14:06:47.0730 1928 xusb21 - ok
14:06:47.0904 1928 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:06:52.0446 1928 \Device\Harddisk0\DR0 - ok
14:06:52.0478 1928 Boot (0x1200) (875d9b81bb3f9e931d10bde0f64dd103) \Device\Harddisk0\DR0\Partition0
14:06:52.0527 1928 \Device\Harddisk0\DR0\Partition0 - ok
14:06:52.0551 1928 Boot (0x1200) (4488bf7214bb0a8f25b3d8119c43cdce) \Device\Harddisk0\DR0\Partition1
14:06:52.0630 1928 \Device\Harddisk0\DR0\Partition1 - ok
14:06:52.0631 1928 ============================================================
14:06:52.0631 1928 Scan finished
14:06:52.0631 1928 ============================================================
14:06:52.0642 5840 Detected object count: 0
14:06:52.0642 5840 Actual detected object count: 0
14:08:10.0769 3444 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-07 14:02:15
-----------------------------
14:02:15.680 OS Version: Windows x64 6.1.7601 Service Pack 1
14:02:15.681 Number of processors: 4 586 0x2A07
14:02:15.681 ComputerName: NATE-PC UserName: Nate
14:02:18.628 Initialize success
14:03:04.340 AVAST engine defs: 12080700
14:03:37.154 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
14:03:37.156 Disk 0 Vendor: WDC_WD5000AADS-00M2B0 01.00A01 Size: 476940MB BusType: 3
14:03:37.186 Disk 0 MBR read successfully
14:03:37.189 Disk 0 MBR scan
14:03:37.193 Disk 0 Windows 7 default MBR code
14:03:37.226 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:03:37.243 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
14:03:37.288 Disk 0 scanning C:\Windows\system32\drivers
14:03:54.883 Service scanning
14:05:38.582 Modules scanning
14:05:38.591 Disk 0 trace - called modules:
14:05:38.627 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys
14:05:38.632 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a30060]
14:05:38.637 3 CLASSPNP.SYS[fffff88001b9d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004452680]
14:05:56.995 AVAST engine scan C:\Windows
14:06:20.166 AVAST engine scan C:\Windows\system32
14:10:46.413 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:10:48.213 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:12:13.162 AVAST engine scan C:\Windows\system32\drivers
14:12:47.717 AVAST engine scan C:\Users\Nate
14:23:55.787 AVAST engine scan C:\ProgramData
14:25:32.468 Scan finished successfully
15:27:22.375 Disk 0 MBR has been saved successfully to "C:\Users\Nate\Desktop\MBR.dat"
15:27:22.380 The log file has been saved successfully to "C:\Users\Nate\Desktop\aswMBR.txt"


ESET online scanner log
C:\Windows\Installer\{5f469733-7c5e-ea21-7478-c9b706dbb1b0}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{5f469733-7c5e-ea21-7478-c9b706dbb1b0}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{5f469733-7c5e-ea21-7478-c9b706dbb1b0}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{5f469733-7c5e-ea21-7478-c9b706dbb1b0}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:52 PM

Posted 07 August 2012 - 04:02 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users