Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have the Google redirect virus also


  • Please log in to reply
4 replies to this topic

#1 ken2024

ken2024

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:49 AM

Posted 10 August 2012 - 03:01 AM

My google search results are being redirected to other sites. This happens in Chrome, Firefox and IE. I've run Malwarebytes which found 3 things that it cannot remove.

These are:
C:\Windows\Installer\{cd906ab4-1539-6679-a9ff-5e8c3ffab27f}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{cd906ab4-1539-6679-a9ff-5e8c3ffab27f}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{cd906ab4-1539-6679-a9ff-5e8c3ffab27f}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

Everytime I run it, these 3 remain found every time.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 PM

Posted 10 August 2012 - 03:29 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ken2024

ken2024
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:49 AM

Posted 10 August 2012 - 05:56 PM

TDS Killer

15:51:54.0450 4944 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:51:54.0840 4944 ============================================================
15:51:54.0840 4944 Current date / time: 2012/08/10 15:51:54.0840
15:51:54.0840 4944 SystemInfo:
15:51:54.0840 4944
15:51:54.0840 4944 OS Version: 6.1.7600 ServicePack: 0.0
15:51:54.0840 4944 Product type: Workstation
15:51:54.0840 4944 ComputerName: CA-PC
15:51:54.0840 4944 UserName: CA
15:51:54.0840 4944 Windows directory: C:\windows
15:51:54.0840 4944 System windows directory: C:\windows
15:51:54.0840 4944 Running under WOW64
15:51:54.0840 4944 Processor architecture: Intel x64
15:51:54.0840 4944 Number of processors: 2
15:51:54.0840 4944 Page size: 0x1000
15:51:54.0840 4944 Boot type: Normal boot
15:51:54.0840 4944 ============================================================
15:51:56.0821 4944 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:51:56.0821 4944 ============================================================
15:51:56.0837 4944 \Device\Harddisk0\DR0:
15:51:56.0837 4944 MBR partitions:
15:51:56.0837 4944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38AD8800
15:51:56.0837 4944 ============================================================
15:51:56.0853 4944 C: <-> \Device\Harddisk0\DR0\Partition0
15:51:56.0853 4944 ============================================================
15:51:56.0853 4944 Initialize success
15:51:56.0853 4944 ============================================================
15:51:58.0381 3352 ============================================================
15:51:58.0381 3352 Scan started
15:51:58.0381 3352 Mode: Manual;
15:51:58.0381 3352 ============================================================
15:51:59.0614 3352 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys
15:51:59.0614 3352 1394ohci - ok
15:51:59.0676 3352 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
15:51:59.0676 3352 ACPI - ok
15:51:59.0692 3352 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
15:51:59.0707 3352 AcpiPmi - ok
15:52:00.0113 3352 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:00.0113 3352 AdobeFlashPlayerUpdateSvc - ok
15:52:00.0175 3352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
15:52:00.0175 3352 adp94xx - ok
15:52:00.0207 3352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
15:52:00.0222 3352 adpahci - ok
15:52:00.0253 3352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
15:52:00.0269 3352 adpu320 - ok
15:52:00.0409 3352 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
15:52:00.0409 3352 AeLookupSvc - ok
15:52:00.0519 3352 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys
15:52:00.0519 3352 AFD - ok
15:52:00.0612 3352 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
15:52:00.0628 3352 AgereSoftModem - ok
15:52:00.0643 3352 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
15:52:00.0643 3352 agp440 - ok
15:52:00.0659 3352 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
15:52:00.0675 3352 ALG - ok
15:52:00.0675 3352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
15:52:00.0675 3352 aliide - ok
15:52:00.0768 3352 ALSysIO - ok
15:52:01.0018 3352 AMD External Events Utility (57b773d82e8cc3c6d7e02cc8a6632043) C:\windows\system32\atiesrxx.exe
15:52:01.0033 3352 AMD External Events Utility - ok
15:52:01.0080 3352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
15:52:01.0080 3352 amdide - ok
15:52:01.0158 3352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
15:52:01.0158 3352 AmdK8 - ok
15:52:02.0453 3352 amdkmdag (aefaf27f1b7e52c705df4fb6c96732f6) C:\windows\system32\DRIVERS\atipmdag.sys
15:52:02.0656 3352 amdkmdag - ok
15:52:02.0921 3352 amdkmdap (8149db73be27950ec72767a1193153a6) C:\windows\system32\DRIVERS\atikmpag.sys
15:52:02.0921 3352 amdkmdap - ok
15:52:02.0937 3352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
15:52:02.0937 3352 AmdPPM - ok
15:52:02.0968 3352 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\windows\system32\DRIVERS\amdsata.sys
15:52:02.0968 3352 amdsata - ok
15:52:02.0999 3352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
15:52:02.0999 3352 amdsbs - ok
15:52:03.0030 3352 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\windows\system32\DRIVERS\amdxata.sys
15:52:03.0030 3352 amdxata - ok
15:52:03.0030 3352 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
15:52:03.0046 3352 AppID - ok
15:52:03.0077 3352 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
15:52:03.0077 3352 AppIDSvc - ok
15:52:03.0093 3352 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
15:52:03.0093 3352 Appinfo - ok
15:52:03.0124 3352 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
15:52:03.0124 3352 arc - ok
15:52:03.0139 3352 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
15:52:03.0139 3352 arcsas - ok
15:52:03.0171 3352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
15:52:03.0171 3352 AsyncMac - ok
15:52:03.0171 3352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
15:52:03.0186 3352 atapi - ok
15:52:03.0217 3352 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
15:52:03.0217 3352 AtiPcie - ok
15:52:03.0280 3352 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
15:52:03.0295 3352 AudioEndpointBuilder - ok
15:52:03.0295 3352 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
15:52:03.0311 3352 AudioSrv - ok
15:52:03.0327 3352 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
15:52:03.0327 3352 AxInstSV - ok
15:52:03.0389 3352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
15:52:03.0389 3352 b06bdrv - ok
15:52:03.0436 3352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
15:52:03.0436 3352 b57nd60a - ok
15:52:03.0451 3352 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
15:52:03.0451 3352 BDESVC - ok
15:52:03.0483 3352 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
15:52:03.0483 3352 Beep - ok
15:52:03.0529 3352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
15:52:03.0529 3352 blbdrive - ok
15:52:03.0561 3352 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys
15:52:03.0561 3352 bowser - ok
15:52:03.0576 3352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
15:52:03.0576 3352 BrFiltLo - ok
15:52:03.0592 3352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
15:52:03.0592 3352 BrFiltUp - ok
15:52:03.0639 3352 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
15:52:03.0639 3352 Browser - ok
15:52:03.0654 3352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
15:52:03.0670 3352 Brserid - ok
15:52:03.0670 3352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
15:52:03.0685 3352 BrSerWdm - ok
15:52:03.0701 3352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
15:52:03.0701 3352 BrUsbMdm - ok
15:52:03.0717 3352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
15:52:03.0717 3352 BrUsbSer - ok
15:52:03.0717 3352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
15:52:03.0717 3352 BTHMODEM - ok
15:52:03.0763 3352 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
15:52:03.0763 3352 bthserv - ok
15:52:03.0810 3352 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
15:52:03.0810 3352 cdfs - ok
15:52:03.0857 3352 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
15:52:03.0857 3352 cdrom - ok
15:52:03.0873 3352 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
15:52:03.0888 3352 CertPropSvc - ok
15:52:03.0904 3352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
15:52:03.0904 3352 circlass - ok
15:52:03.0966 3352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
15:52:03.0982 3352 CLFS - ok
15:52:04.0060 3352 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:04.0060 3352 clr_optimization_v2.0.50727_32 - ok
15:52:04.0122 3352 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:52:04.0122 3352 clr_optimization_v2.0.50727_64 - ok
15:52:04.0153 3352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
15:52:04.0153 3352 CmBatt - ok
15:52:04.0185 3352 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
15:52:04.0185 3352 cmdide - ok
15:52:04.0247 3352 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
15:52:04.0247 3352 CNG - ok
15:52:04.0278 3352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
15:52:04.0278 3352 Compbatt - ok
15:52:04.0325 3352 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
15:52:04.0325 3352 CompositeBus - ok
15:52:04.0325 3352 COMSysApp - ok
15:52:04.0341 3352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
15:52:04.0356 3352 crcdisk - ok
15:52:04.0387 3352 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
15:52:04.0387 3352 CryptSvc - ok
15:52:04.0559 3352 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:52:04.0575 3352 cvhsvc - ok
15:52:04.0637 3352 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
15:52:04.0637 3352 DcomLaunch - ok
15:52:04.0668 3352 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
15:52:04.0684 3352 defragsvc - ok
15:52:04.0762 3352 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys
15:52:04.0762 3352 DfsC - ok
15:52:04.0809 3352 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
15:52:04.0809 3352 Dhcp - ok
15:52:04.0871 3352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
15:52:04.0871 3352 discache - ok
15:52:04.0918 3352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
15:52:04.0918 3352 Disk - ok
15:52:04.0965 3352 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\windows\System32\dnsrslvr.dll
15:52:04.0965 3352 Dnscache - ok
15:52:04.0996 3352 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
15:52:05.0011 3352 dot3svc - ok
15:52:05.0027 3352 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
15:52:05.0027 3352 DPS - ok
15:52:05.0058 3352 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
15:52:05.0058 3352 drmkaud - ok
15:52:05.0152 3352 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys
15:52:05.0152 3352 DXGKrnl - ok
15:52:05.0183 3352 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
15:52:05.0183 3352 EapHost - ok
15:52:05.0355 3352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
15:52:05.0448 3352 ebdrv - ok
15:52:05.0604 3352 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\System32\lsass.exe
15:52:05.0604 3352 EFS - ok
15:52:05.0698 3352 egnyteBackup (d7d0cb012a2f80d05010237bdd642cd0) C:\Program Files (x86)\Egnyte Backup\EgnyteBackupService.exe
15:52:05.0698 3352 egnyteBackup - ok
15:52:05.0776 3352 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\windows\ehome\ehRecvr.exe
15:52:05.0791 3352 ehRecvr - ok
15:52:05.0807 3352 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
15:52:05.0807 3352 ehSched - ok
15:52:05.0916 3352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
15:52:05.0932 3352 elxstor - ok
15:52:05.0947 3352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
15:52:05.0947 3352 ErrDev - ok
15:52:06.0057 3352 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
15:52:06.0057 3352 esgiguard - ok
15:52:06.0135 3352 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
15:52:06.0150 3352 EventSystem - ok
15:52:06.0166 3352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
15:52:06.0181 3352 exfat - ok
15:52:06.0213 3352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
15:52:06.0228 3352 fastfat - ok
15:52:06.0275 3352 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
15:52:06.0291 3352 Fax - ok
15:52:06.0322 3352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
15:52:06.0322 3352 fdc - ok
15:52:06.0353 3352 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
15:52:06.0353 3352 fdPHost - ok
15:52:06.0369 3352 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
15:52:06.0384 3352 FDResPub - ok
15:52:06.0478 3352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
15:52:06.0493 3352 FileInfo - ok
15:52:06.0509 3352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
15:52:06.0509 3352 Filetrace - ok
15:52:06.0540 3352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
15:52:06.0540 3352 flpydisk - ok
15:52:06.0571 3352 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
15:52:06.0571 3352 FltMgr - ok
15:52:06.0649 3352 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\windows\system32\FntCache.dll
15:52:06.0665 3352 FontCache - ok
15:52:06.0727 3352 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:52:06.0727 3352 FontCache3.0.0.0 - ok
15:52:06.0930 3352 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
15:52:06.0946 3352 FsDepends - ok
15:52:06.0993 3352 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
15:52:06.0993 3352 Fs_Rec - ok
15:52:07.0024 3352 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\windows\system32\DRIVERS\fvevol.sys
15:52:07.0024 3352 fvevol - ok
15:52:07.0055 3352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
15:52:07.0055 3352 gagp30kx - ok
15:52:07.0117 3352 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
15:52:07.0133 3352 gpsvc - ok
15:52:07.0211 3352 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:52:07.0211 3352 gupdate - ok
15:52:07.0258 3352 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:52:07.0258 3352 gupdatem - ok
15:52:07.0289 3352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
15:52:07.0289 3352 hcw85cir - ok
15:52:07.0320 3352 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
15:52:07.0320 3352 HdAudAddService - ok
15:52:07.0383 3352 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
15:52:07.0383 3352 HDAudBus - ok
15:52:07.0429 3352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
15:52:07.0429 3352 HidBatt - ok
15:52:07.0476 3352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
15:52:07.0476 3352 HidBth - ok
15:52:07.0492 3352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
15:52:07.0492 3352 HidIr - ok
15:52:07.0523 3352 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
15:52:07.0539 3352 hidserv - ok
15:52:07.0570 3352 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
15:52:07.0570 3352 HidUsb - ok
15:52:07.0601 3352 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
15:52:07.0601 3352 hkmsvc - ok
15:52:07.0648 3352 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
15:52:07.0648 3352 HomeGroupListener - ok
15:52:07.0679 3352 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
15:52:07.0695 3352 HomeGroupProvider - ok
15:52:07.0710 3352 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
15:52:07.0710 3352 HpSAMD - ok
15:52:07.0773 3352 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
15:52:07.0788 3352 HTTP - ok
15:52:07.0788 3352 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
15:52:07.0788 3352 hwpolicy - ok
15:52:07.0835 3352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
15:52:07.0851 3352 i8042prt - ok
15:52:07.0882 3352 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys
15:52:07.0897 3352 iaStorV - ok
15:52:08.0007 3352 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:52:08.0007 3352 idsvc - ok
15:52:08.0053 3352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
15:52:08.0053 3352 iirsp - ok
15:52:08.0116 3352 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
15:52:08.0116 3352 IKEEXT - ok
15:52:10.0581 3352 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
15:52:10.0596 3352 IntcAzAudAddService - ok
15:52:10.0846 3352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
15:52:10.0861 3352 intelide - ok
15:52:10.0877 3352 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
15:52:10.0877 3352 intelppm - ok
15:52:10.0908 3352 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
15:52:10.0908 3352 IPBusEnum - ok
15:52:10.0924 3352 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:52:10.0924 3352 IpFilterDriver - ok
15:52:10.0955 3352 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
15:52:10.0955 3352 IPMIDRV - ok
15:52:10.0971 3352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
15:52:10.0971 3352 IPNAT - ok
15:52:10.0986 3352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
15:52:10.0986 3352 IRENUM - ok
15:52:11.0017 3352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
15:52:11.0017 3352 isapnp - ok
15:52:11.0049 3352 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
15:52:11.0049 3352 iScsiPrt - ok
15:52:11.0095 3352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
15:52:11.0095 3352 kbdclass - ok
15:52:11.0111 3352 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
15:52:11.0111 3352 kbdhid - ok
15:52:11.0127 3352 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
15:52:11.0142 3352 KeyIso - ok
15:52:11.0205 3352 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
15:52:11.0205 3352 KSecDD - ok
15:52:11.0236 3352 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
15:52:11.0251 3352 KSecPkg - ok
15:52:11.0267 3352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
15:52:11.0267 3352 ksthunk - ok
15:52:11.0329 3352 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
15:52:11.0329 3352 KtmRm - ok
15:52:11.0376 3352 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\windows\system32\srvsvc.dll
15:52:11.0376 3352 LanmanServer - ok
15:52:11.0423 3352 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
15:52:11.0423 3352 LanmanWorkstation - ok
15:52:11.0470 3352 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
15:52:11.0470 3352 lltdio - ok
15:52:11.0517 3352 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
15:52:11.0532 3352 lltdsvc - ok
15:52:11.0548 3352 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
15:52:11.0548 3352 lmhosts - ok
15:52:11.0595 3352 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
15:52:11.0595 3352 LPCFilter - ok
15:52:11.0626 3352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
15:52:11.0626 3352 LSI_FC - ok
15:52:11.0641 3352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
15:52:11.0641 3352 LSI_SAS - ok
15:52:11.0657 3352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
15:52:11.0657 3352 LSI_SAS2 - ok
15:52:11.0688 3352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
15:52:11.0688 3352 LSI_SCSI - ok
15:52:11.0735 3352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
15:52:11.0735 3352 luafv - ok
15:52:11.0813 3352 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys
15:52:11.0813 3352 MBAMProtector - ok
15:52:11.0938 3352 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:52:11.0953 3352 MBAMService - ok
15:52:11.0985 3352 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
15:52:11.0985 3352 Mcx2Svc - ok
15:52:12.0000 3352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
15:52:12.0000 3352 megasas - ok
15:52:12.0047 3352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
15:52:12.0047 3352 MegaSR - ok
15:52:12.0063 3352 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:52:12.0063 3352 MMCSS - ok
15:52:12.0094 3352 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
15:52:12.0094 3352 Modem - ok
15:52:12.0125 3352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
15:52:12.0125 3352 monitor - ok
15:52:12.0156 3352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
15:52:12.0156 3352 mouclass - ok
15:52:12.0172 3352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
15:52:12.0172 3352 mouhid - ok
15:52:12.0187 3352 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
15:52:12.0187 3352 mountmgr - ok
15:52:12.0297 3352 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:52:12.0297 3352 MozillaMaintenance - ok
15:52:12.0328 3352 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
15:52:12.0343 3352 mpio - ok
15:52:12.0375 3352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
15:52:12.0375 3352 mpsdrv - ok
15:52:12.0390 3352 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
15:52:12.0390 3352 MRxDAV - ok
15:52:12.0421 3352 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys
15:52:12.0421 3352 mrxsmb - ok
15:52:12.0468 3352 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:52:12.0468 3352 mrxsmb10 - ok
15:52:12.0515 3352 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:52:12.0515 3352 mrxsmb20 - ok
15:52:12.0531 3352 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
15:52:12.0531 3352 msahci - ok
15:52:12.0562 3352 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
15:52:12.0562 3352 msdsm - ok
15:52:12.0593 3352 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
15:52:12.0593 3352 MSDTC - ok
15:52:12.0609 3352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
15:52:12.0609 3352 Msfs - ok
15:52:12.0640 3352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
15:52:12.0640 3352 mshidkmdf - ok
15:52:12.0671 3352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
15:52:12.0671 3352 msisadrv - ok
15:52:12.0702 3352 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
15:52:12.0702 3352 MSiSCSI - ok
15:52:12.0718 3352 msiserver - ok
15:52:12.0733 3352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
15:52:12.0733 3352 MSKSSRV - ok
15:52:12.0749 3352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
15:52:12.0749 3352 MSPCLOCK - ok
15:52:12.0765 3352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
15:52:12.0765 3352 MSPQM - ok
15:52:12.0796 3352 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
15:52:12.0796 3352 MsRPC - ok
15:52:12.0827 3352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
15:52:12.0827 3352 mssmbios - ok
15:52:12.0843 3352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
15:52:12.0843 3352 MSTEE - ok
15:52:12.0858 3352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
15:52:12.0858 3352 MTConfig - ok
15:52:12.0889 3352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
15:52:12.0889 3352 Mup - ok
15:52:12.0936 3352 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
15:52:12.0936 3352 napagent - ok
15:52:12.0983 3352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
15:52:12.0983 3352 NativeWifiP - ok
15:52:13.0045 3352 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
15:52:13.0045 3352 NDIS - ok
15:52:13.0061 3352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
15:52:13.0061 3352 NdisCap - ok
15:52:13.0108 3352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
15:52:13.0108 3352 NdisTapi - ok
15:52:13.0139 3352 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
15:52:13.0139 3352 Ndisuio - ok
15:52:13.0155 3352 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
15:52:13.0155 3352 NdisWan - ok
15:52:13.0186 3352 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
15:52:13.0186 3352 NDProxy - ok
15:52:13.0217 3352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
15:52:13.0217 3352 NetBIOS - ok
15:52:13.0248 3352 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
15:52:13.0248 3352 NetBT - ok
15:52:13.0264 3352 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
15:52:13.0264 3352 Netlogon - ok
15:52:13.0295 3352 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
15:52:13.0295 3352 Netman - ok
15:52:13.0342 3352 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
15:52:13.0342 3352 netprofm - ok
15:52:13.0435 3352 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:52:13.0435 3352 NetTcpPortSharing - ok
15:52:13.0482 3352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
15:52:13.0482 3352 nfrd960 - ok
15:52:13.0560 3352 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
15:52:13.0560 3352 NlaSvc - ok
15:52:13.0576 3352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
15:52:13.0576 3352 Npfs - ok
15:52:13.0591 3352 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
15:52:13.0591 3352 nsi - ok
15:52:13.0623 3352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
15:52:13.0623 3352 nsiproxy - ok
15:52:13.0810 3352 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys
15:52:13.0841 3352 Ntfs - ok
15:52:14.0013 3352 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
15:52:14.0013 3352 Null - ok
15:52:14.0044 3352 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys
15:52:14.0044 3352 nvraid - ok
15:52:14.0106 3352 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys
15:52:14.0122 3352 nvstor - ok
15:52:14.0169 3352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
15:52:14.0184 3352 nv_agp - ok
15:52:14.0200 3352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
15:52:14.0200 3352 ohci1394 - ok
15:52:14.0278 3352 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:52:14.0278 3352 ose - ok
15:52:14.0652 3352 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:52:14.0808 3352 osppsvc - ok
15:52:15.0027 3352 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:52:15.0027 3352 p2pimsvc - ok
15:52:15.0073 3352 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
15:52:15.0073 3352 p2psvc - ok
15:52:15.0136 3352 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
15:52:15.0136 3352 Parport - ok
15:52:15.0183 3352 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
15:52:15.0183 3352 partmgr - ok
15:52:15.0229 3352 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
15:52:15.0229 3352 PcaSvc - ok
15:52:15.0261 3352 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys
15:52:15.0261 3352 pci - ok
15:52:15.0307 3352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
15:52:15.0307 3352 pciide - ok
15:52:15.0339 3352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
15:52:15.0339 3352 pcmcia - ok
15:52:15.0385 3352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
15:52:15.0385 3352 pcw - ok
15:52:15.0479 3352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
15:52:15.0495 3352 PEAUTH - ok
15:52:15.0853 3352 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
15:52:15.0869 3352 PerfHost - ok
15:52:15.0931 3352 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
15:52:15.0931 3352 PGEffect - ok
15:52:16.0056 3352 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
15:52:16.0056 3352 pla - ok
15:52:16.0134 3352 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\windows\system32\umpnpmgr.dll
15:52:16.0150 3352 PlugPlay - ok
15:52:16.0181 3352 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
15:52:16.0181 3352 PNRPAutoReg - ok
15:52:16.0212 3352 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:52:16.0212 3352 PNRPsvc - ok
15:52:16.0259 3352 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
15:52:16.0259 3352 PolicyAgent - ok
15:52:16.0306 3352 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
15:52:16.0306 3352 Power - ok
15:52:16.0368 3352 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
15:52:16.0368 3352 PptpMiniport - ok
15:52:16.0399 3352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
15:52:16.0399 3352 Processor - ok
15:52:16.0431 3352 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
15:52:16.0431 3352 ProfSvc - ok
15:52:16.0462 3352 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
15:52:16.0462 3352 ProtectedStorage - ok
15:52:16.0509 3352 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
15:52:16.0509 3352 Psched - ok
15:52:16.0602 3352 QBCFMonitorService (d2c73b0f27d0750887a3da3bd28f930c) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
15:52:16.0602 3352 QBCFMonitorService - ok
15:52:16.0680 3352 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
15:52:16.0696 3352 QBFCService - ok
15:52:16.0789 3352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
15:52:16.0805 3352 ql2300 - ok
15:52:16.0977 3352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
15:52:16.0977 3352 ql40xx - ok
15:52:17.0008 3352 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
15:52:17.0008 3352 QWAVE - ok
15:52:17.0023 3352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
15:52:17.0023 3352 QWAVEdrv - ok
15:52:17.0055 3352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
15:52:17.0055 3352 RasAcd - ok
15:52:17.0117 3352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
15:52:17.0117 3352 RasAgileVpn - ok
15:52:17.0148 3352 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
15:52:17.0148 3352 RasAuto - ok
15:52:17.0179 3352 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
15:52:17.0179 3352 Rasl2tp - ok
15:52:17.0226 3352 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
15:52:17.0226 3352 RasMan - ok
15:52:17.0273 3352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
15:52:17.0273 3352 RasPppoe - ok
15:52:17.0304 3352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
15:52:17.0304 3352 RasSstp - ok
15:52:17.0460 3352 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
15:52:17.0476 3352 rdbss - ok
15:52:17.0491 3352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
15:52:17.0491 3352 rdpbus - ok
15:52:17.0538 3352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
15:52:17.0538 3352 RDPCDD - ok
15:52:17.0585 3352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
15:52:17.0585 3352 RDPENCDD - ok
15:52:17.0601 3352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
15:52:17.0632 3352 RDPREFMP - ok
15:52:17.0663 3352 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
15:52:17.0663 3352 RDPWD - ok
15:52:17.0694 3352 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys
15:52:17.0710 3352 rdyboost - ok
15:52:17.0741 3352 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
15:52:17.0741 3352 RemoteAccess - ok
15:52:17.0819 3352 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
15:52:17.0819 3352 RemoteRegistry - ok
15:52:17.0881 3352 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
15:52:17.0881 3352 RpcEptMapper - ok
15:52:17.0928 3352 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
15:52:17.0944 3352 RpcLocator - ok
15:52:17.0975 3352 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
15:52:17.0991 3352 RpcSs - ok
15:52:18.0022 3352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
15:52:18.0022 3352 rspndr - ok
15:52:18.0069 3352 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
15:52:18.0069 3352 RSUSBSTOR - ok
15:52:18.0115 3352 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys
15:52:18.0115 3352 RTHDMIAzAudService - ok
15:52:18.0193 3352 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\windows\system32\DRIVERS\Rt64win7.sys
15:52:18.0193 3352 RTL8167 - ok
15:52:18.0287 3352 RTL8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys
15:52:18.0303 3352 RTL8192Ce - ok
15:52:18.0318 3352 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
15:52:18.0318 3352 SamSs - ok
15:52:18.0349 3352 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
15:52:18.0349 3352 sbp2port - ok
15:52:18.0381 3352 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
15:52:18.0381 3352 SCardSvr - ok
15:52:18.0396 3352 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
15:52:18.0396 3352 scfilter - ok
15:52:18.0474 3352 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\windows\system32\schedsvc.dll
15:52:18.0474 3352 Schedule - ok
15:52:18.0505 3352 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
15:52:18.0505 3352 SCPolicySvc - ok
15:52:18.0537 3352 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
15:52:18.0537 3352 SDRSVC - ok
15:52:18.0583 3352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
15:52:18.0583 3352 secdrv - ok
15:52:18.0630 3352 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
15:52:18.0646 3352 seclogon - ok
15:52:18.0661 3352 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
15:52:18.0661 3352 SENS - ok
15:52:18.0677 3352 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
15:52:18.0693 3352 SensrSvc - ok
15:52:18.0708 3352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
15:52:18.0708 3352 Serenum - ok
15:52:18.0739 3352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
15:52:18.0739 3352 Serial - ok
15:52:18.0771 3352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
15:52:18.0771 3352 sermouse - ok
15:52:18.0802 3352 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
15:52:18.0802 3352 SessionEnv - ok
15:52:18.0833 3352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
15:52:18.0833 3352 sffdisk - ok
15:52:18.0849 3352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
15:52:18.0849 3352 sffp_mmc - ok
15:52:18.0849 3352 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
15:52:18.0849 3352 sffp_sd - ok
15:52:18.0864 3352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
15:52:18.0864 3352 sfloppy - ok
15:52:18.0942 3352 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\windows\system32\DRIVERS\Sftfslh.sys
15:52:18.0942 3352 Sftfs - ok
15:52:19.0020 3352 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:52:19.0020 3352 sftlist - ok
15:52:19.0051 3352 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\windows\system32\DRIVERS\Sftplaylh.sys
15:52:19.0051 3352 Sftplay - ok
15:52:19.0083 3352 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\windows\system32\DRIVERS\Sftredirlh.sys
15:52:19.0083 3352 Sftredir - ok
15:52:19.0129 3352 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\windows\system32\DRIVERS\Sftvollh.sys
15:52:19.0129 3352 Sftvol - ok
15:52:19.0161 3352 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:52:19.0161 3352 sftvsa - ok
15:52:19.0223 3352 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
15:52:19.0223 3352 ShellHWDetection - ok
15:52:19.0254 3352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
15:52:19.0254 3352 SiSRaid2 - ok
15:52:19.0270 3352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
15:52:19.0270 3352 SiSRaid4 - ok
15:52:19.0379 3352 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
15:52:19.0379 3352 SkypeUpdate - ok
15:52:19.0426 3352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
15:52:19.0426 3352 Smb - ok
15:52:19.0441 3352 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
15:52:19.0457 3352 SNMPTRAP - ok
15:52:19.0473 3352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
15:52:19.0473 3352 spldr - ok
15:52:19.0504 3352 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\windows\System32\spoolsv.exe
15:52:19.0519 3352 Spooler - ok
15:52:19.0691 3352 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
15:52:19.0785 3352 sppsvc - ok
15:52:19.0972 3352 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
15:52:19.0972 3352 sppuinotify - ok
15:52:20.0128 3352 SpyHunter 4 Service (cef26d36cf0c8a2ae6aac27767070308) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:52:20.0143 3352 SpyHunter 4 Service - ok
15:52:20.0237 3352 srv (37c3abc2338010e110d2a6a3930f3149) C:\windows\system32\DRIVERS\srv.sys
15:52:20.0253 3352 srv - ok
15:52:20.0299 3352 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\windows\system32\DRIVERS\srv2.sys
15:52:20.0299 3352 srv2 - ok
15:52:20.0315 3352 srvnet (cce32bb223e9ff55d241099a858fa889) C:\windows\system32\DRIVERS\srvnet.sys
15:52:20.0331 3352 srvnet - ok
15:52:20.0440 3352 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
15:52:20.0440 3352 SSDPSRV - ok
15:52:20.0580 3352 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
15:52:20.0580 3352 SstpSvc - ok
15:52:20.0643 3352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
15:52:20.0643 3352 stexstor - ok
15:52:20.0892 3352 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
15:52:20.0923 3352 stisvc - ok
15:52:20.0970 3352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
15:52:20.0970 3352 swenum - ok
15:52:21.0189 3352 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
15:52:21.0204 3352 swprv - ok
15:52:21.0485 3352 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
15:52:21.0501 3352 SynTP - ok
15:52:21.0828 3352 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
15:52:21.0875 3352 SysMain - ok
15:52:22.0109 3352 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
15:52:22.0109 3352 TabletInputService - ok
15:52:22.0156 3352 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
15:52:22.0156 3352 TapiSrv - ok
15:52:22.0187 3352 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
15:52:22.0187 3352 TBS - ok
15:52:22.0608 3352 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\windows\system32\drivers\tcpip.sys
15:52:22.0655 3352 Tcpip - ok
15:52:23.0014 3352 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\windows\system32\DRIVERS\tcpip.sys
15:52:23.0029 3352 TCPIP6 - ok
15:52:23.0263 3352 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
15:52:23.0263 3352 tcpipreg - ok
15:52:23.0295 3352 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
15:52:23.0295 3352 tdcmdpst - ok
15:52:23.0326 3352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
15:52:23.0326 3352 TDPIPE - ok
15:52:23.0341 3352 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
15:52:23.0341 3352 TDTCP - ok
15:52:23.0357 3352 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
15:52:23.0357 3352 tdx - ok
15:52:23.0622 3352 TeamViewer7 (2bbb318ea9f34fdc508cea4aab98d770) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:52:23.0638 3352 TeamViewer7 - ok
15:52:23.0794 3352 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
15:52:23.0794 3352 TermDD - ok
15:52:23.0856 3352 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
15:52:23.0872 3352 TermService - ok
15:52:23.0903 3352 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
15:52:23.0903 3352 Themes - ok
15:52:23.0919 3352 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:52:23.0919 3352 THREADORDER - ok
15:52:23.0981 3352 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
15:52:23.0981 3352 TODDSrv - ok
15:52:24.0090 3352 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:52:24.0090 3352 TosCoSrv - ok
15:52:24.0277 3352 TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe
15:52:24.0277 3352 TOSHIBA eco Utility Service - ok
15:52:24.0324 3352 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:52:24.0324 3352 TOSHIBA HDD SSD Alert Service - ok
15:52:24.0418 3352 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:52:24.0433 3352 TPCHSrv - ok
15:52:24.0621 3352 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
15:52:24.0621 3352 TrkWks - ok
15:52:24.0683 3352 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
15:52:24.0683 3352 TrustedInstaller - ok
15:52:24.0761 3352 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
15:52:24.0761 3352 tssecsrv - ok
15:52:24.0777 3352 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
15:52:24.0777 3352 tunnel - ok
15:52:24.0808 3352 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:52:24.0808 3352 TVALZ - ok
15:52:24.0855 3352 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
15:52:24.0855 3352 TVALZFL - ok
15:52:24.0886 3352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
15:52:24.0886 3352 uagp35 - ok
15:52:24.0917 3352 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
15:52:24.0917 3352 udfs - ok
15:52:24.0948 3352 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
15:52:24.0948 3352 UI0Detect - ok
15:52:24.0979 3352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
15:52:24.0979 3352 uliagpkx - ok
15:52:24.0995 3352 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
15:52:24.0995 3352 umbus - ok
15:52:25.0011 3352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
15:52:25.0011 3352 UmPass - ok
15:52:25.0057 3352 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
15:52:25.0057 3352 upnphost - ok
15:52:25.0089 3352 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys
15:52:25.0089 3352 usbccgp - ok
15:52:25.0104 3352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
15:52:25.0104 3352 usbcir - ok
15:52:25.0135 3352 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\windows\system32\DRIVERS\usbehci.sys
15:52:25.0135 3352 usbehci - ok
15:52:25.0229 3352 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\windows\system32\DRIVERS\usbhub.sys
15:52:25.0229 3352 usbhub - ok
15:52:25.0245 3352 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
15:52:25.0245 3352 usbohci - ok
15:52:25.0276 3352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
15:52:25.0276 3352 usbprint - ok
15:52:25.0323 3352 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:52:25.0338 3352 USBSTOR - ok
15:52:25.0354 3352 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
15:52:25.0354 3352 usbuhci - ok
15:52:25.0416 3352 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys
15:52:25.0416 3352 usbvideo - ok
15:52:25.0447 3352 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
15:52:25.0447 3352 UxSms - ok
15:52:25.0541 3352 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
15:52:25.0541 3352 VaultSvc - ok
15:52:25.0588 3352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
15:52:25.0588 3352 vdrvroot - ok
15:52:25.0666 3352 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
15:52:25.0666 3352 vds - ok
15:52:25.0775 3352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
15:52:25.0775 3352 vga - ok
15:52:25.0822 3352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
15:52:25.0822 3352 VgaSave - ok
15:52:26.0118 3352 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
15:52:26.0134 3352 vhdmp - ok
15:52:26.0212 3352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
15:52:26.0227 3352 viaide - ok
15:52:26.0274 3352 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
15:52:26.0274 3352 volmgr - ok
15:52:26.0446 3352 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
15:52:26.0446 3352 volmgrx - ok
15:52:26.0508 3352 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
15:52:26.0524 3352 volsnap - ok
15:52:26.0555 3352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
15:52:26.0555 3352 vsmraid - ok
15:52:26.0680 3352 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
15:52:26.0711 3352 VSS - ok
15:52:27.0054 3352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
15:52:27.0054 3352 vwifibus - ok
15:52:27.0117 3352 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
15:52:27.0117 3352 vwififlt - ok
15:52:27.0148 3352 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
15:52:27.0148 3352 vwifimp - ok
15:52:27.0210 3352 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
15:52:27.0226 3352 W32Time - ok
15:52:27.0241 3352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
15:52:27.0257 3352 WacomPen - ok
15:52:27.0273 3352 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
15:52:27.0273 3352 WANARP - ok
15:52:27.0273 3352 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
15:52:27.0273 3352 Wanarpv6 - ok
15:52:27.0397 3352 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
15:52:27.0413 3352 wbengine - ok
15:52:27.0600 3352 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
15:52:27.0600 3352 WbioSrvc - ok
15:52:27.0631 3352 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\windows\System32\wcncsvc.dll
15:52:27.0647 3352 wcncsvc - ok
15:52:27.0663 3352 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
15:52:27.0678 3352 WcsPlugInService - ok
15:52:27.0741 3352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
15:52:27.0741 3352 Wd - ok
15:52:27.0881 3352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
15:52:27.0897 3352 Wdf01000 - ok
15:52:27.0912 3352 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:52:27.0928 3352 WdiServiceHost - ok
15:52:27.0928 3352 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:52:27.0928 3352 WdiSystemHost - ok
15:52:27.0943 3352 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\windows\System32\webclnt.dll
15:52:27.0959 3352 WebClient - ok
15:52:27.0975 3352 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
15:52:27.0975 3352 Wecsvc - ok
15:52:28.0006 3352 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
15:52:28.0006 3352 wercplsupport - ok
15:52:28.0021 3352 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
15:52:28.0021 3352 WerSvc - ok
15:52:28.0084 3352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
15:52:28.0099 3352 WfpLwf - ok
15:52:28.0115 3352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
15:52:28.0115 3352 WIMMount - ok
15:52:28.0115 3352 WinHttpAutoProxySvc - ok
15:52:28.0193 3352 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
15:52:28.0209 3352 Winmgmt - ok
15:52:28.0583 3352 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
15:52:28.0630 3352 WinRM - ok
15:52:28.0833 3352 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
15:52:28.0833 3352 WinUsb - ok
15:52:28.0926 3352 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
15:52:28.0942 3352 Wlansvc - ok
15:52:28.0957 3352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
15:52:28.0973 3352 WmiAcpi - ok
15:52:29.0035 3352 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
15:52:29.0051 3352 wmiApSrv - ok
15:52:29.0113 3352 WMPNetworkSvc - ok
15:52:29.0176 3352 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
15:52:29.0176 3352 WPCSvc - ok
15:52:29.0207 3352 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
15:52:29.0207 3352 WPDBusEnum - ok
15:52:29.0254 3352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
15:52:29.0254 3352 ws2ifsl - ok
15:52:29.0254 3352 WSearch - ok
15:52:29.0332 3352 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
15:52:29.0332 3352 WudfPf - ok
15:52:29.0363 3352 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
15:52:29.0363 3352 WUDFRd - ok
15:52:29.0410 3352 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
15:52:29.0410 3352 wudfsvc - ok
15:52:29.0441 3352 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
15:52:29.0441 3352 WwanSvc - ok
15:52:29.0472 3352 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
15:52:29.0753 3352 \Device\Harddisk0\DR0 - ok
15:52:29.0769 3352 Boot (0x1200) (197be55ef42893be1a665a2f0ffd1a48) \Device\Harddisk0\DR0\Partition0
15:52:29.0769 3352 \Device\Harddisk0\DR0\Partition0 - ok
15:52:29.0769 3352 ============================================================
15:52:29.0769 3352 Scan finished
15:52:29.0769 3352 ============================================================
15:52:29.0784 1428 Detected object count: 0
15:52:29.0784 1428 Actual detected object count: 0

#4 ken2024

ken2024
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:49 AM

Posted 10 August 2012 - 06:05 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-10 15:53:17
-----------------------------
15:53:17.691 OS Version: Windows x64 6.1.7600
15:53:17.691 Number of processors: 2 586 0x603
15:53:17.707 ComputerName: CA-PC UserName: CA
15:53:23.588 Initialize success
15:55:51.436 AVAST engine defs: 12081001
15:56:20.848 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
15:56:20.848 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 476940MB BusType: 11
15:56:20.863 Disk 0 MBR read successfully
15:56:20.863 Disk 0 MBR scan
15:56:20.863 Disk 0 Windows VISTA default MBR code
15:56:20.879 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
15:56:20.894 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 464305 MB offset 3074048
15:56:20.926 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11134 MB offset 953970688
15:56:20.957 Disk 0 scanning C:\windows\system32\drivers
15:56:46.261 Service scanning
15:57:57.555 Modules scanning
15:57:57.571 Disk 0 trace - called modules:
15:57:57.602 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
15:57:58.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c40060]
15:57:58.132 3 CLASSPNP.SYS[fffff880018e543f] -> nt!IofCallDriver -> [0xfffffa8004bc8b80]
15:57:58.132 5 amdxata.sys[fffff880011417a8] -> nt!IofCallDriver -> \Device\00000066[0xfffffa8004bc6060]
15:58:07.153 AVAST engine scan C:\windows
15:58:26.409 AVAST engine scan C:\windows\system32
16:00:46.615 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:00:48.134 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:01:55.795 AVAST engine scan C:\windows\system32\drivers
16:02:15.175 AVAST engine scan C:\Users\CA
16:05:21.629 Disk 0 MBR has been saved successfully to "C:\Users\CA\Documents\MBR.dat"
16:05:21.630 The log file has been saved successfully to "C:\Users\CA\Documents\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 PM

Posted 10 August 2012 - 06:18 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users