Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

How to remove Win32/Olmarik.TDL4 trojan horse [Solved]

Started by sa6370 , Jul 17 2012 01:59 PM

  • This topic is locked This topic is locked

#16
sa6370
Posted 17 July 2012 - 03:49 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
BUT i started combofix before this report.

Edited by sa6370, 17 July 2012 - 03:49 PM.

  • 0

Advertisements

#17
Essexboy
Posted 17 July 2012 - 03:53 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem, run this after Combofix as I will be going off line soon

Re-run TDSSKiller

  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#18
sa6370
Posted 17 July 2012 - 03:58 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
This is the report, now i will restart, but after this there was little window, i will show it in the next post

00:56:27.0392 3352 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
00:56:27.0584 3352 ============================================================
00:56:27.0584 3352 Current date / time: 2012/07/18 00:56:27.0584
00:56:27.0584 3352 SystemInfo:
00:56:27.0584 3352
00:56:27.0584 3352 OS Version: 6.0.6002 ServicePack: 2.0
00:56:27.0584 3352 Product type: Workstation
00:56:27.0584 3352 ComputerName: SA6370
00:56:27.0585 3352 UserName: Hristo
00:56:27.0585 3352 Windows directory: C:\Windows
00:56:27.0585 3352 System windows directory: C:\Windows
00:56:27.0585 3352 Processor architecture: Intel x86
00:56:27.0585 3352 Number of processors: 2
00:56:27.0585 3352 Page size: 0x1000
00:56:27.0585 3352 Boot type: Normal boot
00:56:27.0585 3352 ============================================================
00:56:27.0908 3352 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:56:27.0910 3352 ============================================================
00:56:27.0910 3352 \Device\Harddisk0\DR0:
00:56:27.0911 3352 MBR partitions:
00:56:27.0911 3352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7530000
00:56:27.0911 3352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7530800, BlocksNum 0x15C94800
00:56:27.0911 3352 ============================================================
00:56:28.0043 3352 C: <-> \Device\Harddisk0\DR0\Partition0
00:56:28.0092 3352 D: <-> \Device\Harddisk0\DR0\Partition1
00:56:28.0093 3352 ============================================================
00:56:28.0093 3352 Initialize success
00:56:28.0093 3352 ============================================================
00:56:31.0622 5632 ============================================================
00:56:31.0622 5632 Scan started
00:56:31.0622 5632 Mode: Manual; SigCheck; TDLFS;
00:56:31.0622 5632 ============================================================
00:56:32.0065 5632 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:56:32.0242 5632 ACPI - ok
00:56:32.0405 5632 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:56:32.0436 5632 AdobeARMservice - ok
00:56:32.0592 5632 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:56:32.0609 5632 AdobeFlashPlayerUpdateSvc - ok
00:56:32.0682 5632 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:56:32.0710 5632 adp94xx - ok
00:56:32.0757 5632 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:56:32.0861 5632 adpahci - ok
00:56:32.0900 5632 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:56:32.0918 5632 adpu160m - ok
00:56:32.0952 5632 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:56:32.0971 5632 adpu320 - ok
00:56:33.0003 5632 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:56:33.0035 5632 AeLookupSvc - ok
00:56:33.0080 5632 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:56:33.0100 5632 AFD - ok
00:56:33.0131 5632 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:56:33.0151 5632 agp440 - ok
00:56:33.0180 5632 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:56:33.0196 5632 aic78xx - ok
00:56:33.0239 5632 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:56:33.0273 5632 ALG - ok
00:56:33.0444 5632 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:56:33.0458 5632 aliide - ok
00:56:33.0642 5632 ALSysIO - ok
00:56:33.0694 5632 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:56:33.0710 5632 amdagp - ok
00:56:33.0742 5632 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:56:33.0757 5632 amdide - ok
00:56:33.0815 5632 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:56:33.0852 5632 AmdK7 - ok
00:56:33.0867 5632 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
00:56:33.0898 5632 AmdK8 - ok
00:56:33.0964 5632 anodlwf (48e008cf2edcf8fc91a9d3507865a51d) C:\Windows\system32\DRIVERS\anodlwf.sys
00:56:33.0978 5632 anodlwf - ok
00:56:34.0015 5632 ApfiltrService (7c2f57bce81fa74933f0e1c84a97c9db) C:\Windows\system32\DRIVERS\Apfiltr.sys
00:56:34.0034 5632 ApfiltrService - ok
00:56:34.0069 5632 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:56:34.0085 5632 Appinfo - ok
00:56:34.0204 5632 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:56:34.0217 5632 Apple Mobile Device - ok
00:56:34.0269 5632 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:56:34.0285 5632 arc - ok
00:56:34.0311 5632 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:56:34.0326 5632 arcsas - ok
00:56:34.0332 5632 ArcSec - ok
00:56:34.0354 5632 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:56:34.0385 5632 AsyncMac - ok
00:56:34.0424 5632 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:56:34.0439 5632 atapi - ok
00:56:34.0569 5632 athr (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys
00:56:34.0609 5632 athr - ok
00:56:34.0698 5632 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:56:34.0726 5632 AudioEndpointBuilder - ok
00:56:34.0733 5632 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:56:34.0761 5632 Audiosrv - ok
00:56:34.0822 5632 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:56:34.0853 5632 Beep - ok
00:56:34.0911 5632 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
00:56:34.0941 5632 BFE - ok
00:56:35.0070 5632 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
00:56:35.0111 5632 BITS - ok
00:56:35.0133 5632 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:56:35.0165 5632 blbdrive - ok
00:56:35.0214 5632 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:56:35.0238 5632 Bonjour Service - ok
00:56:35.0259 5632 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:56:35.0275 5632 bowser - ok
00:56:35.0312 5632 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:56:35.0334 5632 BrFiltLo - ok
00:56:35.0366 5632 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:56:35.0389 5632 BrFiltUp - ok
00:56:35.0420 5632 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:56:35.0452 5632 Browser - ok
00:56:35.0494 5632 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:56:35.0549 5632 Brserid - ok
00:56:35.0577 5632 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:56:35.0632 5632 BrSerWdm - ok
00:56:35.0666 5632 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:56:35.0721 5632 BrUsbMdm - ok
00:56:35.0727 5632 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:56:35.0784 5632 BrUsbSer - ok
00:56:35.0818 5632 BthAvrcp (3472331b9d460212965b51a8d38e8bec) C:\Windows\system32\DRIVERS\BthAvrcp.sys
00:56:35.0830 5632 BthAvrcp - ok
00:56:35.0882 5632 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
00:56:35.0897 5632 BthEnum - ok
00:56:35.0913 5632 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
00:56:35.0937 5632 BTHMODEM - ok
00:56:35.0965 5632 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
00:56:35.0997 5632 BthPan - ok
00:56:36.0080 5632 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
00:56:36.0105 5632 BTHPORT - ok
00:56:36.0151 5632 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
00:56:36.0166 5632 BthServ - ok
00:56:36.0201 5632 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
00:56:36.0216 5632 BTHUSB - ok
00:56:36.0225 5632 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:56:36.0257 5632 cdfs - ok
00:56:36.0290 5632 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:56:36.0314 5632 cdrom - ok
00:56:36.0335 5632 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:56:36.0359 5632 CertPropSvc - ok
00:56:36.0423 5632 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:56:36.0454 5632 circlass - ok
00:56:36.0566 5632 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:56:36.0586 5632 CLFS - ok
00:56:36.0715 5632 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:56:36.0729 5632 clr_optimization_v2.0.50727_32 - ok
00:56:36.0805 5632 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:56:36.0821 5632 clr_optimization_v4.0.30319_32 - ok
00:56:36.0859 5632 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:56:36.0890 5632 CmBatt - ok
00:56:36.0903 5632 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:56:36.0918 5632 cmdide - ok
00:56:36.0925 5632 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:56:36.0940 5632 Compbatt - ok
00:56:36.0945 5632 COMSysApp - ok
00:56:36.0955 5632 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:56:36.0971 5632 crcdisk - ok
00:56:37.0003 5632 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:56:37.0034 5632 Crusoe - ok
00:56:37.0092 5632 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
00:56:37.0110 5632 CryptSvc - ok
00:56:37.0167 5632 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:56:37.0203 5632 DcomLaunch - ok
00:56:37.0250 5632 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:56:37.0265 5632 DfsC - ok
00:56:37.0430 5632 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:56:37.0496 5632 DFSR - ok
00:56:37.0641 5632 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:56:37.0671 5632 Dhcp - ok
00:56:37.0704 5632 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:56:37.0720 5632 disk - ok
00:56:37.0753 5632 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:56:37.0769 5632 Dnscache - ok
00:56:37.0801 5632 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:56:37.0827 5632 dot3svc - ok
00:56:37.0865 5632 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:56:37.0898 5632 DPS - ok
00:56:37.0919 5632 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:56:37.0941 5632 drmkaud - ok
00:56:37.0988 5632 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:56:38.0011 5632 dtsoftbus01 - ok
00:56:38.0083 5632 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:56:38.0115 5632 DXGKrnl - ok
00:56:38.0148 5632 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:56:38.0180 5632 E1G60 - ok
00:56:38.0231 5632 eamonm (8a45015e85a4dce0086b9973f0fd9a20) C:\Windows\system32\DRIVERS\eamonm.sys
00:56:38.0246 5632 eamonm - ok
00:56:38.0264 5632 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:56:38.0288 5632 EapHost - ok
00:56:38.0319 5632 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:56:38.0337 5632 Ecache - ok
00:56:38.0419 5632 ehdrv (5412ed24fffca64e2f0168399b86c952) C:\Windows\system32\DRIVERS\ehdrv.sys
00:56:38.0432 5632 ehdrv - ok
00:56:38.0579 5632 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:56:38.0597 5632 ehRecvr - ok
00:56:38.0678 5632 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:56:38.0693 5632 ehSched - ok
00:56:38.0734 5632 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:56:38.0748 5632 ehstart - ok
00:56:38.0987 5632 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
00:56:39.0025 5632 ekrn - ok
00:56:39.0153 5632 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:56:39.0178 5632 elxstor - ok
00:56:39.0255 5632 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:56:39.0286 5632 EMDMgmt - ok
00:56:39.0319 5632 epfwwfpr (0a587bb99a22f8dc3597471425d43314) C:\Windows\system32\DRIVERS\epfwwfpr.sys
00:56:39.0337 5632 epfwwfpr - ok
00:56:39.0374 5632 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:56:39.0408 5632 ErrDev - ok
00:56:39.0488 5632 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:56:39.0519 5632 EventSystem - ok
00:56:39.0573 5632 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:56:39.0589 5632 exfat - ok
00:56:39.0637 5632 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:56:39.0663 5632 fastfat - ok
00:56:39.0682 5632 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:56:39.0720 5632 fdc - ok
00:56:39.0736 5632 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:56:39.0771 5632 fdPHost - ok
00:56:39.0789 5632 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:56:39.0876 5632 FDResPub - ok
00:56:39.0922 5632 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:56:39.0944 5632 FileInfo - ok
00:56:39.0971 5632 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:56:40.0012 5632 Filetrace - ok
00:56:40.0038 5632 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:56:40.0072 5632 flpydisk - ok
00:56:40.0096 5632 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:56:40.0116 5632 FltMgr - ok
00:56:40.0224 5632 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:56:40.0255 5632 FontCache - ok
00:56:40.0351 5632 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:56:40.0364 5632 FontCache3.0.0.0 - ok
00:56:40.0401 5632 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:56:40.0415 5632 Fs_Rec - ok
00:56:40.0477 5632 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\Windows\system32\drivers\ftdibus.sys
00:56:40.0489 5632 FTDIBUS - ok
00:56:40.0546 5632 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\Windows\system32\drivers\ftser2k.sys
00:56:40.0558 5632 FTSER2K - ok
00:56:40.0613 5632 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:56:40.0628 5632 gagp30kx - ok
00:56:40.0633 5632 GdmFilt - ok
00:56:40.0672 5632 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:56:40.0684 5632 GEARAspiWDM - ok
00:56:40.0737 5632 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:56:40.0772 5632 gpsvc - ok
00:56:40.0961 5632 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
00:56:40.0975 5632 gupdate - ok
00:56:40.0980 5632 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
00:56:40.0994 5632 gupdatem - ok
00:56:41.0071 5632 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\Windows\system32\drivers\hardlock.sys
00:56:41.0099 5632 Hardlock - ok
00:56:41.0161 5632 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:56:41.0230 5632 HdAudAddService - ok
00:56:41.0315 5632 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:56:41.0353 5632 HDAudBus - ok
00:56:41.0392 5632 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:56:41.0454 5632 HidBth - ok
00:56:41.0483 5632 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:56:41.0539 5632 HidIr - ok
00:56:41.0576 5632 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:56:41.0602 5632 hidserv - ok
00:56:41.0635 5632 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:56:41.0665 5632 HidUsb - ok
00:56:41.0717 5632 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:56:41.0758 5632 hkmsvc - ok
00:56:41.0799 5632 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:56:41.0821 5632 HpCISSs - ok
00:56:41.0879 5632 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:56:41.0906 5632 HTTP - ok
00:56:41.0933 5632 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:56:41.0947 5632 i2omp - ok
00:56:41.0957 5632 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:56:41.0981 5632 i8042prt - ok
00:56:42.0023 5632 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:56:42.0043 5632 iaStorV - ok
00:56:42.0154 5632 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:56:42.0197 5632 idsvc - ok
00:56:42.0236 5632 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:56:42.0258 5632 iirsp - ok
00:56:42.0332 5632 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:56:42.0371 5632 IKEEXT - ok
00:56:42.0561 5632 IntcAzAudAddService (aef2fa29204056b81bc4cbf30260dee1) C:\Windows\system32\drivers\RTKVHDA.sys
00:56:42.0624 5632 IntcAzAudAddService - ok
00:56:42.0834 5632 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:56:42.0848 5632 intelide - ok
00:56:42.0872 5632 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:56:42.0904 5632 intelppm - ok
00:56:42.0959 5632 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:56:42.0992 5632 IPBusEnum - ok
00:56:43.0018 5632 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:56:43.0052 5632 IpFilterDriver - ok
00:56:43.0147 5632 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:56:43.0170 5632 iphlpsvc - ok
00:56:43.0184 5632 IpInIp - ok
00:56:43.0232 5632 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:56:43.0267 5632 IPMIDRV - ok
00:56:43.0309 5632 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:56:43.0346 5632 IPNAT - ok
00:56:43.0471 5632 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
00:56:43.0503 5632 iPod Service - ok
00:56:43.0528 5632 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:56:43.0559 5632 IRENUM - ok
00:56:43.0664 5632 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:56:43.0679 5632 isapnp - ok
00:56:43.0755 5632 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:56:43.0773 5632 iScsiPrt - ok
00:56:43.0821 5632 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:56:43.0834 5632 iteatapi - ok
00:56:43.0879 5632 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:56:43.0893 5632 iteraid - ok
00:56:43.0957 5632 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:56:43.0972 5632 kbdclass - ok
00:56:44.0039 5632 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:56:44.0062 5632 kbdhid - ok
00:56:44.0147 5632 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:56:44.0164 5632 KeyIso - ok
00:56:44.0241 5632 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
00:56:44.0266 5632 KSecDD - ok
00:56:44.0327 5632 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:56:44.0366 5632 KtmRm - ok
00:56:44.0403 5632 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:56:44.0421 5632 LanmanServer - ok
00:56:44.0462 5632 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:56:44.0482 5632 LanmanWorkstation - ok
00:56:44.0518 5632 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:56:44.0549 5632 lltdio - ok
00:56:44.0594 5632 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:56:44.0628 5632 lltdsvc - ok
00:56:44.0649 5632 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:56:44.0707 5632 lmhosts - ok
00:56:44.0744 5632 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:56:44.0759 5632 LSI_FC - ok
00:56:44.0794 5632 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:56:44.0809 5632 LSI_SAS - ok
00:56:44.0836 5632 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:56:44.0851 5632 LSI_SCSI - ok
00:56:44.0890 5632 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:56:44.0922 5632 luafv - ok
00:56:44.0932 5632 lvupdtio - ok
00:56:44.0964 5632 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:56:44.0980 5632 Mcx2Svc - ok
00:56:44.0985 5632 MdmUWm - ok
00:56:45.0011 5632 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:56:45.0026 5632 megasas - ok
00:56:45.0071 5632 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:56:45.0096 5632 MegaSR - ok
00:56:45.0124 5632 Microsoft SharePoint Workspace Audit Service - ok
00:56:45.0151 5632 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:56:45.0185 5632 MMCSS - ok
00:56:45.0200 5632 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:56:45.0230 5632 Modem - ok
00:56:45.0260 5632 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
00:56:45.0290 5632 MODEMCSA - ok
00:56:45.0308 5632 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:56:45.0339 5632 monitor - ok
00:56:45.0358 5632 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:56:45.0374 5632 mouclass - ok
00:56:45.0391 5632 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:56:45.0422 5632 mouhid - ok
00:56:45.0430 5632 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:56:45.0446 5632 MountMgr - ok
00:56:45.0503 5632 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:56:45.0517 5632 MozillaMaintenance - ok
00:56:45.0571 5632 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:56:45.0587 5632 mpio - ok
00:56:45.0609 5632 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:56:45.0633 5632 mpsdrv - ok
00:56:45.0688 5632 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
00:56:45.0721 5632 MpsSvc - ok
00:56:45.0742 5632 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:56:45.0756 5632 Mraid35x - ok
00:56:45.0785 5632 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:56:45.0802 5632 MRxDAV - ok
00:56:45.0861 5632 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:56:45.0877 5632 mrxsmb - ok
00:56:45.0947 5632 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:56:45.0965 5632 mrxsmb10 - ok
00:56:45.0974 5632 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:56:45.0990 5632 mrxsmb20 - ok
00:56:46.0005 5632 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:56:46.0020 5632 msahci - ok
00:56:46.0042 5632 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:56:46.0058 5632 msdsm - ok
00:56:46.0087 5632 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:56:46.0121 5632 MSDTC - ok
00:56:46.0152 5632 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:56:46.0183 5632 Msfs - ok
00:56:46.0195 5632 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:56:46.0209 5632 msisadrv - ok
00:56:46.0244 5632 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:56:46.0277 5632 MSiSCSI - ok
00:56:46.0282 5632 msiserver - ok
00:56:46.0305 5632 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:56:46.0336 5632 MSKSSRV - ok
00:56:46.0384 5632 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:56:46.0414 5632 MSPCLOCK - ok
00:56:46.0433 5632 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:56:46.0464 5632 MSPQM - ok
00:56:46.0505 5632 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:56:46.0524 5632 MsRPC - ok
00:56:46.0547 5632 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:56:46.0562 5632 mssmbios - ok
00:56:46.0596 5632 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:56:46.0641 5632 MSTEE - ok
00:56:46.0693 5632 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
00:56:46.0706 5632 MTsensor - ok
00:56:46.0728 5632 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:56:46.0754 5632 Mup - ok
00:56:46.0811 5632 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:56:46.0845 5632 napagent - ok
00:56:46.0873 5632 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:56:46.0893 5632 NativeWifiP - ok
00:56:46.0971 5632 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:56:46.0999 5632 NDIS - ok
00:56:47.0049 5632 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:56:47.0073 5632 NdisTapi - ok
00:56:47.0095 5632 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:56:47.0126 5632 Ndisuio - ok
00:56:47.0148 5632 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:56:47.0172 5632 NdisWan - ok
00:56:47.0180 5632 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:56:47.0206 5632 NDProxy - ok
00:56:47.0283 5632 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
00:56:47.0296 5632 Netaapl - ok
00:56:47.0321 5632 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:56:47.0352 5632 NetBIOS - ok
00:56:47.0386 5632 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:56:47.0424 5632 netbt - ok
00:56:47.0459 5632 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:56:47.0477 5632 Netlogon - ok
00:56:47.0532 5632 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:56:47.0577 5632 Netman - ok
00:56:47.0623 5632 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:56:47.0672 5632 netprofm - ok
00:56:47.0782 5632 netr28u (850620062400c2a67a58fd90455cc0da) C:\Windows\system32\DRIVERS\Dnetr28u.sys
00:56:47.0820 5632 netr28u - ok
00:56:47.0947 5632 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:56:47.0962 5632 NetTcpPortSharing - ok
00:56:47.0996 5632 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:56:48.0010 5632 nfrd960 - ok
00:56:48.0040 5632 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:56:48.0079 5632 NlaSvc - ok
00:56:48.0142 5632 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\system32\nlssrv32.exe
00:56:48.0156 5632 nlsX86cc - ok
00:56:48.0267 5632 NMIndexingService - ok
00:56:48.0298 5632 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:56:48.0326 5632 Npfs - ok
00:56:48.0368 5632 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:56:48.0410 5632 nsi - ok
00:56:48.0439 5632 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:56:48.0470 5632 nsiproxy - ok
00:56:48.0575 5632 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:56:48.0619 5632 Ntfs - ok
00:56:48.0706 5632 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:56:48.0766 5632 ntrigdigi - ok
00:56:48.0807 5632 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:56:48.0838 5632 Null - ok
00:56:48.0942 5632 NVENETFD (c7859d19648d45ee888666c044ecab23) C:\Windows\system32\DRIVERS\nvmfdx32.sys
00:56:48.0982 5632 NVENETFD - ok
00:56:49.0315 5632 nvlddmkm (214e7895a6dd70685e44d0df4fdf2dea) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:56:49.0450 5632 nvlddmkm - ok
00:56:49.0606 5632 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:56:49.0622 5632 nvraid - ok
00:56:49.0638 5632 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:56:49.0652 5632 nvstor - ok
00:56:49.0682 5632 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
00:56:49.0696 5632 nvstor32 - ok
00:56:49.0730 5632 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:56:49.0747 5632 nv_agp - ok
00:56:49.0752 5632 NwlnkFlt - ok
00:56:49.0761 5632 NwlnkFwd - ok
00:56:49.0817 5632 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
00:56:49.0841 5632 ohci1394 - ok
00:56:49.0883 5632 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:56:49.0897 5632 ose - ok
00:56:50.0244 5632 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:56:50.0422 5632 osppsvc - ok
00:56:50.0623 5632 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:56:50.0654 5632 p2pimsvc - ok
00:56:50.0665 5632 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:56:50.0696 5632 p2psvc - ok
00:56:50.0730 5632 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:56:50.0787 5632 Parport - ok
00:56:50.0818 5632 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
00:56:50.0833 5632 partmgr - ok
00:56:50.0856 5632 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:56:50.0911 5632 Parvdm - ok
00:56:50.0956 5632 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:56:50.0974 5632 PcaSvc - ok
00:56:50.0988 5632 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:56:51.0006 5632 pci - ok
00:56:51.0018 5632 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:56:51.0033 5632 pciide - ok
00:56:51.0060 5632 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:56:51.0077 5632 pcmcia - ok
00:56:51.0161 5632 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:56:51.0237 5632 PEAUTH - ok
00:56:51.0378 5632 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:56:51.0489 5632 pla - ok
00:56:51.0652 5632 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:56:51.0682 5632 PlugPlay - ok
00:56:51.0763 5632 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:56:51.0793 5632 PNRPAutoReg - ok
00:56:51.0805 5632 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:56:51.0835 5632 PNRPsvc - ok
00:56:51.0880 5632 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:56:51.0913 5632 PolicyAgent - ok
00:56:51.0947 5632 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:56:51.0979 5632 PptpMiniport - ok
00:56:52.0008 5632 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
00:56:52.0040 5632 Processor - ok
00:56:52.0065 5632 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:56:52.0093 5632 ProfSvc - ok
00:56:52.0147 5632 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:56:52.0163 5632 ProtectedStorage - ok
00:56:52.0183 5632 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:56:52.0207 5632 PSched - ok
00:56:52.0257 5632 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
00:56:52.0270 5632 PxHelp20 - ok
00:56:52.0396 5632 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:56:52.0458 5632 ql2300 - ok
00:56:52.0517 5632 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:56:52.0533 5632 ql40xx - ok
00:56:52.0592 5632 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:56:52.0613 5632 QWAVE - ok
00:56:52.0635 5632 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:56:52.0651 5632 QWAVEdrv - ok
00:56:52.0658 5632 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:56:52.0689 5632 RasAcd - ok
00:56:52.0711 5632 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:56:52.0746 5632 RasAuto - ok
00:56:52.0764 5632 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:56:52.0796 5632 Rasl2tp - ok
00:56:52.0828 5632 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:56:52.0858 5632 RasMan - ok
00:56:52.0868 5632 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:56:52.0893 5632 RasPppoe - ok
00:56:52.0902 5632 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:56:52.0918 5632 RasSstp - ok
00:56:52.0946 5632 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:56:52.0972 5632 rdbss - ok
00:56:52.0978 5632 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:56:53.0014 5632 RDPCDD - ok
00:56:53.0062 5632 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:56:53.0097 5632 rdpdr - ok
00:56:53.0103 5632 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:56:53.0136 5632 RDPENCDD - ok
00:56:53.0181 5632 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
00:56:53.0198 5632 RDPWD - ok
00:56:53.0241 5632 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:56:53.0277 5632 RemoteAccess - ok
00:56:53.0298 5632 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:56:53.0332 5632 RemoteRegistry - ok
00:56:53.0407 5632 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
00:56:53.0437 5632 RFCOMM - ok
00:56:53.0473 5632 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
00:56:53.0488 5632 rimmptsk - ok
00:56:53.0541 5632 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
00:56:53.0555 5632 rimsptsk - ok
00:56:53.0591 5632 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:56:53.0607 5632 RpcLocator - ok
00:56:53.0686 5632 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:56:53.0727 5632 RpcSs - ok
00:56:53.0870 5632 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:56:53.0901 5632 rspndr - ok
00:56:54.0046 5632 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:56:54.0062 5632 SamSs - ok
00:56:54.0120 5632 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:56:54.0135 5632 sbp2port - ok
00:56:54.0197 5632 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:56:54.0224 5632 SCardSvr - ok
00:56:54.0300 5632 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:56:54.0330 5632 Schedule - ok
00:56:54.0376 5632 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:56:54.0399 5632 SCPolicySvc - ok
00:56:54.0430 5632 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
00:56:54.0454 5632 sdbus - ok
00:56:54.0533 5632 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:56:54.0553 5632 SDRSVC - ok
00:56:54.0559 5632 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:56:54.0615 5632 secdrv - ok
00:56:54.0631 5632 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:56:54.0665 5632 seclogon - ok
00:56:54.0684 5632 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
00:56:54.0717 5632 SENS - ok
00:56:54.0743 5632 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
00:56:54.0800 5632 Serenum - ok
00:56:54.0823 5632 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:56:54.0879 5632 Serial - ok
00:56:54.0910 5632 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:56:54.0941 5632 sermouse - ok
00:56:54.0971 5632 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:56:55.0005 5632 SessionEnv - ok
00:56:55.0035 5632 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
00:56:55.0058 5632 sffdisk - ok
00:56:55.0072 5632 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:56:55.0103 5632 sffp_mmc - ok
00:56:55.0134 5632 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:56:55.0157 5632 sffp_sd - ok
00:56:55.0172 5632 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:56:55.0227 5632 sfloppy - ok
00:56:55.0318 5632 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:56:55.0354 5632 SharedAccess - ok
00:56:55.0446 5632 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:56:55.0467 5632 ShellHWDetection - ok
00:56:55.0511 5632 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:56:55.0526 5632 sisagp - ok
00:56:55.0546 5632 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:56:55.0562 5632 SiSRaid2 - ok
00:56:55.0582 5632 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:56:55.0597 5632 SiSRaid4 - ok
00:56:55.0726 5632 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
00:56:55.0740 5632 SkypeUpdate - ok
00:56:55.0972 5632 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:56:56.0100 5632 slsvc - ok
00:56:56.0226 5632 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:56:56.0252 5632 SLUINotify - ok
00:56:56.0292 5632 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:56:56.0316 5632 Smb - ok
00:56:56.0440 5632 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
00:56:56.0475 5632 smserial - ok
00:56:56.0514 5632 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:56:56.0531 5632 SNMPTRAP - ok
00:56:56.0596 5632 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:56:56.0611 5632 spldr - ok
00:56:56.0645 5632 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:56:56.0664 5632 Spooler - ok
00:56:56.0758 5632 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:56:56.0777 5632 srv - ok
00:56:56.0819 5632 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:56:56.0835 5632 srv2 - ok
00:56:56.0858 5632 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:56:56.0874 5632 srvnet - ok
00:56:56.0902 5632 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:56:56.0938 5632 SSDPSRV - ok
00:56:56.0963 5632 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:56:56.0981 5632 SstpSvc - ok
00:56:57.0025 5632 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:56:57.0054 5632 stisvc - ok
00:56:57.0193 5632 StkCMini (b14cbd454ea369692cee1810d0d27aa7) C:\Windows\system32\Drivers\StkCMini.sys
00:56:57.0234 5632 StkCMini - ok
00:56:57.0260 5632 StkSSrv (7f0abdf07c58c57918de14085dd36342) C:\Windows\System32\StkCSrv.exe
00:56:57.0275 5632 StkSSrv - ok
00:56:57.0286 5632 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:56:57.0301 5632 swenum - ok
00:56:57.0349 5632 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:56:57.0379 5632 swprv - ok
00:56:57.0417 5632 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:56:57.0431 5632 Symc8xx - ok
00:56:57.0448 5632 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:56:57.0462 5632 Sym_hi - ok
00:56:57.0500 5632 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:56:57.0513 5632 Sym_u3 - ok
00:56:57.0587 5632 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:56:57.0624 5632 SysMain - ok
00:56:57.0646 5632 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:56:57.0666 5632 TabletInputService - ok
00:56:57.0697 5632 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:56:57.0726 5632 TapiSrv - ok
00:56:57.0745 5632 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:56:57.0779 5632 TBS - ok
00:56:57.0881 5632 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
00:56:57.0920 5632 Tcpip - ok
00:56:57.0935 5632 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
00:56:57.0974 5632 Tcpip6 - ok
00:56:58.0009 5632 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:56:58.0025 5632 tcpipreg - ok
00:56:58.0051 5632 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:56:58.0082 5632 TDPIPE - ok
00:56:58.0097 5632 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:56:58.0129 5632 TDTCP - ok
00:56:58.0162 5632 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:56:58.0186 5632 tdx - ok
00:56:58.0223 5632 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:56:58.0239 5632 TermDD - ok
00:56:58.0290 5632 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:56:58.0325 5632 TermService - ok
00:56:58.0390 5632 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:56:58.0411 5632 Themes - ok
00:56:58.0556 5632 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:56:58.0588 5632 THREADORDER - ok
00:56:58.0624 5632 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:56:58.0658 5632 TrkWks - ok
00:56:58.0688 5632 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:56:58.0712 5632 TrustedInstaller - ok
00:56:58.0738 5632 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:56:58.0769 5632 tssecsrv - ok
00:56:58.0775 5632 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:56:58.0790 5632 tunmp - ok
00:56:58.0915 5632 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:56:58.0929 5632 tunnel - ok
00:56:58.0962 5632 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:56:58.0978 5632 uagp35 - ok
00:56:59.0126 5632 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:56:59.0153 5632 udfs - ok
00:56:59.0240 5632 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:56:59.0274 5632 UI0Detect - ok
00:56:59.0298 5632 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:56:59.0313 5632 uliagpkx - ok
00:56:59.0351 5632 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:56:59.0371 5632 uliahci - ok
00:56:59.0396 5632 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:56:59.0411 5632 UlSata - ok
00:56:59.0436 5632 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:56:59.0452 5632 ulsata2 - ok
00:56:59.0481 5632 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:56:59.0512 5632 umbus - ok
00:56:59.0555 5632 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:56:59.0592 5632 upnphost - ok
00:56:59.0626 5632 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
00:56:59.0640 5632 USBAAPL - ok
00:56:59.0695 5632 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:56:59.0719 5632 usbccgp - ok
00:56:59.0741 5632 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:56:59.0798 5632 usbcir - ok
00:56:59.0824 5632 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:56:59.0854 5632 usbehci - ok
00:56:59.0907 5632 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:56:59.0948 5632 usbhub - ok
00:56:59.0991 5632 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:57:00.0016 5632 usbohci - ok
00:57:00.0039 5632 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
00:57:00.0101 5632 usbprint - ok
00:57:00.0155 5632 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:57:00.0182 5632 USBSTOR - ok
00:57:00.0203 5632 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:57:00.0226 5632 usbuhci - ok
00:57:00.0260 5632 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:57:00.0287 5632 UxSms - ok
00:57:00.0332 5632 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:57:00.0369 5632 vds - ok
00:57:00.0404 5632 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:57:00.0435 5632 vga - ok
00:57:00.0442 5632 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:57:00.0473 5632 VgaSave - ok
00:57:00.0508 5632 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:57:00.0523 5632 viaagp - ok
00:57:00.0540 5632 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:57:00.0571 5632 ViaC7 - ok
00:57:00.0589 5632 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:57:00.0603 5632 viaide - ok
00:57:00.0641 5632 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:57:00.0658 5632 volmgr - ok
00:57:00.0716 5632 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:57:00.0737 5632 volmgrx - ok
00:57:00.0781 5632 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:57:00.0801 5632 volsnap - ok
00:57:00.0831 5632 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:57:00.0848 5632 vsmraid - ok
00:57:00.0958 5632 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:57:01.0004 5632 VSS - ok
00:57:01.0052 5632 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:57:01.0082 5632 W32Time - ok
00:57:01.0134 5632 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:57:01.0190 5632 WacomPen - ok
00:57:01.0214 5632 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:57:01.0238 5632 Wanarp - ok
00:57:01.0243 5632 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:57:01.0268 5632 Wanarpv6 - ok
00:57:01.0309 5632 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:57:01.0336 5632 wcncsvc - ok
00:57:01.0397 5632 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:57:01.0423 5632 WcsPlugInService - ok
00:57:01.0442 5632 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:57:01.0457 5632 Wd - ok
00:57:01.0517 5632 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:57:01.0543 5632 Wdf01000 - ok
00:57:01.0580 5632 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:57:01.0615 5632 WdiServiceHost - ok
00:57:01.0621 5632 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:57:01.0657 5632 WdiSystemHost - ok
00:57:01.0690 5632 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:57:01.0711 5632 WebClient - ok
00:57:01.0749 5632 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:57:01.0769 5632 Wecsvc - ok
00:57:01.0785 5632 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:57:01.0812 5632 wercplsupport - ok
00:57:01.0859 5632 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:57:01.0887 5632 WerSvc - ok
00:57:02.0043 5632 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:57:02.0063 5632 WinDefend - ok
00:57:02.0072 5632 WinHttpAutoProxySvc - ok
00:57:02.0139 5632 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:57:02.0165 5632 Winmgmt - ok
00:57:02.0295 5632 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:57:02.0339 5632 WinRM - ok
00:57:02.0439 5632 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:57:02.0488 5632 Wlansvc - ok
00:57:02.0541 5632 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:57:02.0564 5632 WmiAcpi - ok
00:57:02.0632 5632 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:57:02.0658 5632 wmiApSrv - ok
00:57:02.0725 5632 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:57:02.0757 5632 WMPNetworkSvc - ok
00:57:02.0825 5632 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:57:02.0844 5632 WPCSvc - ok
00:57:02.0882 5632 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:57:02.0900 5632 WPDBusEnum - ok
00:57:02.0948 5632 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:57:02.0962 5632 WpdUsb - ok
00:57:03.0100 5632 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:57:03.0132 5632 WPFFontCache_v0400 - ok
00:57:03.0151 5632 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:57:03.0183 5632 ws2ifsl - ok
00:57:03.0220 5632 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:57:03.0240 5632 wscsvc - ok
00:57:03.0245 5632 WSearch - ok
00:57:03.0420 5632 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
00:57:03.0491 5632 wuauserv - ok
00:57:03.0644 5632 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:57:03.0677 5632 WUDFRd - ok
00:57:03.0712 5632 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:57:03.0748 5632 wudfsvc - ok
00:57:03.0801 5632 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
00:57:03.0838 5632 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
00:57:03.0879 5632 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
00:57:03.0879 5632 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
00:57:04.0130 5632 Boot (0x1200) (639e4a7da814909876ff1a4b78bdb2b2) \Device\Harddisk0\DR0\Partition0
00:57:04.0146 5632 \Device\Harddisk0\DR0\Partition0 - ok
00:57:04.0196 5632 Boot (0x1200) (95f4c396111d6657ab60e815a3b70228) \Device\Harddisk0\DR0\Partition1
00:57:04.0199 5632 \Device\Harddisk0\DR0\Partition1 - ok
00:57:04.0200 5632 ============================================================
00:57:04.0200 5632 Scan finished
00:57:04.0200 5632 ============================================================
00:57:04.0244 3864 Detected object count: 1
00:57:04.0244 3864 Actual detected object count: 1
00:57:08.0508 3864 \Device\Harddisk0\DR0\# - copied to quarantine
00:57:08.0508 3864 \Device\Harddisk0\DR0 - copied to quarantine
00:57:08.0549 3864 \Device\Harddisk0\DR0 - processing error
00:57:39.0182 3864 \Device\Harddisk0\DR0 - will be restored on reboot
00:57:39.0539 3864 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure Restore
  • 0

#19
sa6370
Posted 17 July 2012 - 04:05 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
http://imageshack.us...93/descopy.jpg/ here i pressed YES, i rebooted, but the nod says that the virus is still there.
  • 0

#20
sa6370
Posted 17 July 2012 - 04:12 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
If this virus is not very dangerous, i can live with it.. after few weeks i must buy new computer, but i cant lose the documents in this one, if the virus can delete them, i prefer to delete it somehow now, before its late, btw what is you recommendation: HP or DELL? (for notebook)
  • 0

#21
Essexboy
Posted 18 July 2012 - 08:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you select yes to the popup ?

If not then re-run TDSSKiller and this time select yes
  • 0

#22
sa6370
Posted 18 July 2012 - 11:56 AM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I clicked YES on the first time, but there is no result, i think that im going ot re-install my windows
  • 0

#23
Essexboy
Posted 18 July 2012 - 12:30 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK if you reinstall windows you will need to reformat to ensure it has totally gone... Do you wish assistance with this ?
  • 0

#24
sa6370
Posted 18 July 2012 - 01:20 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
No, I have reinstalled it before and I know how, now im tranfering my files to external hard disk, after that I will format the both parts, thank you very much for the assistance!! I wish you everything good!
  • 0

#25
Essexboy
Posted 18 July 2012 - 01:21 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sorry we couldn't quite kill this .. Keep safe
  • 0

Advertisements

#26
sa6370
Posted 18 July 2012 - 03:52 PM

sa6370

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
No problem, you done what you can, I appreciate this, thank you again!!
  • 0

#27
Essexboy
Posted 19 July 2012 - 07:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP