Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random ads heard on my laptop?


  • Please log in to reply
4 replies to this topic

#1 BakaAnnsan101

BakaAnnsan101

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 12 October 2012 - 04:13 PM

Heyyy. So lately i've had random ads playing in the background. I tried to turn off everything, internet, skype, and oovoo. Its STILL playing :angry: . I did some research and know i have a virus, but i don't know where to start. If i need to download any anti-viruses, i'd prefere it be free. Thank you :thumbsup:
-bakaAnnsan101

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 12 October 2012 - 04:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BakaAnnsan101

BakaAnnsan101
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 13 October 2012 - 04:36 PM

sorry for taking so long, my compter kept on crashing. I'm on it now.

#4 BakaAnnsan101

BakaAnnsan101
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 13 October 2012 - 04:48 PM

heres the (i think) report for TDSS thing.

16:40:00.0024 5880 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:40:00.0415 5880 ============================================================
16:40:00.0415 5880 Current date / time: 2012/10/13 16:40:00.0415
16:40:00.0415 5880 SystemInfo:
16:40:00.0415 5880
16:40:00.0415 5880 OS Version: 6.1.7601 ServicePack: 1.0
16:40:00.0415 5880 Product type: Workstation
16:40:00.0415 5880 ComputerName: ANNBAILEY-HP
16:40:00.0415 5880 UserName: ANN BAILEY
16:40:00.0415 5880 Windows directory: C:\Windows
16:40:00.0415 5880 System windows directory: C:\Windows
16:40:00.0415 5880 Running under WOW64
16:40:00.0415 5880 Processor architecture: Intel x64
16:40:00.0415 5880 Number of processors: 2
16:40:00.0415 5880 Page size: 0x1000
16:40:00.0415 5880 Boot type: Normal boot
16:40:00.0415 5880 ============================================================
16:40:01.0285 5880 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:01.0305 5880 ============================================================
16:40:01.0305 5880 \Device\Harddisk0\DR0:
16:40:01.0305 5880 MBR partitions:
16:40:01.0305 5880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:40:01.0305 5880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A4B000
16:40:01.0305 5880 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48AAF000, BlocksNum 0x1D75000
16:40:01.0305 5880 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
16:40:01.0305 5880 ============================================================
16:40:01.0335 5880 C: <-> \Device\Harddisk0\DR0\Partition2
16:40:01.0455 5880 D: <-> \Device\Harddisk0\DR0\Partition3
16:40:01.0455 5880 ============================================================
16:40:01.0455 5880 Initialize success
16:40:01.0455 5880 ============================================================
16:40:28.0669 1744 ============================================================
16:40:28.0669 1744 Scan started
16:40:28.0669 1744 Mode: Manual; TDLFS;
16:40:28.0669 1744 ============================================================
16:40:30.0089 1744 ================ Scan system memory ========================
16:40:30.0089 1744 System memory - ok
16:40:30.0089 1744 ================ Scan services =============================
16:40:30.0429 1744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:40:30.0439 1744 1394ohci - ok
16:40:30.0489 1744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:40:30.0499 1744 ACPI - ok
16:40:30.0559 1744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:40:30.0559 1744 AcpiPmi - ok
16:40:30.0739 1744 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:40:30.0739 1744 AdobeARMservice - ok
16:40:30.0829 1744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:40:30.0839 1744 adp94xx - ok
16:40:30.0919 1744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:40:30.0919 1744 adpahci - ok
16:40:31.0009 1744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:40:31.0009 1744 adpu320 - ok
16:40:31.0039 1744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:40:31.0039 1744 AeLookupSvc - ok
16:40:31.0109 1744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:40:31.0119 1744 AFD - ok
16:40:31.0199 1744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:40:31.0199 1744 agp440 - ok
16:40:31.0269 1744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:40:31.0279 1744 ALG - ok
16:40:31.0339 1744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:40:31.0339 1744 aliide - ok
16:40:31.0419 1744 [ 5580856001F78FECEF19202A60334E7E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:40:31.0419 1744 AMD External Events Utility - ok
16:40:31.0499 1744 AMD FUEL Service - ok
16:40:31.0559 1744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:40:31.0559 1744 amdide - ok
16:40:31.0629 1744 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
16:40:31.0629 1744 amdiox64 - ok
16:40:31.0749 1744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:40:31.0749 1744 AmdK8 - ok
16:40:32.0349 1744 [ 69BC235B7983D67B8967CE634023CED1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:40:32.0551 1744 amdkmdag - ok
16:40:32.0673 1744 [ 2A8496AF669F282777F9E17D04D0AA22 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:40:32.0673 1744 amdkmdap - ok
16:40:32.0733 1744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:40:32.0733 1744 AmdPPM - ok
16:40:32.0813 1744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:40:32.0813 1744 amdsata - ok
16:40:32.0853 1744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:40:32.0853 1744 amdsbs - ok
16:40:32.0883 1744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:40:32.0883 1744 amdxata - ok
16:40:32.0933 1744 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
16:40:32.0933 1744 amd_sata - ok
16:40:32.0963 1744 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
16:40:32.0963 1744 amd_xata - ok
16:40:33.0023 1744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:40:33.0033 1744 AppID - ok
16:40:33.0073 1744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:40:33.0083 1744 AppIDSvc - ok
16:40:33.0134 1744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:40:33.0137 1744 Appinfo - ok
16:40:33.0255 1744 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:40:33.0255 1744 Apple Mobile Device - ok
16:40:33.0325 1744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:40:33.0325 1744 arc - ok
16:40:33.0365 1744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:40:33.0375 1744 arcsas - ok
16:40:33.0435 1744 [ CE6D8BCC4787704EA4FEEB92B0D0CAF8 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:40:33.0435 1744 aswFsBlk - ok
16:40:33.0495 1744 [ 0DEBEB2E3FBD0BF5343125CCE617F105 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:40:33.0495 1744 aswMonFlt - ok
16:40:33.0515 1744 [ 952EDC2E81F85D1781958D4128BF59F8 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:40:33.0525 1744 aswRdr - ok
16:40:33.0595 1744 [ DD383E2AC941C545A85AB72503DA6C12 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:40:33.0595 1744 aswSnx - ok
16:40:33.0685 1744 [ EF5403FB8B2DCB791EC365FDF6040A4A ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:40:33.0685 1744 aswSP - ok
16:40:33.0735 1744 [ 34165DA5C6B30C0F9D61246BF8A28040 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:40:33.0735 1744 aswTdi - ok
16:40:33.0815 1744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:40:33.0815 1744 AsyncMac - ok
16:40:33.0875 1744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:40:33.0875 1744 atapi - ok
16:40:33.0995 1744 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:40:33.0995 1744 AtiHDAudioService - ok
16:40:34.0075 1744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:40:34.0105 1744 AudioEndpointBuilder - ok
16:40:34.0125 1744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:40:34.0125 1744 AudioSrv - ok
16:40:34.0195 1744 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:40:34.0195 1744 avast! Antivirus - ok
16:40:34.0275 1744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:40:34.0275 1744 AxInstSV - ok
16:40:34.0345 1744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:40:34.0345 1744 b06bdrv - ok
16:40:34.0405 1744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:40:34.0405 1744 b57nd60a - ok
16:40:34.0505 1744 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:40:34.0505 1744 BBSvc - ok
16:40:34.0695 1744 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:40:34.0725 1744 BCM43XX - ok
16:40:34.0745 1744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:40:34.0755 1744 BDESVC - ok
16:40:34.0805 1744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:40:34.0805 1744 Beep - ok
16:40:34.0865 1744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:40:34.0865 1744 blbdrive - ok
16:40:35.0005 1744 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:40:35.0005 1744 Bonjour Service - ok
16:40:35.0125 1744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:40:35.0135 1744 bowser - ok
16:40:35.0165 1744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:40:35.0165 1744 BrFiltLo - ok
16:40:35.0185 1744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:40:35.0185 1744 BrFiltUp - ok
16:40:35.0215 1744 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
16:40:35.0215 1744 Browser - ok
16:40:35.0245 1744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:40:35.0255 1744 Brserid - ok
16:40:35.0275 1744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:40:35.0275 1744 BrSerWdm - ok
16:40:35.0296 1744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:40:35.0296 1744 BrUsbMdm - ok
16:40:35.0316 1744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:40:35.0326 1744 BrUsbSer - ok
16:40:35.0346 1744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:40:35.0348 1744 BTHMODEM - ok
16:40:35.0388 1744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:40:35.0398 1744 bthserv - ok
16:40:35.0408 1744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:40:35.0408 1744 cdfs - ok
16:40:35.0478 1744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:40:35.0488 1744 cdrom - ok
16:40:35.0538 1744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:40:35.0538 1744 CertPropSvc - ok
16:40:35.0618 1744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:40:35.0628 1744 circlass - ok
16:40:35.0668 1744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:40:35.0668 1744 CLFS - ok
16:40:35.0788 1744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:40:35.0788 1744 clr_optimization_v2.0.50727_32 - ok
16:40:35.0898 1744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:40:35.0898 1744 clr_optimization_v2.0.50727_64 - ok
16:40:36.0028 1744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:40:36.0038 1744 clr_optimization_v4.0.30319_32 - ok
16:40:36.0208 1744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:40:36.0228 1744 clr_optimization_v4.0.30319_64 - ok
16:40:36.0298 1744 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:40:36.0308 1744 clwvd - ok
16:40:36.0379 1744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:40:36.0379 1744 CmBatt - ok
16:40:36.0419 1744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:40:36.0419 1744 cmdide - ok
16:40:36.0469 1744 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:40:36.0479 1744 CNG - ok
16:40:36.0549 1744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:40:36.0549 1744 Compbatt - ok
16:40:36.0639 1744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:40:36.0639 1744 CompositeBus - ok
16:40:36.0669 1744 COMSysApp - ok
16:40:36.0709 1744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:40:36.0709 1744 crcdisk - ok
16:40:36.0809 1744 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:40:36.0809 1744 CryptSvc - ok
16:40:36.0939 1744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:40:36.0969 1744 DcomLaunch - ok
16:40:37.0019 1744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:40:37.0019 1744 defragsvc - ok
16:40:37.0099 1744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:40:37.0099 1744 DfsC - ok
16:40:37.0279 1744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:40:37.0279 1744 Dhcp - ok
16:40:37.0309 1744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:40:37.0319 1744 discache - ok
16:40:37.0389 1744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:40:37.0389 1744 Disk - ok
16:40:37.0439 1744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:40:37.0449 1744 Dnscache - ok
16:40:37.0489 1744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:40:37.0489 1744 dot3svc - ok
16:40:37.0509 1744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:40:37.0519 1744 DPS - ok
16:40:37.0629 1744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:40:37.0649 1744 drmkaud - ok
16:40:37.0709 1744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:40:37.0739 1744 DXGKrnl - ok
16:40:37.0839 1744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:40:37.0849 1744 EapHost - ok
16:40:38.0019 1744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:40:38.0099 1744 ebdrv - ok
16:40:38.0139 1744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:40:38.0149 1744 EFS - ok
16:40:38.0229 1744 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:40:38.0259 1744 ehRecvr - ok
16:40:38.0319 1744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:40:38.0329 1744 ehSched - ok
16:40:38.0429 1744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:40:38.0439 1744 elxstor - ok
16:40:38.0449 1744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:40:38.0459 1744 ErrDev - ok
16:40:38.0549 1744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:40:38.0549 1744 EventSystem - ok
16:40:38.0579 1744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:40:38.0589 1744 exfat - ok
16:40:38.0679 1744 ezSharedSvc - ok
16:40:38.0699 1744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:40:38.0709 1744 fastfat - ok
16:40:38.0789 1744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:40:38.0819 1744 Fax - ok
16:40:38.0849 1744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:40:38.0849 1744 fdc - ok
16:40:38.0919 1744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:40:38.0929 1744 fdPHost - ok
16:40:38.0959 1744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:40:38.0971 1744 FDResPub - ok
16:40:39.0011 1744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:40:39.0011 1744 FileInfo - ok
16:40:39.0021 1744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:40:39.0021 1744 Filetrace - ok
16:40:39.0041 1744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:40:39.0041 1744 flpydisk - ok
16:40:39.0071 1744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:40:39.0081 1744 FltMgr - ok
16:40:39.0141 1744 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:40:39.0171 1744 FontCache - ok
16:40:39.0251 1744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:40:39.0251 1744 FontCache3.0.0.0 - ok
16:40:39.0291 1744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:40:39.0301 1744 FsDepends - ok
16:40:39.0341 1744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:40:39.0341 1744 Fs_Rec - ok
16:40:39.0401 1744 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:40:39.0401 1744 fvevol - ok
16:40:39.0481 1744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:40:39.0481 1744 gagp30kx - ok
16:40:39.0671 1744 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:40:39.0691 1744 GamesAppService - ok
16:40:39.0771 1744 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:40:39.0781 1744 GEARAspiWDM - ok
16:40:39.0831 1744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:40:39.0851 1744 gpsvc - ok
16:40:40.0031 1744 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:40.0031 1744 gupdate - ok
16:40:40.0101 1744 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:40.0111 1744 gupdatem - ok
16:40:40.0201 1744 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:40:40.0201 1744 gusvc - ok
16:40:40.0231 1744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:40:40.0231 1744 hcw85cir - ok
16:40:40.0291 1744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:40:40.0301 1744 HdAudAddService - ok
16:40:40.0362 1744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:40:40.0362 1744 HDAudBus - ok
16:40:40.0402 1744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:40:40.0402 1744 HidBatt - ok
16:40:40.0422 1744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:40:40.0422 1744 HidBth - ok
16:40:40.0462 1744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:40:40.0462 1744 HidIr - ok
16:40:40.0512 1744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:40:40.0512 1744 hidserv - ok
16:40:40.0592 1744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:40:40.0592 1744 HidUsb - ok
16:40:40.0622 1744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:40:40.0632 1744 hkmsvc - ok
16:40:40.0672 1744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:40:40.0682 1744 HomeGroupListener - ok
16:40:40.0742 1744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:40:40.0742 1744 HomeGroupProvider - ok
16:40:40.0902 1744 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:40:40.0902 1744 HP Support Assistant Service - ok
16:40:41.0032 1744 [ 3015B37029AD15C67EBCA5053C422F90 ] HP8207_8307 C:\Windows\system32\DRIVERS\HP8207_8307.sys
16:40:41.0042 1744 HP8207_8307 - ok
16:40:41.0212 1744 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:40:41.0212 1744 HPAuto - ok
16:40:41.0292 1744 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:40:41.0292 1744 HPClientSvc - ok
16:40:41.0372 1744 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:40:41.0412 1744 hpCMSrv - ok
16:40:41.0602 1744 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:40:41.0602 1744 HPDrvMntSvc.exe - ok
16:40:41.0702 1744 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:40:41.0742 1744 hpqwmiex - ok
16:40:41.0812 1744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:40:41.0812 1744 HpSAMD - ok
16:40:42.0012 1744 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:40:42.0012 1744 HPWMISVC - ok
16:40:42.0062 1744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:40:42.0092 1744 HTTP - ok
16:40:42.0112 1744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:40:42.0112 1744 hwpolicy - ok
16:40:42.0172 1744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:40:42.0172 1744 i8042prt - ok
16:40:42.0272 1744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:40:42.0272 1744 iaStorV - ok
16:40:42.0482 1744 [ 634BCD82FB1CE4B475B3D64935F3D2CC ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:40:42.0552 1744 IconMan_R - ok
16:40:42.0652 1744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:40:42.0672 1744 idsvc - ok
16:40:42.0742 1744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:40:42.0772 1744 iirsp - ok
16:40:42.0842 1744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:40:42.0872 1744 IKEEXT - ok
16:40:42.0892 1744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:40:42.0902 1744 intelide - ok
16:40:42.0972 1744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:40:42.0972 1744 intelppm - ok
16:40:43.0032 1744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:40:43.0032 1744 IPBusEnum - ok
16:40:43.0092 1744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:40:43.0092 1744 IpFilterDriver - ok
16:40:43.0112 1744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:40:43.0112 1744 IPMIDRV - ok
16:40:43.0172 1744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:40:43.0172 1744 IPNAT - ok
16:40:43.0272 1744 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:40:43.0282 1744 iPod Service - ok
16:40:43.0342 1744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:40:43.0352 1744 IRENUM - ok
16:40:43.0442 1744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:40:43.0442 1744 isapnp - ok
16:40:43.0502 1744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:40:43.0502 1744 iScsiPrt - ok
16:40:43.0582 1744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:40:43.0582 1744 kbdclass - ok
16:40:43.0672 1744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:40:43.0672 1744 kbdhid - ok
16:40:43.0702 1744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:40:43.0702 1744 KeyIso - ok
16:40:43.0732 1744 KMService - ok
16:40:43.0782 1744 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:40:43.0792 1744 KSecDD - ok
16:40:43.0832 1744 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:40:43.0832 1744 KSecPkg - ok
16:40:43.0892 1744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:40:43.0892 1744 ksthunk - ok
16:40:43.0982 1744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:40:43.0992 1744 KtmRm - ok
16:40:44.0062 1744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:40:44.0072 1744 LanmanServer - ok
16:40:44.0122 1744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:40:44.0132 1744 LanmanWorkstation - ok
16:40:44.0192 1744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:40:44.0192 1744 lltdio - ok
16:40:44.0242 1744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:40:44.0603 1744 lltdsvc - ok
16:40:44.0633 1744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:40:44.0633 1744 lmhosts - ok
16:40:44.0683 1744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:40:44.0693 1744 LSI_FC - ok
16:40:44.0713 1744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:40:44.0713 1744 LSI_SAS - ok
16:40:44.0743 1744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:40:44.0743 1744 LSI_SAS2 - ok
16:40:44.0763 1744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:40:44.0773 1744 LSI_SCSI - ok
16:40:44.0793 1744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:40:44.0803 1744 luafv - ok
16:40:44.0863 1744 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:40:44.0863 1744 MBAMProtector - ok
16:40:44.0923 1744 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Windows\Malwarebytes' Anti-Malware\mbamservice.exe
16:40:44.0943 1744 MBAMService - ok
16:40:45.0003 1744 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:40:45.0003 1744 Mcx2Svc - ok
16:40:45.0023 1744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:40:45.0023 1744 megasas - ok
16:40:45.0053 1744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:40:45.0053 1744 MegaSR - ok
16:40:45.0103 1744 Microsoft SharePoint Workspace Audit Service - ok
16:40:45.0143 1744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:40:45.0143 1744 MMCSS - ok
16:40:45.0153 1744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:40:45.0153 1744 Modem - ok
16:40:45.0183 1744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:40:45.0193 1744 monitor - ok
16:40:45.0233 1744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:40:45.0233 1744 mouclass - ok
16:40:45.0273 1744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:40:45.0284 1744 mouhid - ok
16:40:45.0299 1744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:40:45.0301 1744 mountmgr - ok
16:40:45.0335 1744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:40:45.0335 1744 mpio - ok
16:40:45.0345 1744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:40:45.0345 1744 mpsdrv - ok
16:40:45.0432 1744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:40:45.0435 1744 MRxDAV - ok
16:40:45.0465 1744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:40:45.0468 1744 mrxsmb - ok
16:40:45.0497 1744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:40:45.0507 1744 mrxsmb10 - ok
16:40:45.0517 1744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:40:45.0517 1744 mrxsmb20 - ok
16:40:45.0557 1744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:40:45.0557 1744 msahci - ok
16:40:45.0587 1744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:40:45.0587 1744 msdsm - ok
16:40:45.0657 1744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:40:45.0667 1744 MSDTC - ok
16:40:45.0757 1744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:40:45.0767 1744 Msfs - ok
16:40:45.0847 1744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:40:45.0847 1744 mshidkmdf - ok
16:40:45.0857 1744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:40:45.0867 1744 msisadrv - ok
16:40:45.0887 1744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:40:45.0887 1744 MSiSCSI - ok
16:40:45.0897 1744 msiserver - ok
16:40:45.0947 1744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:40:45.0957 1744 MSKSSRV - ok
16:40:45.0967 1744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:40:45.0967 1744 MSPCLOCK - ok
16:40:45.0987 1744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:40:45.0997 1744 MSPQM - ok
16:40:46.0017 1744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:40:46.0027 1744 MsRPC - ok
16:40:46.0067 1744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:40:46.0067 1744 mssmbios - ok
16:40:46.0127 1744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:40:46.0127 1744 MSTEE - ok
16:40:46.0157 1744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:40:46.0157 1744 MTConfig - ok
16:40:46.0167 1744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:40:46.0177 1744 Mup - ok
16:40:46.0207 1744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:40:46.0217 1744 napagent - ok
16:40:46.0307 1744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:40:46.0307 1744 NativeWifiP - ok
16:40:46.0377 1744 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:40:46.0428 1744 NDIS - ok
16:40:46.0468 1744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:40:46.0468 1744 NdisCap - ok
16:40:46.0548 1744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:40:46.0548 1744 NdisTapi - ok
16:40:46.0568 1744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:40:46.0568 1744 Ndisuio - ok
16:40:46.0588 1744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:40:46.0598 1744 NdisWan - ok
16:40:46.0618 1744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:40:46.0628 1744 NDProxy - ok
16:40:46.0908 1744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:40:46.0908 1744 NetBIOS - ok
16:40:46.0938 1744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:40:46.0938 1744 NetBT - ok
16:40:46.0968 1744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:40:46.0968 1744 Netlogon - ok
16:40:46.0998 1744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:40:47.0008 1744 Netman - ok
16:40:47.0078 1744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:40:47.0088 1744 netprofm - ok
16:40:47.0168 1744 [ 2F06E01DE7A3E366185E65C41C9DEBF7 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
16:40:47.0258 1744 netr28x - ok
16:40:47.0303 1744 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:47.0305 1744 NetTcpPortSharing - ok
16:40:47.0340 1744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:40:47.0350 1744 nfrd960 - ok
16:40:47.0420 1744 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:40:47.0430 1744 NlaSvc - ok
16:40:47.0450 1744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:40:47.0450 1744 Npfs - ok
16:40:47.0480 1744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:40:47.0480 1744 nsi - ok
16:40:47.0530 1744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:40:47.0530 1744 nsiproxy - ok
16:40:47.0640 1744 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:40:47.0680 1744 Ntfs - ok
16:40:47.0750 1744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:40:47.0760 1744 Null - ok
16:40:47.0830 1744 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:40:47.0840 1744 NVENETFD - ok
16:40:47.0860 1744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:40:47.0870 1744 nvraid - ok
16:40:47.0940 1744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:40:47.0950 1744 nvstor - ok
16:40:48.0020 1744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:40:48.0020 1744 nv_agp - ok
16:40:48.0050 1744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:40:48.0050 1744 ohci1394 - ok
16:40:48.0140 1744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:40:48.0140 1744 ose - ok
16:40:48.0460 1744 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:40:48.0490 1744 osppsvc - ok
16:40:48.0682 1744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:40:48.0682 1744 p2pimsvc - ok
16:40:48.0722 1744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:40:48.0722 1744 p2psvc - ok
16:40:48.0752 1744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:40:48.0752 1744 Parport - ok
16:40:48.0782 1744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:40:48.0782 1744 partmgr - ok
16:40:48.0862 1744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:40:48.0872 1744 PcaSvc - ok
16:40:48.0892 1744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:40:48.0892 1744 pci - ok
16:40:48.0912 1744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:40:48.0912 1744 pciide - ok
16:40:48.0932 1744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:40:48.0942 1744 pcmcia - ok
16:40:48.0972 1744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:40:48.0972 1744 pcw - ok
16:40:49.0052 1744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:40:49.0062 1744 PEAUTH - ok
16:40:49.0132 1744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:40:49.0132 1744 PerfHost - ok
16:40:49.0222 1744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:40:49.0272 1744 pla - ok
16:40:49.0322 1744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:40:49.0332 1744 PlugPlay - ok
16:40:49.0462 1744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:40:49.0462 1744 PNRPAutoReg - ok
16:40:49.0532 1744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:40:49.0542 1744 PNRPsvc - ok
16:40:49.0582 1744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:40:49.0592 1744 PolicyAgent - ok
16:40:49.0622 1744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:40:49.0632 1744 Power - ok
16:40:49.0692 1744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:40:49.0692 1744 PptpMiniport - ok
16:40:49.0702 1744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:40:49.0702 1744 Processor - ok
16:40:49.0742 1744 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:40:49.0752 1744 ProfSvc - ok
16:40:49.0772 1744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:40:49.0772 1744 ProtectedStorage - ok
16:40:49.0832 1744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:40:49.0832 1744 Psched - ok
16:40:49.0922 1744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:40:49.0962 1744 ql2300 - ok
16:40:49.0992 1744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:40:49.0992 1744 ql40xx - ok
16:40:50.0022 1744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:40:50.0022 1744 QWAVE - ok
16:40:50.0042 1744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:40:50.0052 1744 QWAVEdrv - ok
16:40:50.0082 1744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:40:50.0082 1744 RasAcd - ok
16:40:50.0162 1744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:40:50.0162 1744 RasAgileVpn - ok
16:40:50.0192 1744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:40:50.0192 1744 RasAuto - ok
16:40:50.0212 1744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:50.0212 1744 Rasl2tp - ok
16:40:50.0232 1744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:40:50.0242 1744 RasMan - ok
16:40:50.0612 1744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:50.0612 1744 RasPppoe - ok
16:40:50.0652 1744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:40:50.0652 1744 RasSstp - ok
16:40:50.0682 1744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:40:50.0692 1744 rdbss - ok
16:40:50.0702 1744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:40:50.0712 1744 rdpbus - ok
16:40:50.0722 1744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:50.0722 1744 RDPCDD - ok
16:40:50.0772 1744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:40:50.0772 1744 RDPENCDD - ok
16:40:50.0782 1744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:40:50.0792 1744 RDPREFMP - ok
16:40:50.0822 1744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:40:50.0822 1744 RDPWD - ok
16:40:50.0882 1744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:40:50.0882 1744 rdyboost - ok
16:40:50.0942 1744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:40:50.0942 1744 RemoteAccess - ok
16:40:50.0962 1744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:40:50.0972 1744 RemoteRegistry - ok
16:40:51.0022 1744 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
16:40:51.0022 1744 RoxioNow Service - ok
16:40:51.0042 1744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:40:51.0052 1744 RpcEptMapper - ok
16:40:51.0082 1744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:40:51.0082 1744 RpcLocator - ok
16:40:51.0122 1744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:40:51.0132 1744 RpcSs - ok
16:40:51.0192 1744 [ C897D551EE0DFCD8E638BF78E21D4D7F ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:40:51.0192 1744 RSPCIESTOR - ok
16:40:51.0252 1744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:40:51.0252 1744 rspndr - ok
16:40:51.0322 1744 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:40:51.0322 1744 RTL8167 - ok
16:40:51.0342 1744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:40:51.0352 1744 SamSs - ok
16:40:51.0385 1744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:40:51.0388 1744 sbp2port - ok
16:40:51.0418 1744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:40:51.0424 1744 SCardSvr - ok
16:40:51.0436 1744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:40:51.0438 1744 scfilter - ok
16:40:51.0524 1744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:40:51.0614 1744 Schedule - ok
16:40:51.0654 1744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:40:51.0664 1744 SCPolicySvc - ok
16:40:51.0744 1744 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:40:51.0744 1744 sdbus - ok
16:40:51.0764 1744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:40:51.0764 1744 SDRSVC - ok
16:40:51.0814 1744 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:40:51.0824 1744 SeaPort - ok
16:40:52.0044 1744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:40:52.0044 1744 secdrv - ok
16:40:52.0074 1744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:40:52.0084 1744 seclogon - ok
16:40:52.0084 1744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:40:52.0094 1744 SENS - ok
16:40:52.0134 1744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:40:52.0134 1744 SensrSvc - ok
16:40:52.0154 1744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:40:52.0154 1744 Serenum - ok
16:40:52.0204 1744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:40:52.0204 1744 Serial - ok
16:40:52.0274 1744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:40:52.0274 1744 sermouse - ok
16:40:52.0314 1744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:40:52.0324 1744 SessionEnv - ok
16:40:52.0364 1744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:40:52.0364 1744 sffdisk - ok
16:40:52.0384 1744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:40:52.0384 1744 sffp_mmc - ok
16:40:52.0414 1744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:40:52.0424 1744 sffp_sd - ok
16:40:52.0444 1744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:40:52.0444 1744 sfloppy - ok
16:40:52.0484 1744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:40:52.0494 1744 ShellHWDetection - ok
16:40:52.0564 1744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:40:52.0564 1744 SiSRaid2 - ok
16:40:52.0594 1744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:40:52.0614 1744 SiSRaid4 - ok
16:40:52.0734 1744 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:40:52.0744 1744 SkypeUpdate - ok
16:40:52.0824 1744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:40:52.0824 1744 Smb - ok
16:40:52.0914 1744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:40:52.0914 1744 SNMPTRAP - ok
16:40:52.0934 1744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:40:52.0984 1744 spldr - ok
16:40:53.0074 1744 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
16:40:53.0114 1744 Spooler - ok
16:40:53.0274 1744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:40:53.0386 1744 sppsvc - ok
16:40:53.0417 1744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:40:53.0422 1744 sppuinotify - ok
16:40:53.0455 1744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:40:53.0458 1744 srv - ok
16:40:53.0528 1744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:40:53.0538 1744 srv2 - ok
16:40:53.0618 1744 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:40:53.0628 1744 SrvHsfHDA - ok
16:40:53.0738 1744 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:40:53.0798 1744 SrvHsfV92 - ok
16:40:53.0828 1744 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:40:53.0908 1744 SrvHsfWinac - ok
16:40:53.0928 1744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:40:53.0928 1744 srvnet - ok
16:40:53.0958 1744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:40:53.0968 1744 SSDPSRV - ok
16:40:53.0978 1744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:40:53.0988 1744 SstpSvc - ok
16:40:54.0098 1744 [ 54DE4331FBCFABCDFDA5C845F856D848 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:40:54.0098 1744 STacSV - ok
16:40:54.0128 1744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:40:54.0128 1744 stexstor - ok
16:40:54.0208 1744 [ 400EBAC444D0622CB0F7FBA23B234B82 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:40:54.0218 1744 STHDA - ok
16:40:54.0288 1744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:40:54.0318 1744 stisvc - ok
16:40:54.0348 1744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:40:54.0368 1744 swenum - ok
16:40:54.0408 1744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:40:54.0423 1744 swprv - ok
16:40:54.0550 1744 [ CC13EE4AF170ABB99F6449CBB62AB219 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:40:54.0640 1744 SynTP - ok
16:40:54.0790 1744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:40:54.0890 1744 SysMain - ok
16:40:54.0920 1744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:40:54.0920 1744 TabletInputService - ok
16:40:54.0940 1744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:40:54.0950 1744 TapiSrv - ok
16:40:54.0970 1744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:40:54.0970 1744 TBS - ok
16:40:55.0110 1744 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:40:55.0220 1744 Tcpip - ok
16:40:55.0340 1744 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:40:55.0360 1744 TCPIP6 - ok
16:40:55.0530 1744 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:40:55.0530 1744 tcpipreg - ok
16:40:55.0560 1744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:40:55.0560 1744 TDPIPE - ok
16:40:55.0580 1744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:40:55.0580 1744 TDTCP - ok
16:40:55.0610 1744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:40:55.0610 1744 tdx - ok
16:40:55.0630 1744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:40:55.0640 1744 TermDD - ok
16:40:55.0670 1744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:40:55.0750 1744 TermService - ok
16:40:55.0760 1744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:40:55.0770 1744 Themes - ok
16:40:55.0780 1744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:40:55.0790 1744 THREADORDER - ok
16:40:55.0810 1744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:40:55.0810 1744 TrkWks - ok
16:40:55.0910 1744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:40:55.0920 1744 TrustedInstaller - ok
16:40:55.0940 1744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:40:55.0940 1744 tssecsrv - ok
16:40:56.0020 1744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:40:56.0030 1744 TsUsbFlt - ok
16:40:56.0070 1744 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:40:56.0070 1744 TsUsbGD - ok
16:40:56.0150 1744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:40:56.0180 1744 tunnel - ok
16:40:56.0220 1744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:40:56.0240 1744 uagp35 - ok
16:40:56.0320 1744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:40:56.0320 1744 udfs - ok
16:40:56.0360 1744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:40:56.0370 1744 UI0Detect - ok
16:40:56.0420 1744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:40:56.0450 1744 uliagpkx - ok
16:40:56.0540 1744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:40:56.0540 1744 umbus - ok
16:40:56.0600 1744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:40:56.0603 1744 UmPass - ok
16:40:56.0646 1744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:40:56.0652 1744 upnphost - ok
16:40:56.0702 1744 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:40:56.0702 1744 USBAAPL64 - ok
16:40:56.0722 1744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:40:56.0732 1744 usbccgp - ok
16:40:56.0752 1744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:40:56.0752 1744 usbcir - ok
16:40:56.0772 1744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:40:56.0772 1744 usbehci - ok
16:40:56.0832 1744 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:40:56.0842 1744 usbfilter - ok
16:40:56.0912 1744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:40:56.0932 1744 usbhub - ok
16:40:56.0952 1744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:40:56.0962 1744 usbohci - ok
16:40:57.0022 1744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:40:57.0022 1744 usbprint - ok
16:40:57.0052 1744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:40:57.0052 1744 USBSTOR - ok
16:40:57.0072 1744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:40:57.0072 1744 usbuhci - ok
16:40:57.0132 1744 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:40:57.0132 1744 usbvideo - ok
16:40:57.0162 1744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:40:57.0172 1744 UxSms - ok
16:40:57.0182 1744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:40:57.0192 1744 VaultSvc - ok
16:40:57.0222 1744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:40:57.0222 1744 vdrvroot - ok
16:40:57.0262 1744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:40:57.0272 1744 vds - ok
16:40:57.0302 1744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:40:57.0302 1744 vga - ok
16:40:57.0312 1744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:40:57.0312 1744 VgaSave - ok
16:40:57.0342 1744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:40:57.0352 1744 vhdmp - ok
16:40:57.0372 1744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:40:57.0372 1744 viaide - ok
16:40:57.0392 1744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:40:57.0392 1744 volmgr - ok
16:40:57.0432 1744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:40:57.0442 1744 volmgrx - ok
16:40:57.0474 1744 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:40:57.0474 1744 volsnap - ok
16:40:57.0594 1744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:40:57.0604 1744 vsmraid - ok
16:40:57.0664 1744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:40:57.0754 1744 VSS - ok
16:40:57.0791 1744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:40:57.0792 1744 vwifibus - ok
16:40:57.0836 1744 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:40:57.0846 1744 vwififlt - ok
16:40:57.0876 1744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:40:57.0886 1744 W32Time - ok
16:40:57.0906 1744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:40:57.0906 1744 WacomPen - ok
16:40:57.0966 1744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:40:57.0966 1744 WANARP - ok
16:40:57.0966 1744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:40:57.0966 1744 Wanarpv6 - ok
16:40:58.0178 1744 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:40:58.0318 1744 WatAdminSvc - ok
16:40:58.0368 1744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:40:58.0463 1744 wbengine - ok
16:40:58.0520 1744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:40:58.0530 1744 WbioSrvc - ok
16:40:58.0560 1744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:40:58.0570 1744 wcncsvc - ok
16:40:58.0600 1744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:40:58.0610 1744 WcsPlugInService - ok
16:40:58.0640 1744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:40:58.0640 1744 Wd - ok
16:40:58.0720 1744 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:40:58.0730 1744 Wdf01000 - ok
16:40:58.0770 1744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:40:58.0790 1744 WdiServiceHost - ok
16:40:58.0800 1744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:40:58.0800 1744 WdiSystemHost - ok
16:40:58.0870 1744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:40:58.0880 1744 WebClient - ok
16:40:58.0950 1744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:40:58.0960 1744 Wecsvc - ok
16:40:58.0980 1744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:40:58.0980 1744 wercplsupport - ok
16:40:59.0030 1744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:40:59.0040 1744 WerSvc - ok
16:40:59.0080 1744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:40:59.0080 1744 WfpLwf - ok
16:40:59.0110 1744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:40:59.0110 1744 WIMMount - ok
16:40:59.0120 1744 WinHttpAutoProxySvc - ok
16:40:59.0170 1744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:40:59.0180 1744 Winmgmt - ok
16:40:59.0250 1744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:40:59.0310 1744 WinRM - ok
16:40:59.0400 1744 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:40:59.0400 1744 WinUsb - ok
16:40:59.0450 1744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:40:59.0490 1744 Wlansvc - ok
16:40:59.0530 1744 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:40:59.0530 1744 wlcrasvc - ok
16:40:59.0700 1744 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:40:59.0720 1744 wlidsvc - ok
16:40:59.0730 1744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:40:59.0740 1744 WmiAcpi - ok
16:40:59.0769 1744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:40:59.0772 1744 wmiApSrv - ok
16:40:59.0822 1744 WMPNetworkSvc - ok
16:40:59.0882 1744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:40:59.0882 1744 WPCSvc - ok
16:40:59.0902 1744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:40:59.0912 1744 WPDBusEnum - ok
16:40:59.0932 1744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:40:59.0932 1744 ws2ifsl - ok
16:40:59.0942 1744 WSearch - ok
16:40:59.0972 1744 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:40:59.0972 1744 WudfPf - ok
16:41:00.0012 1744 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:41:00.0012 1744 WUDFRd - ok
16:41:00.0042 1744 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:41:00.0042 1744 wudfsvc - ok
16:41:00.0112 1744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:41:00.0122 1744 WwanSvc - ok
16:41:00.0162 1744 ================ Scan global ===============================
16:41:00.0282 1744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:41:00.0322 1744 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:41:00.0342 1744 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:41:00.0372 1744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:41:00.0402 1744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:41:00.0412 1744 [Global] - ok
16:41:00.0412 1744 ================ Scan MBR ==================================
16:41:00.0412 1744 [ C0DCF0AC171DB02DB8B0014C5D767CF1 ] \Device\Harddisk0\DR0
16:41:00.0412 1744 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:41:00.0472 1744 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:41:00.0472 1744 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:41:01.0354 1744 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:41:01.0354 1744 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:41:01.0364 1744 ================ Scan VBR ==================================
16:41:01.0384 1744 [ CE449809165F6712BCDC4055A7D71A23 ] \Device\Harddisk0\DR0\Partition1
16:41:01.0384 1744 \Device\Harddisk0\DR0\Partition1 - ok
16:41:01.0404 1744 [ 5E1F4ADF1CC21B6E6267553A714A13B5 ] \Device\Harddisk0\DR0\Partition2
16:41:01.0414 1744 \Device\Harddisk0\DR0\Partition2 - ok
16:41:01.0444 1744 [ 2F94A041E230345BD452233B76E81222 ] \Device\Harddisk0\DR0\Partition3
16:41:01.0484 1744 \Device\Harddisk0\DR0\Partition3 - ok
16:41:01.0515 1744 [ CDF65D9485ECC75DB48D4AEF1ABB2EE9 ] \Device\Harddisk0\DR0\Partition4
16:41:01.0515 1744 \Device\Harddisk0\DR0\Partition4 - ok
16:41:01.0515 1744 ============================================================
16:41:01.0515 1744 Scan finished
16:41:01.0515 1744 ============================================================
16:41:01.0535 5548 Detected object count: 2
16:41:01.0535 5548 Actual detected object count: 2
16:41:25.0627 5548 \Device\Harddisk0\DR0\# - copied to quarantine
16:41:25.0627 5548 \Device\Harddisk0\DR0 - copied to quarantine
16:41:26.0311 5548 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:41:33.0641 5548 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:41:33.0741 5548 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:41:33.0957 5548 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:41:34.0167 5548 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:41:34.0187 5548 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:41:34.0207 5548 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:41:34.0227 5548 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:41:34.0459 5548 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:41:34.0589 5548 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:41:34.0709 5548 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
16:41:34.0719 5548 \Device\Harddisk0\DR0 - ok
16:41:39.0089 5548 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
16:41:39.0089 5548 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:41:39.0089 5548 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#5 BakaAnnsan101

BakaAnnsan101
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 13 October 2012 - 04:52 PM

Heres the second one.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-12 18:09:49
-----------------------------
18:09:49.983 OS Version: Windows x64 6.1.7601 Service Pack 1
18:09:49.983 Number of processors: 2 586 0x100
18:09:49.984 ComputerName: ANNBAILEY-HP UserName: ANN BAILEY
18:09:53.722 Initialize success
18:09:54.729 AVAST engine defs: 12101201
18:12:37.776 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
18:12:37.779 Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 11
18:12:37.781 Device \Driver\amd_sata -> MajorFunction fffffa8004ce45c4
18:12:37.785 Disk 0 MBR read successfully
18:12:37.788 Disk 0 MBR scan
18:12:37.792 Disk 0 Windows 7 default MBR code
18:12:37.816 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:12:37.833 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595094 MB offset 409600
18:12:37.862 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15082 MB offset 1219162112
18:12:37.885 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
18:12:37.920 Disk 0 scanning C:\Windows\system32\drivers
18:12:49.835 Service scanning
18:13:19.520 Modules scanning
18:13:19.524 Disk 0 trace - called modules:
18:13:19.527 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys >>UNKNOWN [0xfffffa8004ce45c4]<<
18:13:19.528 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004636060]
18:13:19.529 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80040828c0]
18:13:19.530 5 amd_xata.sys[fffff880010b28f7] -> nt!IofCallDriver -> \Device\00000061[0xfffffa800407e630]
18:13:19.530 \Driver\amd_sata[0xfffffa8004bf1e70] -> IRP_MJ_CREATE -> 0xfffffa8004ce45c4
18:13:22.489 AVAST engine scan C:\Windows
18:13:26.779 AVAST engine scan C:\Windows\system32
18:16:38.012 AVAST engine scan C:\Windows\system32\drivers
18:16:57.981 AVAST engine scan C:\Users\ANN BAILEY
18:30:20.700 Disk 0 MBR has been saved successfully to "C:\Users\ANN BAILEY\Desktop\MBR.dat"
18:30:20.711 The log file has been saved successfully to "C:\Users\ANN BAILEY\Desktop\SAVED LOG.txt"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users