Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Olmarik tdl4 virus [Closed]

Started by Rigeldog , Aug 17 2012 12:11 AM

  • This topic is locked This topic is locked

#31
Rigeldog
Posted 19 August 2012 - 12:15 PM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Still not running.
  • 0

Advertisements

#32
ali.B
Posted 20 August 2012 - 03:12 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

please download Listparts

Run the tool, click Scan and post the log (Result.txt) it makes.
  • 0

#33
Rigeldog
Posted 20 August 2012 - 04:15 PM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I will try... Things seem to be getting worse and worse. Popping up stuff everywhere. I am trying to use malware bytes to fight them all back the best I can. Sigh...
  • 0

#34
Rigeldog
Posted 20 August 2012 - 04:39 PM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
ListParts by Farbar Version: 10-08-2012
Ran by ballm (administrator) on 20-08-2012 at 17:34:53
Windows 7 (X86)
Running From: C:\Users\ballm\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 40%
Total physical RAM: 1903.43 MB
Available physical RAM: 1132.9 MB
Total Pagefile: 3806.86 MB
Available Pagefile: 2756.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1956.98 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:297.98 GB) (Free:99.78 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 3072 KB

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 297 GB 101 MB
Partition 3 Primary 10 MB 298 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 297 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******
  • 0

#35
Rigeldog
Posted 20 August 2012 - 06:18 PM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I think a might have made a breakthrough of some kind. I was somehow able to get the new version of tdsskiller to run. It seemed able to do its thing. Should I send you some sort of new log?
  • 0

#36
ali.B
Posted 20 August 2012 - 10:40 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Yes please post the log
  • 0

#37
Rigeldog
Posted 21 August 2012 - 04:53 AM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
05:48:20.0341 3344 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
05:48:20.0840 3344 ============================================================
05:48:20.0840 3344 Current date / time: 2012/08/21 05:48:20.0840
05:48:20.0840 3344 SystemInfo:
05:48:20.0840 3344
05:48:20.0840 3344 OS Version: 6.1.7601 ServicePack: 1.0
05:48:20.0840 3344 Product type: Workstation
05:48:20.0840 3344 ComputerName: HILLTOPBALL
05:48:20.0840 3344 UserName: ballm
05:48:20.0840 3344 Windows directory: C:\Windows
05:48:20.0840 3344 System windows directory: C:\Windows
05:48:20.0840 3344 Processor architecture: Intel x86
05:48:20.0840 3344 Number of processors: 2
05:48:20.0840 3344 Page size: 0x1000
05:48:20.0840 3344 Boot type: Normal boot
05:48:20.0840 3344 ============================================================
05:48:22.0042 3344 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
05:48:22.0042 3344 ============================================================
05:48:22.0042 3344 \Device\Harddisk0\DR0:
05:48:22.0042 3344 MBR partitions:
05:48:22.0042 3344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:48:22.0042 3344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253F4AB0
05:48:22.0042 3344 ============================================================
05:48:22.0073 3344 C: <-> \Device\Harddisk0\DR0\Partition2
05:48:22.0073 3344 ============================================================
05:48:22.0073 3344 Initialize success
05:48:22.0073 3344 ============================================================
05:48:31.0605 3308 ============================================================
05:48:31.0605 3308 Scan started
05:48:31.0605 3308 Mode: Manual; SigCheck; TDLFS;
05:48:31.0605 3308 ============================================================
05:48:32.0619 3308 ================ Scan system memory ========================
05:48:32.0619 3308 System memory - ok
05:48:32.0619 3308 ================ Scan services =============================
05:48:32.0791 3308 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:48:32.0885 3308 1394ohci - ok
05:48:32.0931 3308 [ 465B6BAABA53A628F7252846D0E900EE ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
05:48:32.0963 3308 Accelerometer - ok
05:48:33.0041 3308 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:48:33.0056 3308 ACPI - ok
05:48:33.0056 3308 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:48:33.0072 3308 AcpiPmi - ok
05:48:33.0212 3308 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
05:48:33.0228 3308 AdobeARMservice - ok
05:48:33.0337 3308 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:48:33.0353 3308 AdobeFlashPlayerUpdateSvc - ok
05:48:33.0399 3308 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:48:33.0462 3308 adp94xx - ok
05:48:33.0477 3308 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:48:33.0493 3308 adpahci - ok
05:48:33.0509 3308 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:48:33.0555 3308 adpu320 - ok
05:48:33.0571 3308 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:48:33.0587 3308 AeLookupSvc - ok
05:48:33.0633 3308 [ 822D53766D57C90C437536232ECE9023 ] AESTAud C:\Windows\system32\drivers\AESTAud.sys
05:48:33.0649 3308 AESTAud - ok
05:48:33.0743 3308 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
05:48:33.0758 3308 AESTFilters - ok
05:48:33.0821 3308 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
05:48:33.0836 3308 AFD - ok
05:48:33.0930 3308 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
05:48:33.0945 3308 AgereModemAudio - ok
05:48:34.0008 3308 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
05:48:34.0039 3308 AgereSoftModem - ok
05:48:34.0070 3308 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
05:48:34.0086 3308 agp440 - ok
05:48:34.0133 3308 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
05:48:34.0148 3308 aic78xx - ok
05:48:34.0179 3308 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
05:48:34.0195 3308 ALG - ok
05:48:34.0242 3308 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
05:48:34.0242 3308 aliide - ok
05:48:34.0257 3308 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
05:48:34.0273 3308 amdagp - ok
05:48:34.0289 3308 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
05:48:34.0304 3308 amdide - ok
05:48:34.0320 3308 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:48:34.0335 3308 AmdK8 - ok
05:48:34.0351 3308 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:48:34.0367 3308 AmdPPM - ok
05:48:34.0413 3308 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:48:34.0429 3308 amdsata - ok
05:48:34.0445 3308 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:48:34.0460 3308 amdsbs - ok
05:48:34.0460 3308 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:48:34.0476 3308 amdxata - ok
05:48:34.0538 3308 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
05:48:34.0569 3308 AppID - ok
05:48:34.0585 3308 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:48:34.0616 3308 AppIDSvc - ok
05:48:34.0663 3308 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
05:48:34.0694 3308 Appinfo - ok
05:48:34.0772 3308 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:48:34.0788 3308 Apple Mobile Device - ok
05:48:34.0835 3308 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
05:48:34.0850 3308 AppMgmt - ok
05:48:34.0881 3308 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
05:48:34.0897 3308 arc - ok
05:48:34.0897 3308 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:48:34.0913 3308 arcsas - ok
05:48:34.0944 3308 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:48:34.0991 3308 AsyncMac - ok
05:48:35.0022 3308 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
05:48:35.0037 3308 atapi - ok
05:48:35.0084 3308 [ 8A6F60BAA4660BCFA1919E29E89ACF89 ] athr C:\Windows\system32\DRIVERS\athr.sys
05:48:35.0115 3308 athr - ok
05:48:35.0178 3308 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:48:35.0209 3308 AudioEndpointBuilder - ok
05:48:35.0225 3308 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
05:48:35.0256 3308 Audiosrv - ok
05:48:35.0303 3308 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:48:35.0334 3308 AxInstSV - ok
05:48:35.0365 3308 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
05:48:35.0396 3308 b06bdrv - ok
05:48:35.0443 3308 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
05:48:35.0459 3308 b57nd60x - ok
05:48:35.0599 3308 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
05:48:35.0615 3308 BBSvc - ok
05:48:35.0630 3308 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
05:48:35.0646 3308 BBUpdate - ok
05:48:35.0677 3308 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
05:48:35.0693 3308 BDESVC - ok
05:48:35.0708 3308 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
05:48:35.0755 3308 Beep - ok
05:48:35.0802 3308 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
05:48:35.0849 3308 BITS - ok
05:48:35.0864 3308 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:48:35.0880 3308 blbdrive - ok
05:48:36.0005 3308 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:48:36.0020 3308 Bonjour Service - ok
05:48:36.0083 3308 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:48:36.0098 3308 bowser - ok
05:48:36.0114 3308 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:48:36.0129 3308 BrFiltLo - ok
05:48:36.0145 3308 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:48:36.0161 3308 BrFiltUp - ok
05:48:36.0192 3308 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
05:48:36.0207 3308 Browser - ok
05:48:36.0223 3308 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:48:36.0254 3308 Brserid - ok
05:48:36.0270 3308 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:48:36.0285 3308 BrSerWdm - ok
05:48:36.0301 3308 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:48:36.0317 3308 BrUsbMdm - ok
05:48:36.0317 3308 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:48:36.0332 3308 BrUsbSer - ok
05:48:36.0348 3308 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:48:36.0363 3308 BTHMODEM - ok
05:48:36.0410 3308 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
05:48:36.0441 3308 bthserv - ok
05:48:36.0473 3308 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:48:36.0535 3308 cdfs - ok
05:48:36.0597 3308 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
05:48:36.0613 3308 cdrom - ok
05:48:36.0675 3308 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
05:48:36.0707 3308 CertPropSvc - ok
05:48:36.0707 3308 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:48:36.0722 3308 circlass - ok
05:48:36.0753 3308 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
05:48:36.0769 3308 CLFS - ok
05:48:36.0816 3308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:48:36.0831 3308 clr_optimization_v2.0.50727_32 - ok
05:48:36.0925 3308 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:48:36.0925 3308 clr_optimization_v4.0.30319_32 - ok
05:48:36.0956 3308 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:48:36.0972 3308 CmBatt - ok
05:48:37.0003 3308 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:48:37.0019 3308 cmdide - ok
05:48:37.0065 3308 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
05:48:37.0097 3308 CNG - ok
05:48:37.0097 3308 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:48:37.0128 3308 Compbatt - ok
05:48:37.0175 3308 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:48:37.0206 3308 CompositeBus - ok
05:48:37.0206 3308 COMSysApp - ok
05:48:37.0221 3308 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:48:37.0237 3308 crcdisk - ok
05:48:37.0299 3308 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:48:37.0315 3308 CryptSvc - ok
05:48:37.0362 3308 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
05:48:37.0377 3308 CSC - ok
05:48:37.0440 3308 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
05:48:37.0455 3308 CscService - ok
05:48:37.0471 3308 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
05:48:37.0518 3308 DcomLaunch - ok
05:48:37.0549 3308 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
05:48:37.0596 3308 defragsvc - ok
05:48:37.0643 3308 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:48:37.0689 3308 DfsC - ok
05:48:37.0721 3308 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
05:48:37.0767 3308 Dhcp - ok
05:48:37.0783 3308 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
05:48:37.0814 3308 discache - ok
05:48:37.0861 3308 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:48:37.0861 3308 Disk - ok
05:48:37.0908 3308 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:48:37.0923 3308 Dnscache - ok
05:48:37.0986 3308 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
05:48:38.0017 3308 dot3svc - ok
05:48:38.0142 3308 [ 5544D66F9A0CFF5429F7A750929407E9 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
05:48:38.0157 3308 DpHost - ok
05:48:38.0189 3308 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
05:48:38.0235 3308 DPS - ok
05:48:38.0267 3308 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:48:38.0298 3308 drmkaud - ok
05:48:38.0345 3308 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:48:38.0376 3308 DXGKrnl - ok
05:48:38.0423 3308 [ AF82DC664E3D8E2CBA3B95E68F6448A7 ] eamon C:\Windows\system32\DRIVERS\eamon.sys
05:48:38.0438 3308 eamon - ok
05:48:38.0485 3308 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
05:48:38.0516 3308 EapHost - ok
05:48:38.0610 3308 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
05:48:38.0672 3308 ebdrv - ok
05:48:38.0719 3308 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
05:48:38.0735 3308 EFS - ok
05:48:38.0781 3308 [ 686A799C1BF1B18941994DAF9F45DB06 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
05:48:38.0797 3308 ehdrv - ok
05:48:38.0875 3308 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:48:38.0891 3308 ehRecvr - ok
05:48:38.0922 3308 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
05:48:38.0937 3308 ehSched - ok
05:48:39.0031 3308 [ 9329BA45C8B97485926A171E34C2ABB8 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
05:48:39.0047 3308 EhttpSrv - ok
05:48:39.0078 3308 [ 3543C6195D5ED4EDA0316D3E1BA0E6EE ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
05:48:39.0109 3308 ekrn - ok
05:48:39.0156 3308 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:48:39.0187 3308 elxstor - ok
05:48:39.0203 3308 [ 8700EADC8BDFA27D948FCC43EE0AE434 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
05:48:39.0203 3308 epfwwfpr - ok
05:48:39.0249 3308 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:48:39.0265 3308 ErrDev - ok
05:48:39.0312 3308 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
05:48:39.0359 3308 EventSystem - ok
05:48:39.0374 3308 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
05:48:39.0405 3308 exfat - ok
05:48:39.0421 3308 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:48:39.0483 3308 fastfat - ok
05:48:39.0546 3308 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
05:48:39.0577 3308 Fax - ok
05:48:39.0577 3308 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:48:39.0593 3308 fdc - ok
05:48:39.0624 3308 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
05:48:39.0655 3308 fdPHost - ok
05:48:39.0671 3308 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
05:48:39.0702 3308 FDResPub - ok
05:48:39.0733 3308 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:48:39.0764 3308 FileInfo - ok
05:48:39.0764 3308 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:48:39.0811 3308 Filetrace - ok
05:48:39.0811 3308 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:48:39.0827 3308 flpydisk - ok
05:48:39.0858 3308 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:48:39.0873 3308 FltMgr - ok
05:48:39.0936 3308 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
05:48:39.0983 3308 FontCache - ok
05:48:40.0014 3308 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
05:48:40.0029 3308 FontCache3.0.0.0 - ok
05:48:40.0045 3308 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:48:40.0061 3308 FsDepends - ok
05:48:40.0092 3308 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:48:40.0107 3308 Fs_Rec - ok
05:48:40.0170 3308 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:48:40.0185 3308 fvevol - ok
05:48:40.0232 3308 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:48:40.0232 3308 gagp30kx - ok
05:48:40.0295 3308 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:48:40.0310 3308 GEARAspiWDM - ok
05:48:40.0357 3308 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
05:48:40.0388 3308 gpsvc - ok
05:48:40.0435 3308 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
05:48:40.0435 3308 grmnusb - ok
05:48:40.0529 3308 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
05:48:40.0529 3308 gupdate - ok
05:48:40.0560 3308 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
05:48:40.0575 3308 gupdatem - ok
05:48:40.0622 3308 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:48:40.0638 3308 gusvc - ok
05:48:40.0653 3308 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:48:40.0669 3308 hcw85cir - ok
05:48:40.0716 3308 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:48:40.0731 3308 HdAudAddService - ok
05:48:40.0794 3308 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
05:48:40.0809 3308 HDAudBus - ok
05:48:40.0841 3308 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
05:48:40.0856 3308 HECI - ok
05:48:40.0872 3308 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:48:40.0887 3308 HidBatt - ok
05:48:40.0903 3308 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:48:40.0934 3308 HidBth - ok
05:48:40.0950 3308 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:48:40.0981 3308 HidIr - ok
05:48:40.0997 3308 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
05:48:41.0028 3308 hidserv - ok
05:48:41.0090 3308 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
05:48:41.0106 3308 HidUsb - ok
05:48:41.0137 3308 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:48:41.0184 3308 hkmsvc - ok
05:48:41.0231 3308 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:48:41.0246 3308 HomeGroupListener - ok
05:48:41.0277 3308 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:48:41.0293 3308 HomeGroupProvider - ok
05:48:41.0371 3308 [ 2666CFC4A063D75FE3D87BC334D7ECF5 ] HP ProtectTools Service C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
05:48:41.0387 3308 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - warning
05:48:41.0387 3308 HP ProtectTools Service - detected UnsignedFile.Multi.Generic (1)
05:48:41.0433 3308 [ D5C35E6416A379C445CDA826B9FE452F ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
05:48:41.0449 3308 hpdskflt - ok
05:48:41.0527 3308 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
05:48:41.0543 3308 hpqwmiex - ok
05:48:41.0574 3308 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:48:41.0589 3308 HpSAMD - ok
05:48:41.0636 3308 [ 00DC55481FAD2841284ED09E7D69CD11 ] hpsrv C:\Windows\system32\Hpservice.exe
05:48:41.0636 3308 hpsrv - ok
05:48:41.0699 3308 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:48:41.0745 3308 HTTP - ok
05:48:41.0792 3308 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:48:41.0823 3308 hwpolicy - ok
05:48:41.0886 3308 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:48:41.0901 3308 i8042prt - ok
05:48:41.0933 3308 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:48:41.0948 3308 iaStorV - ok
05:48:42.0011 3308 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:48:42.0042 3308 idsvc - ok
05:48:42.0213 3308 [ B3A313080B0F73F4C8292290606FC15D ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
05:48:42.0369 3308 igfx - ok
05:48:42.0416 3308 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:48:42.0447 3308 iirsp - ok
05:48:42.0510 3308 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
05:48:42.0557 3308 IKEEXT - ok
05:48:42.0588 3308 [ 03C0D99BC2913226F1CEA7CB0D984659 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
05:48:42.0603 3308 Impcd - ok
05:48:42.0635 3308 [ BF31740828A26AB451803E3B35432651 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
05:48:42.0650 3308 IntcDAud - ok
05:48:42.0697 3308 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
05:48:42.0713 3308 intelide - ok
05:48:42.0728 3308 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:48:42.0744 3308 intelppm - ok
05:48:42.0837 3308 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
05:48:42.0853 3308 IntuitUpdateService - ok
05:48:42.0869 3308 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:48:42.0915 3308 IPBusEnum - ok
05:48:42.0915 3308 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:48:42.0947 3308 IpFilterDriver - ok
05:48:42.0962 3308 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:48:42.0978 3308 IPMIDRV - ok
05:48:43.0009 3308 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:48:43.0071 3308 IPNAT - ok
05:48:43.0149 3308 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:48:43.0181 3308 iPod Service - ok
05:48:43.0212 3308 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:48:43.0227 3308 IRENUM - ok
05:48:43.0243 3308 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:48:43.0290 3308 isapnp - ok
05:48:43.0337 3308 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:48:43.0352 3308 iScsiPrt - ok
05:48:43.0415 3308 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
05:48:43.0415 3308 kbdclass - ok
05:48:43.0446 3308 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
05:48:43.0461 3308 kbdhid - ok
05:48:43.0477 3308 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
05:48:43.0493 3308 KeyIso - ok
05:48:43.0539 3308 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:48:43.0555 3308 KSecDD - ok
05:48:43.0571 3308 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:48:43.0586 3308 KSecPkg - ok
05:48:43.0617 3308 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
05:48:43.0649 3308 KtmRm - ok
05:48:43.0695 3308 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
05:48:43.0727 3308 LanmanServer - ok
05:48:43.0773 3308 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:48:43.0805 3308 LanmanWorkstation - ok
05:48:43.0820 3308 Lbd - ok
05:48:43.0867 3308 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:48:43.0898 3308 lltdio - ok
05:48:43.0914 3308 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:48:43.0945 3308 lltdsvc - ok
05:48:43.0961 3308 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
05:48:44.0007 3308 lmhosts - ok
05:48:44.0085 3308 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
05:48:44.0101 3308 LMS - ok
05:48:44.0132 3308 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:48:44.0148 3308 LSI_FC - ok
05:48:44.0163 3308 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:48:44.0179 3308 LSI_SAS - ok
05:48:44.0195 3308 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:48:44.0210 3308 LSI_SAS2 - ok
05:48:44.0210 3308 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:48:44.0226 3308 LSI_SCSI - ok
05:48:44.0257 3308 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
05:48:44.0304 3308 luafv - ok
05:48:44.0366 3308 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
05:48:44.0382 3308 MBAMProtector - ok
05:48:44.0444 3308 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
05:48:44.0475 3308 MBAMService - ok
05:48:44.0553 3308 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
05:48:44.0569 3308 McComponentHostService - ok
05:48:44.0616 3308 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:48:44.0631 3308 Mcx2Svc - ok
05:48:44.0663 3308 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:48:44.0663 3308 megasas - ok
05:48:44.0709 3308 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:48:44.0725 3308 MegaSR - ok
05:48:44.0741 3308 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
05:48:44.0787 3308 MMCSS - ok
05:48:44.0787 3308 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
05:48:44.0819 3308 Modem - ok
05:48:44.0850 3308 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:48:44.0881 3308 monitor - ok
05:48:44.0912 3308 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
05:48:44.0943 3308 mouclass - ok
05:48:44.0959 3308 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:48:44.0975 3308 mouhid - ok
05:48:45.0021 3308 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:48:45.0021 3308 mountmgr - ok
05:48:45.0146 3308 [ 19E4BAA7BE36144C41AF844DE1CFB50D ] Movielink Core Service C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
05:48:45.0193 3308 Movielink Core Service - ok
05:48:45.0209 3308 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
05:48:45.0224 3308 mpio - ok
05:48:45.0255 3308 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:48:45.0287 3308 mpsdrv - ok
05:48:45.0333 3308 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:48:45.0349 3308 MRxDAV - ok
05:48:45.0396 3308 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:48:45.0411 3308 mrxsmb - ok
05:48:45.0458 3308 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:48:45.0474 3308 mrxsmb10 - ok
05:48:45.0489 3308 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:48:45.0505 3308 mrxsmb20 - ok
05:48:45.0552 3308 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
05:48:45.0552 3308 msahci - ok
05:48:45.0583 3308 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:48:45.0614 3308 msdsm - ok
05:48:45.0630 3308 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
05:48:45.0645 3308 MSDTC - ok
05:48:45.0692 3308 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:48:45.0739 3308 Msfs - ok
05:48:45.0739 3308 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:48:45.0786 3308 mshidkmdf - ok
05:48:45.0801 3308 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:48:45.0817 3308 msisadrv - ok
05:48:45.0864 3308 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:48:45.0895 3308 MSiSCSI - ok
05:48:45.0895 3308 msiserver - ok
05:48:45.0911 3308 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:48:45.0942 3308 MSKSSRV - ok
05:48:45.0957 3308 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:48:45.0989 3308 MSPCLOCK - ok
05:48:45.0989 3308 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:48:46.0035 3308 MSPQM - ok
05:48:46.0051 3308 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:48:46.0067 3308 MsRPC - ok
05:48:46.0082 3308 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:48:46.0098 3308 mssmbios - ok
05:48:46.0098 3308 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:48:46.0145 3308 MSTEE - ok
05:48:46.0160 3308 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:48:46.0176 3308 MTConfig - ok
05:48:46.0176 3308 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
05:48:46.0191 3308 Mup - ok
05:48:46.0223 3308 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
05:48:46.0254 3308 napagent - ok
05:48:46.0301 3308 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:48:46.0347 3308 NativeWifiP - ok
05:48:46.0379 3308 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
05:48:46.0410 3308 NDIS - ok
05:48:46.0441 3308 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:48:46.0472 3308 NdisCap - ok
05:48:46.0503 3308 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:48:46.0535 3308 NdisTapi - ok
05:48:46.0597 3308 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:48:46.0628 3308 Ndisuio - ok
05:48:46.0659 3308 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:48:46.0706 3308 NdisWan - ok
05:48:46.0722 3308 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:48:46.0753 3308 NDProxy - ok
05:48:46.0784 3308 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:48:46.0847 3308 NetBIOS - ok
05:48:46.0893 3308 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:48:46.0940 3308 NetBT - ok
05:48:46.0956 3308 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
05:48:46.0971 3308 Netlogon - ok
05:48:47.0018 3308 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
05:48:47.0049 3308 Netman - ok
05:48:47.0065 3308 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
05:48:47.0112 3308 netprofm - ok
05:48:47.0143 3308 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:48:47.0159 3308 NetTcpPortSharing - ok
05:48:47.0190 3308 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:48:47.0205 3308 nfrd960 - ok
05:48:47.0252 3308 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:48:47.0283 3308 NlaSvc - ok
05:48:47.0393 3308 [ 13350DDD0976CEB5F125396C7BFB05B4 ] nmraapache C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
05:48:47.0393 3308 nmraapache ( UnsignedFile.Multi.Generic ) - warning
05:48:47.0393 3308 nmraapache - detected UnsignedFile.Multi.Generic (1)
05:48:47.0486 3308 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
05:48:47.0517 3308 nmservice - ok
05:48:47.0533 3308 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:48:47.0564 3308 Npfs - ok
05:48:47.0595 3308 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
05:48:47.0627 3308 nsi - ok
05:48:47.0642 3308 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:48:47.0705 3308 nsiproxy - ok
05:48:47.0736 3308 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:48:47.0767 3308 Ntfs - ok
05:48:47.0783 3308 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
05:48:47.0829 3308 Null - ok
05:48:47.0861 3308 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:48:47.0892 3308 nvraid - ok
05:48:47.0939 3308 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:48:47.0954 3308 nvstor - ok
05:48:48.0001 3308 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:48:48.0017 3308 nv_agp - ok
05:48:48.0126 3308 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:48:48.0141 3308 odserv - ok
05:48:48.0157 3308 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:48:48.0173 3308 ohci1394 - ok
05:48:48.0219 3308 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:48:48.0235 3308 ose - ok
05:48:48.0266 3308 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:48:48.0282 3308 p2pimsvc - ok
05:48:48.0313 3308 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
05:48:48.0329 3308 p2psvc - ok
05:48:48.0360 3308 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:48:48.0391 3308 Parport - ok
05:48:48.0438 3308 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:48:48.0485 3308 partmgr - ok
05:48:48.0500 3308 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
05:48:48.0531 3308 Parvdm - ok
05:48:48.0531 3308 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
05:48:48.0563 3308 PcaSvc - ok
05:48:48.0563 3308 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
05:48:48.0578 3308 pci - ok
05:48:48.0625 3308 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
05:48:48.0641 3308 pciide - ok
05:48:48.0656 3308 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:48:48.0672 3308 pcmcia - ok
05:48:48.0687 3308 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
05:48:48.0719 3308 pcw - ok
05:48:48.0734 3308 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:48:48.0781 3308 PEAUTH - ok
05:48:48.0828 3308 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
05:48:48.0859 3308 PeerDistSvc - ok
05:48:48.0921 3308 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
05:48:48.0984 3308 pla - ok
05:48:49.0031 3308 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:48:49.0062 3308 PlugPlay - ok
05:48:49.0109 3308 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
05:48:49.0140 3308 pnarp - ok
05:48:49.0140 3308 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:48:49.0155 3308 PNRPAutoReg - ok
05:48:49.0171 3308 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:48:49.0187 3308 PNRPsvc - ok
05:48:49.0249 3308 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:48:49.0296 3308 PolicyAgent - ok
05:48:49.0343 3308 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
05:48:49.0374 3308 Power - ok
05:48:49.0405 3308 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:48:49.0452 3308 PptpMiniport - ok
05:48:49.0467 3308 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:48:49.0514 3308 Processor - ok
05:48:49.0561 3308 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
05:48:49.0592 3308 ProfSvc - ok
05:48:49.0608 3308 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:48:49.0623 3308 ProtectedStorage - ok
05:48:49.0655 3308 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:48:49.0686 3308 Psched - ok
05:48:49.0748 3308 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys
05:48:49.0748 3308 purendis - ok
05:48:49.0779 3308 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:48:49.0842 3308 ql2300 - ok
05:48:49.0842 3308 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:48:49.0889 3308 ql40xx - ok
05:48:49.0904 3308 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
05:48:49.0935 3308 QWAVE - ok
05:48:49.0967 3308 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:48:49.0998 3308 QWAVEdrv - ok
05:48:49.0998 3308 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:48:50.0060 3308 RasAcd - ok
05:48:50.0091 3308 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:48:50.0123 3308 RasAgileVpn - ok
05:48:50.0138 3308 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
05:48:50.0169 3308 RasAuto - ok
05:48:50.0185 3308 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:48:50.0232 3308 Rasl2tp - ok
05:48:50.0294 3308 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
05:48:50.0341 3308 RasMan - ok
05:48:50.0357 3308 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:48:50.0388 3308 RasPppoe - ok
05:48:50.0388 3308 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:48:50.0435 3308 RasSstp - ok
05:48:50.0466 3308 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:48:50.0513 3308 rdbss - ok
05:48:50.0528 3308 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:48:50.0559 3308 rdpbus - ok
05:48:50.0606 3308 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:48:50.0637 3308 RDPCDD - ok
05:48:50.0653 3308 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
05:48:50.0684 3308 RDPDR - ok
05:48:50.0731 3308 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:48:50.0778 3308 RDPENCDD - ok
05:48:50.0793 3308 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:48:50.0825 3308 RDPREFMP - ok
05:48:50.0871 3308 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:48:50.0887 3308 RDPWD - ok
05:48:50.0934 3308 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:48:50.0949 3308 rdyboost - ok
05:48:50.0965 3308 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
05:48:51.0012 3308 RemoteAccess - ok
05:48:51.0027 3308 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:48:51.0074 3308 RemoteRegistry - ok
05:48:51.0090 3308 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:48:51.0121 3308 RpcEptMapper - ok
05:48:51.0137 3308 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
05:48:51.0152 3308 RpcLocator - ok
05:48:51.0168 3308 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
05:48:51.0199 3308 RpcSs - ok
05:48:51.0215 3308 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:48:51.0293 3308 rspndr - ok
05:48:51.0339 3308 [ 6B065C88A4C05CF44793AC2BFC331AC5 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
05:48:51.0339 3308 RSUSBSTOR - ok
05:48:51.0386 3308 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
05:48:51.0417 3308 RTL8167 - ok
05:48:51.0449 3308 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
05:48:51.0464 3308 s3cap - ok
05:48:51.0480 3308 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
05:48:51.0495 3308 SamSs - ok
05:48:51.0527 3308 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:48:51.0542 3308 sbp2port - ok
05:48:51.0558 3308 SBRE - ok
05:48:51.0589 3308 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:48:51.0620 3308 SCardSvr - ok
05:48:51.0636 3308 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:48:51.0667 3308 scfilter - ok
05:48:51.0714 3308 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
05:48:51.0776 3308 Schedule - ok
05:48:51.0807 3308 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
05:48:51.0839 3308 SCPolicySvc - ok
05:48:51.0885 3308 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:48:51.0901 3308 SDRSVC - ok
05:48:51.0932 3308 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:48:51.0979 3308 secdrv - ok
05:48:52.0010 3308 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
05:48:52.0041 3308 seclogon - ok
05:48:52.0073 3308 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
05:48:52.0104 3308 SENS - ok
05:48:52.0135 3308 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:48:52.0151 3308 SensrSvc - ok
05:48:52.0166 3308 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:48:52.0197 3308 Serenum - ok
05:48:52.0229 3308 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:48:52.0244 3308 Serial - ok
05:48:52.0275 3308 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:48:52.0291 3308 sermouse - ok
05:48:52.0353 3308 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
05:48:52.0385 3308 SessionEnv - ok
05:48:52.0400 3308 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:48:52.0431 3308 sffdisk - ok
05:48:52.0447 3308 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:48:52.0463 3308 sffp_mmc - ok
05:48:52.0463 3308 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:48:52.0494 3308 sffp_sd - ok
05:48:52.0509 3308 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:48:52.0525 3308 sfloppy - ok
05:48:52.0572 3308 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:48:52.0619 3308 ShellHWDetection - ok
05:48:52.0634 3308 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
05:48:52.0650 3308 sisagp - ok
05:48:52.0681 3308 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:48:52.0697 3308 SiSRaid2 - ok
05:48:52.0712 3308 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:48:52.0759 3308 SiSRaid4 - ok
05:48:52.0806 3308 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:48:52.0837 3308 Smb - ok
05:48:52.0899 3308 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:48:52.0915 3308 SNMPTRAP - ok
05:48:52.0931 3308 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
05:48:52.0946 3308 spldr - ok
05:48:52.0993 3308 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
05:48:53.0024 3308 Spooler - ok
05:48:53.0118 3308 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
05:48:53.0196 3308 sppsvc - ok
05:48:53.0243 3308 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:48:53.0274 3308 sppuinotify - ok
05:48:53.0321 3308 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
05:48:53.0352 3308 srv - ok
05:48:53.0367 3308 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:48:53.0399 3308 srv2 - ok
05:48:53.0414 3308 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:48:53.0430 3308 srvnet - ok
05:48:53.0445 3308 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:48:53.0477 3308 SSDPSRV - ok
05:48:53.0492 3308 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:48:53.0539 3308 SstpSvc - ok
05:48:53.0648 3308 [ 43DC7ADA838F6A24B93B7C7FF2FCD08D ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
05:48:53.0664 3308 STacSV - ok
05:48:53.0679 3308 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:48:53.0711 3308 stexstor - ok
05:48:53.0757 3308 [ 356CC453B79C35B8CE1A14873DD6322D ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
05:48:53.0804 3308 STHDA - ok
05:48:53.0851 3308 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
05:48:53.0867 3308 StiSvc - ok
05:48:53.0898 3308 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
05:48:53.0913 3308 storflt - ok
05:48:53.0945 3308 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
05:48:53.0960 3308 StorSvc - ok
05:48:53.0976 3308 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
05:48:53.0991 3308 storvsc - ok
05:48:54.0038 3308 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
05:48:54.0054 3308 swenum - ok
05:48:54.0069 3308 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
05:48:54.0101 3308 swprv - ok
05:48:54.0179 3308 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
05:48:54.0225 3308 SynTP - ok
05:48:54.0288 3308 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
05:48:54.0319 3308 SysMain - ok
05:48:54.0350 3308 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:48:54.0381 3308 TabletInputService - ok
05:48:54.0428 3308 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
05:48:54.0459 3308 TapiSrv - ok
05:48:54.0475 3308 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
05:48:54.0522 3308 TBS - ok
05:48:54.0584 3308 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:48:54.0615 3308 Tcpip - ok
05:48:54.0647 3308 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:48:54.0693 3308 TCPIP6 - ok
05:48:54.0740 3308 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:48:54.0771 3308 tcpipreg - ok
05:48:54.0803 3308 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:48:54.0818 3308 TDPIPE - ok
05:48:54.0865 3308 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:48:54.0896 3308 TDTCP - ok
05:48:54.0943 3308 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:48:54.0974 3308 tdx - ok
05:48:55.0021 3308 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
05:48:55.0021 3308 TermDD - ok
05:48:55.0068 3308 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
05:48:55.0115 3308 TermService - ok
05:48:55.0146 3308 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
05:48:55.0161 3308 Themes - ok
05:48:55.0177 3308 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
05:48:55.0208 3308 THREADORDER - ok
05:48:55.0224 3308 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
05:48:55.0255 3308 TrkWks - ok
05:48:55.0317 3308 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:48:55.0349 3308 TrustedInstaller - ok
05:48:55.0364 3308 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:48:55.0395 3308 tssecsrv - ok
05:48:55.0442 3308 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:48:55.0458 3308 TsUsbFlt - ok
05:48:55.0505 3308 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:48:55.0567 3308 tunnel - ok
05:48:55.0583 3308 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:48:55.0598 3308 uagp35 - ok
05:48:55.0629 3308 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:48:55.0676 3308 udfs - ok
05:48:55.0707 3308 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:48:55.0723 3308 UI0Detect - ok
05:48:55.0739 3308 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:48:55.0785 3308 uliagpkx - ok
05:48:55.0832 3308 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
05:48:55.0848 3308 umbus - ok
05:48:55.0879 3308 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:48:55.0895 3308 UmPass - ok
05:48:55.0895 3308 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
05:48:55.0926 3308 UmRdpService - ok
05:48:56.0035 3308 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
05:48:56.0097 3308 UNS - ok
05:48:56.0129 3308 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
05:48:56.0175 3308 upnphost - ok
05:48:56.0222 3308 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
05:48:56.0238 3308 USBAAPL - ok
05:48:56.0269 3308 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
05:48:56.0300 3308 usbccgp - ok
05:48:56.0331 3308 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:48:56.0347 3308 usbcir - ok
05:48:56.0394 3308 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:48:56.0409 3308 usbehci - ok
05:48:56.0441 3308 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
05:48:56.0456 3308 usbhub - ok
05:48:56.0472 3308 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:48:56.0487 3308 usbohci - ok
05:48:56.0534 3308 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:48:56.0550 3308 usbprint - ok
05:48:56.0565 3308 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:48:56.0581 3308 USBSTOR - ok
05:48:56.0597 3308 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:48:56.0612 3308 usbuhci - ok
05:48:56.0659 3308 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
05:48:56.0675 3308 usbvideo - ok
05:48:56.0690 3308 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
05:48:56.0721 3308 UxSms - ok
05:48:56.0737 3308 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
05:48:56.0753 3308 VaultSvc - ok
05:48:56.0815 3308 [ 8C72E0E88E5A1A70691135864F2F7F1B ] vcsFPService C:\Windows\system32\vcsFPService.exe
05:48:56.0862 3308 vcsFPService - ok
05:48:56.0877 3308 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:48:56.0893 3308 vdrvroot - ok
05:48:56.0940 3308 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
05:48:56.0971 3308 vds - ok
05:48:57.0018 3308 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:48:57.0065 3308 vga - ok
05:48:57.0065 3308 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
05:48:57.0143 3308 VgaSave - ok
05:48:57.0158 3308 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:48:57.0174 3308 vhdmp - ok
05:48:57.0205 3308 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
05:48:57.0221 3308 viaagp - ok
05:48:57.0236 3308 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
05:48:57.0267 3308 ViaC7 - ok
05:48:57.0299 3308 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
05:48:57.0314 3308 viaide - ok
05:48:57.0361 3308 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
05:48:57.0377 3308 vmbus - ok
05:48:57.0392 3308 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
05:48:57.0408 3308 VMBusHID - ok
05:48:57.0423 3308 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:48:57.0423 3308 volmgr - ok
05:48:57.0439 3308 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:48:57.0455 3308 volmgrx - ok
05:48:57.0501 3308 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:48:57.0517 3308 volsnap - ok
05:48:57.0564 3308 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:48:57.0611 3308 vsmraid - ok
05:48:57.0673 3308 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
05:48:57.0720 3308 VSS - ok
05:48:57.0720 3308 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
05:48:57.0751 3308 vwifibus - ok
05:48:57.0782 3308 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
05:48:57.0845 3308 vwififlt - ok
05:48:57.0860 3308 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
05:48:57.0907 3308 vwifimp - ok
05:48:57.0938 3308 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
05:48:57.0969 3308 W32Time - ok
05:48:58.0001 3308 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:48:58.0016 3308 WacomPen - ok
05:48:58.0047 3308 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:48:58.0079 3308 WANARP - ok
05:48:58.0094 3308 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:48:58.0125 3308 Wanarpv6 - ok
05:48:58.0203 3308 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
05:48:58.0250 3308 WatAdminSvc - ok
05:48:58.0313 3308 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
05:48:58.0344 3308 wbengine - ok
05:48:58.0359 3308 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:48:58.0391 3308 WbioSrvc - ok
05:48:58.0422 3308 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:48:58.0453 3308 wcncsvc - ok
05:48:58.0469 3308 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:48:58.0484 3308 WcsPlugInService - ok
05:48:58.0500 3308 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:48:58.0531 3308 Wd - ok
05:48:58.0562 3308 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:48:58.0609 3308 Wdf01000 - ok
05:48:58.0625 3308 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:48:58.0656 3308 WdiServiceHost - ok
05:48:58.0656 3308 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:48:58.0671 3308 WdiSystemHost - ok
05:48:58.0718 3308 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
05:48:58.0749 3308 WebClient - ok
05:48:58.0765 3308 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:48:58.0796 3308 Wecsvc - ok
05:48:58.0812 3308 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:48:58.0843 3308 wercplsupport - ok
05:48:58.0890 3308 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
05:48:58.0921 3308 WerSvc - ok
05:48:58.0952 3308 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:48:58.0999 3308 WfpLwf - ok
05:48:58.0999 3308 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:48:59.0030 3308 WIMMount - ok
05:48:59.0030 3308 WinHttpAutoProxySvc - ok
05:48:59.0077 3308 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:48:59.0108 3308 Winmgmt - ok
05:48:59.0171 3308 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
05:48:59.0217 3308 WinRM - ok
05:48:59.0295 3308 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
05:48:59.0311 3308 WinUsb - ok
05:48:59.0342 3308 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
05:48:59.0373 3308 Wlansvc - ok
05:48:59.0498 3308 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:48:59.0529 3308 wlidsvc - ok
05:48:59.0592 3308 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:48:59.0607 3308 WmiAcpi - ok
05:48:59.0639 3308 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:48:59.0654 3308 wmiApSrv - ok
05:48:59.0732 3308 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
05:48:59.0763 3308 WMPNetworkSvc - ok
05:48:59.0779 3308 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:48:59.0795 3308 WPCSvc - ok
05:48:59.0841 3308 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:48:59.0857 3308 WPDBusEnum - ok
05:48:59.0873 3308 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:48:59.0935 3308 ws2ifsl - ok
05:48:59.0935 3308 WSearch - ok
05:49:00.0013 3308 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
05:49:00.0060 3308 wuauserv - ok
05:49:00.0107 3308 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:49:00.0138 3308 WudfPf - ok
05:49:00.0200 3308 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:49:00.0231 3308 WUDFRd - ok
05:49:00.0263 3308 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:49:00.0294 3308 wudfsvc - ok
05:49:00.0325 3308 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
05:49:00.0341 3308 WwanSvc - ok
05:49:00.0372 3308 ================ Scan global ===============================
05:49:00.0419 3308 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
05:49:00.0465 3308 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
05:49:00.0481 3308 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
05:49:00.0497 3308 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
05:49:00.0559 3308 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
05:49:00.0559 3308 [Global] - ok
05:49:00.0559 3308 ================ Scan MBR ==================================
05:49:00.0575 3308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:49:00.0809 3308 \Device\Harddisk0\DR0 - ok
05:49:00.0809 3308 ================ Scan VBR ==================================
05:49:00.0809 3308 [ 5A9874C78D6DEA5186D651008CEAB805 ] \Device\Harddisk0\DR0\Partition1
05:49:00.0809 3308 \Device\Harddisk0\DR0\Partition1 - ok
05:49:00.0840 3308 [ 153D98929EB2A480F8D0D608B9B0D72B ] \Device\Harddisk0\DR0\Partition2
05:49:00.0840 3308 \Device\Harddisk0\DR0\Partition2 - ok
05:49:00.0855 3308 ============================================================
05:49:00.0855 3308 Scan finished
05:49:00.0855 3308 ============================================================
05:49:00.0855 3852 Detected object count: 2
05:49:00.0855 3852 Actual detected object count: 2
05:49:19.0311 3852 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:49:19.0311 3852 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:49:19.0311 3852 nmraapache ( UnsignedFile.Multi.Generic ) - skipped by user
05:49:19.0311 3852 nmraapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:49:27.0189 0756 Deinitialize success
  • 0

#38
ali.B
Posted 21 August 2012 - 05:16 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
do you have a copy of your windows installation on a CD ?
  • 0

#39
Rigeldog
Posted 21 August 2012 - 05:31 AM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I do not.
  • 0

#40
Rigeldog
Posted 21 August 2012 - 05:33 AM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
For some reason ESET seems to be getting hung up when it tries to conduct the startup scan and won't do a regular scan.
  • 0

Advertisements

#41
ali.B
Posted 21 August 2012 - 05:42 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
please run a new scan with RogueKiller and post the results
  • 0

#42
Rigeldog
Posted 21 August 2012 - 05:48 AM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
ESET startup scan finally went through. Regular scan at 40% now.

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: ballm [Admin rights]
Mode: Scan -- Date: 08/21/2012 06:44:23

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] U : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> FOUND
[ZeroAccess][FOLDER] U : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> FOUND

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS725032A9A364 ATA Device +++++
--- User ---
[MBR] 9fd4a46d6095a63650cd7363f8139c9c
[BSP] dba690f4b4cbcf4bfef0f5a2b888e24b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305129 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
  • 0

#43
ali.B
Posted 21 August 2012 - 05:51 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Delete the current RogueKiller version you have along with all the report files

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.
  • 0

#44
Rigeldog
Posted 21 August 2012 - 06:05 AM

Rigeldog

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: ballm [Admin rights]
Mode: Scan -- Date: 08/21/2012 06:59:40

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] U : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> FOUND
[ZeroAccess][FOLDER] U : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> FOUND

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS725032A9A364 ATA Device +++++
--- User ---
[MBR] 9fd4a46d6095a63650cd7363f8139c9c
[BSP] dba690f4b4cbcf4bfef0f5a2b888e24b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305129 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt



RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: ballm [Admin rights]
Mode: Remove -- Date: 08/21/2012 07:00:49

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] U : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\L\00000004.@ --> REMOVED
[ZeroAccess][FOLDER] L : c:\windows\installer\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> REMOVED
[ZeroAccess][FOLDER] U : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\L\00000004.@ --> REMOVED
[ZeroAccess][FOLDER] L : c:\users\ballm\appdata\local\{d451183a-fd27-2606-545d-c7ea451e533c}\L --> REMOVED

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS725032A9A364 ATA Device +++++
--- User ---
[MBR] 9fd4a46d6095a63650cd7363f8139c9c
[BSP] dba690f4b4cbcf4bfef0f5a2b888e24b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305129 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
  • 0

#45
ali.B
Posted 21 August 2012 - 06:13 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
That looks much better !

Step 1

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

Step 2

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP