Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiply Viruses I can't seem to remove.


  • Please log in to reply
11 replies to this topic

#1 jokerssmile

jokerssmile

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 11 August 2012 - 04:19 PM

this is my aunts laptop

On normal start up a security window pops up and automatically starts to scan, it said there were over 10 problems and asked if I wanted to remove them. I wasnt sure if this was her Anti-virus Microsoft Security Essentials so I said no. I tried to start malware bytes to scan but the security popped up saying it was a virus. So I rebooted in safemode and got MBytes to scan first it found 10 problems and told me I needed to restart I did and scanned again it found 5 more things. Each time i had to restart and scanned it kept finding things.

Also Microsoft Essentials was turned off, when I tried turning it on it says its no longer on the computer and that I need to download it. I removed the program and i have it on a usb drive right now.... should I reinstall it while there are still viruses ?

I used tdsskiller and the only thing it found was itself so I skipped it.

Please tell me what I need to do in order to get some help. Thank you

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 11 August 2012 - 04:47 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jokerssmile

jokerssmile
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 11 August 2012 - 05:32 PM

while waiting for a reply I reinstalled Microsoft essentials it detected two things and I was trying to do the tdsskiller scan and I got a report then I got a message saying I needed to restart my computer to remove the infections I was trying to do the second scan you asked for and then the computer said Critical error save your work the computer will restart in 1 minute.

So now I can't do anything because everytime I start the computer it restarts in 1 minute. I've tried it in safemode too and it wont let me do anything.

I tried removing Microsoft Essentials and I get a message saying its been removed but it still shows in the remove program list. So now I am not sure what to do

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 11 August 2012 - 05:41 PM

I tried removing Microsoft Essentials and I get a message saying its been removed but it still shows in the remove program list. So now I am not sure what to do


Do you get a shutdown error after this?

#5 jokerssmile

jokerssmile
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 11 August 2012 - 05:42 PM

Yes but it started doing it even before I tried to remove it. There's not much I can do in a minute. I can't seem to figure out how to do a system restore either, I'm not used to Windows 7 so when I go to system restore it just lists a bunch of things with Windows Update or something and if I click on it it just does a scan.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 11 August 2012 - 06:09 PM

http://www.bleepingcomputer.com/tutorials/windows-7-recovery-environment-command-prompt/

Follow this guide and try a system restore to last week.

If you dont have restore points we have other easy way to remove this rootkit

#7 jokerssmile

jokerssmile
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 11 August 2012 - 06:13 PM

ok I actually managed to restore it to the 6th. I'm going to run those scans you told me to do now.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 11 August 2012 - 06:18 PM

:thumbup2:

#9 jokerssmile

jokerssmile
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 11 August 2012 - 07:34 PM

I think since the restore there aren't anymore problems but just in case here's the results. I'm also going to run malbytes again just to make sure. thank you all for your patience

TDSSKILLER results

16:13:50.0107 3164 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:13:50.0653 3164 ============================================================
16:13:50.0653 3164 Current date / time: 2012/08/11 16:13:50.0653
16:13:50.0653 3164 SystemInfo:
16:13:50.0653 3164
16:13:50.0653 3164 OS Version: 6.1.7601 ServicePack: 1.0
16:13:50.0653 3164 Product type: Workstation
16:13:50.0653 3164 ComputerName: RONITA-PC
16:13:50.0653 3164 UserName: ronita
16:13:50.0653 3164 Windows directory: C:\Windows
16:13:50.0653 3164 System windows directory: C:\Windows
16:13:50.0653 3164 Processor architecture: Intel x86
16:13:50.0653 3164 Number of processors: 1
16:13:50.0653 3164 Page size: 0x1000
16:13:50.0653 3164 Boot type: Normal boot
16:13:50.0653 3164 ============================================================
16:13:53.0040 3164 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:13:53.0040 3164 ============================================================
16:13:53.0040 3164 \Device\Harddisk0\DR0:
16:13:53.0040 3164 MBR partitions:
16:13:53.0040 3164 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
16:13:53.0040 3164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x111E4784
16:13:53.0040 3164 ============================================================
16:13:53.0071 3164 C: <-> \Device\Harddisk0\DR0\Partition1
16:13:53.0071 3164 ============================================================
16:13:53.0071 3164 Initialize success
16:13:53.0071 3164 ============================================================
16:14:02.0119 2416 ============================================================
16:14:02.0119 2416 Scan started
16:14:02.0119 2416 Mode: Manual; TDLFS;
16:14:02.0119 2416 ============================================================
16:14:03.0773 2416 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
16:14:03.0788 2416 1394ohci - ok
16:14:03.0851 2416 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
16:14:03.0851 2416 ACPI - ok
16:14:03.0944 2416 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
16:14:03.0960 2416 AcpiPmi - ok
16:14:04.0116 2416 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:14:04.0116 2416 AdobeARMservice - ok
16:14:04.0209 2416 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
16:14:04.0225 2416 adp94xx - ok
16:14:04.0256 2416 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
16:14:04.0272 2416 adpahci - ok
16:14:04.0287 2416 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
16:14:04.0303 2416 adpu320 - ok
16:14:04.0350 2416 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
16:14:04.0350 2416 AeLookupSvc - ok
16:14:04.0428 2416 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
16:14:04.0428 2416 AFD - ok
16:14:04.0475 2416 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
16:14:04.0475 2416 agp440 - ok
16:14:04.0553 2416 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
16:14:04.0553 2416 aic78xx - ok
16:14:04.0615 2416 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
16:14:04.0631 2416 ALG - ok
16:14:04.0662 2416 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
16:14:04.0662 2416 aliide - ok
16:14:04.0740 2416 AMD External Events Utility (b19505648f033393e907e2e419fde8b3) C:\Windows\system32\atiesrxx.exe
16:14:04.0755 2416 AMD External Events Utility - ok
16:14:04.0818 2416 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
16:14:04.0818 2416 amdagp - ok
16:14:04.0849 2416 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
16:14:04.0865 2416 amdide - ok
16:14:05.0021 2416 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
16:14:05.0021 2416 AmdK8 - ok
16:14:05.0083 2416 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
16:14:05.0083 2416 AmdPPM - ok
16:14:05.0177 2416 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
16:14:05.0177 2416 amdsata - ok
16:14:05.0208 2416 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
16:14:05.0223 2416 amdsbs - ok
16:14:05.0239 2416 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
16:14:05.0239 2416 amdxata - ok
16:14:05.0317 2416 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
16:14:05.0317 2416 AppID - ok
16:14:05.0348 2416 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
16:14:05.0348 2416 AppIDSvc - ok
16:14:05.0426 2416 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
16:14:05.0426 2416 Appinfo - ok
16:14:05.0520 2416 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
16:14:05.0520 2416 AppMgmt - ok
16:14:05.0582 2416 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
16:14:05.0582 2416 arc - ok
16:14:05.0613 2416 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
16:14:05.0613 2416 arcsas - ok
16:14:05.0676 2416 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
16:14:05.0676 2416 AsyncMac - ok
16:14:05.0738 2416 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
16:14:05.0738 2416 atapi - ok
16:14:05.0863 2416 athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
16:14:05.0879 2416 athr - ok
16:14:06.0347 2416 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
16:14:06.0518 2416 atikmdag - ok
16:14:06.0705 2416 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
16:14:06.0721 2416 AudioEndpointBuilder - ok
16:14:06.0737 2416 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
16:14:06.0737 2416 Audiosrv - ok
16:14:06.0815 2416 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
16:14:06.0815 2416 AxInstSV - ok
16:14:06.0908 2416 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
16:14:06.0924 2416 b06bdrv - ok
16:14:06.0971 2416 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
16:14:06.0986 2416 b57nd60x - ok
16:14:07.0049 2416 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
16:14:07.0064 2416 BDESVC - ok
16:14:07.0080 2416 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
16:14:07.0080 2416 Beep - ok
16:14:07.0173 2416 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
16:14:07.0189 2416 BFE - ok
16:14:07.0236 2416 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
16:14:07.0251 2416 BITS - ok
16:14:07.0283 2416 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
16:14:07.0283 2416 blbdrive - ok
16:14:07.0314 2416 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
16:14:07.0314 2416 bowser - ok
16:14:07.0361 2416 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:14:07.0361 2416 BrFiltLo - ok
16:14:07.0376 2416 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:14:07.0376 2416 BrFiltUp - ok
16:14:07.0407 2416 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
16:14:07.0407 2416 Browser - ok
16:14:07.0470 2416 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
16:14:07.0470 2416 Brserid - ok
16:14:07.0501 2416 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
16:14:07.0501 2416 BrSerWdm - ok
16:14:07.0517 2416 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:14:07.0517 2416 BrUsbMdm - ok
16:14:07.0532 2416 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
16:14:07.0532 2416 BrUsbSer - ok
16:14:07.0548 2416 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
16:14:07.0548 2416 BTHMODEM - ok
16:14:07.0626 2416 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
16:14:07.0641 2416 bthserv - ok
16:14:07.0704 2416 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
16:14:07.0719 2416 cdfs - ok
16:14:07.0891 2416 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
16:14:07.0907 2416 cdrom - ok
16:14:07.0985 2416 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
16:14:07.0985 2416 CertPropSvc - ok
16:14:08.0016 2416 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
16:14:08.0016 2416 circlass - ok
16:14:08.0109 2416 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
16:14:08.0125 2416 CLFS - ok
16:14:08.0219 2416 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:14:08.0219 2416 clr_optimization_v2.0.50727_32 - ok
16:14:08.0359 2416 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:14:08.0390 2416 clr_optimization_v4.0.30319_32 - ok
16:14:08.0421 2416 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
16:14:08.0437 2416 CmBatt - ok
16:14:08.0468 2416 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
16:14:08.0468 2416 cmdide - ok
16:14:08.0531 2416 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
16:14:08.0546 2416 CNG - ok
16:14:08.0593 2416 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
16:14:08.0593 2416 Compbatt - ok
16:14:08.0640 2416 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
16:14:08.0640 2416 CompositeBus - ok
16:14:08.0671 2416 COMSysApp - ok
16:14:08.0780 2416 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
16:14:08.0780 2416 crcdisk - ok
16:14:08.0874 2416 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
16:14:08.0874 2416 CryptSvc - ok
16:14:08.0936 2416 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
16:14:08.0952 2416 CSC - ok
16:14:09.0014 2416 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
16:14:09.0030 2416 CscService - ok
16:14:09.0108 2416 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
16:14:09.0108 2416 DcomLaunch - ok
16:14:09.0155 2416 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
16:14:09.0170 2416 defragsvc - ok
16:14:09.0279 2416 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
16:14:09.0295 2416 DfsC - ok
16:14:09.0373 2416 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
16:14:09.0373 2416 Dhcp - ok
16:14:09.0404 2416 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
16:14:09.0404 2416 discache - ok
16:14:09.0482 2416 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
16:14:09.0482 2416 Disk - ok
16:14:09.0513 2416 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
16:14:09.0529 2416 Dnscache - ok
16:14:09.0576 2416 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
16:14:09.0591 2416 dot3svc - ok
16:14:09.0623 2416 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
16:14:09.0638 2416 DPS - ok
16:14:09.0747 2416 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
16:14:09.0747 2416 drmkaud - ok
16:14:09.0857 2416 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
16:14:09.0872 2416 DXGKrnl - ok
16:14:09.0919 2416 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
16:14:09.0935 2416 EapHost - ok
16:14:10.0278 2416 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
16:14:10.0371 2416 ebdrv - ok
16:14:10.0481 2416 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
16:14:10.0496 2416 EFS - ok
16:14:10.0574 2416 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
16:14:10.0574 2416 ehRecvr - ok
16:14:10.0621 2416 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
16:14:10.0621 2416 ehSched - ok
16:14:10.0824 2416 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
16:14:10.0839 2416 elxstor - ok
16:14:10.0871 2416 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
16:14:10.0871 2416 ErrDev - ok
16:14:10.0964 2416 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
16:14:10.0964 2416 EventSystem - ok
16:14:11.0011 2416 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
16:14:11.0027 2416 exfat - ok
16:14:11.0058 2416 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
16:14:11.0058 2416 fastfat - ok
16:14:11.0136 2416 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
16:14:11.0151 2416 Fax - ok
16:14:11.0198 2416 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
16:14:11.0198 2416 fdc - ok
16:14:11.0229 2416 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
16:14:11.0229 2416 fdPHost - ok
16:14:11.0261 2416 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
16:14:11.0261 2416 FDResPub - ok
16:14:11.0292 2416 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
16:14:11.0292 2416 FileInfo - ok
16:14:11.0307 2416 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
16:14:11.0307 2416 Filetrace - ok
16:14:11.0354 2416 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
16:14:11.0354 2416 flpydisk - ok
16:14:11.0417 2416 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
16:14:11.0432 2416 FltMgr - ok
16:14:11.0510 2416 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
16:14:11.0526 2416 FontCache - ok
16:14:11.0635 2416 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:14:11.0635 2416 FontCache3.0.0.0 - ok
16:14:11.0697 2416 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
16:14:11.0697 2416 FsDepends - ok
16:14:11.0760 2416 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
16:14:11.0760 2416 Fs_Rec - ok
16:14:11.0869 2416 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
16:14:11.0869 2416 fvevol - ok
16:14:11.0947 2416 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:14:11.0963 2416 gagp30kx - ok
16:14:12.0087 2416 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
16:14:12.0087 2416 gpsvc - ok
16:14:12.0119 2416 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
16:14:12.0119 2416 hcw85cir - ok
16:14:12.0228 2416 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
16:14:12.0228 2416 HdAudAddService - ok
16:14:12.0275 2416 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
16:14:12.0275 2416 HDAudBus - ok
16:14:12.0306 2416 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
16:14:12.0321 2416 HidBatt - ok
16:14:12.0337 2416 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
16:14:12.0353 2416 HidBth - ok
16:14:12.0384 2416 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
16:14:12.0384 2416 HidIr - ok
16:14:12.0446 2416 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
16:14:12.0446 2416 hidserv - ok
16:14:12.0509 2416 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
16:14:12.0524 2416 HidUsb - ok
16:14:12.0571 2416 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
16:14:12.0571 2416 hkmsvc - ok
16:14:12.0602 2416 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
16:14:12.0618 2416 HomeGroupListener - ok
16:14:12.0665 2416 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
16:14:12.0665 2416 HomeGroupProvider - ok
16:14:12.0758 2416 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
16:14:12.0758 2416 HpSAMD - ok
16:14:12.0883 2416 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
16:14:12.0899 2416 HTTP - ok
16:14:12.0945 2416 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
16:14:12.0945 2416 hwpolicy - ok
16:14:13.0023 2416 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
16:14:13.0023 2416 i8042prt - ok
16:14:13.0117 2416 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
16:14:13.0117 2416 iaStorV - ok
16:14:13.0242 2416 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:14:13.0257 2416 idsvc - ok
16:14:13.0335 2416 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
16:14:13.0335 2416 iirsp - ok
16:14:13.0398 2416 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
16:14:13.0413 2416 IKEEXT - ok
16:14:13.0460 2416 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
16:14:13.0460 2416 intelide - ok
16:14:13.0538 2416 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
16:14:13.0538 2416 intelppm - ok
16:14:13.0616 2416 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
16:14:13.0616 2416 IPBusEnum - ok
16:14:13.0632 2416 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:14:13.0647 2416 IpFilterDriver - ok
16:14:13.0741 2416 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
16:14:13.0757 2416 iphlpsvc - ok
16:14:13.0803 2416 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
16:14:13.0803 2416 IPMIDRV - ok
16:14:13.0850 2416 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
16:14:13.0866 2416 IPNAT - ok
16:14:13.0913 2416 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
16:14:13.0913 2416 IRENUM - ok
16:14:13.0975 2416 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
16:14:13.0991 2416 isapnp - ok
16:14:14.0053 2416 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
16:14:14.0053 2416 iScsiPrt - ok
16:14:14.0147 2416 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:14:14.0147 2416 kbdclass - ok
16:14:14.0209 2416 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
16:14:14.0209 2416 kbdhid - ok
16:14:14.0256 2416 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:14:14.0256 2416 KeyIso - ok
16:14:14.0334 2416 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
16:14:14.0334 2416 KMWDFILTERx86 - ok
16:14:14.0381 2416 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
16:14:14.0381 2416 KSecDD - ok
16:14:14.0427 2416 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
16:14:14.0427 2416 KSecPkg - ok
16:14:14.0474 2416 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
16:14:14.0490 2416 KtmRm - ok
16:14:14.0552 2416 L1C (6c32bfeab708915d6bbf4b20d4f3ef7b) C:\Windows\system32\DRIVERS\L1C62x86.sys
16:14:14.0552 2416 L1C - ok
16:14:14.0599 2416 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
16:14:14.0615 2416 LanmanServer - ok
16:14:14.0646 2416 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
16:14:14.0661 2416 LanmanWorkstation - ok
16:14:14.0739 2416 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
16:14:14.0739 2416 lltdio - ok
16:14:14.0817 2416 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
16:14:14.0833 2416 lltdsvc - ok
16:14:14.0864 2416 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
16:14:14.0864 2416 lmhosts - ok
16:14:14.0958 2416 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:14:14.0958 2416 LSI_FC - ok
16:14:14.0989 2416 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:14:15.0005 2416 LSI_SAS - ok
16:14:15.0020 2416 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:14:15.0020 2416 LSI_SAS2 - ok
16:14:15.0067 2416 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:14:15.0083 2416 LSI_SCSI - ok
16:14:15.0114 2416 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
16:14:15.0114 2416 luafv - ok
16:14:15.0161 2416 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
16:14:15.0176 2416 Mcx2Svc - ok
16:14:15.0348 2416 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:14:15.0348 2416 MDM - ok
16:14:15.0395 2416 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
16:14:15.0395 2416 megasas - ok
16:14:15.0441 2416 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
16:14:15.0457 2416 MegaSR - ok
16:14:15.0504 2416 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:14:15.0504 2416 MMCSS - ok
16:14:15.0535 2416 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
16:14:15.0535 2416 Modem - ok
16:14:15.0597 2416 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
16:14:15.0597 2416 monitor - ok
16:14:15.0675 2416 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
16:14:15.0675 2416 mouclass - ok
16:14:15.0785 2416 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
16:14:15.0785 2416 mouhid - ok
16:14:15.0847 2416 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
16:14:15.0863 2416 mountmgr - ok
16:14:15.0941 2416 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
16:14:15.0941 2416 MpFilter - ok
16:14:16.0019 2416 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
16:14:16.0019 2416 mpio - ok
16:14:16.0050 2416 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
16:14:16.0065 2416 mpsdrv - ok
16:14:16.0128 2416 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
16:14:16.0143 2416 MpsSvc - ok
16:14:16.0190 2416 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
16:14:16.0190 2416 MRxDAV - ok
16:14:16.0237 2416 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:14:16.0253 2416 mrxsmb - ok
16:14:16.0299 2416 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:14:16.0299 2416 mrxsmb10 - ok
16:14:16.0331 2416 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:14:16.0331 2416 mrxsmb20 - ok
16:14:16.0393 2416 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
16:14:16.0393 2416 msahci - ok
16:14:16.0409 2416 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
16:14:16.0424 2416 msdsm - ok
16:14:16.0455 2416 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
16:14:16.0455 2416 MSDTC - ok
16:14:16.0502 2416 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
16:14:16.0518 2416 Msfs - ok
16:14:16.0533 2416 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
16:14:16.0533 2416 mshidkmdf - ok
16:14:16.0596 2416 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
16:14:16.0596 2416 msisadrv - ok
16:14:16.0674 2416 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
16:14:16.0674 2416 MSiSCSI - ok
16:14:16.0689 2416 msiserver - ok
16:14:16.0799 2416 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
16:14:16.0799 2416 MSKSSRV - ok
16:14:16.0970 2416 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:14:16.0986 2416 MsMpSvc - ok
16:14:17.0064 2416 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
16:14:17.0064 2416 MSPCLOCK - ok
16:14:17.0079 2416 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
16:14:17.0079 2416 MSPQM - ok
16:14:17.0126 2416 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
16:14:17.0126 2416 MsRPC - ok
16:14:17.0189 2416 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
16:14:17.0189 2416 mssmbios - ok
16:14:17.0204 2416 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
16:14:17.0204 2416 MSTEE - ok
16:14:17.0220 2416 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
16:14:17.0220 2416 MTConfig - ok
16:14:17.0251 2416 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
16:14:17.0251 2416 Mup - ok
16:14:17.0329 2416 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
16:14:17.0329 2416 napagent - ok
16:14:17.0407 2416 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
16:14:17.0407 2416 NativeWifiP - ok
16:14:17.0469 2416 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
16:14:17.0469 2416 NDIS - ok
16:14:17.0501 2416 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
16:14:17.0501 2416 NdisCap - ok
16:14:17.0563 2416 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
16:14:17.0579 2416 NdisTapi - ok
16:14:17.0625 2416 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
16:14:17.0625 2416 Ndisuio - ok
16:14:17.0672 2416 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
16:14:17.0672 2416 NdisWan - ok
16:14:17.0735 2416 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
16:14:17.0735 2416 NDProxy - ok
16:14:17.0797 2416 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
16:14:17.0797 2416 NetBIOS - ok
16:14:17.0859 2416 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
16:14:17.0859 2416 NetBT - ok
16:14:17.0922 2416 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:14:17.0922 2416 Netlogon - ok
16:14:18.0047 2416 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
16:14:18.0062 2416 Netman - ok
16:14:18.0109 2416 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
16:14:18.0109 2416 netprofm - ok
16:14:18.0218 2416 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:14:18.0218 2416 NetTcpPortSharing - ok
16:14:18.0296 2416 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
16:14:18.0296 2416 nfrd960 - ok
16:14:18.0374 2416 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:14:18.0374 2416 NisDrv - ok
16:14:18.0546 2416 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:14:18.0546 2416 NisSrv - ok
16:14:18.0608 2416 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
16:14:18.0608 2416 NlaSvc - ok
16:14:18.0639 2416 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
16:14:18.0639 2416 Npfs - ok
16:14:18.0671 2416 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
16:14:18.0686 2416 nsi - ok
16:14:18.0733 2416 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
16:14:18.0733 2416 nsiproxy - ok
16:14:18.0873 2416 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
16:14:18.0905 2416 Ntfs - ok
16:14:18.0936 2416 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
16:14:18.0936 2416 Null - ok
16:14:18.0983 2416 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
16:14:18.0983 2416 nvraid - ok
16:14:19.0029 2416 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
16:14:19.0029 2416 nvstor - ok
16:14:19.0107 2416 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
16:14:19.0123 2416 nv_agp - ok
16:14:19.0295 2416 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:14:19.0295 2416 odserv - ok
16:14:19.0341 2416 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
16:14:19.0341 2416 ohci1394 - ok
16:14:19.0404 2416 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:14:19.0404 2416 ose - ok
16:14:19.0466 2416 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:14:19.0482 2416 p2pimsvc - ok
16:14:19.0513 2416 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
16:14:19.0529 2416 p2psvc - ok
16:14:19.0575 2416 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
16:14:19.0575 2416 Parport - ok
16:14:19.0622 2416 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
16:14:19.0622 2416 partmgr - ok
16:14:19.0653 2416 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
16:14:19.0653 2416 Parvdm - ok
16:14:19.0731 2416 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
16:14:19.0731 2416 PcaSvc - ok
16:14:19.0825 2416 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
16:14:19.0825 2416 pci - ok
16:14:19.0856 2416 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
16:14:19.0856 2416 pciide - ok
16:14:19.0903 2416 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
16:14:19.0903 2416 pcmcia - ok
16:14:19.0950 2416 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
16:14:19.0965 2416 pcw - ok
16:14:20.0028 2416 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
16:14:20.0043 2416 PEAUTH - ok
16:14:20.0137 2416 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
16:14:20.0153 2416 PeerDistSvc - ok
16:14:20.0277 2416 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
16:14:20.0309 2416 pla - ok
16:14:20.0480 2416 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
16:14:20.0496 2416 PlugPlay - ok
16:14:20.0543 2416 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
16:14:20.0543 2416 PNRPAutoReg - ok
16:14:20.0574 2416 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:14:20.0589 2416 PNRPsvc - ok
16:14:20.0683 2416 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
16:14:20.0699 2416 PolicyAgent - ok
16:14:20.0761 2416 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
16:14:20.0777 2416 Power - ok
16:14:20.0855 2416 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
16:14:20.0855 2416 PptpMiniport - ok
16:14:20.0886 2416 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
16:14:20.0886 2416 Processor - ok
16:14:20.0964 2416 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
16:14:20.0964 2416 ProfSvc - ok
16:14:21.0011 2416 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:14:21.0011 2416 ProtectedStorage - ok
16:14:21.0042 2416 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
16:14:21.0042 2416 Psched - ok
16:14:21.0135 2416 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
16:14:21.0167 2416 ql2300 - ok
16:14:21.0291 2416 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
16:14:21.0323 2416 ql40xx - ok
16:14:21.0369 2416 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
16:14:21.0369 2416 QWAVE - ok
16:14:21.0401 2416 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
16:14:21.0401 2416 QWAVEdrv - ok
16:14:21.0416 2416 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
16:14:21.0432 2416 RasAcd - ok
16:14:21.0463 2416 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:14:21.0463 2416 RasAgileVpn - ok
16:14:21.0510 2416 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
16:14:21.0510 2416 RasAuto - ok
16:14:21.0541 2416 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:14:21.0541 2416 Rasl2tp - ok
16:14:21.0619 2416 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
16:14:21.0635 2416 RasMan - ok
16:14:21.0666 2416 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
16:14:21.0666 2416 RasPppoe - ok
16:14:21.0744 2416 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
16:14:21.0744 2416 RasSstp - ok
16:14:21.0806 2416 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
16:14:21.0806 2416 rdbss - ok
16:14:21.0853 2416 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
16:14:21.0853 2416 rdpbus - ok
16:14:21.0915 2416 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:14:21.0915 2416 RDPCDD - ok
16:14:21.0978 2416 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
16:14:21.0978 2416 RDPDR - ok
16:14:22.0040 2416 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
16:14:22.0040 2416 RDPENCDD - ok
16:14:22.0071 2416 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
16:14:22.0071 2416 RDPREFMP - ok
16:14:22.0165 2416 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
16:14:22.0165 2416 RDPWD - ok
16:14:22.0227 2416 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
16:14:22.0243 2416 rdyboost - ok
16:14:22.0290 2416 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
16:14:22.0290 2416 RemoteAccess - ok
16:14:22.0337 2416 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
16:14:22.0352 2416 RemoteRegistry - ok
16:14:22.0415 2416 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
16:14:22.0415 2416 RimUsb - ok
16:14:22.0461 2416 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
16:14:22.0461 2416 RpcEptMapper - ok
16:14:22.0508 2416 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
16:14:22.0508 2416 RpcLocator - ok
16:14:22.0571 2416 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
16:14:22.0586 2416 RpcSs - ok
16:14:22.0617 2416 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
16:14:22.0633 2416 rspndr - ok
16:14:22.0680 2416 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
16:14:22.0680 2416 s3cap - ok
16:14:22.0727 2416 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:14:22.0742 2416 SamSs - ok
16:14:22.0836 2416 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
16:14:22.0851 2416 sbp2port - ok
16:14:22.0898 2416 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
16:14:22.0914 2416 SCardSvr - ok
16:14:22.0961 2416 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
16:14:22.0961 2416 scfilter - ok
16:14:23.0039 2416 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
16:14:23.0054 2416 Schedule - ok
16:14:23.0101 2416 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
16:14:23.0101 2416 SCPolicySvc - ok
16:14:23.0148 2416 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
16:14:23.0148 2416 SDRSVC - ok
16:14:23.0226 2416 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:14:23.0226 2416 secdrv - ok
16:14:23.0257 2416 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
16:14:23.0273 2416 seclogon - ok
16:14:23.0335 2416 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
16:14:23.0335 2416 SENS - ok
16:14:23.0397 2416 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
16:14:23.0413 2416 SensrSvc - ok
16:14:23.0429 2416 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
16:14:23.0429 2416 Serenum - ok
16:14:23.0475 2416 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
16:14:23.0475 2416 Serial - ok
16:14:23.0507 2416 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
16:14:23.0507 2416 sermouse - ok
16:14:23.0569 2416 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
16:14:23.0585 2416 SessionEnv - ok
16:14:23.0616 2416 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
16:14:23.0616 2416 sffdisk - ok
16:14:23.0663 2416 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
16:14:23.0663 2416 sffp_mmc - ok
16:14:23.0725 2416 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
16:14:23.0725 2416 sffp_sd - ok
16:14:23.0772 2416 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
16:14:23.0772 2416 sfloppy - ok
16:14:23.0819 2416 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
16:14:23.0834 2416 SharedAccess - ok
16:14:23.0897 2416 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
16:14:23.0912 2416 ShellHWDetection - ok
16:14:24.0021 2416 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
16:14:24.0021 2416 sisagp - ok
16:14:24.0099 2416 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:14:24.0099 2416 SiSRaid2 - ok
16:14:24.0115 2416 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
16:14:24.0131 2416 SiSRaid4 - ok
16:14:24.0146 2416 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
16:14:24.0146 2416 Smb - ok
16:14:24.0224 2416 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
16:14:24.0224 2416 SNMPTRAP - ok
16:14:24.0255 2416 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
16:14:24.0255 2416 spldr - ok
16:14:24.0318 2416 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
16:14:24.0333 2416 Spooler - ok
16:14:24.0521 2416 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
16:14:24.0567 2416 sppsvc - ok
16:14:24.0755 2416 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
16:14:24.0770 2416 sppuinotify - ok
16:14:24.0911 2416 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
16:14:24.0911 2416 srv - ok
16:14:24.0973 2416 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
16:14:25.0004 2416 srv2 - ok
16:14:25.0035 2416 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
16:14:25.0035 2416 srvnet - ok
16:14:25.0082 2416 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
16:14:25.0082 2416 SSDPSRV - ok
16:14:25.0113 2416 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
16:14:25.0129 2416 SstpSvc - ok
16:14:25.0160 2416 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
16:14:25.0160 2416 stexstor - ok
16:14:25.0223 2416 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
16:14:25.0238 2416 StiSvc - ok
16:14:25.0301 2416 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
16:14:25.0301 2416 storflt - ok
16:14:25.0347 2416 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
16:14:25.0347 2416 StorSvc - ok
16:14:25.0394 2416 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
16:14:25.0394 2416 storvsc - ok
16:14:25.0441 2416 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
16:14:25.0441 2416 swenum - ok
16:14:25.0503 2416 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
16:14:25.0519 2416 swprv - ok
16:14:25.0613 2416 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
16:14:25.0628 2416 SysMain - ok
16:14:25.0675 2416 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
16:14:25.0691 2416 TabletInputService - ok
16:14:25.0737 2416 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
16:14:25.0737 2416 TapiSrv - ok
16:14:25.0800 2416 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
16:14:25.0800 2416 TBS - ok
16:14:25.0971 2416 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
16:14:25.0987 2416 Tcpip - ok
16:14:26.0049 2416 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
16:14:26.0049 2416 TCPIP6 - ok
16:14:26.0127 2416 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
16:14:26.0127 2416 tcpipreg - ok
16:14:26.0190 2416 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
16:14:26.0190 2416 TDPIPE - ok
16:14:26.0252 2416 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
16:14:26.0252 2416 TDTCP - ok
16:14:26.0283 2416 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
16:14:26.0283 2416 tdx - ok
16:14:26.0346 2416 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
16:14:26.0346 2416 TermDD - ok
16:14:26.0424 2416 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
16:14:26.0439 2416 TermService - ok
16:14:26.0471 2416 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
16:14:26.0486 2416 Themes - ok
16:14:26.0533 2416 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:14:26.0533 2416 THREADORDER - ok
16:14:26.0829 2416 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
16:14:26.0861 2416 TrkWks - ok
16:14:26.0985 2416 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
16:14:26.0985 2416 TrustedInstaller - ok
16:14:27.0017 2416 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:14:27.0017 2416 tssecsrv - ok
16:14:27.0110 2416 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
16:14:27.0126 2416 TsUsbFlt - ok
16:14:27.0219 2416 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
16:14:27.0219 2416 tunnel - ok
16:14:27.0282 2416 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
16:14:27.0282 2416 uagp35 - ok
16:14:27.0344 2416 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
16:14:27.0344 2416 udfs - ok
16:14:27.0407 2416 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
16:14:27.0407 2416 UI0Detect - ok
16:14:27.0469 2416 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
16:14:27.0469 2416 uliagpkx - ok
16:14:27.0531 2416 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
16:14:27.0531 2416 umbus - ok
16:14:27.0578 2416 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
16:14:27.0578 2416 UmPass - ok
16:14:27.0641 2416 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
16:14:27.0656 2416 UmRdpService - ok
16:14:27.0703 2416 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
16:14:27.0719 2416 upnphost - ok
16:14:27.0797 2416 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
16:14:27.0797 2416 usbccgp - ok
16:14:27.0843 2416 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
16:14:27.0843 2416 usbcir - ok
16:14:27.0890 2416 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
16:14:27.0906 2416 usbehci - ok
16:14:28.0093 2416 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
16:14:28.0093 2416 usbhub - ok
16:14:28.0124 2416 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
16:14:28.0140 2416 usbohci - ok
16:14:28.0187 2416 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
16:14:28.0187 2416 usbprint - ok
16:14:28.0249 2416 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:14:28.0249 2416 USBSTOR - ok
16:14:28.0280 2416 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
16:14:28.0280 2416 usbuhci - ok
16:14:28.0311 2416 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
16:14:28.0327 2416 UxSms - ok
16:14:28.0374 2416 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:14:28.0374 2416 VaultSvc - ok
16:14:28.0436 2416 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
16:14:28.0436 2416 vdrvroot - ok
16:14:28.0483 2416 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
16:14:28.0499 2416 vds - ok
16:14:28.0561 2416 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
16:14:28.0561 2416 vga - ok
16:14:28.0701 2416 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
16:14:28.0701 2416 VgaSave - ok
16:14:28.0764 2416 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
16:14:28.0779 2416 vhdmp - ok
16:14:28.0826 2416 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
16:14:28.0842 2416 viaagp - ok
16:14:28.0873 2416 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
16:14:28.0873 2416 ViaC7 - ok
16:14:28.0904 2416 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
16:14:28.0904 2416 viaide - ok
16:14:28.0951 2416 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
16:14:28.0951 2416 vmbus - ok
16:14:29.0201 2416 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
16:14:29.0247 2416 VMBusHID - ok
16:14:30.0564 2416 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
16:14:30.0567 2416 volmgr - ok
16:14:30.0697 2416 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
16:14:30.0702 2416 volmgrx - ok
16:14:31.0402 2416 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
16:14:31.0418 2416 volsnap - ok
16:14:31.0524 2416 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
16:14:31.0524 2416 vsmraid - ok
16:14:31.0805 2416 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
16:14:31.0899 2416 VSS - ok
16:14:31.0977 2416 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
16:14:31.0977 2416 vwifibus - ok
16:14:32.0101 2416 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
16:14:32.0101 2416 vwififlt - ok
16:14:32.0164 2416 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
16:14:32.0164 2416 vwifimp - ok
16:14:32.0242 2416 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
16:14:32.0357 2416 W32Time - ok
16:14:32.0397 2416 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
16:14:32.0397 2416 WacomPen - ok
16:14:32.0447 2416 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
16:14:32.0463 2416 WANARP - ok
16:14:32.0525 2416 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
16:14:32.0525 2416 Wanarpv6 - ok
16:14:33.0925 2416 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
16:14:33.0941 2416 WatAdminSvc - ok
16:14:34.0066 2416 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
16:14:34.0081 2416 wbengine - ok
16:14:34.0128 2416 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
16:14:34.0128 2416 WbioSrvc - ok
16:14:34.0191 2416 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
16:14:34.0206 2416 wcncsvc - ok
16:14:34.0237 2416 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
16:14:34.0253 2416 WcsPlugInService - ok
16:14:34.0331 2416 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
16:14:34.0331 2416 Wd - ok
16:14:34.0378 2416 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:14:34.0378 2416 Wdf01000 - ok
16:14:34.0425 2416 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:14:34.0440 2416 WdiServiceHost - ok
16:14:34.0456 2416 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:14:34.0456 2416 WdiSystemHost - ok
16:14:34.0503 2416 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
16:14:34.0518 2416 WebClient - ok
16:14:34.0549 2416 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
16:14:34.0565 2416 Wecsvc - ok
16:14:34.0596 2416 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
16:14:34.0596 2416 wercplsupport - ok
16:14:34.0674 2416 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
16:14:34.0674 2416 WerSvc - ok
16:14:34.0705 2416 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
16:14:34.0721 2416 WfpLwf - ok
16:14:34.0783 2416 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
16:14:34.0783 2416 WIMMount - ok
16:14:34.0924 2416 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
16:14:34.0924 2416 WinDefend - ok
16:14:34.0955 2416 WinHttpAutoProxySvc - ok
16:14:35.0033 2416 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
16:14:35.0049 2416 Winmgmt - ok
16:14:35.0205 2416 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
16:14:35.0220 2416 WinRM - ok
16:14:35.0345 2416 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
16:14:35.0345 2416 WinUsb - ok
16:14:35.0470 2416 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
16:14:35.0485 2416 Wlansvc - ok
16:14:35.0517 2416 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
16:14:35.0517 2416 WmiAcpi - ok
16:14:35.0688 2416 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
16:14:35.0704 2416 wmiApSrv - ok
16:14:36.0078 2416 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:14:36.0125 2416 WMPNetworkSvc - ok
16:14:36.0156 2416 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
16:14:36.0172 2416 WPCSvc - ok
16:14:36.0219 2416 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
16:14:36.0219 2416 WPDBusEnum - ok
16:14:36.0328 2416 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
16:14:36.0328 2416 ws2ifsl - ok
16:14:36.0406 2416 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
16:14:36.0406 2416 wscsvc - ok
16:14:36.0437 2416 WSearch - ok
16:14:36.0624 2416 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:14:36.0655 2416 wuauserv - ok
16:14:36.0967 2416 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
16:14:36.0967 2416 WudfPf - ok
16:14:37.0030 2416 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:14:37.0045 2416 WUDFRd - ok
16:14:37.0123 2416 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
16:14:37.0123 2416 wudfsvc - ok
16:14:37.0201 2416 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
16:14:37.0217 2416 WwanSvc - ok
16:14:37.0279 2416 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:14:38.0200 2416 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:14:38.0200 2416 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:14:38.0215 2416 Boot (0x1200) (b29c428e5c128d8e79224aba3dbfcc08) \Device\Harddisk0\DR0\Partition0
16:14:38.0215 2416 \Device\Harddisk0\DR0\Partition0 - ok
16:14:38.0247 2416 Boot (0x1200) (6654e96be37ff4a8549fab633d9c8ccf) \Device\Harddisk0\DR0\Partition1
16:14:38.0247 2416 \Device\Harddisk0\DR0\Partition1 - ok
16:14:38.0262 2416 ============================================================
16:14:38.0262 2416 Scan finished
16:14:38.0262 2416 ============================================================
16:14:38.0293 1620 Detected object count: 1
16:14:38.0293 1620 Actual detected object count: 1
16:14:47.0184 1620 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:14:47.0184 1620 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:14:51.0974 3784 Deinitialize success


AswMBR Results

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-11 16:16:02
-----------------------------
16:16:02.057 OS Version: Windows 6.1.7601 Service Pack 1
16:16:02.057 Number of processors: 1 586 0x7C02
16:16:02.057 ComputerName: RONITA-PC UserName: ronita
16:16:10.434 Initialize success
16:18:21.213 AVAST engine defs: 12081101
16:18:37.967 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:18:37.983 Disk 0 Vendor: Hitachi_HTS545016B9A300 PBBOC60F Size: 152627MB BusType: 11
16:18:37.983 Disk 0 MBR read successfully
16:18:37.983 Disk 0 MBR scan
16:18:37.998 Disk 0 Windows 7 default MBR code
16:18:37.998 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
16:18:38.045 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
16:18:38.123 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 140232 MB offset 25382700
16:18:38.186 Disk 0 scanning sectors +312579760
16:18:38.357 Disk 0 scanning C:\Windows\system32\drivers
16:19:13.255 Service scanning
16:20:06.263 Modules scanning
16:20:16.513 Disk 0 trace - called modules:
16:20:17.059 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
16:20:17.074 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x854cf6a0]
16:20:17.074 3 CLASSPNP.SYS[881ad59e] -> nt!IofCallDriver -> [0x85045918]
16:20:17.090 5 ACPI.sys[87da33d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85043908]
16:20:18.494 AVAST engine scan C:\Windows
16:20:21.520 AVAST engine scan C:\Windows\system32
16:31:56.632 AVAST engine scan C:\Windows\system32\drivers
16:32:37.473 AVAST engine scan C:\Users\ronita
16:36:33.111 AVAST engine scan C:\ProgramData
16:37:52.968 Scan finished successfully
16:42:53.986 Disk 0 MBR has been saved successfully to "C:\Users\ronita\Documents\MBR.dat"
16:42:54.002 The log file has been saved successfully to "C:\Users\ronita\Documents\aswMBR2.txt"


ESET RESULTS

I dont think I saved the results but nothing was found

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 11 August 2012 - 09:15 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#11 jokerssmile

jokerssmile
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:00 PM

Posted 12 August 2012 - 01:29 PM

is it showing that I have something wrong still?

I scanned with malware bytes and nothing came up.

I'd do the other scans but I gave my aunt back her computer

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:00 PM

Posted 12 August 2012 - 01:33 PM

Previous logs were clean.Hope system is clean now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users