system
September 24, 2012, 1:06am
1
I need help removing this demon virus from my computer. I did a scan with avast because I noticed my computer and internet was slow and sometimes would lose connection. Anyways, I did all the scans/logs that is asked of you all to help determine the problem.
Here is MBAM log:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.09.23.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jason :: JASON-PC [administrator]
9/23/2012 19:44:06
mbam-log-2012-09-23 (19-44-06).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223897
Time elapsed: 2 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 53
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\00000008.@ (Trojan.Dropper.BCMiner) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\000000cb.@ (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\80000000.@ (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz127A.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz1356.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz2120.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz2290.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz236C.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz2DC4.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz301E.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz49DD.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz4B01.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz509D.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz5666.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz6381.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz6A31.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz6AFC.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz6B4A.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz7672.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz7A5D.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz7BC5.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz8EAE.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trz8F99.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzA2A5.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzA390.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzAA19.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzABA0.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzADF.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzB0DE.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzB1BA.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzB7F9.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzBF9.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzCAFD.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzD075.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzD118.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzD231.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzD3D0.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzD9ED.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzDAC9.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzDAFF.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzDBDB.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzE8FA.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzE997.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzEDC1.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzEE3F.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzF160.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzF3D1.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzF93A.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzF9A8.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzFA2D.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzFAE9.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzFDF7.tmp (Rootkit.0Access) → Quarantined and deleted successfully.
C:\Windows\Installer{a8047732-9f60-a7bf-f924-28a8eecaaf59}\U\trzFE84.tmp (Rootkit.0Access.64) → Quarantined and deleted successfully.
(end)
**Attachments Added
Any help is greatly appreciated!!
Thanks
Hi rmdudley, welcome to the forum.
To make cleaning this machine easier
[*]Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
[*]Please do not run any scans other than those requested
[*]Please follow all instructions in the order posted
[*]All logs/reports, etc… must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
[*]Do not attach any logs/reports, etc… unless specifically requested to do so.
[*]If you have problems with or do not understand the instructions, Please ask before continuing.
[*]Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.
Download ComboFix from one of these locations:
Link 1
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications , usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note : If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
[*]Right click on ComboFix.exe, click Run as Administrator & follow the prompts.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer’s settings, including making I-E the default browser.
3. If you recieve a message after running combofix similar to “Illegal operation attempted on a registry marked for deletion” simply reboot the computer to resolve it.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely , the connection can be manually restored by restarting your machine.
Please post back with the combofix log.
Thanks
system
September 24, 2012, 5:55pm
3
I ran the ComboFix App and it didn’t leave me no log. I did what you said which was right click the app and run as admin, it ran for like 4 seconds and then it finished. It didn’t show a log or nothing. Although, it did reset my setting in my browser. So don’t know if it did anything or not. “Shrugs”
Where is the log?
system
September 24, 2012, 6:21pm
5
Its not there… I noticed in the ComboxFix that the output folder was C:/32788R22FWJFW I opened it and it showed another clone like my C:/ Drive. I’m really confused.
What now?
Pondus
September 24, 2012, 6:23pm
6
What now?
wait for oldman to come back ;)
system
September 24, 2012, 9:29pm
7
Are you back oldman? I need a little help here! It seems things are getting worse I need help bad. Can someone else take over?
I am not going to be able to do this later. It’s 5:30pm est time for me I really want to get this fixed before my partner gets home and starts getting on the computer.
Hi rmdudley
Sometimes malware removal can take some time. This on is being stubborn.
Please read through these instructions before running this next tool.
Do not use delete if offered as an option. Use skip instead when running this next tool.
Download the latest version of TDSSKiller from here and save it to your Desktop.
[*]Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters .
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_1.jpg
[*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_2.jpg
[*]Click the Start Scan button.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_3.jpg
[*]If a suspicious object is detected, the default action will be Skip , click on Continue .
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_4.jpg
[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_5.jpg
[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date] [Time]_log.txt” . Please copy and paste its contents on your next reply.
system
September 24, 2012, 11:09pm
9
Ok I ran the program exactly as instructed. I can’t attach the log or paste it. Its large!
I have to break it up in 2 posts.
Hi rmdudley
That’s fine, use as many posts as you need.
system
September 24, 2012, 11:19pm
11
18:53:59.0373 5072 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:53:59.0685 5072 ============================================================
18:53:59.0685 5072 Current date / time: 2012/09/24 18:53:59.0685
18:53:59.0685 5072 SystemInfo:
18:53:59.0685 5072
18:53:59.0685 5072 OS Version: 6.1.7601 ServicePack: 1.0
18:53:59.0685 5072 Product type: Workstation
18:53:59.0685 5072 ComputerName: JASON-PC
18:53:59.0685 5072 UserName: jason
18:53:59.0685 5072 Windows directory: C:\Windows
18:53:59.0685 5072 System windows directory: C:\Windows
18:53:59.0685 5072 Running under WOW64
18:53:59.0685 5072 Processor architecture: Intel x64
18:53:59.0685 5072 Number of processors: 8
18:53:59.0685 5072 Page size: 0x1000
18:53:59.0685 5072 Boot type: Normal boot
18:53:59.0685 5072 ============================================================
18:53:59.0981 5072 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
18:53:59.0997 5072 ============================================================
18:53:59.0997 5072 \Device\Harddisk0\DR0:
18:53:59.0997 5072 MBR partitions:
18:53:59.0997 5072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:53:59.0997 5072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D6800
18:53:59.0997 5072 ============================================================
18:54:00.0013 5072 C: ↔ \Device\Harddisk0\DR0\Partition2
18:54:00.0013 5072 ============================================================
18:54:00.0013 5072 Initialize success
18:54:00.0013 5072 ============================================================
18:54:28.0935 2004 ============================================================
18:54:28.0935 2004 Scan started
18:54:28.0935 2004 Mode: Manual; SigCheck; TDLFS;
18:54:28.0935 2004 ============================================================
18:54:29.0153 2004 ================ Scan system memory ========================
18:54:29.0153 2004 System memory - ok
system
September 24, 2012, 11:20pm
12
18:54:29.0153 2004 ================ Scan services =============================
18:54:29.0341 2004 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:54:29.0387 2004 1394ohci - ok
18:54:29.0450 2004 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:54:29.0465 2004 ACPI - ok
18:54:29.0497 2004 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:54:29.0512 2004 AcpiPmi - ok
18:54:29.0715 2004 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:54:29.0731 2004 AdobeARMservice - ok
18:54:29.0855 2004 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:54:29.0871 2004 AdobeFlashPlayerUpdateSvc - ok
18:54:29.0918 2004 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:54:29.0949 2004 adp94xx - ok
18:54:29.0965 2004 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:54:29.0996 2004 adpahci - ok
18:54:29.0996 2004 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:54:30.0011 2004 adpu320 - ok
18:54:30.0043 2004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:54:30.0074 2004 AeLookupSvc - ok
18:54:30.0152 2004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:54:30.0167 2004 AFD - ok
18:54:30.0230 2004 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:54:30.0245 2004 agp440 - ok
18:54:30.0277 2004 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:54:30.0292 2004 ALG - ok
18:54:30.0386 2004 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:54:30.0401 2004 aliide - ok
18:54:30.0433 2004 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:54:30.0448 2004 amdide - ok
18:54:30.0464 2004 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:54:30.0495 2004 AmdK8 - ok
18:54:30.0511 2004 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:54:30.0526 2004 AmdPPM - ok
18:54:30.0620 2004 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:54:30.0635 2004 amdsata - ok
18:54:30.0667 2004 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:54:30.0682 2004 amdsbs - ok
18:54:30.0698 2004 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:54:30.0713 2004 amdxata - ok
18:54:30.0760 2004 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:54:30.0791 2004 AppID - ok
18:54:30.0823 2004 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:54:30.0901 2004 AppIDSvc - ok
18:54:30.0947 2004 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:54:31.0010 2004 Appinfo - ok
18:54:31.0119 2004 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:54:31.0135 2004 Apple Mobile Device - ok
18:54:31.0181 2004 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:54:31.0213 2004 AppMgmt - ok
18:54:31.0259 2004 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:54:31.0275 2004 arc - ok
18:54:31.0291 2004 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:54:31.0306 2004 arcsas - ok
18:54:31.0353 2004 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
18:54:31.0369 2004 AsIO - ok
18:54:31.0400 2004 [ 798A87B2D7AD73B16B7CD968C5D1F18F ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
18:54:31.0415 2004 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning
18:54:31.0415 2004 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1)
18:54:31.0462 2004 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:54:31.0462 2004 aswFsBlk - ok
18:54:31.0525 2004 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:54:31.0540 2004 aswMonFlt - ok
18:54:31.0556 2004 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
18:54:31.0571 2004 aswRdr - ok
18:54:31.0634 2004 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:54:31.0665 2004 aswSnx - ok
18:54:31.0681 2004 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:54:31.0681 2004 aswSP - ok
18:54:31.0696 2004 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:54:31.0696 2004 aswTdi - ok
18:54:31.0712 2004 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:54:31.0759 2004 AsyncMac - ok
18:54:31.0821 2004 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:54:31.0837 2004 atapi - ok
18:54:31.0899 2004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:54:31.0946 2004 AudioEndpointBuilder - ok
18:54:31.0946 2004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:54:31.0961 2004 AudioSrv - ok
18:54:32.0071 2004 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:54:32.0071 2004 avast! Antivirus - ok
18:54:32.0149 2004 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:54:32.0195 2004 AxInstSV - ok
18:54:32.0227 2004 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:54:32.0242 2004 b06bdrv - ok
18:54:32.0273 2004 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:54:32.0320 2004 b57nd60a - ok
18:54:32.0367 2004 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:54:32.0383 2004 BDESVC - ok
18:54:32.0445 2004 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:54:32.0476 2004 Beep - ok
18:54:32.0554 2004 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:54:32.0585 2004 BFE - ok
18:54:32.0617 2004 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:54:32.0679 2004 BITS - ok
18:54:32.0726 2004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:54:32.0757 2004 blbdrive - ok
18:54:32.0851 2004 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:54:32.0866 2004 Bonjour Service - ok
18:54:32.0913 2004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:54:32.0913 2004 bowser - ok
18:54:32.0975 2004 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:54:32.0991 2004 BrFiltLo - ok
18:54:33.0053 2004 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:54:33.0069 2004 BrFiltUp - ok
18:54:33.0100 2004 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:54:33.0178 2004 BridgeMP - ok
18:54:33.0209 2004 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:54:33.0256 2004 Browser - ok
18:54:33.0287 2004 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:54:33.0303 2004 Brserid - ok
18:54:33.0334 2004 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:54:33.0365 2004 BrSerWdm - ok
18:54:33.0381 2004 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:54:33.0412 2004 BrUsbMdm - ok
18:54:33.0412 2004 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:54:33.0428 2004 BrUsbSer - ok
18:54:33.0506 2004 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
18:54:33.0537 2004 BthAvrcp - ok
18:54:33.0599 2004 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:54:33.0631 2004 BthEnum - ok
18:54:33.0646 2004 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:54:33.0693 2004 BTHMODEM - ok
system
September 24, 2012, 11:20pm
13
18:54:33.0709 2004 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:54:33.0755 2004 BthPan - ok
18:54:33.0818 2004 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:54:33.0833 2004 BTHPORT - ok
18:54:33.0896 2004 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:54:33.0974 2004 bthserv - ok
18:54:33.0989 2004 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:54:34.0005 2004 BTHUSB - ok
18:54:34.0067 2004 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:54:34.0114 2004 cdfs - ok
18:54:34.0161 2004 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:54:34.0192 2004 cdrom - ok
18:54:34.0270 2004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:54:34.0348 2004 CertPropSvc - ok
18:54:34.0379 2004 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:54:34.0379 2004 circlass - ok
18:54:34.0442 2004 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:54:34.0457 2004 CLFS - ok
18:54:34.0551 2004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:54:34.0567 2004 clr_optimization_v2.0.50727_32 - ok
18:54:34.0598 2004 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:54:34.0613 2004 clr_optimization_v2.0.50727_64 - ok
18:54:34.0723 2004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:54:34.0738 2004 clr_optimization_v4.0.30319_32 - ok
18:54:34.0801 2004 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:54:34.0816 2004 clr_optimization_v4.0.30319_64 - ok
18:54:34.0863 2004 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:54:34.0879 2004 CmBatt - ok
18:54:34.0910 2004 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:54:34.0925 2004 cmdide - ok
18:54:34.0957 2004 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:54:35.0003 2004 CNG - ok
18:54:35.0019 2004 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:54:35.0035 2004 Compbatt - ok
18:54:35.0066 2004 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:54:35.0097 2004 CompositeBus - ok
18:54:35.0113 2004 COMSysApp - ok
18:54:35.0128 2004 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:54:35.0144 2004 crcdisk - ok
18:54:35.0206 2004 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:54:35.0222 2004 CryptSvc - ok
18:54:35.0269 2004 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:54:35.0284 2004 CSC - ok
18:54:35.0362 2004 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:54:35.0409 2004 CscService - ok
18:54:35.0440 2004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:54:35.0518 2004 DcomLaunch - ok
18:54:35.0565 2004 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:54:35.0596 2004 defragsvc - ok
18:54:35.0643 2004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:54:35.0659 2004 DfsC - ok
18:54:35.0690 2004 dgderdrv - ok
18:54:35.0737 2004 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:54:35.0752 2004 dg_ssudbus - ok
18:54:35.0830 2004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:54:35.0877 2004 Dhcp - ok
18:54:35.0893 2004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:54:35.0908 2004 discache - ok
18:54:35.0924 2004 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:54:35.0939 2004 Disk - ok
18:54:35.0986 2004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:54:36.0017 2004 Dnscache - ok
18:54:36.0080 2004 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:54:36.0111 2004 dot3svc - ok
18:54:36.0142 2004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:54:36.0173 2004 DPS - ok
18:54:36.0251 2004 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:54:36.0283 2004 drmkaud - ok
18:54:36.0361 2004 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:54:36.0392 2004 DXGKrnl - ok
18:54:36.0423 2004 EagleX64 - ok
18:54:36.0439 2004 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:54:36.0485 2004 EapHost - ok
18:54:36.0563 2004 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:54:36.0626 2004 ebdrv - ok
18:54:36.0657 2004 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:54:36.0673 2004 EFS - ok
18:54:36.0735 2004 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:54:36.0782 2004 ehRecvr - ok
18:54:36.0797 2004 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:54:36.0829 2004 ehSched - ok
18:54:36.0875 2004 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:54:36.0891 2004 elxstor - ok
18:54:36.0907 2004 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:54:36.0953 2004 ErrDev - ok
18:54:36.0985 2004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:54:37.0031 2004 EventSystem - ok
18:54:37.0031 2004 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:54:37.0047 2004 exfat - ok
18:54:37.0094 2004 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:54:37.0156 2004 fastfat - ok
18:54:37.0203 2004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:54:37.0234 2004 Fax - ok
18:54:37.0312 2004 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:54:37.0359 2004 fdc - ok
18:54:37.0390 2004 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:54:37.0453 2004 fdPHost - ok
18:54:37.0484 2004 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:54:37.0546 2004 FDResPub - ok
18:54:37.0562 2004 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:54:37.0577 2004 FileInfo - ok
18:54:37.0593 2004 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:54:37.0640 2004 Filetrace - ok
18:54:37.0671 2004 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:54:37.0687 2004 flpydisk - ok
system
September 24, 2012, 11:22pm
14
18:54:37.0733 2004 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:54:37.0749 2004 FltMgr - ok
18:54:37.0796 2004 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:54:37.0811 2004 FontCache - ok
18:54:37.0874 2004 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:54:37.0889 2004 FontCache3.0.0.0 - ok
18:54:37.0905 2004 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:54:37.0921 2004 FsDepends - ok
18:54:37.0952 2004 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:54:37.0967 2004 Fs_Rec - ok
18:54:38.0030 2004 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:54:38.0045 2004 fvevol - ok
18:54:38.0061 2004 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:54:38.0077 2004 gagp30kx - ok
18:54:38.0139 2004 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:54:38.0139 2004 GEARAspiWDM - ok
18:54:38.0186 2004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:54:38.0233 2004 gpsvc - ok
18:54:38.0358 2004 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:54:38.0373 2004 gupdate - ok
18:54:38.0404 2004 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:54:38.0420 2004 gupdatem - ok
18:54:38.0451 2004 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:54:38.0467 2004 hamachi - ok
18:54:38.0576 2004 [ CE77BC37BDD36C9DC50C3591EBAC3FA3 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:54:38.0623 2004 Hamachi2Svc - ok
18:54:38.0670 2004 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:54:38.0701 2004 hcw85cir - ok
18:54:38.0763 2004 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:54:38.0779 2004 HdAudAddService - ok
18:54:38.0841 2004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:54:38.0857 2004 HDAudBus - ok
18:54:38.0872 2004 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:54:38.0904 2004 HidBatt - ok
18:54:38.0935 2004 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:54:38.0950 2004 HidBth - ok
18:54:38.0966 2004 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:54:38.0982 2004 HidIr - ok
18:54:39.0013 2004 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:54:39.0075 2004 hidserv - ok
18:54:39.0122 2004 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:54:39.0138 2004 HidUsb - ok
18:54:39.0247 2004 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
18:54:39.0262 2004 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
18:54:39.0262 2004 HiPatchService - detected UnsignedFile.Multi.Generic (1)
18:54:39.0294 2004 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:54:39.0340 2004 hkmsvc - ok
18:54:39.0372 2004 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:54:39.0387 2004 HomeGroupListener - ok
18:54:39.0434 2004 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:54:39.0481 2004 HomeGroupProvider - ok
18:54:39.0543 2004 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:54:39.0559 2004 HpSAMD - ok
18:54:39.0621 2004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:54:39.0699 2004 HTTP - ok
18:54:39.0715 2004 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:54:39.0715 2004 hwpolicy - ok
18:54:39.0793 2004 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:54:39.0808 2004 i8042prt - ok
18:54:39.0871 2004 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:54:39.0886 2004 IAANTMON - ok
18:54:39.0918 2004 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:54:39.0933 2004 iaStor - ok
18:54:39.0980 2004 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:54:39.0996 2004 iaStorV - ok
18:54:40.0089 2004 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:54:40.0089 2004 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:54:40.0089 2004 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:54:40.0152 2004 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:54:40.0183 2004 idsvc - ok
18:54:40.0214 2004 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:54:40.0230 2004 iirsp - ok
18:54:40.0292 2004 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:54:40.0339 2004 IKEEXT - ok
18:54:40.0386 2004 [ E53DC50458952080889A379746ED128F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:54:40.0417 2004 IntcAzAudAddService - ok
18:54:40.0432 2004 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:54:40.0432 2004 intelide - ok
18:54:40.0464 2004 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:54:40.0479 2004 intelppm - ok
18:54:40.0510 2004 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:54:40.0573 2004 IPBusEnum - ok
18:54:40.0604 2004 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:54:40.0651 2004 IpFilterDriver - ok
18:54:40.0682 2004 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:54:40.0698 2004 IPMIDRV - ok
18:54:40.0713 2004 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:54:40.0776 2004 IPNAT - ok
18:54:40.0854 2004 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:54:40.0885 2004 iPod Service - ok
18:54:40.0916 2004 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:54:40.0932 2004 IRENUM - ok
18:54:41.0010 2004 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:54:41.0025 2004 isapnp - ok
18:54:41.0072 2004 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:54:41.0088 2004 iScsiPrt - ok
18:54:41.0103 2004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:54:41.0119 2004 kbdclass - ok
18:54:41.0134 2004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:54:41.0150 2004 kbdhid - ok
18:54:41.0166 2004 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:54:41.0181 2004 KeyIso - ok
18:54:41.0228 2004 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:54:41.0244 2004 KSecDD - ok
18:54:41.0290 2004 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:54:41.0306 2004 KSecPkg - ok
18:54:41.0322 2004 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:54:41.0384 2004 ksthunk - ok
18:54:41.0431 2004 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:54:41.0478 2004 KtmRm - ok
18:54:41.0540 2004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:54:41.0602 2004 LanmanServer - ok
18:54:41.0634 2004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:54:41.0680 2004 LanmanWorkstation - ok
18:54:41.0712 2004 [ DB164EB571FD118D277D939510B0F562 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
18:54:41.0727 2004 LGBusEnum - ok
18:54:41.0743 2004 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:54:41.0790 2004 lltdio - ok
18:54:41.0821 2004 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:54:41.0883 2004 lltdsvc - ok
18:54:41.0899 2004 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:54:41.0946 2004 lmhosts - ok
18:54:41.0977 2004 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:54:42.0008 2004 LSI_FC - ok
18:54:42.0024 2004 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:54:42.0039 2004 LSI_SAS - ok
18:54:42.0055 2004 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:54:42.0055 2004 LSI_SAS2 - ok
18:54:42.0086 2004 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:54:42.0102 2004 LSI_SCSI - ok
system
September 24, 2012, 11:22pm
15
18:54:42.0148 2004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:54:42.0180 2004 luafv - ok
18:54:42.0258 2004 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:54:42.0273 2004 MBAMProtector - ok
18:54:42.0351 2004 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamscheduler.exe
18:54:42.0367 2004 MBAMScheduler - ok
18:54:42.0429 2004 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe
18:54:42.0460 2004 MBAMService - ok
18:54:42.0492 2004 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:54:42.0507 2004 Mcx2Svc - ok
18:54:42.0554 2004 [ B0174BBFB541B9BED3FE552C4BF93A9E ] MDES C:\ASUS.SYS\CONFIG\DVMExportService.exe
18:54:42.0585 2004 MDES ( UnsignedFile.Multi.Generic ) - warning
18:54:42.0585 2004 MDES - detected UnsignedFile.Multi.Generic (1)
18:54:42.0601 2004 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:54:42.0616 2004 megasas - ok
18:54:42.0648 2004 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:54:42.0663 2004 MegaSR - ok
18:54:42.0679 2004 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:54:42.0726 2004 MMCSS - ok
18:54:42.0741 2004 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:54:42.0757 2004 Modem - ok
18:54:42.0788 2004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:54:42.0835 2004 monitor - ok
18:54:42.0897 2004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:54:42.0913 2004 mouclass - ok
18:54:42.0928 2004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:54:42.0944 2004 mouhid - ok
18:54:42.0975 2004 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:54:42.0991 2004 mountmgr - ok
18:54:43.0100 2004 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:54:43.0116 2004 MozillaMaintenance - ok
18:54:43.0162 2004 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:54:43.0178 2004 mpio - ok
18:54:43.0209 2004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:54:43.0240 2004 mpsdrv - ok
18:54:43.0287 2004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:54:43.0334 2004 MpsSvc - ok
18:54:43.0365 2004 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:54:43.0381 2004 MRxDAV - ok
18:54:43.0428 2004 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:54:43.0459 2004 mrxsmb - ok
18:54:43.0506 2004 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:54:43.0537 2004 mrxsmb10 - ok
18:54:43.0568 2004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:54:43.0584 2004 mrxsmb20 - ok
18:54:43.0630 2004 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:54:43.0646 2004 msahci - ok
18:54:43.0662 2004 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:54:43.0677 2004 msdsm - ok
18:54:43.0693 2004 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:54:43.0708 2004 MSDTC - ok
18:54:43.0740 2004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:54:43.0786 2004 Msfs - ok
18:54:43.0802 2004 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:54:43.0818 2004 mshidkmdf - ok
18:54:43.0849 2004 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:54:43.0864 2004 msisadrv - ok
18:54:43.0911 2004 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:54:43.0974 2004 MSiSCSI - ok
18:54:43.0974 2004 msiserver - ok
18:54:44.0005 2004 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:54:44.0052 2004 MSKSSRV - ok
18:54:44.0067 2004 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:54:44.0083 2004 MSPCLOCK - ok
18:54:44.0098 2004 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:54:44.0114 2004 MSPQM - ok
18:54:44.0161 2004 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:54:44.0176 2004 MsRPC - ok
18:54:44.0208 2004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:54:44.0223 2004 mssmbios - ok
18:54:44.0239 2004 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:54:44.0286 2004 MSTEE - ok
18:54:44.0301 2004 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:54:44.0332 2004 MTConfig - ok
18:54:44.0379 2004 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:54:44.0395 2004 MTsensor - ok
18:54:44.0426 2004 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:54:44.0442 2004 Mup - ok
18:54:44.0488 2004 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:54:44.0535 2004 napagent - ok
18:54:44.0566 2004 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:54:44.0613 2004 NativeWifiP - ok
18:54:44.0676 2004 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:54:44.0707 2004 NDIS - ok
18:54:44.0722 2004 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:54:44.0754 2004 NdisCap - ok
18:54:44.0785 2004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:54:44.0800 2004 NdisTapi - ok
18:54:44.0847 2004 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:54:44.0910 2004 Ndisuio - ok
18:54:44.0956 2004 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:54:45.0019 2004 NdisWan - ok
18:54:45.0034 2004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:54:45.0050 2004 NDProxy - ok
18:54:45.0081 2004 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:54:45.0097 2004 NetBIOS - ok
18:54:45.0112 2004 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:54:45.0159 2004 NetBT - ok
18:54:45.0190 2004 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:54:45.0190 2004 Netlogon - ok
18:54:45.0222 2004 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:54:45.0237 2004 Netman - ok
18:54:45.0253 2004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:54:45.0300 2004 netprofm - ok
18:54:45.0346 2004 [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
18:54:45.0393 2004 netr28x - ok
18:54:45.0424 2004 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:54:45.0440 2004 NetTcpPortSharing - ok
18:54:45.0456 2004 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:54:45.0471 2004 nfrd960 - ok
18:54:45.0534 2004 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:54:45.0580 2004 NlaSvc - ok
18:54:45.0612 2004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:54:45.0627 2004 Npfs - ok
18:54:45.0643 2004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:54:45.0674 2004 nsi - ok
18:54:45.0674 2004 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:54:45.0736 2004 nsiproxy - ok
18:54:45.0783 2004 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:54:45.0830 2004 Ntfs - ok
18:54:45.0830 2004 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:54:45.0892 2004 Null - ok
system
September 24, 2012, 11:23pm
16
18:54:45.0924 2004 [ A61B0AF4D6B934928CFD1140DEEA5C8D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
18:54:45.0955 2004 nusb3hub - ok
18:54:45.0986 2004 [ FA4B2F20561BDBCC6B9AC3E3BDCD7E3F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:54:46.0002 2004 nusb3xhc - ok
18:54:46.0048 2004 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:54:46.0064 2004 NVENETFD - ok
18:54:46.0126 2004 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:54:46.0142 2004 NVHDA - ok
18:54:46.0298 2004 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:54:46.0407 2004 nvlddmkm - ok
18:54:46.0438 2004 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:54:46.0438 2004 nvraid - ok
18:54:46.0485 2004 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:54:46.0501 2004 nvstor - ok
18:54:46.0563 2004 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:54:46.0594 2004 nvsvc - ok
18:54:46.0688 2004 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:54:46.0719 2004 nvUpdatusService - ok
18:54:46.0750 2004 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:54:46.0766 2004 nv_agp - ok
18:54:46.0813 2004 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:54:46.0828 2004 ohci1394 - ok
18:54:46.0875 2004 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:54:46.0891 2004 ose - ok
18:54:46.0969 2004 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:54:47.0047 2004 osppsvc - ok
18:54:47.0062 2004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:54:47.0109 2004 p2pimsvc - ok
18:54:47.0140 2004 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:54:47.0187 2004 p2psvc - ok
18:54:47.0203 2004 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:54:47.0218 2004 Parport - ok
18:54:47.0265 2004 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:54:47.0281 2004 partmgr - ok
18:54:47.0312 2004 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:54:47.0343 2004 PcaSvc - ok
18:54:47.0343 2004 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:54:47.0359 2004 pci - ok
18:54:47.0406 2004 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:54:47.0421 2004 pciide - ok
18:54:47.0437 2004 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:54:47.0468 2004 pcmcia - ok
18:54:47.0468 2004 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:54:47.0484 2004 pcw - ok
18:54:47.0499 2004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:54:47.0577 2004 PEAUTH - ok
18:54:47.0608 2004 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:54:47.0624 2004 PeerDistSvc - ok
18:54:47.0686 2004 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:54:47.0733 2004 PerfHost - ok
18:54:47.0952 2004 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\32788R22FWJFW\pev.3XE
18:54:47.0983 2004 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
18:54:47.0983 2004 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
18:54:48.0030 2004 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:54:48.0092 2004 pla - ok
18:54:48.0154 2004 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:54:48.0170 2004 PlugPlay - ok
18:54:48.0201 2004 PnkBstrA - ok
18:54:48.0217 2004 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:54:48.0232 2004 PNRPAutoReg - ok
18:54:48.0248 2004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:54:48.0264 2004 PNRPsvc - ok
18:54:48.0310 2004 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:54:48.0373 2004 PolicyAgent - ok
18:54:48.0404 2004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:54:48.0466 2004 Power - ok
18:54:48.0513 2004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:54:48.0560 2004 PptpMiniport - ok
18:54:48.0576 2004 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:54:48.0607 2004 Processor - ok
18:54:48.0654 2004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:54:48.0669 2004 ProfSvc - ok
18:54:48.0685 2004 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:54:48.0700 2004 ProtectedStorage - ok
18:54:48.0778 2004 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:54:48.0856 2004 Psched - ok
18:54:48.0888 2004 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:54:48.0919 2004 ql2300 - ok
18:54:48.0950 2004 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:54:48.0966 2004 ql40xx - ok
18:54:48.0981 2004 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:54:48.0997 2004 QWAVE - ok
18:54:48.0997 2004 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:54:49.0028 2004 QWAVEdrv - ok
18:54:49.0044 2004 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:54:49.0090 2004 RasAcd - ok
18:54:49.0106 2004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:54:49.0122 2004 RasAgileVpn - ok
18:54:49.0137 2004 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:54:49.0200 2004 RasAuto - ok
18:54:49.0262 2004 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:54:49.0309 2004 Rasl2tp - ok
18:54:49.0309 2004 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:54:49.0387 2004 RasMan - ok
18:54:49.0418 2004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:54:49.0434 2004 RasPppoe - ok
18:54:49.0465 2004 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:54:49.0512 2004 RasSstp - ok
18:54:49.0543 2004 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:54:49.0574 2004 rdbss - ok
18:54:49.0574 2004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:54:49.0590 2004 rdpbus - ok
18:54:49.0590 2004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:54:49.0605 2004 RDPCDD - ok
18:54:49.0652 2004 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:54:49.0668 2004 RDPDR - ok
18:54:49.0699 2004 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:54:49.0730 2004 RDPENCDD - ok
18:54:49.0746 2004 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:54:49.0761 2004 RDPREFMP - ok
18:54:49.0808 2004 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:54:49.0839 2004 RDPWD - ok
18:54:49.0886 2004 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:54:49.0902 2004 rdyboost - ok
18:54:49.0933 2004 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:54:49.0964 2004 RemoteAccess - ok
18:54:49.0980 2004 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:54:50.0026 2004 RemoteRegistry - ok
18:54:50.0058 2004 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:54:50.0104 2004 RFCOMM - ok
18:54:50.0120 2004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:54:50.0167 2004 RpcEptMapper - ok
18:54:50.0182 2004 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:54:50.0198 2004 RpcLocator - ok
system
September 24, 2012, 11:23pm
17
18:54:50.0245 2004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:54:50.0292 2004 RpcSs - ok
18:54:50.0307 2004 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:54:50.0354 2004 rspndr - ok
18:54:50.0385 2004 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:54:50.0416 2004 s3cap - ok
18:54:50.0432 2004 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:54:50.0448 2004 SamSs - ok
18:54:50.0463 2004 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:54:50.0479 2004 sbp2port - ok
18:54:50.0510 2004 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:54:50.0541 2004 SCardSvr - ok
18:54:50.0572 2004 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:54:50.0619 2004 scfilter - ok
18:54:50.0650 2004 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:54:50.0682 2004 Schedule - ok
18:54:50.0682 2004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:54:50.0697 2004 SCPolicySvc - ok
18:54:50.0713 2004 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:54:50.0760 2004 SDRSVC - ok
18:54:50.0775 2004 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:54:50.0838 2004 seclogon - ok
18:54:50.0869 2004 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:54:50.0931 2004 SENS - ok
18:54:50.0931 2004 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:54:50.0947 2004 SensrSvc - ok
18:54:50.0962 2004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:54:50.0994 2004 Serenum - ok
18:54:51.0040 2004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:54:51.0056 2004 Serial - ok
18:54:51.0072 2004 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:54:51.0118 2004 sermouse - ok
18:54:51.0165 2004 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:54:51.0196 2004 SessionEnv - ok
18:54:51.0228 2004 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:54:51.0259 2004 sffdisk - ok
18:54:51.0274 2004 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:54:51.0290 2004 sffp_mmc - ok
18:54:51.0290 2004 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:54:51.0306 2004 sffp_sd - ok
18:54:51.0337 2004 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:54:51.0352 2004 sfloppy - ok
18:54:51.0368 2004 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:54:51.0430 2004 ShellHWDetection - ok
18:54:51.0446 2004 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:54:51.0462 2004 SiSRaid2 - ok
18:54:51.0477 2004 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:54:51.0477 2004 SiSRaid4 - ok
18:54:51.0493 2004 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:54:51.0555 2004 Smb - ok
18:54:51.0571 2004 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:54:51.0586 2004 SNMPTRAP - ok
18:54:51.0602 2004 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:54:51.0618 2004 spldr - ok
18:54:51.0664 2004 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:54:51.0711 2004 Spooler - ok
18:54:51.0789 2004 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:54:51.0852 2004 sppsvc - ok
18:54:51.0883 2004 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:54:51.0914 2004 sppuinotify - ok
18:54:51.0961 2004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:54:51.0976 2004 srv - ok
18:54:51.0992 2004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:54:52.0008 2004 srv2 - ok
18:54:52.0023 2004 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:54:52.0054 2004 srvnet - ok
18:54:52.0086 2004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:54:52.0132 2004 SSDPSRV - ok
18:54:52.0148 2004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:54:52.0164 2004 SstpSvc - ok
18:54:52.0210 2004 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:54:52.0226 2004 ssudmdm - ok
18:54:52.0257 2004 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:54:52.0273 2004 stexstor - ok
18:54:52.0320 2004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:54:52.0366 2004 stisvc - ok
18:54:52.0398 2004 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:54:52.0413 2004 storflt - ok
18:54:52.0444 2004 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
18:54:52.0460 2004 StorSvc - ok
18:54:52.0507 2004 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:54:52.0522 2004 storvsc - ok
18:54:52.0538 2004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:54:52.0538 2004 swenum - ok
18:54:52.0569 2004 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:54:52.0632 2004 swprv - ok
18:54:52.0694 2004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:54:52.0741 2004 SysMain - ok
18:54:52.0756 2004 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:54:52.0803 2004 TabletInputService - ok
18:54:52.0834 2004 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:54:52.0881 2004 TapiSrv - ok
18:54:52.0897 2004 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:54:52.0928 2004 TBS - ok
18:54:53.0006 2004 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:54:53.0037 2004 Tcpip - ok
18:54:53.0053 2004 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:54:53.0068 2004 TCPIP6 - ok
18:54:53.0115 2004 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:54:53.0146 2004 tcpipreg - ok
18:54:53.0178 2004 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:54:53.0193 2004 TDPIPE - ok
18:54:53.0224 2004 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:54:53.0224 2004 TDTCP - ok
18:54:53.0256 2004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:54:53.0271 2004 tdx - ok
18:54:53.0318 2004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:54:53.0334 2004 TermDD - ok
18:54:53.0380 2004 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:54:53.0443 2004 TermService - ok
18:54:53.0458 2004 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:54:53.0490 2004 Themes - ok
18:54:53.0521 2004 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:54:53.0552 2004 THREADORDER - ok
18:54:53.0568 2004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:54:53.0599 2004 TrkWks - ok
system
September 24, 2012, 11:23pm
18
18:54:53.0646 2004 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:54:53.0692 2004 TrustedInstaller - ok
18:54:53.0724 2004 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:54:53.0786 2004 tssecsrv - ok
18:54:53.0833 2004 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:54:53.0848 2004 TsUsbFlt - ok
18:54:53.0911 2004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:54:53.0958 2004 tunnel - ok
18:54:53.0973 2004 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:54:53.0973 2004 uagp35 - ok
18:54:54.0020 2004 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:54:54.0067 2004 udfs - ok
18:54:54.0082 2004 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:54:54.0082 2004 UI0Detect - ok
18:54:54.0098 2004 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:54:54.0114 2004 uliagpkx - ok
18:54:54.0176 2004 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:54:54.0192 2004 umbus - ok
18:54:54.0192 2004 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:54:54.0207 2004 UmPass - ok
18:54:54.0254 2004 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:54:54.0285 2004 UmRdpService - ok
18:54:54.0301 2004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:54:54.0348 2004 upnphost - ok
18:54:54.0379 2004 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:54:54.0394 2004 USBAAPL64 - ok
18:54:54.0441 2004 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:54:54.0457 2004 usbaudio - ok
18:54:54.0472 2004 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:54:54.0488 2004 usbccgp - ok
18:54:54.0519 2004 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:54:54.0535 2004 usbcir - ok
18:54:54.0566 2004 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:54:54.0613 2004 usbehci - ok
18:54:54.0644 2004 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:54:54.0660 2004 usbhub - ok
18:54:54.0675 2004 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:54:54.0691 2004 usbohci - ok
18:54:54.0722 2004 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:54:54.0753 2004 usbprint - ok
18:54:54.0800 2004 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:54:54.0816 2004 usbscan - ok
18:54:54.0831 2004 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:54:54.0862 2004 USBSTOR - ok
18:54:54.0909 2004 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:54:54.0940 2004 usbuhci - ok
18:54:54.0972 2004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:54:55.0018 2004 UxSms - ok
18:54:55.0034 2004 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:54:55.0034 2004 VaultSvc - ok
18:54:55.0050 2004 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:54:55.0065 2004 vdrvroot - ok
18:54:55.0112 2004 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:54:55.0143 2004 vds - ok
18:54:55.0174 2004 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:54:55.0190 2004 vga - ok
18:54:55.0206 2004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:54:55.0268 2004 VgaSave - ok
18:54:55.0315 2004 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:54:55.0330 2004 vhdmp - ok
18:54:55.0362 2004 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:54:55.0377 2004 viaide - ok
18:54:55.0424 2004 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:54:55.0440 2004 vmbus - ok
18:54:55.0455 2004 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:54:55.0471 2004 VMBusHID - ok
18:54:55.0502 2004 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:54:55.0518 2004 volmgr - ok
18:54:55.0549 2004 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:54:55.0580 2004 volmgrx - ok
18:54:55.0596 2004 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:54:55.0611 2004 volsnap - ok
18:54:55.0627 2004 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:54:55.0642 2004 vsmraid - ok
18:54:55.0705 2004 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:54:55.0783 2004 VSS - ok
18:54:55.0798 2004 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:54:55.0830 2004 vwifibus - ok
18:54:55.0861 2004 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:54:55.0876 2004 vwififlt - ok
18:54:55.0908 2004 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:54:55.0954 2004 vwifimp - ok
18:54:55.0986 2004 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:54:56.0032 2004 W32Time - ok
18:54:56.0048 2004 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:54:56.0064 2004 WacomPen - ok
18:54:56.0142 2004 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:54:56.0173 2004 WANARP - ok
18:54:56.0173 2004 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:54:56.0188 2004 Wanarpv6 - ok
18:54:56.0266 2004 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:54:56.0298 2004 WatAdminSvc - ok
18:54:56.0344 2004 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:54:56.0391 2004 wbengine - ok
18:54:56.0407 2004 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:54:56.0438 2004 WbioSrvc - ok
18:54:56.0485 2004 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:54:56.0516 2004 wcncsvc - ok
18:54:56.0532 2004 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:54:56.0547 2004 WcsPlugInService - ok
18:54:56.0578 2004 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:54:56.0578 2004 Wd - ok
18:54:56.0610 2004 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:54:56.0625 2004 Wdf01000 - ok
18:54:56.0641 2004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:54:56.0688 2004 WdiServiceHost - ok
18:54:56.0688 2004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:54:56.0719 2004 WdiSystemHost - ok
18:54:56.0766 2004 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:54:56.0812 2004 WebClient - ok
18:54:56.0844 2004 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:54:56.0875 2004 Wecsvc - ok
system
September 24, 2012, 11:24pm
19
18:54:56.0890 2004 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:54:56.0906 2004 wercplsupport - ok
18:54:56.0937 2004 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:54:56.0968 2004 WerSvc - ok
18:54:56.0984 2004 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:54:57.0031 2004 WfpLwf - ok
18:54:57.0046 2004 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:54:57.0046 2004 WIMMount - ok
18:54:57.0078 2004 WinDefend - ok
18:54:57.0078 2004 WinHttpAutoProxySvc - ok
18:54:57.0140 2004 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:54:57.0202 2004 Winmgmt - ok
18:54:57.0265 2004 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:54:57.0312 2004 WinRM - ok
18:54:57.0390 2004 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
18:54:57.0405 2004 WinUSB - ok
18:54:57.0436 2004 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:54:57.0483 2004 Wlansvc - ok
18:54:57.0592 2004 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:54:57.0639 2004 wlidsvc - ok
18:54:57.0702 2004 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
18:54:57.0702 2004 WmBEnum - ok
18:54:57.0748 2004 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
18:54:57.0764 2004 WmFilter - ok
18:54:57.0811 2004 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:54:57.0842 2004 WmiAcpi - ok
18:54:57.0873 2004 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:54:57.0920 2004 wmiApSrv - ok
18:54:57.0967 2004 WMPNetworkSvc - ok
18:54:58.0014 2004 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
18:54:58.0029 2004 WmVirHid - ok
18:54:58.0045 2004 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
18:54:58.0045 2004 WmXlCore - ok
18:54:58.0076 2004 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:54:58.0092 2004 WPCSvc - ok
18:54:58.0138 2004 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:54:58.0154 2004 WPDBusEnum - ok
18:54:58.0170 2004 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:54:58.0201 2004 ws2ifsl - ok
18:54:58.0248 2004 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:54:58.0263 2004 wscsvc - ok
18:54:58.0279 2004 WSearch - ok
18:54:58.0341 2004 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:54:58.0388 2004 wuauserv - ok
18:54:58.0419 2004 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:54:58.0450 2004 WudfPf - ok
18:54:58.0482 2004 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:54:58.0497 2004 WUDFRd - ok
18:54:58.0544 2004 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:54:58.0591 2004 wudfsvc - ok
18:54:58.0606 2004 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:54:58.0622 2004 WwanSvc - ok
18:54:58.0669 2004 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:54:58.0716 2004 yukonw7 - ok
18:54:58.0731 2004 ================ Scan global ===============================
18:54:58.0762 2004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:54:58.0809 2004 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:54:58.0809 2004 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:54:58.0825 2004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:54:58.0872 2004 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
18:54:58.0872 2004 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
18:54:58.0872 2004 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
18:54:58.0872 2004 ================ Scan MBR ==================================
18:54:58.0887 2004 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:54:59.0230 2004 \Device\Harddisk0\DR0 - ok
18:54:59.0230 2004 ================ Scan VBR ==================================
18:54:59.0246 2004 [ FEAE738014C883C3DBD9286D3BC01A91 ] \Device\Harddisk0\DR0\Partition1
18:54:59.0246 2004 \Device\Harddisk0\DR0\Partition1 - ok
18:54:59.0262 2004 [ 2DDABDFE98871725EDFEC626FB7D5BEB ] \Device\Harddisk0\DR0\Partition2
18:54:59.0262 2004 \Device\Harddisk0\DR0\Partition2 - ok
18:54:59.0262 2004 ============================================================
18:54:59.0262 2004 Scan finished
18:54:59.0262 2004 ============================================================
18:54:59.0277 3312 Detected object count: 6
18:54:59.0277 3312 Actual detected object count: 6
18:57:09.0294 3312 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:09.0294 3312 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:09.0294 3312 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:09.0294 3312 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:09.0294 3312 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:09.0294 3312 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:09.0294 3312 MDES ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:09.0294 3312 MDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:09.0294 3312 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:09.0294 3312 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:09.0341 3312 C:\Windows\system32\services.exe - copied to quarantine
18:57:11.0463 3312 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
18:57:12.0446 3312 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
18:57:13.0803 3312 Backup copy not found, trying to cure infected file…
18:57:13.0803 3312 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
18:57:13.0803 3312 C:\Windows\system32\services.exe - processing error
18:57:13.0803 3312 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
18:59:32.0026 4020 Deinitialize success
system
September 24, 2012, 11:25pm
20
Wow what a pain in the arse… Anyways, sorry about that. Hopefully its ok for you to read.
Thanks