Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avg detected trojan


  • Please log in to reply
9 replies to this topic

#1 mikagami

mikagami

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 PM

Posted 14 August 2012 - 09:47 PM

Hi. I'm unsure what I need to post here, but here goes: my Mcafee internet security scan told me that Windows firewall was disabled and after trying to get it running I was given error code 0x80070424. After downloading running Avast I was notified by AVG resident shield that I had a threat, a generic desktop.ini trojan virus. It wouldn't allow me to quarantine or delete the virus. Here is my TDSS killer report:

19:39:29.0235 4164 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
19:39:29.0723 4164 ============================================================
19:39:29.0723 4164 Current date / time: 2012/08/14 19:39:29.0723
19:39:29.0723 4164 SystemInfo:
19:39:29.0723 4164
19:39:29.0723 4164 OS Version: 6.1.7601 ServicePack: 1.0
19:39:29.0723 4164 Product type: Workstation
19:39:29.0723 4164 ComputerName: MIKA-HP
19:39:29.0724 4164 UserName: mika
19:39:29.0724 4164 Windows directory: C:\Windows
19:39:29.0724 4164 System windows directory: C:\Windows
19:39:29.0724 4164 Running under WOW64
19:39:29.0724 4164 Processor architecture: Intel x64
19:39:29.0724 4164 Number of processors: 2
19:39:29.0724 4164 Page size: 0x1000
19:39:29.0724 4164 Boot type: Normal boot
19:39:29.0724 4164 ============================================================
19:39:30.0157 4164 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:30.0170 4164 ============================================================
19:39:30.0170 4164 \Device\Harddisk0\DR0:
19:39:30.0170 4164 MBR partitions:
19:39:30.0170 4164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:39:30.0170 4164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FE8800
19:39:30.0170 4164 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7301B000, BlocksNum 0x16EB000
19:39:30.0171 4164 ============================================================
19:39:30.0184 4164 C: <-> \Device\Harddisk0\DR0\Partition2
19:39:30.0226 4164 D: <-> \Device\Harddisk0\DR0\Partition3
19:39:30.0226 4164 ============================================================
19:39:30.0227 4164 Initialize success
19:39:30.0227 4164 ============================================================
19:39:31.0684 6132 ============================================================
19:39:31.0684 6132 Scan started
19:39:31.0684 6132 Mode: Manual;
19:39:31.0684 6132 ============================================================
19:39:31.0809 6132 ================ Scan services =============================
19:39:31.0918 6132 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:39:31.0921 6132 1394ohci - ok
19:39:31.0955 6132 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:39:31.0959 6132 ACPI - ok
19:39:31.0973 6132 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:39:31.0975 6132 AcpiPmi - ok
19:39:32.0023 6132 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:39:32.0025 6132 AdobeARMservice - ok
19:39:32.0097 6132 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:39:32.0100 6132 AdobeFlashPlayerUpdateSvc - ok
19:39:32.0121 6132 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:39:32.0126 6132 adp94xx - ok
19:39:32.0146 6132 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:39:32.0150 6132 adpahci - ok
19:39:32.0166 6132 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:39:32.0168 6132 adpu320 - ok
19:39:32.0213 6132 [ 96d6cdd0b32846e8cfbe592f4f32e608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
19:39:32.0219 6132 AdvancedSystemCareService5 - ok
19:39:32.0238 6132 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:39:32.0239 6132 AeLookupSvc - ok
19:39:32.0283 6132 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:39:32.0287 6132 AFD - ok
19:39:32.0309 6132 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:39:32.0310 6132 agp440 - ok
19:39:32.0322 6132 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
19:39:32.0323 6132 ALG - ok
19:39:32.0348 6132 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:39:32.0349 6132 aliide - ok
19:39:32.0364 6132 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
19:39:32.0365 6132 amdide - ok
19:39:32.0394 6132 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:39:32.0395 6132 AmdK8 - ok
19:39:32.0406 6132 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:39:32.0407 6132 AmdPPM - ok
19:39:32.0432 6132 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:39:32.0434 6132 amdsata - ok
19:39:32.0455 6132 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:39:32.0457 6132 amdsbs - ok
19:39:32.0468 6132 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:39:32.0469 6132 amdxata - ok
19:39:32.0482 6132 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
19:39:32.0483 6132 AppID - ok
19:39:32.0495 6132 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:39:32.0496 6132 AppIDSvc - ok
19:39:32.0507 6132 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:39:32.0509 6132 Appinfo - ok
19:39:32.0564 6132 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:39:32.0566 6132 Apple Mobile Device - ok
19:39:32.0587 6132 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
19:39:32.0589 6132 arc - ok
19:39:32.0604 6132 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:39:32.0605 6132 arcsas - ok
19:39:32.0682 6132 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:39:32.0683 6132 aspnet_state - ok
19:39:32.0731 6132 [ df59b8e8df0bd2e0e303778a3806a17d ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:39:32.0732 6132 aswFsBlk - ok
19:39:32.0768 6132 [ f8e6ab4f876feff69250f2e0c29ef004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:39:32.0770 6132 aswMonFlt - ok
19:39:32.0823 6132 [ aa92bc4bcba40ca3aa3ffd1be24f0c09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:39:32.0824 6132 aswRdr - ok
19:39:32.0854 6132 [ f06e230e1e8ca9437a6474b7b551cd37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:39:32.0862 6132 aswSnx - ok
19:39:32.0878 6132 [ 3610ca74a69e380424f0452dec5c1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:39:32.0881 6132 aswSP - ok
19:39:32.0895 6132 [ 87de3e31cb0091d22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:39:32.0896 6132 aswTdi - ok
19:39:32.0909 6132 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:39:32.0910 6132 AsyncMac - ok
19:39:32.0923 6132 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
19:39:32.0924 6132 atapi - ok
19:39:32.0951 6132 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:39:32.0955 6132 AudioEndpointBuilder - ok
19:39:32.0964 6132 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:39:32.0969 6132 AudioSrv - ok
19:39:33.0068 6132 [ 2f7c0f3e39c45e0127fb78b2f18a41f3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:39:33.0070 6132 avast! Antivirus - ok
19:39:33.0216 6132 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:39:33.0245 6132 AVGIDSAgent - ok
19:39:33.0292 6132 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:39:33.0294 6132 AVGIDSDriver - ok
19:39:33.0297 6132 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:39:33.0298 6132 AVGIDSFilter - ok
19:39:33.0306 6132 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:39:33.0307 6132 AVGIDSHA - ok
19:39:33.0325 6132 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:39:33.0327 6132 Avgldx64 - ok
19:39:33.0333 6132 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:39:33.0334 6132 Avgmfx64 - ok
19:39:33.0340 6132 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:39:33.0342 6132 Avgrkx64 - ok
19:39:33.0356 6132 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:39:33.0359 6132 Avgtdia - ok
19:39:33.0379 6132 [ 3c8f504fa1df6a77b173bdbd0a79e334 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:39:33.0380 6132 avgtp - ok
19:39:33.0403 6132 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:39:33.0405 6132 avgwd - ok
19:39:33.0416 6132 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:39:33.0419 6132 AxInstSV - ok
19:39:33.0448 6132 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:39:33.0453 6132 b06bdrv - ok
19:39:33.0480 6132 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:39:33.0483 6132 b57nd60a - ok
19:39:33.0502 6132 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:39:33.0505 6132 BDESVC - ok
19:39:33.0514 6132 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:39:33.0516 6132 Beep - ok
19:39:33.0556 6132 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
19:39:33.0562 6132 BFE - ok
19:39:33.0592 6132 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
19:39:33.0601 6132 BITS - ok
19:39:33.0616 6132 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:39:33.0617 6132 blbdrive - ok
19:39:33.0651 6132 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:39:33.0654 6132 Bonjour Service - ok
19:39:33.0674 6132 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:39:33.0676 6132 bowser - ok
19:39:33.0684 6132 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:39:33.0685 6132 BrFiltLo - ok
19:39:33.0694 6132 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:39:33.0695 6132 BrFiltUp - ok
19:39:33.0714 6132 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
19:39:33.0716 6132 Browser - ok
19:39:33.0733 6132 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:39:33.0735 6132 Brserid - ok
19:39:33.0749 6132 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:39:33.0750 6132 BrSerWdm - ok
19:39:33.0762 6132 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:39:33.0763 6132 BrUsbMdm - ok
19:39:33.0768 6132 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:39:33.0769 6132 BrUsbSer - ok
19:39:33.0791 6132 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:39:33.0792 6132 BTHMODEM - ok
19:39:33.0810 6132 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
19:39:33.0812 6132 bthserv - ok
19:39:33.0821 6132 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:39:33.0822 6132 cdfs - ok
19:39:33.0847 6132 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:39:33.0849 6132 cdrom - ok
19:39:33.0858 6132 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
19:39:33.0859 6132 CertPropSvc - ok
19:39:33.0868 6132 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
19:39:33.0869 6132 circlass - ok
19:39:33.0883 6132 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
19:39:33.0886 6132 CLFS - ok
19:39:33.0976 6132 [ 882e3973505c441ce000133c821d0edd ] CLPSLS C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
19:39:33.0983 6132 CLPSLS - ok
19:39:34.0042 6132 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:39:34.0043 6132 clr_optimization_v2.0.50727_32 - ok
19:39:34.0152 6132 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:39:34.0154 6132 clr_optimization_v2.0.50727_64 - ok
19:39:34.0189 6132 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:39:34.0191 6132 clr_optimization_v4.0.30319_32 - ok
19:39:34.0210 6132 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:39:34.0212 6132 clr_optimization_v4.0.30319_64 - ok
19:39:34.0227 6132 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:39:34.0228 6132 CmBatt - ok
19:39:34.0315 6132 [ cee48ccc4d561ddb19c72f9fb55d28d5 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
19:39:34.0330 6132 cmdAgent - ok
19:39:34.0357 6132 [ 0599d5a458d4e0e37ab84e9d1c5c73e5 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
19:39:34.0360 6132 cmdGuard - ok
19:39:34.0384 6132 [ 2d3e08c7106f748f9eff3dec14142d3e ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
19:39:34.0385 6132 cmdHlp - ok
19:39:34.0396 6132 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:39:34.0397 6132 cmdide - ok
19:39:34.0422 6132 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
19:39:34.0425 6132 CNG - ok
19:39:34.0441 6132 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:39:34.0442 6132 Compbatt - ok
19:39:34.0453 6132 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:39:34.0454 6132 CompositeBus - ok
19:39:34.0457 6132 COMSysApp - ok
19:39:34.0473 6132 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:39:34.0474 6132 crcdisk - ok
19:39:34.0514 6132 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:39:34.0517 6132 CryptSvc - ok
19:39:34.0548 6132 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:39:34.0554 6132 DcomLaunch - ok
19:39:34.0582 6132 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
19:39:34.0585 6132 defragsvc - ok
19:39:34.0599 6132 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:39:34.0601 6132 DfsC - ok
19:39:34.0615 6132 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
19:39:34.0618 6132 Dhcp - ok
19:39:34.0627 6132 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
19:39:34.0628 6132 discache - ok
19:39:34.0640 6132 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
19:39:34.0642 6132 Disk - ok
19:39:34.0682 6132 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:39:34.0685 6132 Dnscache - ok
19:39:34.0711 6132 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:39:34.0715 6132 dot3svc - ok
19:39:34.0720 6132 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
19:39:34.0722 6132 DPS - ok
19:39:34.0739 6132 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:39:34.0740 6132 drmkaud - ok
19:39:34.0777 6132 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:39:34.0783 6132 DXGKrnl - ok
19:39:34.0792 6132 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:39:34.0794 6132 EapHost - ok
19:39:34.0866 6132 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:39:34.0885 6132 ebdrv - ok
19:39:34.0914 6132 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
19:39:34.0916 6132 EFS - ok
19:39:34.0958 6132 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:39:34.0963 6132 ehRecvr - ok
19:39:34.0976 6132 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
19:39:34.0977 6132 ehSched - ok
19:39:35.0008 6132 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:39:35.0011 6132 elxstor - ok
19:39:35.0033 6132 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:39:35.0034 6132 ErrDev - ok
19:39:35.0068 6132 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
19:39:35.0071 6132 EventSystem - ok
19:39:35.0091 6132 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
19:39:35.0093 6132 exfat - ok
19:39:35.0111 6132 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:39:35.0113 6132 fastfat - ok
19:39:35.0134 6132 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
19:39:35.0139 6132 Fax - ok
19:39:35.0167 6132 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
19:39:35.0169 6132 fdc - ok
19:39:35.0179 6132 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:39:35.0181 6132 fdPHost - ok
19:39:35.0192 6132 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:39:35.0194 6132 FDResPub - ok
19:39:35.0205 6132 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:39:35.0206 6132 FileInfo - ok
19:39:35.0246 6132 [ 060cc45cecae2feaff9c8c52d8fafaa8 ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
19:39:35.0247 6132 FileMonitor - ok
19:39:35.0251 6132 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:39:35.0252 6132 Filetrace - ok
19:39:35.0265 6132 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:39:35.0266 6132 flpydisk - ok
19:39:35.0289 6132 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:39:35.0292 6132 FltMgr - ok
19:39:35.0323 6132 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
19:39:35.0331 6132 FontCache - ok
19:39:35.0381 6132 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:39:35.0382 6132 FontCache3.0.0.0 - ok
19:39:35.0393 6132 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:39:35.0395 6132 FsDepends - ok
19:39:35.0412 6132 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:39:35.0413 6132 Fs_Rec - ok
19:39:35.0426 6132 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:39:35.0428 6132 fvevol - ok
19:39:35.0450 6132 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:39:35.0451 6132 gagp30kx - ok
19:39:35.0472 6132 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:39:35.0475 6132 GamesAppService - ok
19:39:35.0487 6132 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:39:35.0488 6132 GEARAspiWDM - ok
19:39:35.0513 6132 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
19:39:35.0519 6132 gpsvc - ok
19:39:35.0535 6132 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:39:35.0536 6132 hcw85cir - ok
19:39:35.0557 6132 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:39:35.0560 6132 HdAudAddService - ok
19:39:35.0575 6132 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:39:35.0577 6132 HDAudBus - ok
19:39:35.0593 6132 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:39:35.0594 6132 HidBatt - ok
19:39:35.0607 6132 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:39:35.0608 6132 HidBth - ok
19:39:35.0620 6132 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:39:35.0621 6132 HidIr - ok
19:39:35.0636 6132 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
19:39:35.0638 6132 hidserv - ok
19:39:35.0642 6132 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:39:35.0643 6132 HidUsb - ok
19:39:35.0665 6132 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:39:35.0667 6132 hkmsvc - ok
19:39:35.0679 6132 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:39:35.0683 6132 HomeGroupListener - ok
19:39:35.0705 6132 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:39:35.0709 6132 HomeGroupProvider - ok
19:39:35.0768 6132 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:39:35.0770 6132 HP Support Assistant Service - ok
19:39:35.0799 6132 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:39:35.0801 6132 HPClientSvc - ok
19:39:35.0824 6132 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:39:35.0827 6132 HPDrvMntSvc.exe - ok
19:39:35.0849 6132 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:39:35.0854 6132 hpqwmiex - ok
19:39:35.0871 6132 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:39:35.0873 6132 HpSAMD - ok
19:39:35.0896 6132 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:39:35.0901 6132 HTTP - ok
19:39:35.0915 6132 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:39:35.0916 6132 hwpolicy - ok
19:39:35.0931 6132 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:39:35.0933 6132 i8042prt - ok
19:39:35.0951 6132 [ 26cf4275034214ecedd8ec17b0a18a99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:39:35.0955 6132 iaStor - ok
19:39:35.0974 6132 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:39:35.0980 6132 iaStorV - ok
19:39:36.0018 6132 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:39:36.0023 6132 idsvc - ok
19:39:36.0227 6132 [ efe5a0af39a8e179624117c521f1e012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:39:36.0291 6132 igfx - ok
19:39:36.0317 6132 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:39:36.0318 6132 iirsp - ok
19:39:36.0346 6132 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
19:39:36.0352 6132 IKEEXT - ok
19:39:36.0376 6132 [ 8ae99ebe30e8338907361018d9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
19:39:36.0381 6132 IMFservice - ok
19:39:36.0393 6132 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
19:39:36.0395 6132 Impcd - ok
19:39:36.0430 6132 [ efff0afd27cc97bf0e5e0bab78419de7 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
19:39:36.0431 6132 inspect - ok
19:39:36.0494 6132 [ 392d5c87f282e8e36df5154418a7bb20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:39:36.0509 6132 IntcAzAudAddService - ok
19:39:36.0539 6132 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
19:39:36.0540 6132 intelide - ok
19:39:36.0550 6132 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:39:36.0551 6132 intelppm - ok
19:39:36.0563 6132 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:39:36.0566 6132 IPBusEnum - ok
19:39:36.0577 6132 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:39:36.0578 6132 IpFilterDriver - ok
19:39:36.0587 6132 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:39:36.0588 6132 IPMIDRV - ok
19:39:36.0593 6132 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:39:36.0595 6132 IPNAT - ok
19:39:36.0648 6132 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:39:36.0653 6132 iPod Service - ok
19:39:36.0669 6132 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:39:36.0670 6132 IRENUM - ok
19:39:36.0688 6132 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:39:36.0689 6132 isapnp - ok
19:39:36.0704 6132 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:39:36.0706 6132 iScsiPrt - ok
19:39:36.0718 6132 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:39:36.0719 6132 kbdclass - ok
19:39:36.0726 6132 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:39:36.0727 6132 kbdhid - ok
19:39:36.0738 6132 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
19:39:36.0740 6132 KeyIso - ok
19:39:36.0753 6132 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:39:36.0754 6132 KSecDD - ok
19:39:36.0771 6132 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:39:36.0773 6132 KSecPkg - ok
19:39:36.0794 6132 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:39:36.0796 6132 ksthunk - ok
19:39:36.0815 6132 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
19:39:36.0819 6132 KtmRm - ok
19:39:36.0842 6132 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:39:36.0846 6132 LanmanServer - ok
19:39:36.0858 6132 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:39:36.0862 6132 LanmanWorkstation - ok
19:39:36.0885 6132 [ acec35f181075b20a5ef4a71958b13df ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:39:36.0886 6132 libusb0 - ok
19:39:36.0898 6132 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:39:36.0900 6132 lltdio - ok
19:39:36.0923 6132 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:39:36.0927 6132 lltdsvc - ok
19:39:36.0943 6132 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:39:36.0946 6132 lmhosts - ok
19:39:36.0975 6132 [ d75c4b4a8fe6d7fd74a7eecdbaec729f ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:39:36.0979 6132 LMS - ok
19:39:36.0996 6132 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:39:36.0997 6132 LSI_FC - ok
19:39:37.0013 6132 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:39:37.0014 6132 LSI_SAS - ok
19:39:37.0023 6132 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:39:37.0025 6132 LSI_SAS2 - ok
19:39:37.0049 6132 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:39:37.0051 6132 LSI_SCSI - ok
19:39:37.0069 6132 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
19:39:37.0070 6132 luafv - ok
19:39:37.0138 6132 [ 22a7776c5d8eb5930edf9c8dd0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
19:39:37.0141 6132 McComponentHostService - ok
19:39:37.0158 6132 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:39:37.0162 6132 Mcx2Svc - ok
19:39:37.0176 6132 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:39:37.0179 6132 megasas - ok
19:39:37.0207 6132 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:39:37.0209 6132 MegaSR - ok
19:39:37.0223 6132 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
19:39:37.0225 6132 MEIx64 - ok
19:39:37.0238 6132 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
19:39:37.0241 6132 MMCSS - ok
19:39:37.0264 6132 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:39:37.0266 6132 Modem - ok
19:39:37.0279 6132 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:39:37.0280 6132 monitor - ok
19:39:37.0303 6132 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:39:37.0304 6132 mouclass - ok
19:39:37.0327 6132 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:39:37.0328 6132 mouhid - ok
19:39:37.0344 6132 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:39:37.0346 6132 mountmgr - ok
19:39:37.0379 6132 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:39:37.0380 6132 MozillaMaintenance - ok
19:39:37.0402 6132 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:39:37.0404 6132 mpio - ok
19:39:37.0416 6132 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:39:37.0417 6132 mpsdrv - ok
19:39:37.0471 6132 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:39:37.0478 6132 MpsSvc - ok
19:39:37.0489 6132 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:39:37.0491 6132 MRxDAV - ok
19:39:37.0507 6132 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:39:37.0508 6132 mrxsmb - ok
19:39:37.0525 6132 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:39:37.0527 6132 mrxsmb10 - ok
19:39:37.0542 6132 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:39:37.0544 6132 mrxsmb20 - ok
19:39:37.0558 6132 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:39:37.0559 6132 msahci - ok
19:39:37.0584 6132 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:39:37.0586 6132 msdsm - ok
19:39:37.0598 6132 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
19:39:37.0601 6132 MSDTC - ok
19:39:37.0631 6132 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:39:37.0632 6132 Msfs - ok
19:39:37.0659 6132 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:39:37.0659 6132 mshidkmdf - ok
19:39:37.0673 6132 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:39:37.0674 6132 msisadrv - ok
19:39:37.0697 6132 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:39:37.0700 6132 MSiSCSI - ok
19:39:37.0705 6132 msiserver - ok
19:39:37.0718 6132 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:39:37.0719 6132 MSKSSRV - ok
19:39:37.0734 6132 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:39:37.0735 6132 MSPCLOCK - ok
19:39:37.0744 6132 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:39:37.0745 6132 MSPQM - ok
19:39:37.0761 6132 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:39:37.0764 6132 MsRPC - ok
19:39:37.0785 6132 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:39:37.0787 6132 mssmbios - ok
19:39:37.0803 6132 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:39:37.0804 6132 MSTEE - ok
19:39:37.0818 6132 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:39:37.0819 6132 MTConfig - ok
19:39:37.0829 6132 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:39:37.0831 6132 Mup - ok
19:39:37.0861 6132 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
19:39:37.0866 6132 napagent - ok
19:39:37.0881 6132 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:39:37.0883 6132 NativeWifiP - ok
19:39:37.0897 6132 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
19:39:37.0903 6132 NDIS - ok
19:39:37.0927 6132 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:39:37.0928 6132 NdisCap - ok
19:39:37.0943 6132 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:39:37.0944 6132 NdisTapi - ok
19:39:37.0959 6132 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:39:37.0961 6132 Ndisuio - ok
19:39:37.0978 6132 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:39:37.0980 6132 NdisWan - ok
19:39:37.0996 6132 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:39:37.0997 6132 NDProxy - ok
19:39:38.0005 6132 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:39:38.0006 6132 NetBIOS - ok
19:39:38.0024 6132 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:39:38.0026 6132 NetBT - ok
19:39:38.0030 6132 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
19:39:38.0033 6132 Netlogon - ok
19:39:38.0047 6132 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
19:39:38.0051 6132 Netman - ok
19:39:38.0064 6132 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:38.0066 6132 NetMsmqActivator - ok
19:39:38.0075 6132 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:38.0077 6132 NetPipeActivator - ok
19:39:38.0085 6132 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
19:39:38.0090 6132 netprofm - ok
19:39:38.0094 6132 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:38.0096 6132 NetTcpActivator - ok
19:39:38.0102 6132 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:38.0104 6132 NetTcpPortSharing - ok
19:39:38.0123 6132 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:39:38.0124 6132 nfrd960 - ok
19:39:38.0141 6132 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:39:38.0146 6132 NlaSvc - ok
19:39:38.0155 6132 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:39:38.0157 6132 Npfs - ok
19:39:38.0161 6132 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:39:38.0164 6132 nsi - ok
19:39:38.0174 6132 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:39:38.0175 6132 nsiproxy - ok
19:39:38.0221 6132 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:39:38.0231 6132 Ntfs - ok
19:39:38.0237 6132 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
19:39:38.0238 6132 Null - ok
19:39:38.0284 6132 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:39:38.0285 6132 nvraid - ok
19:39:38.0302 6132 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:39:38.0305 6132 nvstor - ok
19:39:38.0344 6132 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:39:38.0345 6132 nv_agp - ok
19:39:38.0354 6132 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:39:38.0355 6132 ohci1394 - ok
19:39:38.0373 6132 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:39:38.0377 6132 p2pimsvc - ok
19:39:38.0404 6132 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:39:38.0409 6132 p2psvc - ok
19:39:38.0422 6132 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:39:38.0423 6132 Parport - ok
19:39:38.0442 6132 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:39:38.0444 6132 partmgr - ok
19:39:38.0453 6132 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:39:38.0456 6132 PcaSvc - ok
19:39:38.0481 6132 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
19:39:38.0482 6132 pci - ok
19:39:38.0501 6132 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
19:39:38.0509 6132 pciide - ok
19:39:38.0528 6132 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:39:38.0530 6132 pcmcia - ok
19:39:38.0541 6132 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:39:38.0543 6132 pcw - ok
19:39:38.0568 6132 pdfcDispatcher - ok
19:39:38.0590 6132 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:39:38.0597 6132 PEAUTH - ok
19:39:38.0685 6132 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:39:38.0690 6132 PerfHost - ok
19:39:38.0733 6132 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
19:39:38.0744 6132 pla - ok
19:39:38.0780 6132 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:39:38.0785 6132 PlugPlay - ok
19:39:38.0789 6132 PnkBstrA - ok
19:39:38.0804 6132 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:39:38.0807 6132 PNRPAutoReg - ok
19:39:38.0814 6132 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:39:38.0818 6132 PNRPsvc - ok
19:39:38.0850 6132 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:39:38.0854 6132 PolicyAgent - ok
19:39:38.0866 6132 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
19:39:38.0870 6132 Power - ok
19:39:38.0883 6132 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:39:38.0886 6132 PptpMiniport - ok
19:39:38.0907 6132 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
19:39:38.0908 6132 Processor - ok
19:39:38.0937 6132 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:39:38.0941 6132 ProfSvc - ok
19:39:38.0960 6132 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:39:38.0963 6132 ProtectedStorage - ok
19:39:38.0989 6132 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:39:38.0991 6132 Psched - ok
19:39:39.0029 6132 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:39:39.0037 6132 ql2300 - ok
19:39:39.0061 6132 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:39:39.0064 6132 ql40xx - ok
19:39:39.0085 6132 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
19:39:39.0089 6132 QWAVE - ok
19:39:39.0100 6132 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:39:39.0101 6132 QWAVEdrv - ok
19:39:39.0112 6132 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:39:39.0114 6132 RasAcd - ok
19:39:39.0145 6132 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:39:39.0146 6132 RasAgileVpn - ok
19:39:39.0155 6132 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
19:39:39.0158 6132 RasAuto - ok
19:39:39.0170 6132 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:39:39.0171 6132 Rasl2tp - ok
19:39:39.0186 6132 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
19:39:39.0190 6132 RasMan - ok
19:39:39.0203 6132 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:39:39.0205 6132 RasPppoe - ok
19:39:39.0217 6132 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:39:39.0218 6132 RasSstp - ok
19:39:39.0232 6132 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:39:39.0235 6132 rdbss - ok
19:39:39.0248 6132 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:39:39.0250 6132 rdpbus - ok
19:39:39.0264 6132 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:39:39.0265 6132 RDPCDD - ok
19:39:39.0280 6132 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:39:39.0281 6132 RDPENCDD - ok
19:39:39.0291 6132 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:39:39.0292 6132 RDPREFMP - ok
19:39:39.0318 6132 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:39:39.0320 6132 RDPWD - ok
19:39:39.0336 6132 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:39:39.0339 6132 rdyboost - ok
19:39:39.0392 6132 [ 5f9ac3243c206ec95f32e4348ae67c13 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
19:39:39.0393 6132 RegFilter - ok
19:39:39.0415 6132 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:39:39.0417 6132 RemoteAccess - ok
19:39:39.0445 6132 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:39:39.0449 6132 RemoteRegistry - ok
19:39:39.0462 6132 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:39:39.0465 6132 RpcEptMapper - ok
19:39:39.0488 6132 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
19:39:39.0490 6132 RpcLocator - ok
19:39:39.0502 6132 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
19:39:39.0508 6132 RpcSs - ok
19:39:39.0520 6132 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:39:39.0522 6132 rspndr - ok
19:39:39.0544 6132 [ f4c374b1c46de294b573bb43723ac3f6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:39:39.0548 6132 RTL8167 - ok
19:39:39.0560 6132 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
19:39:39.0562 6132 SamSs - ok
19:39:39.0575 6132 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:39:39.0577 6132 sbp2port - ok
19:39:39.0581 6132 SBRE - ok
19:39:39.0596 6132 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:39:39.0599 6132 SCardSvr - ok
19:39:39.0614 6132 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:39:39.0615 6132 scfilter - ok
19:39:39.0641 6132 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
19:39:39.0650 6132 Schedule - ok
19:39:39.0670 6132 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
19:39:39.0672 6132 SCPolicySvc - ok
19:39:39.0688 6132 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:39:39.0691 6132 SDRSVC - ok
19:39:39.0701 6132 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:39:39.0702 6132 secdrv - ok
19:39:39.0726 6132 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
19:39:39.0729 6132 seclogon - ok
19:39:39.0740 6132 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
19:39:39.0743 6132 SENS - ok
19:39:39.0755 6132 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:39:39.0759 6132 SensrSvc - ok
19:39:39.0777 6132 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
19:39:39.0778 6132 Serenum - ok
19:39:39.0789 6132 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
19:39:39.0791 6132 Serial - ok
19:39:39.0805 6132 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:39:39.0806 6132 sermouse - ok
19:39:39.0829 6132 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:39:39.0833 6132 SessionEnv - ok
19:39:39.0850 6132 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:39:39.0851 6132 sffdisk - ok
19:39:39.0867 6132 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:39:39.0868 6132 sffp_mmc - ok
19:39:39.0891 6132 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:39:39.0892 6132 sffp_sd - ok
19:39:39.0901 6132 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:39:39.0902 6132 sfloppy - ok
19:39:39.0924 6132 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:39:39.0929 6132 ShellHWDetection - ok
19:39:39.0946 6132 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:39:39.0947 6132 SiSRaid2 - ok
19:39:39.0972 6132 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:39:39.0973 6132 SiSRaid4 - ok
19:39:40.0002 6132 [ dd0443bc6cc78a19fd399817f8c51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
19:39:40.0003 6132 SmartDefragDriver - ok
19:39:40.0016 6132 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:39:40.0017 6132 Smb - ok
19:39:40.0037 6132 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:39:40.0040 6132 SNMPTRAP - ok
19:39:40.0049 6132 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:39:40.0050 6132 spldr - ok
19:39:40.0069 6132 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
19:39:40.0075 6132 Spooler - ok
19:39:40.0133 6132 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
19:39:40.0155 6132 sppsvc - ok
19:39:40.0169 6132 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:39:40.0172 6132 sppuinotify - ok
19:39:40.0199 6132 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
19:39:40.0202 6132 srv - ok
19:39:40.0223 6132 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:39:40.0226 6132 srv2 - ok
19:39:40.0242 6132 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:39:40.0244 6132 srvnet - ok
19:39:40.0265 6132 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:39:40.0269 6132 SSDPSRV - ok
19:39:40.0279 6132 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:39:40.0282 6132 SstpSvc - ok
19:39:40.0309 6132 Steam Client Service - ok
19:39:40.0323 6132 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:39:40.0324 6132 stexstor - ok
19:39:40.0344 6132 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
19:39:40.0350 6132 stisvc - ok
19:39:40.0363 6132 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:39:40.0364 6132 swenum - ok
19:39:40.0402 6132 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
19:39:40.0407 6132 swprv - ok
19:39:40.0441 6132 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
19:39:40.0453 6132 SysMain - ok
19:39:40.0486 6132 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:39:40.0490 6132 TabletInputService - ok
19:39:40.0498 6132 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:39:40.0503 6132 TapiSrv - ok
19:39:40.0524 6132 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
19:39:40.0527 6132 TBS - ok
19:39:40.0576 6132 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:39:40.0587 6132 Tcpip - ok
19:39:40.0626 6132 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:39:40.0637 6132 TCPIP6 - ok
19:39:40.0661 6132 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:39:40.0663 6132 tcpipreg - ok
19:39:40.0693 6132 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:39:40.0694 6132 TDPIPE - ok
19:39:40.0714 6132 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:39:40.0715 6132 TDTCP - ok
19:39:40.0735 6132 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:39:40.0737 6132 tdx - ok
19:39:40.0753 6132 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:39:40.0755 6132 TermDD - ok
19:39:40.0781 6132 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
19:39:40.0788 6132 TermService - ok
19:39:40.0803 6132 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
19:39:40.0806 6132 Themes - ok
19:39:40.0818 6132 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
19:39:40.0820 6132 THREADORDER - ok
19:39:40.0834 6132 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
19:39:40.0837 6132 TrkWks - ok
19:39:40.0875 6132 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:39:40.0877 6132 TrustedInstaller - ok
19:39:40.0892 6132 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:39:40.0894 6132 tssecsrv - ok
19:39:40.0915 6132 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:39:40.0916 6132 TsUsbFlt - ok
19:39:40.0935 6132 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:39:40.0936 6132 TsUsbGD - ok
19:39:40.0951 6132 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:39:40.0953 6132 tunnel - ok
19:39:40.0979 6132 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:39:40.0980 6132 uagp35 - ok
19:39:40.0996 6132 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:39:40.0998 6132 udfs - ok
19:39:41.0009 6132 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:39:41.0013 6132 UI0Detect - ok
19:39:41.0028 6132 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:39:41.0029 6132 uliagpkx - ok
19:39:41.0045 6132 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:39:41.0046 6132 umbus - ok
19:39:41.0074 6132 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
19:39:41.0075 6132 UmPass - ok
19:39:41.0156 6132 [ 758c2ce427c343f780a205e28555c98d ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:39:41.0176 6132 UNS - ok
19:39:41.0213 6132 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
19:39:41.0218 6132 upnphost - ok
19:39:41.0234 6132 [ 241080f1b28e68f0d00f8f1066a3780d ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
19:39:41.0235 6132 UrlFilter - ok
19:39:41.0257 6132 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:39:41.0259 6132 usbccgp - ok
19:39:41.0277 6132 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:39:41.0279 6132 usbcir - ok
19:39:41.0298 6132 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:39:41.0299 6132 usbehci - ok
19:39:41.0317 6132 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:39:41.0320 6132 usbhub - ok
19:39:41.0331 6132 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:39:41.0332 6132 usbohci - ok
19:39:41.0345 6132 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:39:41.0346 6132 usbprint - ok
19:39:41.0360 6132 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:39:41.0361 6132 USBSTOR - ok
19:39:41.0377 6132 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:39:41.0378 6132 usbuhci - ok
19:39:41.0383 6132 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
19:39:41.0388 6132 UxSms - ok
19:39:41.0400 6132 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
19:39:41.0402 6132 VaultSvc - ok
19:39:41.0420 6132 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:39:41.0421 6132 vdrvroot - ok
19:39:41.0440 6132 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
19:39:41.0446 6132 vds - ok
19:39:41.0462 6132 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:39:41.0463 6132 vga - ok
19:39:41.0474 6132 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
19:39:41.0475 6132 VgaSave - ok
19:39:41.0494 6132 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:39:41.0496 6132 vhdmp - ok
19:39:41.0516 6132 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:39:41.0517 6132 viaide - ok
19:39:41.0528 6132 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:39:41.0530 6132 volmgr - ok
19:39:41.0551 6132 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:39:41.0554 6132 volmgrx - ok
19:39:41.0571 6132 [ df8126bd41180351a093a3ad2fc8903b ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:39:41.0575 6132 volsnap - ok
19:39:41.0588 6132 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:39:41.0592 6132 vsmraid - ok
19:39:41.0622 6132 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
19:39:41.0648 6132 VSS - ok
19:39:41.0719 6132 [ f98a970d02b35870c8013b43736f7904 ] vToolbarUpdater12.1.3 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe
19:39:41.0727 6132 vToolbarUpdater12.1.3 - ok
19:39:41.0751 6132 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:39:41.0755 6132 vwifibus - ok
19:39:41.0765 6132 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
19:39:41.0770 6132 W32Time - ok
19:39:41.0785 6132 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:39:41.0787 6132 WacomPen - ok
19:39:41.0801 6132 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:39:41.0804 6132 WANARP - ok
19:39:41.0809 6132 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:39:41.0811 6132 Wanarpv6 - ok
19:39:41.0844 6132 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:39:41.0870 6132 WatAdminSvc - ok
19:39:41.0911 6132 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
19:39:41.0945 6132 wbengine - ok
19:39:41.0957 6132 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:39:41.0962 6132 WbioSrvc - ok
19:39:41.0973 6132 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:39:41.0980 6132 wcncsvc - ok
19:39:42.0020 6132 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:39:42.0027 6132 WcsPlugInService - ok
19:39:42.0043 6132 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
19:39:42.0046 6132 Wd - ok
19:39:42.0073 6132 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:39:42.0082 6132 Wdf01000 - ok
19:39:42.0093 6132 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:39:42.0097 6132 WdiServiceHost - ok
19:39:42.0103 6132 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:39:42.0107 6132 WdiSystemHost - ok
19:39:42.0130 6132 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:39:42.0135 6132 WebClient - ok
19:39:42.0147 6132 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:39:42.0151 6132 Wecsvc - ok
19:39:42.0158 6132 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:39:42.0162 6132 wercplsupport - ok
19:39:42.0178 6132 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:39:42.0182 6132 WerSvc - ok
19:39:42.0197 6132 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:39:42.0200 6132 WfpLwf - ok
19:39:42.0220 6132 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:39:42.0223 6132 WIMMount - ok
19:39:42.0234 6132 WinHttpAutoProxySvc - ok
19:39:42.0292 6132 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:39:42.0296 6132 Winmgmt - ok
19:39:42.0341 6132 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
19:39:42.0362 6132 WinRM - ok
19:39:42.0429 6132 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
19:39:42.0440 6132 Wlansvc - ok
19:39:42.0479 6132 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:39:42.0481 6132 wlcrasvc - ok
19:39:42.0538 6132 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:39:42.0552 6132 wlidsvc - ok
19:39:42.0569 6132 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:39:42.0571 6132 WmiAcpi - ok
19:39:42.0591 6132 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:39:42.0594 6132 wmiApSrv - ok
19:39:42.0617 6132 WMPNetworkSvc - ok
19:39:42.0622 6132 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:39:42.0626 6132 WPCSvc - ok
19:39:42.0636 6132 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:39:42.0639 6132 WPDBusEnum - ok
19:39:42.0654 6132 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:39:42.0656 6132 ws2ifsl - ok
19:39:42.0661 6132 WSearch - ok
19:39:42.0739 6132 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:39:42.0759 6132 wuauserv - ok
19:39:42.0778 6132 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:39:42.0780 6132 WudfPf - ok
19:39:42.0796 6132 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:39:42.0798 6132 WUDFRd - ok
19:39:42.0814 6132 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:39:42.0818 6132 wudfsvc - ok
19:39:42.0831 6132 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
19:39:42.0837 6132 WwanSvc - ok
19:39:42.0847 6132 ================ Scan global ===============================
19:39:42.0865 6132 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
19:39:42.0885 6132 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:39:42.0894 6132 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:39:42.0914 6132 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
19:39:42.0946 6132 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
19:39:42.0951 6132 [Global] - ok
19:39:42.0952 6132 ================ Scan MBR ==================================
19:39:42.0962 6132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:39:43.0088 6132 \Device\Harddisk0\DR0 - ok
19:39:43.0089 6132 ================ Scan VBR ==================================
19:39:43.0094 6132 Boot (0x1200) (6cd5b7bacb7a10b089bdaea898635713) \Device\Harddisk0\DR0\Partition1
19:39:43.0096 6132 \Device\Harddisk0\DR0\Partition1 - ok
19:39:43.0104 6132 Boot (0x1200) (324949a96c99559abc93c93378fce417) \Device\Harddisk0\DR0\Partition2
19:39:43.0106 6132 \Device\Harddisk0\DR0\Partition2 - ok
19:39:43.0135 6132 Boot (0x1200) (a84ed8ecb376b51fc0bd88c37da8e5ca) \Device\Harddisk0\DR0\Partition3
19:39:43.0139 6132 \Device\Harddisk0\DR0\Partition3 - ok
19:39:43.0139 6132 ============================================================
19:39:43.0140 6132 Scan finished
19:39:43.0140 6132 ============================================================
19:39:43.0152 0988 Detected object count: 0
19:39:43.0152 0988 Actual detected object count: 0




Thank you in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:41 AM

Posted 14 August 2012 - 09:49 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#3 mikagami

mikagami
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 PM

Posted 15 August 2012 - 12:24 AM

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-14 20:04:12
-----------------------------
20:04:12.946 OS Version: Windows x64 6.1.7601 Service Pack 1
20:04:12.946 Number of processors: 2 586 0x2A07
20:04:12.947 ComputerName: MIKA-HP UserName: mika
20:04:15.001 Initialize success
20:04:15.123 AVAST engine defs: 12081401
20:15:37.161 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:15:37.163 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 3
20:15:37.198 Disk 0 MBR read successfully
20:15:37.200 Disk 0 MBR scan
20:15:37.202 Disk 0 Windows 7 default MBR code
20:15:37.211 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:15:37.221 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942033 MB offset 206848
20:15:37.252 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11734 MB offset 1929490432
20:15:37.309 Disk 0 scanning C:\Windows\system32\drivers
20:15:49.786 Service scanning
20:15:59.856 Modules scanning
20:15:59.864 Disk 0 trace - called modules:
20:15:59.873 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:15:59.879 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006e60440]
20:15:59.884 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800476a050]
20:16:02.506 AVAST engine scan C:\Windows
20:16:26.326 AVAST engine scan C:\Windows\system32
20:18:39.890 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
20:21:13.779 AVAST engine scan C:\Windows\system32\drivers
20:22:23.285 AVAST engine scan C:\Users\mika
20:27:11.972 AVAST engine scan C:\ProgramData
20:28:04.646 Scan finished successfully
20:28:48.725 Disk 0 MBR has been saved successfully to "C:\Users\mika\Desktop\MBR.dat"
20:28:48.729 The log file has been saved successfully to "C:\Users\mika\Desktop\aswMBR.txt"



ESET

sers\mika\Downloads\cnet2_revosetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined



mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by mika (administrator) on 14-08-2012 at 22:08:37
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : mika-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 38-60-77-9F-52-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7ce3:11ee:278a:f49c%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 14, 2012 5:58:49 PM
Lease Expires . . . . . . . . . . : Wednesday, August 15, 2012 5:58:49 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 272130167
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-04-14-67-38-60-77-9F-52-0B
DNS Servers . . . . . . . . . . . : 8.26.56.26
156.154.70.22
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6ED10FBA-F2D0-4D6A-B3C8-9A0463532A59}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: google.com.gateway.2wire.net
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging google.com [173.194.34.66] with 32 bytes of data:
Reply from 173.194.34.66: bytes=32 time=167ms TTL=45
Reply from 173.194.34.66: bytes=32 time=167ms TTL=45

Ping statistics for 173.194.34.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 167ms, Maximum = 167ms, Average = 167ms
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: yahoo.com.gateway.2wire.net
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=54ms TTL=50
Reply from 72.30.38.140: bytes=32 time=95ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 95ms, Average = 74ms
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: bleepingcomputer.com.gateway.2wire.net
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...38 60 77 9f 52 0b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.64 276
192.168.1.64 255.255.255.255 On-link 192.168.1.64 276
192.168.1.255 255.255.255.255 On-link 192.168.1.64 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.64 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.64 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 276 fe80::/64 On-link
13 276 fe80::7ce3:11ee:278a:f49c/128
On-link
1 306 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2012 08:29:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/14/2012 08:29:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (08/14/2012 07:29:23 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (08/14/2012 05:59:22 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/14/2012 05:59:22 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/14/2012 05:59:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/14/2012 05:58:52 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/14/2012 05:58:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (08/14/2012 05:31:25 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/14/2012 05:31:25 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/14/2012 05:30:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/14/2012 05:30:48 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (08/14/2012 08:29:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\mika\Downloads\esetsmartinstaller_enu.exe

Error: (08/14/2012 08:29:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\mika\Downloads\esetsmartinstaller_enu.exe

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (08/14/2012 04:35:09 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700


=========================== Installed Programs ============================

Ad-Aware Browsing Protection (Version: 1.0.0.5)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced SystemCare 5 (Version: 5.3.0)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AudibleManager (Version: 2002402510.48.56.2493810)
avast! Free Antivirus (Version: 7.0.1456.0)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Battlefield 2™
Bejeweled 3 (Version: 2.2.0.97)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.97)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Cake Mania (Version: 2.2.0.95)
CCleaner (Version: 3.20)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Comodo Dragon (Version: 15.0)
COMODO GeekBuddy (Version: 3.3.217083.59)
COMODO Internet Security (Version: 5.9.23255.2196)
Counter-Strike
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HitmanPro 3.6 (Version: 3.6.1.164)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.028)
HP MovieStore (Version: 1.0.057)
HP MovieStore (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.7.4747.3786)
HP Setup Manager (Version: 1.1.13880.3792)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.003.001.001)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
IObit Malware Fighter (Version: 1.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 3.0.207.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Oblivion (Version: 1.00.0000)
PDF Complete Special Edition (Version: 4.0.54)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.5331)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6387)
Recovery Manager (Version: 5.5.0.4222)
Remote Graphics Receiver (Version: 5.4.5)
Revo Uninstaller 1.94 (Version: 1.94)
Slingo Supreme (Version: 2.2.0.97)
Smart Defrag 2 (Version: 2.3)
SpywareBlaster 4.6 (Version: 4.6.0)
Steam (Version: 1.0.0.0)
System Requirements Lab for Intel (Version: 4.5.3.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games App (HP Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 4002.53 MB
Available physical RAM: 1952.36 MB
Total Pagefile: 8003.25 MB
Available Pagefile: 5485.08 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.37 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.95 GB) (Free:846.76 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.46 GB) (Free:1.4 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKA-HP

Administrator Guest mika


**** End of log ****


FSS

Farbar Service Scanner Version: 06-08-2012
Ran by mika (administrator) on 14-08-2012 at 22:11:11
Running from "C:\Users\mika\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



adware cleaner

# AdwCleaner v1.801 - Logfile created 08/14/2012 at 22:15:18
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : mika - MIKA-HP
# Boot Mode : Normal
# Running from : C:\Users\mika\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\mika\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\mika\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\mika\AppData\Roaming\Mozilla\Firefox\Profiles\ag5hjcju.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.1.0.20");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7B0d4817d7-4500-4316-af20-cc840505d6ba[...]

*************************

AdwCleaner[S1].txt - [5667 octets] - [14/08/2012 22:15:18]

########## EOF - C:\AdwCleaner[S1].txt - [5795 octets] ##########

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:41 AM

Posted 15 August 2012 - 02:40 AM

Please download a new copy of TDSSkiller ,scan it and post the log

#5 mikagami

mikagami
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 PM

Posted 15 August 2012 - 11:43 AM

09:41:32.0721 3648 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
09:41:33.0268 3648 ============================================================
09:41:33.0268 3648 Current date / time: 2012/08/15 09:41:33.0268
09:41:33.0268 3648 SystemInfo:
09:41:33.0268 3648
09:41:33.0268 3648 OS Version: 6.1.7601 ServicePack: 1.0
09:41:33.0268 3648 Product type: Workstation
09:41:33.0268 3648 ComputerName: MIKA-HP
09:41:33.0269 3648 UserName: mika
09:41:33.0269 3648 Windows directory: C:\Windows
09:41:33.0269 3648 System windows directory: C:\Windows
09:41:33.0269 3648 Running under WOW64
09:41:33.0269 3648 Processor architecture: Intel x64
09:41:33.0269 3648 Number of processors: 2
09:41:33.0269 3648 Page size: 0x1000
09:41:33.0269 3648 Boot type: Normal boot
09:41:33.0269 3648 ============================================================
09:41:33.0610 3648 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:41:33.0619 3648 ============================================================
09:41:33.0619 3648 \Device\Harddisk0\DR0:
09:41:33.0619 3648 MBR partitions:
09:41:33.0619 3648 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:41:33.0619 3648 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FE8800
09:41:33.0619 3648 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7301B000, BlocksNum 0x16EB000
09:41:33.0619 3648 ============================================================
09:41:33.0637 3648 C: <-> \Device\Harddisk0\DR0\Partition2
09:41:33.0671 3648 D: <-> \Device\Harddisk0\DR0\Partition3
09:41:33.0671 3648 ============================================================
09:41:33.0671 3648 Initialize success
09:41:33.0671 3648 ============================================================
09:41:37.0015 1912 ============================================================
09:41:37.0015 1912 Scan started
09:41:37.0015 1912 Mode: Manual;
09:41:37.0015 1912 ============================================================
09:41:37.0419 1912 ================ Scan services =============================
09:41:37.0685 1912 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:41:37.0688 1912 1394ohci - ok
09:41:37.0706 1912 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:41:37.0710 1912 ACPI - ok
09:41:37.0724 1912 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:41:37.0725 1912 AcpiPmi - ok
09:41:37.0782 1912 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:41:37.0784 1912 AdobeARMservice - ok
09:41:37.0856 1912 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:41:37.0859 1912 AdobeFlashPlayerUpdateSvc - ok
09:41:37.0880 1912 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:41:37.0885 1912 adp94xx - ok
09:41:37.0905 1912 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:41:37.0909 1912 adpahci - ok
09:41:37.0925 1912 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:41:37.0927 1912 adpu320 - ok
09:41:37.0983 1912 [ 96d6cdd0b32846e8cfbe592f4f32e608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
09:41:37.0991 1912 AdvancedSystemCareService5 - ok
09:41:38.0005 1912 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:41:38.0007 1912 AeLookupSvc - ok
09:41:38.0060 1912 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:41:38.0065 1912 AFD - ok
09:41:38.0084 1912 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:41:38.0086 1912 agp440 - ok
09:41:38.0097 1912 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
09:41:38.0099 1912 ALG - ok
09:41:38.0115 1912 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:41:38.0116 1912 aliide - ok
09:41:38.0140 1912 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
09:41:38.0141 1912 amdide - ok
09:41:38.0153 1912 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:41:38.0155 1912 AmdK8 - ok
09:41:38.0165 1912 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:41:38.0167 1912 AmdPPM - ok
09:41:38.0191 1912 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:41:38.0193 1912 amdsata - ok
09:41:38.0222 1912 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:41:38.0224 1912 amdsbs - ok
09:41:38.0235 1912 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:41:38.0236 1912 amdxata - ok
09:41:38.0249 1912 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
09:41:38.0251 1912 AppID - ok
09:41:38.0279 1912 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:41:38.0280 1912 AppIDSvc - ok
09:41:38.0284 1912 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:41:38.0285 1912 Appinfo - ok
09:41:38.0323 1912 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:41:38.0325 1912 Apple Mobile Device - ok
09:41:38.0338 1912 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
09:41:38.0339 1912 arc - ok
09:41:38.0355 1912 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:41:38.0356 1912 arcsas - ok
09:41:38.0433 1912 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:41:38.0434 1912 aspnet_state - ok
09:41:38.0474 1912 [ df59b8e8df0bd2e0e303778a3806a17d ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:41:38.0475 1912 aswFsBlk - ok
09:41:38.0511 1912 [ f8e6ab4f876feff69250f2e0c29ef004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:41:38.0512 1912 aswMonFlt - ok
09:41:38.0549 1912 [ aa92bc4bcba40ca3aa3ffd1be24f0c09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:41:38.0550 1912 aswRdr - ok
09:41:38.0589 1912 [ f06e230e1e8ca9437a6474b7b551cd37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:41:38.0598 1912 aswSnx - ok
09:41:38.0620 1912 [ 3610ca74a69e380424f0452dec5c1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:41:38.0624 1912 aswSP - ok
09:41:38.0638 1912 [ 87de3e31cb0091d22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:41:38.0639 1912 aswTdi - ok
09:41:38.0660 1912 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:41:38.0661 1912 AsyncMac - ok
09:41:38.0674 1912 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
09:41:38.0675 1912 atapi - ok
09:41:38.0711 1912 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:41:38.0718 1912 AudioEndpointBuilder - ok
09:41:38.0730 1912 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:41:38.0736 1912 AudioSrv - ok
09:41:38.0819 1912 [ 2f7c0f3e39c45e0127fb78b2f18a41f3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:41:38.0821 1912 avast! Antivirus - ok
09:41:38.0977 1912 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
09:41:39.0006 1912 AVGIDSAgent - ok
09:41:39.0052 1912 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:41:39.0054 1912 AVGIDSDriver - ok
09:41:39.0058 1912 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
09:41:39.0060 1912 AVGIDSFilter - ok
09:41:39.0074 1912 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
09:41:39.0076 1912 AVGIDSHA - ok
09:41:39.0093 1912 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
09:41:39.0096 1912 Avgldx64 - ok
09:41:39.0109 1912 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
09:41:39.0111 1912 Avgmfx64 - ok
09:41:39.0125 1912 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
09:41:39.0126 1912 Avgrkx64 - ok
09:41:39.0141 1912 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
09:41:39.0145 1912 Avgtdia - ok
09:41:39.0163 1912 [ 3c8f504fa1df6a77b173bdbd0a79e334 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
09:41:39.0165 1912 avgtp - ok
09:41:39.0187 1912 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
09:41:39.0189 1912 avgwd - ok
09:41:39.0225 1912 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:41:39.0227 1912 AxInstSV - ok
09:41:39.0266 1912 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:41:39.0270 1912 b06bdrv - ok
09:41:39.0297 1912 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:41:39.0300 1912 b57nd60a - ok
09:41:39.0320 1912 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:41:39.0322 1912 BDESVC - ok
09:41:39.0332 1912 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:41:39.0333 1912 Beep - ok
09:41:39.0390 1912 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
09:41:39.0397 1912 BFE - ok
09:41:39.0427 1912 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
09:41:39.0437 1912 BITS - ok
09:41:39.0458 1912 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:41:39.0460 1912 blbdrive - ok
09:41:39.0494 1912 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:41:39.0499 1912 Bonjour Service - ok
09:41:39.0517 1912 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:41:39.0519 1912 bowser - ok
09:41:39.0534 1912 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:41:39.0536 1912 BrFiltLo - ok
09:41:39.0545 1912 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:41:39.0546 1912 BrFiltUp - ok
09:41:39.0580 1912 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
09:41:39.0583 1912 Browser - ok
09:41:39.0601 1912 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:41:39.0604 1912 Brserid - ok
09:41:39.0617 1912 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:41:39.0618 1912 BrSerWdm - ok
09:41:39.0630 1912 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:41:39.0631 1912 BrUsbMdm - ok
09:41:39.0636 1912 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:41:39.0638 1912 BrUsbSer - ok
09:41:39.0650 1912 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:41:39.0651 1912 BTHMODEM - ok
09:41:39.0669 1912 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
09:41:39.0670 1912 bthserv - ok
09:41:39.0680 1912 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:41:39.0681 1912 cdfs - ok
09:41:39.0714 1912 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:41:39.0715 1912 cdrom - ok
09:41:39.0725 1912 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
09:41:39.0727 1912 CertPropSvc - ok
09:41:39.0735 1912 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
09:41:39.0736 1912 circlass - ok
09:41:39.0761 1912 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
09:41:39.0770 1912 CLFS - ok
09:41:39.0842 1912 [ 882e3973505c441ce000133c821d0edd ] CLPSLS C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
09:41:39.0853 1912 CLPSLS - ok
09:41:39.0892 1912 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:41:39.0894 1912 clr_optimization_v2.0.50727_32 - ok
09:41:40.0003 1912 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:41:40.0005 1912 clr_optimization_v2.0.50727_64 - ok
09:41:40.0040 1912 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:41:40.0042 1912 clr_optimization_v4.0.30319_32 - ok
09:41:40.0060 1912 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:41:40.0063 1912 clr_optimization_v4.0.30319_64 - ok
09:41:40.0078 1912 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:41:40.0079 1912 CmBatt - ok
09:41:40.0164 1912 [ cee48ccc4d561ddb19c72f9fb55d28d5 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:41:40.0185 1912 cmdAgent - ok
09:41:40.0224 1912 [ 0599d5a458d4e0e37ab84e9d1c5c73e5 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
09:41:40.0227 1912 cmdGuard - ok
09:41:40.0251 1912 [ 2d3e08c7106f748f9eff3dec14142d3e ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
09:41:40.0252 1912 cmdHlp - ok
09:41:40.0271 1912 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:41:40.0272 1912 cmdide - ok
09:41:40.0298 1912 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
09:41:40.0301 1912 CNG - ok
09:41:40.0316 1912 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:41:40.0317 1912 Compbatt - ok
09:41:40.0328 1912 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:41:40.0330 1912 CompositeBus - ok
09:41:40.0333 1912 COMSysApp - ok
09:41:40.0348 1912 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:41:40.0349 1912 crcdisk - ok
09:41:40.0389 1912 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:41:40.0391 1912 CryptSvc - ok
09:41:40.0425 1912 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:41:40.0433 1912 DcomLaunch - ok
09:41:40.0459 1912 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
09:41:40.0463 1912 defragsvc - ok
09:41:40.0475 1912 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:41:40.0477 1912 DfsC - ok
09:41:40.0491 1912 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
09:41:40.0496 1912 Dhcp - ok
09:41:40.0511 1912 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
09:41:40.0513 1912 discache - ok
09:41:40.0524 1912 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
09:41:40.0526 1912 Disk - ok
09:41:40.0550 1912 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:41:40.0554 1912 Dnscache - ok
09:41:40.0570 1912 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:41:40.0574 1912 dot3svc - ok
09:41:40.0581 1912 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
09:41:40.0585 1912 DPS - ok
09:41:40.0598 1912 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:41:40.0599 1912 drmkaud - ok
09:41:40.0636 1912 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:41:40.0642 1912 DXGKrnl - ok
09:41:40.0651 1912 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:41:40.0655 1912 EapHost - ok
09:41:40.0723 1912 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:41:40.0750 1912 ebdrv - ok
09:41:40.0789 1912 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
09:41:40.0791 1912 EFS - ok
09:41:40.0843 1912 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:41:40.0853 1912 ehRecvr - ok
09:41:40.0858 1912 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
09:41:40.0861 1912 ehSched - ok
09:41:40.0883 1912 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:41:40.0887 1912 elxstor - ok
09:41:40.0900 1912 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:41:40.0901 1912 ErrDev - ok
09:41:40.0926 1912 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
09:41:40.0929 1912 EventSystem - ok
09:41:40.0949 1912 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
09:41:40.0951 1912 exfat - ok
09:41:40.0961 1912 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:41:40.0963 1912 fastfat - ok
09:41:40.0984 1912 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
09:41:40.0989 1912 Fax - ok
09:41:41.0009 1912 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
09:41:41.0010 1912 fdc - ok
09:41:41.0021 1912 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:41:41.0022 1912 fdPHost - ok
09:41:41.0049 1912 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:41:41.0051 1912 FDResPub - ok
09:41:41.0063 1912 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:41:41.0064 1912 FileInfo - ok
09:41:41.0113 1912 [ 060cc45cecae2feaff9c8c52d8fafaa8 ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
09:41:41.0116 1912 FileMonitor - ok
09:41:41.0120 1912 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:41:41.0122 1912 Filetrace - ok
09:41:41.0139 1912 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:41:41.0141 1912 flpydisk - ok
09:41:41.0156 1912 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:41:41.0160 1912 FltMgr - ok
09:41:41.0200 1912 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
09:41:41.0212 1912 FontCache - ok
09:41:41.0264 1912 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:41:41.0267 1912 FontCache3.0.0.0 - ok
09:41:41.0276 1912 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:41:41.0278 1912 FsDepends - ok
09:41:41.0303 1912 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:41:41.0304 1912 Fs_Rec - ok
09:41:41.0318 1912 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:41:41.0321 1912 fvevol - ok
09:41:41.0341 1912 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:41:41.0342 1912 gagp30kx - ok
09:41:41.0389 1912 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:41:41.0394 1912 GamesAppService - ok
09:41:41.0412 1912 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:41:41.0414 1912 GEARAspiWDM - ok
09:41:41.0439 1912 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
09:41:41.0448 1912 gpsvc - ok
09:41:41.0460 1912 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:41:41.0461 1912 hcw85cir - ok
09:41:41.0482 1912 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:41:41.0484 1912 HdAudAddService - ok
09:41:41.0500 1912 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:41:41.0501 1912 HDAudBus - ok
09:41:41.0517 1912 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:41:41.0518 1912 HidBatt - ok
09:41:41.0531 1912 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:41:41.0533 1912 HidBth - ok
09:41:41.0545 1912 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:41:41.0546 1912 HidIr - ok
09:41:41.0561 1912 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
09:41:41.0562 1912 hidserv - ok
09:41:41.0576 1912 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:41:41.0577 1912 HidUsb - ok
09:41:41.0590 1912 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:41:41.0592 1912 hkmsvc - ok
09:41:41.0604 1912 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:41:41.0607 1912 HomeGroupListener - ok
09:41:41.0630 1912 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:41:41.0633 1912 HomeGroupProvider - ok
09:41:41.0701 1912 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:41:41.0703 1912 HP Support Assistant Service - ok
09:41:41.0733 1912 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
09:41:41.0738 1912 HPClientSvc - ok
09:41:41.0765 1912 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
09:41:41.0769 1912 HPDrvMntSvc.exe - ok
09:41:41.0792 1912 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:41:41.0802 1912 hpqwmiex - ok
09:41:41.0838 1912 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:41:41.0839 1912 HpSAMD - ok
09:41:41.0864 1912 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:41:41.0870 1912 HTTP - ok
09:41:41.0881 1912 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:41:41.0883 1912 hwpolicy - ok
09:41:41.0898 1912 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:41:41.0899 1912 i8042prt - ok
09:41:41.0917 1912 [ 26cf4275034214ecedd8ec17b0a18a99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:41:41.0921 1912 iaStor - ok
09:41:41.0941 1912 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:41:41.0943 1912 iaStorV - ok
09:41:41.0985 1912 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:41:41.0997 1912 idsvc - ok
09:41:42.0199 1912 [ efe5a0af39a8e179624117c521f1e012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:41:42.0262 1912 igfx - ok
09:41:42.0275 1912 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:41:42.0277 1912 iirsp - ok
09:41:42.0305 1912 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
09:41:42.0311 1912 IKEEXT - ok
09:41:42.0335 1912 [ 8ae99ebe30e8338907361018d9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
09:41:42.0343 1912 IMFservice - ok
09:41:42.0352 1912 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
09:41:42.0354 1912 Impcd - ok
09:41:42.0381 1912 [ efff0afd27cc97bf0e5e0bab78419de7 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
09:41:42.0382 1912 inspect - ok
09:41:42.0436 1912 [ 392d5c87f282e8e36df5154418a7bb20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:41:42.0452 1912 IntcAzAudAddService - ok
09:41:42.0490 1912 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
09:41:42.0491 1912 intelide - ok
09:41:42.0500 1912 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
09:41:42.0502 1912 intelppm - ok
09:41:42.0514 1912 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:41:42.0518 1912 IPBusEnum - ok
09:41:42.0535 1912 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:41:42.0537 1912 IpFilterDriver - ok
09:41:42.0546 1912 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:41:42.0547 1912 IPMIDRV - ok
09:41:42.0551 1912 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:41:42.0553 1912 IPNAT - ok
09:41:42.0589 1912 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:41:42.0598 1912 iPod Service - ok
09:41:42.0611 1912 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:41:42.0612 1912 IRENUM - ok
09:41:42.0630 1912 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:41:42.0631 1912 isapnp - ok
09:41:42.0646 1912 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:41:42.0648 1912 iScsiPrt - ok
09:41:42.0660 1912 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:41:42.0661 1912 kbdclass - ok
09:41:42.0668 1912 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:41:42.0669 1912 kbdhid - ok
09:41:42.0680 1912 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
09:41:42.0682 1912 KeyIso - ok
09:41:42.0703 1912 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:41:42.0704 1912 KSecDD - ok
09:41:42.0710 1912 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:41:42.0711 1912 KSecPkg - ok
09:41:42.0720 1912 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:41:42.0721 1912 ksthunk - ok
09:41:42.0740 1912 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
09:41:42.0745 1912 KtmRm - ok
09:41:42.0768 1912 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:41:42.0772 1912 LanmanServer - ok
09:41:42.0783 1912 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:41:42.0787 1912 LanmanWorkstation - ok
09:41:42.0811 1912 [ acec35f181075b20a5ef4a71958b13df ] libusb0 C:\Windows\system32\drivers\libusb0.sys
09:41:42.0812 1912 libusb0 - ok
09:41:42.0824 1912 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:41:42.0825 1912 lltdio - ok
09:41:42.0840 1912 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:41:42.0844 1912 lltdsvc - ok
09:41:42.0861 1912 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:41:42.0863 1912 lmhosts - ok
09:41:42.0909 1912 [ d75c4b4a8fe6d7fd74a7eecdbaec729f ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:41:42.0914 1912 LMS - ok
09:41:42.0930 1912 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:41:42.0932 1912 LSI_FC - ok
09:41:42.0946 1912 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:41:42.0948 1912 LSI_SAS - ok
09:41:42.0957 1912 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:41:42.0958 1912 LSI_SAS2 - ok
09:41:42.0991 1912 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:41:42.0993 1912 LSI_SCSI - ok
09:41:43.0003 1912 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
09:41:43.0004 1912 luafv - ok
09:41:43.0088 1912 [ 22a7776c5d8eb5930edf9c8dd0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
09:41:43.0093 1912 McComponentHostService - ok
09:41:43.0108 1912 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:41:43.0111 1912 Mcx2Svc - ok
09:41:43.0135 1912 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:41:43.0136 1912 megasas - ok
09:41:43.0166 1912 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:41:43.0168 1912 MegaSR - ok
09:41:43.0182 1912 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
09:41:43.0184 1912 MEIx64 - ok
09:41:43.0197 1912 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
09:41:43.0200 1912 MMCSS - ok
09:41:43.0223 1912 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:41:43.0224 1912 Modem - ok
09:41:43.0246 1912 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:41:43.0248 1912 monitor - ok
09:41:43.0262 1912 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:41:43.0263 1912 mouclass - ok
09:41:43.0269 1912 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:41:43.0270 1912 mouhid - ok
09:41:43.0286 1912 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:41:43.0288 1912 mountmgr - ok
09:41:43.0321 1912 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:41:43.0324 1912 MozillaMaintenance - ok
09:41:43.0345 1912 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:41:43.0346 1912 mpio - ok
09:41:43.0358 1912 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:41:43.0360 1912 mpsdrv - ok
09:41:43.0414 1912 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:41:43.0420 1912 MpsSvc - ok
09:41:43.0431 1912 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:41:43.0433 1912 MRxDAV - ok
09:41:43.0457 1912 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:41:43.0459 1912 mrxsmb - ok
09:41:43.0476 1912 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:41:43.0478 1912 mrxsmb10 - ok
09:41:43.0493 1912 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:41:43.0494 1912 mrxsmb20 - ok
09:41:43.0517 1912 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:41:43.0518 1912 msahci - ok
09:41:43.0559 1912 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:41:43.0561 1912 msdsm - ok
09:41:43.0573 1912 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
09:41:43.0576 1912 MSDTC - ok
09:41:43.0599 1912 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:41:43.0600 1912 Msfs - ok
09:41:43.0626 1912 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:41:43.0627 1912 mshidkmdf - ok
09:41:43.0640 1912 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:41:43.0642 1912 msisadrv - ok
09:41:43.0664 1912 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:41:43.0667 1912 MSiSCSI - ok
09:41:43.0671 1912 msiserver - ok
09:41:43.0685 1912 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:41:43.0687 1912 MSKSSRV - ok
09:41:43.0701 1912 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:41:43.0702 1912 MSPCLOCK - ok
09:41:43.0711 1912 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:41:43.0713 1912 MSPQM - ok
09:41:43.0729 1912 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:41:43.0731 1912 MsRPC - ok
09:41:43.0752 1912 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:41:43.0754 1912 mssmbios - ok
09:41:43.0770 1912 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:41:43.0771 1912 MSTEE - ok
09:41:43.0793 1912 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:41:43.0794 1912 MTConfig - ok
09:41:43.0805 1912 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:41:43.0806 1912 Mup - ok
09:41:43.0837 1912 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
09:41:43.0842 1912 napagent - ok
09:41:43.0857 1912 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:41:43.0859 1912 NativeWifiP - ok
09:41:43.0873 1912 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
09:41:43.0879 1912 NDIS - ok
09:41:43.0903 1912 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:41:43.0904 1912 NdisCap - ok
09:41:43.0918 1912 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:41:43.0920 1912 NdisTapi - ok
09:41:43.0935 1912 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:41:43.0936 1912 Ndisuio - ok
09:41:43.0954 1912 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:41:43.0955 1912 NdisWan - ok
09:41:43.0963 1912 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:41:43.0964 1912 NDProxy - ok
09:41:43.0972 1912 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:41:43.0973 1912 NetBIOS - ok
09:41:43.0992 1912 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:41:43.0994 1912 NetBT - ok
09:41:43.0998 1912 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
09:41:44.0001 1912 Netlogon - ok
09:41:44.0014 1912 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
09:41:44.0018 1912 Netman - ok
09:41:44.0032 1912 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:41:44.0035 1912 NetMsmqActivator - ok
09:41:44.0040 1912 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:41:44.0042 1912 NetPipeActivator - ok
09:41:44.0052 1912 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
09:41:44.0056 1912 netprofm - ok
09:41:44.0062 1912 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:41:44.0064 1912 NetTcpActivator - ok
09:41:44.0068 1912 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:41:44.0070 1912 NetTcpPortSharing - ok
09:41:44.0090 1912 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:41:44.0091 1912 nfrd960 - ok
09:41:44.0108 1912 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:41:44.0112 1912 NlaSvc - ok
09:41:44.0123 1912 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:41:44.0124 1912 Npfs - ok
09:41:44.0128 1912 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:41:44.0131 1912 nsi - ok
09:41:44.0141 1912 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:41:44.0142 1912 nsiproxy - ok
09:41:44.0189 1912 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:41:44.0198 1912 Ntfs - ok
09:41:44.0205 1912 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
09:41:44.0206 1912 Null - ok
09:41:44.0243 1912 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:41:44.0244 1912 nvraid - ok
09:41:44.0261 1912 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:41:44.0263 1912 nvstor - ok
09:41:44.0311 1912 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:41:44.0313 1912 nv_agp - ok
09:41:44.0329 1912 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:41:44.0331 1912 ohci1394 - ok
09:41:44.0348 1912 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:41:44.0352 1912 p2pimsvc - ok
09:41:44.0365 1912 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:41:44.0370 1912 p2psvc - ok
09:41:44.0381 1912 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:41:44.0382 1912 Parport - ok
09:41:44.0401 1912 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:41:44.0403 1912 partmgr - ok
09:41:44.0409 1912 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:41:44.0413 1912 PcaSvc - ok
09:41:44.0431 1912 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
09:41:44.0433 1912 pci - ok
09:41:44.0443 1912 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
09:41:44.0444 1912 pciide - ok
09:41:44.0454 1912 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:41:44.0456 1912 pcmcia - ok
09:41:44.0467 1912 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:41:44.0468 1912 pcw - ok
09:41:44.0494 1912 pdfcDispatcher - ok
09:41:44.0516 1912 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:41:44.0520 1912 PEAUTH - ok
09:41:44.0585 1912 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:41:44.0589 1912 PerfHost - ok
09:41:44.0634 1912 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
09:41:44.0648 1912 pla - ok
09:41:44.0707 1912 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:41:44.0714 1912 PlugPlay - ok
09:41:44.0720 1912 PnkBstrA - ok
09:41:44.0730 1912 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:41:44.0733 1912 PNRPAutoReg - ok
09:41:44.0748 1912 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:41:44.0752 1912 PNRPsvc - ok
09:41:44.0784 1912 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:41:44.0788 1912 PolicyAgent - ok
09:41:44.0800 1912 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
09:41:44.0804 1912 Power - ok
09:41:44.0816 1912 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:41:44.0817 1912 PptpMiniport - ok
09:41:44.0830 1912 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
09:41:44.0831 1912 Processor - ok
09:41:44.0854 1912 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:41:44.0858 1912 ProfSvc - ok
09:41:44.0869 1912 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:41:44.0872 1912 ProtectedStorage - ok
09:41:44.0881 1912 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:41:44.0883 1912 Psched - ok
09:41:44.0933 1912 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:41:44.0946 1912 ql2300 - ok
09:41:44.0978 1912 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:41:44.0980 1912 ql40xx - ok
09:41:44.0994 1912 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
09:41:44.0997 1912 QWAVE - ok
09:41:45.0009 1912 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:41:45.0010 1912 QWAVEdrv - ok
09:41:45.0021 1912 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:41:45.0023 1912 RasAcd - ok
09:41:45.0037 1912 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:41:45.0038 1912 RasAgileVpn - ok
09:41:45.0047 1912 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
09:41:45.0050 1912 RasAuto - ok
09:41:45.0062 1912 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:41:45.0064 1912 Rasl2tp - ok
09:41:45.0078 1912 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
09:41:45.0082 1912 RasMan - ok
09:41:45.0095 1912 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:41:45.0097 1912 RasPppoe - ok
09:41:45.0109 1912 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:41:45.0110 1912 RasSstp - ok
09:41:45.0124 1912 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:41:45.0127 1912 rdbss - ok
09:41:45.0141 1912 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:41:45.0142 1912 rdpbus - ok
09:41:45.0156 1912 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:41:45.0157 1912 RDPCDD - ok
09:41:45.0172 1912 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:41:45.0174 1912 RDPENCDD - ok
09:41:45.0183 1912 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:41:45.0184 1912 RDPREFMP - ok
09:41:45.0210 1912 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:41:45.0212 1912 RDPWD - ok
09:41:45.0229 1912 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:41:45.0231 1912 rdyboost - ok
09:41:45.0284 1912 [ 5f9ac3243c206ec95f32e4348ae67c13 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
09:41:45.0287 1912 RegFilter - ok
09:41:45.0315 1912 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:41:45.0319 1912 RemoteAccess - ok
09:41:45.0338 1912 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:41:45.0343 1912 RemoteRegistry - ok
09:41:45.0354 1912 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:41:45.0358 1912 RpcEptMapper - ok
09:41:45.0372 1912 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
09:41:45.0374 1912 RpcLocator - ok
09:41:45.0395 1912 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
09:41:45.0400 1912 RpcSs - ok
09:41:45.0413 1912 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:41:45.0414 1912 rspndr - ok
09:41:45.0437 1912 [ f4c374b1c46de294b573bb43723ac3f6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:41:45.0440 1912 RTL8167 - ok
09:41:45.0452 1912 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
09:41:45.0454 1912 SamSs - ok
09:41:45.0484 1912 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:41:45.0486 1912 sbp2port - ok
09:41:45.0489 1912 SBRE - ok
09:41:45.0505 1912 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:41:45.0508 1912 SCardSvr - ok
09:41:45.0540 1912 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:41:45.0541 1912 scfilter - ok
09:41:45.0566 1912 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
09:41:45.0575 1912 Schedule - ok
09:41:45.0595 1912 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
09:41:45.0597 1912 SCPolicySvc - ok
09:41:45.0613 1912 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:41:45.0617 1912 SDRSVC - ok
09:41:45.0627 1912 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:41:45.0628 1912 secdrv - ok
09:41:45.0652 1912 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
09:41:45.0654 1912 seclogon - ok
09:41:45.0666 1912 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
09:41:45.0669 1912 SENS - ok
09:41:45.0681 1912 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:41:45.0684 1912 SensrSvc - ok
09:41:45.0695 1912 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
09:41:45.0696 1912 Serenum - ok
09:41:45.0732 1912 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
09:41:45.0734 1912 Serial - ok
09:41:45.0748 1912 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:41:45.0749 1912 sermouse - ok
09:41:45.0788 1912 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:41:45.0791 1912 SessionEnv - ok
09:41:45.0809 1912 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:41:45.0810 1912 sffdisk - ok
09:41:45.0826 1912 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:41:45.0827 1912 sffp_mmc - ok
09:41:45.0841 1912 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:41:45.0843 1912 sffp_sd - ok
09:41:45.0852 1912 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:41:45.0853 1912 sfloppy - ok
09:41:45.0875 1912 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:41:45.0880 1912 ShellHWDetection - ok
09:41:45.0896 1912 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:41:45.0897 1912 SiSRaid2 - ok
09:41:45.0923 1912 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:41:45.0924 1912 SiSRaid4 - ok
09:41:45.0952 1912 [ dd0443bc6cc78a19fd399817f8c51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
09:41:45.0953 1912 SmartDefragDriver - ok
09:41:45.0966 1912 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:41:45.0968 1912 Smb - ok
09:41:45.0987 1912 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:41:45.0990 1912 SNMPTRAP - ok
09:41:45.0999 1912 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:41:46.0000 1912 spldr - ok
09:41:46.0032 1912 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:41:46.0037 1912 Spooler - ok
09:41:46.0099 1912 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
09:41:46.0119 1912 sppsvc - ok
09:41:46.0153 1912 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:41:46.0157 1912 sppuinotify - ok
09:41:46.0184 1912 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
09:41:46.0189 1912 srv - ok
09:41:46.0208 1912 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:41:46.0212 1912 srv2 - ok
09:41:46.0226 1912 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:41:46.0228 1912 srvnet - ok
09:41:46.0240 1912 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:41:46.0244 1912 SSDPSRV - ok
09:41:46.0255 1912 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:41:46.0258 1912 SstpSvc - ok
09:41:46.0284 1912 Steam Client Service - ok
09:41:46.0299 1912 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:41:46.0300 1912 stexstor - ok
09:41:46.0319 1912 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
09:41:46.0325 1912 stisvc - ok
09:41:46.0338 1912 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:41:46.0339 1912 swenum - ok
09:41:46.0361 1912 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
09:41:46.0366 1912 swprv - ok
09:41:46.0400 1912 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
09:41:46.0411 1912 SysMain - ok
09:41:46.0454 1912 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:41:46.0459 1912 TabletInputService - ok
09:41:46.0470 1912 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:41:46.0477 1912 TapiSrv - ok
09:41:46.0508 1912 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
09:41:46.0511 1912 TBS - ok
09:41:46.0552 1912 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:41:46.0562 1912 Tcpip - ok
09:41:46.0602 1912 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:41:46.0612 1912 TCPIP6 - ok
09:41:46.0637 1912 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:41:46.0638 1912 tcpipreg - ok
09:41:46.0652 1912 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:41:46.0653 1912 TDPIPE - ok
09:41:46.0673 1912 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:41:46.0674 1912 TDTCP - ok
09:41:46.0686 1912 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:41:46.0688 1912 tdx - ok
09:41:46.0704 1912 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:41:46.0705 1912 TermDD - ok
09:41:46.0724 1912 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
09:41:46.0730 1912 TermService - ok
09:41:46.0735 1912 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
09:41:46.0739 1912 Themes - ok
09:41:46.0760 1912 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
09:41:46.0762 1912 THREADORDER - ok
09:41:46.0776 1912 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
09:41:46.0780 1912 TrkWks - ok
09:41:46.0817 1912 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:41:46.0820 1912 TrustedInstaller - ok
09:41:46.0835 1912 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:41:46.0836 1912 tssecsrv - ok
09:41:46.0849 1912 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:41:46.0850 1912 TsUsbFlt - ok
09:41:46.0861 1912 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:41:46.0862 1912 TsUsbGD - ok
09:41:46.0877 1912 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:41:46.0879 1912 tunnel - ok
09:41:46.0888 1912 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:41:46.0889 1912 uagp35 - ok
09:41:46.0921 1912 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:41:46.0924 1912 udfs - ok
09:41:46.0935 1912 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:41:46.0939 1912 UI0Detect - ok
09:41:46.0954 1912 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:41:46.0955 1912 uliagpkx - ok
09:41:46.0971 1912 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:41:46.0972 1912 umbus - ok
09:41:46.0983 1912 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
09:41:46.0984 1912 UmPass - ok
09:41:47.0065 1912 [ 758c2ce427c343f780a205e28555c98d ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:41:47.0117 1912 UNS - ok
09:41:47.0156 1912 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
09:41:47.0163 1912 upnphost - ok
09:41:47.0185 1912 [ 241080f1b28e68f0d00f8f1066a3780d ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
09:41:47.0187 1912 UrlFilter - ok
09:41:47.0208 1912 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:41:47.0210 1912 usbccgp - ok
09:41:47.0236 1912 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:41:47.0239 1912 usbcir - ok
09:41:47.0247 1912 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:41:47.0249 1912 usbehci - ok
09:41:47.0268 1912 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:41:47.0271 1912 usbhub - ok
09:41:47.0281 1912 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:41:47.0283 1912 usbohci - ok
09:41:47.0304 1912 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:41:47.0305 1912 usbprint - ok
09:41:47.0319 1912 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:41:47.0320 1912 USBSTOR - ok
09:41:47.0335 1912 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:41:47.0337 1912 usbuhci - ok
09:41:47.0342 1912 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
09:41:47.0346 1912 UxSms - ok
09:41:47.0359 1912 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
09:41:47.0361 1912 VaultSvc - ok
09:41:47.0378 1912 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:41:47.0380 1912 vdrvroot - ok
09:41:47.0399 1912 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
09:41:47.0405 1912 vds - ok
09:41:47.0421 1912 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:41:47.0422 1912 vga - ok
09:41:47.0433 1912 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
09:41:47.0434 1912 VgaSave - ok
09:41:47.0461 1912 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:41:47.0463 1912 vhdmp - ok
09:41:47.0483 1912 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:41:47.0484 1912 viaide - ok
09:41:47.0496 1912 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:41:47.0497 1912 volmgr - ok
09:41:47.0518 1912 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:41:47.0521 1912 volmgrx - ok
09:41:47.0538 1912 [ df8126bd41180351a093a3ad2fc8903b ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:41:47.0540 1912 volsnap - ok
09:41:47.0556 1912 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:41:47.0557 1912 vsmraid - ok
09:41:47.0589 1912 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
09:41:47.0600 1912 VSS - ok
09:41:47.0670 1912 [ f98a970d02b35870c8013b43736f7904 ] vToolbarUpdater12.1.3 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe
09:41:47.0680 1912 vToolbarUpdater12.1.3 - ok
09:41:47.0726 1912 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:41:47.0728 1912 vwifibus - ok
09:41:47.0739 1912 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
09:41:47.0746 1912 W32Time - ok
09:41:47.0794 1912 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:41:47.0795 1912 WacomPen - ok
09:41:47.0810 1912 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:41:47.0812 1912 WANARP - ok
09:41:47.0819 1912 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:41:47.0820 1912 Wanarpv6 - ok
09:41:47.0862 1912 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:41:47.0869 1912 WatAdminSvc - ok
09:41:47.0911 1912 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
09:41:47.0922 1912 wbengine - ok
09:41:47.0940 1912 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:41:47.0944 1912 WbioSrvc - ok
09:41:47.0954 1912 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:41:47.0959 1912 wcncsvc - ok
09:41:47.0971 1912 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:41:47.0974 1912 WcsPlugInService - ok
09:41:47.0985 1912 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
09:41:47.0987 1912 Wd - ok
09:41:48.0007 1912 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:41:48.0011 1912 Wdf01000 - ok
09:41:48.0027 1912 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:41:48.0031 1912 WdiServiceHost - ok
09:41:48.0036 1912 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:41:48.0040 1912 WdiSystemHost - ok
09:41:48.0071 1912 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:41:48.0076 1912 WebClient - ok
09:41:48.0089 1912 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:41:48.0093 1912 Wecsvc - ok
09:41:48.0108 1912 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:41:48.0112 1912 wercplsupport - ok
09:41:48.0120 1912 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:41:48.0124 1912 WerSvc - ok
09:41:48.0139 1912 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:41:48.0140 1912 WfpLwf - ok
09:41:48.0152 1912 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:41:48.0154 1912 WIMMount - ok
09:41:48.0177 1912 WinHttpAutoProxySvc - ok
09:41:48.0217 1912 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:41:48.0220 1912 Winmgmt - ok
09:41:48.0264 1912 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
09:41:48.0283 1912 WinRM - ok
09:41:48.0329 1912 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
09:41:48.0337 1912 Wlansvc - ok
09:41:48.0388 1912 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:41:48.0391 1912 wlcrasvc - ok
09:41:48.0452 1912 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:41:48.0490 1912 wlidsvc - ok
09:41:48.0503 1912 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:41:48.0504 1912 WmiAcpi - ok
09:41:48.0525 1912 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:41:48.0527 1912 wmiApSrv - ok
09:41:48.0543 1912 WMPNetworkSvc - ok
09:41:48.0548 1912 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:41:48.0552 1912 WPCSvc - ok
09:41:48.0561 1912 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:41:48.0565 1912 WPDBusEnum - ok
09:41:48.0580 1912 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:41:48.0581 1912 ws2ifsl - ok
09:41:48.0586 1912 WSearch - ok
09:41:48.0665 1912 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:41:48.0683 1912 wuauserv - ok
09:41:48.0704 1912 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:41:48.0706 1912 WudfPf - ok
09:41:48.0721 1912 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:41:48.0723 1912 WUDFRd - ok
09:41:48.0739 1912 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:41:48.0743 1912 wudfsvc - ok
09:41:48.0756 1912 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
09:41:48.0761 1912 WwanSvc - ok
09:41:48.0771 1912 ================ Scan global ===============================
09:41:48.0808 1912 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
09:41:48.0828 1912 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
09:41:48.0835 1912 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
09:41:48.0857 1912 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
09:41:48.0871 1912 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
09:41:48.0876 1912 [Global] - ok
09:41:48.0876 1912 ================ Scan MBR ==================================
09:41:48.0887 1912 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:41:49.0005 1912 \Device\Harddisk0\DR0 - ok
09:41:49.0006 1912 ================ Scan VBR ==================================
09:41:49.0009 1912 Boot (0x1200) (6cd5b7bacb7a10b089bdaea898635713) \Device\Harddisk0\DR0\Partition1
09:41:49.0013 1912 \Device\Harddisk0\DR0\Partition1 - ok
09:41:49.0030 1912 Boot (0x1200) (324949a96c99559abc93c93378fce417) \Device\Harddisk0\DR0\Partition2
09:41:49.0032 1912 \Device\Harddisk0\DR0\Partition2 - ok
09:41:49.0061 1912 Boot (0x1200) (a84ed8ecb376b51fc0bd88c37da8e5ca) \Device\Harddisk0\DR0\Partition3
09:41:49.0063 1912 \Device\Harddisk0\DR0\Partition3 - ok
09:41:49.0064 1912 ============================================================
09:41:49.0064 1912 Scan finished
09:41:49.0064 1912 ============================================================
09:41:49.0076 4528 Detected object count: 0
09:41:49.0076 4528 Actual detected object count: 0

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:41 AM

Posted 15 August 2012 - 11:45 AM

MBAM log ?

Please run ASWMBR again and post the new log

Edited by narenxp, 15 August 2012 - 11:45 AM.


#7 mikagami

mikagami
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 PM

Posted 15 August 2012 - 12:10 PM

MBAM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
mika :: MIKA-HP [administrator]

8/14/2012 9:31:07 PM
mbam-log-2012-08-14 (21-31-07).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316712
Time elapsed: 34 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


ASWMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-15 09:59:30
-----------------------------
09:59:30.662 OS Version: Windows x64 6.1.7601 Service Pack 1
09:59:30.662 Number of processors: 2 586 0x2A07
09:59:30.662 ComputerName: MIKA-HP UserName: mika
09:59:34.531 Initialize success
09:59:34.718 AVAST engine defs: 12081503
09:59:44.655 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:59:44.655 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 3
09:59:44.671 Disk 0 MBR read successfully
09:59:44.671 Disk 0 MBR scan
09:59:44.671 Disk 0 Windows 7 default MBR code
09:59:44.686 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:59:44.686 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942033 MB offset 206848
09:59:44.718 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11734 MB offset 1929490432
09:59:44.764 Disk 0 scanning C:\Windows\system32\drivers
09:59:50.959 Service scanning
10:00:01.801 Modules scanning
10:00:01.801 Disk 0 trace - called modules:
10:00:01.816 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:00:01.816 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006e46060]
10:00:01.816 3 CLASSPNP.SYS[fffff88001dac43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004707050]
10:00:08.010 AVAST engine scan C:\Windows
10:00:13.174 AVAST engine scan C:\Windows\system32
10:01:03.160 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:01:52.700 AVAST engine scan C:\Windows\system32\drivers
10:02:06.849 AVAST engine scan C:\Users\mika
10:04:54.082 AVAST engine scan C:\ProgramData
10:05:39.056 Scan finished successfully
10:09:34.211 Disk 0 MBR has been saved successfully to "C:\Users\mika\Desktop\MBR.dat"
10:09:34.211 The log file has been saved successfully to "C:\Users\mika\Desktop\aswMBRlog2.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:41 AM

Posted 15 August 2012 - 08:04 PM

Post the new aswmbr log after reboot

Edited by narenxp, 15 August 2012 - 09:24 PM.


#9 mikagami

mikagami
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 PM

Posted 15 August 2012 - 08:30 PM

Avenger

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.1 (build 7601, Service Pack 1)
Wed Aug 15 18:07:58 2012

18:07:58: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////



ASWMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-15 18:20:04
-----------------------------
18:20:04.667 OS Version: Windows x64 6.1.7601 Service Pack 1
18:20:04.667 Number of processors: 2 586 0x2A07
18:20:04.667 ComputerName: MIKA-HP UserName: mika
18:20:19.518 Initialize success
18:20:19.628 AVAST engine defs: 12081503
18:20:24.557 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:20:24.557 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 3
18:20:24.588 Disk 0 MBR read successfully
18:20:24.588 Disk 0 MBR scan
18:20:24.588 Disk 0 Windows 7 default MBR code
18:20:24.604 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:20:24.604 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942033 MB offset 206848
18:20:24.651 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11734 MB offset 1929490432
18:20:24.698 Disk 0 scanning C:\Windows\system32\drivers
18:20:39.787 Service scanning
18:20:56.276 Modules scanning
18:20:56.276 Disk 0 trace - called modules:
18:20:56.276
18:20:58.507 AVAST engine scan C:\Windows
18:21:00.239 AVAST engine scan C:\Windows\system32
18:22:09.972 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:22:50.631 AVAST engine scan C:\Windows\system32\drivers
18:23:00.662 AVAST engine scan C:\Users\mika
18:26:13.732 AVAST engine scan C:\ProgramData
18:26:59.713 Scan finished successfully
18:28:50.766 Disk 0 MBR has been saved successfully to "C:\Users\mika\Desktop\MBR.dat"
18:28:50.770 The log file has been saved successfully to "C:\Users\mika\Desktop\aswMBR3.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:41 AM

Posted 15 August 2012 - 09:25 PM

We need advanced tools to remove this one

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users