Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can you help


  • Please log in to reply
21 replies to this topic

#1 bullwest

bullwest

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 07:17 PM

First I got the FBI Moneypak 2, got that taken care of. Now I got hit with the File Recovery thing. Got rid of that but now my IE reroutes or redirects constantly and is way way slow. Im in safe mode now because in regular this website will only load for a min then IE stops working. Oh yeah the IE has been doing that for about a week now but only when I close an IE window. Can you help me please??


EDIT:Moved to Am I Infected from Win7 ~~ boopme

Edited by boopme, 03 November 2012 - 07:44 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 07:51 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 08:13 PM

The TDSSKiller is not opening. I saved it to desktop the second time I downloaded it. The program doesnt open

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 08:17 PM

Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#5 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 08:30 PM

ListParts by Farbar Version: 30-10-2012
Ran by Steve (administrator) on 03-11-2012 at 21:23:44
Windows 7 (X64)
Running From: C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQCTHIOZ
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 26%
Total physical RAM: 4020.8 MB
Available physical RAM: 2946.61 MB
Total Pagefile: 8039.8 MB
Available Pagefile: 7121.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (TI106401W0D) (Fixed) (Total:581.42 GB) (Free:541.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: () (Removable) (Total:0.95 GB) (Free:0.91 GB) FAT32

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 596 GB 0 B
Disk 1 Online 971 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 581 GB 1501 MB
Partition 3 Primary 13 GB 582 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System NTFS Partition 1500 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI106401W0D NTFS Partition 581 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 971 MB 0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================
==========================================================
TDL4: custom:26000022


****** End Of Log ******

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 08:34 PM

.

Edited by narenxp, 03 November 2012 - 11:43 PM.


#7 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 08:42 PM

I tried to run the tdssfix. A security scan said it was unsafe and stopped it, only giving me a delete option

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 08:42 PM

Disable your antivirus

#9 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 09:19 PM

Norton came with this laptop the trial version ran out. My action center says that norton is running antivirus. I can't get norton to open to disable it.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 09:20 PM

Right click on Norton icon(quick launch,right corner) and disable it or if it is trail version,uninstall it.

Edited by narenxp, 03 November 2012 - 09:21 PM.


#11 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 09:28 PM

Norton will not open and it will not uninstall. Im trying, WTF is going on????

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 09:30 PM

Use norton removal tool

ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

#13 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 09:39 PM

I tried your link and it can't connect to it. I do a search for the removal tool, I find it on the norton website I click on the tool and it will not connect to the download.????????????

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 03 November 2012 - 09:42 PM

No problem,download from here

Norton removal tool

#15 bullwest

bullwest
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 03 November 2012 - 11:41 PM

3 logs were generated this one was right off C:

23:07:35.0545 3740 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:07:48.0628 3740 ============================================================
23:07:48.0628 3740 Current date / time: 2012/11/03 23:07:48.0628
23:07:48.0628 3740 SystemInfo:
23:07:48.0628 3740
23:07:48.0628 3740 OS Version: 6.1.7601 ServicePack: 1.0
23:07:48.0628 3740 Product type: Workstation
23:07:48.0628 3740 ComputerName: STEVE-PC
23:07:48.0628 3740 UserName: Steve
23:07:48.0628 3740 Windows directory: C:\windows
23:07:48.0628 3740 System windows directory: C:\windows
23:07:48.0628 3740 Running under WOW64
23:07:48.0628 3740 Processor architecture: Intel x64
23:07:48.0628 3740 Number of processors: 2
23:07:48.0628 3740 Page size: 0x1000
23:07:48.0628 3740 Boot type: Normal boot
23:07:48.0628 3740 ============================================================
23:07:48.0686 3740 BG loaded
23:07:49.0040 3740 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
23:07:49.0043 3740 ============================================================
23:07:49.0043 3740 \Device\Harddisk0\DR0:
23:07:49.0043 3740 MBR partitions:
23:07:49.0043 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48AD5800
23:07:49.0043 3740 ============================================================
23:07:49.0063 3740 C: <-> \Device\Harddisk0\DR0\Partition1
23:07:49.0063 3740 ============================================================
23:07:49.0063 3740 Initialize success
23:07:49.0063 3740 ============================================================
23:08:00.0269 2416 ============================================================
23:08:00.0269 2416 Scan started
23:08:00.0269 2416 Mode: Manual;
23:08:00.0269 2416 ============================================================
23:08:02.0396 2416 ================ Scan system memory ========================
23:08:02.0396 2416 System memory - ok
23:08:02.0396 2416 ================ Scan services =============================
23:08:02.0793 2416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
23:08:02.0797 2416 1394ohci - ok
23:08:02.0836 2416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
23:08:02.0841 2416 ACPI - ok
23:08:02.0878 2416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
23:08:02.0879 2416 AcpiPmi - ok
23:08:02.0971 2416 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:08:02.0972 2416 AdobeARMservice - ok
23:08:03.0112 2416 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:08:03.0115 2416 AdobeFlashPlayerUpdateSvc - ok
23:08:03.0169 2416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
23:08:03.0175 2416 adp94xx - ok
23:08:03.0202 2416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
23:08:03.0206 2416 adpahci - ok
23:08:03.0233 2416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
23:08:03.0236 2416 adpu320 - ok
23:08:03.0264 2416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
23:08:03.0265 2416 AeLookupSvc - ok
23:08:03.0300 2416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
23:08:03.0304 2416 AFD - ok
23:08:03.0351 2416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
23:08:03.0352 2416 agp440 - ok
23:08:03.0378 2416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
23:08:03.0380 2416 ALG - ok
23:08:03.0405 2416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
23:08:03.0406 2416 aliide - ok
23:08:03.0422 2416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
23:08:03.0423 2416 amdide - ok
23:08:03.0463 2416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
23:08:03.0465 2416 AmdK8 - ok
23:08:03.0484 2416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
23:08:03.0486 2416 AmdPPM - ok
23:08:03.0509 2416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
23:08:03.0511 2416 amdsata - ok
23:08:03.0533 2416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
23:08:03.0536 2416 amdsbs - ok
23:08:03.0551 2416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
23:08:03.0552 2416 amdxata - ok
23:08:03.0590 2416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
23:08:03.0591 2416 AppID - ok
23:08:03.0612 2416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
23:08:03.0614 2416 AppIDSvc - ok
23:08:03.0625 2416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
23:08:03.0626 2416 Appinfo - ok
23:08:03.0714 2416 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:08:03.0716 2416 Apple Mobile Device - ok
23:08:03.0755 2416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
23:08:03.0757 2416 arc - ok
23:08:03.0776 2416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
23:08:03.0778 2416 arcsas - ok
23:08:03.0905 2416 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:08:03.0906 2416 aspnet_state - ok
23:08:03.0956 2416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:08:03.0957 2416 AsyncMac - ok
23:08:03.0982 2416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
23:08:03.0984 2416 atapi - ok
23:08:04.0035 2416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:08:04.0040 2416 AudioEndpointBuilder - ok
23:08:04.0051 2416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
23:08:04.0055 2416 AudioSrv - ok
23:08:04.0090 2416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
23:08:04.0092 2416 AxInstSV - ok
23:08:04.0129 2416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
23:08:04.0135 2416 b06bdrv - ok
23:08:04.0158 2416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
23:08:04.0162 2416 b57nd60a - ok
23:08:04.0227 2416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
23:08:04.0229 2416 BDESVC - ok
23:08:04.0241 2416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
23:08:04.0241 2416 Beep - ok
23:08:04.0278 2416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
23:08:04.0284 2416 BFE - ok
23:08:04.0371 2416 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
23:08:04.0373 2416 BingDesktopUpdate - ok
23:08:04.0444 2416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
23:08:04.0452 2416 BITS - ok
23:08:04.0481 2416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
23:08:04.0482 2416 blbdrive - ok
23:08:04.0558 2416 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:08:04.0561 2416 Bonjour Service - ok
23:08:04.0601 2416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
23:08:04.0603 2416 bowser - ok
23:08:04.0633 2416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
23:08:04.0634 2416 BrFiltLo - ok
23:08:04.0662 2416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
23:08:04.0663 2416 BrFiltUp - ok
23:08:04.0708 2416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
23:08:04.0710 2416 Browser - ok
23:08:04.0753 2416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
23:08:04.0758 2416 Brserid - ok
23:08:04.0777 2416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
23:08:04.0778 2416 BrSerWdm - ok
23:08:04.0856 2416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
23:08:04.0856 2416 BrUsbMdm - ok
23:08:04.0892 2416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
23:08:04.0893 2416 BrUsbSer - ok
23:08:04.0906 2416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
23:08:04.0908 2416 BTHMODEM - ok
23:08:04.0950 2416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
23:08:04.0952 2416 bthserv - ok
23:08:04.0973 2416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
23:08:04.0974 2416 cdfs - ok
23:08:05.0007 2416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
23:08:05.0009 2416 cdrom - ok
23:08:05.0049 2416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
23:08:05.0051 2416 CertPropSvc - ok
23:08:05.0072 2416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
23:08:05.0073 2416 circlass - ok
23:08:05.0095 2416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
23:08:05.0100 2416 CLFS - ok
23:08:05.0176 2416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:08:05.0178 2416 clr_optimization_v2.0.50727_32 - ok
23:08:05.0213 2416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:08:05.0214 2416 clr_optimization_v2.0.50727_64 - ok
23:08:05.0312 2416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:08:05.0314 2416 clr_optimization_v4.0.30319_32 - ok
23:08:05.0354 2416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:08:05.0356 2416 clr_optimization_v4.0.30319_64 - ok
23:08:05.0378 2416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
23:08:05.0379 2416 CmBatt - ok
23:08:05.0424 2416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
23:08:05.0425 2416 cmdide - ok
23:08:05.0477 2416 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
23:08:05.0483 2416 CNG - ok
23:08:05.0500 2416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
23:08:05.0502 2416 Compbatt - ok
23:08:05.0526 2416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
23:08:05.0527 2416 CompositeBus - ok
23:08:05.0539 2416 COMSysApp - ok
23:08:05.0576 2416 [ 723E3512D6D1FF75E5398981B38FCEF7 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
23:08:05.0580 2416 cphs - ok
23:08:05.0611 2416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
23:08:05.0612 2416 crcdisk - ok
23:08:05.0665 2416 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
23:08:05.0668 2416 CryptSvc - ok
23:08:05.0758 2416 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:08:05.0764 2416 cvhsvc - ok
23:08:05.0811 2416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
23:08:05.0816 2416 DcomLaunch - ok
23:08:05.0858 2416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
23:08:05.0862 2416 defragsvc - ok
23:08:05.0900 2416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
23:08:05.0901 2416 DfsC - ok
23:08:05.0966 2416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
23:08:05.0969 2416 Dhcp - ok
23:08:06.0008 2416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
23:08:06.0009 2416 discache - ok
23:08:06.0020 2416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
23:08:06.0022 2416 Disk - ok
23:08:06.0041 2416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:08:06.0042 2416 Dnscache - ok
23:08:06.0048 2416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
23:08:06.0052 2416 dot3svc - ok
23:08:06.0074 2416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
23:08:06.0076 2416 DPS - ok
23:08:06.0113 2416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:08:06.0114 2416 drmkaud - ok
23:08:06.0160 2416 [ ED5B31FFC64B9305DDB468701E4019A0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
23:08:06.0166 2416 DXGKrnl - ok
23:08:06.0202 2416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
23:08:06.0204 2416 EapHost - ok
23:08:06.0546 2416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
23:08:06.0619 2416 ebdrv - ok
23:08:06.0656 2416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
23:08:06.0658 2416 EFS - ok
23:08:06.0717 2416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
23:08:06.0725 2416 ehRecvr - ok
23:08:06.0752 2416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
23:08:06.0754 2416 ehSched - ok
23:08:06.0784 2416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
23:08:06.0791 2416 elxstor - ok
23:08:06.0815 2416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
23:08:06.0815 2416 ErrDev - ok
23:08:06.0897 2416 [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
23:08:06.0898 2416 esgiguard - ok
23:08:06.0942 2416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
23:08:06.0945 2416 EventSystem - ok
23:08:06.0981 2416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
23:08:06.0984 2416 exfat - ok
23:08:07.0016 2416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
23:08:07.0019 2416 fastfat - ok
23:08:07.0071 2416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
23:08:07.0076 2416 Fax - ok
23:08:07.0086 2416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
23:08:07.0087 2416 fdc - ok
23:08:07.0123 2416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
23:08:07.0124 2416 fdPHost - ok
23:08:07.0134 2416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
23:08:07.0135 2416 FDResPub - ok
23:08:07.0168 2416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
23:08:07.0170 2416 FileInfo - ok
23:08:07.0195 2416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
23:08:07.0196 2416 Filetrace - ok
23:08:07.0231 2416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
23:08:07.0232 2416 flpydisk - ok
23:08:07.0258 2416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:08:07.0261 2416 FltMgr - ok
23:08:07.0349 2416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
23:08:07.0358 2416 FontCache - ok
23:08:07.0441 2416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:08:07.0442 2416 FontCache3.0.0.0 - ok
23:08:07.0480 2416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
23:08:07.0482 2416 FsDepends - ok
23:08:07.0512 2416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:08:07.0513 2416 Fs_Rec - ok
23:08:07.0556 2416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
23:08:07.0559 2416 fvevol - ok
23:08:07.0588 2416 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
23:08:07.0588 2416 FwLnk - ok
23:08:07.0601 2416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
23:08:07.0603 2416 gagp30kx - ok
23:08:07.0661 2416 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:08:07.0664 2416 GamesAppService - ok
23:08:07.0710 2416 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
23:08:07.0710 2416 GEARAspiWDM - ok
23:08:07.0762 2416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
23:08:07.0768 2416 gpsvc - ok
23:08:07.0840 2416 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:08:07.0841 2416 gupdate - ok
23:08:07.0846 2416 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:08:07.0847 2416 gupdatem - ok
23:08:07.0874 2416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
23:08:07.0876 2416 hcw85cir - ok
23:08:07.0911 2416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:08:07.0916 2416 HdAudAddService - ok
23:08:07.0934 2416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
23:08:07.0935 2416 HDAudBus - ok
23:08:07.0980 2416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
23:08:07.0981 2416 HidBatt - ok
23:08:08.0011 2416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
23:08:08.0013 2416 HidBth - ok
23:08:08.0034 2416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
23:08:08.0035 2416 HidIr - ok
23:08:08.0053 2416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
23:08:08.0055 2416 hidserv - ok
23:08:08.0096 2416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
23:08:08.0097 2416 HidUsb - ok
23:08:08.0137 2416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
23:08:08.0140 2416 hkmsvc - ok
23:08:08.0147 2416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:08:08.0149 2416 HomeGroupListener - ok
23:08:08.0191 2416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:08:08.0193 2416 HomeGroupProvider - ok
23:08:08.0232 2416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
23:08:08.0234 2416 HpSAMD - ok
23:08:08.0274 2416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
23:08:08.0280 2416 HTTP - ok
23:08:08.0307 2416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
23:08:08.0308 2416 hwpolicy - ok
23:08:08.0318 2416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
23:08:08.0319 2416 i8042prt - ok
23:08:08.0380 2416 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
23:08:08.0383 2416 iaStor - ok
23:08:08.0443 2416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
23:08:08.0448 2416 iaStorV - ok
23:08:08.0506 2416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:08:08.0515 2416 idsvc - ok
23:08:09.0294 2416 [ 9AA61DC7AA32C1D1260C4267FF07E0C1 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
23:08:09.0382 2416 igfx - ok
23:08:09.0403 2416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
23:08:09.0404 2416 iirsp - ok
23:08:09.0450 2416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
23:08:09.0456 2416 IKEEXT - ok
23:08:09.0599 2416 [ F242E36CDA231701CFA702641C20FAEC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
23:08:09.0630 2416 IntcAzAudAddService - ok
23:08:09.0688 2416 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
23:08:09.0690 2416 IntcDAud - ok
23:08:09.0760 2416 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:08:09.0764 2416 Intel® Capability Licensing Service Interface - ok
23:08:09.0794 2416 [ D7467E57549960468E0CA85C17185B12 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
23:08:09.0796 2416 Intel® ME Service - ok
23:08:09.0825 2416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
23:08:09.0827 2416 intelide - ok
23:08:09.0848 2416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
23:08:09.0849 2416 intelppm - ok
23:08:09.0917 2416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
23:08:09.0919 2416 IPBusEnum - ok
23:08:09.0946 2416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:08:09.0947 2416 IpFilterDriver - ok
23:08:09.0984 2416 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
23:08:09.0989 2416 iphlpsvc - ok
23:08:10.0018 2416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
23:08:10.0019 2416 IPMIDRV - ok
23:08:10.0041 2416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
23:08:10.0043 2416 IPNAT - ok
23:08:10.0149 2416 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:08:10.0155 2416 iPod Service - ok
23:08:10.0201 2416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
23:08:10.0202 2416 IRENUM - ok
23:08:10.0239 2416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
23:08:10.0240 2416 isapnp - ok
23:08:10.0271 2416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
23:08:10.0275 2416 iScsiPrt - ok
23:08:10.0336 2416 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
23:08:10.0337 2416 iusb3hcs - ok
23:08:10.0366 2416 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
23:08:10.0369 2416 iusb3hub - ok
23:08:10.0420 2416 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
23:08:10.0425 2416 iusb3xhc - ok
23:08:10.0471 2416 [ 604A8615BB3D7064197A0563C799B938 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
23:08:10.0472 2416 jhi_service - ok
23:08:10.0497 2416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
23:08:10.0498 2416 kbdclass - ok
23:08:10.0528 2416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
23:08:10.0529 2416 kbdhid - ok
23:08:10.0545 2416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
23:08:10.0547 2416 KeyIso - ok
23:08:10.0567 2416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
23:08:10.0568 2416 KSecDD - ok
23:08:10.0603 2416 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
23:08:10.0605 2416 KSecPkg - ok
23:08:10.0651 2416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
23:08:10.0651 2416 ksthunk - ok
23:08:10.0693 2416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
23:08:10.0698 2416 KtmRm - ok
23:08:10.0736 2416 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
23:08:10.0737 2416 L1C - ok
23:08:10.0783 2416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
23:08:10.0785 2416 LanmanServer - ok
23:08:10.0795 2416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:08:10.0798 2416 LanmanWorkstation - ok
23:08:10.0829 2416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
23:08:10.0830 2416 lltdio - ok
23:08:10.0881 2416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
23:08:10.0885 2416 lltdsvc - ok
23:08:10.0899 2416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
23:08:10.0900 2416 lmhosts - ok
23:08:10.0942 2416 [ AB41542FA180CB3317F597ED7E7D5C5D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:08:10.0944 2416 LMS - ok
23:08:10.0956 2416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
23:08:10.0958 2416 LSI_FC - ok
23:08:10.0987 2416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
23:08:10.0989 2416 LSI_SAS - ok
23:08:11.0001 2416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
23:08:11.0002 2416 LSI_SAS2 - ok
23:08:11.0021 2416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
23:08:11.0023 2416 LSI_SCSI - ok
23:08:11.0043 2416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
23:08:11.0044 2416 luafv - ok
23:08:11.0084 2416 MBAMProtector - ok
23:08:11.0151 2416 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:08:11.0154 2416 MBAMScheduler - ok
23:08:11.0196 2416 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:08:11.0203 2416 MBAMService - ok
23:08:11.0230 2416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
23:08:11.0232 2416 Mcx2Svc - ok
23:08:11.0259 2416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
23:08:11.0261 2416 megasas - ok
23:08:11.0319 2416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
23:08:11.0322 2416 MegaSR - ok
23:08:11.0360 2416 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
23:08:11.0361 2416 MEIx64 - ok
23:08:11.0394 2416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
23:08:11.0396 2416 MMCSS - ok
23:08:11.0421 2416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
23:08:11.0422 2416 Modem - ok
23:08:11.0449 2416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
23:08:11.0450 2416 monitor - ok
23:08:11.0487 2416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
23:08:11.0488 2416 mouclass - ok
23:08:11.0503 2416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:08:11.0504 2416 mouhid - ok
23:08:11.0548 2416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
23:08:11.0549 2416 mountmgr - ok
23:08:11.0567 2416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
23:08:11.0569 2416 mpio - ok
23:08:11.0588 2416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
23:08:11.0589 2416 mpsdrv - ok
23:08:11.0635 2416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
23:08:11.0640 2416 MpsSvc - ok
23:08:11.0657 2416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
23:08:11.0660 2416 MRxDAV - ok
23:08:11.0691 2416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:08:11.0692 2416 mrxsmb - ok
23:08:11.0716 2416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
23:08:11.0718 2416 mrxsmb10 - ok
23:08:11.0734 2416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
23:08:11.0735 2416 mrxsmb20 - ok
23:08:11.0751 2416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
23:08:11.0752 2416 msahci - ok
23:08:11.0769 2416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
23:08:11.0771 2416 msdsm - ok
23:08:11.0799 2416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
23:08:11.0802 2416 MSDTC - ok
23:08:11.0837 2416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:08:11.0838 2416 Msfs - ok
23:08:11.0878 2416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
23:08:11.0879 2416 mshidkmdf - ok
23:08:11.0898 2416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
23:08:11.0900 2416 msisadrv - ok
23:08:11.0933 2416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
23:08:11.0936 2416 MSiSCSI - ok
23:08:11.0942 2416 msiserver - ok
23:08:11.0983 2416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:08:11.0984 2416 MSKSSRV - ok
23:08:11.0997 2416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:08:11.0997 2416 MSPCLOCK - ok
23:08:12.0016 2416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:08:12.0017 2416 MSPQM - ok
23:08:12.0047 2416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
23:08:12.0052 2416 MsRPC - ok
23:08:12.0070 2416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
23:08:12.0071 2416 mssmbios - ok
23:08:12.0093 2416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:08:12.0093 2416 MSTEE - ok
23:08:12.0137 2416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
23:08:12.0138 2416 MTConfig - ok
23:08:12.0168 2416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
23:08:12.0170 2416 Mup - ok
23:08:12.0199 2416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
23:08:12.0203 2416 napagent - ok
23:08:12.0263 2416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
23:08:12.0265 2416 NativeWifiP - ok
23:08:12.0323 2416 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
23:08:12.0334 2416 NDIS - ok
23:08:12.0372 2416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
23:08:12.0373 2416 NdisCap - ok
23:08:12.0399 2416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:08:12.0400 2416 NdisTapi - ok
23:08:12.0419 2416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:08:12.0420 2416 Ndisuio - ok
23:08:12.0440 2416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:08:12.0441 2416 NdisWan - ok
23:08:12.0445 2416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:08:12.0446 2416 NDProxy - ok
23:08:12.0475 2416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:08:12.0476 2416 NetBIOS - ok
23:08:12.0519 2416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:08:12.0521 2416 NetBT - ok
23:08:12.0534 2416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
23:08:12.0536 2416 Netlogon - ok
23:08:12.0576 2416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
23:08:12.0580 2416 Netman - ok
23:08:12.0645 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:08:12.0648 2416 NetMsmqActivator - ok
23:08:12.0652 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:08:12.0653 2416 NetPipeActivator - ok
23:08:12.0685 2416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
23:08:12.0689 2416 netprofm - ok
23:08:12.0698 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:08:12.0700 2416 NetTcpActivator - ok
23:08:12.0704 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:08:12.0705 2416 NetTcpPortSharing - ok
23:08:12.0734 2416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
23:08:12.0735 2416 nfrd960 - ok
23:08:12.0765 2416 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
23:08:12.0768 2416 NlaSvc - ok
23:08:12.0817 2416 Norton PC Checkup Application Launcher - ok
23:08:12.0832 2416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
23:08:12.0832 2416 Npfs - ok
23:08:12.0848 2416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
23:08:12.0849 2416 nsi - ok
23:08:12.0889 2416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
23:08:12.0890 2416 nsiproxy - ok
23:08:13.0025 2416 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:08:13.0057 2416 Ntfs - ok
23:08:13.0083 2416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
23:08:13.0083 2416 Null - ok
23:08:13.0097 2416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
23:08:13.0100 2416 nvraid - ok
23:08:13.0115 2416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
23:08:13.0118 2416 nvstor - ok
23:08:13.0133 2416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
23:08:13.0136 2416 nv_agp - ok
23:08:13.0156 2416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
23:08:13.0157 2416 ohci1394 - ok
23:08:13.0184 2416 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:08:13.0186 2416 ose - ok
23:08:13.0414 2416 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:08:13.0520 2416 osppsvc - ok
23:08:13.0558 2416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
23:08:13.0562 2416 p2pimsvc - ok
23:08:13.0585 2416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
23:08:13.0589 2416 p2psvc - ok
23:08:13.0678 2416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
23:08:13.0680 2416 Parport - ok
23:08:13.0720 2416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
23:08:13.0722 2416 partmgr - ok
23:08:13.0743 2416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
23:08:13.0745 2416 PcaSvc - ok
23:08:13.0764 2416 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
23:08:13.0765 2416 PCCUJobMgr - ok
23:08:13.0809 2416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
23:08:13.0812 2416 pci - ok
23:08:13.0831 2416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
23:08:13.0836 2416 pciide - ok
23:08:13.0857 2416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
23:08:13.0861 2416 pcmcia - ok
23:08:13.0883 2416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
23:08:13.0884 2416 pcw - ok
23:08:13.0922 2416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
23:08:13.0926 2416 PEAUTH - ok
23:08:14.0035 2416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
23:08:14.0037 2416 PerfHost - ok
23:08:14.0090 2416 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
23:08:14.0091 2416 PGEffect - ok
23:08:14.0140 2416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
23:08:14.0158 2416 pla - ok
23:08:14.0212 2416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
23:08:14.0217 2416 PlugPlay - ok
23:08:14.0244 2416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
23:08:14.0246 2416 PNRPAutoReg - ok
23:08:14.0269 2416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
23:08:14.0272 2416 PNRPsvc - ok
23:08:14.0315 2416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
23:08:14.0318 2416 PolicyAgent - ok
23:08:14.0380 2416 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
23:08:14.0382 2416 Power - ok
23:08:14.0425 2416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:08:14.0426 2416 PptpMiniport - ok
23:08:14.0438 2416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
23:08:14.0439 2416 Processor - ok
23:08:14.0481 2416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
23:08:14.0483 2416 ProfSvc - ok
23:08:14.0501 2416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
23:08:14.0502 2416 ProtectedStorage - ok
23:08:14.0530 2416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
23:08:14.0532 2416 Psched - ok
23:08:14.0564 2416 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\windows\system32\DRIVERS\psi_mf.sys
23:08:14.0565 2416 PSI - ok
23:08:14.0655 2416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
23:08:14.0687 2416 ql2300 - ok
23:08:14.0704 2416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
23:08:14.0706 2416 ql40xx - ok
23:08:14.0732 2416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
23:08:14.0736 2416 QWAVE - ok
23:08:14.0753 2416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
23:08:14.0754 2416 QWAVEdrv - ok
23:08:14.0776 2416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:08:14.0777 2416 RasAcd - ok
23:08:14.0806 2416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
23:08:14.0807 2416 RasAgileVpn - ok
23:08:14.0832 2416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
23:08:14.0834 2416 RasAuto - ok
23:08:14.0846 2416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:08:14.0847 2416 Rasl2tp - ok
23:08:14.0869 2416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
23:08:14.0874 2416 RasMan - ok
23:08:14.0892 2416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:08:14.0893 2416 RasPppoe - ok
23:08:14.0937 2416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
23:08:14.0938 2416 RasSstp - ok
23:08:14.0960 2416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:08:14.0962 2416 rdbss - ok
23:08:14.0979 2416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
23:08:14.0981 2416 rdpbus - ok
23:08:15.0006 2416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:08:15.0007 2416 RDPCDD - ok
23:08:15.0032 2416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
23:08:15.0032 2416 RDPENCDD - ok
23:08:15.0039 2416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
23:08:15.0039 2416 RDPREFMP - ok
23:08:15.0089 2416 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
23:08:15.0090 2416 RdpVideoMiniport - ok
23:08:15.0120 2416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:08:15.0123 2416 RDPWD - ok
23:08:15.0156 2416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
23:08:15.0159 2416 rdyboost - ok
23:08:15.0181 2416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
23:08:15.0184 2416 RemoteAccess - ok
23:08:15.0224 2416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
23:08:15.0228 2416 RemoteRegistry - ok
23:08:15.0257 2416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
23:08:15.0260 2416 RpcEptMapper - ok
23:08:15.0297 2416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
23:08:15.0300 2416 RpcLocator - ok
23:08:15.0333 2416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
23:08:15.0338 2416 RpcSs - ok
23:08:15.0363 2416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
23:08:15.0364 2416 rspndr - ok
23:08:15.0406 2416 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
23:08:15.0408 2416 RSUSBVSTOR - ok
23:08:15.0459 2416 [ F33E70E48A54A7A1BFBEEB4F3B273E4A ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
23:08:15.0466 2416 RTL8192Ce - ok
23:08:15.0479 2416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
23:08:15.0480 2416 SamSs - ok
23:08:15.0500 2416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
23:08:15.0502 2416 sbp2port - ok
23:08:15.0535 2416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
23:08:15.0539 2416 SCardSvr - ok
23:08:15.0549 2416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
23:08:15.0550 2416 scfilter - ok
23:08:15.0585 2416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
23:08:15.0595 2416 Schedule - ok
23:08:15.0616 2416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
23:08:15.0617 2416 SCPolicySvc - ok
23:08:15.0649 2416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
23:08:15.0652 2416 SDRSVC - ok
23:08:15.0690 2416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
23:08:15.0691 2416 secdrv - ok
23:08:15.0709 2416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
23:08:15.0711 2416 seclogon - ok
23:08:15.0854 2416 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
23:08:15.0862 2416 Secunia PSI Agent - ok
23:08:15.0957 2416 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
23:08:15.0962 2416 Secunia Update Agent - ok
23:08:15.0996 2416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
23:08:15.0998 2416 SENS - ok
23:08:16.0017 2416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
23:08:16.0020 2416 SensrSvc - ok
23:08:16.0059 2416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
23:08:16.0060 2416 Serenum - ok
23:08:16.0089 2416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
23:08:16.0091 2416 Serial - ok
23:08:16.0102 2416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
23:08:16.0104 2416 sermouse - ok
23:08:16.0146 2416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
23:08:16.0149 2416 SessionEnv - ok
23:08:16.0181 2416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
23:08:16.0182 2416 sffdisk - ok
23:08:16.0189 2416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
23:08:16.0190 2416 sffp_mmc - ok
23:08:16.0206 2416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
23:08:16.0207 2416 sffp_sd - ok
23:08:16.0238 2416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
23:08:16.0239 2416 sfloppy - ok
23:08:16.0285 2416 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
23:08:16.0290 2416 Sftfs - ok
23:08:16.0385 2416 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:08:16.0389 2416 sftlist - ok
23:08:16.0407 2416 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
23:08:16.0409 2416 Sftplay - ok
23:08:16.0439 2416 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
23:08:16.0439 2416 Sftredir - ok
23:08:16.0466 2416 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
23:08:16.0467 2416 Sftvol - ok
23:08:16.0494 2416 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:08:16.0496 2416 sftvsa - ok
23:08:16.0554 2416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
23:08:16.0560 2416 SharedAccess - ok
23:08:16.0594 2416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:08:16.0598 2416 ShellHWDetection - ok
23:08:16.0609 2416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
23:08:16.0611 2416 SiSRaid2 - ok
23:08:16.0640 2416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
23:08:16.0643 2416 SiSRaid4 - ok
23:08:16.0674 2416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
23:08:16.0676 2416 Smb - ok
23:08:16.0715 2416 [ E922286ED6677104AEBB210B9F0BF6F3 ] SmbDrv C:\windows\system32\DRIVERS\Smb_driver.sys
23:08:16.0716 2416 SmbDrv - ok
23:08:16.0763 2416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
23:08:16.0764 2416 SNMPTRAP - ok
23:08:16.0785 2416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
23:08:16.0787 2416 spldr - ok
23:08:16.0827 2416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
23:08:16.0832 2416 Spooler - ok
23:08:17.0027 2416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
23:08:17.0055 2416 sppsvc - ok
23:08:17.0097 2416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
23:08:17.0099 2416 sppuinotify - ok
23:08:17.0186 2416 [ 2ED464C8CBC399E69FBF776A8EBC3302 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
23:08:17.0193 2416 SpyHunter 4 Service - ok
23:08:17.0250 2416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
23:08:17.0253 2416 srv - ok
23:08:17.0287 2416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
23:08:17.0290 2416 srv2 - ok
23:08:17.0349 2416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
23:08:17.0351 2416 srvnet - ok
23:08:17.0396 2416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:08:17.0399 2416 SSDPSRV - ok
23:08:17.0408 2416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
23:08:17.0411 2416 SstpSvc - ok
23:08:17.0484 2416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
23:08:17.0486 2416 stexstor - ok
23:08:17.0517 2416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
23:08:17.0522 2416 stisvc - ok
23:08:17.0538 2416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
23:08:17.0539 2416 swenum - ok
23:08:17.0576 2416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
23:08:17.0583 2416 swprv - ok
23:08:17.0618 2416 [ 92F4AFC1FDE7A4CA0C88F9143F4DD323 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
23:08:17.0621 2416 SynTP - ok
23:08:17.0723 2416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
23:08:17.0737 2416 SysMain - ok
23:08:17.0766 2416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
23:08:17.0768 2416 TabletInputService - ok
23:08:17.0776 2416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
23:08:17.0781 2416 TapiSrv - ok
23:08:17.0806 2416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
23:08:17.0807 2416 TBS - ok
23:08:17.0877 2416 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
23:08:17.0896 2416 Tcpip - ok
23:08:17.0971 2416 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
23:08:17.0984 2416 TCPIP6 - ok
23:08:18.0015 2416 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
23:08:18.0016 2416 tcpipreg - ok
23:08:18.0046 2416 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
23:08:18.0046 2416 tdcmdpst - ok
23:08:18.0082 2416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
23:08:18.0084 2416 TDPIPE - ok
23:08:18.0098 2416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
23:08:18.0099 2416 TDTCP - ok
23:08:18.0130 2416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
23:08:18.0131 2416 tdx - ok
23:08:18.0158 2416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
23:08:18.0158 2416 TermDD - ok
23:08:18.0194 2416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
23:08:18.0203 2416 TermService - ok
23:08:18.0220 2416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
23:08:18.0222 2416 Themes - ok
23:08:18.0240 2416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
23:08:18.0241 2416 THREADORDER - ok
23:08:18.0316 2416 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:08:18.0317 2416 TMachInfo - ok
23:08:18.0366 2416 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
23:08:18.0368 2416 TODDSrv - ok
23:08:18.0444 2416 [ 4AE80C5F7772C4FB2A762F70AD4A111E ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
23:08:18.0448 2416 TosCoSrv - ok
23:08:18.0501 2416 [ 6E2330FB032ED3EBEFC1349AD7081A98 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
23:08:18.0503 2416 TOSHIBA eco Utility Service - ok
23:08:18.0560 2416 [ 9338C2DEB14CA2804BCB3276CB7EB4FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
23:08:18.0561 2416 TOSHIBA HDD SSD Alert Service - ok
23:08:18.0627 2416 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
23:08:18.0633 2416 tos_sps64 - ok
23:08:18.0673 2416 [ 36CDD894395BEC46EFB14F49D77D3D82 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
23:08:18.0678 2416 TPCHSrv - ok
23:08:18.0715 2416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
23:08:18.0717 2416 TrkWks - ok
23:08:18.0771 2416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:08:18.0774 2416 TrustedInstaller - ok
23:08:18.0794 2416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
23:08:18.0795 2416 tssecsrv - ok
23:08:18.0829 2416 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
23:08:18.0831 2416 TsUsbFlt - ok
23:08:18.0853 2416 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
23:08:18.0854 2416 TsUsbGD - ok
23:08:18.0877 2416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
23:08:18.0878 2416 tunnel - ok
23:08:18.0925 2416 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
23:08:18.0927 2416 TVALZ - ok
23:08:18.0970 2416 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
23:08:18.0971 2416 TVALZFL - ok
23:08:18.0995 2416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
23:08:18.0997 2416 uagp35 - ok
23:08:19.0022 2416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
23:08:19.0026 2416 udfs - ok
23:08:19.0051 2416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
23:08:19.0053 2416 UI0Detect - ok
23:08:19.0066 2416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
23:08:19.0067 2416 uliagpkx - ok
23:08:19.0090 2416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
23:08:19.0090 2416 umbus - ok
23:08:19.0108 2416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
23:08:19.0109 2416 UmPass - ok
23:08:19.0208 2416 [ 182BBA1B43898D5DA0938D2E9A526B31 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:08:19.0210 2416 UNS - ok
23:08:19.0242 2416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
23:08:19.0246 2416 upnphost - ok
23:08:19.0274 2416 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
23:08:19.0276 2416 USBAAPL64 - ok
23:08:19.0298 2416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
23:08:19.0301 2416 usbccgp - ok
23:08:19.0322 2416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
23:08:19.0324 2416 usbcir - ok
23:08:19.0341 2416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
23:08:19.0341 2416 usbehci - ok
23:08:19.0360 2416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
23:08:19.0363 2416 usbhub - ok
23:08:19.0377 2416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
23:08:19.0378 2416 usbohci - ok
23:08:19.0402 2416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
23:08:19.0404 2416 usbprint - ok
23:08:19.0413 2416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
23:08:19.0415 2416 USBSTOR - ok
23:08:19.0435 2416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
23:08:19.0436 2416 usbuhci - ok
23:08:19.0451 2416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
23:08:19.0452 2416 usbvideo - ok
23:08:19.0473 2416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
23:08:19.0474 2416 UxSms - ok
23:08:19.0491 2416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
23:08:19.0492 2416 VaultSvc - ok
23:08:19.0519 2416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
23:08:19.0521 2416 vdrvroot - ok
23:08:19.0540 2416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
23:08:19.0547 2416 vds - ok
23:08:19.0566 2416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
23:08:19.0568 2416 vga - ok
23:08:19.0586 2416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
23:08:19.0587 2416 VgaSave - ok
23:08:19.0609 2416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
23:08:19.0612 2416 vhdmp - ok
23:08:19.0641 2416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
23:08:19.0643 2416 viaide - ok
23:08:19.0654 2416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
23:08:19.0656 2416 volmgr - ok
23:08:19.0673 2416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
23:08:19.0677 2416 volmgrx - ok
23:08:19.0693 2416 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
23:08:19.0696 2416 volsnap - ok
23:08:19.0710 2416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
23:08:19.0713 2416 vsmraid - ok
23:08:19.0787 2416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
23:08:19.0805 2416 VSS - ok
23:08:19.0832 2416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
23:08:19.0833 2416 vwifibus - ok
23:08:19.0864 2416 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
23:08:19.0865 2416 vwififlt - ok
23:08:19.0902 2416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
23:08:19.0908 2416 W32Time - ok
23:08:19.0937 2416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
23:08:19.0938 2416 WacomPen - ok
23:08:19.0976 2416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
23:08:19.0977 2416 WANARP - ok
23:08:19.0981 2416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
23:08:19.0983 2416 Wanarpv6 - ok
23:08:20.0172 2416 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
23:08:20.0203 2416 WatAdminSvc - ok
23:08:20.0283 2416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
23:08:20.0302 2416 wbengine - ok
23:08:20.0309 2416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
23:08:20.0313 2416 WbioSrvc - ok
23:08:20.0348 2416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
23:08:20.0353 2416 wcncsvc - ok
23:08:20.0371 2416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:08:20.0374 2416 WcsPlugInService - ok
23:08:20.0390 2416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
23:08:20.0391 2416 Wd - ok
23:08:20.0419 2416 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
23:08:20.0427 2416 Wdf01000 - ok
23:08:20.0452 2416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
23:08:20.0453 2416 WdiServiceHost - ok
23:08:20.0458 2416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
23:08:20.0460 2416 WdiSystemHost - ok
23:08:20.0519 2416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
23:08:20.0523 2416 WebClient - ok
23:08:20.0552 2416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
23:08:20.0556 2416 Wecsvc - ok
23:08:20.0593 2416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
23:08:20.0594 2416 wercplsupport - ok
23:08:20.0619 2416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
23:08:20.0621 2416 WerSvc - ok
23:08:20.0645 2416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
23:08:20.0645 2416 WfpLwf - ok
23:08:20.0685 2416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
23:08:20.0686 2416 WIMMount - ok
23:08:20.0698 2416 WinDefend - ok
23:08:20.0707 2416 WinHttpAutoProxySvc - ok
23:08:20.0831 2416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:08:20.0833 2416 Winmgmt - ok
23:08:20.0940 2416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
23:08:20.0966 2416 WinRM - ok
23:08:21.0002 2416 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
23:08:21.0003 2416 WinUsb - ok
23:08:21.0051 2416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
23:08:21.0057 2416 Wlansvc - ok
23:08:21.0103 2416 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:08:21.0104 2416 wlcrasvc - ok
23:08:21.0275 2416 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:08:21.0291 2416 wlidsvc - ok
23:08:21.0307 2416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
23:08:21.0308 2416 WmiAcpi - ok
23:08:21.0348 2416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
23:08:21.0351 2416 wmiApSrv - ok
23:08:21.0383 2416 WMPNetworkSvc - ok
23:08:21.0416 2416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
23:08:21.0418 2416 WPCSvc - ok
23:08:21.0432 2416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
23:08:21.0436 2416 WPDBusEnum - ok
23:08:21.0463 2416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
23:08:21.0465 2416 ws2ifsl - ok
23:08:21.0483 2416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
23:08:21.0485 2416 wscsvc - ok
23:08:21.0489 2416 WSearch - ok
23:08:21.0671 2416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
23:08:21.0693 2416 wuauserv - ok
23:08:21.0732 2416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
23:08:21.0733 2416 WudfPf - ok
23:08:21.0752 2416 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
23:08:21.0754 2416 wudfsvc - ok
23:08:21.0802 2416 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
23:08:21.0807 2416 WwanSvc - ok
23:08:21.0829 2416 ================ Scan global ===============================
23:08:21.0844 2416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
23:08:21.0899 2416 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
23:08:21.0907 2416 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
23:08:21.0945 2416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
23:08:22.0047 2416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
23:08:22.0050 2416 [Global] - ok
23:08:22.0050 2416 ================ Scan MBR ==================================
23:08:22.0109 2416 [ 65CAE2B901610DF90BCBC6CB42528CE6 ] \Device\Harddisk0\DR0
23:08:22.0262 2416 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
23:08:22.0314 2416 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
23:08:22.0314 2416 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
23:08:22.0315 2416 ================ Scan VBR ==================================
23:08:22.0341 2416 [ C49DC14E4097517961D5F1D492321971 ] \Device\Harddisk0\DR0\Partition1
23:08:22.0343 2416 \Device\Harddisk0\DR0\Partition1 - ok
23:08:22.0343 2416 ============================================================
23:08:22.0343 2416 Scan finished
23:08:22.0343 2416 ============================================================
23:08:22.0354 2140 Detected object count: 1
23:08:22.0354 2140 Actual detected object count: 1
23:09:19.0796 2140 \Device\Harddisk0\DR0\# - copied to quarantine
23:09:19.0797 2140 \Device\Harddisk0\DR0 - copied to quarantine
23:09:20.0038 2140 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:09:20.0040 2140 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
23:09:20.0042 2140 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
23:09:20.0045 2140 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
23:09:20.0048 2140 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
23:09:20.0050 2140 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
23:09:20.0052 2140 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
23:09:20.0054 2140 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
23:09:20.0082 2140 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
23:09:20.0093 2140 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:09:20.0096 2140 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:09:20.0098 2140 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:09:20.0100 2140 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:09:20.0101 2140 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
23:09:20.0103 2140 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
23:09:20.0105 2140 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
23:09:20.0107 2140 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
23:09:20.0108 2140 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
23:09:20.0144 2140 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
23:09:20.0146 2140 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
23:09:20.0213 2140 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
23:09:20.0259 2140 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
23:09:20.0319 2140 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
23:09:20.0392 2140 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
23:09:20.0445 2140 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
23:09:20.0447 2140 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
23:09:20.0752 2140 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
23:09:20.0804 2140 \Device\Harddisk0\DR0 - processing error
23:09:53.0981 2140 \Device\Harddisk0\DR0 - will be restored on reboot
23:09:54.0067 2140 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore
23:10:58.0264 3024 Deinitialize success







aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-03 23:17:37
-----------------------------
23:17:37.683 OS Version: Windows x64 6.1.7601 Service Pack 1
23:17:37.683 Number of processors: 2 586 0x2A07
23:17:37.683 ComputerName: STEVE-PC UserName: Steve
23:17:39.024 Initialize success
23:29:04.528 AVAST engine defs: 12110301
23:30:58.939 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:30:58.954 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 3
23:30:58.970 Disk 0 MBR read successfully
23:30:58.970 Disk 0 MBR scan
23:30:58.985 Disk 0 Windows XP default MBR code
23:30:59.001 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
23:30:59.017 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595371 MB offset 3074048
23:30:59.063 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 13608 MB offset 1222393856
23:30:59.110 Disk 0 scanning C:\windows\system32\drivers
23:31:10.108 Service scanning
23:31:45.349 Modules scanning
23:31:45.364 Disk 0 trace - called modules:
23:31:45.427 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:31:45.442 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004f4d5d0]
23:31:45.442 3 CLASSPNP.SYS[fffff88001db843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004edd050]
23:31:46.690 AVAST engine scan C:\windows
23:31:49.202 AVAST engine scan C:\windows\system32
23:35:06.253 AVAST engine scan C:\windows\system32\drivers
23:35:19.965 AVAST engine scan C:\Users\Steve
23:37:30.835 Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\MBR.dat"
23:37:30.835 The log file has been saved successfully to "C:\Users\Steve\Desktop\aswMBRlog.txt"





and the Eset scan

C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0009.dta probably a variant of Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.11.2012_23.07.48\mbr0000\tdlfs0000\tsk0022.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\Temp\Temporary Internet Files\Content.IE5\FN67BVPE\ab[1].js HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Steve\AppData\Local\Temp\Temporary Internet Files\Content.IE5\XDGP2S4U\37822-15[1].js HTML/ScrInject.B.Gen virus deleted - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users