Jump to content

avast! saved your computer from crashing \\.\globalroot\systemroot\svchost.exe


Recommended Posts

Infection Details

URL: http://85.195.92.10/x/ Process: \\.\globalroot\systemroot\svchost.exe Infection: URL:Mal

I've seen this all over the place and it's driving me insane!

PLEASE HELP!

DDS.txt below

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by ESGraphix at 12:56:32 on 2012-08-09

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5607.2495 [GMT -4:00]

.

AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\System32\spoolsv.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Workspace\offSyncService.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Toshiba\TECO\Teco.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe

C:\Users\ESGraphix\AppData\Local\Workspace\workspaceupdate.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe

C:\Users\ESGraphix\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\ESGraphix\AppData\Local\DIRECTV Player\NDSPCShowServer.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\windows\system32\conhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

-netsvcs

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\system32\conhost.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe

C:\windows\splwow64.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\AUDIODG.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\SysWOW64\ctfmon.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=1e14a380000000000000e0ca94c9c16f

uDefault_Page_URL = hxxp://start.toshiba.com

uInternet Settings,ProxyOverride = <local>

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [starfield Updater] "C:\Users\ESGraphix\AppData\Local\Workspace\WorkspaceUpdate.exe"

uRun: [AdobeBridge]

uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"

uRun: [PCShowServer] "C:\Users\ESGraphix\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

DPF: {1DCB41E4-22EA-44A6-BEC0-D54969EFBED9} - hxxps://dealers.autotrader.com/dc/media/inc/ImageUploader5.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4FC74067-3FF5-447D-A7BB-2DA1B7DCE33A} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4FC74067-3FF5-447D-A7BB-2DA1B7DCE33A}\05D4244354E44523 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4FC74067-3FF5-447D-A7BB-2DA1B7DCE33A}\C696E6B6379737 : DhcpNameServer = 24.92.226.11 24.92.226.12

TCP: Interfaces\{4FC74067-3FF5-447D-A7BB-2DA1B7DCE33A}\D4343414D4C495 : DhcpNameServer = 208.40.1.1 168.92.1.6

TCP: Interfaces\{4FC74067-3FF5-447D-A7BB-2DA1B7DCE33A}\E4544574541425 : DhcpNameServer = 192.168.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

BHO-X64: Babylon toolbar helper - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\ESGraphix\AppData\Roaming\Mozilla\Firefox\Profiles\dxebpld5.default\

FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://isearch.babylon.com/?babsrc=adbartrp&babsrc=SP_ss&mntrId=1e14a380000000000000e0ca94c9c16f&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\ESGraphix\AppData\Local\DIRECTV Player\npPCShowPlugin.dll

FF - plugin: C:\Users\ESGraphix\AppData\Local\DIRECTV Player\npPlayerPlugin.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\plugins\npoff.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\Plugins\npoff.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\Plugins\npoff64.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\plugins\npoff64.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\Plugins\npwbe.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\plugins\npwbe.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\plugins\npwbe64.dll

FF - plugin: C:\Users\ESGraphix\AppData\Roaming\Mozilla\Plugins\npwbe64.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112546

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.ovrDmn - isearch.babylon.com

FF - user.js: extensions.BabylonToolbar_i.id - 1e14a380000000000000e0ca94c9c16f

FF - user.js: extensions.BabylonToolbar_i.hardId - 1e14a380000000000000e0ca94c9c16f

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15459

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1716:20:49

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\windows\system32\DRIVERS\aswNdis.sys --> C:\windows\system32\DRIVERS\aswNdis.sys [?]

R0 aswNdis2;avast! Firewall Core Firewall Service;C:\windows\system32\drivers\aswNdis2.sys --> C:\windows\system32\drivers\aswNdis2.sys [?]

R1 aswFW;avast! TDI Firewall driver;C:\windows\system32\drivers\aswFW.sys --> C:\windows\system32\drivers\aswFW.sys [?]

R1 aswKbd;aswKbd;C:\windows\system32\drivers\aswKbd.sys --> C:\windows\system32\drivers\aswKbd.sys [?]

R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]

R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-8 44808]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-8-8 133912]

R2 File Backup;File Backup Service;C:\Program Files (x86)\Workspace\offSyncService.exe [2012-5-17 1168680]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-6 655944]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2012-2-5 123320]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-2-5 126392]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-5-24 294848]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]

R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys --> C:\windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\system32\drivers\AtihdW76.sys --> C:\windows\system32\drivers\AtihdW76.sys [?]

R3 easytether;easytether;C:\windows\system32\DRIVERS\easytthr.sys --> C:\windows\system32\DRIVERS\easytthr.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-2-5 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152]

R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-6-28 828856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-5 136176]

S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\system32\DRIVERS\btfilter.sys --> C:\windows\system32\DRIVERS\btfilter.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-5 136176]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RTSUVSTOR.sys --> C:\windows\system32\Drivers\RTSUVSTOR.sys [?]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-08-09 03:47:51 20480 ----a-w- C:\windows\svchost.exe

2012-08-08 21:08:44 142128 ----a-w- C:\windows\System32\drivers\aswFW.sys

2012-08-08 21:08:23 266776 ----a-w- C:\windows\System32\drivers\aswNdis2.sys

2012-08-08 21:08:22 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2012-08-08 21:08:16 19600 ----a-w- C:\windows\System32\drivers\aswKbd.sys

2012-08-08 21:08:14 958400 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2012-08-08 21:08:11 71064 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2012-08-08 21:07:50 12368 ----a-w- C:\windows\System32\drivers\aswNdis.sys

2012-08-08 21:07:35 41224 ----a-w- C:\windows\avastSS.scr

2012-08-06 21:18:28 -------- d-----w- C:\Users\ESGraphix\AppData\Roaming\Malwarebytes

2012-08-06 21:18:22 24904 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-08-06 21:18:22 -------- d-----w- C:\ProgramData\Malwarebytes

2012-08-06 21:18:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-08-02 10:52:23 3148800 ----a-w- C:\windows\System32\win32k.sys

2012-08-02 00:25:18 2004480 ----a-w- C:\windows\System32\msxml6.dll

2012-08-02 00:25:18 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll

2012-08-02 00:25:17 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll

2012-08-02 00:25:17 2048 ----a-w- C:\windows\System32\msxml3r.dll

2012-08-02 00:25:17 1881600 ----a-w- C:\windows\System32\msxml3.dll

2012-08-02 00:25:17 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll

2012-08-02 00:24:56 458704 ----a-w- C:\windows\System32\drivers\cng.sys

2012-08-02 00:24:56 340992 ----a-w- C:\windows\System32\schannel.dll

2012-08-02 00:24:56 307200 ----a-w- C:\windows\System32\ncrypt.dll

2012-08-02 00:24:56 225280 ----a-w- C:\windows\SysWow64\schannel.dll

2012-08-02 00:24:56 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll

2012-08-02 00:24:56 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys

2012-08-02 00:24:55 96768 ----a-w- C:\windows\SysWow64\sspicli.dll

2012-08-02 00:24:55 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys

2012-08-02 00:24:55 22016 ----a-w- C:\windows\SysWow64\secur32.dll

2012-07-31 00:12:15 -------- d-----w- C:\windows\SysWow64\Extensions

2012-07-29 18:06:12 -------- d-----w- C:\Program Files (x86)\Yontoo

2012-07-29 18:05:53 -------- d-----w- C:\Users\ESGraphix\AppData\Local\VisualBeeClient

2012-07-29 18:05:25 -------- d-----w- C:\Users\ESGraphix\AppData\Local\VisualBeeExe

2012-07-29 18:04:59 -------- d-----w- C:\Program Files (x86)\VisualBeeCommunity

2012-07-29 18:04:41 -------- d-----w- C:\ProgramData\VisualBee

2012-07-29 18:04:34 -------- d-----w- C:\Program Files (x86)\HTML Calendar Generator 4

2012-07-29 11:44:40 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{CFA2622E-F4C9-4F6C-88CB-D3EACBDBA897}

2012-07-28 23:44:02 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{3135C073-C6D2-45AE-AD3B-A3C709780523}

2012-07-28 08:06:45 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{7F7A08DA-F5E9-4FBE-99A2-B8830064952A}

2012-07-27 20:32:41 -------- d-----w- C:\Program Files (x86)\RadioRage_4jEI

2012-07-27 20:06:02 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{87DE69FE-8BD6-4ABB-9FA1-241B466E2B8D}

2012-07-27 10:36:12 -------- d-----w- C:\ProgramData\Tarma Installer

2012-07-27 10:36:02 -------- d-----w- C:\ProgramData\IBUpdaterService

2012-07-27 10:35:52 -------- d-----w- C:\Program Files (x86)\Conduit

2012-07-27 10:35:32 -------- d-----w- C:\Users\ESGraphix\AppData\Local\Conduit

2012-07-27 10:35:31 -------- d-----w- C:\Program Files (x86)\appbario8

2012-07-27 10:35:24 -------- d-----w- C:\windows\SysWow64\searchplugins

2012-07-27 10:35:21 -------- d-----w- C:\ProgramData\Sidekick Manager

2012-07-27 10:35:11 -------- d-----w- C:\Users\ESGraphix\AppData\Local\Savings Sidekick

2012-07-27 10:35:09 -------- d-----w- C:\Program Files (x86)\Savings Sidekick

2012-07-27 10:34:58 -------- d-----w- C:\Users\ESGraphix\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner

2012-07-27 10:34:55 -------- d-----w- C:\Program Files (x86)\AutocompletePro

2012-07-27 10:34:53 -------- d-----w- C:\Program Files (x86)\Free AVI MPEG WMV MP4 FLV Video Joiner

2012-07-27 10:29:08 -------- d-----w- C:\Program Files (x86)\Free Video Joiner

2012-07-27 05:06:15 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{691EF862-FC34-4B98-A96E-C71F921CC371}

2012-07-26 17:05:25 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{56A038E7-0A18-4158-9031-E81331AC3FAD}

2012-07-26 17:05:14 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{11BC6914-1281-4EA3-917C-22E961B0302A}

2012-07-26 17:05:03 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{D399197B-6296-42B1-9BD6-50D372715BC9}

2012-07-26 17:04:53 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{7E04B1B4-3538-4A52-8829-0A473F7EE06D}

2012-07-26 17:04:40 -------- d-----w- C:\Users\ESGraphix\Tracing

2012-07-26 16:55:03 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{B60BCFC5-D0DA-4CF7-A5DC-FB6C3053754B}

2012-07-26 16:54:41 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{4EF8A612-7AAA-4749-BF5E-70C1ED1A73D5}

2012-07-24 16:48:58 -------- d-----w- C:\Downloads

2012-07-24 16:48:32 -------- d-----w- C:\Users\ESGraphix\AppData\Roaming\BitComet

2012-07-24 16:48:30 -------- d-----w- C:\Program Files (x86)\BitComet

2012-07-24 16:12:23 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{4E5A76D4-D427-4AE9-BB46-AE423BE532D5}

2012-07-24 14:40:27 -------- d-----w- C:\Users\ESGraphix\AppData\Local\Windows Live

2012-07-24 14:40:08 -------- d-----w- C:\Users\ESGraphix\AppData\Local\{171CEF53-E2A1-49B4-9C23-745985E787C6}

.

==================== Find3M ====================

.

2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll

2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll

2012-06-02 19:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll

2012-06-02 19:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

.

============= FINISH: 12:58:22.44 ===============

Attach.txt below

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/19/2012 5:15:41 PM

System Uptime: 8/9/2012 10:37:07 AM (2 hours ago)

.

Motherboard: AMD | | Torpedo

Processor: AMD A8-3520M APU with Radeon HD Graphics | Socket FS1 | 1600/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 580 GiB total, 417.181 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP46: 8/6/2012 4:58:11 PM - avast! Internet Security Setup

RP47: 8/8/2012 5:07:03 PM - avast! Internet Security Setup

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Download Assistant

Adobe Flash Player 10 ActiveX

Adobe Help Manager

Adobe Illustrator CS6

Adobe Photoshop 7.0

Adobe Photoshop CS5.1

Adobe Reader X (10.1.2)

Adobe Shockwave Player 11.6

Amazon Links

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atheros Driver Installation Program

avast! Internet Security

Babylon toolbar on IE

Bejeweled 3

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

D3DX10

DIRECTV Player

FATE - The Traitor Soul

FileZilla Client 3.5.3

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Java Auto Updater

Java 6 Update 31

join.me

JumpStart Phonics Read and Rhyme

Junk Mail filter update

Label@Once 1.0

Letters from Nowhere 2

LibreOffice 3.5

Malwarebytes Anti-Malware version 1.62.0.1300

Mesh Runtime

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

Netwaiting

PDF Settings CS5

PDF Settings CS6

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Polar Bowler

QuickTime

Reader Rabbit Learn To Read With Phonics

Realtek USB 2.0 Reader Driver

RollerCoaster Tycoon 3: Platinum

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Skype Launcher

swMSM

Tales of Lagoona

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TOSHIBARegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Installer for WildTangent Games App

VLC media player 2.0.1

WildTangent Games

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Workspace Desktop

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

8/8/2012 11:47:59 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

8/8/2012 10:40:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:40:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

8/8/2012 10:39:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

8/8/2012 10:39:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

8/8/2012 10:39:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

8/8/2012 10:39:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

8/8/2012 10:39:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

8/8/2012 10:39:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswFW aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

8/8/2012 10:39:24 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

8/7/2012 8:24:54 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

8/6/2012 4:44:49 PM, Error: volsnap [15] - The shadow copies of volume C: were aborted because of insufficient paged heap.

8/6/2012 2:53:37 PM, Error: volsnap [6] - The shadow copy of volume C: could not create a new paged heap. The system may be low on virtual memory.

8/6/2012 2:28:59 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c647ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 080612-22308-01.

8/6/2012 2:21:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002cae7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 080612-30014-01.

8/2/2012 6:43:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

8/2/2012 6:43:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

8/2/2012 6:43:07 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

I had to copy and paste as nothing would attach!

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Link to post
Share on other sites

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

10:00:05.0206 4100 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

10:00:05.0549 4100 ============================================================

10:00:05.0549 4100 Current date / time: 2012/08/10 10:00:05.0549

10:00:05.0549 4100 SystemInfo:

10:00:05.0549 4100

10:00:05.0549 4100 OS Version: 6.1.7601 ServicePack: 1.0

10:00:05.0549 4100 Product type: Workstation

10:00:05.0549 4100 ComputerName: MITCH

10:00:05.0549 4100 UserName: ESGraphix

10:00:05.0549 4100 Windows directory: C:\windows

10:00:05.0549 4100 System windows directory: C:\windows

10:00:05.0549 4100 Running under WOW64

10:00:05.0549 4100 Processor architecture: Intel x64

10:00:05.0549 4100 Number of processors: 4

10:00:05.0549 4100 Page size: 0x1000

10:00:05.0549 4100 Boot type: Normal boot

10:00:05.0549 4100 ============================================================

10:00:07.0624 4100 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:00:07.0687 4100 Drive \Device\Harddisk1\DR2 - Size: 0xE7400000 (3.61 Gb), SectorSize: 0x200, Cylinders: 0x1D7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

10:00:07.0687 4100 ============================================================

10:00:07.0687 4100 \Device\Harddisk0\DR0:

10:00:07.0702 4100 MBR partitions:

10:00:07.0702 4100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48816000

10:00:07.0702 4100 \Device\Harddisk1\DR2:

10:00:07.0702 4100 MBR partitions:

10:00:07.0702 4100 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x738080

10:00:07.0702 4100 ============================================================

10:00:07.0733 4100 C: <-> \Device\Harddisk0\DR0\Partition0

10:00:07.0733 4100 ============================================================

10:00:07.0733 4100 Initialize success

10:00:07.0733 4100 ============================================================

10:01:04.0439 7020 ============================================================

10:01:04.0439 7020 Scan started

10:01:04.0439 7020 Mode: Manual; SigCheck; TDLFS;

10:01:04.0439 7020 ============================================================

10:01:05.0516 7020 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys

10:01:05.0687 7020 1394ohci - ok

10:01:05.0719 7020 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys

10:01:05.0750 7020 ACPI - ok

10:01:05.0781 7020 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys

10:01:05.0843 7020 AcpiPmi - ok

10:01:05.0953 7020 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:01:05.0984 7020 AdobeARMservice - ok

10:01:06.0031 7020 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys

10:01:06.0062 7020 adp94xx - ok

10:01:06.0109 7020 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys

10:01:06.0140 7020 adpahci - ok

10:01:06.0155 7020 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys

10:01:06.0171 7020 adpu320 - ok

10:01:06.0202 7020 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

10:01:06.0265 7020 AeLookupSvc - ok

10:01:06.0311 7020 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys

10:01:06.0343 7020 AFD - ok

10:01:06.0389 7020 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys

10:01:06.0405 7020 agp440 - ok

10:01:06.0436 7020 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

10:01:06.0467 7020 ALG - ok

10:01:06.0499 7020 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys

10:01:06.0514 7020 aliide - ok

10:01:06.0545 7020 AMD External Events Utility (276eefc3e2bce9f429aaec041bce1488) C:\windows\system32\atiesrxx.exe

10:01:06.0623 7020 AMD External Events Utility - ok

10:01:06.0623 7020 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys

10:01:06.0639 7020 amdide - ok

10:01:06.0686 7020 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys

10:01:06.0733 7020 AmdK8 - ok

10:01:07.0247 7020 amdkmdag (ec8480425e5a8775feb5004a8c1bd11e) C:\windows\system32\DRIVERS\atikmdag.sys

10:01:07.0403 7020 amdkmdag - ok

10:01:07.0871 7020 amdkmdap (87543e780f418bcdbc77279fe784aff7) C:\windows\system32\DRIVERS\atikmpag.sys

10:01:07.0918 7020 amdkmdap - ok

10:01:07.0965 7020 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

10:01:08.0012 7020 AmdPPM - ok

10:01:08.0043 7020 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys

10:01:08.0074 7020 amdsata - ok

10:01:08.0090 7020 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys

10:01:08.0105 7020 amdsbs - ok

10:01:08.0121 7020 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys

10:01:08.0137 7020 amdxata - ok

10:01:08.0168 7020 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys

10:01:08.0261 7020 AppID - ok

10:01:08.0277 7020 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

10:01:08.0371 7020 AppIDSvc - ok

10:01:08.0402 7020 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll

10:01:08.0511 7020 Appinfo - ok

10:01:08.0542 7020 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys

10:01:08.0558 7020 arc - ok

10:01:08.0573 7020 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys

10:01:08.0589 7020 arcsas - ok

10:01:08.0620 7020 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\windows\system32\drivers\aswFsBlk.sys

10:01:08.0636 7020 aswFsBlk - ok

10:01:08.0745 7020 aswFW (f3cfbc0aa2b8bd665a2ccf1ba9e65919) C:\windows\system32\drivers\aswFW.sys

10:01:08.0776 7020 aswFW - ok

10:01:08.0792 7020 aswKbd (c42d45089fd2ec63d13571362c258dc6) C:\windows\system32\drivers\aswKbd.sys

10:01:08.0807 7020 aswKbd - ok

10:01:08.0870 7020 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\windows\system32\drivers\aswMonFlt.sys

10:01:08.0901 7020 aswMonFlt - ok

10:01:08.0932 7020 aswNdis (518b8d447a1975ab46da093a2e743256) C:\windows\system32\DRIVERS\aswNdis.sys

10:01:08.0948 7020 aswNdis - ok

10:01:08.0963 7020 aswNdis2 (80a43cef831664c404c73564ccf4b8b1) C:\windows\system32\drivers\aswNdis2.sys

10:01:08.0979 7020 aswNdis2 - ok

10:01:09.0010 7020 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\windows\System32\Drivers\aswrdr2.sys

10:01:09.0026 7020 aswRdr - ok

10:01:09.0073 7020 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\windows\system32\drivers\aswSnx.sys

10:01:09.0119 7020 aswSnx - ok

10:01:09.0151 7020 aswSP (3610ca74a69e380424f0452dec5c1317) C:\windows\system32\drivers\aswSP.sys

10:01:09.0166 7020 aswSP - ok

10:01:09.0182 7020 aswTdi (87de3e31cb0091d22351349869324065) C:\windows\system32\drivers\aswTdi.sys

10:01:09.0182 7020 aswTdi - ok

10:01:09.0213 7020 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

10:01:09.0307 7020 AsyncMac - ok

10:01:09.0322 7020 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys

10:01:09.0338 7020 atapi - ok

10:01:09.0478 7020 athr (b2931c83cfb12a3223a47b180473ae1a) C:\windows\system32\DRIVERS\athrx.sys

10:01:09.0541 7020 athr - ok

10:01:09.0665 7020 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\windows\system32\drivers\AtihdW76.sys

10:01:09.0697 7020 AtiHDAudioService - ok

10:01:09.0759 7020 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

10:01:09.0853 7020 AudioEndpointBuilder - ok

10:01:09.0853 7020 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

10:01:09.0899 7020 AudioSrv - ok

10:01:10.0040 7020 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

10:01:10.0071 7020 avast! Antivirus - ok

10:01:10.0087 7020 avast! Firewall (465a17095eb3b9e101429b669f495d01) C:\Program Files\AVAST Software\Avast\afwServ.exe

10:01:10.0102 7020 avast! Firewall - ok

10:01:10.0149 7020 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll

10:01:10.0180 7020 AxInstSV - ok

10:01:10.0258 7020 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys

10:01:10.0321 7020 b06bdrv - ok

10:01:10.0367 7020 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

10:01:10.0430 7020 b57nd60a - ok

10:01:10.0492 7020 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

10:01:10.0555 7020 BDESVC - ok

10:01:10.0570 7020 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

10:01:10.0648 7020 Beep - ok

10:01:10.0711 7020 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll

10:01:10.0789 7020 BFE - ok

10:01:10.0851 7020 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll

10:01:10.0929 7020 BITS - ok

10:01:10.0991 7020 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

10:01:11.0038 7020 blbdrive - ok

10:01:11.0069 7020 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys

10:01:11.0116 7020 bowser - ok

10:01:11.0163 7020 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys

10:01:11.0210 7020 BrFiltLo - ok

10:01:11.0241 7020 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys

10:01:11.0272 7020 BrFiltUp - ok

10:01:11.0319 7020 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll

10:01:11.0381 7020 Browser - ok

10:01:11.0413 7020 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

10:01:11.0444 7020 Brserid - ok

10:01:11.0475 7020 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

10:01:11.0506 7020 BrSerWdm - ok

10:01:11.0537 7020 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

10:01:11.0569 7020 BrUsbMdm - ok

10:01:11.0584 7020 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

10:01:11.0615 7020 BrUsbSer - ok

10:01:11.0678 7020 BtFilter (2347abbd13bada65826fdab4caafe357) C:\windows\system32\DRIVERS\btfilter.sys

10:01:11.0678 7020 BtFilter - ok

10:01:11.0740 7020 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys

10:01:11.0771 7020 BTHMODEM - ok

10:01:11.0803 7020 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

10:01:11.0865 7020 bthserv - ok

10:01:11.0881 7020 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

10:01:11.0943 7020 cdfs - ok

10:01:11.0974 7020 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys

10:01:12.0005 7020 cdrom - ok

10:01:12.0037 7020 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

10:01:12.0130 7020 CertPropSvc - ok

10:01:12.0177 7020 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys

10:01:12.0239 7020 circlass - ok

10:01:12.0286 7020 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

10:01:12.0317 7020 CLFS - ok

10:01:12.0364 7020 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:01:12.0380 7020 clr_optimization_v2.0.50727_32 - ok

10:01:12.0427 7020 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:01:12.0442 7020 clr_optimization_v2.0.50727_64 - ok

10:01:12.0505 7020 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:01:12.0536 7020 clr_optimization_v4.0.30319_32 - ok

10:01:12.0551 7020 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:01:12.0567 7020 clr_optimization_v4.0.30319_64 - ok

10:01:12.0598 7020 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

10:01:12.0645 7020 CmBatt - ok

10:01:12.0661 7020 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys

10:01:12.0661 7020 cmdide - ok

10:01:12.0723 7020 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys

10:01:12.0770 7020 CNG - ok

10:01:12.0879 7020 CnxtHdAudService (20506f12afad3db588d007ea9325fbbc) C:\windows\system32\drivers\CHDRT64.sys

10:01:12.0941 7020 CnxtHdAudService - ok

10:01:13.0035 7020 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys

10:01:13.0066 7020 Compbatt - ok

10:01:13.0113 7020 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys

10:01:13.0160 7020 CompositeBus - ok

10:01:13.0175 7020 COMSysApp - ok

10:01:13.0191 7020 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys

10:01:13.0222 7020 crcdisk - ok

10:01:13.0269 7020 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll

10:01:13.0300 7020 CryptSvc - ok

10:01:13.0347 7020 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

10:01:13.0425 7020 DcomLaunch - ok

10:01:13.0487 7020 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

10:01:13.0550 7020 defragsvc - ok

10:01:13.0597 7020 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys

10:01:13.0675 7020 DfsC - ok

10:01:13.0737 7020 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll

10:01:13.0893 7020 Dhcp - ok

10:01:13.0924 7020 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

10:01:13.0987 7020 discache - ok

10:01:14.0049 7020 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys

10:01:14.0080 7020 Disk - ok

10:01:14.0111 7020 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll

10:01:14.0174 7020 Dnscache - ok

10:01:14.0205 7020 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll

10:01:14.0267 7020 dot3svc - ok

10:01:14.0299 7020 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll

10:01:14.0345 7020 DPS - ok

10:01:14.0377 7020 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

10:01:14.0423 7020 drmkaud - ok

10:01:14.0501 7020 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys

10:01:14.0533 7020 DXGKrnl - ok

10:01:14.0564 7020 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

10:01:14.0626 7020 EapHost - ok

10:01:14.0673 7020 easytether (43e16e4011d80d0f794b695363af2260) C:\windows\system32\DRIVERS\easytthr.sys

10:01:14.0704 7020 easytether - ok

10:01:14.0876 7020 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys

10:01:14.0938 7020 ebdrv - ok

10:01:15.0032 7020 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe

10:01:15.0094 7020 EFS - ok

10:01:15.0172 7020 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe

10:01:15.0235 7020 ehRecvr - ok

10:01:15.0266 7020 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

10:01:15.0281 7020 ehSched - ok

10:01:15.0375 7020 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys

10:01:15.0406 7020 elxstor - ok

10:01:15.0422 7020 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys

10:01:15.0453 7020 ErrDev - ok

10:01:15.0578 7020 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

10:01:15.0640 7020 EventSystem - ok

10:01:15.0703 7020 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

10:01:15.0749 7020 exfat - ok

10:01:15.0781 7020 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

10:01:15.0843 7020 fastfat - ok

10:01:15.0905 7020 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe

10:01:15.0952 7020 Fax - ok

10:01:15.0968 7020 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys

10:01:15.0983 7020 fdc - ok

10:01:16.0030 7020 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

10:01:16.0139 7020 fdPHost - ok

10:01:16.0155 7020 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

10:01:16.0202 7020 FDResPub - ok

10:01:16.0358 7020 File Backup (5ff231e6c44de1546f79ce44e21b1bba) C:\Program Files (x86)\Workspace\offSyncService.exe

10:01:16.0389 7020 File Backup - ok

10:01:16.0420 7020 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

10:01:16.0436 7020 FileInfo - ok

10:01:16.0451 7020 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

10:01:16.0514 7020 Filetrace - ok

10:01:16.0529 7020 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys

10:01:16.0545 7020 flpydisk - ok

10:01:16.0576 7020 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys

10:01:16.0592 7020 FltMgr - ok

10:01:16.0654 7020 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll

10:01:16.0685 7020 FontCache - ok

10:01:16.0779 7020 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:01:16.0810 7020 FontCache3.0.0.0 - ok

10:01:16.0873 7020 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

10:01:16.0888 7020 FsDepends - ok

10:01:16.0919 7020 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys

10:01:16.0935 7020 Fs_Rec - ok

10:01:16.0966 7020 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys

10:01:16.0997 7020 fvevol - ok

10:01:17.0029 7020 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys

10:01:17.0044 7020 gagp30kx - ok

10:01:17.0122 7020 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

10:01:17.0153 7020 GamesAppService - ok

10:01:17.0216 7020 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll

10:01:17.0263 7020 gpsvc - ok

10:01:17.0356 7020 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:01:17.0387 7020 gupdate - ok

10:01:17.0387 7020 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:01:17.0403 7020 gupdatem - ok

10:01:17.0419 7020 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

10:01:17.0434 7020 gusvc - ok

10:01:17.0497 7020 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

10:01:17.0528 7020 hcw85cir - ok

10:01:17.0575 7020 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys

10:01:17.0621 7020 HdAudAddService - ok

10:01:17.0653 7020 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys

10:01:17.0715 7020 HDAudBus - ok

10:01:17.0731 7020 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys

10:01:17.0762 7020 HidBatt - ok

10:01:17.0793 7020 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys

10:01:17.0824 7020 HidBth - ok

10:01:17.0871 7020 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys

10:01:17.0902 7020 HidIr - ok

10:01:17.0918 7020 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

10:01:17.0980 7020 hidserv - ok

10:01:18.0011 7020 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys

10:01:18.0043 7020 HidUsb - ok

10:01:18.0074 7020 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll

10:01:18.0121 7020 hkmsvc - ok

10:01:18.0183 7020 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll

10:01:18.0230 7020 HomeGroupListener - ok

10:01:18.0277 7020 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll

10:01:18.0323 7020 HomeGroupProvider - ok

10:01:18.0370 7020 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys

10:01:18.0386 7020 HpSAMD - ok

10:01:18.0464 7020 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys

10:01:18.0542 7020 HTTP - ok

10:01:18.0557 7020 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys

10:01:18.0573 7020 hwpolicy - ok

10:01:18.0604 7020 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys

10:01:18.0620 7020 i8042prt - ok

10:01:18.0651 7020 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys

10:01:18.0682 7020 iaStorV - ok

10:01:18.0776 7020 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

10:01:18.0807 7020 IDriverT ( UnsignedFile.Multi.Generic ) - warning

10:01:18.0807 7020 IDriverT - detected UnsignedFile.Multi.Generic (1)

10:01:18.0916 7020 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:01:18.0932 7020 idsvc - ok

10:01:19.0025 7020 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys

10:01:19.0072 7020 iirsp - ok

10:01:19.0135 7020 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll

10:01:19.0197 7020 IKEEXT - ok

10:01:19.0228 7020 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys

10:01:19.0244 7020 intelide - ok

10:01:19.0275 7020 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\drivers\intelppm.sys

10:01:19.0306 7020 intelppm - ok

10:01:19.0353 7020 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

10:01:19.0415 7020 IPBusEnum - ok

10:01:19.0431 7020 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys

10:01:19.0462 7020 IpFilterDriver - ok

10:01:19.0509 7020 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll

10:01:19.0571 7020 iphlpsvc - ok

10:01:19.0587 7020 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys

10:01:19.0618 7020 IPMIDRV - ok

10:01:19.0665 7020 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

10:01:19.0759 7020 IPNAT - ok

10:01:19.0805 7020 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

10:01:19.0821 7020 IRENUM - ok

10:01:19.0852 7020 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys

10:01:19.0868 7020 isapnp - ok

10:01:19.0899 7020 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys

10:01:19.0915 7020 iScsiPrt - ok

10:01:19.0946 7020 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

10:01:19.0961 7020 kbdclass - ok

10:01:19.0977 7020 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys

10:01:19.0993 7020 kbdhid - ok

10:01:20.0055 7020 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

10:01:20.0071 7020 KeyIso - ok

10:01:20.0086 7020 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys

10:01:20.0102 7020 KSecDD - ok

10:01:20.0149 7020 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys

10:01:20.0164 7020 KSecPkg - ok

10:01:20.0180 7020 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

10:01:20.0258 7020 ksthunk - ok

10:01:20.0289 7020 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

10:01:20.0351 7020 KtmRm - ok

10:01:20.0398 7020 L1C (045fb70bc993b691517ce309045ff02d) C:\windows\system32\DRIVERS\L1C62x64.sys

10:01:20.0414 7020 L1C - ok

10:01:20.0461 7020 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll

10:01:20.0523 7020 LanmanServer - ok

10:01:20.0554 7020 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll

10:01:20.0601 7020 LanmanWorkstation - ok

10:01:20.0663 7020 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

10:01:20.0710 7020 lltdio - ok

10:01:20.0757 7020 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

10:01:20.0819 7020 lltdsvc - ok

10:01:20.0851 7020 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

10:01:20.0897 7020 lmhosts - ok

10:01:20.0913 7020 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys

10:01:20.0929 7020 LSI_FC - ok

10:01:20.0975 7020 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys

10:01:20.0991 7020 LSI_SAS - ok

10:01:21.0007 7020 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys

10:01:21.0022 7020 LSI_SAS2 - ok

10:01:21.0038 7020 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys

10:01:21.0053 7020 LSI_SCSI - ok

10:01:21.0069 7020 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

10:01:21.0131 7020 luafv - ok

10:01:21.0178 7020 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys

10:01:21.0194 7020 MBAMProtector - ok

10:01:21.0287 7020 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:01:21.0319 7020 MBAMService - ok

10:01:21.0350 7020 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll

10:01:21.0365 7020 Mcx2Svc - ok

10:01:21.0397 7020 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys

10:01:21.0412 7020 megasas - ok

10:01:21.0443 7020 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys

10:01:21.0475 7020 MegaSR - ok

10:01:21.0521 7020 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:01:21.0584 7020 MMCSS - ok

10:01:21.0599 7020 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

10:01:21.0646 7020 Modem - ok

10:01:21.0677 7020 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

10:01:21.0709 7020 monitor - ok

10:01:21.0755 7020 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

10:01:21.0787 7020 mouclass - ok

10:01:21.0802 7020 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

10:01:21.0818 7020 mouhid - ok

10:01:21.0865 7020 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys

10:01:21.0880 7020 mountmgr - ok

10:01:21.0989 7020 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:01:22.0021 7020 MozillaMaintenance - ok

10:01:22.0052 7020 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys

10:01:22.0067 7020 mpio - ok

10:01:22.0083 7020 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

10:01:22.0130 7020 mpsdrv - ok

10:01:22.0177 7020 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll

10:01:22.0239 7020 MpsSvc - ok

10:01:22.0270 7020 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys

10:01:22.0301 7020 MRxDAV - ok

10:01:22.0333 7020 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys

10:01:22.0364 7020 mrxsmb - ok

10:01:22.0379 7020 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys

10:01:22.0395 7020 mrxsmb10 - ok

10:01:22.0426 7020 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys

10:01:22.0442 7020 mrxsmb20 - ok

10:01:22.0457 7020 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys

10:01:22.0473 7020 msahci - ok

10:01:22.0489 7020 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys

10:01:22.0504 7020 msdsm - ok

10:01:22.0535 7020 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

10:01:22.0582 7020 MSDTC - ok

10:01:22.0629 7020 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

10:01:22.0660 7020 Msfs - ok

10:01:22.0691 7020 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

10:01:22.0738 7020 mshidkmdf - ok

10:01:22.0754 7020 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys

10:01:22.0769 7020 msisadrv - ok

10:01:22.0801 7020 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

10:01:22.0863 7020 MSiSCSI - ok

10:01:22.0863 7020 msiserver - ok

10:01:22.0910 7020 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

10:01:22.0988 7020 MSKSSRV - ok

10:01:23.0003 7020 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

10:01:23.0050 7020 MSPCLOCK - ok

10:01:23.0081 7020 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

10:01:23.0128 7020 MSPQM - ok

10:01:23.0159 7020 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys

10:01:23.0175 7020 MsRPC - ok

10:01:23.0206 7020 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys

10:01:23.0222 7020 mssmbios - ok

10:01:23.0237 7020 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

10:01:23.0331 7020 MSTEE - ok

10:01:23.0347 7020 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys

10:01:23.0362 7020 MTConfig - ok

10:01:23.0378 7020 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

10:01:23.0393 7020 Mup - ok

10:01:23.0440 7020 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll

10:01:23.0518 7020 napagent - ok

10:01:23.0612 7020 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

10:01:23.0690 7020 NativeWifiP - ok

10:01:23.0737 7020 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys

10:01:23.0768 7020 NDIS - ok

10:01:23.0799 7020 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

10:01:23.0846 7020 NdisCap - ok

10:01:23.0877 7020 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

10:01:23.0908 7020 NdisTapi - ok

10:01:23.0986 7020 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys

10:01:24.0033 7020 Ndisuio - ok

10:01:24.0049 7020 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys

10:01:24.0095 7020 NdisWan - ok

10:01:24.0345 7020 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys

10:01:24.0470 7020 NDProxy - ok

10:01:24.0501 7020 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

10:01:24.0548 7020 NetBIOS - ok

10:01:24.0595 7020 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys

10:01:24.0641 7020 NetBT - ok

10:01:24.0688 7020 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

10:01:24.0704 7020 Netlogon - ok

10:01:24.0735 7020 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

10:01:24.0797 7020 Netman - ok

10:01:24.0813 7020 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

10:01:24.0875 7020 netprofm - ok

10:01:24.0953 7020 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:01:24.0985 7020 NetTcpPortSharing - ok

10:01:25.0016 7020 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys

10:01:25.0031 7020 nfrd960 - ok

10:01:25.0078 7020 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll

10:01:25.0125 7020 NlaSvc - ok

10:01:25.0203 7020 Norton PC Checkup Application Launcher - ok

10:01:25.0219 7020 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

10:01:25.0265 7020 Npfs - ok

10:01:25.0297 7020 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

10:01:25.0343 7020 nsi - ok

10:01:25.0375 7020 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

10:01:25.0421 7020 nsiproxy - ok

10:01:25.0515 7020 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys

10:01:25.0562 7020 Ntfs - ok

10:01:25.0640 7020 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

10:01:25.0718 7020 Null - ok

10:01:25.0765 7020 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys

10:01:25.0796 7020 nvraid - ok

10:01:25.0811 7020 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys

10:01:25.0827 7020 nvstor - ok

10:01:25.0858 7020 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys

10:01:25.0874 7020 nv_agp - ok

10:01:25.0905 7020 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys

10:01:25.0936 7020 ohci1394 - ok

10:01:25.0967 7020 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:01:25.0999 7020 p2pimsvc - ok

10:01:26.0045 7020 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

10:01:26.0077 7020 p2psvc - ok

10:01:26.0108 7020 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys

10:01:26.0123 7020 Parport - ok

10:01:26.0155 7020 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys

10:01:26.0170 7020 partmgr - ok

10:01:26.0201 7020 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

10:01:26.0248 7020 PcaSvc - ok

10:01:26.0311 7020 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

10:01:26.0342 7020 PCCUJobMgr - ok

10:01:26.0357 7020 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys

10:01:26.0373 7020 pci - ok

10:01:26.0389 7020 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys

10:01:26.0404 7020 pciide - ok

10:01:26.0435 7020 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys

10:01:26.0451 7020 pcmcia - ok

10:01:26.0467 7020 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

10:01:26.0482 7020 pcw - ok

10:01:26.0513 7020 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

10:01:26.0576 7020 PEAUTH - ok

10:01:26.0654 7020 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

10:01:26.0716 7020 PerfHost - ok

10:01:26.0779 7020 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys

10:01:26.0779 7020 PGEffect - ok

10:01:26.0872 7020 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll

10:01:26.0935 7020 pla - ok

10:01:26.0997 7020 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll

10:01:27.0028 7020 PlugPlay - ok

10:01:27.0059 7020 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

10:01:27.0091 7020 PNRPAutoReg - ok

10:01:27.0122 7020 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:01:27.0137 7020 PNRPsvc - ok

10:01:27.0184 7020 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll

10:01:27.0231 7020 PolicyAgent - ok

10:01:27.0278 7020 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

10:01:27.0325 7020 Power - ok

10:01:27.0418 7020 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys

10:01:27.0465 7020 PptpMiniport - ok

10:01:27.0496 7020 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys

10:01:27.0527 7020 Processor - ok

10:01:27.0590 7020 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll

10:01:27.0637 7020 ProfSvc - ok

10:01:27.0699 7020 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

10:01:27.0746 7020 ProtectedStorage - ok

10:01:27.0777 7020 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys

10:01:27.0824 7020 Psched - ok

10:01:27.0886 7020 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys

10:01:27.0933 7020 QIOMem - ok

10:01:28.0042 7020 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys

10:01:28.0073 7020 ql2300 - ok

10:01:28.0183 7020 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys

10:01:28.0214 7020 ql40xx - ok

10:01:28.0245 7020 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

10:01:28.0276 7020 QWAVE - ok

10:01:28.0292 7020 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

10:01:28.0323 7020 QWAVEdrv - ok

10:01:28.0339 7020 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

10:01:28.0417 7020 RasAcd - ok

10:01:28.0463 7020 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

10:01:28.0495 7020 RasAgileVpn - ok

10:01:28.0541 7020 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

10:01:28.0619 7020 RasAuto - ok

10:01:28.0635 7020 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys

10:01:28.0697 7020 Rasl2tp - ok

10:01:28.0713 7020 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll

10:01:28.0760 7020 RasMan - ok

10:01:28.0791 7020 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

10:01:28.0838 7020 RasPppoe - ok

10:01:28.0869 7020 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

10:01:28.0947 7020 RasSstp - ok

10:01:28.0978 7020 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys

10:01:29.0041 7020 rdbss - ok

10:01:29.0056 7020 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys

10:01:29.0087 7020 rdpbus - ok

10:01:29.0119 7020 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

10:01:29.0165 7020 RDPCDD - ok

10:01:29.0181 7020 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

10:01:29.0243 7020 RDPENCDD - ok

10:01:29.0275 7020 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

10:01:29.0306 7020 RDPREFMP - ok

10:01:29.0353 7020 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys

10:01:29.0368 7020 RDPWD - ok

10:01:29.0399 7020 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys

10:01:29.0415 7020 rdyboost - ok

10:01:29.0462 7020 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

10:01:29.0540 7020 RemoteAccess - ok

10:01:29.0618 7020 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

10:01:29.0680 7020 RemoteRegistry - ok

10:01:29.0696 7020 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

10:01:29.0743 7020 RpcEptMapper - ok

10:01:29.0774 7020 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

10:01:29.0789 7020 RpcLocator - ok

10:01:29.0836 7020 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

10:01:29.0883 7020 RpcSs - ok

10:01:29.0914 7020 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

10:01:29.0977 7020 rspndr - ok

10:01:30.0023 7020 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\windows\system32\Drivers\RtsUStor.sys

10:01:30.0055 7020 RSUSBSTOR - ok

10:01:30.0086 7020 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\windows\system32\Drivers\RTSUVSTOR.sys

10:01:30.0101 7020 RSUSBVSTOR - ok

10:01:30.0133 7020 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

10:01:30.0148 7020 SamSs - ok

10:01:30.0164 7020 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys

10:01:30.0179 7020 sbp2port - ok

10:01:30.0226 7020 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

10:01:30.0273 7020 SCardSvr - ok

10:01:30.0304 7020 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys

10:01:30.0351 7020 scfilter - ok

10:01:30.0429 7020 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll

10:01:30.0507 7020 Schedule - ok

10:01:30.0538 7020 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

10:01:30.0569 7020 SCPolicySvc - ok

10:01:30.0601 7020 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll

10:01:30.0632 7020 SDRSVC - ok

10:01:30.0710 7020 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

10:01:30.0772 7020 secdrv - ok

10:01:30.0803 7020 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll

10:01:30.0850 7020 seclogon - ok

10:01:30.0866 7020 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

10:01:30.0928 7020 SENS - ok

10:01:30.0959 7020 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

10:01:30.0991 7020 SensrSvc - ok

10:01:31.0006 7020 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys

10:01:31.0037 7020 Serenum - ok

10:01:31.0100 7020 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys

10:01:31.0162 7020 Serial - ok

10:01:31.0193 7020 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys

10:01:31.0240 7020 sermouse - ok

10:01:31.0287 7020 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll

10:01:31.0381 7020 SessionEnv - ok

10:01:31.0396 7020 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys

10:01:31.0412 7020 sffdisk - ok

10:01:31.0412 7020 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys

10:01:31.0443 7020 sffp_mmc - ok

10:01:31.0459 7020 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys

10:01:31.0505 7020 sffp_sd - ok

10:01:31.0505 7020 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys

10:01:31.0521 7020 sfloppy - ok

10:01:31.0568 7020 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

10:01:31.0599 7020 SharedAccess - ok

10:01:31.0646 7020 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll

10:01:31.0708 7020 ShellHWDetection - ok

10:01:31.0755 7020 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys

10:01:31.0786 7020 SiSRaid2 - ok

10:01:31.0817 7020 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys

10:01:31.0849 7020 SiSRaid4 - ok

10:01:31.0880 7020 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

10:01:31.0927 7020 Smb - ok

10:01:31.0989 7020 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

10:01:32.0020 7020 SNMPTRAP - ok

10:01:32.0051 7020 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

10:01:32.0051 7020 spldr - ok

10:01:32.0083 7020 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe

10:01:32.0129 7020 Spooler - ok

10:01:32.0301 7020 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe

10:01:32.0410 7020 sppsvc - ok

10:01:32.0488 7020 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

10:01:32.0551 7020 sppuinotify - ok

10:01:32.0613 7020 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys

10:01:32.0644 7020 srv - ok

10:01:32.0660 7020 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys

10:01:32.0691 7020 srv2 - ok

10:01:32.0707 7020 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys

10:01:32.0722 7020 srvnet - ok

10:01:32.0769 7020 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

10:01:32.0831 7020 SSDPSRV - ok

10:01:32.0847 7020 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

10:01:32.0878 7020 SstpSvc - ok

10:01:32.0909 7020 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys

10:01:32.0925 7020 stexstor - ok

10:01:32.0972 7020 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll

10:01:33.0003 7020 stisvc - ok

10:01:33.0034 7020 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys

10:01:33.0034 7020 swenum - ok

10:01:33.0175 7020 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

10:01:33.0221 7020 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

10:01:33.0221 7020 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

10:01:33.0268 7020 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

10:01:33.0331 7020 swprv - ok

10:01:33.0471 7020 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys

10:01:33.0502 7020 SynTP - ok

10:01:33.0643 7020 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll

10:01:33.0721 7020 SysMain - ok

10:01:33.0814 7020 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll

10:01:33.0892 7020 TabletInputService - ok

10:01:33.0923 7020 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll

10:01:33.0970 7020 TapiSrv - ok

10:01:34.0001 7020 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

10:01:34.0033 7020 TBS - ok

10:01:34.0376 7020 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys

10:01:34.0407 7020 Tcpip - ok

10:01:34.0610 7020 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys

10:01:34.0641 7020 TCPIP6 - ok

10:01:34.0735 7020 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys

10:01:34.0797 7020 tcpipreg - ok

10:01:34.0828 7020 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys

10:01:34.0844 7020 tdcmdpst - ok

10:01:34.0859 7020 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

10:01:34.0875 7020 TDPIPE - ok

10:01:34.0906 7020 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys

10:01:34.0937 7020 TDTCP - ok

10:01:34.0969 7020 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys

10:01:35.0000 7020 tdx - ok

10:01:35.0031 7020 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys

10:01:35.0047 7020 TermDD - ok

10:01:35.0093 7020 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll

10:01:35.0156 7020 TermService - ok

10:01:35.0187 7020 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

10:01:35.0203 7020 Themes - ok

10:01:35.0234 7020 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:01:35.0265 7020 THREADORDER - ok

10:01:35.0343 7020 TMachInfo (71c321649b28638ee80a2eeb164c1dc8) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

10:01:35.0374 7020 TMachInfo - ok

10:01:35.0405 7020 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\windows\system32\TODDSrv.exe

10:01:35.0437 7020 TODDSrv - ok

10:01:35.0530 7020 TosCoSrv (1c73689b900428c7d054a41c4687f55c) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

10:01:35.0546 7020 TosCoSrv - ok

10:01:35.0608 7020 TOSHIBA Bluetooth Service (a22deb5ec05febfdca1d3ff70fa1ff46) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

10:01:35.0655 7020 TOSHIBA Bluetooth Service - ok

10:01:35.0702 7020 TOSHIBA eco Utility Service (63aafcf3ea5dbb17123e0bae9afe4d58) C:\Program Files\TOSHIBA\TECO\TecoService.exe

10:01:35.0733 7020 TOSHIBA eco Utility Service - ok

10:01:35.0780 7020 TOSHIBA HDD SSD Alert Service (29d0886cf250fcef1bf9e65ab8d2c0c8) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

10:01:35.0811 7020 TOSHIBA HDD SSD Alert Service - ok

10:01:35.0873 7020 Tosrfcom - ok

10:01:35.0905 7020 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\windows\system32\DRIVERS\tosrfec.sys

10:01:35.0936 7020 tosrfec - ok

10:01:35.0967 7020 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\windows\system32\DRIVERS\tosrfusb.sys

10:01:35.0998 7020 Tosrfusb - ok

10:01:36.0076 7020 TPCHSrv (d788190624c617ec8be62d9f644283d7) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

10:01:36.0107 7020 TPCHSrv - ok

10:01:36.0139 7020 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

10:01:36.0185 7020 TrkWks - ok

10:01:36.0232 7020 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe

10:01:36.0295 7020 TrustedInstaller - ok

10:01:36.0341 7020 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys

10:01:36.0419 7020 tssecsrv - ok

10:01:36.0419 7020 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys

10:01:36.0435 7020 TsUsbFlt - ok

10:01:36.0466 7020 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys

10:01:36.0497 7020 TsUsbGD - ok

10:01:36.0544 7020 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys

10:01:36.0591 7020 tunnel - ok

10:01:36.0638 7020 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS

10:01:36.0638 7020 TVALZ - ok

10:01:36.0685 7020 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys

10:01:36.0685 7020 TVALZFL - ok

10:01:36.0700 7020 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys

10:01:36.0716 7020 uagp35 - ok

10:01:36.0763 7020 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys

10:01:36.0825 7020 udfs - ok

10:01:36.0856 7020 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

10:01:36.0872 7020 UI0Detect - ok

10:01:36.0903 7020 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys

10:01:36.0919 7020 uliagpkx - ok

10:01:36.0965 7020 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys

10:01:36.0997 7020 umbus - ok

10:01:37.0028 7020 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys

10:01:37.0059 7020 UmPass - ok

10:01:37.0090 7020 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

10:01:37.0153 7020 upnphost - ok

10:01:37.0184 7020 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys

10:01:37.0199 7020 usbccgp - ok

10:01:37.0231 7020 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys

10:01:37.0246 7020 usbcir - ok

10:01:37.0262 7020 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys

10:01:37.0309 7020 usbehci - ok

10:01:37.0340 7020 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys

10:01:37.0371 7020 usbhub - ok

10:01:37.0387 7020 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys

10:01:37.0418 7020 usbohci - ok

10:01:37.0449 7020 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys

10:01:37.0480 7020 usbprint - ok

10:01:37.0527 7020 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS

10:01:37.0574 7020 USBSTOR - ok

10:01:37.0667 7020 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys

10:01:37.0730 7020 usbuhci - ok

10:01:37.0745 7020 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys

10:01:37.0777 7020 usbvideo - ok

10:01:37.0792 7020 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

10:01:37.0855 7020 UxSms - ok

10:01:37.0886 7020 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

10:01:37.0901 7020 VaultSvc - ok

10:01:37.0917 7020 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys

10:01:37.0933 7020 vdrvroot - ok

10:01:37.0979 7020 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe

10:01:38.0042 7020 vds - ok

10:01:38.0089 7020 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

10:01:38.0135 7020 vga - ok

10:01:38.0151 7020 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

10:01:38.0229 7020 VgaSave - ok

10:01:38.0260 7020 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys

10:01:38.0276 7020 vhdmp - ok

10:01:38.0276 7020 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys

10:01:38.0291 7020 viaide - ok

10:01:38.0338 7020 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys

10:01:38.0354 7020 volmgr - ok

10:01:38.0385 7020 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys

10:01:38.0401 7020 volmgrx - ok

10:01:38.0447 7020 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys

10:01:38.0463 7020 volsnap - ok

10:01:38.0510 7020 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys

10:01:38.0525 7020 vsmraid - ok

10:01:38.0619 7020 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe

10:01:38.0728 7020 VSS - ok

10:01:38.0822 7020 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

10:01:38.0884 7020 vwifibus - ok

10:01:38.0900 7020 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

10:01:38.0931 7020 vwififlt - ok

10:01:38.0978 7020 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

10:01:39.0025 7020 W32Time - ok

10:01:39.0056 7020 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys

10:01:39.0087 7020 WacomPen - ok

10:01:39.0118 7020 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

10:01:39.0165 7020 WANARP - ok

10:01:39.0165 7020 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

10:01:39.0196 7020 Wanarpv6 - ok

10:01:39.0321 7020 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

10:01:39.0352 7020 WatAdminSvc - ok

10:01:39.0446 7020 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe

10:01:39.0508 7020 wbengine - ok

10:01:39.0633 7020 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

10:01:39.0696 7020 WbioSrvc - ok

10:01:39.0727 7020 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll

10:01:39.0789 7020 wcncsvc - ok

10:01:39.0820 7020 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

10:01:39.0836 7020 WcsPlugInService - ok

10:01:39.0898 7020 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys

10:01:39.0898 7020 Wd - ok

10:01:39.0945 7020 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

10:01:39.0976 7020 Wdf01000 - ok

10:01:39.0976 7020 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:01:40.0023 7020 WdiServiceHost - ok

10:01:40.0023 7020 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:01:40.0054 7020 WdiSystemHost - ok

10:01:40.0086 7020 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll

10:01:40.0132 7020 WebClient - ok

10:01:40.0164 7020 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

10:01:40.0226 7020 Wecsvc - ok

10:01:40.0242 7020 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

10:01:40.0288 7020 wercplsupport - ok

10:01:40.0320 7020 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

10:01:40.0382 7020 WerSvc - ok

10:01:40.0444 7020 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

10:01:40.0491 7020 WfpLwf - ok

10:01:40.0507 7020 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

10:01:40.0507 7020 WIMMount - ok

10:01:40.0554 7020 WinDefend - ok

10:01:40.0569 7020 WinHttpAutoProxySvc - ok

10:01:40.0632 7020 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

10:01:40.0678 7020 Winmgmt - ok

10:01:40.0788 7020 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll

10:01:40.0850 7020 WinRM - ok

10:01:40.0975 7020 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys

10:01:40.0990 7020 WinUsb - ok

10:01:41.0053 7020 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

10:01:41.0115 7020 Wlansvc - ok

10:01:41.0178 7020 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

10:01:41.0193 7020 wlcrasvc - ok

10:01:41.0334 7020 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:01:41.0380 7020 wlidsvc - ok

10:01:41.0474 7020 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys

10:01:41.0521 7020 WmiAcpi - ok

10:01:41.0599 7020 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

10:01:41.0646 7020 wmiApSrv - ok

10:01:41.0708 7020 WMPNetworkSvc - ok

10:01:41.0724 7020 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

10:01:41.0755 7020 WPCSvc - ok

10:01:41.0770 7020 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll

10:01:41.0786 7020 WPDBusEnum - ok

10:01:41.0817 7020 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

10:01:41.0848 7020 ws2ifsl - ok

10:01:41.0864 7020 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

10:01:41.0911 7020 wscsvc - ok

10:01:41.0911 7020 WSearch - ok

10:01:42.0020 7020 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll

10:01:42.0082 7020 wuauserv - ok

10:01:42.0176 7020 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys

10:01:42.0254 7020 WudfPf - ok

10:01:42.0301 7020 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys

10:01:42.0348 7020 WUDFRd - ok

10:01:42.0379 7020 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll

10:01:42.0426 7020 wudfsvc - ok

10:01:42.0441 7020 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

10:01:42.0488 7020 WwanSvc - ok

10:01:42.0519 7020 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

10:01:42.0582 7020 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

10:01:42.0582 7020 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

10:01:43.0330 7020 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

10:01:43.0330 7020 \Device\Harddisk0\DR0 - detected TDSS File System (1)

10:01:43.0330 7020 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2

10:01:43.0455 7020 \Device\Harddisk1\DR2 - ok

10:01:43.0486 7020 Boot (0x1200) (7e730a20b0fce5b0f1dc21f34214141c) \Device\Harddisk0\DR0\Partition0

10:01:43.0502 7020 \Device\Harddisk0\DR0\Partition0 - ok

10:01:43.0502 7020 Boot (0x1200) (c9f6219de07da6044c38a9f222f4e9aa) \Device\Harddisk1\DR2\Partition0

10:01:43.0518 7020 \Device\Harddisk1\DR2\Partition0 - ok

10:01:43.0518 7020 ============================================================

10:01:43.0518 7020 Scan finished

10:01:43.0518 7020 ============================================================

10:01:43.0533 5488 Detected object count: 4

10:01:43.0533 5488 Actual detected object count: 4

10:04:21.0455 5488 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

10:04:21.0455 5488 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:04:21.0455 5488 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

10:04:21.0455 5488 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:04:22.0422 5488 \Device\Harddisk0\DR0\# - copied to quarantine

10:04:22.0422 5488 \Device\Harddisk0\DR0 - copied to quarantine

10:04:22.0562 5488 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

10:04:27.0008 5488 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

10:04:27.0039 5488 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

10:04:27.0133 5488 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

10:04:27.0273 5488 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

10:04:27.0398 5488 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

10:04:27.0445 5488 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

10:04:27.0445 5488 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

10:04:27.0445 5488 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

10:04:27.0445 5488 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

10:04:27.0492 5488 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

10:04:27.0585 5488 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

10:04:27.0585 5488 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

10:04:27.0601 5488 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

10:04:27.0648 5488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

10:04:27.0663 5488 \Device\Harddisk0\DR0 - ok

10:04:28.0069 5488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

10:04:28.0069 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

10:04:28.0069 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

10:07:12.0085 3044 Deinitialize success

TDSSKiller.2.7.48.0_10.08.2012_10.00.05_log.txt

Link to post
Share on other sites

Run TDSSKiller again and just delete this one only!

10:04:28.0069 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

10:04:28.0069 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

~~~~~~~~~~~~~~

Then........

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.