Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tried to fix a trojan virus myself


  • Please log in to reply
2 replies to this topic

#1 Nize300

Nize300

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 12 August 2012 - 10:19 PM

Here's the background-

my AVG pulled up a trojan virus (trojan patched c_lyu)- I came here, and looked around for someone that solved it before, followed the directions provided to that person and assumed voila! I'd be fixed. Sounded smart, at first at least.

Anyway, the solution advised the use of combofix- after which I read the instructions that said (DO NOT USE COMBOFIX unless directly told to). So, lesson learned. But combofix seems to have helped, albeit I want to make sure, since combofix also told me I had the rootkit.zeroaccess virus as well. Now, it seems like combofix did the job but since 1) I screwed up by using it haphazardly, and 2) I don't understand the log that came up (and didn't save the log either)- I'd like to ask for your help.

Can you guys help me run some tests to make sure I got the virus off the computer, if I have the virus still? Thanks for your help in advance and for putting up with my inability to read the warnings!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:47 AM

Posted 12 August 2012 - 10:21 PM

Combofix logs cannot be analyzed in this forum but we can use other logs to see if system is clean



Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Nize300

Nize300
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 13 August 2012 - 08:31 PM

OK here are my logs- thank you!

TDSS- said no threats found! yay!
1 Thing found on the aswMBR- boo!
with ESET- nothing showed up, but the scan froze at around 62 % (taking about 40 minutes)
Thanks again!


TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:36:19.0564 2772 ============================================================
19:36:19.0565 2772 Current date / time: 2012/08/13 19:36:19.0564
19:36:19.0565 2772 SystemInfo:
19:36:19.0565 2772
19:36:19.0565 2772 OS Version: 6.1.7601 ServicePack: 1.0
19:36:19.0565 2772 Product type: Workstation
19:36:19.0565 2772 ComputerName: THESITUATION-PC
19:36:19.0566 2772 UserName: The Situation
19:36:19.0566 2772 Windows directory: C:\windows
19:36:19.0566 2772 System windows directory: C:\windows
19:36:19.0566 2772 Processor architecture: Intel x86
19:36:19.0566 2772 Number of processors: 2
19:36:19.0566 2772 Page size: 0x1000
19:36:19.0566 2772 Boot type: Normal boot
19:36:19.0566 2772 ============================================================
19:36:20.0384 2772 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:36:20.0387 2772 ============================================================
19:36:20.0387 2772 \Device\Harddisk0\DR0:
19:36:20.0387 2772 MBR partitions:
19:36:20.0387 2772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2413D800
19:36:20.0387 2772 ============================================================
19:36:20.0413 2772 C: <-> \Device\Harddisk0\DR0\Partition0
19:36:20.0413 2772 ============================================================
19:36:20.0413 2772 Initialize success
19:36:20.0413 2772 ============================================================
19:36:27.0881 5864 ============================================================
19:36:27.0881 5864 Scan started
19:36:27.0881 5864 Mode: Manual; TDLFS;
19:36:27.0881 5864 ============================================================
19:36:28.0648 5864 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:36:28.0660 5864 !SASCORE - ok
19:36:28.0841 5864 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
19:36:28.0846 5864 1394ohci - ok
19:36:28.0927 5864 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
19:36:28.0950 5864 ACPI - ok
19:36:28.0995 5864 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
19:36:28.0998 5864 AcpiPmi - ok
19:36:29.0074 5864 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
19:36:29.0112 5864 adp94xx - ok
19:36:29.0157 5864 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
19:36:29.0189 5864 adpahci - ok
19:36:29.0219 5864 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
19:36:29.0236 5864 adpu320 - ok
19:36:29.0273 5864 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
19:36:29.0275 5864 AeLookupSvc - ok
19:36:29.0336 5864 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
19:36:29.0366 5864 AFD - ok
19:36:29.0468 5864 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys
19:36:29.0496 5864 AgereSoftModem - ok
19:36:29.0539 5864 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
19:36:29.0543 5864 agp440 - ok
19:36:29.0595 5864 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
19:36:29.0600 5864 aic78xx - ok
19:36:29.0658 5864 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
19:36:29.0663 5864 ALG - ok
19:36:29.0707 5864 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
19:36:29.0711 5864 aliide - ok
19:36:29.0847 5864 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
19:36:29.0874 5864 Amazon Download Agent - ok
19:36:29.0916 5864 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
19:36:29.0920 5864 amdagp - ok
19:36:29.0946 5864 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
19:36:29.0950 5864 amdide - ok
19:36:29.0985 5864 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
19:36:29.0989 5864 AmdK8 - ok
19:36:30.0016 5864 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
19:36:30.0020 5864 AmdPPM - ok
19:36:30.0068 5864 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
19:36:30.0073 5864 amdsata - ok
19:36:30.0103 5864 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
19:36:30.0118 5864 amdsbs - ok
19:36:30.0153 5864 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
19:36:30.0156 5864 amdxata - ok
19:36:30.0214 5864 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
19:36:30.0217 5864 AppID - ok
19:36:30.0264 5864 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
19:36:30.0269 5864 AppIDSvc - ok
19:36:30.0303 5864 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
19:36:30.0307 5864 Appinfo - ok
19:36:30.0472 5864 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:36:30.0477 5864 Apple Mobile Device - ok
19:36:30.0527 5864 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
19:36:30.0531 5864 arc - ok
19:36:30.0584 5864 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
19:36:30.0589 5864 arcsas - ok
19:36:30.0617 5864 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
19:36:30.0621 5864 AsyncMac - ok
19:36:30.0671 5864 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
19:36:30.0675 5864 atapi - ok
19:36:30.0961 5864 atikmdag (712d8a95e45b070114c5309ada7358ff) C:\windows\system32\drivers\atikmdag.sys
19:36:31.0042 5864 atikmdag - ok
19:36:31.0196 5864 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
19:36:31.0211 5864 AudioEndpointBuilder - ok
19:36:31.0225 5864 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
19:36:31.0232 5864 Audiosrv - ok
19:36:31.0825 5864 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
19:36:32.0050 5864 AVGIDSAgent - ok
19:36:32.0196 5864 AVGIDSDriver (b9acb889ba1e0561868c025f95d63e25) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
19:36:32.0213 5864 AVGIDSDriver - ok
19:36:32.0260 5864 AVGIDSEH (13256fc72fa5b3f6d6e8c5957e579b7c) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
19:36:32.0264 5864 AVGIDSEH - ok
19:36:32.0270 5864 AVGIDSFilter (fa0685cc51de5cfd804e7deaa6488e0e) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
19:36:32.0274 5864 AVGIDSFilter - ok
19:36:32.0319 5864 AVGIDSShim (f788b51100d0f40ea176798cce954a1a) C:\windows\system32\DRIVERS\AVGIDSShim.Sys
19:36:32.0322 5864 AVGIDSShim - ok
19:36:32.0408 5864 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\windows\system32\DRIVERS\avgldx86.sys
19:36:32.0420 5864 Avgldx86 - ok
19:36:32.0450 5864 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\windows\system32\DRIVERS\avgmfx86.sys
19:36:32.0454 5864 Avgmfx86 - ok
19:36:32.0508 5864 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\windows\system32\DRIVERS\avgrkx86.sys
19:36:32.0512 5864 Avgrkx86 - ok
19:36:32.0571 5864 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\windows\system32\DRIVERS\avgtdix.sys
19:36:32.0589 5864 Avgtdix - ok
19:36:32.0678 5864 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
19:36:32.0689 5864 avgwd - ok
19:36:32.0730 5864 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
19:36:32.0734 5864 AxInstSV - ok
19:36:32.0784 5864 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
19:36:32.0801 5864 b06bdrv - ok
19:36:32.0846 5864 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
19:36:32.0871 5864 b57nd60x - ok
19:36:32.0921 5864 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
19:36:32.0927 5864 BDESVC - ok
19:36:32.0940 5864 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
19:36:32.0944 5864 Beep - ok
19:36:32.0998 5864 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
19:36:33.0034 5864 BFE - ok
19:36:33.0080 5864 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
19:36:33.0085 5864 blbdrive - ok
19:36:33.0213 5864 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:36:33.0231 5864 Bonjour Service - ok
19:36:33.0277 5864 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
19:36:33.0281 5864 bowser - ok
19:36:33.0298 5864 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
19:36:33.0302 5864 BrFiltLo - ok
19:36:33.0319 5864 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
19:36:33.0323 5864 BrFiltUp - ok
19:36:33.0376 5864 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
19:36:33.0382 5864 BridgeMP - ok
19:36:33.0445 5864 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
19:36:33.0462 5864 Browser - ok
19:36:33.0517 5864 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
19:36:33.0540 5864 Brserid - ok
19:36:33.0568 5864 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
19:36:33.0573 5864 BrSerWdm - ok
19:36:33.0587 5864 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
19:36:33.0591 5864 BrUsbMdm - ok
19:36:33.0611 5864 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
19:36:33.0615 5864 BrUsbSer - ok
19:36:33.0629 5864 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
19:36:33.0634 5864 BTHMODEM - ok
19:36:33.0683 5864 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
19:36:33.0689 5864 bthserv - ok
19:36:33.0782 5864 catchme - ok
19:36:33.0811 5864 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
19:36:33.0816 5864 cdfs - ok
19:36:33.0876 5864 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
19:36:33.0881 5864 cdrom - ok
19:36:33.0930 5864 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
19:36:33.0934 5864 CertPropSvc - ok
19:36:34.0017 5864 cfWiMAXService (1f8a319d29394f9ce1b7ae020df2ebbf) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
19:36:34.0077 5864 cfWiMAXService - ok
19:36:34.0095 5864 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
19:36:34.0101 5864 circlass - ok
19:36:34.0139 5864 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
19:36:34.0144 5864 CLFS - ok
19:36:34.0226 5864 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:34.0234 5864 clr_optimization_v2.0.50727_32 - ok
19:36:34.0330 5864 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:34.0348 5864 clr_optimization_v4.0.30319_32 - ok
19:36:34.0374 5864 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
19:36:34.0378 5864 CmBatt - ok
19:36:34.0414 5864 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
19:36:34.0418 5864 cmdide - ok
19:36:34.0476 5864 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\windows\system32\Drivers\cng.sys
19:36:34.0493 5864 CNG - ok
19:36:34.0526 5864 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
19:36:34.0530 5864 Compbatt - ok
19:36:34.0582 5864 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
19:36:34.0586 5864 CompositeBus - ok
19:36:34.0600 5864 COMSysApp - ok
19:36:34.0697 5864 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:36:34.0701 5864 ConfigFree Service - ok
19:36:34.0716 5864 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
19:36:34.0720 5864 crcdisk - ok
19:36:34.0772 5864 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\windows\system32\cryptsvc.dll
19:36:34.0788 5864 CryptSvc - ok
19:36:34.0837 5864 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
19:36:34.0849 5864 DcomLaunch - ok
19:36:34.0887 5864 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
19:36:34.0899 5864 defragsvc - ok
19:36:34.0930 5864 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
19:36:34.0941 5864 DfsC - ok
19:36:34.0972 5864 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
19:36:34.0984 5864 Dhcp - ok
19:36:35.0007 5864 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
19:36:35.0011 5864 discache - ok
19:36:35.0044 5864 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
19:36:35.0048 5864 Disk - ok
19:36:35.0089 5864 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
19:36:35.0107 5864 Dnscache - ok
19:36:35.0150 5864 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
19:36:35.0157 5864 dot3svc - ok
19:36:35.0200 5864 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
19:36:35.0215 5864 DPS - ok
19:36:35.0242 5864 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
19:36:35.0247 5864 drmkaud - ok
19:36:35.0332 5864 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
19:36:35.0366 5864 DXGKrnl - ok
19:36:35.0410 5864 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
19:36:35.0428 5864 EapHost - ok
19:36:35.0687 5864 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
19:36:35.0750 5864 ebdrv - ok
19:36:35.0880 5864 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
19:36:35.0904 5864 EFS - ok
19:36:36.0001 5864 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
19:36:36.0019 5864 ehRecvr - ok
19:36:36.0046 5864 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
19:36:36.0063 5864 ehSched - ok
19:36:36.0150 5864 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
19:36:36.0162 5864 elxstor - ok
19:36:36.0212 5864 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
19:36:36.0215 5864 ErrDev - ok
19:36:36.0277 5864 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
19:36:36.0297 5864 EventSystem - ok
19:36:36.0330 5864 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
19:36:36.0346 5864 exfat - ok
19:36:36.0374 5864 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
19:36:36.0390 5864 fastfat - ok
19:36:36.0458 5864 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
19:36:36.0481 5864 Fax - ok
19:36:36.0496 5864 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
19:36:36.0501 5864 fdc - ok
19:36:36.0521 5864 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
19:36:36.0526 5864 fdPHost - ok
19:36:36.0536 5864 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
19:36:36.0542 5864 FDResPub - ok
19:36:36.0559 5864 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
19:36:36.0563 5864 FileInfo - ok
19:36:36.0583 5864 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
19:36:36.0587 5864 Filetrace - ok
19:36:36.0611 5864 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
19:36:36.0615 5864 flpydisk - ok
19:36:36.0654 5864 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
19:36:36.0690 5864 FltMgr - ok
19:36:36.0769 5864 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
19:36:36.0788 5864 FontCache - ok
19:36:36.0864 5864 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:36:36.0868 5864 FontCache3.0.0.0 - ok
19:36:36.0893 5864 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
19:36:36.0897 5864 FsDepends - ok
19:36:36.0928 5864 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
19:36:36.0932 5864 Fs_Rec - ok
19:36:36.0988 5864 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
19:36:37.0002 5864 fvevol - ok
19:36:37.0047 5864 FwLnk (0f76e205bdc60364f08a5949082771ca) C:\windows\system32\DRIVERS\FwLnk.sys
19:36:37.0052 5864 FwLnk - ok
19:36:37.0095 5864 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
19:36:37.0100 5864 gagp30kx - ok
19:36:37.0197 5864 GameConsoleService (73a2ec1a8dd15f85f92f8ac303a7e39b) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
19:36:37.0209 5864 GameConsoleService - ok
19:36:37.0250 5864 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:36:37.0268 5864 GEARAspiWDM - ok
19:36:37.0345 5864 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
19:36:37.0379 5864 gpsvc - ok
19:36:37.0494 5864 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:37.0503 5864 gupdate - ok
19:36:37.0535 5864 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:37.0538 5864 gupdatem - ok
19:36:37.0610 5864 gusvc (5d4bc124faae6730ac002cdb67bf1a1c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:36:37.0615 5864 gusvc - ok
19:36:37.0648 5864 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
19:36:37.0655 5864 hcw85cir - ok
19:36:37.0715 5864 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
19:36:37.0738 5864 HdAudAddService - ok
19:36:37.0788 5864 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
19:36:37.0806 5864 HDAudBus - ok
19:36:37.0823 5864 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
19:36:37.0828 5864 HidBatt - ok
19:36:37.0850 5864 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
19:36:37.0871 5864 HidBth - ok
19:36:37.0897 5864 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
19:36:37.0918 5864 HidIr - ok
19:36:37.0952 5864 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
19:36:37.0957 5864 hidserv - ok
19:36:37.0990 5864 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
19:36:37.0993 5864 HidUsb - ok
19:36:38.0031 5864 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
19:36:38.0039 5864 hkmsvc - ok
19:36:38.0067 5864 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
19:36:38.0076 5864 HomeGroupListener - ok
19:36:38.0132 5864 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
19:36:38.0147 5864 HomeGroupProvider - ok
19:36:38.0205 5864 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
19:36:38.0209 5864 HpSAMD - ok
19:36:38.0283 5864 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
19:36:38.0304 5864 HTTP - ok
19:36:38.0336 5864 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
19:36:38.0341 5864 hwpolicy - ok
19:36:38.0379 5864 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
19:36:38.0383 5864 i8042prt - ok
19:36:38.0445 5864 iaStor (01446278d4563b3013c92830ae6cbb26) C:\windows\system32\DRIVERS\iaStor.sys
19:36:38.0450 5864 iaStor - ok
19:36:38.0501 5864 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
19:36:38.0521 5864 iaStorV - ok
19:36:38.0681 5864 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:36:38.0708 5864 idsvc - ok
19:36:39.0139 5864 igfx (315aaaa2bc9bc778adc0454b3ca8dcce) C:\windows\system32\DRIVERS\igdkmd32.sys
19:36:39.0236 5864 igfx - ok
19:36:39.0383 5864 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
19:36:39.0387 5864 iirsp - ok
19:36:39.0469 5864 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
19:36:39.0511 5864 IKEEXT - ok
19:36:39.0737 5864 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
19:36:39.0786 5864 IntcAzAudAddService - ok
19:36:39.0912 5864 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
19:36:39.0916 5864 intelide - ok
19:36:39.0965 5864 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
19:36:39.0970 5864 intelppm - ok
19:36:39.0997 5864 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
19:36:40.0004 5864 IPBusEnum - ok
19:36:40.0029 5864 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
19:36:40.0033 5864 IpFilterDriver - ok
19:36:40.0220 5864 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
19:36:40.0231 5864 iphlpsvc - ok
19:36:40.0265 5864 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
19:36:40.0285 5864 IPMIDRV - ok
19:36:40.0310 5864 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
19:36:40.0339 5864 IPNAT - ok
19:36:40.0540 5864 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
19:36:40.0581 5864 iPod Service - ok
19:36:40.0606 5864 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
19:36:40.0609 5864 IRENUM - ok
19:36:40.0656 5864 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
19:36:40.0659 5864 isapnp - ok
19:36:40.0712 5864 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
19:36:40.0718 5864 iScsiPrt - ok
19:36:40.0766 5864 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
19:36:40.0769 5864 kbdclass - ok
19:36:40.0822 5864 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
19:36:40.0825 5864 kbdhid - ok
19:36:40.0873 5864 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
19:36:40.0876 5864 KeyIso - ok
19:36:40.0911 5864 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys
19:36:40.0915 5864 KSecDD - ok
19:36:40.0957 5864 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\windows\system32\Drivers\ksecpkg.sys
19:36:40.0961 5864 KSecPkg - ok
19:36:41.0020 5864 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
19:36:41.0039 5864 KtmRm - ok
19:36:41.0110 5864 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
19:36:41.0123 5864 LanmanServer - ok
19:36:41.0162 5864 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
19:36:41.0214 5864 LanmanWorkstation - ok
19:36:41.0317 5864 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
19:36:41.0321 5864 lltdio - ok
19:36:41.0353 5864 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
19:36:41.0378 5864 lltdsvc - ok
19:36:41.0397 5864 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
19:36:41.0402 5864 lmhosts - ok
19:36:41.0450 5864 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
19:36:41.0455 5864 LSI_FC - ok
19:36:41.0491 5864 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
19:36:41.0496 5864 LSI_SAS - ok
19:36:41.0529 5864 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
19:36:41.0533 5864 LSI_SAS2 - ok
19:36:41.0549 5864 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
19:36:41.0557 5864 LSI_SCSI - ok
19:36:41.0619 5864 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
19:36:41.0623 5864 luafv - ok
19:36:41.0650 5864 lxcg_device - ok
19:36:41.0709 5864 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys
19:36:41.0713 5864 MBAMProtector - ok
19:36:41.0831 5864 MBAMService (94e920be59b9ab65d95e582dbaa136ac) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:36:41.0861 5864 MBAMService - ok
19:36:41.0883 5864 MBAMSwissArmy - ok
19:36:41.0934 5864 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
19:36:41.0941 5864 Mcx2Svc - ok
19:36:41.0981 5864 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
19:36:41.0984 5864 megasas - ok
19:36:42.0024 5864 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
19:36:42.0036 5864 MegaSR - ok
19:36:42.0066 5864 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
19:36:42.0071 5864 MMCSS - ok
19:36:42.0088 5864 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
19:36:42.0092 5864 Modem - ok
19:36:42.0108 5864 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
19:36:42.0112 5864 monitor - ok
19:36:42.0164 5864 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
19:36:42.0168 5864 mouclass - ok
19:36:42.0197 5864 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
19:36:42.0201 5864 mouhid - ok
19:36:42.0237 5864 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
19:36:42.0241 5864 mountmgr - ok
19:36:42.0347 5864 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:36:42.0365 5864 MozillaMaintenance - ok
19:36:42.0420 5864 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
19:36:42.0438 5864 mpio - ok
19:36:42.0485 5864 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
19:36:42.0489 5864 mpsdrv - ok
19:36:42.0533 5864 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
19:36:42.0550 5864 MRxDAV - ok
19:36:42.0600 5864 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
19:36:42.0618 5864 mrxsmb - ok
19:36:42.0668 5864 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
19:36:42.0679 5864 mrxsmb10 - ok
19:36:42.0707 5864 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
19:36:42.0724 5864 mrxsmb20 - ok
19:36:42.0756 5864 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
19:36:42.0759 5864 msahci - ok
19:36:42.0797 5864 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
19:36:42.0814 5864 msdsm - ok
19:36:42.0850 5864 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
19:36:42.0867 5864 MSDTC - ok
19:36:42.0921 5864 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
19:36:42.0925 5864 Msfs - ok
19:36:42.0942 5864 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
19:36:42.0945 5864 mshidkmdf - ok
19:36:42.0976 5864 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
19:36:42.0979 5864 msisadrv - ok
19:36:43.0027 5864 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
19:36:43.0045 5864 MSiSCSI - ok
19:36:43.0051 5864 msiserver - ok
19:36:43.0097 5864 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
19:36:43.0101 5864 MSKSSRV - ok
19:36:43.0132 5864 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
19:36:43.0136 5864 MSPCLOCK - ok
19:36:43.0154 5864 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
19:36:43.0157 5864 MSPQM - ok
19:36:43.0184 5864 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
19:36:43.0200 5864 MsRPC - ok
19:36:43.0221 5864 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
19:36:43.0229 5864 mssmbios - ok
19:36:43.0263 5864 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
19:36:43.0267 5864 MSTEE - ok
19:36:43.0280 5864 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
19:36:43.0285 5864 MTConfig - ok
19:36:43.0329 5864 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
19:36:43.0333 5864 Mup - ok
19:36:43.0403 5864 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
19:36:43.0434 5864 napagent - ok
19:36:43.0495 5864 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
19:36:43.0517 5864 NativeWifiP - ok
19:36:43.0586 5864 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
19:36:43.0610 5864 NDIS - ok
19:36:43.0637 5864 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
19:36:43.0641 5864 NdisCap - ok
19:36:43.0669 5864 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
19:36:43.0673 5864 NdisTapi - ok
19:36:43.0708 5864 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
19:36:43.0712 5864 Ndisuio - ok
19:36:43.0745 5864 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
19:36:43.0763 5864 NdisWan - ok
19:36:43.0813 5864 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
19:36:43.0816 5864 NDProxy - ok
19:36:43.0830 5864 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
19:36:43.0834 5864 NetBIOS - ok
19:36:43.0874 5864 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
19:36:43.0921 5864 NetBT - ok
19:36:43.0986 5864 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
19:36:43.0990 5864 Netlogon - ok
19:36:44.0048 5864 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
19:36:44.0070 5864 Netman - ok
19:36:44.0108 5864 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
19:36:44.0124 5864 netprofm - ok
19:36:44.0208 5864 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:36:44.0224 5864 NetTcpPortSharing - ok
19:36:44.0277 5864 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
19:36:44.0280 5864 nfrd960 - ok
19:36:44.0334 5864 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
19:36:44.0353 5864 NlaSvc - ok
19:36:44.0376 5864 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
19:36:44.0381 5864 Npfs - ok
19:36:44.0407 5864 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
19:36:44.0415 5864 nsi - ok
19:36:44.0441 5864 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
19:36:44.0445 5864 nsiproxy - ok
19:36:44.0556 5864 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
19:36:44.0587 5864 Ntfs - ok
19:36:44.0601 5864 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
19:36:44.0606 5864 Null - ok
19:36:44.0667 5864 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
19:36:44.0672 5864 nvraid - ok
19:36:44.0721 5864 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
19:36:44.0726 5864 nvstor - ok
19:36:44.0775 5864 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
19:36:44.0780 5864 nv_agp - ok
19:36:44.0887 5864 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:36:44.0936 5864 odserv - ok
19:36:44.0979 5864 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
19:36:44.0983 5864 ohci1394 - ok
19:36:45.0043 5864 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:36:45.0092 5864 ose - ok
19:36:45.0153 5864 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
19:36:45.0173 5864 p2pimsvc - ok
19:36:45.0208 5864 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
19:36:45.0227 5864 p2psvc - ok
19:36:45.0280 5864 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
19:36:45.0284 5864 Parport - ok
19:36:45.0324 5864 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys
19:36:45.0328 5864 partmgr - ok
19:36:45.0353 5864 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
19:36:45.0357 5864 Parvdm - ok
19:36:45.0385 5864 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
19:36:45.0400 5864 PcaSvc - ok
19:36:45.0441 5864 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
19:36:45.0446 5864 pci - ok
19:36:45.0460 5864 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
19:36:45.0464 5864 pciide - ok
19:36:45.0495 5864 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
19:36:45.0511 5864 pcmcia - ok
19:36:45.0564 5864 PCTCore (3e8ce6c67b292a4fdf65ed625e5f5e81) C:\windows\system32\drivers\PCTCore.sys
19:36:45.0583 5864 PCTCore - ok
19:36:45.0626 5864 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\windows\system32\drivers\pctDS.sys
19:36:45.0645 5864 pctDS - ok
19:36:45.0699 5864 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\windows\system32\drivers\pctEFA.sys
19:36:45.0714 5864 pctEFA - ok
19:36:45.0781 5864 PCTSD (83ddd552f7f1043f764e8cc88ff41232) C:\windows\system32\Drivers\PCTSD.sys
19:36:45.0793 5864 PCTSD - ok
19:36:45.0825 5864 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
19:36:45.0829 5864 pcw - ok
19:36:45.0885 5864 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
19:36:45.0906 5864 PEAUTH - ok
19:36:45.0963 5864 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
19:36:45.0967 5864 PGEffect - ok
19:36:46.0073 5864 pgsql-8.3 (acc93675d78d1c07dad09d7837f2397a) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
19:36:46.0116 5864 pgsql-8.3 - ok
19:36:46.0229 5864 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
19:36:46.0257 5864 pla - ok
19:36:46.0378 5864 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
19:36:46.0399 5864 PlugPlay - ok
19:36:46.0429 5864 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
19:36:46.0436 5864 PNRPAutoReg - ok
19:36:46.0474 5864 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
19:36:46.0481 5864 PNRPsvc - ok
19:36:46.0534 5864 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
19:36:46.0567 5864 PolicyAgent - ok
19:36:46.0600 5864 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
19:36:46.0618 5864 Power - ok
19:36:46.0683 5864 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
19:36:46.0688 5864 PptpMiniport - ok
19:36:46.0732 5864 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
19:36:46.0736 5864 Processor - ok
19:36:46.0778 5864 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll
19:36:46.0793 5864 ProfSvc - ok
19:36:46.0821 5864 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
19:36:46.0825 5864 ProtectedStorage - ok
19:36:46.0851 5864 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
19:36:46.0855 5864 Psched - ok
19:36:46.0955 5864 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
19:36:46.0988 5864 ql2300 - ok
19:36:47.0100 5864 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
19:36:47.0104 5864 ql40xx - ok
19:36:47.0155 5864 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
19:36:47.0169 5864 QWAVE - ok
19:36:47.0188 5864 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
19:36:47.0193 5864 QWAVEdrv - ok
19:36:47.0207 5864 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
19:36:47.0210 5864 RasAcd - ok
19:36:47.0255 5864 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
19:36:47.0259 5864 RasAgileVpn - ok
19:36:47.0300 5864 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
19:36:47.0319 5864 RasAuto - ok
19:36:47.0339 5864 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
19:36:47.0354 5864 Rasl2tp - ok
19:36:47.0421 5864 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
19:36:47.0431 5864 RasMan - ok
19:36:47.0447 5864 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
19:36:47.0453 5864 RasPppoe - ok
19:36:47.0473 5864 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
19:36:47.0478 5864 RasSstp - ok
19:36:47.0519 5864 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
19:36:47.0531 5864 rdbss - ok
19:36:47.0553 5864 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
19:36:47.0557 5864 rdpbus - ok
19:36:47.0581 5864 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
19:36:47.0585 5864 RDPCDD - ok
19:36:47.0619 5864 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
19:36:47.0622 5864 RDPENCDD - ok
19:36:47.0632 5864 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
19:36:47.0638 5864 RDPREFMP - ok
19:36:47.0688 5864 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys
19:36:47.0705 5864 RDPWD - ok
19:36:47.0751 5864 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
19:36:47.0767 5864 rdyboost - ok
19:36:47.0797 5864 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
19:36:47.0817 5864 RemoteAccess - ok
19:36:47.0847 5864 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
19:36:47.0866 5864 RemoteRegistry - ok
19:36:47.0883 5864 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
19:36:47.0891 5864 RpcEptMapper - ok
19:36:47.0916 5864 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
19:36:47.0924 5864 RpcLocator - ok
19:36:47.0979 5864 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
19:36:47.0988 5864 RpcSs - ok
19:36:48.0013 5864 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
19:36:48.0017 5864 rspndr - ok
19:36:48.0033 5864 RSUSBSTOR - ok
19:36:48.0075 5864 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys
19:36:48.0090 5864 RTL8167 - ok
19:36:48.0173 5864 rtl8192se (a3a344dd38654e1ad6ab10b64385cc26) C:\windows\system32\DRIVERS\rtl8192se.sys
19:36:48.0192 5864 rtl8192se - ok
19:36:48.0199 5864 RtsUIR - ok
19:36:48.0233 5864 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
19:36:48.0237 5864 SamSs - ok
19:36:48.0355 5864 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:36:48.0367 5864 SASDIFSV - ok
19:36:48.0399 5864 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:36:48.0403 5864 SASKUTIL - ok
19:36:48.0448 5864 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
19:36:48.0452 5864 sbp2port - ok
19:36:48.0493 5864 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
19:36:48.0533 5864 SCardSvr - ok
19:36:48.0565 5864 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
19:36:48.0569 5864 scfilter - ok
19:36:48.0642 5864 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
19:36:48.0665 5864 Schedule - ok
19:36:48.0707 5864 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
19:36:48.0709 5864 SCPolicySvc - ok
19:36:48.0844 5864 sdAuxService (cadc6d185d8560a1ec266b0a97c4f153) C:\Program Files\PC Tools Security\pctsAuxs.exe
19:36:48.0863 5864 sdAuxService - ok
19:36:48.0980 5864 sdCoreService (1b556ab08795428e2f3dafcfcb54c782) C:\Program Files\PC Tools Security\pctsSvc.exe
19:36:49.0015 5864 sdCoreService - ok
19:36:49.0141 5864 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
19:36:49.0148 5864 SDRSVC - ok
19:36:49.0186 5864 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
19:36:49.0190 5864 secdrv - ok
19:36:49.0227 5864 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
19:36:49.0234 5864 seclogon - ok
19:36:49.0273 5864 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
19:36:49.0279 5864 SENS - ok
19:36:49.0309 5864 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
19:36:49.0316 5864 SensrSvc - ok
19:36:49.0355 5864 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
19:36:49.0359 5864 Serenum - ok
19:36:49.0400 5864 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
19:36:49.0405 5864 Serial - ok
19:36:49.0447 5864 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
19:36:49.0450 5864 sermouse - ok
19:36:49.0503 5864 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
19:36:49.0510 5864 SessionEnv - ok
19:36:49.0535 5864 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
19:36:49.0538 5864 sffdisk - ok
19:36:49.0553 5864 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
19:36:49.0556 5864 sffp_mmc - ok
19:36:49.0570 5864 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
19:36:49.0575 5864 sffp_sd - ok
19:36:49.0591 5864 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
19:36:49.0595 5864 sfloppy - ok
19:36:49.0647 5864 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
19:36:49.0680 5864 SharedAccess - ok
19:36:49.0729 5864 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
19:36:49.0748 5864 ShellHWDetection - ok
19:36:49.0786 5864 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
19:36:49.0790 5864 sisagp - ok
19:36:49.0830 5864 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
19:36:49.0833 5864 SiSRaid2 - ok
19:36:49.0850 5864 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
19:36:49.0855 5864 SiSRaid4 - ok
19:36:49.0878 5864 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
19:36:49.0882 5864 Smb - ok
19:36:49.0944 5864 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
19:36:49.0952 5864 SNMPTRAP - ok
19:36:49.0968 5864 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
19:36:49.0972 5864 spldr - ok
19:36:50.0034 5864 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
19:36:50.0054 5864 Spooler - ok
19:36:50.0281 5864 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
19:36:50.0340 5864 sppsvc - ok
19:36:50.0442 5864 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
19:36:50.0449 5864 sppuinotify - ok
19:36:50.0517 5864 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
19:36:50.0538 5864 srv - ok
19:36:50.0573 5864 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
19:36:50.0591 5864 srv2 - ok
19:36:50.0611 5864 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
19:36:50.0628 5864 srvnet - ok
19:36:50.0669 5864 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
19:36:50.0682 5864 SSDPSRV - ok
19:36:50.0704 5864 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
19:36:50.0723 5864 SstpSvc - ok
19:36:50.0748 5864 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
19:36:50.0752 5864 stexstor - ok
19:36:50.0814 5864 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
19:36:50.0840 5864 StiSvc - ok
19:36:50.0871 5864 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
19:36:50.0874 5864 swenum - ok
19:36:50.0906 5864 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
19:36:50.0926 5864 swprv - ok
19:36:50.0981 5864 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
19:36:50.0985 5864 SynTP - ok
19:36:51.0098 5864 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
19:36:51.0136 5864 SysMain - ok
19:36:51.0178 5864 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
19:36:51.0198 5864 TabletInputService - ok
19:36:51.0250 5864 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
19:36:51.0260 5864 TapiSrv - ok
19:36:51.0289 5864 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
19:36:51.0309 5864 TBS - ok
19:36:51.0444 5864 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\drivers\tcpip.sys
19:36:51.0494 5864 Tcpip - ok
19:36:51.0515 5864 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\DRIVERS\tcpip.sys
19:36:51.0529 5864 TCPIP6 - ok
19:36:51.0562 5864 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
19:36:51.0565 5864 tcpipreg - ok
19:36:51.0610 5864 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
19:36:51.0613 5864 tdcmdpst - ok
19:36:51.0644 5864 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
19:36:51.0647 5864 TDPIPE - ok
19:36:51.0684 5864 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
19:36:51.0688 5864 TDTCP - ok
19:36:51.0731 5864 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
19:36:51.0735 5864 tdx - ok
19:36:51.0777 5864 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
19:36:51.0781 5864 TermDD - ok
19:36:51.0843 5864 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
19:36:51.0857 5864 TermService - ok
19:36:51.0886 5864 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
19:36:51.0894 5864 Themes - ok
19:36:51.0928 5864 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
19:36:51.0932 5864 THREADORDER - ok
19:36:52.0039 5864 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:36:52.0043 5864 TMachInfo - ok
19:36:52.0090 5864 TODDSrv (fe65d33b7d4ff07dd1d29526a48df810) C:\Windows\system32\TODDSrv.exe
19:36:52.0106 5864 TODDSrv - ok
19:36:52.0173 5864 TosCoSrv (451b09ba1a0d019ba0b5a27229559d55) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:36:52.0183 5864 TosCoSrv - ok
19:36:52.0237 5864 TOSHIBA eco Utility Service (0b5fa26e0c8a8e07a6df3df4e5711da8) C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:36:52.0251 5864 TOSHIBA eco Utility Service - ok
19:36:52.0276 5864 TOSHIBA HDD SSD Alert Service (94ecabe1ba3559214fe6c3ce6c9677eb) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:36:52.0280 5864 TOSHIBA HDD SSD Alert Service - ok
19:36:52.0361 5864 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
19:36:52.0373 5864 tos_sps32 - ok
19:36:52.0451 5864 TPCHSrv (31d2881b0647f2b09b118b9b50c02888) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:36:52.0465 5864 TPCHSrv - ok
19:36:52.0498 5864 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
19:36:52.0517 5864 TrkWks - ok
19:36:52.0578 5864 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
19:36:52.0593 5864 TrustedInstaller - ok
19:36:52.0615 5864 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
19:36:52.0619 5864 tssecsrv - ok
19:36:52.0679 5864 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
19:36:52.0683 5864 TsUsbFlt - ok
19:36:52.0725 5864 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
19:36:52.0744 5864 tunnel - ok
19:36:52.0780 5864 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:36:52.0783 5864 TVALZ - ok
19:36:52.0815 5864 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
19:36:52.0818 5864 TVALZFL - ok
19:36:52.0856 5864 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
19:36:52.0860 5864 uagp35 - ok
19:36:52.0903 5864 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
19:36:52.0915 5864 udfs - ok
19:36:52.0950 5864 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
19:36:52.0971 5864 UI0Detect - ok
19:36:53.0015 5864 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
19:36:53.0019 5864 uliagpkx - ok
19:36:53.0076 5864 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
19:36:53.0080 5864 umbus - ok
19:36:53.0094 5864 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
19:36:53.0098 5864 UmPass - ok
19:36:53.0126 5864 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
19:36:53.0148 5864 upnphost - ok
19:36:53.0187 5864 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\windows\system32\Drivers\usbaapl.sys
19:36:53.0230 5864 USBAAPL - ok
19:36:53.0267 5864 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
19:36:53.0271 5864 usbccgp - ok
19:36:53.0278 5864 USBCCID - ok
19:36:53.0322 5864 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
19:36:53.0326 5864 usbcir - ok
19:36:53.0359 5864 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
19:36:53.0364 5864 usbehci - ok
19:36:53.0407 5864 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
19:36:53.0413 5864 usbhub - ok
19:36:53.0431 5864 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
19:36:53.0434 5864 usbohci - ok
19:36:53.0467 5864 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
19:36:53.0471 5864 usbprint - ok
19:36:53.0501 5864 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
19:36:53.0523 5864 usbscan - ok
19:36:53.0561 5864 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
19:36:53.0566 5864 USBSTOR - ok
19:36:53.0582 5864 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
19:36:53.0585 5864 usbuhci - ok
19:36:53.0630 5864 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
19:36:53.0646 5864 usbvideo - ok
19:36:53.0673 5864 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
19:36:53.0681 5864 UxSms - ok
19:36:53.0714 5864 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
19:36:53.0718 5864 VaultSvc - ok
19:36:53.0744 5864 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
19:36:53.0748 5864 vdrvroot - ok
19:36:53.0805 5864 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
19:36:53.0820 5864 vds - ok
19:36:53.0852 5864 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
19:36:53.0856 5864 vga - ok
19:36:53.0878 5864 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
19:36:53.0883 5864 VgaSave - ok
19:36:53.0926 5864 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
19:36:53.0941 5864 vhdmp - ok
19:36:53.0979 5864 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
19:36:53.0983 5864 viaagp - ok
19:36:54.0013 5864 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
19:36:54.0017 5864 ViaC7 - ok
19:36:54.0032 5864 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
19:36:54.0036 5864 viaide - ok
19:36:54.0061 5864 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
19:36:54.0065 5864 volmgr - ok
19:36:54.0103 5864 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
19:36:54.0113 5864 volmgrx - ok
19:36:54.0148 5864 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
19:36:54.0160 5864 volsnap - ok
19:36:54.0194 5864 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
19:36:54.0210 5864 vsmraid - ok
19:36:54.0328 5864 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
19:36:54.0353 5864 VSS - ok
19:36:54.0377 5864 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
19:36:54.0380 5864 vwifibus - ok
19:36:54.0414 5864 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
19:36:54.0418 5864 vwififlt - ok
19:36:54.0457 5864 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
19:36:54.0461 5864 vwifimp - ok
19:36:54.0517 5864 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
19:36:54.0540 5864 W32Time - ok
19:36:54.0558 5864 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
19:36:54.0562 5864 WacomPen - ok
19:36:54.0594 5864 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
19:36:54.0598 5864 WANARP - ok
19:36:54.0603 5864 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
19:36:54.0607 5864 Wanarpv6 - ok
19:36:54.0738 5864 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
19:36:54.0775 5864 WatAdminSvc - ok
19:36:54.0877 5864 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
19:36:54.0919 5864 wbengine - ok
19:36:54.0946 5864 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
19:36:54.0962 5864 WbioSrvc - ok
19:36:55.0014 5864 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
19:36:55.0037 5864 wcncsvc - ok
19:36:55.0052 5864 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
19:36:55.0063 5864 WcsPlugInService - ok
19:36:55.0119 5864 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
19:36:55.0123 5864 Wd - ok
19:36:55.0161 5864 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
19:36:55.0176 5864 Wdf01000 - ok
19:36:55.0197 5864 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
19:36:55.0216 5864 WdiServiceHost - ok
19:36:55.0225 5864 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
19:36:55.0232 5864 WdiSystemHost - ok
19:36:55.0296 5864 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
19:36:55.0305 5864 WebClient - ok
19:36:55.0328 5864 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
19:36:55.0345 5864 Wecsvc - ok
19:36:55.0372 5864 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
19:36:55.0392 5864 wercplsupport - ok
19:36:55.0426 5864 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
19:36:55.0446 5864 WerSvc - ok
19:36:55.0483 5864 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
19:36:55.0487 5864 WfpLwf - ok
19:36:55.0516 5864 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
19:36:55.0519 5864 WIMMount - ok
19:36:55.0620 5864 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:36:55.0655 5864 WinDefend - ok
19:36:55.0713 5864 WinDriver6 (032793a8e6288c4c60ff30542eeab22b) C:\windows\system32\drivers\windrvr6.sys
19:36:55.0728 5864 WinDriver6 - ok
19:36:55.0733 5864 WinHttpAutoProxySvc - ok
19:36:55.0816 5864 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
19:36:55.0876 5864 Winmgmt - ok
19:36:55.0991 5864 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
19:36:56.0023 5864 WinRM - ok
19:36:56.0104 5864 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
19:36:56.0108 5864 WinUsb - ok
19:36:56.0204 5864 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
19:36:56.0235 5864 Wlansvc - ok
19:36:56.0273 5864 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
19:36:56.0276 5864 WmiAcpi - ok
19:36:56.0341 5864 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
19:36:56.0357 5864 wmiApSrv - ok
19:36:56.0506 5864 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:36:56.0565 5864 WMPNetworkSvc - ok
19:36:56.0588 5864 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
19:36:56.0597 5864 WPCSvc - ok
19:36:56.0644 5864 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
19:36:56.0651 5864 WPDBusEnum - ok
19:36:56.0700 5864 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
19:36:56.0704 5864 ws2ifsl - ok
19:36:56.0722 5864 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
19:36:56.0742 5864 wscsvc - ok
19:36:56.0751 5864 WSearch - ok
19:36:56.0890 5864 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
19:36:56.0961 5864 wuauserv - ok
19:36:57.0094 5864 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
19:36:57.0101 5864 WudfPf - ok
19:36:57.0151 5864 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
19:36:57.0168 5864 WUDFRd - ok
19:36:57.0198 5864 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
19:36:57.0218 5864 wudfsvc - ok
19:36:57.0259 5864 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
19:36:57.0296 5864 WwanSvc - ok
19:36:57.0365 5864 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
19:36:57.0659 5864 \Device\Harddisk0\DR0 - ok
19:36:57.0694 5864 Boot (0x1200) (114a2452ee90c275ce0e55817262c138) \Device\Harddisk0\DR0\Partition0
19:36:57.0697 5864 \Device\Harddisk0\DR0\Partition0 - ok
19:36:57.0697 5864 ============================================================
19:36:57.0697 5864 Scan finished
19:36:57.0697 5864 ============================================================
19:36:57.0717 4220 Detected object count: 0
19:36:57.0717 4220 Actual detected object count: 0
19:37:22.0988 4580 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-13 19:48:11
-----------------------------
19:48:11.255 OS Version: Windows 6.1.7601 Service Pack 1
19:48:11.255 Number of processors: 2 586 0x170A
19:48:11.259 ComputerName: THESITUATION-PC UserName: The Situation
19:48:13.031 Initialize success
19:48:19.884 AVAST engine defs: 12081301
19:48:23.623 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:48:23.627 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
19:48:23.698 Disk 0 MBR read successfully
19:48:23.703 Disk 0 MBR scan
19:48:23.712 Disk 0 Windows VISTA default MBR code
19:48:23.731 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
19:48:23.757 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 295547 MB offset 3074048
19:48:23.803 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8197 MB offset 608354304
19:48:23.822 Disk 0 scanning sectors +625141760
19:48:23.877 Disk 0 scanning C:\windows\system32\drivers
19:48:43.581 Service scanning
19:49:12.877 Modules scanning
19:49:26.042 Disk 0 trace - called modules:
19:49:26.443 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys iaStor.sys halmacpi.dll
19:49:26.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fff7f0]
19:49:26.462 3 CLASSPNP.SYS[8ba6f59e] -> nt!IofCallDriver -> [0x86fff020]
19:49:26.472 5 PCTCore.sys[8b3616a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861ef028]
19:49:28.017 AVAST engine scan C:\windows
19:49:40.592 AVAST engine scan C:\windows\system32
19:53:39.931 File: C:\windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
19:55:14.780 AVAST engine scan C:\windows\system32\drivers
19:55:55.230 AVAST engine scan C:\Users\The Situation
20:09:04.637 AVAST engine scan C:\ProgramData
20:16:29.017 Scan finished successfully
20:16:49.532 Disk 0 MBR has been saved successfully to "C:\Users\The Situation\Documents\MBR.dat"
20:16:49.543 The log file has been saved successfully to "C:\Users\The Situation\Documents\aswMBR1.txt"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users