Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! - F9 Recovery Partition not working! VIrus!?


  • Please log in to reply
11 replies to this topic

#1 devoninc

devoninc

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 06:02 AM

So here's where I am: Since the recovery partition isn't working (F9 brings me to system repair). I downloaded the win7 iso and burned it and "reinstalled" windows, but it seems like I still have the virus.

I ran ESET on my "newly installed" Windows and it tells me:
"Operating memory - Win32/Olmarik.TDL4 trojan - unable to clean"
And F9 still brings up system repair instead of recovery partition.

I have an ASUS g73jh laptop. Running Windows 7 Home Premium 64-bit.

What do I do? I'm about to cry! >_<

Please help!!! :(

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 06:08 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 devoninc

devoninc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 06:10 AM

TDSSKiller

04:10:37.0316 1956 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
04:10:37.0695 1956 ============================================================
04:10:37.0695 1956 Current date / time: 2012/08/10 04:10:37.0695
04:10:37.0695 1956 SystemInfo:
04:10:37.0695 1956
04:10:37.0695 1956 OS Version: 6.1.7601 ServicePack: 1.0
04:10:37.0695 1956 Product type: Workstation
04:10:37.0695 1956 ComputerName: J-PC
04:10:37.0696 1956 UserName: J
04:10:37.0696 1956 Windows directory: C:\Windows
04:10:37.0696 1956 System windows directory: C:\Windows
04:10:37.0696 1956 Running under WOW64
04:10:37.0696 1956 Processor architecture: Intel x64
04:10:37.0696 1956 Number of processors: 8
04:10:37.0696 1956 Page size: 0x1000
04:10:37.0696 1956 Boot type: Normal boot
04:10:37.0696 1956 ============================================================
04:10:40.0433 1956 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:10:40.0442 1956 ============================================================
04:10:40.0442 1956 \Device\Harddisk0\DR0:
04:10:40.0442 1956 MBR partitions:
04:10:40.0442 1956 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2711678, BlocksNum 0xE8E1800
04:10:40.0457 1956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10FF3800, BlocksNum 0x29392000
04:10:40.0457 1956 ============================================================
04:10:40.0507 1956 C: <-> \Device\Harddisk0\DR0\Partition0
04:10:40.0535 1956 D: <-> \Device\Harddisk0\DR0\Partition1
04:10:40.0535 1956 ============================================================
04:10:40.0535 1956 Initialize success
04:10:40.0535 1956 ============================================================
04:10:50.0432 0600 ============================================================
04:10:50.0432 0600 Scan started
04:10:50.0432 0600 Mode: Manual; TDLFS;
04:10:50.0432 0600 ============================================================
04:10:51.0735 0600 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
04:10:51.0797 0600 1394ohci - ok
04:10:51.0843 0600 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
04:10:51.0857 0600 ACPI - ok
04:10:51.0869 0600 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
04:10:51.0892 0600 AcpiPmi - ok
04:10:51.0943 0600 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
04:10:51.0999 0600 adp94xx - ok
04:10:52.0040 0600 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
04:10:52.0071 0600 adpahci - ok
04:10:52.0103 0600 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
04:10:52.0111 0600 adpu320 - ok
04:10:52.0142 0600 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
04:10:52.0142 0600 AeLookupSvc - ok
04:10:52.0224 0600 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
04:10:52.0241 0600 AFD - ok
04:10:52.0265 0600 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
04:10:52.0295 0600 agp440 - ok
04:10:52.0313 0600 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
04:10:52.0314 0600 ALG - ok
04:10:52.0319 0600 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
04:10:52.0332 0600 aliide - ok
04:10:52.0495 0600 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
04:10:52.0499 0600 AMD External Events Utility - ok
04:10:52.0506 0600 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
04:10:52.0532 0600 amdide - ok
04:10:52.0541 0600 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
04:10:52.0557 0600 AmdK8 - ok
04:10:53.0261 0600 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
04:10:53.0484 0600 amdkmdag - ok
04:10:53.0797 0600 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
04:10:53.0803 0600 amdkmdap - ok
04:10:53.0836 0600 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
04:10:53.0873 0600 AmdPPM - ok
04:10:53.0910 0600 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
04:10:53.0955 0600 amdsata - ok
04:10:53.0975 0600 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
04:10:53.0994 0600 amdsbs - ok
04:10:54.0006 0600 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
04:10:54.0020 0600 amdxata - ok
04:10:54.0049 0600 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
04:10:54.0050 0600 AppID - ok
04:10:54.0074 0600 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
04:10:54.0075 0600 AppIDSvc - ok
04:10:54.0096 0600 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
04:10:54.0097 0600 Appinfo - ok
04:10:54.0109 0600 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
04:10:54.0126 0600 arc - ok
04:10:54.0138 0600 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
04:10:54.0142 0600 arcsas - ok
04:10:54.0214 0600 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
04:10:54.0216 0600 ASLDRService - ok
04:10:54.0247 0600 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
04:10:54.0249 0600 ASMMAP64 - ok
04:10:54.0263 0600 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
04:10:54.0265 0600 AsyncMac - ok
04:10:54.0272 0600 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
04:10:54.0273 0600 atapi - ok
04:10:54.0413 0600 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
04:10:54.0504 0600 athr - ok
04:10:54.0800 0600 AtiHDAudioService (b0790ff0e25b7a2674296052f2162c1a) C:\Windows\system32\drivers\AtihdW76.sys
04:10:54.0815 0600 AtiHDAudioService - ok
04:10:54.0872 0600 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
04:10:54.0875 0600 ATKGFNEXSrv - ok
04:10:54.0947 0600 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
04:10:54.0969 0600 AudioEndpointBuilder - ok
04:10:54.0981 0600 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
04:10:54.0989 0600 AudioSrv - ok
04:10:55.0020 0600 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
04:10:55.0022 0600 AxInstSV - ok
04:10:55.0081 0600 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
04:10:55.0122 0600 b06bdrv - ok
04:10:55.0171 0600 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
04:10:55.0220 0600 b57nd60a - ok
04:10:55.0262 0600 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
04:10:55.0265 0600 BDESVC - ok
04:10:55.0272 0600 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
04:10:55.0273 0600 Beep - ok
04:10:55.0362 0600 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
04:10:55.0387 0600 BFE - ok
04:10:55.0462 0600 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
04:10:55.0490 0600 BITS - ok
04:10:55.0580 0600 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
04:10:55.0595 0600 blbdrive - ok
04:10:55.0633 0600 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
04:10:55.0634 0600 bowser - ok
04:10:55.0639 0600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
04:10:55.0641 0600 BrFiltLo - ok
04:10:55.0645 0600 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
04:10:55.0647 0600 BrFiltUp - ok
04:10:55.0664 0600 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
04:10:55.0666 0600 Browser - ok
04:10:55.0702 0600 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
04:10:55.0726 0600 Brserid - ok
04:10:55.0733 0600 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
04:10:55.0748 0600 BrSerWdm - ok
04:10:55.0752 0600 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
04:10:55.0766 0600 BrUsbMdm - ok
04:10:55.0770 0600 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
04:10:55.0773 0600 BrUsbSer - ok
04:10:55.0835 0600 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
04:10:55.0850 0600 BthEnum - ok
04:10:55.0861 0600 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
04:10:55.0875 0600 BTHMODEM - ok
04:10:55.0901 0600 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
04:10:55.0902 0600 BthPan - ok
04:10:55.0956 0600 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
04:10:55.0999 0600 BTHPORT - ok
04:10:56.0024 0600 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
04:10:56.0025 0600 bthserv - ok
04:10:56.0045 0600 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
04:10:56.0061 0600 BTHUSB - ok
04:10:56.0073 0600 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
04:10:56.0074 0600 cdfs - ok
04:10:56.0106 0600 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
04:10:56.0123 0600 cdrom - ok
04:10:56.0169 0600 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
04:10:56.0172 0600 CertPropSvc - ok
04:10:56.0183 0600 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
04:10:56.0188 0600 circlass - ok
04:10:56.0213 0600 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
04:10:56.0226 0600 CLFS - ok
04:10:56.0313 0600 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:10:56.0315 0600 clr_optimization_v2.0.50727_32 - ok
04:10:56.0409 0600 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:10:56.0411 0600 clr_optimization_v2.0.50727_64 - ok
04:10:56.0441 0600 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
04:10:56.0472 0600 CmBatt - ok
04:10:56.0479 0600 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
04:10:56.0498 0600 cmdide - ok
04:10:56.0547 0600 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
04:10:56.0564 0600 CNG - ok
04:10:56.0582 0600 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
04:10:56.0603 0600 Compbatt - ok
04:10:56.0625 0600 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
04:10:56.0628 0600 CompositeBus - ok
04:10:56.0634 0600 COMSysApp - ok
04:10:56.0646 0600 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
04:10:56.0649 0600 crcdisk - ok
04:10:56.0711 0600 Creative Audio Engine Licensing Service - ok
04:10:56.0758 0600 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
04:10:56.0766 0600 CryptSvc - ok
04:10:56.0824 0600 dc3d (c7259495924d21f1afa26467d9f4dae0) C:\Windows\system32\DRIVERS\dc3d.sys
04:10:56.0857 0600 dc3d - ok
04:10:56.0908 0600 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
04:10:56.0929 0600 DcomLaunch - ok
04:10:56.0977 0600 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
04:10:56.0990 0600 defragsvc - ok
04:10:57.0011 0600 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
04:10:57.0013 0600 DfsC - ok
04:10:57.0050 0600 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
04:10:57.0067 0600 Dhcp - ok
04:10:57.0075 0600 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
04:10:57.0077 0600 discache - ok
04:10:57.0099 0600 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
04:10:57.0124 0600 Disk - ok
04:10:57.0184 0600 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
04:10:57.0198 0600 Dnscache - ok
04:10:57.0228 0600 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
04:10:57.0241 0600 dot3svc - ok
04:10:57.0260 0600 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
04:10:57.0269 0600 DPS - ok
04:10:57.0297 0600 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
04:10:57.0330 0600 drmkaud - ok
04:10:57.0582 0600 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
04:10:57.0595 0600 DXGKrnl - ok
04:10:57.0648 0600 eamonm (d00eae9c735a7dee8049e50d73d25434) C:\Windows\system32\DRIVERS\eamonm.sys
04:10:57.0667 0600 eamonm - ok
04:10:57.0686 0600 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
04:10:57.0687 0600 EapHost - ok
04:10:57.0943 0600 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
04:10:58.0059 0600 ebdrv - ok
04:10:58.0299 0600 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
04:10:58.0302 0600 EFS - ok
04:10:58.0412 0600 ehdrv (e5edde3c8158dd0cbc5812f201dcded0) C:\Windows\system32\DRIVERS\ehdrv.sys
04:10:58.0442 0600 ehdrv - ok
04:10:58.0558 0600 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
04:10:58.0582 0600 ehRecvr - ok
04:10:58.0605 0600 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
04:10:58.0608 0600 ehSched - ok
04:10:58.0788 0600 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
04:10:58.0799 0600 ekrn - ok
04:10:59.0168 0600 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
04:10:59.0207 0600 elxstor - ok
04:10:59.0285 0600 epfw (587f0f4145a1536a6e37efd769b7665f) C:\Windows\system32\DRIVERS\epfw.sys
04:10:59.0288 0600 epfw - ok
04:10:59.0333 0600 EpfwLWF (d2f812358ee8ee23cbb5c4daffb5b819) C:\Windows\system32\DRIVERS\EpfwLWF.sys
04:10:59.0378 0600 EpfwLWF - ok
04:10:59.0391 0600 epfwwfp (34bf55d69ab74d14c7e7a17259cb7df8) C:\Windows\system32\DRIVERS\epfwwfp.sys
04:10:59.0407 0600 epfwwfp - ok
04:10:59.0410 0600 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
04:10:59.0426 0600 ErrDev - ok
04:10:59.0482 0600 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
04:10:59.0497 0600 EventSystem - ok
04:10:59.0517 0600 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
04:10:59.0530 0600 exfat - ok
04:10:59.0545 0600 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
04:10:59.0548 0600 fastfat - ok
04:10:59.0612 0600 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
04:10:59.0630 0600 Fax - ok
04:10:59.0636 0600 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
04:10:59.0675 0600 fdc - ok
04:10:59.0697 0600 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
04:10:59.0698 0600 fdPHost - ok
04:10:59.0704 0600 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
04:10:59.0705 0600 FDResPub - ok
04:10:59.0715 0600 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
04:10:59.0716 0600 FileInfo - ok
04:10:59.0721 0600 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
04:10:59.0722 0600 Filetrace - ok
04:10:59.0725 0600 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
04:10:59.0728 0600 flpydisk - ok
04:10:59.0758 0600 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
04:10:59.0762 0600 FltMgr - ok
04:10:59.0847 0600 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
04:10:59.0881 0600 FontCache - ok
04:11:00.0186 0600 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:11:00.0188 0600 FontCache3.0.0.0 - ok
04:11:00.0284 0600 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
04:11:00.0286 0600 FsDepends - ok
04:11:00.0312 0600 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
04:11:00.0314 0600 Fs_Rec - ok
04:11:00.0351 0600 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
04:11:00.0363 0600 fvevol - ok
04:11:00.0382 0600 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
04:11:00.0439 0600 gagp30kx - ok
04:11:00.0492 0600 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
04:11:00.0511 0600 gpsvc - ok
04:11:00.0527 0600 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
04:11:00.0530 0600 hcw85cir - ok
04:11:00.0569 0600 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
04:11:00.0586 0600 HdAudAddService - ok
04:11:00.0616 0600 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:11:00.0617 0600 HDAudBus - ok
04:11:00.0623 0600 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
04:11:00.0650 0600 HidBatt - ok
04:11:00.0663 0600 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
04:11:00.0679 0600 HidBth - ok
04:11:00.0694 0600 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
04:11:00.0721 0600 HidIr - ok
04:11:00.0732 0600 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
04:11:00.0733 0600 hidserv - ok
04:11:00.0740 0600 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
04:11:00.0754 0600 HidUsb - ok
04:11:00.0783 0600 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
04:11:00.0784 0600 hkmsvc - ok
04:11:00.0808 0600 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
04:11:00.0821 0600 HomeGroupListener - ok
04:11:00.0854 0600 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
04:11:00.0856 0600 HomeGroupProvider - ok
04:11:00.0876 0600 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
04:11:00.0879 0600 HpSAMD - ok
04:11:00.0946 0600 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
04:11:00.0973 0600 HTTP - ok
04:11:00.0979 0600 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
04:11:00.0980 0600 hwpolicy - ok
04:11:01.0009 0600 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
04:11:01.0041 0600 i8042prt - ok
04:11:01.0095 0600 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
04:11:01.0167 0600 iaStorV - ok
04:11:01.0301 0600 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:11:01.0348 0600 idsvc - ok
04:11:01.0364 0600 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
04:11:01.0369 0600 iirsp - ok
04:11:01.0438 0600 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
04:11:01.0462 0600 IKEEXT - ok
04:11:01.0638 0600 IntcAzAudAddService (045555f0d572bb48498d040c31e9dc6a) C:\Windows\system32\drivers\RTKVHD64.sys
04:11:01.0659 0600 IntcAzAudAddService - ok
04:11:01.0933 0600 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
04:11:01.0937 0600 intelide - ok
04:11:01.0960 0600 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
04:11:01.0961 0600 intelppm - ok
04:11:01.0993 0600 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
04:11:01.0996 0600 IPBusEnum - ok
04:11:02.0022 0600 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:11:02.0024 0600 IpFilterDriver - ok
04:11:02.0084 0600 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
04:11:02.0108 0600 iphlpsvc - ok
04:11:02.0127 0600 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
04:11:02.0144 0600 IPMIDRV - ok
04:11:02.0156 0600 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
04:11:02.0158 0600 IPNAT - ok
04:11:02.0173 0600 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
04:11:02.0174 0600 IRENUM - ok
04:11:02.0182 0600 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
04:11:02.0199 0600 isapnp - ok
04:11:02.0229 0600 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
04:11:02.0266 0600 iScsiPrt - ok
04:11:02.0275 0600 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
04:11:02.0277 0600 kbdclass - ok
04:11:02.0283 0600 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
04:11:02.0286 0600 kbdhid - ok
04:11:02.0317 0600 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
04:11:02.0318 0600 KeyIso - ok
04:11:02.0340 0600 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
04:11:02.0342 0600 KSecDD - ok
04:11:02.0364 0600 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
04:11:02.0374 0600 KSecPkg - ok
04:11:02.0397 0600 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
04:11:02.0398 0600 ksthunk - ok
04:11:02.0443 0600 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
04:11:02.0459 0600 KtmRm - ok
04:11:02.0503 0600 L1C (9ddc68b87a9b837736a2b193ee14a4a5) C:\Windows\system32\DRIVERS\L1C62x64.sys
04:11:02.0534 0600 L1C - ok
04:11:02.0700 0600 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
04:11:02.0738 0600 LanmanServer - ok
04:11:02.0796 0600 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
04:11:02.0802 0600 LanmanWorkstation - ok
04:11:02.0823 0600 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
04:11:02.0825 0600 lltdio - ok
04:11:02.0862 0600 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
04:11:02.0880 0600 lltdsvc - ok
04:11:02.0888 0600 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
04:11:02.0891 0600 lmhosts - ok
04:11:02.0931 0600 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
04:11:02.0968 0600 LSI_FC - ok
04:11:02.0981 0600 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
04:11:02.0996 0600 LSI_SAS - ok
04:11:03.0006 0600 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
04:11:03.0020 0600 LSI_SAS2 - ok
04:11:03.0034 0600 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
04:11:03.0050 0600 LSI_SCSI - ok
04:11:03.0070 0600 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
04:11:03.0071 0600 luafv - ok
04:11:03.0117 0600 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
04:11:03.0120 0600 Mcx2Svc - ok
04:11:03.0129 0600 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
04:11:03.0166 0600 megasas - ok
04:11:03.0206 0600 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
04:11:03.0259 0600 MegaSR - ok
04:11:03.0279 0600 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
04:11:03.0280 0600 MMCSS - ok
04:11:03.0286 0600 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
04:11:03.0287 0600 Modem - ok
04:11:03.0292 0600 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
04:11:03.0292 0600 monitor - ok
04:11:03.0307 0600 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
04:11:03.0308 0600 mouclass - ok
04:11:03.0319 0600 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
04:11:03.0322 0600 mouhid - ok
04:11:03.0333 0600 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
04:11:03.0334 0600 mountmgr - ok
04:11:03.0351 0600 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
04:11:03.0358 0600 mpio - ok
04:11:03.0367 0600 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
04:11:03.0369 0600 mpsdrv - ok
04:11:03.0429 0600 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
04:11:03.0444 0600 MpsSvc - ok
04:11:03.0466 0600 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
04:11:03.0468 0600 MRxDAV - ok
04:11:03.0505 0600 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:11:03.0513 0600 mrxsmb - ok
04:11:03.0546 0600 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:11:03.0558 0600 mrxsmb10 - ok
04:11:03.0577 0600 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:11:03.0579 0600 mrxsmb20 - ok
04:11:03.0587 0600 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
04:11:03.0614 0600 msahci - ok
04:11:03.0640 0600 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
04:11:03.0679 0600 msdsm - ok
04:11:03.0696 0600 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
04:11:03.0699 0600 MSDTC - ok
04:11:03.0705 0600 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
04:11:03.0706 0600 Msfs - ok
04:11:03.0720 0600 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
04:11:03.0720 0600 mshidkmdf - ok
04:11:03.0724 0600 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
04:11:03.0738 0600 msisadrv - ok
04:11:03.0769 0600 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
04:11:03.0778 0600 MSiSCSI - ok
04:11:03.0782 0600 msiserver - ok
04:11:03.0796 0600 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
04:11:03.0797 0600 MSKSSRV - ok
04:11:03.0812 0600 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
04:11:03.0813 0600 MSPCLOCK - ok
04:11:03.0816 0600 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
04:11:03.0817 0600 MSPQM - ok
04:11:03.0851 0600 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
04:11:03.0866 0600 MsRPC - ok
04:11:03.0872 0600 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
04:11:03.0873 0600 mssmbios - ok
04:11:03.0878 0600 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
04:11:03.0878 0600 MSTEE - ok
04:11:03.0882 0600 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
04:11:03.0885 0600 MTConfig - ok
04:11:03.0944 0600 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
04:11:04.0016 0600 MTsensor - ok
04:11:04.0026 0600 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
04:11:04.0027 0600 Mup - ok
04:11:04.0074 0600 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
04:11:04.0088 0600 napagent - ok
04:11:04.0141 0600 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
04:11:04.0151 0600 NativeWifiP - ok
04:11:04.0234 0600 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
04:11:04.0263 0600 NDIS - ok
04:11:04.0273 0600 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
04:11:04.0274 0600 NdisCap - ok
04:11:04.0289 0600 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
04:11:04.0290 0600 NdisTapi - ok
04:11:04.0308 0600 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
04:11:04.0310 0600 Ndisuio - ok
04:11:04.0329 0600 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
04:11:04.0332 0600 NdisWan - ok
04:11:04.0343 0600 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
04:11:04.0344 0600 NDProxy - ok
04:11:04.0353 0600 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
04:11:04.0354 0600 NetBIOS - ok
04:11:04.0386 0600 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
04:11:04.0401 0600 NetBT - ok
04:11:04.0437 0600 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
04:11:04.0439 0600 Netlogon - ok
04:11:04.0485 0600 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
04:11:04.0501 0600 Netman - ok
04:11:04.0534 0600 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
04:11:04.0548 0600 netprofm - ok
04:11:04.0623 0600 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:11:04.0626 0600 NetTcpPortSharing - ok
04:11:04.0657 0600 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
04:11:04.0706 0600 nfrd960 - ok
04:11:04.0740 0600 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
04:11:04.0757 0600 NlaSvc - ok
04:11:04.0767 0600 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
04:11:04.0769 0600 Npfs - ok
04:11:04.0781 0600 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
04:11:04.0784 0600 nsi - ok
04:11:04.0791 0600 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
04:11:04.0793 0600 nsiproxy - ok
04:11:04.0932 0600 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
04:11:04.0972 0600 Ntfs - ok
04:11:05.0244 0600 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
04:11:05.0245 0600 Null - ok
04:11:05.0286 0600 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
04:11:05.0352 0600 nvraid - ok
04:11:05.0379 0600 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
04:11:05.0416 0600 nvstor - ok
04:11:05.0448 0600 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
04:11:05.0464 0600 nv_agp - ok
04:11:05.0474 0600 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
04:11:05.0488 0600 ohci1394 - ok
04:11:05.0528 0600 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
04:11:05.0543 0600 p2pimsvc - ok
04:11:05.0594 0600 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
04:11:05.0613 0600 p2psvc - ok
04:11:05.0636 0600 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
04:11:05.0679 0600 Parport - ok
04:11:05.0708 0600 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
04:11:05.0710 0600 partmgr - ok
04:11:05.0730 0600 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
04:11:05.0733 0600 PcaSvc - ok
04:11:05.0753 0600 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
04:11:05.0756 0600 pci - ok
04:11:05.0760 0600 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
04:11:05.0774 0600 pciide - ok
04:11:05.0803 0600 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
04:11:05.0852 0600 pcmcia - ok
04:11:05.0859 0600 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
04:11:05.0860 0600 pcw - ok
04:11:05.0924 0600 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
04:11:05.0944 0600 PEAUTH - ok
04:11:06.0133 0600 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
04:11:06.0136 0600 PerfHost - ok
04:11:06.0256 0600 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
04:11:06.0289 0600 pla - ok
04:11:06.0355 0600 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
04:11:06.0373 0600 PlugPlay - ok
04:11:06.0392 0600 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
04:11:06.0395 0600 PNRPAutoReg - ok
04:11:06.0421 0600 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
04:11:06.0426 0600 PNRPsvc - ok
04:11:06.0477 0600 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
04:11:06.0498 0600 PolicyAgent - ok
04:11:06.0528 0600 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
04:11:06.0533 0600 Power - ok
04:11:06.0637 0600 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
04:11:06.0640 0600 PptpMiniport - ok
04:11:06.0652 0600 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
04:11:06.0689 0600 Processor - ok
04:11:06.0725 0600 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
04:11:06.0739 0600 ProfSvc - ok
04:11:06.0772 0600 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
04:11:06.0775 0600 ProtectedStorage - ok
04:11:06.0809 0600 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
04:11:06.0812 0600 Psched - ok
04:11:06.0929 0600 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
04:11:06.0985 0600 ql2300 - ok
04:11:07.0274 0600 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
04:11:07.0286 0600 ql40xx - ok
04:11:07.0327 0600 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
04:11:07.0339 0600 QWAVE - ok
04:11:07.0349 0600 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
04:11:07.0350 0600 QWAVEdrv - ok
04:11:07.0357 0600 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
04:11:07.0358 0600 RasAcd - ok
04:11:07.0397 0600 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
04:11:07.0398 0600 RasAgileVpn - ok
04:11:07.0419 0600 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
04:11:07.0423 0600 RasAuto - ok
04:11:07.0441 0600 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:11:07.0444 0600 Rasl2tp - ok
04:11:07.0475 0600 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
04:11:07.0493 0600 RasMan - ok
04:11:07.0509 0600 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
04:11:07.0511 0600 RasPppoe - ok
04:11:07.0524 0600 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
04:11:07.0527 0600 RasSstp - ok
04:11:07.0590 0600 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
04:11:07.0596 0600 rdbss - ok
04:11:07.0605 0600 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
04:11:07.0638 0600 rdpbus - ok
04:11:07.0654 0600 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:11:07.0655 0600 RDPCDD - ok
04:11:07.0662 0600 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
04:11:07.0663 0600 RDPENCDD - ok
04:11:07.0670 0600 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
04:11:07.0671 0600 RDPREFMP - ok
04:11:07.0705 0600 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
04:11:07.0717 0600 RDPWD - ok
04:11:07.0750 0600 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
04:11:07.0754 0600 rdyboost - ok
04:11:07.0897 0600 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
04:11:07.0901 0600 RemoteAccess - ok
04:11:07.0928 0600 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
04:11:07.0933 0600 RemoteRegistry - ok
04:11:07.0972 0600 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
04:11:08.0013 0600 RFCOMM - ok
04:11:08.0029 0600 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
04:11:08.0031 0600 RpcEptMapper - ok
04:11:08.0040 0600 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
04:11:08.0042 0600 RpcLocator - ok
04:11:08.0077 0600 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
04:11:08.0081 0600 RpcSs - ok
04:11:08.0092 0600 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
04:11:08.0093 0600 rspndr - ok
04:11:08.0157 0600 RTHDMIAzAudService (483c537e69fa97c77f7fe0e2e1c1f102) C:\Windows\system32\drivers\RtHDMIVX.sys
04:11:08.0190 0600 RTHDMIAzAudService - ok
04:11:08.0224 0600 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
04:11:08.0225 0600 SamSs - ok
04:11:08.0238 0600 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
04:11:08.0254 0600 sbp2port - ok
04:11:08.0318 0600 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
04:11:08.0325 0600 SCardSvr - ok
04:11:08.0334 0600 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
04:11:08.0335 0600 scfilter - ok
04:11:08.0406 0600 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
04:11:08.0431 0600 Schedule - ok
04:11:08.0453 0600 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
04:11:08.0454 0600 SCPolicySvc - ok
04:11:08.0473 0600 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
04:11:08.0476 0600 SDRSVC - ok
04:11:08.0573 0600 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
04:11:08.0595 0600 secdrv - ok
04:11:08.0613 0600 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
04:11:08.0614 0600 seclogon - ok
04:11:08.0630 0600 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
04:11:08.0633 0600 SENS - ok
04:11:08.0661 0600 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
04:11:08.0663 0600 SensrSvc - ok
04:11:08.0668 0600 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
04:11:08.0682 0600 Serenum - ok
04:11:08.0699 0600 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
04:11:08.0746 0600 Serial - ok
04:11:08.0762 0600 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
04:11:08.0777 0600 sermouse - ok
04:11:08.0802 0600 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
04:11:08.0804 0600 SessionEnv - ok
04:11:08.0807 0600 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
04:11:08.0821 0600 sffdisk - ok
04:11:08.0825 0600 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
04:11:08.0839 0600 sffp_mmc - ok
04:11:08.0842 0600 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
04:11:08.0845 0600 sffp_sd - ok
04:11:08.0849 0600 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
04:11:08.0863 0600 sfloppy - ok
04:11:08.0904 0600 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
04:11:08.0918 0600 SharedAccess - ok
04:11:08.0953 0600 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
04:11:08.0969 0600 ShellHWDetection - ok
04:11:08.0980 0600 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
04:11:09.0033 0600 SiSRaid2 - ok
04:11:09.0043 0600 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
04:11:09.0059 0600 SiSRaid4 - ok
04:11:09.0093 0600 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
04:11:09.0095 0600 Smb - ok
04:11:09.0114 0600 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
04:11:09.0115 0600 SNMPTRAP - ok
04:11:09.0120 0600 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
04:11:09.0121 0600 spldr - ok
04:11:09.0161 0600 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
04:11:09.0195 0600 Spooler - ok
04:11:09.0470 0600 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
04:11:09.0511 0600 sppsvc - ok
04:11:09.0720 0600 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
04:11:09.0722 0600 sppuinotify - ok
04:11:09.0834 0600 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
04:11:09.0853 0600 srv - ok
04:11:09.0887 0600 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
04:11:09.0900 0600 srv2 - ok
04:11:09.0921 0600 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
04:11:09.0935 0600 srvnet - ok
04:11:09.0970 0600 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
04:11:09.0986 0600 SSDPSRV - ok
04:11:09.0998 0600 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
04:11:10.0002 0600 SstpSvc - ok
04:11:10.0023 0600 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
04:11:10.0028 0600 stexstor - ok
04:11:10.0089 0600 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
04:11:10.0112 0600 stisvc - ok
04:11:10.0119 0600 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
04:11:10.0143 0600 swenum - ok
04:11:10.0172 0600 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
04:11:10.0191 0600 swprv - ok
04:11:10.0264 0600 SynTP (01a658167619075baad31c96074c0b38) C:\Windows\system32\DRIVERS\SynTP.sys
04:11:10.0294 0600 SynTP - ok
04:11:10.0449 0600 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
04:11:10.0487 0600 SysMain - ok
04:11:10.0690 0600 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
04:11:10.0695 0600 TabletInputService - ok
04:11:10.0725 0600 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
04:11:10.0742 0600 TapiSrv - ok
04:11:10.0756 0600 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
04:11:10.0761 0600 TBS - ok
04:11:10.0981 0600 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
04:11:11.0028 0600 Tcpip - ok
04:11:11.0464 0600 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
04:11:11.0488 0600 TCPIP6 - ok
04:11:11.0772 0600 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
04:11:11.0774 0600 tcpipreg - ok
04:11:11.0784 0600 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
04:11:11.0785 0600 TDPIPE - ok
04:11:11.0811 0600 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
04:11:11.0813 0600 TDTCP - ok
04:11:11.0830 0600 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
04:11:11.0833 0600 tdx - ok
04:11:11.0855 0600 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
04:11:11.0882 0600 TermDD - ok
04:11:11.0936 0600 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
04:11:11.0956 0600 TermService - ok
04:11:11.0970 0600 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
04:11:11.0972 0600 Themes - ok
04:11:11.0991 0600 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
04:11:11.0993 0600 THREADORDER - ok
04:11:12.0012 0600 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
04:11:12.0014 0600 TrkWks - ok
04:11:12.0056 0600 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
04:11:12.0064 0600 TrustedInstaller - ok
04:11:12.0076 0600 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:11:12.0078 0600 tssecsrv - ok
04:11:12.0103 0600 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
04:11:12.0105 0600 TsUsbFlt - ok
04:11:12.0113 0600 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
04:11:12.0117 0600 TsUsbGD - ok
04:11:12.0144 0600 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
04:11:12.0147 0600 tunnel - ok
04:11:12.0158 0600 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
04:11:12.0183 0600 uagp35 - ok
04:11:12.0216 0600 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
04:11:12.0219 0600 udfs - ok
04:11:12.0234 0600 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
04:11:12.0236 0600 UI0Detect - ok
04:11:12.0256 0600 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
04:11:12.0271 0600 uliagpkx - ok
04:11:12.0303 0600 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
04:11:12.0317 0600 umbus - ok
04:11:12.0321 0600 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
04:11:12.0335 0600 UmPass - ok
04:11:12.0382 0600 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
04:11:12.0395 0600 upnphost - ok
04:11:12.0426 0600 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
04:11:12.0455 0600 usbccgp - ok
04:11:12.0480 0600 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
04:11:12.0484 0600 usbcir - ok
04:11:12.0510 0600 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
04:11:12.0536 0600 usbehci - ok
04:11:12.0567 0600 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
04:11:12.0596 0600 usbhub - ok
04:11:12.0616 0600 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
04:11:12.0631 0600 usbohci - ok
04:11:12.0646 0600 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
04:11:12.0661 0600 usbprint - ok
04:11:12.0680 0600 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
04:11:12.0708 0600 USBSTOR - ok
04:11:12.0726 0600 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
04:11:12.0729 0600 usbuhci - ok
04:11:12.0771 0600 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
04:11:12.0800 0600 usbvideo - ok
04:11:12.0820 0600 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
04:11:12.0821 0600 UxSms - ok
04:11:12.0862 0600 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
04:11:12.0863 0600 VaultSvc - ok
04:11:12.0889 0600 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
04:11:12.0916 0600 vdrvroot - ok
04:11:13.0081 0600 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
04:11:13.0117 0600 vds - ok
04:11:13.0127 0600 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
04:11:13.0131 0600 vga - ok
04:11:13.0144 0600 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
04:11:13.0145 0600 VgaSave - ok
04:11:13.0172 0600 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
04:11:13.0198 0600 vhdmp - ok
04:11:13.0204 0600 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
04:11:13.0218 0600 viaide - ok
04:11:13.0236 0600 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
04:11:13.0266 0600 volmgr - ok
04:11:13.0300 0600 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
04:11:13.0305 0600 volmgrx - ok
04:11:13.0337 0600 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
04:11:13.0375 0600 volsnap - ok
04:11:13.0389 0600 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
04:11:13.0415 0600 vsmraid - ok
04:11:13.0526 0600 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
04:11:13.0556 0600 VSS - ok
04:11:13.0830 0600 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
04:11:13.0831 0600 vwifibus - ok
04:11:13.0842 0600 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
04:11:13.0844 0600 vwififlt - ok
04:11:13.0887 0600 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
04:11:13.0905 0600 W32Time - ok
04:11:13.0917 0600 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
04:11:13.0921 0600 WacomPen - ok
04:11:13.0946 0600 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
04:11:13.0949 0600 WANARP - ok
04:11:13.0963 0600 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
04:11:13.0965 0600 Wanarpv6 - ok
04:11:14.0090 0600 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
04:11:14.0161 0600 WatAdminSvc - ok
04:11:14.0279 0600 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
04:11:14.0320 0600 wbengine - ok
04:11:14.0563 0600 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
04:11:14.0578 0600 WbioSrvc - ok
04:11:14.0600 0600 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
04:11:14.0615 0600 wcncsvc - ok
04:11:14.0629 0600 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
04:11:14.0631 0600 WcsPlugInService - ok
04:11:14.0726 0600 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
04:11:14.0731 0600 Wd - ok
04:11:14.0798 0600 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
04:11:14.0819 0600 Wdf01000 - ok
04:11:14.0837 0600 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
04:11:14.0847 0600 WdiServiceHost - ok
04:11:14.0852 0600 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
04:11:14.0856 0600 WdiSystemHost - ok
04:11:14.0883 0600 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
04:11:14.0896 0600 WebClient - ok
04:11:14.0919 0600 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
04:11:14.0934 0600 Wecsvc - ok
04:11:14.0952 0600 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
04:11:14.0956 0600 wercplsupport - ok
04:11:14.0976 0600 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
04:11:14.0979 0600 WerSvc - ok
04:11:14.0998 0600 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
04:11:14.0999 0600 WfpLwf - ok
04:11:15.0006 0600 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
04:11:15.0007 0600 WIMMount - ok
04:11:15.0021 0600 WinDefend - ok
04:11:15.0027 0600 WinHttpAutoProxySvc - ok
04:11:15.0146 0600 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
04:11:15.0160 0600 Winmgmt - ok
04:11:15.0310 0600 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
04:11:15.0372 0600 WinRM - ok
04:11:15.0663 0600 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
04:11:15.0697 0600 Wlansvc - ok
04:11:15.0784 0600 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
04:11:15.0812 0600 WmiAcpi - ok
04:11:15.0950 0600 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
04:11:15.0963 0600 wmiApSrv - ok
04:11:15.0996 0600 WMPNetworkSvc - ok
04:11:16.0018 0600 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
04:11:16.0022 0600 WPCSvc - ok
04:11:16.0036 0600 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
04:11:16.0041 0600 WPDBusEnum - ok
04:11:16.0049 0600 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
04:11:16.0050 0600 ws2ifsl - ok
04:11:16.0067 0600 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
04:11:16.0069 0600 wscsvc - ok
04:11:16.0072 0600 WSearch - ok
04:11:16.0243 0600 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
04:11:16.0285 0600 wuauserv - ok
04:11:16.0580 0600 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
04:11:16.0583 0600 WudfPf - ok
04:11:16.0626 0600 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:11:16.0629 0600 WUDFRd - ok
04:11:16.0658 0600 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
04:11:16.0663 0600 wudfsvc - ok
04:11:16.0686 0600 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
04:11:16.0700 0600 WwanSvc - ok
04:11:16.0728 0600 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
04:11:16.0795 0600 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
04:11:16.0796 0600 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
04:11:16.0912 0600 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
04:11:16.0912 0600 \Device\Harddisk0\DR0 - detected TDSS File System (1)
04:11:16.0917 0600 Boot (0x1200) (8bd44eb7e7e1f1954a1d9c94230df4ef) \Device\Harddisk0\DR0\Partition0
04:11:16.0921 0600 \Device\Harddisk0\DR0\Partition0 - ok
04:11:16.0952 0600 Boot (0x1200) (0b8ee8ebffa7a44f58bdfcd65f26b97c) \Device\Harddisk0\DR0\Partition1
04:11:16.0956 0600 \Device\Harddisk0\DR0\Partition1 - ok
04:11:16.0956 0600 ============================================================
04:11:16.0956 0600 Scan finished
04:11:16.0957 0600 ============================================================
04:11:16.0975 3156 Detected object count: 2
04:11:16.0975 3156 Actual detected object count: 2
04:11:42.0966 3156 \Device\Harddisk0\DR0\# - copied to quarantine
04:11:42.0971 3156 \Device\Harddisk0\DR0 - copied to quarantine
04:11:43.0112 3156 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
04:11:43.0397 3156 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
04:11:43.0641 3156 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
04:11:43.0882 3156 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
04:11:44.0135 3156 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
04:11:44.0428 3156 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
04:11:44.0678 3156 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
04:11:44.0681 3156 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
04:11:44.0686 3156 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
04:11:44.0692 3156 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
04:11:44.0955 3156 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
04:11:45.0240 3156 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
04:11:45.0246 3156 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
04:11:45.0253 3156 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
04:11:45.0267 3156 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
04:11:45.0269 3156 \Device\Harddisk0\DR0 - ok
04:11:45.0274 3156 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
04:11:45.0275 3156 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
04:11:45.0275 3156 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
04:12:21.0744 1168 Deinitialize success


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-10 04:15:38
-----------------------------
04:15:38.012 OS Version: Windows x64 6.1.7601 Service Pack 1
04:15:38.012 Number of processors: 8 586 0x1E05
04:15:38.013 ComputerName: J-PC UserName: J
04:15:38.818 Initialize success
04:16:54.325 AVAST engine defs: 12081000
04:17:17.824 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
04:17:17.830 Disk 0 Vendor: ST9500420AS 0003SDM1 Size: 476940MB BusType: 11
04:17:17.849 Disk 0 MBR read successfully
04:17:17.855 Disk 0 MBR scan
04:17:17.866 Disk 0 Windows 7 default MBR code
04:17:17.873 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 20002 MB offset 63
04:17:17.898 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119235 MB offset 40965752
04:17:17.905 Disk 0 Partition - 00 0F Extended LBA 337701 MB offset 285159424
04:17:17.939 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 337700 MB offset 285161472
04:17:17.975 Disk 0 scanning C:\Windows\system32\drivers
04:17:26.491 Service scanning
04:17:42.597 Modules scanning
04:17:42.599 Disk 0 trace - called modules:
04:17:42.650 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
04:17:42.653 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007edb060]
04:17:42.654 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8007bc7520]
04:17:42.655 5 ACPI.sys[fffff88000fad7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007bb91f0]
04:17:45.158 AVAST engine scan C:\Windows
04:17:46.486 AVAST engine scan C:\Windows\system32
04:19:29.669 AVAST engine scan C:\Windows\system32\drivers
04:19:41.912 AVAST engine scan C:\Users\J
04:20:49.065 AVAST engine scan C:\ProgramData
04:20:56.595 Scan finished successfully
04:22:39.806 Disk 0 MBR has been saved successfully to "C:\Users\J\Desktop\MBR.dat"
04:22:39.813 The log file has been saved successfully to "C:\Users\J\Desktop\aswMBR.txt"


Eset

"No Threats Found"


Edited by devoninc, 10 August 2012 - 06:56 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 07:25 AM

Restart the PC ,run TDSSkiller once again and make sure to delete this

04:11:45.0275 3156 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the new log

#5 devoninc

devoninc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 08:29 AM

Fixed

Edited by devoninc, 10 August 2012 - 10:27 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 08:45 AM

Your MBR looks good,lets do a few more scans to make sure system is clean

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 devoninc

devoninc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 09:04 AM

Fixed

Edited by devoninc, 10 August 2012 - 10:27 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 09:32 AM

Delete the tdsskiller quarantine folder from C drive

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 10 August 2012 - 09:32 AM.


#9 devoninc

devoninc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 10:00 AM

Thank you so much. I hope it's all gone now. Two questions,
Should I reformat again? And should I change all my passwords (e-mail, bank, etc.)?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 10:02 AM

Do not format.Just change your passwords.

safe surfing

#11 devoninc

devoninc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 10 August 2012 - 01:19 PM

Thanks.

Final question. I'd like to know what this virus does? Does it steal information?
I'm worried because it seems like a very serious virus. Should I warn anyone (like my bank) or anything?

Thanks again.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 AM

Posted 10 August 2012 - 01:59 PM

Final question. I'd like to know what this virus does? Does it steal information?
I'm worried because it seems like a very serious virus. Should I warn anyone (like my bank) or anything?


Actually you had a rootkit.At this time just change your bank passwords.If you still have feel that your system may be compromised you can format your PC.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users