Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan gen2 and zeroaccess


  • Please log in to reply
5 replies to this topic

#1 Buckskinpass

Buckskinpass

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 11 August 2012 - 02:11 PM

Hi, I hope I'm in the right forum.
I started getting alerts from Norton 360 saying that these two viruses have been blocked. I have run a scan and Norton says that it's taken care of the infection only to find that I still get alerts, almost immediately after the scan.
any help would be greatly appreciated.

Edited by Buckskinpass, 11 August 2012 - 02:16 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:46 AM

Posted 11 August 2012 - 02:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Buckskinpass

Buckskinpass
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 11 August 2012 - 03:57 PM

OK, heres all three logs.


13:21:38.0532 4848 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:21:39.0062 4848 ============================================================
13:21:39.0062 4848 Current date / time: 2012/08/11 13:21:39.0062
13:21:39.0062 4848 SystemInfo:
13:21:39.0062 4848
13:21:39.0062 4848 OS Version: 6.0.6002 ServicePack: 2.0
13:21:39.0062 4848 Product type: Workstation
13:21:39.0062 4848 ComputerName: OWNER-PC
13:21:39.0062 4848 UserName: Owner
13:21:39.0062 4848 Windows directory: C:\Windows
13:21:39.0062 4848 System windows directory: C:\Windows
13:21:39.0062 4848 Running under WOW64
13:21:39.0062 4848 Processor architecture: Intel x64
13:21:39.0062 4848 Number of processors: 4
13:21:39.0062 4848 Page size: 0x1000
13:21:39.0062 4848 Boot type: Normal boot
13:21:39.0062 4848 ============================================================
13:21:40.0029 4848 Drive \Device\Harddisk0\DR0 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:40.0045 4848 Drive \Device\Harddisk1\DR1 - Size: 0x1315637E00 (76.33 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:40.0045 4848 Drive \Device\Harddisk2\DR2 - Size: 0x1757AD1E00 (93.37 Gb), SectorSize: 0x200, Cylinders: 0x2F9C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:40.0060 4848 ============================================================
13:21:40.0060 4848 \Device\Harddisk0\DR0:
13:21:40.0060 4848 MBR partitions:
13:21:40.0060 4848 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x11777800
13:21:40.0060 4848 \Device\Harddisk1\DR1:
13:21:40.0060 4848 MBR partitions:
13:21:40.0060 4848 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98A40EC
13:21:40.0060 4848 \Device\Harddisk2\DR2:
13:21:40.0060 4848 MBR partitions:
13:21:40.0060 4848 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBABAC5D
13:21:40.0060 4848 ============================================================
13:21:40.0076 4848 C: <-> \Device\Harddisk0\DR0\Partition0
13:21:40.0092 4848 F: <-> \Device\Harddisk1\DR1\Partition0
13:21:40.0107 4848 G: <-> \Device\Harddisk2\DR2\Partition0
13:21:40.0107 4848 ============================================================
13:21:40.0107 4848 Initialize success
13:21:40.0107 4848 ============================================================
13:22:01.0089 4216 ============================================================
13:22:01.0089 4216 Scan started
13:22:01.0089 4216 Mode: Manual; TDLFS;
13:22:01.0089 4216 ============================================================
13:22:01.0666 4216 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
13:22:01.0682 4216 ACPI - ok
13:22:01.0776 4216 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) F:\Program Files\Adobe\AdobePhotoShopElements7\PhotoshopElementsFileAgent.exe
13:22:01.0791 4216 AdobeActiveFileMonitor7.0 - ok
13:22:01.0854 4216 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:22:01.0854 4216 AdobeARMservice - ok
13:22:01.0947 4216 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:22:01.0947 4216 AdobeFlashPlayerUpdateSvc - ok
13:22:01.0978 4216 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
13:22:01.0994 4216 adp94xx - ok
13:22:02.0010 4216 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
13:22:02.0025 4216 adpahci - ok
13:22:02.0041 4216 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
13:22:02.0041 4216 adpu160m - ok
13:22:02.0056 4216 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
13:22:02.0056 4216 adpu320 - ok
13:22:02.0088 4216 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
13:22:02.0088 4216 AeLookupSvc - ok
13:22:02.0134 4216 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
13:22:02.0134 4216 AFD - ok
13:22:02.0166 4216 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
13:22:02.0166 4216 agp440 - ok
13:22:02.0181 4216 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
13:22:02.0181 4216 aic78xx - ok
13:22:02.0197 4216 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
13:22:02.0197 4216 ALG - ok
13:22:02.0212 4216 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
13:22:02.0212 4216 aliide - ok
13:22:02.0228 4216 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
13:22:02.0228 4216 amdide - ok
13:22:02.0244 4216 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
13:22:02.0244 4216 AmdK8 - ok
13:22:02.0259 4216 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
13:22:02.0259 4216 Appinfo - ok
13:22:02.0306 4216 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:22:02.0306 4216 Apple Mobile Device - ok
13:22:02.0322 4216 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
13:22:02.0337 4216 AppMgmt - ok
13:22:02.0353 4216 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
13:22:02.0353 4216 arc - ok
13:22:02.0368 4216 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
13:22:02.0368 4216 arcsas - ok
13:22:02.0384 4216 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
13:22:02.0384 4216 AsyncMac - ok
13:22:02.0384 4216 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
13:22:02.0384 4216 atapi - ok
13:22:02.0431 4216 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:22:02.0431 4216 AudioEndpointBuilder - ok
13:22:02.0431 4216 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:22:02.0446 4216 AudioSrv - ok
13:22:02.0462 4216 Beep - ok
13:22:02.0602 4216 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
13:22:02.0634 4216 BHDrvx64 - ok
13:22:02.0665 4216 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
13:22:02.0665 4216 blbdrive - ok
13:22:02.0712 4216 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:22:02.0727 4216 Bonjour Service - ok
13:22:02.0743 4216 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
13:22:02.0743 4216 bowser - ok
13:22:02.0758 4216 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
13:22:02.0758 4216 BrFiltLo - ok
13:22:02.0774 4216 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
13:22:02.0774 4216 BrFiltUp - ok
13:22:02.0805 4216 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
13:22:02.0805 4216 Browser - ok
13:22:02.0836 4216 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
13:22:02.0836 4216 Brserid - ok
13:22:02.0852 4216 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
13:22:02.0852 4216 BrSerWdm - ok
13:22:02.0852 4216 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
13:22:02.0852 4216 BrUsbMdm - ok
13:22:02.0868 4216 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
13:22:02.0868 4216 BrUsbSer - ok
13:22:02.0899 4216 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
13:22:02.0899 4216 BTHMODEM - ok
13:22:02.0946 4216 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
13:22:02.0946 4216 BVRPMPR5a64 - ok
13:22:02.0992 4216 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
13:22:03.0008 4216 ccSet_N360 - ok
13:22:03.0008 4216 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
13:22:03.0008 4216 cdfs - ok
13:22:03.0039 4216 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
13:22:03.0039 4216 cdrom - ok
13:22:03.0055 4216 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:22:03.0055 4216 CertPropSvc - ok
13:22:03.0070 4216 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
13:22:03.0086 4216 circlass - ok
13:22:03.0102 4216 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
13:22:03.0102 4216 CLFS - ok
13:22:03.0164 4216 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:22:03.0164 4216 clr_optimization_v2.0.50727_32 - ok
13:22:03.0211 4216 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:22:03.0211 4216 clr_optimization_v2.0.50727_64 - ok
13:22:03.0273 4216 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:22:03.0273 4216 clr_optimization_v4.0.30319_32 - ok
13:22:03.0304 4216 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:22:03.0304 4216 clr_optimization_v4.0.30319_64 - ok
13:22:03.0320 4216 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
13:22:03.0320 4216 cmdide - ok
13:22:03.0336 4216 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
13:22:03.0336 4216 Compbatt - ok
13:22:03.0336 4216 COMSysApp - ok
13:22:03.0367 4216 copperhd (71879a4ab90d21bccf9e3cfcf0bb5f4a) C:\Windows\system32\drivers\copperhd.sys
13:22:03.0367 4216 copperhd - ok
13:22:03.0429 4216 cpuz130 - ok
13:22:03.0460 4216 cpuz135 - ok
13:22:03.0460 4216 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
13:22:03.0476 4216 crcdisk - ok
13:22:03.0492 4216 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
13:22:03.0492 4216 CryptSvc - ok
13:22:03.0523 4216 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
13:22:03.0523 4216 CSC - ok
13:22:03.0570 4216 CscService (1b5f256d31836ed2ba60b3a6c800200c) C:\Windows\System32\cscsvc.dll
13:22:03.0585 4216 CscService - ok
13:22:03.0632 4216 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:22:03.0648 4216 DcomLaunch - ok
13:22:03.0694 4216 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
13:22:03.0694 4216 DfsC - ok
13:22:03.0835 4216 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
13:22:03.0913 4216 DFSR - ok
13:22:03.0991 4216 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
13:22:03.0991 4216 Dhcp - ok
13:22:04.0022 4216 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
13:22:04.0022 4216 disk - ok
13:22:04.0131 4216 Diskeeper (a8bff83fe3e758e3ecff3855f9efc94b) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
13:22:04.0162 4216 Diskeeper - ok
13:22:04.0209 4216 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
13:22:04.0209 4216 Dnscache - ok
13:22:04.0225 4216 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
13:22:04.0225 4216 dot3svc - ok
13:22:04.0272 4216 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
13:22:04.0272 4216 Dot4 - ok
13:22:04.0272 4216 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:22:04.0287 4216 Dot4Print - ok
13:22:04.0287 4216 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
13:22:04.0287 4216 dot4usb - ok
13:22:04.0303 4216 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
13:22:04.0303 4216 DPS - ok
13:22:04.0318 4216 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
13:22:04.0334 4216 drmkaud - ok
13:22:04.0381 4216 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
13:22:04.0396 4216 DXGKrnl - ok
13:22:04.0412 4216 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
13:22:04.0412 4216 E1G60 - ok
13:22:04.0428 4216 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
13:22:04.0428 4216 EapHost - ok
13:22:04.0459 4216 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
13:22:04.0459 4216 Ecache - ok
13:22:04.0537 4216 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:22:04.0537 4216 eeCtrl - ok
13:22:04.0584 4216 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
13:22:04.0584 4216 ehRecvr - ok
13:22:04.0599 4216 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
13:22:04.0599 4216 ehSched - ok
13:22:04.0599 4216 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
13:22:04.0599 4216 ehstart - ok
13:22:04.0630 4216 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
13:22:04.0630 4216 elxstor - ok
13:22:04.0662 4216 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
13:22:04.0662 4216 EMDMgmt - ok
13:22:04.0693 4216 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:22:04.0693 4216 EraserUtilRebootDrv - ok
13:22:04.0708 4216 ErrDev (c2d322c84530db37d3e8e1c7e011bf16) C:\Windows\system32\drivers\errdev.sys
13:22:04.0708 4216 ErrDev - ok
13:22:04.0740 4216 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
13:22:04.0740 4216 EventSystem - ok
13:22:04.0755 4216 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
13:22:04.0755 4216 exfat - ok
13:22:04.0771 4216 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
13:22:04.0771 4216 fastfat - ok
13:22:04.0802 4216 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
13:22:04.0818 4216 Fax - ok
13:22:04.0833 4216 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
13:22:04.0833 4216 fdc - ok
13:22:04.0833 4216 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
13:22:04.0833 4216 fdPHost - ok
13:22:04.0833 4216 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
13:22:04.0833 4216 FDResPub - ok
13:22:04.0849 4216 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
13:22:04.0849 4216 FileInfo - ok
13:22:04.0864 4216 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
13:22:04.0864 4216 Filetrace - ok
13:22:04.0911 4216 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:22:04.0911 4216 FLEXnet Licensing Service - ok
13:22:04.0927 4216 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:22:04.0927 4216 flpydisk - ok
13:22:04.0927 4216 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
13:22:04.0927 4216 FltMgr - ok
13:22:04.0974 4216 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
13:22:04.0989 4216 FontCache - ok
13:22:05.0052 4216 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:22:05.0052 4216 FontCache3.0.0.0 - ok
13:22:05.0083 4216 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
13:22:05.0083 4216 Fs_Rec - ok
13:22:05.0114 4216 Futuremark SystemInfo Service (79b4cde2b69ed8ba4011859780a66a4d) C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
13:22:05.0114 4216 Futuremark SystemInfo Service - ok
13:22:05.0145 4216 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
13:22:05.0145 4216 fvevol - ok
13:22:05.0161 4216 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
13:22:05.0161 4216 gagp30kx - ok
13:22:05.0176 4216 gdrv - ok
13:22:05.0176 4216 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:22:05.0192 4216 GEARAspiWDM - ok
13:22:05.0223 4216 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
13:22:05.0239 4216 gpsvc - ok
13:22:05.0270 4216 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:22:05.0270 4216 gupdate - ok
13:22:05.0270 4216 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:22:05.0270 4216 gupdatem - ok
13:22:05.0286 4216 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:22:05.0286 4216 gusvc - ok
13:22:05.0317 4216 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
13:22:05.0332 4216 HdAudAddService - ok
13:22:05.0364 4216 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:22:05.0379 4216 HDAudBus - ok
13:22:05.0395 4216 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
13:22:05.0395 4216 HidBth - ok
13:22:05.0410 4216 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
13:22:05.0410 4216 HidIr - ok
13:22:05.0442 4216 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
13:22:05.0442 4216 hidserv - ok
13:22:05.0442 4216 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
13:22:05.0442 4216 HidUsb - ok
13:22:05.0473 4216 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
13:22:05.0473 4216 hkmsvc - ok
13:22:05.0504 4216 HpCISSs (a27e8af2caac5e2693e6d4e2fce9b54f) C:\Windows\system32\drivers\hpcisss.sys
13:22:05.0504 4216 HpCISSs - ok
13:22:05.0535 4216 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:22:05.0535 4216 hpqcxs08 - ok
13:22:05.0551 4216 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:22:05.0551 4216 hpqddsvc - ok
13:22:05.0582 4216 HTCAND64 (894a75a3d6bfd97d73bf60d3022b567a) C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:22:05.0582 4216 HTCAND64 - ok
13:22:05.0598 4216 htcnprot (4f6c3122817049997cd696d4a38bfacb) C:\Windows\system32\DRIVERS\htcnprot.sys
13:22:05.0598 4216 htcnprot - ok
13:22:05.0644 4216 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
13:22:05.0644 4216 HTTP - ok
13:22:05.0660 4216 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
13:22:05.0660 4216 i2omp - ok
13:22:05.0676 4216 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
13:22:05.0676 4216 i8042prt - ok
13:22:05.0707 4216 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
13:22:05.0707 4216 iaStorV - ok
13:22:05.0785 4216 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:22:05.0800 4216 idsvc - ok
13:22:05.0910 4216 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20120810.001\IDSvia64.sys
13:22:05.0925 4216 IDSVia64 - ok
13:22:05.0988 4216 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
13:22:05.0988 4216 iirsp - ok
13:22:06.0019 4216 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
13:22:06.0019 4216 IKEEXT - ok
13:22:06.0144 4216 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
13:22:06.0159 4216 IntcAzAudAddService - ok
13:22:06.0206 4216 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
13:22:06.0206 4216 intelide - ok
13:22:06.0222 4216 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
13:22:06.0222 4216 intelppm - ok
13:22:06.0237 4216 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
13:22:06.0237 4216 IPBusEnum - ok
13:22:06.0253 4216 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:22:06.0253 4216 IpFilterDriver - ok
13:22:06.0253 4216 IpInIp - ok
13:22:06.0268 4216 IPMIDRV (e41dd7038db14ae9d35b47b10bdce58a) C:\Windows\system32\drivers\ipmidrv.sys
13:22:06.0268 4216 IPMIDRV - ok
13:22:06.0284 4216 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
13:22:06.0284 4216 IPNAT - ok
13:22:06.0362 4216 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
13:22:06.0378 4216 iPod Service - ok
13:22:06.0378 4216 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
13:22:06.0378 4216 IRENUM - ok
13:22:06.0409 4216 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
13:22:06.0409 4216 isapnp - ok
13:22:06.0440 4216 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
13:22:06.0440 4216 iScsiPrt - ok
13:22:06.0456 4216 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
13:22:06.0456 4216 iteatapi - ok
13:22:06.0471 4216 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
13:22:06.0471 4216 iteraid - ok
13:22:06.0534 4216 JMB36X (0d2da1c6d8ed85f51e3758eae22455f2) C:\Windows\SysWOW64\XSrvSetup.exe
13:22:06.0549 4216 JMB36X - ok
13:22:06.0565 4216 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\DRIVERS\jraid.sys
13:22:06.0565 4216 JRAID - ok
13:22:06.0580 4216 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
13:22:06.0580 4216 kbdclass - ok
13:22:06.0596 4216 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
13:22:06.0596 4216 kbdhid - ok
13:22:06.0612 4216 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:22:06.0612 4216 KeyIso - ok
13:22:06.0643 4216 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
13:22:06.0643 4216 KSecDD - ok
13:22:06.0658 4216 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
13:22:06.0658 4216 ksthunk - ok
13:22:06.0705 4216 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
13:22:06.0705 4216 KtmRm - ok
13:22:06.0721 4216 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
13:22:06.0721 4216 LanmanServer - ok
13:22:06.0752 4216 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
13:22:06.0752 4216 LanmanWorkstation - ok
13:22:06.0768 4216 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
13:22:06.0768 4216 lltdio - ok
13:22:06.0783 4216 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
13:22:06.0799 4216 lltdsvc - ok
13:22:06.0799 4216 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
13:22:06.0799 4216 lmhosts - ok
13:22:06.0814 4216 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
13:22:06.0814 4216 LSI_FC - ok
13:22:06.0830 4216 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
13:22:06.0830 4216 LSI_SAS - ok
13:22:06.0846 4216 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
13:22:06.0846 4216 LSI_SCSI - ok
13:22:06.0861 4216 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
13:22:06.0861 4216 luafv - ok
13:22:06.0892 4216 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
13:22:06.0892 4216 MBAMProtector - ok
13:22:06.0955 4216 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:22:06.0970 4216 MBAMService - ok
13:22:06.0986 4216 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
13:22:06.0986 4216 Mcx2Svc - ok
13:22:06.0986 4216 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
13:22:07.0002 4216 megasas - ok
13:22:07.0033 4216 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
13:22:07.0033 4216 MegaSR - ok
13:22:07.0048 4216 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:22:07.0048 4216 MMCSS - ok
13:22:07.0064 4216 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
13:22:07.0064 4216 Modem - ok
13:22:07.0080 4216 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
13:22:07.0080 4216 monitor - ok
13:22:07.0080 4216 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
13:22:07.0080 4216 mouclass - ok
13:22:07.0095 4216 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
13:22:07.0095 4216 mouhid - ok
13:22:07.0095 4216 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
13:22:07.0095 4216 MountMgr - ok
13:22:07.0142 4216 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:22:07.0142 4216 MozillaMaintenance - ok
13:22:07.0158 4216 mpio (cbb01a298cb24d250017cea54884bba8) C:\Windows\system32\drivers\mpio.sys
13:22:07.0158 4216 mpio - ok
13:22:07.0173 4216 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
13:22:07.0173 4216 mpsdrv - ok
13:22:07.0189 4216 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
13:22:07.0189 4216 Mraid35x - ok
13:22:07.0204 4216 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
13:22:07.0204 4216 MRxDAV - ok
13:22:07.0220 4216 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:22:07.0220 4216 mrxsmb - ok
13:22:07.0251 4216 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:22:07.0251 4216 mrxsmb10 - ok
13:22:07.0251 4216 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:22:07.0267 4216 mrxsmb20 - ok
13:22:07.0282 4216 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
13:22:07.0282 4216 msahci - ok
13:22:07.0282 4216 msdsm (0db324146494d45417905b7009858937) C:\Windows\system32\drivers\msdsm.sys
13:22:07.0282 4216 msdsm - ok
13:22:07.0298 4216 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
13:22:07.0314 4216 MSDTC - ok
13:22:07.0314 4216 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
13:22:07.0329 4216 Msfs - ok
13:22:07.0329 4216 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
13:22:07.0345 4216 msisadrv - ok
13:22:07.0360 4216 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
13:22:07.0360 4216 MSiSCSI - ok
13:22:07.0360 4216 msiserver - ok
13:22:07.0392 4216 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
13:22:07.0392 4216 MSKSSRV - ok
13:22:07.0407 4216 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
13:22:07.0407 4216 MSPCLOCK - ok
13:22:07.0407 4216 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
13:22:07.0407 4216 MSPQM - ok
13:22:07.0423 4216 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
13:22:07.0423 4216 MsRPC - ok
13:22:07.0454 4216 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
13:22:07.0454 4216 mssmbios - ok
13:22:07.0454 4216 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
13:22:07.0454 4216 MSTEE - ok
13:22:07.0470 4216 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
13:22:07.0485 4216 Mup - ok
13:22:07.0532 4216 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
13:22:07.0532 4216 N360 - ok
13:22:07.0563 4216 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
13:22:07.0579 4216 napagent - ok
13:22:07.0594 4216 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
13:22:07.0594 4216 NativeWifiP - ok
13:22:07.0688 4216 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120810.035\ENG64.SYS
13:22:07.0688 4216 NAVENG - ok
13:22:07.0782 4216 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120810.035\EX64.SYS
13:22:07.0797 4216 NAVEX15 - ok
13:22:07.0891 4216 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
13:22:07.0906 4216 NDIS - ok
13:22:07.0906 4216 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
13:22:07.0906 4216 NdisTapi - ok
13:22:07.0922 4216 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
13:22:07.0922 4216 Ndisuio - ok
13:22:07.0953 4216 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
13:22:07.0953 4216 NdisWan - ok
13:22:07.0953 4216 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
13:22:07.0953 4216 NDProxy - ok
13:22:07.0969 4216 Net Driver HPZ12 (59267d2f0328599aa3b5408c2e06126f) C:\Windows\system32\HPZinw12.dll
13:22:07.0969 4216 Net Driver HPZ12 - ok
13:22:08.0000 4216 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
13:22:08.0000 4216 NetBIOS - ok
13:22:08.0000 4216 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
13:22:08.0016 4216 netbt - ok
13:22:08.0031 4216 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:22:08.0031 4216 Netlogon - ok
13:22:08.0062 4216 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
13:22:08.0062 4216 Netman - ok
13:22:08.0094 4216 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
13:22:08.0094 4216 netprofm - ok
13:22:08.0125 4216 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:22:08.0125 4216 NetTcpPortSharing - ok
13:22:08.0140 4216 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
13:22:08.0156 4216 nfrd960 - ok
13:22:08.0172 4216 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
13:22:08.0172 4216 NlaSvc - ok
13:22:08.0187 4216 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
13:22:08.0187 4216 Npfs - ok
13:22:08.0203 4216 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
13:22:08.0203 4216 nsi - ok
13:22:08.0203 4216 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
13:22:08.0203 4216 nsiproxy - ok
13:22:08.0265 4216 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
13:22:08.0281 4216 Ntfs - ok
13:22:08.0312 4216 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
13:22:08.0312 4216 Null - ok
13:22:08.0343 4216 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:22:08.0343 4216 nusb3hub - ok
13:22:08.0374 4216 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:22:08.0374 4216 nusb3xhc - ok
13:22:08.0827 4216 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:22:09.0030 4216 nvlddmkm - ok
13:22:09.0061 4216 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
13:22:09.0061 4216 nvraid - ok
13:22:09.0076 4216 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
13:22:09.0076 4216 nvstor - ok
13:22:09.0139 4216 NVSvc (39f933ca2798156b0b7a19d104b73b9a) C:\Windows\system32\nvvsvc.exe
13:22:09.0154 4216 NVSvc - ok
13:22:09.0170 4216 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
13:22:09.0170 4216 nv_agp - ok
13:22:09.0170 4216 NwlnkFlt - ok
13:22:09.0170 4216 NwlnkFwd - ok
13:22:09.0248 4216 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:22:09.0248 4216 odserv - ok
13:22:09.0264 4216 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
13:22:09.0264 4216 ohci1394 - ok
13:22:09.0295 4216 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:22:09.0295 4216 ose - ok
13:22:09.0342 4216 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:22:09.0357 4216 p2pimsvc - ok
13:22:09.0373 4216 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:22:09.0373 4216 p2psvc - ok
13:22:09.0388 4216 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
13:22:09.0388 4216 Parport - ok
13:22:09.0420 4216 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
13:22:09.0420 4216 partmgr - ok
13:22:09.0451 4216 PassThru Service (5fbcc9eeefaca3019d5bd5979618f298) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
13:22:09.0451 4216 PassThru Service - ok
13:22:09.0466 4216 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
13:22:09.0466 4216 PcaSvc - ok
13:22:09.0466 4216 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
13:22:09.0482 4216 pci - ok
13:22:09.0498 4216 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
13:22:09.0498 4216 pciide - ok
13:22:09.0513 4216 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
13:22:09.0513 4216 pcmcia - ok
13:22:09.0544 4216 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
13:22:09.0560 4216 PEAUTH - ok
13:22:09.0622 4216 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
13:22:09.0622 4216 PerfHost - ok
13:22:09.0669 4216 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
13:22:09.0700 4216 pla - ok
13:22:09.0732 4216 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
13:22:09.0732 4216 PlugPlay - ok
13:22:09.0778 4216 Pml Driver HPZ12 (5261a2fd55183ac6993145ab6662cddf) C:\Windows\system32\HPZipm12.dll
13:22:09.0778 4216 Pml Driver HPZ12 - ok
13:22:09.0810 4216 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:22:09.0810 4216 PNRPAutoReg - ok
13:22:09.0810 4216 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:22:09.0825 4216 PNRPsvc - ok
13:22:09.0856 4216 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
13:22:09.0856 4216 PolicyAgent - ok
13:22:09.0888 4216 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
13:22:09.0888 4216 PptpMiniport - ok
13:22:09.0903 4216 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
13:22:09.0903 4216 Processor - ok
13:22:09.0919 4216 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
13:22:09.0919 4216 ProfSvc - ok
13:22:09.0950 4216 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:22:09.0950 4216 ProtectedStorage - ok
13:22:09.0950 4216 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
13:22:09.0950 4216 PSched - ok
13:22:09.0981 4216 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
13:22:09.0981 4216 PxHlpa64 - ok
13:22:10.0044 4216 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
13:22:10.0059 4216 ql2300 - ok
13:22:10.0075 4216 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
13:22:10.0075 4216 ql40xx - ok
13:22:10.0090 4216 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
13:22:10.0106 4216 QWAVE - ok
13:22:10.0106 4216 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
13:22:10.0106 4216 QWAVEdrv - ok
13:22:10.0122 4216 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
13:22:10.0122 4216 RasAcd - ok
13:22:10.0137 4216 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
13:22:10.0137 4216 RasAuto - ok
13:22:10.0153 4216 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:22:10.0153 4216 Rasl2tp - ok
13:22:10.0168 4216 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
13:22:10.0184 4216 RasMan - ok
13:22:10.0200 4216 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
13:22:10.0200 4216 RasPppoe - ok
13:22:10.0200 4216 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
13:22:10.0200 4216 RasSstp - ok
13:22:10.0215 4216 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
13:22:10.0215 4216 rdbss - ok
13:22:10.0231 4216 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:22:10.0231 4216 RDPCDD - ok
13:22:10.0246 4216 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
13:22:10.0246 4216 rdpdr - ok
13:22:10.0262 4216 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
13:22:10.0262 4216 RDPENCDD - ok
13:22:10.0278 4216 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
13:22:10.0278 4216 RDPWD - ok
13:22:10.0309 4216 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
13:22:10.0309 4216 RemoteAccess - ok
13:22:10.0324 4216 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
13:22:10.0340 4216 RemoteRegistry - ok
13:22:10.0356 4216 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
13:22:10.0356 4216 RpcLocator - ok
13:22:10.0387 4216 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:22:10.0387 4216 RpcSs - ok
13:22:10.0402 4216 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
13:22:10.0402 4216 rspndr - ok
13:22:10.0434 4216 RTL8169 (e3aa12faa3192d1090b9069c3925373b) C:\Windows\system32\DRIVERS\Rtlh64.sys
13:22:10.0434 4216 RTL8169 - ok
13:22:10.0449 4216 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:22:10.0449 4216 SamSs - ok
13:22:10.0465 4216 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
13:22:10.0465 4216 sbp2port - ok
13:22:10.0558 4216 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:22:10.0574 4216 SBSDWSCService - ok
13:22:10.0605 4216 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
13:22:10.0605 4216 SCardSvr - ok
13:22:10.0652 4216 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
13:22:10.0652 4216 Schedule - ok
13:22:10.0668 4216 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:22:10.0668 4216 SCPolicySvc - ok
13:22:10.0683 4216 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
13:22:10.0683 4216 SDRSVC - ok
13:22:10.0714 4216 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:22:10.0714 4216 secdrv - ok
13:22:10.0714 4216 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
13:22:10.0714 4216 seclogon - ok
13:22:10.0730 4216 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
13:22:10.0730 4216 SENS - ok
13:22:10.0746 4216 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
13:22:10.0746 4216 Serenum - ok
13:22:10.0761 4216 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
13:22:10.0761 4216 Serial - ok
13:22:10.0777 4216 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
13:22:10.0777 4216 sermouse - ok
13:22:10.0792 4216 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
13:22:10.0792 4216 SessionEnv - ok
13:22:10.0808 4216 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\drivers\sffdisk.sys
13:22:10.0808 4216 sffdisk - ok
13:22:10.0808 4216 sffp_mmc (dbbd3fd8af718966af768a754e07e8c0) C:\Windows\system32\drivers\sffp_mmc.sys
13:22:10.0808 4216 sffp_mmc - ok
13:22:10.0824 4216 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\drivers\sffp_sd.sys
13:22:10.0824 4216 sffp_sd - ok
13:22:10.0824 4216 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
13:22:10.0824 4216 sfloppy - ok
13:22:10.0855 4216 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
13:22:10.0855 4216 ShellHWDetection - ok
13:22:10.0870 4216 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
13:22:10.0870 4216 SiSRaid2 - ok
13:22:10.0886 4216 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
13:22:10.0886 4216 SiSRaid4 - ok
13:22:11.0011 4216 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
13:22:11.0058 4216 slsvc - ok
13:22:11.0104 4216 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
13:22:11.0104 4216 SLUINotify - ok
13:22:11.0120 4216 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
13:22:11.0120 4216 Smb - ok
13:22:11.0136 4216 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
13:22:11.0136 4216 SNMPTRAP - ok
13:22:11.0151 4216 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
13:22:11.0151 4216 spldr - ok
13:22:11.0182 4216 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
13:22:11.0182 4216 Spooler - ok
13:22:11.0229 4216 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
13:22:11.0245 4216 SRTSP - ok
13:22:11.0260 4216 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
13:22:11.0260 4216 SRTSPX - ok
13:22:11.0307 4216 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
13:22:11.0307 4216 srv - ok
13:22:11.0338 4216 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
13:22:11.0338 4216 srv2 - ok
13:22:11.0354 4216 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
13:22:11.0354 4216 srvnet - ok
13:22:11.0370 4216 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
13:22:11.0370 4216 SSDPSRV - ok
13:22:11.0385 4216 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
13:22:11.0385 4216 SstpSvc - ok
13:22:11.0416 4216 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
13:22:11.0432 4216 stisvc - ok
13:22:11.0463 4216 STTub203 (ac95ecf2856b6c716aff2fbc449845b9) C:\Windows\system32\Drivers\STTub203.sys
13:22:11.0463 4216 STTub203 - ok
13:22:11.0463 4216 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
13:22:11.0463 4216 swenum - ok
13:22:11.0494 4216 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
13:22:11.0510 4216 swprv - ok
13:22:11.0510 4216 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
13:22:11.0510 4216 Symc8xx - ok
13:22:11.0557 4216 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
13:22:11.0557 4216 SymDS - ok
13:22:11.0604 4216 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
13:22:11.0619 4216 SymEFA - ok
13:22:11.0650 4216 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:22:11.0650 4216 SymEvent - ok
13:22:11.0666 4216 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
13:22:11.0682 4216 SymIRON - ok
13:22:11.0697 4216 SYMTDIv (a25fee245c78804601d83431386a0bee) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMTDIV.SYS
13:22:11.0713 4216 SYMTDIv - ok
13:22:11.0728 4216 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
13:22:11.0728 4216 Sym_hi - ok
13:22:11.0728 4216 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
13:22:11.0744 4216 Sym_u3 - ok
13:22:11.0791 4216 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
13:22:11.0806 4216 SysMain - ok
13:22:11.0822 4216 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
13:22:11.0822 4216 TabletInputService - ok
13:22:11.0838 4216 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
13:22:11.0838 4216 TapiSrv - ok
13:22:11.0884 4216 TarFltr (827f682e9d2d9b2a49691c3a9697a3bb) C:\Windows\system32\drivers\UsbFltr.sys
13:22:11.0884 4216 TarFltr - ok
13:22:11.0900 4216 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
13:22:11.0900 4216 TBS - ok
13:22:11.0962 4216 Tcpip (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys
13:22:11.0994 4216 Tcpip - ok
13:22:12.0103 4216 Tcpip6 (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys
13:22:12.0103 4216 Tcpip6 - ok
13:22:12.0150 4216 tcpipreg (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys
13:22:12.0150 4216 tcpipreg - ok
13:22:12.0150 4216 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
13:22:12.0150 4216 TDPIPE - ok
13:22:12.0165 4216 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
13:22:12.0165 4216 TDTCP - ok
13:22:12.0181 4216 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
13:22:12.0181 4216 tdx - ok
13:22:12.0196 4216 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
13:22:12.0196 4216 TermDD - ok
13:22:12.0228 4216 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
13:22:12.0228 4216 TermService - ok
13:22:12.0259 4216 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
13:22:12.0259 4216 Themes - ok
13:22:12.0274 4216 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:22:12.0274 4216 THREADORDER - ok
13:22:12.0290 4216 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
13:22:12.0290 4216 TrkWks - ok
13:22:12.0337 4216 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
13:22:12.0337 4216 TrustedInstaller - ok
13:22:12.0337 4216 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:22:12.0337 4216 tssecsrv - ok
13:22:12.0352 4216 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
13:22:12.0352 4216 tunmp - ok
13:22:12.0368 4216 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
13:22:12.0368 4216 tunnel - ok
13:22:12.0384 4216 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
13:22:12.0384 4216 uagp35 - ok
13:22:12.0399 4216 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
13:22:12.0415 4216 udfs - ok
13:22:12.0430 4216 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
13:22:12.0430 4216 UI0Detect - ok
13:22:12.0446 4216 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
13:22:12.0446 4216 uliagpkx - ok
13:22:12.0462 4216 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
13:22:12.0462 4216 uliahci - ok
13:22:12.0493 4216 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
13:22:12.0493 4216 UlSata - ok
13:22:12.0508 4216 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
13:22:12.0508 4216 ulsata2 - ok
13:22:12.0508 4216 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
13:22:12.0524 4216 umbus - ok
13:22:12.0540 4216 UmRdpService (dc5e34f189b827199b9cc8481c648269) C:\Windows\System32\umrdp.dll
13:22:12.0540 4216 UmRdpService - ok
13:22:12.0555 4216 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
13:22:12.0555 4216 upnphost - ok
13:22:12.0586 4216 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:22:12.0586 4216 USBAAPL64 - ok
13:22:12.0618 4216 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
13:22:12.0618 4216 usbccgp - ok
13:22:12.0633 4216 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
13:22:12.0633 4216 usbcir - ok
13:22:12.0649 4216 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
13:22:12.0649 4216 usbehci - ok
13:22:12.0664 4216 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
13:22:12.0664 4216 usbhub - ok
13:22:12.0680 4216 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
13:22:12.0680 4216 usbohci - ok
13:22:12.0696 4216 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
13:22:12.0696 4216 usbprint - ok
13:22:12.0727 4216 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
13:22:12.0727 4216 usbscan - ok
13:22:12.0727 4216 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:22:12.0727 4216 USBSTOR - ok
13:22:12.0742 4216 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
13:22:12.0742 4216 usbuhci - ok
13:22:12.0758 4216 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
13:22:12.0758 4216 usb_rndisx - ok
13:22:12.0774 4216 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
13:22:12.0774 4216 UxSms - ok
13:22:12.0789 4216 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
13:22:12.0805 4216 vds - ok
13:22:12.0805 4216 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
13:22:12.0805 4216 vga - ok
13:22:12.0820 4216 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
13:22:12.0820 4216 VgaSave - ok
13:22:12.0836 4216 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
13:22:12.0836 4216 viaide - ok
13:22:12.0852 4216 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
13:22:12.0852 4216 volmgr - ok
13:22:12.0867 4216 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
13:22:12.0883 4216 volmgrx - ok
13:22:12.0883 4216 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
13:22:12.0883 4216 volsnap - ok
13:22:12.0898 4216 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
13:22:12.0898 4216 vsmraid - ok
13:22:12.0961 4216 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
13:22:12.0992 4216 VSS - ok
13:22:13.0054 4216 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
13:22:13.0054 4216 W32Time - ok
13:22:13.0086 4216 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
13:22:13.0086 4216 WacomPen - ok
13:22:13.0117 4216 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:22:13.0117 4216 Wanarp - ok
13:22:13.0117 4216 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:22:13.0117 4216 Wanarpv6 - ok
13:22:13.0164 4216 wbengine (48eee289df9e4989128b2283f3eeacc6) C:\Windows\system32\wbengine.exe
13:22:13.0179 4216 wbengine - ok
13:22:13.0210 4216 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
13:22:13.0210 4216 wcncsvc - ok
13:22:13.0226 4216 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
13:22:13.0226 4216 WcsPlugInService - ok
13:22:13.0242 4216 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
13:22:13.0242 4216 Wd - ok
13:22:13.0288 4216 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
13:22:13.0304 4216 Wdf01000 - ok
13:22:13.0320 4216 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:22:13.0320 4216 WdiServiceHost - ok
13:22:13.0320 4216 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:22:13.0320 4216 WdiSystemHost - ok
13:22:13.0335 4216 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
13:22:13.0335 4216 WebClient - ok
13:22:13.0366 4216 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
13:22:13.0366 4216 Wecsvc - ok
13:22:13.0382 4216 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
13:22:13.0382 4216 wercplsupport - ok
13:22:13.0398 4216 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
13:22:13.0398 4216 WerSvc - ok
13:22:13.0398 4216 WinHttpAutoProxySvc - ok
13:22:13.0444 4216 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
13:22:13.0444 4216 Winmgmt - ok
13:22:13.0538 4216 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
13:22:13.0569 4216 WinRM - ok
13:22:13.0632 4216 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
13:22:13.0632 4216 Wlansvc - ok
13:22:13.0647 4216 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
13:22:13.0647 4216 WmiAcpi - ok
13:22:13.0678 4216 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
13:22:13.0678 4216 wmiApSrv - ok
13:22:13.0725 4216 WMPNetworkSvc - ok
13:22:13.0741 4216 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
13:22:13.0741 4216 WPCSvc - ok
13:22:13.0772 4216 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
13:22:13.0772 4216 WPDBusEnum - ok
13:22:13.0881 4216 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:22:13.0897 4216 WPFFontCache_v0400 - ok
13:22:13.0912 4216 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
13:22:13.0912 4216 ws2ifsl - ok
13:22:13.0912 4216 WSearch - ok
13:22:14.0022 4216 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:22:14.0053 4216 wuauserv - ok
13:22:14.0100 4216 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:22:14.0100 4216 WUDFRd - ok
13:22:14.0115 4216 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
13:22:14.0115 4216 wudfsvc - ok
13:22:14.0178 4216 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:22:14.0178 4216 YahooAUService - ok
13:22:14.0193 4216 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:22:14.0848 4216 \Device\Harddisk0\DR0 - ok
13:22:14.0848 4216 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
13:22:15.0020 4216 \Device\Harddisk1\DR1 - ok
13:22:15.0036 4216 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
13:22:15.0348 4216 \Device\Harddisk2\DR2 - ok
13:22:15.0363 4216 Boot (0x1200) (c6a4fd7c7550cc2d932b46ca6794112e) \Device\Harddisk0\DR0\Partition0
13:22:15.0363 4216 \Device\Harddisk0\DR0\Partition0 - ok
13:22:15.0363 4216 Boot (0x1200) (b90d4505ae4c1dea658b34a8616391d1) \Device\Harddisk1\DR1\Partition0
13:22:15.0363 4216 \Device\Harddisk1\DR1\Partition0 - ok
13:22:15.0363 4216 Boot (0x1200) (ecbfed85ec36e3d168a171c5ccf8db96) \Device\Harddisk2\DR2\Partition0
13:22:15.0363 4216 \Device\Harddisk2\DR2\Partition0 - ok
13:22:15.0363 4216 ============================================================
13:22:15.0363 4216 Scan finished
13:22:15.0363 4216 ============================================================
13:22:15.0363 3308 Detected object count: 0
13:22:15.0363 3308 Actual detected object count: 0
13:23:34.0784 3464 Deinitialize success





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-11 13:24:31
-----------------------------
13:24:31.241 OS Version: Windows x64 6.0.6002 Service Pack 2
13:24:31.241 Number of processors: 4 586 0x2505
13:24:31.241 ComputerName: OWNER-PC UserName: Owner
13:24:31.833 Initialize success
13:25:06.809 AVAST engine defs: 12081101
13:25:30.989 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:25:30.989 Disk 0 Vendor: WDC_WD1500AHFD-00RAR5 21.07QR5 Size: 143089MB BusType: 3
13:25:31.004 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-5
13:25:31.004 Disk 1 Vendor: Maxtor_6Y080M0 YAR51HW0 Size: 78166MB BusType: 3
13:25:31.004 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-2
13:25:31.004 Disk 2 Vendor: Maxtor_6L100M0 BANC1G10 Size: 95610MB BusType: 3
13:25:31.020 Disk 0 MBR read successfully
13:25:31.020 Disk 0 MBR scan
13:25:31.035 Disk 0 Windows VISTA default MBR code
13:25:31.035 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 143087 MB offset 2048
13:25:31.067 Disk 0 scanning C:\Windows\system32\drivers
13:25:36.324 Service scanning
13:25:50.723 Modules scanning
13:25:50.723 Disk 0 trace - called modules:
13:25:50.738 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:25:50.738 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a5f790]
13:25:50.738 3 CLASSPNP.SYS[fffffa6000fcbc33] -> nt!IofCallDriver -> [0xfffffa8004663e40]
13:25:50.754 5 acpi.sys[fffffa60008f3fde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800465a060]
13:25:51.206 AVAST engine scan C:\Windows
13:25:52.579 AVAST engine scan C:\Windows\system32
13:27:15.197 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
13:27:16.632 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
13:28:17.019 AVAST engine scan C:\Windows\system32\drivers
13:28:27.113 AVAST engine scan C:\Users\Owner
13:29:20.059 AVAST engine scan C:\ProgramData
13:33:01.216 Scan finished successfully
13:35:40.678 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
13:35:40.678 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"



C:\Windows\Installer\{b70132f5-c7d4-9ab7-8031-f216dba3380c}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b70132f5-c7d4-9ab7-8031-f216dba3380c}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b70132f5-c7d4-9ab7-8031-f216dba3380c}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b70132f5-c7d4-9ab7-8031-f216dba3380c}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:46 AM

Posted 11 August 2012 - 03:59 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 Buckskinpass

Buckskinpass
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 11 August 2012 - 04:23 PM

Thanks for the guidence, I really appreciate your time.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:46 AM

Posted 11 August 2012 - 04:49 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users