Jump to content

Can't seem to shake FBI Moneypak Virus


kdd

Recommended Posts

i have been helping a friend who got the virus on his computer. someone else got it back up and running, but important links in the control panel don't function. sometimes the icons are hidden and sometimes not. i did a search for the virus and found some help on microsoft support going to select real security dot com. except for running hitman pro, i have followed procedures contained in the two articles i found.

i did another search later and found the article and help mrc offered and followed those instructions. i did find two threats when i re-ran kaspersky's rootkit killer that were like the one the user described in his post. the help was invaluable and got me farther along than i was. i noticed that there were four listings in the details and one of them was a system lock.

i found lots of "bugs" when i ran a full scan with mwb and got rid of them.

i have not uploaded, as of this posting, the kaspersky file. my friend tells me there is nothing of importance on his computer, but i am not to the point yet of reinstalling windows. that is my last resort.

i will post the results of the kaspersky file scan when i get it.

hope someone can help me out with this as i really don't want to reinstall windows.

cheers!

Link to post
Share on other sites

here is the scan results:

13:26:22.0026 1856 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

13:26:22.0151 1856 ============================================================

13:26:22.0151 1856 Current date / time: 2012/08/17 13:26:22.0151

13:26:22.0151 1856 SystemInfo:

13:26:22.0151 1856

13:26:22.0151 1856 OS Version: 6.1.7601 ServicePack: 1.0

13:26:22.0151 1856 Product type: Workstation

13:26:22.0151 1856 ComputerName: AARONS-PC

13:26:22.0151 1856 UserName: Aarons

13:26:22.0151 1856 Windows directory: C:\Windows

13:26:22.0151 1856 System windows directory: C:\Windows

13:26:22.0151 1856 Running under WOW64

13:26:22.0151 1856 Processor architecture: Intel x64

13:26:22.0151 1856 Number of processors: 2

13:26:22.0151 1856 Page size: 0x1000

13:26:22.0151 1856 Boot type: Safe boot with network

13:26:22.0151 1856 ============================================================

13:26:23.0290 1856 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:26:23.0290 1856 ============================================================

13:26:23.0290 1856 \Device\Harddisk0\DR0:

13:26:23.0305 1856 MBR partitions:

13:26:23.0305 1856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x6A000, BlocksNum 0x32000

13:26:23.0305 1856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C000, BlocksNum 0x25392000

13:26:23.0305 1856 ============================================================

13:26:23.0321 1856 C: <-> \Device\Harddisk0\DR0\Partition2

13:26:23.0321 1856 ============================================================

13:26:23.0337 1856 Initialize success

13:26:23.0337 1856 ============================================================

13:26:50.0996 0172 ============================================================

13:26:50.0996 0172 Scan started

13:26:50.0996 0172 Mode: Manual; SigCheck; TDLFS;

13:26:50.0996 0172 ============================================================

13:26:51.0152 0172 ================ Scan services =============================

13:26:51.0339 0172 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

13:26:51.0729 0172 1394ohci - ok

13:26:51.0791 0172 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

13:26:51.0822 0172 ACPI - ok

13:26:51.0869 0172 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

13:26:51.0947 0172 AcpiPmi - ok

13:26:52.0103 0172 [ f19c98ad81d2c0e1bbfd8153d2c80ee8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:26:52.0119 0172 AdobeFlashPlayerUpdateSvc - ok

13:26:52.0166 0172 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

13:26:52.0197 0172 adp94xx - ok

13:26:52.0244 0172 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

13:26:52.0259 0172 adpahci - ok

13:26:52.0290 0172 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

13:26:52.0306 0172 adpu320 - ok

13:26:52.0353 0172 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

13:26:52.0509 0172 AeLookupSvc - ok

13:26:52.0571 0172 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

13:26:52.0618 0172 AFD - ok

13:26:52.0649 0172 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

13:26:52.0649 0172 agp440 - ok

13:26:52.0712 0172 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

13:26:52.0774 0172 ALG - ok

13:26:52.0790 0172 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

13:26:52.0805 0172 aliide - ok

13:26:52.0852 0172 [ 8f6c0ff277dbfe5ebed24e3543da7bfa ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

13:26:52.0930 0172 AMD External Events Utility - ok

13:26:52.0946 0172 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

13:26:52.0961 0172 amdide - ok

13:26:52.0992 0172 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

13:26:53.0055 0172 AmdK8 - ok

13:26:53.0211 0172 [ 9673319070166e26660eba4edf316fa2 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys

13:26:53.0414 0172 amdkmdag - ok

13:26:53.0476 0172 [ 430d06d63952848e64cbbf23b5c1479e ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

13:26:53.0507 0172 amdkmdap - ok

13:26:53.0554 0172 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

13:26:53.0585 0172 AmdPPM - ok

13:26:53.0663 0172 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

13:26:53.0679 0172 amdsata - ok

13:26:53.0726 0172 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

13:26:53.0741 0172 amdsbs - ok

13:26:53.0757 0172 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

13:26:53.0772 0172 amdxata - ok

13:26:53.0819 0172 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

13:26:53.0991 0172 AppID - ok

13:26:54.0022 0172 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

13:26:54.0084 0172 AppIDSvc - ok

13:26:54.0162 0172 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

13:26:54.0209 0172 Appinfo - ok

13:26:54.0240 0172 appliandMP - ok

13:26:54.0272 0172 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

13:26:54.0287 0172 arc - ok

13:26:54.0303 0172 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

13:26:54.0318 0172 arcsas - ok

13:26:54.0350 0172 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

13:26:54.0412 0172 AsyncMac - ok

13:26:54.0428 0172 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

13:26:54.0443 0172 atapi - ok

13:26:54.0490 0172 [ 77c149e6d702737b2e372dee166faef8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

13:26:54.0552 0172 AtiHdmiService - ok

13:26:54.0599 0172 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

13:26:54.0693 0172 AtiPcie - ok

13:26:54.0724 0172 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

13:26:54.0802 0172 AudioEndpointBuilder - ok

13:26:54.0818 0172 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

13:26:54.0849 0172 AudioSrv - ok

13:26:54.0927 0172 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

13:26:55.0005 0172 AxInstSV - ok

13:26:55.0052 0172 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

13:26:55.0114 0172 b06bdrv - ok

13:26:55.0161 0172 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

13:26:55.0208 0172 b57nd60a - ok

13:26:55.0254 0172 [ 5c0f919666954885d7760dffe4b29a25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys

13:26:55.0270 0172 BCM42RLY - ok

13:26:55.0348 0172 [ bab887a2b2786310a966881f074f4a99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

13:26:55.0410 0172 BCM43XX - ok

13:26:55.0457 0172 [ d98f22c21d2969dad4f1faad8cd4faac ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys

13:26:55.0473 0172 BcmVWL - ok

13:26:55.0535 0172 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

13:26:55.0598 0172 BDESVC - ok

13:26:55.0660 0172 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

13:26:55.0707 0172 Beep - ok

13:26:55.0956 0172 [ 5b1fe9d351c284701c8051da2aa81df6 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx64.sys

13:26:56.0003 0172 BHDrvx64 - ok

13:26:56.0050 0172 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll

13:26:56.0144 0172 BITS - ok

13:26:56.0190 0172 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

13:26:56.0206 0172 blbdrive - ok

13:26:56.0237 0172 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

13:26:56.0253 0172 bowser - ok

13:26:56.0268 0172 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:26:56.0315 0172 BrFiltLo - ok

13:26:56.0362 0172 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:26:56.0362 0172 BrFiltUp - ok

13:26:56.0393 0172 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll

13:26:56.0456 0172 Browser - ok

13:26:56.0487 0172 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

13:26:56.0518 0172 Brserid - ok

13:26:56.0534 0172 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

13:26:56.0565 0172 BrSerWdm - ok

13:26:56.0580 0172 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

13:26:56.0612 0172 BrUsbMdm - ok

13:26:56.0643 0172 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

13:26:56.0674 0172 BrUsbSer - ok

13:26:56.0690 0172 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

13:26:56.0736 0172 BTHMODEM - ok

13:26:56.0783 0172 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

13:26:56.0846 0172 bthserv - ok

13:26:56.0924 0172 [ 0e1737a63aec0f6de231bb59836c0a11 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys

13:26:56.0939 0172 ccSet_NIS - ok

13:26:56.0986 0172 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

13:26:57.0033 0172 cdfs - ok

13:26:57.0111 0172 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

13:26:57.0142 0172 cdrom - ok

13:26:57.0189 0172 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

13:26:57.0251 0172 CertPropSvc - ok

13:26:57.0298 0172 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

13:26:57.0329 0172 circlass - ok

13:26:57.0376 0172 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

13:26:57.0392 0172 CLFS - ok

13:26:57.0454 0172 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:26:57.0454 0172 clr_optimization_v2.0.50727_32 - ok

13:26:57.0516 0172 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:26:57.0516 0172 clr_optimization_v2.0.50727_64 - ok

13:26:57.0626 0172 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:26:57.0672 0172 clr_optimization_v4.0.30319_32 - ok

13:26:57.0719 0172 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:26:57.0735 0172 clr_optimization_v4.0.30319_64 - ok

13:26:57.0782 0172 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

13:26:57.0813 0172 CmBatt - ok

13:26:57.0844 0172 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

13:26:57.0860 0172 cmdide - ok

13:26:57.0891 0172 [ c4943b6c962e4b82197542447ad599f4 ] CNG C:\Windows\system32\Drivers\cng.sys

13:26:57.0953 0172 CNG - ok

13:26:58.0000 0172 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

13:26:58.0016 0172 Compbatt - ok

13:26:58.0062 0172 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

13:26:58.0094 0172 CompositeBus - ok

13:26:58.0125 0172 COMSysApp - ok

13:26:58.0140 0172 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

13:26:58.0156 0172 crcdisk - ok

13:26:58.0218 0172 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

13:26:58.0250 0172 CryptSvc - ok

13:26:58.0296 0172 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

13:26:58.0359 0172 DcomLaunch - ok

13:26:58.0390 0172 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

13:26:58.0452 0172 defragsvc - ok

13:26:58.0499 0172 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

13:26:58.0562 0172 DfsC - ok

13:26:58.0624 0172 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

13:26:58.0686 0172 Dhcp - ok

13:26:58.0733 0172 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

13:26:58.0764 0172 discache - ok

13:26:58.0796 0172 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

13:26:58.0811 0172 Disk - ok

13:26:58.0858 0172 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

13:26:58.0905 0172 Dnscache - ok

13:26:58.0952 0172 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

13:26:58.0998 0172 dot3svc - ok

13:26:59.0045 0172 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

13:26:59.0108 0172 DPS - ok

13:26:59.0139 0172 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

13:26:59.0170 0172 drmkaud - ok

13:26:59.0248 0172 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

13:26:59.0264 0172 DXGKrnl - ok

13:26:59.0310 0172 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

13:26:59.0357 0172 EapHost - ok

13:26:59.0451 0172 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

13:26:59.0529 0172 ebdrv - ok

13:26:59.0591 0172 eeCtrl - ok

13:26:59.0638 0172 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

13:26:59.0685 0172 EFS - ok

13:26:59.0794 0172 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

13:26:59.0903 0172 ehRecvr - ok

13:26:59.0934 0172 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

13:26:59.0966 0172 ehSched - ok

13:26:59.0997 0172 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

13:27:00.0028 0172 elxstor - ok

13:27:00.0090 0172 EraserUtilRebootDrv - ok

13:27:00.0122 0172 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

13:27:00.0153 0172 ErrDev - ok

13:27:00.0215 0172 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

13:27:00.0278 0172 EventSystem - ok

13:27:00.0293 0172 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

13:27:00.0340 0172 exfat - ok

13:27:00.0371 0172 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

13:27:00.0418 0172 fastfat - ok

13:27:00.0480 0172 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

13:27:00.0543 0172 Fax - ok

13:27:00.0558 0172 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

13:27:00.0590 0172 fdc - ok

13:27:00.0621 0172 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

13:27:00.0652 0172 fdPHost - ok

13:27:00.0668 0172 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

13:27:00.0730 0172 FDResPub - ok

13:27:00.0777 0172 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

13:27:00.0777 0172 FileInfo - ok

13:27:00.0808 0172 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

13:27:00.0855 0172 Filetrace - ok

13:27:00.0886 0172 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

13:27:00.0886 0172 flpydisk - ok

13:27:00.0917 0172 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

13:27:00.0933 0172 FltMgr - ok

13:27:00.0995 0172 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

13:27:01.0073 0172 FontCache - ok

13:27:01.0136 0172 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:27:01.0136 0172 FontCache3.0.0.0 - ok

13:27:01.0167 0172 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

13:27:01.0182 0172 FsDepends - ok

13:27:01.0198 0172 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

13:27:01.0214 0172 Fs_Rec - ok

13:27:01.0260 0172 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

13:27:01.0276 0172 fvevol - ok

13:27:01.0292 0172 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

13:27:01.0307 0172 gagp30kx - ok

13:27:01.0354 0172 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

13:27:01.0432 0172 gpsvc - ok

13:27:01.0526 0172 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:27:01.0526 0172 gupdate - ok

13:27:01.0588 0172 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:27:01.0588 0172 gupdatem - ok

13:27:01.0619 0172 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

13:27:01.0666 0172 hcw85cir - ok

13:27:01.0728 0172 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

13:27:01.0760 0172 HdAudAddService - ok

13:27:01.0806 0172 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

13:27:01.0853 0172 HDAudBus - ok

13:27:01.0884 0172 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

13:27:01.0916 0172 HidBatt - ok

13:27:01.0947 0172 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

13:27:01.0962 0172 HidBth - ok

13:27:01.0978 0172 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

13:27:01.0994 0172 HidIr - ok

13:27:02.0025 0172 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll

13:27:02.0072 0172 hidserv - ok

13:27:02.0134 0172 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

13:27:02.0134 0172 HidUsb - ok

13:27:02.0165 0172 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

13:27:02.0228 0172 hkmsvc - ok

13:27:02.0274 0172 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

13:27:02.0321 0172 HomeGroupListener - ok

13:27:02.0368 0172 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

13:27:02.0399 0172 HomeGroupProvider - ok

13:27:02.0430 0172 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

13:27:02.0446 0172 HpSAMD - ok

13:27:02.0508 0172 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

13:27:02.0571 0172 HTTP - ok

13:27:02.0618 0172 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

13:27:02.0618 0172 hwpolicy - ok

13:27:02.0680 0172 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

13:27:02.0696 0172 i8042prt - ok

13:27:02.0742 0172 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

13:27:02.0758 0172 iaStorV - ok

13:27:02.0852 0172 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:27:02.0883 0172 idsvc - ok

13:27:02.0976 0172 [ 4e9e0e5a3b0efeb27491c26be1d97fda ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSvia64.sys

13:27:03.0008 0172 IDSVia64 - ok

13:27:03.0023 0172 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

13:27:03.0039 0172 iirsp - ok

13:27:03.0086 0172 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

13:27:03.0148 0172 IKEEXT - ok

13:27:03.0179 0172 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

13:27:03.0195 0172 intelide - ok

13:27:03.0242 0172 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

13:27:03.0273 0172 intelppm - ok

13:27:03.0304 0172 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

13:27:03.0351 0172 IPBusEnum - ok

13:27:03.0382 0172 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:27:03.0429 0172 IpFilterDriver - ok

13:27:03.0476 0172 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

13:27:03.0491 0172 IPMIDRV - ok

13:27:03.0554 0172 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

13:27:03.0616 0172 IPNAT - ok

13:27:03.0647 0172 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

13:27:03.0694 0172 IRENUM - ok

13:27:03.0741 0172 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

13:27:03.0741 0172 isapnp - ok

13:27:03.0788 0172 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

13:27:03.0803 0172 iScsiPrt - ok

13:27:03.0819 0172 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

13:27:03.0834 0172 kbdclass - ok

13:27:03.0897 0172 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

13:27:03.0928 0172 kbdhid - ok

13:27:03.0959 0172 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

13:27:03.0975 0172 KeyIso - ok

13:27:04.0006 0172 [ da1e991a61cfdd755a589e206b97644b ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

13:27:04.0022 0172 KSecDD - ok

13:27:04.0037 0172 [ 7e33198d956943a4f11a5474c1e9106f ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

13:27:04.0053 0172 KSecPkg - ok

13:27:04.0115 0172 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

13:27:04.0162 0172 ksthunk - ok

13:27:04.0209 0172 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

13:27:04.0271 0172 KtmRm - ok

13:27:04.0349 0172 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll

13:27:04.0412 0172 LanmanServer - ok

13:27:04.0458 0172 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

13:27:04.0536 0172 LanmanWorkstation - ok

13:27:04.0583 0172 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

13:27:04.0614 0172 lltdio - ok

13:27:04.0661 0172 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

13:27:04.0724 0172 lltdsvc - ok

13:27:04.0755 0172 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

13:27:04.0786 0172 lmhosts - ok

13:27:04.0833 0172 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

13:27:04.0848 0172 LSI_FC - ok

13:27:04.0864 0172 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

13:27:04.0880 0172 LSI_SAS - ok

13:27:04.0895 0172 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:27:04.0895 0172 LSI_SAS2 - ok

13:27:04.0926 0172 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:27:04.0942 0172 LSI_SCSI - ok

13:27:04.0973 0172 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

13:27:05.0020 0172 luafv - ok

13:27:05.0067 0172 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

13:27:05.0082 0172 Mcx2Svc - ok

13:27:05.0114 0172 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

13:27:05.0114 0172 megasas - ok

13:27:05.0145 0172 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

13:27:05.0160 0172 MegaSR - ok

13:27:05.0192 0172 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

13:27:05.0254 0172 MMCSS - ok

13:27:05.0270 0172 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

13:27:05.0332 0172 Modem - ok

13:27:05.0363 0172 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

13:27:05.0394 0172 monitor - ok

13:27:05.0457 0172 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

13:27:05.0457 0172 mouclass - ok

13:27:05.0488 0172 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

13:27:05.0519 0172 mouhid - ok

13:27:05.0566 0172 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

13:27:05.0582 0172 mountmgr - ok

13:27:05.0660 0172 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

13:27:05.0675 0172 MozillaMaintenance - ok

13:27:05.0706 0172 [ c177a7ebf5e8a0b596f618870516cab8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

13:27:05.0722 0172 MpFilter - ok

13:27:05.0784 0172 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

13:27:05.0800 0172 mpio - ok

13:27:05.0831 0172 [ 8fbf6b31fe8af1833d93c5913d5b4d55 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys

13:27:05.0847 0172 MpNWMon - ok

13:27:05.0878 0172 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

13:27:05.0909 0172 mpsdrv - ok

13:27:05.0956 0172 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

13:27:05.0987 0172 MRxDAV - ok

13:27:06.0018 0172 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

13:27:06.0081 0172 mrxsmb - ok

13:27:06.0128 0172 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:27:06.0159 0172 mrxsmb10 - ok

13:27:06.0206 0172 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:27:06.0206 0172 mrxsmb20 - ok

13:27:06.0237 0172 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

13:27:06.0237 0172 msahci - ok

13:27:06.0268 0172 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

13:27:06.0284 0172 msdsm - ok

13:27:06.0299 0172 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

13:27:06.0330 0172 MSDTC - ok

13:27:06.0377 0172 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

13:27:06.0408 0172 Msfs - ok

13:27:06.0424 0172 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

13:27:06.0471 0172 mshidkmdf - ok

13:27:06.0518 0172 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

13:27:06.0533 0172 msisadrv - ok

13:27:06.0580 0172 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

13:27:06.0642 0172 MSiSCSI - ok

13:27:06.0642 0172 msiserver - ok

13:27:06.0705 0172 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

13:27:06.0752 0172 MSKSSRV - ok

13:27:06.0861 0172 [ 157e9e498206a3366baa7e4697bdd947 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

13:27:06.0876 0172 MsMpSvc - ok

13:27:06.0939 0172 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

13:27:06.0986 0172 MSPCLOCK - ok

13:27:07.0017 0172 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

13:27:07.0064 0172 MSPQM - ok

13:27:07.0095 0172 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

13:27:07.0110 0172 MsRPC - ok

13:27:07.0157 0172 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

13:27:07.0173 0172 mssmbios - ok

13:27:07.0204 0172 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

13:27:07.0251 0172 MSTEE - ok

13:27:07.0298 0172 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

13:27:07.0313 0172 MTConfig - ok

13:27:07.0344 0172 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

13:27:07.0360 0172 Mup - ok

13:27:07.0407 0172 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

13:27:07.0469 0172 napagent - ok

13:27:07.0532 0172 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

13:27:07.0563 0172 NativeWifiP - ok

13:27:07.0625 0172 [ 8043d41f881d6ace40b854ad6e32217f ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120613.019\ENG64.SYS

13:27:07.0641 0172 NAVENG - ok

13:27:07.0703 0172 [ 9a9ab2fc45d701daed465d14980f1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120613.019\EX64.SYS

13:27:07.0766 0172 NAVEX15 - ok

13:27:07.0812 0172 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

13:27:07.0844 0172 NDIS - ok

13:27:07.0859 0172 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

13:27:07.0922 0172 NdisCap - ok

13:27:07.0984 0172 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

13:27:08.0015 0172 NdisTapi - ok

13:27:08.0062 0172 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

13:27:08.0093 0172 Ndisuio - ok

13:27:08.0109 0172 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

13:27:08.0171 0172 NdisWan - ok

13:27:08.0202 0172 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

13:27:08.0234 0172 NDProxy - ok

13:27:08.0265 0172 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

13:27:08.0327 0172 NetBIOS - ok

13:27:08.0358 0172 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

13:27:08.0405 0172 NetBT - ok

13:27:08.0436 0172 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

13:27:08.0452 0172 Netlogon - ok

13:27:08.0499 0172 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

13:27:08.0561 0172 Netman - ok

13:27:08.0592 0172 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

13:27:08.0655 0172 netprofm - ok

13:27:08.0686 0172 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:27:08.0702 0172 NetTcpPortSharing - ok

13:27:08.0733 0172 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

13:27:08.0748 0172 nfrd960 - ok

13:27:08.0780 0172 [ 5f7d72cbcdd025af1f38fdeee5646968 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

13:27:08.0795 0172 NisDrv - ok

13:27:08.0826 0172 [ 566ddd5d82520da01d75f81428ac4c38 ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

13:27:08.0842 0172 NisSrv - ok

13:27:08.0951 0172 [ 720d689ad05c6da167ae959569c59bdc ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

13:27:08.0967 0172 NitroReaderDriverReadSpool2 - ok

13:27:09.0029 0172 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

13:27:09.0076 0172 NlaSvc - ok

13:27:09.0092 0172 [ 324c4d3c3fc6accb72d5d83986442ebb ] NPF C:\Windows\system32\drivers\NPF.sys

13:27:09.0107 0172 NPF - ok

13:27:09.0138 0172 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

13:27:09.0170 0172 Npfs - ok

13:27:09.0201 0172 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

13:27:09.0232 0172 nsi - ok

13:27:09.0248 0172 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

13:27:09.0310 0172 nsiproxy - ok

13:27:09.0372 0172 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

13:27:09.0404 0172 Ntfs - ok

13:27:09.0435 0172 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

13:27:09.0482 0172 Null - ok

13:27:09.0528 0172 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

13:27:09.0544 0172 nvraid - ok

13:27:09.0575 0172 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

13:27:09.0591 0172 nvstor - ok

13:27:09.0606 0172 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

13:27:09.0622 0172 nv_agp - ok

13:27:09.0653 0172 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

13:27:09.0684 0172 ohci1394 - ok

13:27:09.0731 0172 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

13:27:09.0778 0172 p2pimsvc - ok

13:27:09.0809 0172 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

13:27:09.0825 0172 p2psvc - ok

13:27:09.0856 0172 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

13:27:09.0872 0172 Parport - ok

13:27:09.0903 0172 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

13:27:09.0918 0172 partmgr - ok

13:27:09.0934 0172 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

13:27:09.0965 0172 PcaSvc - ok

13:27:09.0996 0172 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

13:27:10.0012 0172 pci - ok

13:27:10.0043 0172 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

13:27:10.0059 0172 pciide - ok

13:27:10.0090 0172 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

13:27:10.0106 0172 pcmcia - ok

13:27:10.0137 0172 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

13:27:10.0137 0172 pcw - ok

13:27:10.0168 0172 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

13:27:10.0230 0172 PEAUTH - ok

13:27:10.0308 0172 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

13:27:10.0371 0172 PerfHost - ok

13:27:10.0433 0172 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

13:27:10.0511 0172 pla - ok

13:27:10.0558 0172 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

13:27:10.0620 0172 PlugPlay - ok

13:27:10.0652 0172 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

13:27:10.0667 0172 PNRPAutoReg - ok

13:27:10.0698 0172 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

13:27:10.0698 0172 PNRPsvc - ok

13:27:10.0761 0172 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

13:27:10.0823 0172 PolicyAgent - ok

13:27:10.0854 0172 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

13:27:10.0917 0172 Power - ok

13:27:10.0948 0172 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

13:27:11.0010 0172 PptpMiniport - ok

13:27:11.0042 0172 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

13:27:11.0057 0172 Processor - ok

13:27:11.0120 0172 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

13:27:11.0182 0172 ProfSvc - ok

13:27:11.0213 0172 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

13:27:11.0213 0172 ProtectedStorage - ok

13:27:11.0260 0172 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

13:27:11.0322 0172 Psched - ok

13:27:11.0385 0172 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

13:27:11.0432 0172 ql2300 - ok

13:27:11.0447 0172 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

13:27:11.0463 0172 ql40xx - ok

13:27:11.0494 0172 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

13:27:11.0510 0172 QWAVE - ok

13:27:11.0525 0172 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

13:27:11.0556 0172 QWAVEdrv - ok

13:27:11.0619 0172 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

13:27:11.0681 0172 RasAcd - ok

13:27:11.0744 0172 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

13:27:11.0775 0172 RasAgileVpn - ok

13:27:11.0822 0172 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

13:27:11.0884 0172 RasAuto - ok

13:27:11.0900 0172 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

13:27:11.0946 0172 Rasl2tp - ok

13:27:11.0993 0172 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

13:27:12.0040 0172 RasMan - ok

13:27:12.0056 0172 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

13:27:12.0118 0172 RasPppoe - ok

13:27:12.0149 0172 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

13:27:12.0212 0172 RasSstp - ok

13:27:12.0258 0172 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

13:27:12.0305 0172 rdbss - ok

13:27:12.0336 0172 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

13:27:12.0368 0172 rdpbus - ok

13:27:12.0399 0172 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

13:27:12.0446 0172 RDPCDD - ok

13:27:12.0492 0172 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

13:27:12.0555 0172 RDPENCDD - ok

13:27:12.0586 0172 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

13:27:12.0617 0172 RDPREFMP - ok

13:27:12.0664 0172 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

13:27:12.0680 0172 RDPWD - ok

13:27:12.0726 0172 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

13:27:12.0726 0172 rdyboost - ok

13:27:12.0789 0172 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

13:27:12.0851 0172 RemoteAccess - ok

13:27:12.0882 0172 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

13:27:12.0945 0172 RemoteRegistry - ok

13:27:12.0976 0172 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

13:27:13.0007 0172 RpcEptMapper - ok

13:27:13.0038 0172 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

13:27:13.0070 0172 RpcLocator - ok

13:27:13.0116 0172 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

13:27:13.0163 0172 RpcSs - ok

13:27:13.0194 0172 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

13:27:13.0241 0172 rspndr - ok

13:27:13.0304 0172 [ fd978b2bf8a9b2390dcbef435e9c1f9f ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

13:27:13.0319 0172 RTL8167 - ok

13:27:13.0335 0172 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

13:27:13.0335 0172 SamSs - ok

13:27:13.0366 0172 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

13:27:13.0382 0172 sbp2port - ok

13:27:13.0444 0172 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

13:27:13.0506 0172 SCardSvr - ok

13:27:13.0538 0172 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

13:27:13.0584 0172 scfilter - ok

13:27:13.0647 0172 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

13:27:13.0694 0172 Schedule - ok

13:27:13.0725 0172 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

13:27:13.0756 0172 SCPolicySvc - ok

13:27:13.0787 0172 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

13:27:13.0850 0172 SDRSVC - ok

13:27:13.0896 0172 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

13:27:13.0959 0172 secdrv - ok

13:27:13.0990 0172 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

13:27:14.0021 0172 seclogon - ok

13:27:14.0052 0172 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll

13:27:14.0115 0172 SENS - ok

13:27:14.0130 0172 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

13:27:14.0177 0172 SensrSvc - ok

13:27:14.0208 0172 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

13:27:14.0255 0172 Serenum - ok

13:27:14.0286 0172 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

13:27:14.0302 0172 Serial - ok

13:27:14.0349 0172 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

13:27:14.0380 0172 sermouse - ok

13:27:14.0427 0172 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

13:27:14.0489 0172 SessionEnv - ok

13:27:14.0520 0172 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

13:27:14.0552 0172 sffdisk - ok

13:27:14.0583 0172 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

13:27:14.0614 0172 sffp_mmc - ok

13:27:14.0645 0172 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

13:27:14.0676 0172 sffp_sd - ok

13:27:14.0723 0172 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

13:27:14.0739 0172 sfloppy - ok

13:27:14.0786 0172 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

13:27:14.0864 0172 SharedAccess - ok

13:27:14.0895 0172 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

13:27:14.0957 0172 ShellHWDetection - ok

13:27:14.0988 0172 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:27:14.0988 0172 SiSRaid2 - ok

13:27:15.0004 0172 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

13:27:15.0020 0172 SiSRaid4 - ok

13:27:15.0035 0172 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

13:27:15.0082 0172 Smb - ok

13:27:15.0144 0172 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

13:27:15.0144 0172 SNMPTRAP - ok

13:27:15.0176 0172 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

13:27:15.0191 0172 spldr - ok

13:27:15.0238 0172 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe

13:27:15.0269 0172 Spooler - ok

13:27:15.0363 0172 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

13:27:15.0519 0172 sppsvc - ok

13:27:15.0550 0172 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

13:27:15.0612 0172 sppuinotify - ok

13:27:15.0659 0172 [ 893c6aec077665f438c1b570e82655ec ] SRS_HDAL_Service C:\Windows\system32\drivers\SRS_HDAL_amd64.sys

13:27:15.0675 0172 SRS_HDAL_Service - ok

13:27:15.0768 0172 [ 06b9a7ba94356ec5207c5ddb59540378 ] SRTSP C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS

13:27:15.0800 0172 SRTSP - ok

13:27:15.0815 0172 [ fbb8945a61e55a2345d12487c74a9d76 ] SRTSPX C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS

13:27:15.0831 0172 SRTSPX - ok

13:27:15.0878 0172 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

13:27:15.0940 0172 srv - ok

13:27:15.0987 0172 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

13:27:16.0002 0172 srv2 - ok

13:27:16.0034 0172 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

13:27:16.0049 0172 srvnet - ok

13:27:16.0096 0172 [ ed161b91fdf7eaa39469d72d463d5f4e ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys

13:27:16.0112 0172 sscdbus - ok

13:27:16.0158 0172 [ 4cb09e77593dbd8d7af33b37375ca715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys

13:27:16.0158 0172 sscdmdfl - ok

13:27:16.0205 0172 [ c7b4cf53497a6e5363f3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys

13:27:16.0221 0172 sscdmdm - ok

13:27:16.0268 0172 [ 05ffa552f578e27ab2d41b6828db477f ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys

13:27:16.0268 0172 sscdserd - ok

13:27:16.0314 0172 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

13:27:16.0361 0172 SSDPSRV - ok

13:27:16.0392 0172 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

13:27:16.0424 0172 SstpSvc - ok

13:27:16.0470 0172 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

13:27:16.0470 0172 stexstor - ok

13:27:16.0486 0172 STHDA - ok

13:27:16.0548 0172 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

13:27:16.0595 0172 stisvc - ok

13:27:16.0642 0172 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

13:27:16.0658 0172 swenum - ok

13:27:16.0704 0172 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

13:27:16.0782 0172 swprv - ok

13:27:16.0829 0172 [ 8b2430762099598da40686f754632efd ] SymDS C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS

13:27:16.0845 0172 SymDS - ok

13:27:16.0892 0172 [ f90c7a190399165d3ab2245048d34786 ] SymEFA C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS

13:27:16.0938 0172 SymEFA - ok

13:27:16.0970 0172 [ 898bb48c797483420df523b2bbc1ecdb ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

13:27:16.0985 0172 SymEvent - ok

13:27:17.0001 0172 [ 5013a76caaa1d7cf1c55214b490b4e35 ] SymIRON C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS

13:27:17.0016 0172 SymIRON - ok

13:27:17.0063 0172 [ 3911bd0e68c010e5438a87706abbe9ab ] SymNetS C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS

13:27:17.0079 0172 SymNetS - ok

13:27:17.0126 0172 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

13:27:17.0219 0172 SysMain - ok

13:27:17.0235 0172 Suspicious service (NoAccess): systemCheck

13:27:17.0266 0172 systemCheck ( LockedService.Multi.Generic ) - warning

13:27:17.0266 0172 systemCheck - detected LockedService.Multi.Generic (1)

13:27:17.0297 0172 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

13:27:17.0313 0172 TabletInputService - ok

13:27:17.0344 0172 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

13:27:17.0406 0172 TapiSrv - ok

13:27:17.0438 0172 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

13:27:17.0469 0172 TBS - ok

13:27:17.0531 0172 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

13:27:17.0578 0172 Tcpip - ok

13:27:17.0640 0172 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

13:27:17.0672 0172 TCPIP6 - ok

13:27:17.0703 0172 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

13:27:17.0750 0172 tcpipreg - ok

13:27:17.0843 0172 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

13:27:17.0921 0172 TDPIPE - ok

13:27:17.0952 0172 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

13:27:17.0999 0172 TDTCP - ok

13:27:18.0015 0172 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

13:27:18.0046 0172 tdx - ok

13:27:18.0093 0172 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

13:27:18.0108 0172 TermDD - ok

13:27:18.0155 0172 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

13:27:18.0233 0172 TermService - ok

13:27:18.0280 0172 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

13:27:18.0327 0172 Themes - ok

13:27:18.0358 0172 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

13:27:18.0405 0172 THREADORDER - ok

13:27:18.0420 0172 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

13:27:18.0452 0172 TrkWks - ok

13:27:18.0498 0172 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

13:27:18.0545 0172 TrustedInstaller - ok

13:27:18.0576 0172 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

13:27:18.0639 0172 tssecsrv - ok

13:27:18.0701 0172 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

13:27:18.0732 0172 TsUsbFlt - ok

13:27:18.0779 0172 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

13:27:18.0826 0172 tunnel - ok

13:27:18.0873 0172 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

13:27:18.0888 0172 uagp35 - ok

13:27:18.0904 0172 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

13:27:18.0951 0172 udfs - ok

13:27:19.0029 0172 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

13:27:19.0029 0172 UI0Detect - ok

13:27:19.0060 0172 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

13:27:19.0060 0172 uliagpkx - ok

13:27:19.0091 0172 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

13:27:19.0122 0172 umbus - ok

13:27:19.0154 0172 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

13:27:19.0185 0172 UmPass - ok

13:27:19.0232 0172 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

13:27:19.0294 0172 upnphost - ok

13:27:19.0356 0172 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

13:27:19.0388 0172 usbaudio - ok

13:27:19.0434 0172 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

13:27:19.0481 0172 usbccgp - ok

13:27:19.0512 0172 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

13:27:19.0528 0172 usbcir - ok

13:27:19.0575 0172 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

13:27:19.0606 0172 usbehci - ok

13:27:19.0653 0172 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

13:27:19.0668 0172 usbfilter - ok

13:27:19.0715 0172 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

13:27:19.0731 0172 usbhub - ok

13:27:19.0762 0172 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

13:27:19.0809 0172 usbohci - ok

13:27:19.0824 0172 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

13:27:19.0856 0172 usbprint - ok

13:27:19.0887 0172 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:27:19.0949 0172 USBSTOR - ok

13:27:19.0949 0172 [ 81fb2216d3a60d1284455d511797db3d ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

13:27:19.0980 0172 usbuhci - ok

13:27:20.0027 0172 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

13:27:20.0043 0172 usbvideo - ok

13:27:20.0074 0172 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

13:27:20.0136 0172 UxSms - ok

13:27:20.0168 0172 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

13:27:20.0168 0172 VaultSvc - ok

13:27:20.0183 0172 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

13:27:20.0199 0172 vdrvroot - ok

13:27:20.0261 0172 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

13:27:20.0308 0172 vds - ok

13:27:20.0355 0172 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

13:27:20.0370 0172 vga - ok

13:27:20.0402 0172 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

13:27:20.0448 0172 VgaSave - ok

13:27:20.0495 0172 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

13:27:20.0511 0172 vhdmp - ok

13:27:20.0542 0172 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

13:27:20.0558 0172 viaide - ok

13:27:20.0573 0172 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

13:27:20.0589 0172 volmgr - ok

13:27:20.0620 0172 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

13:27:20.0636 0172 volmgrx - ok

13:27:20.0651 0172 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

13:27:20.0667 0172 volsnap - ok

13:27:20.0698 0172 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

13:27:20.0714 0172 vsmraid - ok

13:27:20.0807 0172 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

13:27:20.0901 0172 VSS - ok

13:27:20.0932 0172 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

13:27:20.0948 0172 vwifibus - ok

13:27:20.0994 0172 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

13:27:21.0010 0172 vwififlt - ok

13:27:21.0041 0172 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

13:27:21.0057 0172 vwifimp - ok

13:27:21.0088 0172 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

13:27:21.0135 0172 W32Time - ok

13:27:21.0150 0172 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

13:27:21.0166 0172 WacomPen - ok

13:27:21.0197 0172 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

13:27:21.0260 0172 WANARP - ok

13:27:21.0275 0172 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

13:27:21.0306 0172 Wanarpv6 - ok

13:27:21.0400 0172 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

13:27:21.0447 0172 WatAdminSvc - ok

13:27:21.0509 0172 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

13:27:21.0603 0172 wbengine - ok

13:27:21.0634 0172 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

13:27:21.0650 0172 WbioSrvc - ok

13:27:21.0712 0172 [ 3a2d452c40162823b79867040b46d4a8 ] WCMVCAM C:\Windows\system32\DRIVERS\wcmvcam64.sys

13:27:21.0743 0172 WCMVCAM - ok

13:27:21.0790 0172 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

13:27:21.0806 0172 wcncsvc - ok

13:27:21.0837 0172 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

13:27:21.0852 0172 WcsPlugInService - ok

13:27:21.0884 0172 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

13:27:21.0899 0172 Wd - ok

13:27:21.0930 0172 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

13:27:21.0946 0172 Wdf01000 - ok

13:27:21.0962 0172 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

13:27:22.0071 0172 WdiServiceHost - ok

13:27:22.0071 0172 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

13:27:22.0086 0172 WdiSystemHost - ok

13:27:22.0118 0172 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

13:27:22.0149 0172 WebClient - ok

13:27:22.0196 0172 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

13:27:22.0258 0172 Wecsvc - ok

13:27:22.0289 0172 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

13:27:22.0320 0172 wercplsupport - ok

13:27:22.0352 0172 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

13:27:22.0398 0172 WerSvc - ok

13:27:22.0430 0172 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

13:27:22.0461 0172 WfpLwf - ok

13:27:22.0492 0172 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

13:27:22.0492 0172 WIMMount - ok

13:27:22.0523 0172 WinHttpAutoProxySvc - ok

13:27:22.0570 0172 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

13:27:22.0632 0172 Winmgmt - ok

13:27:22.0710 0172 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

13:27:22.0820 0172 WinRM - ok

13:27:22.0898 0172 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

13:27:22.0944 0172 Wlansvc - ok

13:27:23.0116 0172 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:27:23.0178 0172 wlidsvc - ok

13:27:23.0210 0172 [ a96d6c0613dcf84f2d07faeb75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

13:27:23.0210 0172 wltrysvc ( UnsignedFile.Multi.Generic ) - warning

13:27:23.0210 0172 wltrysvc - detected UnsignedFile.Multi.Generic (1)

13:27:23.0256 0172 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

13:27:23.0288 0172 WmiAcpi - ok

13:27:23.0334 0172 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

13:27:23.0366 0172 wmiApSrv - ok

13:27:23.0412 0172 WMPNetworkSvc - ok

13:27:23.0444 0172 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

13:27:23.0459 0172 WPCSvc - ok

13:27:23.0475 0172 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

13:27:23.0506 0172 WPDBusEnum - ok

13:27:23.0553 0172 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

13:27:23.0584 0172 ws2ifsl - ok

13:27:23.0600 0172 WSearch - ok

13:27:23.0724 0172 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

13:27:23.0802 0172 wuauserv - ok

13:27:23.0834 0172 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

13:27:23.0880 0172 WudfPf - ok

13:27:23.0927 0172 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

13:27:23.0990 0172 WUDFRd - ok

13:27:24.0021 0172 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

13:27:24.0052 0172 wudfsvc - ok

13:27:24.0099 0172 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

13:27:24.0146 0172 WwanSvc - ok

13:27:24.0177 0172 ================ Scan global ===============================

13:27:24.0208 0172 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

13:27:24.0239 0172 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

13:27:24.0239 0172 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

13:27:24.0270 0172 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

13:27:24.0302 0172 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

13:27:24.0302 0172 [Global] - ok

13:27:24.0317 0172 ================ Scan MBR ==================================

13:27:24.0317 0172 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:27:24.0676 0172 \Device\Harddisk0\DR0 - ok

13:27:24.0676 0172 ================ Scan VBR ==================================

13:27:24.0676 0172 Boot (0x1200) (fb9cb8a41496482ad896cef779b1594c) \Device\Harddisk0\DR0\Partition1

13:27:24.0676 0172 \Device\Harddisk0\DR0\Partition1 - ok

13:27:24.0707 0172 Boot (0x1200) (6ccd0cb3188141314139ce1a46b59ba8) \Device\Harddisk0\DR0\Partition2

13:27:24.0707 0172 \Device\Harddisk0\DR0\Partition2 - ok

13:27:24.0707 0172 ============================================================

13:27:24.0707 0172 Scan finished

13:27:24.0707 0172 ============================================================

13:27:24.0723 1876 Detected object count: 2

13:27:24.0723 1876 Actual detected object count: 2

13:28:33.0706 1876 systemCheck ( LockedService.Multi.Generic ) - skipped by user

13:28:33.0706 1876 systemCheck ( LockedService.Multi.Generic ) - User select action: Skip

13:28:33.0706 1876 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user

13:28:33.0706 1876 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:31:59.0954 1696 Deinitialize success

Link to post
Share on other sites

Hello kdd and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.