Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SVCHOST.EXE In desperate need of help!


  • Please log in to reply
3 replies to this topic

#1 adrenochrome

adrenochrome

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 09 August 2012 - 02:50 PM

I keep getting Malwarebytes popping up a warning about SVCHOST.EXE and nothing seems to get rid of it. The latest and greatest problem is, I currently have some sort of audio coming off and on that is apparently streaming from somewhere! I need some serious help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 09 August 2012 - 03:08 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 adrenochrome

adrenochrome
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 10 August 2012 - 03:37 PM

Here goes!


TDS KILLER LOG


17:53:39.0148 4260 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:53:41.0149 4260 ============================================================
17:53:41.0149 4260 Current date / time: 2012/08/09 17:53:41.0149
17:53:41.0149 4260 SystemInfo:
17:53:41.0149 4260
17:53:41.0149 4260 OS Version: 6.1.7600 ServicePack: 0.0
17:53:41.0149 4260 Product type: Workstation
17:53:41.0149 4260 ComputerName: AMANDA
17:53:41.0149 4260 UserName: Ryan
17:53:41.0149 4260 Windows directory: C:\Windows
17:53:41.0149 4260 System windows directory: C:\Windows
17:53:41.0149 4260 Running under WOW64
17:53:41.0149 4260 Processor architecture: Intel x64
17:53:41.0149 4260 Number of processors: 4
17:53:41.0149 4260 Page size: 0x1000
17:53:41.0149 4260 Boot type: Normal boot
17:53:41.0149 4260 ============================================================
17:53:42.0469 4260 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:53:42.0489 4260 ============================================================
17:53:42.0489 4260 \Device\Harddisk0\DR0:
17:53:42.0489 4260 MBR partitions:
17:53:42.0489 4260 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:53:42.0489 4260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
17:53:42.0489 4260 ============================================================
17:53:42.0509 4260 C: <-> \Device\Harddisk0\DR0\Partition1
17:53:42.0509 4260 ============================================================
17:53:42.0509 4260 Initialize success
17:53:42.0509 4260 ============================================================
17:54:33.0112 5428 ============================================================
17:54:33.0112 5428 Scan started
17:54:33.0112 5428 Mode: Manual; TDLFS;
17:54:33.0112 5428 ============================================================
17:54:36.0354 5428 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:54:36.0374 5428 1394ohci - ok
17:54:36.0394 5428 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:54:36.0394 5428 ACPI - ok
17:54:36.0404 5428 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:54:36.0414 5428 AcpiPmi - ok
17:54:36.0444 5428 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
17:54:36.0454 5428 adfs - ok
17:54:36.0514 5428 Adobe LM Service (4ae327c9c375d985ff2a2aab92765218) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:54:36.0524 5428 Adobe LM Service - ok
17:54:36.0634 5428 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
17:54:36.0674 5428 Adobe Version Cue CS4 - ok
17:54:36.0844 5428 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:54:36.0844 5428 AdobeFlashPlayerUpdateSvc - ok
17:54:36.0884 5428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:54:36.0904 5428 adp94xx - ok
17:54:36.0944 5428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:54:36.0954 5428 adpahci - ok
17:54:36.0974 5428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:54:36.0984 5428 adpu320 - ok
17:54:37.0014 5428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:54:37.0014 5428 AeLookupSvc - ok
17:54:37.0074 5428 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:54:37.0084 5428 AFD - ok
17:54:37.0094 5428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:54:37.0104 5428 agp440 - ok
17:54:37.0124 5428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:54:37.0134 5428 ALG - ok
17:54:37.0144 5428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:54:37.0154 5428 aliide - ok
17:54:37.0154 5428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:54:37.0174 5428 amdide - ok
17:54:37.0184 5428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:54:37.0194 5428 AmdK8 - ok
17:54:37.0204 5428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:54:37.0204 5428 AmdPPM - ok
17:54:37.0234 5428 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:54:37.0244 5428 amdsata - ok
17:54:37.0264 5428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:54:37.0264 5428 amdsbs - ok
17:54:37.0314 5428 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:54:37.0314 5428 amdxata - ok
17:54:37.0334 5428 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:54:37.0344 5428 AppID - ok
17:54:37.0364 5428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:54:37.0374 5428 AppIDSvc - ok
17:54:37.0384 5428 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:54:37.0384 5428 Appinfo - ok
17:54:37.0494 5428 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:54:37.0504 5428 Apple Mobile Device - ok
17:54:37.0514 5428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:54:37.0534 5428 arc - ok
17:54:37.0544 5428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:54:37.0544 5428 arcsas - ok
17:54:37.0574 5428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:54:37.0574 5428 AsyncMac - ok
17:54:37.0574 5428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:54:37.0574 5428 atapi - ok
17:54:37.0614 5428 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:54:37.0614 5428 AtiPcie - ok
17:54:37.0654 5428 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:54:37.0664 5428 AudioEndpointBuilder - ok
17:54:37.0664 5428 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:54:37.0674 5428 AudioSrv - ok
17:54:37.0694 5428 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:54:37.0694 5428 AxInstSV - ok
17:54:37.0724 5428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:54:37.0734 5428 b06bdrv - ok
17:54:37.0754 5428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:54:37.0764 5428 b57nd60a - ok
17:54:37.0774 5428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:54:37.0784 5428 BDESVC - ok
17:54:37.0794 5428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:54:37.0794 5428 Beep - ok
17:54:37.0844 5428 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:54:37.0844 5428 BFE - ok
17:54:37.0904 5428 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:54:37.0924 5428 BITS - ok
17:54:37.0954 5428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:54:37.0964 5428 blbdrive - ok
17:54:38.0044 5428 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:54:38.0064 5428 Bonjour Service - ok
17:54:38.0104 5428 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:54:38.0104 5428 bowser - ok
17:54:38.0124 5428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:54:38.0134 5428 BrFiltLo - ok
17:54:38.0154 5428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:54:38.0154 5428 BrFiltUp - ok
17:54:38.0174 5428 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:54:38.0174 5428 Browser - ok
17:54:38.0194 5428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:54:38.0204 5428 Brserid - ok
17:54:38.0224 5428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:54:38.0224 5428 BrSerWdm - ok
17:54:38.0244 5428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:54:38.0244 5428 BrUsbMdm - ok
17:54:38.0254 5428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:54:38.0264 5428 BrUsbSer - ok
17:54:38.0274 5428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:54:38.0284 5428 BTHMODEM - ok
17:54:38.0304 5428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:54:38.0304 5428 bthserv - ok
17:54:38.0364 5428 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
17:54:38.0364 5428 ccEvtMgr - ok
17:54:38.0374 5428 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
17:54:38.0374 5428 ccSetMgr - ok
17:54:38.0394 5428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:54:38.0394 5428 cdfs - ok
17:54:38.0434 5428 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:54:38.0434 5428 cdrom - ok
17:54:38.0444 5428 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:54:38.0444 5428 CertPropSvc - ok
17:54:38.0504 5428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:54:38.0524 5428 circlass - ok
17:54:38.0564 5428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:54:38.0574 5428 CLFS - ok
17:54:38.0634 5428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:38.0674 5428 clr_optimization_v2.0.50727_32 - ok
17:54:38.0764 5428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:54:38.0784 5428 clr_optimization_v2.0.50727_64 - ok
17:54:38.0804 5428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:54:38.0814 5428 CmBatt - ok
17:54:38.0814 5428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:54:38.0824 5428 cmdide - ok
17:54:38.0864 5428 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:54:38.0874 5428 CNG - ok
17:54:38.0884 5428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:54:38.0894 5428 Compbatt - ok
17:54:38.0904 5428 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:54:38.0904 5428 CompositeBus - ok
17:54:38.0914 5428 COMSysApp - ok
17:54:38.0924 5428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:54:38.0934 5428 crcdisk - ok
17:54:38.0964 5428 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
17:54:38.0964 5428 CryptSvc - ok
17:54:39.0004 5428 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:54:39.0014 5428 DcomLaunch - ok
17:54:39.0044 5428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:54:39.0064 5428 defragsvc - ok
17:54:39.0084 5428 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:54:39.0094 5428 DfsC - ok
17:54:39.0114 5428 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:54:39.0114 5428 Dhcp - ok
17:54:39.0124 5428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:54:39.0124 5428 discache - ok
17:54:39.0154 5428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:54:39.0164 5428 Disk - ok
17:54:39.0194 5428 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:54:39.0194 5428 Dnscache - ok
17:54:39.0214 5428 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:54:39.0224 5428 dot3svc - ok
17:54:39.0264 5428 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
17:54:39.0264 5428 dot4 - ok
17:54:39.0304 5428 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:54:39.0314 5428 Dot4Print - ok
17:54:39.0324 5428 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
17:54:39.0324 5428 dot4usb - ok
17:54:39.0344 5428 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:54:39.0344 5428 DPS - ok
17:54:39.0394 5428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:54:39.0414 5428 drmkaud - ok
17:54:39.0464 5428 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:54:39.0484 5428 DXGKrnl - ok
17:54:39.0504 5428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:54:39.0504 5428 EapHost - ok
17:54:39.0594 5428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:54:39.0694 5428 ebdrv - ok
17:54:39.0804 5428 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:54:39.0814 5428 eeCtrl - ok
17:54:39.0914 5428 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:54:39.0914 5428 EFS - ok
17:54:39.0984 5428 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:54:40.0024 5428 ehRecvr - ok
17:54:40.0064 5428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:54:40.0074 5428 ehSched - ok
17:54:40.0124 5428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:54:40.0144 5428 elxstor - ok
17:54:40.0204 5428 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:54:40.0204 5428 EraserUtilRebootDrv - ok
17:54:40.0214 5428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:54:40.0224 5428 ErrDev - ok
17:54:40.0264 5428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:54:40.0264 5428 EventSystem - ok
17:54:40.0284 5428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:54:40.0294 5428 exfat - ok
17:54:40.0314 5428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:54:40.0324 5428 fastfat - ok
17:54:40.0374 5428 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:54:40.0374 5428 Fax - ok
17:54:40.0394 5428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:54:40.0404 5428 fdc - ok
17:54:40.0434 5428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:54:40.0434 5428 fdPHost - ok
17:54:40.0444 5428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:54:40.0444 5428 FDResPub - ok
17:54:40.0464 5428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:54:40.0474 5428 FileInfo - ok
17:54:40.0474 5428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:54:40.0484 5428 Filetrace - ok
17:54:40.0544 5428 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:54:40.0564 5428 FLEXnet Licensing Service - ok
17:54:40.0654 5428 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:54:40.0684 5428 FLEXnet Licensing Service 64 - ok
17:54:40.0804 5428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:54:40.0824 5428 flpydisk - ok
17:54:40.0844 5428 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:54:40.0844 5428 FltMgr - ok
17:54:40.0904 5428 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
17:54:40.0924 5428 FontCache - ok
17:54:41.0024 5428 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:54:41.0024 5428 FontCache3.0.0.0 - ok
17:54:41.0044 5428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:54:41.0054 5428 FsDepends - ok
17:54:41.0104 5428 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
17:54:41.0114 5428 Fs_Rec - ok
17:54:41.0194 5428 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys
17:54:41.0194 5428 FTDIBUS - ok
17:54:41.0374 5428 FTSER2K (7c98f85966a11d1a4214fa8b48be6a44) C:\Windows\system32\drivers\ftser2k.sys
17:54:41.0404 5428 FTSER2K - ok
17:54:41.0594 5428 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:54:41.0604 5428 fvevol - ok
17:54:41.0624 5428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:54:41.0634 5428 gagp30kx - ok
17:54:41.0674 5428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:54:41.0684 5428 GEARAspiWDM - ok
17:54:41.0744 5428 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:54:41.0754 5428 gpsvc - ok
17:54:41.0754 5428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:54:41.0764 5428 hcw85cir - ok
17:54:41.0814 5428 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:54:41.0824 5428 HdAudAddService - ok
17:54:41.0834 5428 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:54:41.0844 5428 HDAudBus - ok
17:54:41.0844 5428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:54:41.0854 5428 HidBatt - ok
17:54:41.0864 5428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:54:41.0874 5428 HidBth - ok
17:54:41.0884 5428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:54:41.0894 5428 HidIr - ok
17:54:41.0904 5428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:54:41.0904 5428 hidserv - ok
17:54:41.0924 5428 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:54:41.0924 5428 HidUsb - ok
17:54:41.0954 5428 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:54:41.0964 5428 hkmsvc - ok
17:54:41.0974 5428 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:54:41.0984 5428 HomeGroupListener - ok
17:54:42.0024 5428 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:54:42.0024 5428 HomeGroupProvider - ok
17:54:42.0185 5428 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:54:42.0185 5428 hpqcxs08 - ok
17:54:42.0205 5428 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:54:42.0205 5428 hpqddsvc - ok
17:54:42.0245 5428 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:54:42.0265 5428 HpSAMD - ok
17:54:42.0365 5428 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:54:42.0385 5428 HPSLPSVC - ok
17:54:42.0435 5428 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:54:42.0435 5428 HTTP - ok
17:54:42.0455 5428 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:54:42.0455 5428 hwpolicy - ok
17:54:42.0465 5428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:54:42.0475 5428 i8042prt - ok
17:54:42.0525 5428 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:54:42.0545 5428 iaStorV - ok
17:54:42.0665 5428 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:54:42.0695 5428 idsvc - ok
17:54:42.0705 5428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:54:42.0715 5428 iirsp - ok
17:54:42.0785 5428 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:54:42.0795 5428 IKEEXT - ok
17:54:42.0815 5428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:54:42.0825 5428 intelide - ok
17:54:42.0835 5428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:54:42.0835 5428 intelppm - ok
17:54:42.0855 5428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:54:42.0855 5428 IPBusEnum - ok
17:54:42.0875 5428 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:54:42.0885 5428 IpFilterDriver - ok
17:54:42.0915 5428 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:54:42.0915 5428 iphlpsvc - ok
17:54:42.0935 5428 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:54:42.0935 5428 IPMIDRV - ok
17:54:42.0975 5428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:54:42.0975 5428 IPNAT - ok
17:54:43.0035 5428 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
17:54:43.0035 5428 iPod Service - ok
17:54:43.0045 5428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:54:43.0045 5428 IRENUM - ok
17:54:43.0055 5428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:54:43.0065 5428 isapnp - ok
17:54:43.0085 5428 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:54:43.0095 5428 iScsiPrt - ok
17:54:43.0115 5428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:54:43.0115 5428 kbdclass - ok
17:54:43.0125 5428 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:54:43.0135 5428 kbdhid - ok
17:54:43.0155 5428 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:54:43.0155 5428 KeyIso - ok
17:54:43.0185 5428 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:54:43.0185 5428 KSecDD - ok
17:54:43.0195 5428 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:54:43.0195 5428 KSecPkg - ok
17:54:43.0205 5428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:54:43.0205 5428 ksthunk - ok
17:54:43.0225 5428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:54:43.0235 5428 KtmRm - ok
17:54:43.0265 5428 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:54:43.0265 5428 LanmanServer - ok
17:54:43.0305 5428 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:54:43.0305 5428 LanmanWorkstation - ok
17:54:43.0505 5428 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
17:54:43.0635 5428 LiveUpdate - ok
17:54:43.0735 5428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:54:43.0735 5428 lltdio - ok
17:54:43.0775 5428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:54:43.0785 5428 lltdsvc - ok
17:54:43.0805 5428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:54:43.0805 5428 lmhosts - ok
17:54:43.0835 5428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:54:43.0845 5428 LSI_FC - ok
17:54:43.0855 5428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:54:43.0865 5428 LSI_SAS - ok
17:54:43.0875 5428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:54:43.0885 5428 LSI_SAS2 - ok
17:54:43.0905 5428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:54:43.0915 5428 LSI_SCSI - ok
17:54:43.0935 5428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:54:43.0935 5428 luafv - ok
17:54:44.0065 5428 MAUSBMOBILEPRE (87bf49f946c465c95a9eccb9e97240e0) C:\Windows\system32\DRIVERS\MAudioMobilePre.sys
17:54:44.0085 5428 MAUSBMOBILEPRE - ok
17:54:44.0135 5428 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
17:54:44.0145 5428 MBAMProtector - ok
17:54:44.0245 5428 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:54:44.0255 5428 MBAMService - ok
17:54:44.0405 5428 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
17:54:44.0405 5428 McciCMService - ok
17:54:44.0545 5428 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
17:54:44.0545 5428 McciCMService64 - ok
17:54:44.0645 5428 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:54:44.0655 5428 Mcx2Svc - ok
17:54:44.0745 5428 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:54:44.0745 5428 MDM - ok
17:54:44.0785 5428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:54:44.0795 5428 megasas - ok
17:54:44.0825 5428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:54:44.0835 5428 MegaSR - ok
17:54:44.0875 5428 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:54:44.0895 5428 Microsoft Office Groove Audit Service - ok
17:54:44.0925 5428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:54:44.0925 5428 MMCSS - ok
17:54:44.0935 5428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:54:44.0945 5428 Modem - ok
17:54:44.0985 5428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:54:44.0985 5428 monitor - ok
17:54:45.0015 5428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:54:45.0015 5428 mouclass - ok
17:54:45.0045 5428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:54:45.0045 5428 mouhid - ok
17:54:45.0055 5428 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:54:45.0055 5428 mountmgr - ok
17:54:45.0145 5428 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:54:45.0175 5428 MozillaMaintenance - ok
17:54:45.0185 5428 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:54:45.0195 5428 mpio - ok
17:54:45.0245 5428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:54:45.0255 5428 mpsdrv - ok
17:54:45.0295 5428 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:54:45.0305 5428 MpsSvc - ok
17:54:45.0375 5428 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
17:54:45.0385 5428 MREMP50 - ok
17:54:45.0435 5428 MREMP50a64 - ok
17:54:45.0435 5428 MREMPR5 - ok
17:54:45.0435 5428 MRENDIS5 - ok
17:54:45.0455 5428 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
17:54:45.0465 5428 MRESP50 - ok
17:54:45.0465 5428 MRESP50a64 - ok
17:54:45.0485 5428 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:54:45.0495 5428 MRxDAV - ok
17:54:45.0535 5428 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:54:45.0535 5428 mrxsmb - ok
17:54:45.0565 5428 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:54:45.0575 5428 mrxsmb10 - ok
17:54:45.0585 5428 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:54:45.0595 5428 mrxsmb20 - ok
17:54:45.0615 5428 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:54:45.0625 5428 msahci - ok
17:54:45.0635 5428 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:54:45.0635 5428 msdsm - ok
17:54:45.0655 5428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:54:45.0665 5428 MSDTC - ok
17:54:45.0675 5428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:54:45.0675 5428 Msfs - ok
17:54:45.0685 5428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:54:45.0695 5428 mshidkmdf - ok
17:54:45.0705 5428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:54:45.0705 5428 msisadrv - ok
17:54:45.0735 5428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:54:45.0745 5428 MSiSCSI - ok
17:54:45.0745 5428 msiserver - ok
17:54:45.0785 5428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:54:45.0785 5428 MSKSSRV - ok
17:54:45.0795 5428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:54:45.0805 5428 MSPCLOCK - ok
17:54:45.0815 5428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:54:45.0815 5428 MSPQM - ok
17:54:45.0835 5428 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:54:45.0845 5428 MsRPC - ok
17:54:45.0855 5428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:54:45.0855 5428 mssmbios - ok
17:54:45.0865 5428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:54:45.0875 5428 MSTEE - ok
17:54:45.0885 5428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:54:45.0895 5428 MTConfig - ok
17:54:45.0935 5428 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
17:54:45.0935 5428 MTsensor - ok
17:54:45.0945 5428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:54:45.0945 5428 Mup - ok
17:54:45.0985 5428 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:54:45.0985 5428 napagent - ok
17:54:46.0015 5428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:54:46.0025 5428 NativeWifiP - ok
17:54:46.0166 5428 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120808.004\ENG64.SYS
17:54:46.0166 5428 NAVENG - ok
17:54:46.0226 5428 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120808.004\EX64.SYS
17:54:46.0256 5428 NAVEX15 - ok
17:54:46.0356 5428 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:54:46.0366 5428 NDIS - ok
17:54:46.0386 5428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:54:46.0396 5428 NdisCap - ok
17:54:46.0396 5428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:54:46.0396 5428 NdisTapi - ok
17:54:46.0416 5428 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:54:46.0416 5428 Ndisuio - ok
17:54:46.0426 5428 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:54:46.0436 5428 NdisWan - ok
17:54:46.0436 5428 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:54:46.0436 5428 NDProxy - ok
17:54:46.0496 5428 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
17:54:46.0496 5428 Net Driver HPZ12 - ok
17:54:46.0526 5428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:54:46.0526 5428 NetBIOS - ok
17:54:46.0546 5428 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:54:46.0546 5428 NetBT - ok
17:54:46.0656 5428 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:54:46.0656 5428 Netlogon - ok
17:54:46.0946 5428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:54:46.0946 5428 Netman - ok
17:54:47.0006 5428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:54:47.0016 5428 netprofm - ok
17:54:47.0066 5428 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:47.0076 5428 NetTcpPortSharing - ok
17:54:47.0116 5428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:54:47.0126 5428 nfrd960 - ok
17:54:47.0156 5428 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:54:47.0166 5428 NlaSvc - ok
17:54:47.0176 5428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:54:47.0176 5428 Npfs - ok
17:54:47.0186 5428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:54:47.0186 5428 nsi - ok
17:54:47.0196 5428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:54:47.0196 5428 nsiproxy - ok
17:54:47.0286 5428 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:54:47.0316 5428 Ntfs - ok
17:54:47.0376 5428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:54:47.0376 5428 Null - ok
17:54:47.0416 5428 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
17:54:47.0416 5428 NVHDA - ok
17:54:47.0776 5428 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:54:47.0976 5428 nvlddmkm - ok
17:54:48.0036 5428 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:54:48.0056 5428 nvraid - ok
17:54:48.0096 5428 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:54:48.0106 5428 nvstor - ok
17:54:48.0236 5428 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
17:54:48.0286 5428 nvsvc - ok
17:54:48.0406 5428 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:54:48.0436 5428 nvUpdatusService - ok
17:54:48.0486 5428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:54:48.0496 5428 nv_agp - ok
17:54:48.0566 5428 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:54:48.0596 5428 odserv - ok
17:54:48.0606 5428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:54:48.0616 5428 ohci1394 - ok
17:54:48.0656 5428 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:54:48.0716 5428 ose - ok
17:54:48.0746 5428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:54:48.0756 5428 p2pimsvc - ok
17:54:48.0776 5428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:54:48.0786 5428 p2psvc - ok
17:54:48.0806 5428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:54:48.0806 5428 Parport - ok
17:54:48.0836 5428 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
17:54:48.0836 5428 partmgr - ok
17:54:48.0846 5428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:54:48.0846 5428 PcaSvc - ok
17:54:48.0866 5428 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:54:48.0866 5428 pci - ok
17:54:48.0876 5428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:54:48.0886 5428 pciide - ok
17:54:48.0906 5428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:54:48.0916 5428 pcmcia - ok
17:54:48.0926 5428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:54:48.0936 5428 pcw - ok
17:54:48.0956 5428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:54:48.0966 5428 PEAUTH - ok
17:54:49.0036 5428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:54:49.0046 5428 PerfHost - ok
17:54:49.0096 5428 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:54:49.0146 5428 pla - ok
17:54:49.0196 5428 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:54:49.0196 5428 PlugPlay - ok
17:54:49.0256 5428 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
17:54:49.0266 5428 Pml Driver HPZ12 - ok
17:54:49.0266 5428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:54:49.0276 5428 PNRPAutoReg - ok
17:54:49.0356 5428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:54:49.0356 5428 PNRPsvc - ok
17:54:49.0426 5428 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
17:54:49.0426 5428 Point64 - ok
17:54:49.0506 5428 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:54:49.0506 5428 PolicyAgent - ok
17:54:49.0546 5428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:54:49.0546 5428 Power - ok
17:54:49.0586 5428 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:54:49.0586 5428 PptpMiniport - ok
17:54:49.0606 5428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:54:49.0616 5428 Processor - ok
17:54:49.0636 5428 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
17:54:49.0636 5428 ProfSvc - ok
17:54:49.0666 5428 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:54:49.0666 5428 ProtectedStorage - ok
17:54:49.0696 5428 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:54:49.0696 5428 Psched - ok
17:54:49.0716 5428 PxHlpa64 (901dba98359966a62a6548596988e931) C:\Windows\system32\Drivers\PxHlpa64.sys
17:54:49.0716 5428 PxHlpa64 - ok
17:54:49.0836 5428 QBCFMonitorService (ef24eccdc534eed64b9380043dd1fd59) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:54:49.0836 5428 QBCFMonitorService - ok
17:54:49.0866 5428 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:54:49.0876 5428 QBFCService - ok
17:54:49.0936 5428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:54:49.0986 5428 ql2300 - ok
17:54:50.0076 5428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:54:50.0096 5428 ql40xx - ok
17:54:50.0116 5428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:54:50.0136 5428 QWAVE - ok
17:54:50.0146 5428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:54:50.0146 5428 QWAVEdrv - ok
17:54:50.0166 5428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:54:50.0176 5428 RasAcd - ok
17:54:50.0206 5428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:54:50.0206 5428 RasAgileVpn - ok
17:54:50.0216 5428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:54:50.0226 5428 RasAuto - ok
17:54:50.0236 5428 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:54:50.0236 5428 Rasl2tp - ok
17:54:50.0256 5428 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:54:50.0266 5428 RasMan - ok
17:54:50.0296 5428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:54:50.0296 5428 RasPppoe - ok
17:54:50.0316 5428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:54:50.0316 5428 RasSstp - ok
17:54:50.0346 5428 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:54:50.0346 5428 rdbss - ok
17:54:50.0366 5428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:54:50.0376 5428 rdpbus - ok
17:54:50.0396 5428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:54:50.0396 5428 RDPCDD - ok
17:54:50.0406 5428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:54:50.0406 5428 RDPENCDD - ok
17:54:50.0416 5428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:54:50.0416 5428 RDPREFMP - ok
17:54:50.0446 5428 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
17:54:50.0486 5428 RDPWD - ok
17:54:50.0506 5428 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:54:50.0506 5428 rdyboost - ok
17:54:50.0556 5428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:54:50.0566 5428 RemoteAccess - ok
17:54:50.0576 5428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:54:50.0586 5428 RemoteRegistry - ok
17:54:50.0706 5428 RipCore (a5799df25844e8d19a5a3ef9fd46d64a) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe
17:54:50.0746 5428 RipCore - ok
17:54:50.0816 5428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:54:50.0816 5428 RpcEptMapper - ok
17:54:50.0826 5428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:54:50.0836 5428 RpcLocator - ok
17:54:50.0856 5428 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:54:50.0856 5428 RpcSs - ok
17:54:50.0886 5428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:54:50.0886 5428 rspndr - ok
17:54:50.0926 5428 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:54:50.0936 5428 RTL8167 - ok
17:54:50.0986 5428 rtl819xpn64 (2362226743449c713e1cd3210595f9ab) C:\Windows\system32\DRIVERS\rtl819xp.sys
17:54:50.0996 5428 rtl819xpn64 - ok
17:54:51.0066 5428 SAiAdmin (1ba83a94992e4ab97dda8c2d5612be13) C:\Windows\SysWOW64\SAiAdmin.exe
17:54:51.0066 5428 SAiAdmin - ok
17:54:51.0107 5428 SAiDownloaderVista (4bea2e5d9cdf14a481be49f36d212c08) C:\Windows\SysWOW64\SAiDownloaderVista.exe
17:54:51.0107 5428 SAiDownloaderVista - ok
17:54:51.0127 5428 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:54:51.0137 5428 SamSs - ok
17:54:51.0147 5428 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:54:51.0157 5428 sbp2port - ok
17:54:51.0167 5428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:54:51.0177 5428 SCardSvr - ok
17:54:51.0187 5428 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:54:51.0187 5428 scfilter - ok
17:54:51.0237 5428 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:54:51.0257 5428 Schedule - ok
17:54:51.0297 5428 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:54:51.0297 5428 SCPolicySvc - ok
17:54:51.0307 5428 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:54:51.0317 5428 SDRSVC - ok
17:54:51.0357 5428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:54:51.0357 5428 secdrv - ok
17:54:51.0377 5428 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:54:51.0377 5428 seclogon - ok
17:54:51.0387 5428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:54:51.0387 5428 SENS - ok
17:54:51.0397 5428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:54:51.0397 5428 SensrSvc - ok
17:54:51.0447 5428 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
17:54:51.0447 5428 Sentinel64 - ok
17:54:51.0537 5428 SentinelKeysServer (731d9b3de4bc0a3e0830b9bf9dbce2a5) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
17:54:51.0547 5428 SentinelKeysServer - ok
17:54:51.0567 5428 SentinelProtectionServer (925e88d7c5a51e25769d9ceb4f7f2e85) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
17:54:51.0567 5428 SentinelProtectionServer - ok
17:54:51.0607 5428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:54:51.0607 5428 Serenum - ok
17:54:51.0707 5428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:54:51.0717 5428 Serial - ok
17:54:51.0727 5428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:54:51.0737 5428 sermouse - ok
17:54:51.0777 5428 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:54:51.0787 5428 SessionEnv - ok
17:54:51.0817 5428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:54:51.0817 5428 sffdisk - ok
17:54:51.0847 5428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:54:51.0847 5428 sffp_mmc - ok
17:54:51.0857 5428 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:54:51.0867 5428 sffp_sd - ok
17:54:51.0877 5428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:54:51.0887 5428 sfloppy - ok
17:54:51.0947 5428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:54:52.0007 5428 SharedAccess - ok
17:54:52.0317 5428 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:54:52.0327 5428 ShellHWDetection - ok
17:54:52.0357 5428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:54:52.0367 5428 SiSRaid2 - ok
17:54:52.0387 5428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:54:52.0397 5428 SiSRaid4 - ok
17:54:52.0407 5428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:54:52.0417 5428 Smb - ok
17:54:52.0647 5428 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
17:54:52.0737 5428 SmcService - ok
17:54:52.0797 5428 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
17:54:52.0807 5428 SNAC - ok
17:54:52.0917 5428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:54:52.0917 5428 SNMPTRAP - ok
17:54:52.0937 5428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:54:52.0947 5428 spldr - ok
17:54:52.0987 5428 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:54:52.0997 5428 Spooler - ok
17:54:53.0087 5428 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:54:53.0147 5428 sppsvc - ok
17:54:53.0177 5428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:54:53.0187 5428 sppuinotify - ok
17:54:53.0217 5428 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS
17:54:53.0237 5428 SRTSP - ok
17:54:53.0267 5428 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS
17:54:53.0277 5428 SRTSPL - ok
17:54:53.0297 5428 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS
17:54:53.0297 5428 SRTSPX - ok
17:54:53.0337 5428 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:54:53.0337 5428 srv - ok
17:54:53.0367 5428 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:54:53.0367 5428 srv2 - ok
17:54:53.0397 5428 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:54:53.0407 5428 srvnet - ok
17:54:53.0457 5428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:54:53.0467 5428 SSDPSRV - ok
17:54:53.0477 5428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:54:53.0477 5428 SstpSvc - ok
17:54:53.0577 5428 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:54:53.0577 5428 Stereo Service - ok
17:54:53.0607 5428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:54:53.0617 5428 stexstor - ok
17:54:53.0667 5428 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:54:53.0667 5428 StillCam - ok
17:54:53.0727 5428 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:54:53.0747 5428 stisvc - ok
17:54:53.0757 5428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:54:53.0757 5428 swenum - ok
17:54:53.0777 5428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:54:53.0797 5428 swprv - ok
17:54:53.0937 5428 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
17:54:53.0967 5428 Symantec AntiVirus - ok
17:54:54.0077 5428 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:54:54.0087 5428 SymEvent - ok
17:54:54.0147 5428 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:54:54.0177 5428 SysMain - ok
17:54:54.0217 5428 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:54:54.0227 5428 TabletInputService - ok
17:54:54.0247 5428 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:54:54.0257 5428 TapiSrv - ok
17:54:54.0267 5428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:54:54.0267 5428 TBS - ok
17:54:54.0497 5428 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
17:54:54.0527 5428 Tcpip - ok
17:54:54.0637 5428 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
17:54:54.0647 5428 TCPIP6 - ok
17:54:54.0697 5428 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:54:54.0697 5428 tcpipreg - ok
17:54:54.0717 5428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:54:54.0717 5428 TDPIPE - ok
17:54:54.0737 5428 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:54:54.0737 5428 TDTCP - ok
17:54:54.0757 5428 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:54:54.0757 5428 tdx - ok
17:54:54.0767 5428 Teefer2 (13657dc475de564247745bf4da23207c) C:\Windows\system32\DRIVERS\teefer2.sys
17:54:54.0777 5428 Teefer2 - ok
17:54:54.0797 5428 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:54:54.0797 5428 TermDD - ok
17:54:54.0827 5428 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:54:54.0827 5428 TermService - ok
17:54:54.0847 5428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:54:54.0847 5428 Themes - ok
17:54:54.0877 5428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:54:54.0877 5428 THREADORDER - ok
17:54:54.0887 5428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:54:54.0887 5428 TrkWks - ok
17:54:54.0967 5428 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:54:54.0967 5428 TrustedInstaller - ok
17:54:54.0977 5428 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:54:54.0987 5428 tssecsrv - ok
17:54:55.0017 5428 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:54:55.0027 5428 tunnel - ok
17:54:55.0037 5428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:54:55.0037 5428 uagp35 - ok
17:54:55.0057 5428 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:54:55.0067 5428 udfs - ok
17:54:55.0087 5428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:54:55.0097 5428 UI0Detect - ok
17:54:55.0137 5428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:54:55.0147 5428 uliagpkx - ok
17:54:55.0157 5428 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:54:55.0167 5428 umbus - ok
17:54:55.0177 5428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:54:55.0187 5428 UmPass - ok
17:54:55.0217 5428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:54:55.0227 5428 upnphost - ok
17:54:55.0257 5428 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
17:54:55.0267 5428 usbaudio - ok
17:54:55.0327 5428 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\drivers\usbccgp.sys
17:54:55.0337 5428 usbccgp - ok
17:54:55.0347 5428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:54:55.0357 5428 usbcir - ok
17:54:55.0397 5428 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
17:54:55.0397 5428 usbehci - ok
17:54:55.0427 5428 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:54:55.0437 5428 usbhub - ok
17:54:55.0457 5428 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
17:54:55.0467 5428 usbohci - ok
17:54:55.0477 5428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:54:55.0487 5428 usbprint - ok
17:54:55.0517 5428 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:54:55.0517 5428 usbscan - ok
17:54:55.0547 5428 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:54:55.0547 5428 USBSTOR - ok
17:54:55.0567 5428 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
17:54:55.0577 5428 usbuhci - ok
17:54:55.0577 5428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:54:55.0587 5428 UxSms - ok
17:54:55.0607 5428 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:54:55.0607 5428 VaultSvc - ok
17:54:55.0627 5428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:54:55.0627 5428 vdrvroot - ok
17:54:55.0647 5428 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:54:55.0667 5428 vds - ok
17:54:55.0687 5428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:54:55.0687 5428 vga - ok
17:54:55.0707 5428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:54:55.0707 5428 VgaSave - ok
17:54:55.0717 5428 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:54:55.0727 5428 vhdmp - ok
17:54:55.0747 5428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:54:55.0747 5428 viaide - ok
17:54:55.0757 5428 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:54:55.0757 5428 volmgr - ok
17:54:55.0787 5428 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:54:55.0787 5428 volmgrx - ok
17:54:55.0817 5428 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:54:55.0827 5428 volsnap - ok
17:54:55.0847 5428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:54:55.0857 5428 vsmraid - ok
17:54:55.0917 5428 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:54:55.0947 5428 VSS - ok
17:54:56.0027 5428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:54:56.0027 5428 vwifibus - ok
17:54:56.0057 5428 VWiFiFlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:54:56.0057 5428 VWiFiFlt - ok
17:54:56.0067 5428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:54:56.0077 5428 vwifimp - ok
17:54:56.0097 5428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:54:56.0097 5428 W32Time - ok
17:54:56.0107 5428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:54:56.0127 5428 WacomPen - ok
17:54:56.0157 5428 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:54:56.0157 5428 WANARP - ok
17:54:56.0157 5428 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:54:56.0157 5428 Wanarpv6 - ok
17:54:56.0277 5428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:54:56.0297 5428 WatAdminSvc - ok
17:54:56.0387 5428 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:54:56.0427 5428 wbengine - ok
17:54:56.0477 5428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:54:56.0487 5428 WbioSrvc - ok
17:54:56.0527 5428 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:54:56.0527 5428 wcncsvc - ok
17:54:56.0537 5428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:54:56.0547 5428 WcsPlugInService - ok
17:54:56.0557 5428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:54:56.0567 5428 Wd - ok
17:54:56.0587 5428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:54:56.0597 5428 Wdf01000 - ok
17:54:56.0607 5428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:54:56.0617 5428 WdiServiceHost - ok
17:54:56.0617 5428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:54:56.0617 5428 WdiSystemHost - ok
17:54:56.0657 5428 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:54:56.0677 5428 WebClient - ok
17:54:56.0687 5428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:54:56.0697 5428 Wecsvc - ok
17:54:56.0807 5428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:54:56.0817 5428 wercplsupport - ok
17:54:56.0847 5428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:54:56.0847 5428 WerSvc - ok
17:54:56.0877 5428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:54:56.0887 5428 WfpLwf - ok
17:54:56.0897 5428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:54:56.0907 5428 WIMMount - ok
17:54:56.0947 5428 WinDefend - ok
17:54:56.0957 5428 WinHttpAutoProxySvc - ok
17:54:57.0007 5428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:54:57.0007 5428 Winmgmt - ok
17:54:57.0067 5428 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:54:57.0107 5428 WinRM - ok
17:54:57.0197 5428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:54:57.0207 5428 Wlansvc - ok
17:54:57.0277 5428 WlanWpsSvc (c71ee856c4f5b52e2d094f494cee4936) C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanWpsSvc.exe
17:54:57.0277 5428 WlanWpsSvc - ok
17:54:57.0387 5428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:54:57.0387 5428 WmiAcpi - ok
17:54:57.0537 5428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:54:57.0557 5428 wmiApSrv - ok
17:54:57.0567 5428 WMPNetworkSvc - ok
17:54:57.0577 5428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:54:57.0577 5428 WPCSvc - ok
17:54:57.0627 5428 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:54:57.0627 5428 WPDBusEnum - ok
17:54:57.0637 5428 WPS (6cab753b203f39b4ce05ff10013de2ef) C:\Windows\system32\drivers\wpsdrvnt.sys
17:54:57.0637 5428 WPS - ok
17:54:57.0697 5428 WpsHelper (d9b5a13804b7d97770c42da484a9d86e) C:\Windows\system32\drivers\WpsHelper.sys
17:54:57.0697 5428 WpsHelper - ok
17:54:57.0707 5428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:54:57.0707 5428 ws2ifsl - ok
17:54:57.0757 5428 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
17:54:57.0757 5428 wscsvc - ok
17:54:57.0807 5428 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:54:57.0807 5428 WSDPrintDevice - ok
17:54:57.0807 5428 WSearch - ok
17:54:57.0897 5428 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:54:57.0937 5428 wuauserv - ok
17:54:58.0007 5428 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:54:58.0007 5428 WudfPf - ok
17:54:58.0037 5428 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:54:58.0047 5428 WUDFRd - ok
17:54:58.0057 5428 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:54:58.0057 5428 wudfsvc - ok
17:54:58.0077 5428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:54:58.0087 5428 WwanSvc - ok
17:54:58.0137 5428 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
17:54:58.0187 5428 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
17:54:58.0187 5428 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
17:54:58.0247 5428 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:54:58.0247 5428 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:54:58.0257 5428 Boot (0x1200) (034bcc736a2c6b5363af2c94576d0249) \Device\Harddisk0\DR0\Partition0
17:54:58.0257 5428 \Device\Harddisk0\DR0\Partition0 - ok
17:54:58.0277 5428 Boot (0x1200) (b0563b866408dfe254534ab21fd04a3d) \Device\Harddisk0\DR0\Partition1
17:54:58.0277 5428 \Device\Harddisk0\DR0\Partition1 - ok
17:54:58.0277 5428 ============================================================
17:54:58.0277 5428 Scan finished
17:54:58.0277 5428 ============================================================
17:54:58.0297 5776 Detected object count: 2
17:54:58.0297 5776 Actual detected object count: 2
17:55:48.0676 5776 \Device\Harddisk0\DR0\# - copied to quarantine
17:55:48.0686 5776 \Device\Harddisk0\DR0 - copied to quarantine
17:55:48.0736 5776 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:55:49.0296 5776 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
17:55:49.0346 5776 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
17:55:49.0396 5776 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
17:55:49.0466 5776 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
17:55:49.0596 5776 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
17:55:49.0676 5776 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
17:55:49.0686 5776 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
17:55:49.0706 5776 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
17:55:49.0716 5776 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
17:55:49.0726 5776 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
17:55:49.0746 5776 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
17:55:49.0816 5776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
17:55:49.0816 5776 \Device\Harddisk0\DR0 - ok
17:55:49.0856 5776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
17:55:49.0856 5776 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:55:49.0856 5776 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip



ASWMBR LOG



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-09 18:07:47
-----------------------------
18:07:47.671 OS Version: Windows x64 6.1.7600
18:07:47.671 Number of processors: 4 586 0x502
18:07:47.671 ComputerName: AMANDA UserName: Ryan
18:07:57.936 Initialize success
18:13:21.478 AVAST engine defs: 12080901
18:13:56.687 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:13:56.687 Disk 0 Vendor: ST31000528AS CC38 Size: 953869MB BusType: 3
18:13:56.703 Disk 0 MBR read successfully
18:13:56.703 Disk 0 MBR scan
18:13:56.734 Disk 0 Windows 7 default MBR code
18:13:56.734 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:13:56.781 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
18:13:56.827 Disk 0 scanning C:\Windows\system32\drivers
18:14:09.541 Service scanning
18:14:36.373 Modules scanning
18:14:36.389 Disk 0 trace - called modules:
18:14:36.405 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:14:36.405 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b39060]
18:14:36.420 3 CLASSPNP.SYS[fffff8800185943f] -> nt!IofCallDriver -> [0xfffffa8004a649b0]
18:14:36.420 5 ACPI.sys[fffff88000ef0781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b27060]
18:14:38.152 AVAST engine scan C:\Windows
18:14:40.695 AVAST engine scan C:\Windows\system32
18:18:42.136 AVAST engine scan C:\Windows\system32\drivers
18:18:56.707 AVAST engine scan C:\Users\Ryan
11:03:16.472 AVAST engine scan C:\ProgramData
11:06:32.142 Scan finished successfully
12:54:58.682 Disk 0 MBR has been saved successfully to "C:\Users\Ryan\Desktop\MBR.dat"
12:54:58.747 The log file has been saved successfully to "C:\Users\Ryan\Desktop\aswMBR.txt"

ESET REPORT

C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\s7ykjdr2.default\extensions\{f0dc683c-f893-42e9-8434-4a8ba0a1324d}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\s7ykjdr2.default\extensions\{f0dc683c-f893-42e9-8434-4a8ba0a1324d}\chrome\xulcache.jar JS/Agent.NDO trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 10 August 2012 - 04:13 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users