Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7: FBI Money Pak Virus


  • Please log in to reply
10 replies to this topic

#1 learntodowell

learntodowell

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 30 November 2012 - 04:26 PM

I have the FBI Money Pack virus. I have run MBAM, ESET Online Scanner, and Emsisoft Emergency Kit Deep Scan to no avail. I get the virus back when I no longer am in safe mode. Please help!!! :)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:18 AM

Posted 30 November 2012 - 05:28 PM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 04:47 AM

04:33:51.0688 1436 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
04:33:52.0094 1436 ============================================================
04:33:52.0094 1436 Current date / time: 2012/12/01 04:33:52.0094
04:33:52.0094 1436 SystemInfo:
04:33:52.0094 1436
04:33:52.0094 1436 OS Version: 6.1.7601 ServicePack: 1.0
04:33:52.0094 1436 Product type: Workstation
04:33:52.0094 1436 ComputerName: COMPUTERNAME
04:33:52.0094 1436 UserName: username
04:33:52.0094 1436 Windows directory: C:\Windows
04:33:52.0094 1436 System windows directory: C:\Windows
04:33:52.0094 1436 Running under WOW64
04:33:52.0094 1436 Processor architecture: Intel x64
04:33:52.0094 1436 Number of processors: 4
04:33:52.0094 1436 Page size: 0x1000
04:33:52.0094 1436 Boot type: Safe boot with network
04:33:52.0094 1436 ============================================================
04:33:52.0297 1436 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:33:52.0313 1436 ============================================================
04:33:52.0313 1436 \Device\Harddisk0\DR0:
04:33:52.0313 1436 MBR partitions:
04:33:52.0313 1436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
04:33:52.0313 1436 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800
04:33:52.0313 1436 ============================================================
04:33:52.0313 1436 C: <-> \Device\Harddisk0\DR0\Partition2
04:33:52.0313 1436 ============================================================
04:33:52.0313 1436 Initialize success
04:33:52.0313 1436 ============================================================
04:33:57.0141 1532 ============================================================
04:33:57.0141 1532 Scan started
04:33:57.0141 1532 Mode: Manual; TDLFS;
04:33:57.0141 1532 ============================================================
04:33:57.0438 1532 ================ Scan system memory ========================
04:33:57.0438 1532 System memory - ok
04:33:57.0438 1532 ================ Scan services =============================
04:33:57.0500 1532 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
04:33:57.0500 1532 1394ohci - ok
04:33:57.0516 1532 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Users\username\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys
04:33:57.0516 1532 A2DDA - ok
04:33:57.0532 1532 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
04:33:57.0532 1532 ACPI - ok
04:33:57.0532 1532 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
04:33:57.0532 1532 AcpiPmi - ok
04:33:57.0563 1532 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
04:33:57.0563 1532 AdobeARMservice - ok
04:33:57.0579 1532 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
04:33:57.0579 1532 adp94xx - ok
04:33:57.0594 1532 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
04:33:57.0594 1532 adpahci - ok
04:33:57.0610 1532 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
04:33:57.0610 1532 adpu320 - ok
04:33:57.0625 1532 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
04:33:57.0625 1532 AeLookupSvc - ok
04:33:57.0641 1532 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
04:33:57.0641 1532 AFD - ok
04:33:57.0657 1532 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
04:33:57.0657 1532 agp440 - ok
04:33:57.0657 1532 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
04:33:57.0657 1532 ALG - ok
04:33:57.0672 1532 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
04:33:57.0672 1532 aliide - ok
04:33:57.0672 1532 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
04:33:57.0672 1532 amdide - ok
04:33:57.0688 1532 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
04:33:57.0688 1532 AmdK8 - ok
04:33:57.0688 1532 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
04:33:57.0688 1532 AmdPPM - ok
04:33:57.0704 1532 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
04:33:57.0704 1532 amdsata - ok
04:33:57.0719 1532 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
04:33:57.0719 1532 amdsbs - ok
04:33:57.0735 1532 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
04:33:57.0735 1532 amdxata - ok
04:33:57.0735 1532 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
04:33:57.0735 1532 AppID - ok
04:33:57.0750 1532 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
04:33:57.0750 1532 AppIDSvc - ok
04:33:57.0750 1532 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
04:33:57.0750 1532 Appinfo - ok
04:33:57.0766 1532 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
04:33:57.0766 1532 AppMgmt - ok
04:33:57.0782 1532 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
04:33:57.0782 1532 arc - ok
04:33:57.0782 1532 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
04:33:57.0797 1532 arcsas - ok
04:33:57.0797 1532 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
04:33:57.0797 1532 AsyncMac - ok
04:33:57.0813 1532 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
04:33:57.0813 1532 atapi - ok
04:33:57.0829 1532 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:33:57.0829 1532 AudioEndpointBuilder - ok
04:33:57.0844 1532 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
04:33:57.0844 1532 AudioSrv - ok
04:33:57.0860 1532 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
04:33:57.0860 1532 AxInstSV - ok
04:33:57.0875 1532 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
04:33:57.0875 1532 b06bdrv - ok
04:33:57.0891 1532 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
04:33:57.0891 1532 b57nd60a - ok
04:33:57.0907 1532 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
04:33:57.0907 1532 BDESVC - ok
04:33:57.0922 1532 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
04:33:57.0922 1532 Beep - ok
04:33:57.0922 1532 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
04:33:57.0922 1532 blbdrive - ok
04:33:57.0938 1532 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
04:33:57.0938 1532 bowser - ok
04:33:57.0938 1532 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
04:33:57.0938 1532 BrFiltLo - ok
04:33:57.0954 1532 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
04:33:57.0954 1532 BrFiltUp - ok
04:33:57.0969 1532 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
04:33:57.0969 1532 Browser - ok
04:33:57.0985 1532 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
04:33:57.0985 1532 Brserid - ok
04:33:57.0985 1532 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
04:33:57.0985 1532 BrSerWdm - ok
04:33:58.0000 1532 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
04:33:58.0000 1532 BrUsbMdm - ok
04:33:58.0000 1532 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
04:33:58.0000 1532 BrUsbSer - ok
04:33:58.0016 1532 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
04:33:58.0016 1532 BTHMODEM - ok
04:33:58.0032 1532 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
04:33:58.0032 1532 bthserv - ok
04:33:58.0032 1532 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
04:33:58.0032 1532 cdfs - ok
04:33:58.0047 1532 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
04:33:58.0047 1532 cdrom - ok
04:33:58.0063 1532 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
04:33:58.0063 1532 CertPropSvc - ok
04:33:58.0063 1532 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
04:33:58.0063 1532 circlass - ok
04:33:58.0079 1532 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
04:33:58.0079 1532 CLFS - ok
04:33:58.0094 1532 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:33:58.0110 1532 clr_optimization_v2.0.50727_32 - ok
04:33:58.0110 1532 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:33:58.0110 1532 clr_optimization_v2.0.50727_64 - ok
04:33:58.0125 1532 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
04:33:58.0125 1532 CmBatt - ok
04:33:58.0125 1532 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
04:33:58.0141 1532 cmdide - ok
04:33:58.0141 1532 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
04:33:58.0157 1532 CNG - ok
04:33:58.0157 1532 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
04:33:58.0157 1532 Compbatt - ok
04:33:58.0172 1532 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
04:33:58.0172 1532 CompositeBus - ok
04:33:58.0172 1532 COMSysApp - ok
04:33:58.0188 1532 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
04:33:58.0188 1532 crcdisk - ok
04:33:58.0204 1532 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
04:33:58.0204 1532 CryptSvc - ok
04:33:58.0219 1532 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
04:33:58.0219 1532 CSC - ok
04:33:58.0250 1532 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
04:33:58.0250 1532 CscService - ok
04:33:58.0266 1532 [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
04:33:58.0282 1532 cvhsvc - ok
04:33:58.0297 1532 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
04:33:58.0297 1532 DcomLaunch - ok
04:33:58.0313 1532 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
04:33:58.0313 1532 defragsvc - ok
04:33:58.0329 1532 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
04:33:58.0329 1532 DfsC - ok
04:33:58.0344 1532 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
04:33:58.0344 1532 Dhcp - ok
04:33:58.0344 1532 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
04:33:58.0344 1532 discache - ok
04:33:58.0360 1532 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
04:33:58.0360 1532 Disk - ok
04:33:58.0375 1532 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
04:33:58.0375 1532 dmvsc - ok
04:33:58.0391 1532 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
04:33:58.0391 1532 Dnscache - ok
04:33:58.0407 1532 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
04:33:58.0407 1532 dot3svc - ok
04:33:58.0407 1532 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
04:33:58.0407 1532 DPS - ok
04:33:58.0422 1532 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
04:33:58.0422 1532 drmkaud - ok
04:33:58.0454 1532 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
04:33:58.0454 1532 DXGKrnl - ok
04:33:58.0469 1532 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
04:33:58.0469 1532 EapHost - ok
04:33:58.0516 1532 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
04:33:58.0532 1532 ebdrv - ok
04:33:58.0547 1532 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
04:33:58.0547 1532 EFS - ok
04:33:58.0563 1532 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
04:33:58.0579 1532 ehRecvr - ok
04:33:58.0579 1532 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
04:33:58.0579 1532 ehSched - ok
04:33:58.0594 1532 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
04:33:58.0594 1532 elxstor - ok
04:33:58.0610 1532 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
04:33:58.0610 1532 ErrDev - ok
04:33:58.0641 1532 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
04:33:58.0641 1532 EventSystem - ok
04:33:58.0641 1532 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
04:33:58.0657 1532 exfat - ok
04:33:58.0657 1532 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
04:33:58.0657 1532 fastfat - ok
04:33:58.0688 1532 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
04:33:58.0688 1532 Fax - ok
04:33:58.0688 1532 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
04:33:58.0704 1532 fdc - ok
04:33:58.0704 1532 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
04:33:58.0704 1532 fdPHost - ok
04:33:58.0719 1532 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
04:33:58.0719 1532 FDResPub - ok
04:33:58.0719 1532 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
04:33:58.0719 1532 FileInfo - ok
04:33:58.0735 1532 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
04:33:58.0735 1532 Filetrace - ok
04:33:58.0735 1532 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
04:33:58.0735 1532 flpydisk - ok
04:33:58.0750 1532 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
04:33:58.0750 1532 FltMgr - ok
04:33:58.0782 1532 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
04:33:58.0782 1532 FontCache - ok
04:33:58.0797 1532 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:33:58.0797 1532 FontCache3.0.0.0 - ok
04:33:58.0813 1532 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
04:33:58.0813 1532 FsDepends - ok
04:33:58.0813 1532 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
04:33:58.0813 1532 Fs_Rec - ok
04:33:58.0829 1532 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
04:33:58.0829 1532 fvevol - ok
04:33:58.0844 1532 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
04:33:58.0844 1532 gagp30kx - ok
04:33:58.0860 1532 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
04:33:58.0860 1532 gpsvc - ok
04:33:58.0875 1532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:33:58.0875 1532 gupdate - ok
04:33:58.0891 1532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:33:58.0891 1532 gupdatem - ok
04:33:58.0891 1532 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
04:33:58.0891 1532 hcw85cir - ok
04:33:58.0907 1532 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:33:58.0907 1532 HdAudAddService - ok
04:33:58.0922 1532 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
04:33:58.0922 1532 HDAudBus - ok
04:33:58.0938 1532 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
04:33:58.0938 1532 HidBatt - ok
04:33:58.0938 1532 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
04:33:58.0938 1532 HidBth - ok
04:33:58.0954 1532 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
04:33:58.0954 1532 HidIr - ok
04:33:58.0969 1532 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
04:33:58.0969 1532 hidserv - ok
04:33:58.0969 1532 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
04:33:58.0969 1532 HidUsb - ok
04:33:58.0985 1532 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
04:33:58.0985 1532 hitmanpro36 - ok
04:33:58.0985 1532 [ 874073073B79FF7161AA66F809B05137 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
04:33:59.0000 1532 HitmanProScheduler - ok
04:33:59.0000 1532 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
04:33:59.0000 1532 hkmsvc - ok
04:33:59.0016 1532 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:33:59.0016 1532 HomeGroupListener - ok
04:33:59.0032 1532 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:33:59.0032 1532 HomeGroupProvider - ok
04:33:59.0047 1532 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
04:33:59.0047 1532 HpSAMD - ok
04:33:59.0063 1532 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
04:33:59.0063 1532 HTTP - ok
04:33:59.0079 1532 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
04:33:59.0079 1532 hwpolicy - ok
04:33:59.0094 1532 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
04:33:59.0094 1532 i8042prt - ok
04:33:59.0110 1532 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
04:33:59.0110 1532 iaStorV - ok
04:33:59.0125 1532 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:33:59.0141 1532 idsvc - ok
04:33:59.0141 1532 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
04:33:59.0141 1532 iirsp - ok
04:33:59.0157 1532 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
04:33:59.0172 1532 IKEEXT - ok
04:33:59.0172 1532 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
04:33:59.0188 1532 intelide - ok
04:33:59.0188 1532 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
04:33:59.0188 1532 intelppm - ok
04:33:59.0204 1532 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
04:33:59.0204 1532 IPBusEnum - ok
04:33:59.0219 1532 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:33:59.0219 1532 IpFilterDriver - ok
04:33:59.0219 1532 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
04:33:59.0219 1532 IPMIDRV - ok
04:33:59.0235 1532 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
04:33:59.0235 1532 IPNAT - ok
04:33:59.0250 1532 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
04:33:59.0250 1532 IRENUM - ok
04:33:59.0250 1532 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
04:33:59.0250 1532 isapnp - ok
04:33:59.0266 1532 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
04:33:59.0266 1532 iScsiPrt - ok
04:33:59.0282 1532 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
04:33:59.0282 1532 kbdclass - ok
04:33:59.0282 1532 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
04:33:59.0282 1532 kbdhid - ok
04:33:59.0297 1532 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
04:33:59.0297 1532 KeyIso - ok
04:33:59.0297 1532 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
04:33:59.0297 1532 KSecDD - ok
04:33:59.0313 1532 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
04:33:59.0313 1532 KSecPkg - ok
04:33:59.0329 1532 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
04:33:59.0329 1532 ksthunk - ok
04:33:59.0344 1532 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
04:33:59.0344 1532 KtmRm - ok
04:33:59.0360 1532 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
04:33:59.0360 1532 LanmanServer - ok
04:33:59.0375 1532 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:33:59.0375 1532 LanmanWorkstation - ok
04:33:59.0375 1532 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
04:33:59.0391 1532 lltdio - ok
04:33:59.0391 1532 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
04:33:59.0391 1532 lltdsvc - ok
04:33:59.0407 1532 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
04:33:59.0407 1532 lmhosts - ok
04:33:59.0422 1532 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
04:33:59.0422 1532 LSI_FC - ok
04:33:59.0438 1532 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
04:33:59.0438 1532 LSI_SAS - ok
04:33:59.0438 1532 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
04:33:59.0438 1532 LSI_SAS2 - ok
04:33:59.0454 1532 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
04:33:59.0454 1532 LSI_SCSI - ok
04:33:59.0469 1532 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
04:33:59.0469 1532 luafv - ok
04:33:59.0485 1532 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
04:33:59.0485 1532 MBAMProtector - ok
04:33:59.0500 1532 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
04:33:59.0500 1532 MBAMScheduler - ok
04:33:59.0516 1532 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
04:33:59.0532 1532 MBAMService - ok
04:33:59.0532 1532 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
04:33:59.0532 1532 Mcx2Svc - ok
04:33:59.0547 1532 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
04:33:59.0547 1532 megasas - ok
04:33:59.0563 1532 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
04:33:59.0563 1532 MegaSR - ok
04:33:59.0579 1532 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
04:33:59.0579 1532 MMCSS - ok
04:33:59.0579 1532 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
04:33:59.0579 1532 Modem - ok
04:33:59.0594 1532 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
04:33:59.0594 1532 monitor - ok
04:33:59.0610 1532 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
04:33:59.0610 1532 mouclass - ok
04:33:59.0610 1532 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
04:33:59.0610 1532 mouhid - ok
04:33:59.0625 1532 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
04:33:59.0625 1532 mountmgr - ok
04:33:59.0625 1532 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
04:33:59.0641 1532 MozillaMaintenance - ok
04:33:59.0641 1532 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
04:33:59.0641 1532 mpio - ok
04:33:59.0657 1532 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
04:33:59.0657 1532 mpsdrv - ok
04:33:59.0657 1532 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
04:33:59.0672 1532 MRxDAV - ok
04:33:59.0672 1532 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
04:33:59.0688 1532 mrxsmb - ok
04:33:59.0688 1532 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:33:59.0688 1532 mrxsmb10 - ok
04:33:59.0704 1532 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:33:59.0704 1532 mrxsmb20 - ok
04:33:59.0719 1532 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
04:33:59.0719 1532 msahci - ok
04:33:59.0735 1532 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
04:33:59.0735 1532 msdsm - ok
04:33:59.0735 1532 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
04:33:59.0750 1532 MSDTC - ok
04:33:59.0750 1532 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
04:33:59.0750 1532 Msfs - ok
04:33:59.0766 1532 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
04:33:59.0766 1532 mshidkmdf - ok
04:33:59.0766 1532 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
04:33:59.0766 1532 msisadrv - ok
04:33:59.0782 1532 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
04:33:59.0782 1532 MSiSCSI - ok
04:33:59.0797 1532 msiserver - ok
04:33:59.0797 1532 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
04:33:59.0797 1532 MSKSSRV - ok
04:33:59.0813 1532 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
04:33:59.0813 1532 MSPCLOCK - ok
04:33:59.0813 1532 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
04:33:59.0813 1532 MSPQM - ok
04:33:59.0829 1532 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
04:33:59.0829 1532 MsRPC - ok
04:33:59.0844 1532 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
04:33:59.0844 1532 mssmbios - ok
04:33:59.0860 1532 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
04:33:59.0860 1532 MSTEE - ok
04:33:59.0875 1532 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
04:33:59.0875 1532 MTConfig - ok
04:33:59.0875 1532 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
04:33:59.0875 1532 Mup - ok
04:33:59.0891 1532 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
04:33:59.0891 1532 napagent - ok
04:33:59.0907 1532 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
04:33:59.0907 1532 NativeWifiP - ok
04:33:59.0938 1532 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
04:33:59.0938 1532 NDIS - ok
04:33:59.0954 1532 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
04:33:59.0954 1532 NdisCap - ok
04:33:59.0969 1532 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
04:33:59.0969 1532 NdisTapi - ok
04:33:59.0969 1532 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
04:33:59.0969 1532 Ndisuio - ok
04:33:59.0985 1532 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
04:33:59.0985 1532 NdisWan - ok
04:34:00.0000 1532 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
04:34:00.0000 1532 NDProxy - ok
04:34:00.0000 1532 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
04:34:00.0000 1532 NetBIOS - ok
04:34:00.0016 1532 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
04:34:00.0016 1532 NetBT - ok
04:34:00.0032 1532 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
04:34:00.0032 1532 Netlogon - ok
04:34:00.0032 1532 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
04:34:00.0047 1532 Netman - ok
04:34:00.0063 1532 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
04:34:00.0063 1532 netprofm - ok
04:34:00.0079 1532 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:34:00.0079 1532 NetTcpPortSharing - ok
04:34:00.0079 1532 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
04:34:00.0079 1532 nfrd960 - ok
04:34:00.0094 1532 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
04:34:00.0094 1532 NlaSvc - ok
04:34:00.0110 1532 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
04:34:00.0110 1532 Npfs - ok
04:34:00.0125 1532 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
04:34:00.0125 1532 nsi - ok
04:34:00.0125 1532 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
04:34:00.0125 1532 nsiproxy - ok
04:34:00.0157 1532 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
04:34:00.0172 1532 Ntfs - ok
04:34:00.0188 1532 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
04:34:00.0188 1532 Null - ok
04:34:00.0204 1532 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
04:34:00.0204 1532 NVENETFD - ok
04:34:00.0219 1532 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
04:34:00.0219 1532 NVHDA - ok
04:34:00.0375 1532 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
04:34:00.0469 1532 nvlddmkm - ok
04:34:00.0485 1532 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
04:34:00.0485 1532 nvraid - ok
04:34:00.0500 1532 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
04:34:00.0500 1532 nvstor - ok
04:34:00.0516 1532 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
04:34:00.0532 1532 nvsvc - ok
04:34:00.0547 1532 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
04:34:00.0563 1532 nvUpdatusService - ok
04:34:00.0579 1532 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
04:34:00.0579 1532 nv_agp - ok
04:34:00.0579 1532 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
04:34:00.0579 1532 ohci1394 - ok
04:34:00.0594 1532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:34:00.0594 1532 ose - ok
04:34:00.0657 1532 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
04:34:00.0704 1532 osppsvc - ok
04:34:00.0719 1532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
04:34:00.0719 1532 p2pimsvc - ok
04:34:00.0735 1532 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
04:34:00.0735 1532 p2psvc - ok
04:34:00.0750 1532 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
04:34:00.0750 1532 Parport - ok
04:34:00.0750 1532 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
04:34:00.0750 1532 partmgr - ok
04:34:00.0766 1532 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
04:34:00.0766 1532 PcaSvc - ok
04:34:00.0782 1532 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
04:34:00.0782 1532 pci - ok
04:34:00.0797 1532 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
04:34:00.0797 1532 pciide - ok
04:34:00.0813 1532 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
04:34:00.0813 1532 pcmcia - ok
04:34:00.0813 1532 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
04:34:00.0813 1532 pcw - ok
04:34:00.0829 1532 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
04:34:00.0829 1532 PEAUTH - ok
04:34:00.0860 1532 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
04:34:00.0875 1532 PeerDistSvc - ok
04:34:00.0907 1532 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
04:34:00.0907 1532 PerfHost - ok
04:34:00.0938 1532 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
04:34:00.0954 1532 pla - ok
04:34:00.0969 1532 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
04:34:00.0969 1532 PlugPlay - ok
04:34:00.0985 1532 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
04:34:00.0985 1532 PNRPAutoReg - ok
04:34:01.0000 1532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
04:34:01.0000 1532 PNRPsvc - ok
04:34:01.0016 1532 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
04:34:01.0032 1532 PolicyAgent - ok
04:34:01.0047 1532 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
04:34:01.0047 1532 Power - ok
04:34:01.0047 1532 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
04:34:01.0047 1532 PptpMiniport - ok
04:34:01.0063 1532 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
04:34:01.0063 1532 Processor - ok
04:34:01.0079 1532 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
04:34:01.0079 1532 ProfSvc - ok
04:34:01.0079 1532 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:34:01.0079 1532 ProtectedStorage - ok
04:34:01.0094 1532 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
04:34:01.0094 1532 Psched - ok
04:34:01.0125 1532 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
04:34:01.0141 1532 ql2300 - ok
04:34:01.0141 1532 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
04:34:01.0141 1532 ql40xx - ok
04:34:01.0157 1532 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
04:34:01.0157 1532 QWAVE - ok
04:34:01.0172 1532 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
04:34:01.0172 1532 QWAVEdrv - ok
04:34:01.0188 1532 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
04:34:01.0188 1532 RasAcd - ok
04:34:01.0188 1532 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
04:34:01.0188 1532 RasAgileVpn - ok
04:34:01.0204 1532 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
04:34:01.0204 1532 RasAuto - ok
04:34:01.0204 1532 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
04:34:01.0204 1532 Rasl2tp - ok
04:34:01.0219 1532 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
04:34:01.0235 1532 RasMan - ok
04:34:01.0235 1532 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
04:34:01.0235 1532 RasPppoe - ok
04:34:01.0250 1532 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
04:34:01.0250 1532 RasSstp - ok
04:34:01.0266 1532 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
04:34:01.0266 1532 rdbss - ok
04:34:01.0282 1532 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
04:34:01.0282 1532 rdpbus - ok
04:34:01.0282 1532 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
04:34:01.0282 1532 RDPCDD - ok
04:34:01.0297 1532 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
04:34:01.0313 1532 RDPDR - ok
04:34:01.0313 1532 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
04:34:01.0313 1532 RDPENCDD - ok
04:34:01.0329 1532 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
04:34:01.0329 1532 RDPREFMP - ok
04:34:01.0329 1532 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
04:34:01.0344 1532 RDPWD - ok
04:34:01.0344 1532 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
04:34:01.0344 1532 rdyboost - ok
04:34:01.0360 1532 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
04:34:01.0375 1532 RemoteAccess - ok
04:34:01.0375 1532 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
04:34:01.0391 1532 RemoteRegistry - ok
04:34:01.0391 1532 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
04:34:01.0407 1532 RpcEptMapper - ok
04:34:01.0407 1532 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
04:34:01.0407 1532 RpcLocator - ok
04:34:01.0422 1532 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
04:34:01.0422 1532 RpcSs - ok
04:34:01.0438 1532 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
04:34:01.0438 1532 rspndr - ok
04:34:01.0438 1532 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
04:34:01.0454 1532 s3cap - ok
04:34:01.0454 1532 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
04:34:01.0454 1532 SamSs - ok
04:34:01.0469 1532 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
04:34:01.0469 1532 sbp2port - ok
04:34:01.0485 1532 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
04:34:01.0485 1532 SCardSvr - ok
04:34:01.0485 1532 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
04:34:01.0485 1532 scfilter - ok
04:34:01.0500 1532 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
04:34:01.0516 1532 Schedule - ok
04:34:01.0532 1532 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
04:34:01.0532 1532 SCPolicySvc - ok
04:34:01.0547 1532 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
04:34:01.0547 1532 SDRSVC - ok
04:34:01.0547 1532 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
04:34:01.0547 1532 secdrv - ok
04:34:01.0563 1532 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
04:34:01.0563 1532 seclogon - ok
04:34:01.0563 1532 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
04:34:01.0579 1532 SENS - ok
04:34:01.0579 1532 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
04:34:01.0579 1532 SensrSvc - ok
04:34:01.0594 1532 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
04:34:01.0594 1532 Serenum - ok
04:34:01.0594 1532 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
04:34:01.0594 1532 Serial - ok
04:34:01.0610 1532 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
04:34:01.0610 1532 sermouse - ok
04:34:01.0641 1532 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
04:34:01.0641 1532 SessionEnv - ok
04:34:01.0641 1532 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
04:34:01.0641 1532 sffdisk - ok
04:34:01.0657 1532 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
04:34:01.0657 1532 sffp_mmc - ok
04:34:01.0657 1532 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
04:34:01.0657 1532 sffp_sd - ok
04:34:01.0672 1532 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
04:34:01.0672 1532 sfloppy - ok
04:34:01.0688 1532 [ B2F21560016B3C200FC34F2BD13DE469 ] Sftfs C:\Windows\system32\DRIVERS\Sftfswin7.sys
04:34:01.0704 1532 Sftfs - ok
04:34:01.0985 1532 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
04:34:01.0985 1532 sftlist - ok
04:34:02.0000 1532 [ AD9449F3BF407DBD1742A465F2163847 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaywin7.sys
04:34:02.0000 1532 Sftplay - ok
04:34:02.0016 1532 [ 78A1496BA75C7D5700CECB77DDD291BB ] Sftredir C:\Windows\system32\DRIVERS\Sftredirwin7.sys
04:34:02.0016 1532 Sftredir - ok
04:34:02.0016 1532 [ DA674FD0164D64BD4980A619410D57E3 ] Sftvol C:\Windows\system32\DRIVERS\Sftvolwin7.sys
04:34:02.0016 1532 Sftvol - ok
04:34:02.0032 1532 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
04:34:02.0032 1532 sftvsa - ok
04:34:02.0047 1532 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:34:02.0063 1532 ShellHWDetection - ok
04:34:02.0063 1532 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
04:34:02.0063 1532 SiSRaid2 - ok
04:34:02.0079 1532 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
04:34:02.0079 1532 SiSRaid4 - ok
04:34:02.0094 1532 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
04:34:02.0094 1532 Smb - ok
04:34:02.0094 1532 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
04:34:02.0094 1532 SNMPTRAP - ok
04:34:02.0110 1532 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
04:34:02.0110 1532 spldr - ok
04:34:02.0125 1532 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
04:34:02.0125 1532 Spooler - ok
04:34:02.0188 1532 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
04:34:02.0204 1532 sppsvc - ok
04:34:02.0219 1532 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
04:34:02.0219 1532 sppuinotify - ok
04:34:02.0235 1532 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
04:34:02.0235 1532 srv - ok
04:34:02.0250 1532 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
04:34:02.0250 1532 srv2 - ok
04:34:02.0266 1532 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
04:34:02.0266 1532 srvnet - ok
04:34:02.0282 1532 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
04:34:02.0282 1532 SSDPSRV - ok
04:34:02.0282 1532 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
04:34:02.0297 1532 SstpSvc - ok
04:34:02.0313 1532 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
04:34:02.0313 1532 Stereo Service - ok
04:34:02.0313 1532 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
04:34:02.0313 1532 stexstor - ok
04:34:02.0329 1532 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
04:34:02.0344 1532 stisvc - ok
04:34:02.0344 1532 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
04:34:02.0344 1532 storflt - ok
04:34:02.0360 1532 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
04:34:02.0360 1532 StorSvc - ok
04:34:02.0375 1532 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
04:34:02.0375 1532 storvsc - ok
04:34:02.0375 1532 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
04:34:02.0375 1532 swenum - ok
04:34:02.0391 1532 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
04:34:02.0407 1532 swprv - ok
04:34:02.0438 1532 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
04:34:02.0454 1532 SysMain - ok
04:34:02.0454 1532 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:34:02.0454 1532 TabletInputService - ok
04:34:02.0469 1532 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
04:34:02.0485 1532 TapiSrv - ok
04:34:02.0485 1532 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
04:34:02.0485 1532 TBS - ok
04:34:02.0516 1532 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
04:34:02.0532 1532 Tcpip - ok
04:34:02.0579 1532 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
04:34:02.0579 1532 TCPIP6 - ok
04:34:02.0594 1532 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
04:34:02.0594 1532 tcpipreg - ok
04:34:02.0610 1532 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
04:34:02.0610 1532 TDPIPE - ok
04:34:02.0625 1532 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
04:34:02.0625 1532 TDTCP - ok
04:34:02.0625 1532 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
04:34:02.0625 1532 tdx - ok
04:34:02.0641 1532 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
04:34:02.0641 1532 TermDD - ok
04:34:02.0657 1532 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
04:34:02.0672 1532 TermService - ok
04:34:02.0672 1532 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
04:34:02.0672 1532 Themes - ok
04:34:02.0688 1532 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
04:34:02.0688 1532 THREADORDER - ok
04:34:02.0704 1532 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
04:34:02.0704 1532 TrkWks - ok
04:34:02.0704 1532 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:34:02.0704 1532 TrustedInstaller - ok
04:34:02.0719 1532 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
04:34:02.0719 1532 tssecsrv - ok
04:34:02.0735 1532 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
04:34:02.0735 1532 TsUsbFlt - ok
04:34:02.0735 1532 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
04:34:02.0735 1532 TsUsbGD - ok
04:34:02.0750 1532 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
04:34:02.0750 1532 tunnel - ok
04:34:02.0766 1532 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
04:34:02.0766 1532 uagp35 - ok
04:34:02.0782 1532 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
04:34:02.0782 1532 udfs - ok
04:34:02.0797 1532 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
04:34:02.0797 1532 UI0Detect - ok
04:34:02.0813 1532 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
04:34:02.0813 1532 uliagpkx - ok
04:34:02.0813 1532 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
04:34:02.0813 1532 umbus - ok
04:34:02.0829 1532 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
04:34:02.0829 1532 UmPass - ok
04:34:02.0844 1532 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
04:34:02.0844 1532 UmRdpService - ok
04:34:02.0860 1532 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
04:34:02.0860 1532 upnphost - ok
04:34:02.0875 1532 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
04:34:02.0875 1532 usbaudio - ok
04:34:02.0875 1532 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
04:34:02.0875 1532 usbccgp - ok
04:34:02.0891 1532 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
04:34:02.0891 1532 usbcir - ok
04:34:02.0907 1532 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
04:34:02.0907 1532 usbehci - ok
04:34:02.0907 1532 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
04:34:02.0922 1532 usbhub - ok
04:34:02.0922 1532 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
04:34:02.0922 1532 usbohci - ok
04:34:02.0938 1532 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
04:34:02.0938 1532 usbprint - ok
04:34:02.0938 1532 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
04:34:02.0938 1532 usbscan - ok
04:34:02.0954 1532 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:34:02.0954 1532 USBSTOR - ok
04:34:02.0969 1532 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
04:34:02.0969 1532 usbuhci - ok
04:34:02.0969 1532 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
04:34:02.0969 1532 UxSms - ok
04:34:02.0985 1532 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
04:34:02.0985 1532 VaultSvc - ok
04:34:03.0000 1532 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
04:34:03.0000 1532 vdrvroot - ok
04:34:03.0016 1532 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
04:34:03.0016 1532 vds - ok
04:34:03.0016 1532 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
04:34:03.0032 1532 vga - ok
04:34:03.0032 1532 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
04:34:03.0032 1532 VgaSave - ok
04:34:03.0047 1532 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
04:34:03.0047 1532 vhdmp - ok
04:34:03.0047 1532 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
04:34:03.0047 1532 viaide - ok
04:34:03.0063 1532 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
04:34:03.0063 1532 vmbus - ok
04:34:03.0079 1532 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
04:34:03.0079 1532 VMBusHID - ok
04:34:03.0079 1532 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
04:34:03.0079 1532 volmgr - ok
04:34:03.0094 1532 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
04:34:03.0094 1532 volmgrx - ok
04:34:03.0110 1532 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
04:34:03.0125 1532 volsnap - ok
04:34:03.0141 1532 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
04:34:03.0141 1532 vsmraid - ok
04:34:03.0157 1532 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
04:34:03.0172 1532 VSS - ok
04:34:03.0188 1532 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
04:34:03.0188 1532 vwifibus - ok
04:34:03.0204 1532 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
04:34:03.0204 1532 W32Time - ok
04:34:03.0219 1532 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
04:34:03.0219 1532 WacomPen - ok
04:34:03.0219 1532 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
04:34:03.0235 1532 WANARP - ok
04:34:03.0235 1532 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
04:34:03.0235 1532 Wanarpv6 - ok
04:34:03.0266 1532 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
04:34:03.0282 1532 wbengine - ok
04:34:03.0282 1532 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
04:34:03.0297 1532 WbioSrvc - ok
04:34:03.0313 1532 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
04:34:03.0313 1532 wcncsvc - ok
04:34:03.0313 1532 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:34:03.0313 1532 WcsPlugInService - ok
04:34:03.0329 1532 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
04:34:03.0329 1532 Wd - ok
04:34:03.0344 1532 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
04:34:03.0344 1532 Wdf01000 - ok
04:34:03.0360 1532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
04:34:03.0360 1532 WdiServiceHost - ok
04:34:03.0375 1532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
04:34:03.0375 1532 WdiSystemHost - ok
04:34:03.0391 1532 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
04:34:03.0391 1532 WebClient - ok
04:34:03.0391 1532 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
04:34:03.0407 1532 Wecsvc - ok
04:34:03.0407 1532 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
04:34:03.0407 1532 wercplsupport - ok
04:34:03.0422 1532 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
04:34:03.0422 1532 WerSvc - ok
04:34:03.0438 1532 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
04:34:03.0438 1532 WfpLwf - ok
04:34:03.0438 1532 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
04:34:03.0438 1532 WIMMount - ok
04:34:03.0469 1532 WinHttpAutoProxySvc - ok
04:34:03.0485 1532 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
04:34:03.0485 1532 Winmgmt - ok
04:34:03.0485 1532 WinRing0_1_2_0 - ok
04:34:03.0532 1532 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
04:34:03.0547 1532 WinRM - ok
04:34:03.0579 1532 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
04:34:03.0579 1532 Wlansvc - ok
04:34:03.0594 1532 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
04:34:03.0594 1532 WmiAcpi - ok
04:34:03.0610 1532 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
04:34:03.0610 1532 wmiApSrv - ok
04:34:03.0610 1532 WMPNetworkSvc - ok
04:34:03.0625 1532 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
04:34:03.0625 1532 WPCSvc - ok
04:34:03.0625 1532 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
04:34:03.0641 1532 WPDBusEnum - ok
04:34:03.0641 1532 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
04:34:03.0641 1532 ws2ifsl - ok
04:34:03.0657 1532 WSearch - ok
04:34:03.0672 1532 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
04:34:03.0672 1532 WudfPf - ok
04:34:03.0688 1532 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
04:34:03.0688 1532 WUDFRd - ok
04:34:03.0688 1532 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
04:34:03.0704 1532 wudfsvc - ok
04:34:03.0704 1532 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
04:34:03.0719 1532 WwanSvc - ok
04:34:03.0719 1532 ================ Scan global ===============================
04:34:03.0735 1532 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
04:34:03.0735 1532 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
04:34:03.0750 1532 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
04:34:03.0766 1532 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
04:34:03.0766 1532 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
04:34:03.0782 1532 [Global] - ok
04:34:03.0782 1532 ================ Scan MBR ==================================
04:34:03.0782 1532 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:34:03.0907 1532 \Device\Harddisk0\DR0 - ok
04:34:03.0907 1532 ================ Scan VBR ==================================
04:34:03.0907 1532 [ A27BDD12A5AA7286BB9A17088E162A16 ] \Device\Harddisk0\DR0\Partition1
04:34:03.0907 1532 \Device\Harddisk0\DR0\Partition1 - ok
04:34:03.0922 1532 [ 4D4AEEA63BA5964E9528FDD68AC24552 ] \Device\Harddisk0\DR0\Partition2
04:34:03.0922 1532 \Device\Harddisk0\DR0\Partition2 - ok
04:34:03.0922 1532 ============================================================
04:34:03.0922 1532 Scan finished
04:34:03.0922 1532 ============================================================
04:34:03.0938 1700 Detected object count: 0
04:34:03.0938 1700 Actual detected object count: 0
04:34:11.0422 1116 Deinitialize success

#4 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 05:44 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-01 05:32:57
-----------------------------
05:32:57.581 OS Version: Windows x64 6.1.7601 Service Pack 1
05:32:57.581 Number of processors: 4 586 0x202
05:32:57.581 ComputerName: COMPUTERNAME UserName: username
05:32:58.112 Initialize success
05:33:09.987 AVAST engine defs: 12113001
05:33:25.284 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a
05:33:25.284 Disk 0 Vendor: Patriot_ S5FA Size: 61057MB BusType: 3
05:33:25.346 Disk 0 MBR read successfully
05:33:25.362 Disk 0 MBR scan
05:33:25.362 Disk 0 Windows 7 default MBR code
05:33:25.377 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
05:33:25.393 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 60955 MB offset 206848
05:33:25.440 Disk 0 scanning C:\Windows\system32\drivers
05:33:43.346 Service scanning
05:34:01.502 Modules scanning
05:34:01.502 Disk 0 trace - called modules:
05:34:01.502 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
05:34:01.502 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004979060]
05:34:01.502 3 CLASSPNP.SYS[fffff880019af43f] -> nt!IofCallDriver -> [0xfffffa800476dba0]
05:34:01.502 5 ACPI.sys[fffff88000e647a1] -> nt!IofCallDriver -> \Device\0000005a[0xfffffa800476f9c0]
05:34:01.862 AVAST engine scan C:\Windows
05:34:07.299 AVAST engine scan C:\Windows\system32
05:38:49.534 AVAST engine scan C:\Windows\system32\drivers
05:38:57.424 AVAST engine scan C:\Users\username
05:39:56.924 AVAST engine scan C:\ProgramData
05:40:03.049 Scan finished successfully
05:43:17.096 Disk 0 MBR has been saved successfully to "C:\Users\username\Documents\MBR.dat"
05:43:17.112 The log file has been saved successfully to "C:\Users\username\Documents\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:18 AM

Posted 01 December 2012 - 07:36 AM

ESET log?

#6 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 10:14 AM

ESET online scanner showed no threats. I am re-running ESET Onliner Scanner and will click on "LIST of found threats" to export log.

Thank you for your help. :)

Edited by learntodowell, 01 December 2012 - 10:19 AM.


#7 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 11:09 AM

ESET Online Scanner found no threats: there was no place to clkick on list threats to create a log that I could find. :)

#8 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 11:53 AM

Hi Narenxp,

I ran system restore this morning (12/1/2012,11:39 AM) and the FBI Money Pak no longer takes over my screen and computer while I am in Windows 7 normal mode. Can you help me locate the virus still residing in the computer least it gets out again? I understand system restore does not always purge viral software but in some cases only resets the computer to different configurations eliminating that point of approach by the hacker involved. Bleeping Computer has been a great help to me for many years probably 2005 or earlier: I think BP started in 2004 and I know it was BP that told me about rkill, hijackthis and mbam!! my favorite anti-malware software and Combofix! a great program (but still dangerous to use by newbies.) Thank you for the years of help. I am a student now but when I graduate I hope to donate to BP. :)

Edited by learntodowell, 01 December 2012 - 11:54 AM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:18 AM

Posted 01 December 2012 - 12:22 PM

I never asked you to do a system restore.When you receive a help please do not run your own fixes.

Let me know if you still need help or you are going to run tools and fixes on your own.

#10 learntodowell

learntodowell
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2012 - 07:11 PM

I still need help digging the virus out of the computer even though system restore was effective in making the machine operable.
again.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:18 AM

Posted 02 December 2012 - 11:11 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users