Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help me remove searchnu

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Please help me remove searchnu

Unread postby pgmigg » July 29th, 2012, 12:37 pm

Hello Charliea,

Good job, but we are not finished yet! :)

I looked everywhere on the OTL screen and did not see a "Include 64bit scans"
Sorry that I confused you a little and placed here instruction for 64-bit computer - you have 32-bit instead.

Step 1.
TDSSKiller - Rootkit Removal Tool - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Right click on TDSSKiller.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 2.
ESET NOD32 Online Scan
You will need to to right-click on the IE or FF icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator..." from the context menu.
Note: If using Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted... then double click on it to install.
Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.

Disable AVG Anti-Virus

  • Please open the AVG Control Center, by right clicking on the AVG icon on task bar.
  • Click on Open AVG User Interface.
  • On the Menu Bar, click on Tools.
  • Click Advanced Settings.
  • In the new screen which opens, scroll down to Temporarily disable AVG protection. Click on it to highlight it.
  • In the right hand pane, tick the box for Temporarily disable AVG protection.
  • Click Apply.
  • In the next screen which opens, select 180 minutes from the drop down menu, then click the Disable real time protection button.
  • Click OK.
  • Note: Don't forget to re-enable it after the fix.

Do NOT use the computer while the scan is running... make sure all other programs and windows are closed!

Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.
  1. Click the green [ESET Online Scanner] button.
  2. Read the End User License Agreement and check the box: [Yes, I accept the terms of use].
  3. Click the green [Start] button.
  4. Accept any security warnings from your browser and allow the download/installation of any require files.
    If your browser blocks or halts a download, please allow it to download any required files.
  5. Under scan settings:
    • Check "Scan archives"
    • Remove found threats is UNCHECKED
  6. Click Advanced settings ... select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  7. Click the [Start] button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running.
  8. When the scan completes... press the text: Image
  9. Press the text: Image ... then save the file to your desktop as ESETScan.txt.
  10. Press the [Back] button... then press the [Finish] button.
  11. Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Remember to enable your Anti-virus protection... before continuing!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of a TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt report file after TDSSKiller scan
  3. Contents of scan results from ESETScan.txt file.
  4. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Re: Please help me remove searchnu

Unread postby Charliea » July 29th, 2012, 7:00 pm

TDSSKiller Scan:

15:17:24.0300 7388 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:17:24.0738 7388 ============================================================
15:17:24.0738 7388 Current date / time: 2012/07/29 15:17:24.0738
15:17:24.0738 7388 SystemInfo:
15:17:24.0738 7388
15:17:24.0738 7388 OS Version: 6.1.7601 ServicePack: 1.0
15:17:24.0738 7388 Product type: Workstation
15:17:24.0738 7388 ComputerName: ALLMAN-PC
15:17:24.0738 7388 UserName: Dad
15:17:24.0738 7388 Windows directory: C:\Windows
15:17:24.0738 7388 System windows directory: C:\Windows
15:17:24.0738 7388 Processor architecture: Intel x86
15:17:24.0738 7388 Number of processors: 2
15:17:24.0738 7388 Page size: 0x1000
15:17:24.0738 7388 Boot type: Normal boot
15:17:24.0738 7388 ============================================================
15:17:26.0229 7388 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:17:26.0265 7388 ============================================================
15:17:26.0265 7388 \Device\Harddisk0\DR0:
15:17:26.0266 7388 MBR partitions:
15:17:26.0266 7388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:17:26.0266 7388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FC000
15:17:26.0266 7388 ============================================================
15:17:26.0294 7388 C: <-> \Device\Harddisk0\DR0\Partition1
15:17:26.0339 7388 ============================================================
15:17:26.0339 7388 Initialize success
15:17:26.0339 7388 ============================================================
15:17:34.0803 1664 ============================================================
15:17:34.0803 1664 Scan started
15:17:34.0803 1664 Mode: Manual;
15:17:34.0803 1664 ============================================================
15:17:37.0533 1664 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:17:37.0543 1664 1394ohci - ok
15:17:37.0642 1664 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:17:37.0645 1664 ACDaemon - ok
15:17:37.0685 1664 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:17:37.0701 1664 ACPI - ok
15:17:37.0738 1664 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:17:37.0740 1664 AcpiPmi - ok
15:17:37.0835 1664 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
15:17:37.0877 1664 AcrSch2Svc - ok
15:17:37.0945 1664 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:37.0947 1664 AdobeARMservice - ok
15:17:38.0001 1664 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:17:38.0018 1664 adp94xx - ok
15:17:38.0046 1664 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:17:38.0059 1664 adpahci - ok
15:17:38.0084 1664 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:17:38.0094 1664 adpu320 - ok
15:17:38.0114 1664 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:17:38.0116 1664 AeLookupSvc - ok
15:17:38.0179 1664 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
15:17:38.0181 1664 Afc - ok
15:17:38.0248 1664 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:17:38.0259 1664 AFD - ok
15:17:38.0292 1664 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:17:38.0295 1664 agp440 - ok
15:17:38.0317 1664 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:17:38.0320 1664 aic78xx - ok
15:17:38.0343 1664 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:17:38.0345 1664 ALG - ok
15:17:38.0360 1664 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:17:38.0362 1664 aliide - ok
15:17:38.0458 1664 ALSysIO - ok
15:17:38.0475 1664 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:17:38.0477 1664 amdagp - ok
15:17:38.0491 1664 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:17:38.0493 1664 amdide - ok
15:17:38.0510 1664 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:17:38.0513 1664 AmdK8 - ok
15:17:38.0525 1664 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:17:38.0527 1664 AmdPPM - ok
15:17:38.0567 1664 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:17:38.0570 1664 amdsata - ok
15:17:38.0593 1664 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:17:38.0603 1664 amdsbs - ok
15:17:38.0616 1664 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:17:38.0618 1664 amdxata - ok
15:17:38.0657 1664 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:17:38.0659 1664 AppID - ok
15:17:38.0682 1664 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:17:38.0684 1664 AppIDSvc - ok
15:17:38.0720 1664 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:17:38.0722 1664 Appinfo - ok
15:17:39.0108 1664 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:17:39.0133 1664 Apple Mobile Device - ok
15:17:39.0335 1664 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
15:17:39.0350 1664 AppMgmt - ok
15:17:39.0461 1664 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:17:39.0472 1664 arc - ok
15:17:39.0504 1664 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:17:39.0536 1664 arcsas - ok
15:17:39.0590 1664 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:17:39.0602 1664 AsyncMac - ok
15:17:39.0661 1664 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:17:39.0662 1664 atapi - ok
15:17:40.0015 1664 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:17:40.0027 1664 AudioEndpointBuilder - ok
15:17:40.0035 1664 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:17:40.0039 1664 Audiosrv - ok
15:17:40.0569 1664 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
15:17:40.0668 1664 AVGIDSAgent - ok
15:17:40.0837 1664 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:17:40.0864 1664 AVGIDSDriver - ok
15:17:40.0886 1664 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
15:17:40.0888 1664 AVGIDSFilter - ok
15:17:40.0915 1664 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
15:17:40.0917 1664 AVGIDSHX - ok
15:17:40.0938 1664 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:17:40.0940 1664 AVGIDSShim - ok
15:17:40.0983 1664 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
15:17:40.0999 1664 Avgldx86 - ok
15:17:41.0014 1664 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
15:17:41.0016 1664 Avgmfx86 - ok
15:17:41.0064 1664 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
15:17:41.0066 1664 Avgrkx86 - ok
15:17:41.0097 1664 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
15:17:41.0112 1664 Avgtdix - ok
15:17:41.0205 1664 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:17:41.0214 1664 avgwd - ok
15:17:41.0253 1664 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:17:41.0256 1664 AxInstSV - ok
15:17:41.0309 1664 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:17:41.0320 1664 b06bdrv - ok
15:17:41.0355 1664 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:17:41.0363 1664 b57nd60x - ok
15:17:41.0560 1664 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
15:17:41.0606 1664 BCM43XX - ok
15:17:41.0715 1664 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:17:41.0718 1664 BDESVC - ok
15:17:41.0739 1664 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:17:41.0741 1664 Beep - ok
15:17:41.0813 1664 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:17:41.0829 1664 BFE - ok
15:17:41.0884 1664 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
15:17:41.0905 1664 BITS - ok
15:17:41.0916 1664 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:17:41.0918 1664 blbdrive - ok
15:17:42.0043 1664 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:17:42.0054 1664 Bonjour Service - ok
15:17:42.0078 1664 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:17:42.0080 1664 bowser - ok
15:17:42.0091 1664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:17:42.0093 1664 BrFiltLo - ok
15:17:42.0103 1664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:17:42.0105 1664 BrFiltUp - ok
15:17:42.0133 1664 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:17:42.0136 1664 Browser - ok
15:17:42.0164 1664 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:17:42.0179 1664 Brserid - ok
15:17:42.0193 1664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:17:42.0195 1664 BrSerWdm - ok
15:17:42.0209 1664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:17:42.0210 1664 BrUsbMdm - ok
15:17:42.0221 1664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:17:42.0224 1664 BrUsbSer - ok
15:17:42.0266 1664 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
15:17:42.0268 1664 BthEnum - ok
15:17:42.0280 1664 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:17:42.0283 1664 BTHMODEM - ok
15:17:42.0301 1664 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
15:17:42.0304 1664 BthPan - ok
15:17:42.0347 1664 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
15:17:42.0359 1664 BTHPORT - ok
15:17:42.0395 1664 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:17:42.0397 1664 bthserv - ok
15:17:42.0453 1664 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
15:17:42.0455 1664 BTHUSB - ok
15:17:42.0485 1664 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:17:42.0488 1664 cdfs - ok
15:17:42.0532 1664 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:17:42.0544 1664 cdrom - ok
15:17:42.0590 1664 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:17:42.0592 1664 CertPropSvc - ok
15:17:42.0613 1664 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:17:42.0615 1664 circlass - ok
15:17:42.0643 1664 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:17:42.0658 1664 CLFS - ok
15:17:42.0717 1664 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:42.0730 1664 clr_optimization_v2.0.50727_32 - ok
15:17:42.0796 1664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:42.0808 1664 clr_optimization_v4.0.30319_32 - ok
15:17:42.0831 1664 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:17:42.0833 1664 CmBatt - ok
15:17:42.0866 1664 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:17:42.0868 1664 cmdide - ok
15:17:42.0923 1664 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:17:42.0930 1664 CNG - ok
15:17:42.0965 1664 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:17:42.0967 1664 Compbatt - ok
15:17:43.0003 1664 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:17:43.0005 1664 CompositeBus - ok
15:17:43.0019 1664 COMSysApp - ok
15:17:43.0033 1664 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:17:43.0035 1664 crcdisk - ok
15:17:43.0083 1664 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
15:17:43.0094 1664 CryptSvc - ok
15:17:43.0144 1664 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
15:17:43.0172 1664 CSC - ok
15:17:43.0229 1664 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
15:17:43.0242 1664 CscService - ok
15:17:43.0277 1664 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:17:43.0285 1664 DcomLaunch - ok
15:17:43.0325 1664 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:17:43.0329 1664 defragsvc - ok
15:17:43.0394 1664 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:17:43.0396 1664 DfsC - ok
15:17:43.0422 1664 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:17:43.0437 1664 Dhcp - ok
15:17:43.0459 1664 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:17:43.0461 1664 discache - ok
15:17:43.0491 1664 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:17:43.0493 1664 Disk - ok
15:17:43.0522 1664 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:17:43.0533 1664 Dnscache - ok
15:17:43.0572 1664 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:17:43.0580 1664 dot3svc - ok
15:17:43.0620 1664 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:17:43.0631 1664 DPS - ok
15:17:43.0657 1664 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:17:43.0659 1664 drmkaud - ok
15:17:43.0728 1664 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:17:43.0750 1664 DXGKrnl - ok
15:17:43.0785 1664 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:17:43.0788 1664 EapHost - ok
15:17:43.0973 1664 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:17:44.0044 1664 ebdrv - ok
15:17:44.0129 1664 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:17:44.0132 1664 EFS - ok
15:17:44.0207 1664 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:17:44.0219 1664 ehRecvr - ok
15:17:44.0242 1664 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:17:44.0255 1664 ehSched - ok
15:17:44.0314 1664 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:17:44.0331 1664 elxstor - ok
15:17:44.0364 1664 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:17:44.0366 1664 ErrDev - ok
15:17:44.0411 1664 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:17:44.0425 1664 EventSystem - ok
15:17:44.0458 1664 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:17:44.0461 1664 exfat - ok
15:17:44.0508 1664 fanio (0dd24dabb0b8c4ac0d8f2ebf0492276a) C:\Windows\system32\drivers\fanio.sys
15:17:44.0510 1664 fanio - ok
15:17:44.0534 1664 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:17:44.0544 1664 fastfat - ok
15:17:44.0612 1664 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:17:44.0625 1664 Fax - ok
15:17:44.0636 1664 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:17:44.0638 1664 fdc - ok
15:17:44.0644 1664 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:17:44.0648 1664 fdPHost - ok
15:17:44.0660 1664 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:17:44.0662 1664 FDResPub - ok
15:17:44.0674 1664 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:17:44.0677 1664 FileInfo - ok
15:17:44.0691 1664 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:17:44.0694 1664 Filetrace - ok
15:17:44.0705 1664 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:17:44.0707 1664 flpydisk - ok
15:17:44.0729 1664 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:17:44.0739 1664 FltMgr - ok
15:17:44.0823 1664 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:17:44.0841 1664 FontCache - ok
15:17:44.0901 1664 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:17:44.0905 1664 FontCache3.0.0.0 - ok
15:17:44.0924 1664 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:17:44.0927 1664 FsDepends - ok
15:17:44.0967 1664 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
15:17:44.0969 1664 fssfltr - ok
15:17:45.0122 1664 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:17:45.0182 1664 fsssvc - ok
15:17:45.0271 1664 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:17:45.0274 1664 Fs_Rec - ok
15:17:45.0324 1664 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:17:45.0333 1664 fvevol - ok
15:17:45.0369 1664 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:17:45.0372 1664 gagp30kx - ok
15:17:45.0416 1664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:17:45.0418 1664 GEARAspiWDM - ok
15:17:45.0448 1664 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
15:17:45.0451 1664 giveio - ok
15:17:45.0523 1664 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:17:45.0545 1664 gpsvc - ok
15:17:45.0581 1664 guardian2 (f058c5f64dff28a2c8d7d1d04171e604) C:\Windows\system32\Drivers\oz776.sys
15:17:45.0584 1664 guardian2 - ok
15:17:45.0601 1664 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:17:45.0604 1664 hcw85cir - ok
15:17:45.0658 1664 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:17:45.0672 1664 HdAudAddService - ok
15:17:45.0700 1664 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:17:45.0713 1664 HDAudBus - ok
15:17:45.0725 1664 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:17:45.0727 1664 HidBatt - ok
15:17:45.0745 1664 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:17:45.0756 1664 HidBth - ok
15:17:45.0781 1664 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:17:45.0783 1664 HidIr - ok
15:17:45.0804 1664 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:17:45.0808 1664 hidserv - ok
15:17:45.0826 1664 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:17:45.0829 1664 HidUsb - ok
15:17:45.0862 1664 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:17:45.0865 1664 hkmsvc - ok
15:17:45.0904 1664 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:17:45.0913 1664 HomeGroupListener - ok
15:17:45.0957 1664 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:17:45.0966 1664 HomeGroupProvider - ok
15:17:45.0992 1664 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:17:45.0995 1664 HpSAMD - ok
15:17:46.0069 1664 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\Windows\system32\DRIVERS\HSX_DPV.sys
15:17:46.0091 1664 HSF_DPV - ok
15:17:46.0136 1664 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
15:17:46.0145 1664 HSXHWAZL - ok
15:17:46.0213 1664 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:17:46.0222 1664 HTTP - ok
15:17:46.0248 1664 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:17:46.0250 1664 hwpolicy - ok
15:17:46.0291 1664 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:17:46.0293 1664 i8042prt - ok
15:17:46.0326 1664 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:17:46.0338 1664 iaStorV - ok
15:17:46.0423 1664 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:17:46.0446 1664 idsvc - ok
15:17:46.0474 1664 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:17:46.0476 1664 iirsp - ok
15:17:46.0541 1664 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:17:46.0556 1664 IKEEXT - ok
15:17:46.0570 1664 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:17:46.0573 1664 intelide - ok
15:17:46.0592 1664 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:17:46.0594 1664 intelppm - ok
15:17:46.0617 1664 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:17:46.0620 1664 IPBusEnum - ok
15:17:46.0636 1664 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:17:46.0638 1664 IpFilterDriver - ok
15:17:46.0692 1664 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:17:46.0707 1664 iphlpsvc - ok
15:17:46.0738 1664 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:17:46.0740 1664 IPMIDRV - ok
15:17:46.0759 1664 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:17:46.0770 1664 IPNAT - ok
15:17:46.0894 1664 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
15:17:46.0912 1664 iPod Service - ok
15:17:46.0936 1664 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:17:46.0937 1664 IRENUM - ok
15:17:46.0952 1664 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:17:46.0955 1664 isapnp - ok
15:17:47.0015 1664 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:17:47.0024 1664 iScsiPrt - ok
15:17:47.0071 1664 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
15:17:47.0073 1664 kbdclass - ok
15:17:47.0106 1664 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
15:17:47.0107 1664 kbdhid - ok
15:17:47.0137 1664 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:47.0139 1664 KeyIso - ok
15:17:47.0174 1664 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:17:47.0176 1664 KSecDD - ok
15:17:47.0193 1664 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:17:47.0205 1664 KSecPkg - ok
15:17:47.0241 1664 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:17:47.0256 1664 KtmRm - ok
15:17:47.0312 1664 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
15:17:47.0323 1664 LanmanServer - ok
15:17:47.0368 1664 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:17:47.0383 1664 LanmanWorkstation - ok
15:17:47.0525 1664 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:17:47.0538 1664 LBTServ - ok
15:17:47.0573 1664 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:17:47.0575 1664 LHidFilt - ok
15:17:47.0605 1664 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:17:47.0607 1664 lltdio - ok
15:17:47.0639 1664 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:17:47.0648 1664 lltdsvc - ok
15:17:47.0658 1664 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:17:47.0660 1664 lmhosts - ok
15:17:47.0678 1664 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:17:47.0680 1664 LMouFilt - ok
15:17:47.0714 1664 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:17:47.0717 1664 LSI_FC - ok
15:17:47.0730 1664 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:17:47.0735 1664 LSI_SAS - ok
15:17:47.0750 1664 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:17:47.0753 1664 LSI_SAS2 - ok
15:17:47.0769 1664 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:17:47.0774 1664 LSI_SCSI - ok
15:17:47.0787 1664 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:17:47.0790 1664 luafv - ok
15:17:47.0825 1664 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:17:47.0829 1664 Mcx2Svc - ok
15:17:47.0900 1664 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:17:47.0929 1664 MDM - ok
15:17:47.0961 1664 mdmxsdk (e246a32c445056996074a397da56e815) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:17:47.0962 1664 mdmxsdk - ok
15:17:47.0971 1664 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:17:47.0974 1664 megasas - ok
15:17:48.0000 1664 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:17:48.0008 1664 MegaSR - ok
15:17:48.0065 1664 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:17:48.0068 1664 Microsoft Office Groove Audit Service - ok
15:17:48.0090 1664 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:17:48.0094 1664 MMCSS - ok
15:17:48.0105 1664 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:17:48.0107 1664 Modem - ok
15:17:48.0116 1664 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:17:48.0118 1664 monitor - ok
15:17:48.0155 1664 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:17:48.0157 1664 mouclass - ok
15:17:48.0168 1664 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:17:48.0170 1664 mouhid - ok
15:17:48.0203 1664 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:17:48.0205 1664 mountmgr - ok
15:17:48.0258 1664 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:17:48.0270 1664 MozillaMaintenance - ok
15:17:48.0301 1664 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:17:48.0312 1664 mpio - ok
15:17:48.0337 1664 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:17:48.0339 1664 mpsdrv - ok
15:17:48.0407 1664 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:17:48.0443 1664 MpsSvc - ok
15:17:48.0479 1664 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:17:48.0491 1664 MRxDAV - ok
15:17:48.0533 1664 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:17:48.0545 1664 mrxsmb - ok
15:17:48.0566 1664 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:17:48.0574 1664 mrxsmb10 - ok
15:17:48.0592 1664 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:17:48.0594 1664 mrxsmb20 - ok
15:17:48.0623 1664 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:17:48.0625 1664 msahci - ok
15:17:48.0642 1664 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:17:48.0654 1664 msdsm - ok
15:17:48.0679 1664 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:17:48.0690 1664 MSDTC - ok
15:17:48.0710 1664 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:17:48.0713 1664 Msfs - ok
15:17:48.0727 1664 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:17:48.0729 1664 mshidkmdf - ok
15:17:48.0763 1664 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:17:48.0765 1664 msisadrv - ok
15:17:48.0795 1664 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:17:48.0808 1664 MSiSCSI - ok
15:17:48.0812 1664 msiserver - ok
15:17:48.0841 1664 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:17:48.0843 1664 MSKSSRV - ok
15:17:48.0873 1664 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:17:48.0875 1664 MSPCLOCK - ok
15:17:48.0888 1664 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:17:48.0889 1664 MSPQM - ok
15:17:48.0911 1664 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:17:48.0921 1664 MsRPC - ok
15:17:48.0956 1664 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:17:48.0958 1664 mssmbios - ok
15:17:48.0963 1664 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:17:48.0965 1664 MSTEE - ok
15:17:48.0970 1664 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:17:48.0972 1664 MTConfig - ok
15:17:48.0982 1664 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:17:48.0986 1664 Mup - ok
15:17:49.0030 1664 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:17:49.0043 1664 napagent - ok
15:17:49.0078 1664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:17:49.0086 1664 NativeWifiP - ok
15:17:49.0253 1664 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe
15:17:49.0268 1664 NAUpdate - ok
15:17:49.0342 1664 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:17:49.0356 1664 NDIS - ok
15:17:49.0370 1664 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:17:49.0372 1664 NdisCap - ok
15:17:49.0393 1664 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:17:49.0396 1664 NdisTapi - ok
15:17:49.0432 1664 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:17:49.0434 1664 Ndisuio - ok
15:17:49.0470 1664 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:17:49.0473 1664 NdisWan - ok
15:17:49.0505 1664 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:17:49.0508 1664 NDProxy - ok
15:17:49.0524 1664 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:17:49.0526 1664 NetBIOS - ok
15:17:49.0567 1664 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:17:49.0577 1664 NetBT - ok
15:17:49.0603 1664 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:49.0605 1664 Netlogon - ok
15:17:49.0656 1664 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:17:49.0670 1664 Netman - ok
15:17:49.0703 1664 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:17:49.0715 1664 netprofm - ok
15:17:49.0777 1664 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:17:49.0788 1664 NetTcpPortSharing - ok
15:17:49.0819 1664 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:17:49.0821 1664 nfrd960 - ok
15:17:49.0867 1664 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:17:49.0884 1664 NlaSvc - ok
15:17:49.0928 1664 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:17:49.0930 1664 Npfs - ok
15:17:49.0940 1664 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:17:49.0943 1664 nsi - ok
15:17:49.0957 1664 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:17:49.0959 1664 nsiproxy - ok
15:17:50.0072 1664 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:17:50.0100 1664 Ntfs - ok
15:17:50.0113 1664 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:17:50.0115 1664 Null - ok
15:17:50.0575 1664 nvlddmkm (05b288b25c2ebd9a4e9e5114ae790876) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:17:50.0726 1664 nvlddmkm - ok
15:17:50.0847 1664 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:17:50.0859 1664 nvraid - ok
15:17:50.0897 1664 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:17:50.0908 1664 nvstor - ok
15:17:50.0951 1664 nvsvc (e937a615d4289e83e234c3ec26092431) C:\Windows\system32\nvvsvc.exe
15:17:50.0976 1664 nvsvc - ok
15:17:50.0998 1664 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:17:51.0010 1664 nv_agp - ok
15:17:51.0149 1664 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:17:51.0166 1664 odserv - ok
15:17:51.0196 1664 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:17:51.0199 1664 ohci1394 - ok
15:17:51.0240 1664 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:51.0252 1664 ose - ok
15:17:51.0294 1664 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:17:51.0309 1664 p2pimsvc - ok
15:17:51.0350 1664 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:17:51.0357 1664 p2psvc - ok
15:17:51.0382 1664 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:17:51.0384 1664 Parport - ok
15:17:51.0417 1664 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
15:17:51.0420 1664 partmgr - ok
15:17:51.0437 1664 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:17:51.0439 1664 Parvdm - ok
15:17:51.0462 1664 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:17:51.0473 1664 PcaSvc - ok
15:17:51.0484 1664 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:17:51.0488 1664 pci - ok
15:17:51.0498 1664 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:17:51.0500 1664 pciide - ok
15:17:51.0532 1664 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:51.0536 1664 pcmcia - ok
15:17:51.0547 1664 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:17:51.0550 1664 pcw - ok
15:17:51.0604 1664 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:17:51.0623 1664 PEAUTH - ok
15:17:51.0712 1664 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
15:17:51.0732 1664 PeerDistSvc - ok
15:17:51.0845 1664 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:17:51.0876 1664 pla - ok
15:17:51.0978 1664 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:17:51.0992 1664 PlugPlay - ok
15:17:52.0008 1664 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:17:52.0011 1664 PNRPAutoReg - ok
15:17:52.0042 1664 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:17:52.0046 1664 PNRPsvc - ok
15:17:52.0103 1664 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:17:52.0116 1664 PolicyAgent - ok
15:17:52.0151 1664 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:17:52.0162 1664 Power - ok
15:17:52.0204 1664 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:17:52.0206 1664 PptpMiniport - ok
15:17:52.0224 1664 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:17:52.0226 1664 Processor - ok
15:17:52.0266 1664 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
15:17:52.0276 1664 ProfSvc - ok
15:17:52.0306 1664 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:52.0308 1664 ProtectedStorage - ok
15:17:52.0338 1664 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:17:52.0341 1664 Psched - ok
15:17:52.0438 1664 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:17:52.0476 1664 ql2300 - ok
15:17:52.0570 1664 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:17:52.0573 1664 ql40xx - ok
15:17:52.0607 1664 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:17:52.0615 1664 QWAVE - ok
15:17:52.0626 1664 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:17:52.0629 1664 QWAVEdrv - ok
15:17:52.0642 1664 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:17:52.0643 1664 RasAcd - ok
15:17:52.0664 1664 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:17:52.0666 1664 RasAgileVpn - ok
15:17:52.0675 1664 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:17:52.0679 1664 RasAuto - ok
15:17:52.0697 1664 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:17:52.0700 1664 Rasl2tp - ok
15:17:52.0743 1664 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:17:52.0764 1664 RasMan - ok
15:17:52.0793 1664 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:17:52.0795 1664 RasPppoe - ok
15:17:52.0807 1664 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:17:52.0810 1664 RasSstp - ok
15:17:52.0852 1664 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:17:52.0866 1664 rdbss - ok
15:17:52.0901 1664 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:17:52.0903 1664 rdpbus - ok
15:17:52.0933 1664 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:17:52.0935 1664 RDPCDD - ok
15:17:52.0961 1664 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
15:17:52.0972 1664 RDPDR - ok
15:17:52.0995 1664 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:17:52.0997 1664 RDPENCDD - ok
15:17:53.0015 1664 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:17:53.0018 1664 RDPREFMP - ok
15:17:53.0053 1664 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
15:17:53.0086 1664 RDPWD - ok
15:17:53.0136 1664 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:17:53.0146 1664 rdyboost - ok
15:17:53.0174 1664 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:17:53.0177 1664 RemoteAccess - ok
15:17:53.0212 1664 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:17:53.0226 1664 RemoteRegistry - ok
15:17:53.0269 1664 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
15:17:53.0281 1664 RFCOMM - ok
15:17:53.0303 1664 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:17:53.0307 1664 RpcEptMapper - ok
15:17:53.0327 1664 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:17:53.0330 1664 RpcLocator - ok
15:17:53.0376 1664 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:17:53.0381 1664 RpcSs - ok
15:17:53.0429 1664 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:17:53.0431 1664 rspndr - ok
15:17:53.0460 1664 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
15:17:53.0463 1664 s3cap - ok
15:17:53.0495 1664 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:53.0497 1664 SamSs - ok
15:17:53.0549 1664 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:17:53.0551 1664 sbp2port - ok
15:17:53.0573 1664 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:17:53.0584 1664 SCardSvr - ok
15:17:53.0615 1664 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:17:53.0617 1664 scfilter - ok
15:17:53.0696 1664 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:17:53.0709 1664 Schedule - ok
15:17:53.0743 1664 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:17:53.0744 1664 SCPolicySvc - ok
15:17:53.0779 1664 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:17:53.0792 1664 SDRSVC - ok
15:17:53.0815 1664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:17:53.0818 1664 secdrv - ok
15:17:53.0833 1664 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:17:53.0837 1664 seclogon - ok
15:17:53.0849 1664 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:17:53.0854 1664 SENS - ok
15:17:53.0884 1664 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:17:53.0888 1664 SensrSvc - ok
15:17:53.0900 1664 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:17:53.0902 1664 Serenum - ok
15:17:53.0914 1664 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:17:53.0917 1664 Serial - ok
15:17:53.0947 1664 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:17:53.0949 1664 sermouse - ok
15:17:53.0992 1664 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:17:54.0004 1664 SessionEnv - ok
15:17:54.0029 1664 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:17:54.0030 1664 sffdisk - ok
15:17:54.0046 1664 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:17:54.0047 1664 sffp_mmc - ok
15:17:54.0059 1664 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:17:54.0061 1664 sffp_sd - ok
15:17:54.0071 1664 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:17:54.0073 1664 sfloppy - ok
15:17:54.0118 1664 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:17:54.0133 1664 SharedAccess - ok
15:17:54.0186 1664 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:17:54.0199 1664 ShellHWDetection - ok
15:17:54.0238 1664 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:17:54.0240 1664 sisagp - ok
15:17:54.0266 1664 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:17:54.0281 1664 SiSRaid2 - ok
15:17:54.0306 1664 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:17:54.0308 1664 SiSRaid4 - ok
15:17:54.0330 1664 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:17:54.0333 1664 Smb - ok
15:17:54.0368 1664 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
15:17:54.0377 1664 snapman - ok
15:17:54.0402 1664 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:17:54.0405 1664 SNMPTRAP - ok
15:17:54.0449 1664 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\Windows\system32\speedfan.sys
15:17:54.0454 1664 speedfan - ok
15:17:54.0469 1664 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:17:54.0471 1664 spldr - ok
15:17:54.0527 1664 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:17:54.0540 1664 Spooler - ok
15:17:54.0766 1664 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:17:54.0850 1664 sppsvc - ok
15:17:54.0952 1664 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:17:54.0956 1664 sppuinotify - ok
15:17:55.0017 1664 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:17:55.0032 1664 srv - ok
15:17:55.0057 1664 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:17:55.0071 1664 srv2 - ok
15:17:55.0105 1664 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:17:55.0114 1664 SrvHsfHDA - ok
15:17:55.0183 1664 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:17:55.0202 1664 SrvHsfV92 - ok
15:17:55.0251 1664 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:17:55.0269 1664 SrvHsfWinac - ok
15:17:55.0310 1664 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:17:55.0323 1664 srvnet - ok
15:17:55.0356 1664 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
15:17:55.0358 1664 sscdbus - ok
15:17:55.0377 1664 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:17:55.0380 1664 sscdmdfl - ok
15:17:55.0397 1664 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
15:17:55.0400 1664 sscdmdm - ok
15:17:55.0414 1664 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
15:17:55.0417 1664 sscdserd - ok
15:17:55.0454 1664 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:17:55.0464 1664 SSDPSRV - ok
15:17:55.0491 1664 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:17:55.0499 1664 SstpSvc - ok
15:17:55.0523 1664 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:17:55.0525 1664 stexstor - ok
15:17:55.0584 1664 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:17:55.0601 1664 StiSvc - ok
15:17:55.0640 1664 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
15:17:55.0642 1664 storflt - ok
15:17:55.0668 1664 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
15:17:55.0672 1664 StorSvc - ok
15:17:55.0688 1664 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
15:17:55.0690 1664 storvsc - ok
15:17:55.0703 1664 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:17:55.0705 1664 swenum - ok
15:17:55.0730 1664 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:17:55.0744 1664 swprv - ok
15:17:55.0847 1664 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:17:55.0879 1664 SysMain - ok
15:17:55.0917 1664 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:17:55.0921 1664 TabletInputService - ok
15:17:55.0966 1664 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:17:55.0981 1664 TapiSrv - ok
15:17:55.0998 1664 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:17:56.0004 1664 TBS - ok
15:17:56.0121 1664 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
15:17:56.0162 1664 Tcpip - ok
15:17:56.0190 1664 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
15:17:56.0199 1664 TCPIP6 - ok
15:17:56.0235 1664 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:17:56.0237 1664 tcpipreg - ok
15:17:56.0264 1664 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:17:56.0266 1664 TDPIPE - ok
15:17:56.0294 1664 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:17:56.0296 1664 TDTCP - ok
15:17:56.0329 1664 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:17:56.0332 1664 tdx - ok
15:17:56.0365 1664 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:17:56.0367 1664 TermDD - ok
15:17:56.0421 1664 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:17:56.0435 1664 TermService - ok
15:17:56.0454 1664 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:17:56.0457 1664 Themes - ok
15:17:56.0479 1664 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:17:56.0481 1664 THREADORDER - ok
15:17:56.0576 1664 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
15:17:56.0595 1664 timounter - ok
15:17:56.0621 1664 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:17:56.0625 1664 TrkWks - ok
15:17:56.0688 1664 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:17:56.0698 1664 TrustedInstaller - ok
15:17:56.0711 1664 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:17:56.0713 1664 tssecsrv - ok
15:17:56.0755 1664 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:17:56.0757 1664 TsUsbFlt - ok
15:17:56.0813 1664 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:17:56.0825 1664 tunnel - ok
15:17:56.0859 1664 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:17:56.0861 1664 uagp35 - ok
15:17:56.0909 1664 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:17:56.0916 1664 udfs - ok
15:17:56.0939 1664 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:17:56.0943 1664 UI0Detect - ok
15:17:56.0986 1664 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:17:56.0989 1664 uliagpkx - ok
15:17:57.0036 1664 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:17:57.0038 1664 umbus - ok
15:17:57.0056 1664 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:17:57.0058 1664 UmPass - ok
15:17:57.0099 1664 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
15:17:57.0107 1664 UmRdpService - ok
15:17:57.0135 1664 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:17:57.0149 1664 upnphost - ok
15:17:57.0186 1664 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
15:17:57.0188 1664 USBAAPL - ok
15:17:57.0205 1664 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:17:57.0208 1664 usbccgp - ok
15:17:57.0246 1664 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:17:57.0251 1664 usbcir - ok
15:17:57.0270 1664 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:17:57.0272 1664 usbehci - ok
15:17:57.0309 1664 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:17:57.0322 1664 usbhub - ok
15:17:57.0335 1664 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
15:17:57.0337 1664 usbohci - ok
15:17:57.0345 1664 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:17:57.0347 1664 usbprint - ok
15:17:57.0368 1664 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:17:57.0370 1664 USBSTOR - ok
15:17:57.0390 1664 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:17:57.0392 1664 usbuhci - ok
15:17:57.0405 1664 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:17:57.0409 1664 UxSms - ok
15:17:57.0436 1664 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:57.0438 1664 VaultSvc - ok
15:17:57.0454 1664 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:17:57.0457 1664 vdrvroot - ok
15:17:57.0513 1664 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:17:57.0523 1664 vds - ok
15:17:57.0536 1664 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:17:57.0538 1664 vga - ok
15:17:57.0553 1664 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:17:57.0555 1664 VgaSave - ok
15:17:57.0605 1664 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:17:57.0617 1664 vhdmp - ok
15:17:57.0656 1664 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:17:57.0658 1664 viaagp - ok
15:17:57.0670 1664 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:17:57.0673 1664 ViaC7 - ok
15:17:57.0682 1664 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:17:57.0684 1664 viaide - ok
15:17:57.0711 1664 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
15:17:57.0721 1664 vididr - ok
15:17:57.0742 1664 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
15:17:57.0745 1664 vidsflt53 - ok
15:17:57.0769 1664 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
15:17:57.0779 1664 vmbus - ok
15:17:57.0794 1664 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
15:17:57.0796 1664 VMBusHID - ok
15:17:57.0810 1664 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:17:57.0812 1664 volmgr - ok
15:17:57.0843 1664 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:17:57.0859 1664 volmgrx - ok
15:17:57.0887 1664 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:17:57.0894 1664 volsnap - ok
15:17:57.0919 1664 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:17:57.0929 1664 vsmraid - ok
15:17:58.0024 1664 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:17:58.0061 1664 VSS - ok
15:17:58.0078 1664 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
15:17:58.0080 1664 vwifibus - ok
15:17:58.0103 1664 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
15:17:58.0105 1664 vwififlt - ok
15:17:58.0123 1664 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
15:17:58.0124 1664 vwifimp - ok
15:17:58.0159 1664 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:17:58.0173 1664 W32Time - ok
15:17:58.0194 1664 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:17:58.0196 1664 WacomPen - ok
15:17:58.0242 1664 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:17:58.0245 1664 WANARP - ok
15:17:58.0248 1664 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:17:58.0250 1664 Wanarpv6 - ok
15:17:58.0356 1664 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:17:58.0394 1664 WatAdminSvc - ok
15:17:58.0499 1664 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:17:58.0536 1664 wbengine - ok
15:17:58.0556 1664 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:17:58.0567 1664 WbioSrvc - ok
15:17:58.0623 1664 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:17:58.0638 1664 wcncsvc - ok
15:17:58.0654 1664 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:17:58.0658 1664 WcsPlugInService - ok
15:17:58.0702 1664 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:17:58.0704 1664 Wd - ok
15:17:58.0744 1664 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:17:58.0766 1664 Wdf01000 - ok
15:17:58.0802 1664 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:17:58.0807 1664 WdiServiceHost - ok
15:17:58.0810 1664 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:17:58.0814 1664 WdiSystemHost - ok
15:17:58.0867 1664 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:17:58.0901 1664 WebClient - ok
15:17:58.0921 1664 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:17:58.0931 1664 Wecsvc - ok
15:17:58.0941 1664 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:17:58.0945 1664 wercplsupport - ok
15:17:58.0972 1664 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:17:58.0977 1664 WerSvc - ok
15:17:58.0995 1664 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:17:58.0997 1664 WfpLwf - ok
15:17:59.0003 1664 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:17:59.0005 1664 WIMMount - ok
15:17:59.0068 1664 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:17:59.0085 1664 winachsf - ok
15:17:59.0196 1664 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:17:59.0212 1664 WinDefend - ok
15:17:59.0221 1664 WinHttpAutoProxySvc - ok
15:17:59.0333 1664 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:17:59.0341 1664 Winmgmt - ok
15:17:59.0448 1664 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:17:59.0486 1664 WinRM - ok
15:17:59.0532 1664 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:17:59.0534 1664 WinUsb - ok
15:17:59.0611 1664 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:17:59.0631 1664 Wlansvc - ok
15:17:59.0725 1664 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:17:59.0730 1664 wlcrasvc - ok
15:17:59.0902 1664 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:59.0939 1664 wlidsvc - ok
15:18:00.0007 1664 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:18:00.0009 1664 WmiAcpi - ok
15:18:00.0060 1664 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:18:00.0073 1664 wmiApSrv - ok
15:18:00.0194 1664 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:18:00.0227 1664 WMPNetworkSvc - ok
15:18:00.0248 1664 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:18:00.0253 1664 WPCSvc - ok
15:18:00.0285 1664 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:18:00.0298 1664 WPDBusEnum - ok
15:18:00.0314 1664 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:18:00.0316 1664 ws2ifsl - ok
15:18:00.0333 1664 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
15:18:00.0338 1664 wscsvc - ok
15:18:00.0343 1664 WSearch - ok
15:18:00.0492 1664 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
15:18:00.0535 1664 wuauserv - ok
15:18:00.0627 1664 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:18:00.0630 1664 WudfPf - ok
15:18:00.0655 1664 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:00.0667 1664 WUDFRd - ok
15:18:00.0701 1664 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:18:00.0706 1664 wudfsvc - ok
15:18:00.0725 1664 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:18:00.0734 1664 WwanSvc - ok
15:18:00.0894 1664 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:18:00.0914 1664 YahooAUService - ok
15:18:00.0942 1664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:18:00.0995 1664 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:18:00.0995 1664 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:18:00.0999 1664 Boot (0x1200) (84cbf3157499c335c514643079455eba) \Device\Harddisk0\DR0\Partition0
15:18:01.0001 1664 \Device\Harddisk0\DR0\Partition0 - ok
15:18:01.0010 1664 Boot (0x1200) (e88c419a540816f6b5d01a44d0372b6a) \Device\Harddisk0\DR0\Partition1
15:18:01.0012 1664 \Device\Harddisk0\DR0\Partition1 - ok
15:18:01.0013 1664 ============================================================
15:18:01.0013 1664 Scan finished
15:18:01.0013 1664 ============================================================
15:18:01.0024 7008 Detected object count: 1
15:18:01.0024 7008 Actual detected object count: 1
15:19:17.0094 7008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
15:19:17.0094 7008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
15:19:24.0948 5920 Deinitialize success
Charliea
Active Member
 
Posts: 13
Joined: July 25th, 2012, 11:31 pm

Re: Please help me remove searchnu

Unread postby Charliea » July 29th, 2012, 7:04 pm

TDSSKiller Scan:

15:17:24.0300 7388 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:17:24.0738 7388 ============================================================
15:17:24.0738 7388 Current date / time: 2012/07/29 15:17:24.0738
15:17:24.0738 7388 SystemInfo:
15:17:24.0738 7388
15:17:24.0738 7388 OS Version: 6.1.7601 ServicePack: 1.0
15:17:24.0738 7388 Product type: Workstation
15:17:24.0738 7388 ComputerName: ALLMAN-PC
15:17:24.0738 7388 UserName: Dad
15:17:24.0738 7388 Windows directory: C:\Windows
15:17:24.0738 7388 System windows directory: C:\Windows
15:17:24.0738 7388 Processor architecture: Intel x86
15:17:24.0738 7388 Number of processors: 2
15:17:24.0738 7388 Page size: 0x1000
15:17:24.0738 7388 Boot type: Normal boot
15:17:24.0738 7388 ============================================================
15:17:26.0229 7388 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:17:26.0265 7388 ============================================================
15:17:26.0265 7388 \Device\Harddisk0\DR0:
15:17:26.0266 7388 MBR partitions:
15:17:26.0266 7388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:17:26.0266 7388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FC000
15:17:26.0266 7388 ============================================================
15:17:26.0294 7388 C: <-> \Device\Harddisk0\DR0\Partition1
15:17:26.0339 7388 ============================================================
15:17:26.0339 7388 Initialize success
15:17:26.0339 7388 ============================================================
15:17:34.0803 1664 ============================================================
15:17:34.0803 1664 Scan started
15:17:34.0803 1664 Mode: Manual;
15:17:34.0803 1664 ============================================================
15:17:37.0533 1664 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:17:37.0543 1664 1394ohci - ok
15:17:37.0642 1664 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:17:37.0645 1664 ACDaemon - ok
15:17:37.0685 1664 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:17:37.0701 1664 ACPI - ok
15:17:37.0738 1664 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:17:37.0740 1664 AcpiPmi - ok
15:17:37.0835 1664 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
15:17:37.0877 1664 AcrSch2Svc - ok
15:17:37.0945 1664 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:37.0947 1664 AdobeARMservice - ok
15:17:38.0001 1664 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:17:38.0018 1664 adp94xx - ok
15:17:38.0046 1664 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:17:38.0059 1664 adpahci - ok
15:17:38.0084 1664 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:17:38.0094 1664 adpu320 - ok
15:17:38.0114 1664 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:17:38.0116 1664 AeLookupSvc - ok
15:17:38.0179 1664 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
15:17:38.0181 1664 Afc - ok
15:17:38.0248 1664 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:17:38.0259 1664 AFD - ok
15:17:38.0292 1664 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:17:38.0295 1664 agp440 - ok
15:17:38.0317 1664 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:17:38.0320 1664 aic78xx - ok
15:17:38.0343 1664 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:17:38.0345 1664 ALG - ok
15:17:38.0360 1664 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:17:38.0362 1664 aliide - ok
15:17:38.0458 1664 ALSysIO - ok
15:17:38.0475 1664 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:17:38.0477 1664 amdagp - ok
15:17:38.0491 1664 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:17:38.0493 1664 amdide - ok
15:17:38.0510 1664 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:17:38.0513 1664 AmdK8 - ok
15:17:38.0525 1664 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:17:38.0527 1664 AmdPPM - ok
15:17:38.0567 1664 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:17:38.0570 1664 amdsata - ok
15:17:38.0593 1664 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:17:38.0603 1664 amdsbs - ok
15:17:38.0616 1664 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:17:38.0618 1664 amdxata - ok
15:17:38.0657 1664 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:17:38.0659 1664 AppID - ok
15:17:38.0682 1664 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:17:38.0684 1664 AppIDSvc - ok
15:17:38.0720 1664 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:17:38.0722 1664 Appinfo - ok
15:17:39.0108 1664 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:17:39.0133 1664 Apple Mobile Device - ok
15:17:39.0335 1664 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
15:17:39.0350 1664 AppMgmt - ok
15:17:39.0461 1664 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:17:39.0472 1664 arc - ok
15:17:39.0504 1664 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:17:39.0536 1664 arcsas - ok
15:17:39.0590 1664 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:17:39.0602 1664 AsyncMac - ok
15:17:39.0661 1664 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:17:39.0662 1664 atapi - ok
15:17:40.0015 1664 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:17:40.0027 1664 AudioEndpointBuilder - ok
15:17:40.0035 1664 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:17:40.0039 1664 Audiosrv - ok
15:17:40.0569 1664 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
15:17:40.0668 1664 AVGIDSAgent - ok
15:17:40.0837 1664 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:17:40.0864 1664 AVGIDSDriver - ok
15:17:40.0886 1664 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
15:17:40.0888 1664 AVGIDSFilter - ok
15:17:40.0915 1664 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
15:17:40.0917 1664 AVGIDSHX - ok
15:17:40.0938 1664 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:17:40.0940 1664 AVGIDSShim - ok
15:17:40.0983 1664 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
15:17:40.0999 1664 Avgldx86 - ok
15:17:41.0014 1664 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
15:17:41.0016 1664 Avgmfx86 - ok
15:17:41.0064 1664 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
15:17:41.0066 1664 Avgrkx86 - ok
15:17:41.0097 1664 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
15:17:41.0112 1664 Avgtdix - ok
15:17:41.0205 1664 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:17:41.0214 1664 avgwd - ok
15:17:41.0253 1664 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:17:41.0256 1664 AxInstSV - ok
15:17:41.0309 1664 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:17:41.0320 1664 b06bdrv - ok
15:17:41.0355 1664 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:17:41.0363 1664 b57nd60x - ok
15:17:41.0560 1664 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
15:17:41.0606 1664 BCM43XX - ok
15:17:41.0715 1664 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:17:41.0718 1664 BDESVC - ok
15:17:41.0739 1664 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:17:41.0741 1664 Beep - ok
15:17:41.0813 1664 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:17:41.0829 1664 BFE - ok
15:17:41.0884 1664 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
15:17:41.0905 1664 BITS - ok
15:17:41.0916 1664 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:17:41.0918 1664 blbdrive - ok
15:17:42.0043 1664 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:17:42.0054 1664 Bonjour Service - ok
15:17:42.0078 1664 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:17:42.0080 1664 bowser - ok
15:17:42.0091 1664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:17:42.0093 1664 BrFiltLo - ok
15:17:42.0103 1664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:17:42.0105 1664 BrFiltUp - ok
15:17:42.0133 1664 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:17:42.0136 1664 Browser - ok
15:17:42.0164 1664 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:17:42.0179 1664 Brserid - ok
15:17:42.0193 1664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:17:42.0195 1664 BrSerWdm - ok
15:17:42.0209 1664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:17:42.0210 1664 BrUsbMdm - ok
15:17:42.0221 1664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:17:42.0224 1664 BrUsbSer - ok
15:17:42.0266 1664 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
15:17:42.0268 1664 BthEnum - ok
15:17:42.0280 1664 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:17:42.0283 1664 BTHMODEM - ok
15:17:42.0301 1664 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
15:17:42.0304 1664 BthPan - ok
15:17:42.0347 1664 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
15:17:42.0359 1664 BTHPORT - ok
15:17:42.0395 1664 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:17:42.0397 1664 bthserv - ok
15:17:42.0453 1664 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
15:17:42.0455 1664 BTHUSB - ok
15:17:42.0485 1664 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:17:42.0488 1664 cdfs - ok
15:17:42.0532 1664 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:17:42.0544 1664 cdrom - ok
15:17:42.0590 1664 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:17:42.0592 1664 CertPropSvc - ok
15:17:42.0613 1664 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:17:42.0615 1664 circlass - ok
15:17:42.0643 1664 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:17:42.0658 1664 CLFS - ok
15:17:42.0717 1664 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:42.0730 1664 clr_optimization_v2.0.50727_32 - ok
15:17:42.0796 1664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:42.0808 1664 clr_optimization_v4.0.30319_32 - ok
15:17:42.0831 1664 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:17:42.0833 1664 CmBatt - ok
15:17:42.0866 1664 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:17:42.0868 1664 cmdide - ok
15:17:42.0923 1664 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:17:42.0930 1664 CNG - ok
15:17:42.0965 1664 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:17:42.0967 1664 Compbatt - ok
15:17:43.0003 1664 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:17:43.0005 1664 CompositeBus - ok
15:17:43.0019 1664 COMSysApp - ok
15:17:43.0033 1664 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:17:43.0035 1664 crcdisk - ok
15:17:43.0083 1664 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
15:17:43.0094 1664 CryptSvc - ok
15:17:43.0144 1664 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
15:17:43.0172 1664 CSC - ok
15:17:43.0229 1664 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
15:17:43.0242 1664 CscService - ok
15:17:43.0277 1664 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:17:43.0285 1664 DcomLaunch - ok
15:17:43.0325 1664 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:17:43.0329 1664 defragsvc - ok
15:17:43.0394 1664 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:17:43.0396 1664 DfsC - ok
15:17:43.0422 1664 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:17:43.0437 1664 Dhcp - ok
15:17:43.0459 1664 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:17:43.0461 1664 discache - ok
15:17:43.0491 1664 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:17:43.0493 1664 Disk - ok
15:17:43.0522 1664 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:17:43.0533 1664 Dnscache - ok
15:17:43.0572 1664 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:17:43.0580 1664 dot3svc - ok
15:17:43.0620 1664 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:17:43.0631 1664 DPS - ok
15:17:43.0657 1664 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:17:43.0659 1664 drmkaud - ok
15:17:43.0728 1664 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:17:43.0750 1664 DXGKrnl - ok
15:17:43.0785 1664 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:17:43.0788 1664 EapHost - ok
15:17:43.0973 1664 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:17:44.0044 1664 ebdrv - ok
15:17:44.0129 1664 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:17:44.0132 1664 EFS - ok
15:17:44.0207 1664 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:17:44.0219 1664 ehRecvr - ok
15:17:44.0242 1664 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:17:44.0255 1664 ehSched - ok
15:17:44.0314 1664 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:17:44.0331 1664 elxstor - ok
15:17:44.0364 1664 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:17:44.0366 1664 ErrDev - ok
15:17:44.0411 1664 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:17:44.0425 1664 EventSystem - ok
15:17:44.0458 1664 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:17:44.0461 1664 exfat - ok
15:17:44.0508 1664 fanio (0dd24dabb0b8c4ac0d8f2ebf0492276a) C:\Windows\system32\drivers\fanio.sys
15:17:44.0510 1664 fanio - ok
15:17:44.0534 1664 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:17:44.0544 1664 fastfat - ok
15:17:44.0612 1664 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:17:44.0625 1664 Fax - ok
15:17:44.0636 1664 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:17:44.0638 1664 fdc - ok
15:17:44.0644 1664 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:17:44.0648 1664 fdPHost - ok
15:17:44.0660 1664 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:17:44.0662 1664 FDResPub - ok
15:17:44.0674 1664 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:17:44.0677 1664 FileInfo - ok
15:17:44.0691 1664 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:17:44.0694 1664 Filetrace - ok
15:17:44.0705 1664 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:17:44.0707 1664 flpydisk - ok
15:17:44.0729 1664 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:17:44.0739 1664 FltMgr - ok
15:17:44.0823 1664 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:17:44.0841 1664 FontCache - ok
15:17:44.0901 1664 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:17:44.0905 1664 FontCache3.0.0.0 - ok
15:17:44.0924 1664 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:17:44.0927 1664 FsDepends - ok
15:17:44.0967 1664 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
15:17:44.0969 1664 fssfltr - ok
15:17:45.0122 1664 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:17:45.0182 1664 fsssvc - ok
15:17:45.0271 1664 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:17:45.0274 1664 Fs_Rec - ok
15:17:45.0324 1664 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:17:45.0333 1664 fvevol - ok
15:17:45.0369 1664 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:17:45.0372 1664 gagp30kx - ok
15:17:45.0416 1664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:17:45.0418 1664 GEARAspiWDM - ok
15:17:45.0448 1664 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
15:17:45.0451 1664 giveio - ok
15:17:45.0523 1664 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:17:45.0545 1664 gpsvc - ok
15:17:45.0581 1664 guardian2 (f058c5f64dff28a2c8d7d1d04171e604) C:\Windows\system32\Drivers\oz776.sys
15:17:45.0584 1664 guardian2 - ok
15:17:45.0601 1664 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:17:45.0604 1664 hcw85cir - ok
15:17:45.0658 1664 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:17:45.0672 1664 HdAudAddService - ok
15:17:45.0700 1664 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:17:45.0713 1664 HDAudBus - ok
15:17:45.0725 1664 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:17:45.0727 1664 HidBatt - ok
15:17:45.0745 1664 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:17:45.0756 1664 HidBth - ok
15:17:45.0781 1664 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:17:45.0783 1664 HidIr - ok
15:17:45.0804 1664 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:17:45.0808 1664 hidserv - ok
15:17:45.0826 1664 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:17:45.0829 1664 HidUsb - ok
15:17:45.0862 1664 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:17:45.0865 1664 hkmsvc - ok
15:17:45.0904 1664 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:17:45.0913 1664 HomeGroupListener - ok
15:17:45.0957 1664 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:17:45.0966 1664 HomeGroupProvider - ok
15:17:45.0992 1664 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:17:45.0995 1664 HpSAMD - ok
15:17:46.0069 1664 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\Windows\system32\DRIVERS\HSX_DPV.sys
15:17:46.0091 1664 HSF_DPV - ok
15:17:46.0136 1664 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
15:17:46.0145 1664 HSXHWAZL - ok
15:17:46.0213 1664 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:17:46.0222 1664 HTTP - ok
15:17:46.0248 1664 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:17:46.0250 1664 hwpolicy - ok
15:17:46.0291 1664 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:17:46.0293 1664 i8042prt - ok
15:17:46.0326 1664 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:17:46.0338 1664 iaStorV - ok
15:17:46.0423 1664 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:17:46.0446 1664 idsvc - ok
15:17:46.0474 1664 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:17:46.0476 1664 iirsp - ok
15:17:46.0541 1664 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:17:46.0556 1664 IKEEXT - ok
15:17:46.0570 1664 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:17:46.0573 1664 intelide - ok
15:17:46.0592 1664 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:17:46.0594 1664 intelppm - ok
15:17:46.0617 1664 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:17:46.0620 1664 IPBusEnum - ok
15:17:46.0636 1664 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:17:46.0638 1664 IpFilterDriver - ok
15:17:46.0692 1664 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:17:46.0707 1664 iphlpsvc - ok
15:17:46.0738 1664 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:17:46.0740 1664 IPMIDRV - ok
15:17:46.0759 1664 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:17:46.0770 1664 IPNAT - ok
15:17:46.0894 1664 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
15:17:46.0912 1664 iPod Service - ok
15:17:46.0936 1664 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:17:46.0937 1664 IRENUM - ok
15:17:46.0952 1664 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:17:46.0955 1664 isapnp - ok
15:17:47.0015 1664 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:17:47.0024 1664 iScsiPrt - ok
15:17:47.0071 1664 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
15:17:47.0073 1664 kbdclass - ok
15:17:47.0106 1664 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
15:17:47.0107 1664 kbdhid - ok
15:17:47.0137 1664 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:47.0139 1664 KeyIso - ok
15:17:47.0174 1664 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:17:47.0176 1664 KSecDD - ok
15:17:47.0193 1664 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:17:47.0205 1664 KSecPkg - ok
15:17:47.0241 1664 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:17:47.0256 1664 KtmRm - ok
15:17:47.0312 1664 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
15:17:47.0323 1664 LanmanServer - ok
15:17:47.0368 1664 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:17:47.0383 1664 LanmanWorkstation - ok
15:17:47.0525 1664 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:17:47.0538 1664 LBTServ - ok
15:17:47.0573 1664 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:17:47.0575 1664 LHidFilt - ok
15:17:47.0605 1664 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:17:47.0607 1664 lltdio - ok
15:17:47.0639 1664 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:17:47.0648 1664 lltdsvc - ok
15:17:47.0658 1664 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:17:47.0660 1664 lmhosts - ok
15:17:47.0678 1664 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:17:47.0680 1664 LMouFilt - ok
15:17:47.0714 1664 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:17:47.0717 1664 LSI_FC - ok
15:17:47.0730 1664 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:17:47.0735 1664 LSI_SAS - ok
15:17:47.0750 1664 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:17:47.0753 1664 LSI_SAS2 - ok
15:17:47.0769 1664 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:17:47.0774 1664 LSI_SCSI - ok
15:17:47.0787 1664 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:17:47.0790 1664 luafv - ok
15:17:47.0825 1664 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:17:47.0829 1664 Mcx2Svc - ok
15:17:47.0900 1664 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:17:47.0929 1664 MDM - ok
15:17:47.0961 1664 mdmxsdk (e246a32c445056996074a397da56e815) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:17:47.0962 1664 mdmxsdk - ok
15:17:47.0971 1664 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:17:47.0974 1664 megasas - ok
15:17:48.0000 1664 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:17:48.0008 1664 MegaSR - ok
15:17:48.0065 1664 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:17:48.0068 1664 Microsoft Office Groove Audit Service - ok
15:17:48.0090 1664 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:17:48.0094 1664 MMCSS - ok
15:17:48.0105 1664 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:17:48.0107 1664 Modem - ok
15:17:48.0116 1664 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:17:48.0118 1664 monitor - ok
15:17:48.0155 1664 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:17:48.0157 1664 mouclass - ok
15:17:48.0168 1664 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:17:48.0170 1664 mouhid - ok
15:17:48.0203 1664 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:17:48.0205 1664 mountmgr - ok
15:17:48.0258 1664 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:17:48.0270 1664 MozillaMaintenance - ok
15:17:48.0301 1664 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:17:48.0312 1664 mpio - ok
15:17:48.0337 1664 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:17:48.0339 1664 mpsdrv - ok
15:17:48.0407 1664 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:17:48.0443 1664 MpsSvc - ok
15:17:48.0479 1664 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:17:48.0491 1664 MRxDAV - ok
15:17:48.0533 1664 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:17:48.0545 1664 mrxsmb - ok
15:17:48.0566 1664 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:17:48.0574 1664 mrxsmb10 - ok
15:17:48.0592 1664 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:17:48.0594 1664 mrxsmb20 - ok
15:17:48.0623 1664 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:17:48.0625 1664 msahci - ok
15:17:48.0642 1664 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:17:48.0654 1664 msdsm - ok
15:17:48.0679 1664 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:17:48.0690 1664 MSDTC - ok
15:17:48.0710 1664 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:17:48.0713 1664 Msfs - ok
15:17:48.0727 1664 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:17:48.0729 1664 mshidkmdf - ok
15:17:48.0763 1664 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:17:48.0765 1664 msisadrv - ok
15:17:48.0795 1664 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:17:48.0808 1664 MSiSCSI - ok
15:17:48.0812 1664 msiserver - ok
15:17:48.0841 1664 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:17:48.0843 1664 MSKSSRV - ok
15:17:48.0873 1664 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:17:48.0875 1664 MSPCLOCK - ok
15:17:48.0888 1664 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:17:48.0889 1664 MSPQM - ok
15:17:48.0911 1664 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:17:48.0921 1664 MsRPC - ok
15:17:48.0956 1664 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:17:48.0958 1664 mssmbios - ok
15:17:48.0963 1664 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:17:48.0965 1664 MSTEE - ok
15:17:48.0970 1664 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:17:48.0972 1664 MTConfig - ok
15:17:48.0982 1664 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:17:48.0986 1664 Mup - ok
15:17:49.0030 1664 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:17:49.0043 1664 napagent - ok
15:17:49.0078 1664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:17:49.0086 1664 NativeWifiP - ok
15:17:49.0253 1664 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe
15:17:49.0268 1664 NAUpdate - ok
15:17:49.0342 1664 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:17:49.0356 1664 NDIS - ok
15:17:49.0370 1664 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:17:49.0372 1664 NdisCap - ok
15:17:49.0393 1664 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:17:49.0396 1664 NdisTapi - ok
15:17:49.0432 1664 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:17:49.0434 1664 Ndisuio - ok
15:17:49.0470 1664 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:17:49.0473 1664 NdisWan - ok
15:17:49.0505 1664 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:17:49.0508 1664 NDProxy - ok
15:17:49.0524 1664 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:17:49.0526 1664 NetBIOS - ok
15:17:49.0567 1664 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:17:49.0577 1664 NetBT - ok
15:17:49.0603 1664 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:49.0605 1664 Netlogon - ok
15:17:49.0656 1664 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:17:49.0670 1664 Netman - ok
15:17:49.0703 1664 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:17:49.0715 1664 netprofm - ok
15:17:49.0777 1664 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:17:49.0788 1664 NetTcpPortSharing - ok
15:17:49.0819 1664 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:17:49.0821 1664 nfrd960 - ok
15:17:49.0867 1664 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:17:49.0884 1664 NlaSvc - ok
15:17:49.0928 1664 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:17:49.0930 1664 Npfs - ok
15:17:49.0940 1664 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:17:49.0943 1664 nsi - ok
15:17:49.0957 1664 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:17:49.0959 1664 nsiproxy - ok
15:17:50.0072 1664 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:17:50.0100 1664 Ntfs - ok
15:17:50.0113 1664 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:17:50.0115 1664 Null - ok
15:17:50.0575 1664 nvlddmkm (05b288b25c2ebd9a4e9e5114ae790876) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:17:50.0726 1664 nvlddmkm - ok
15:17:50.0847 1664 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:17:50.0859 1664 nvraid - ok
15:17:50.0897 1664 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:17:50.0908 1664 nvstor - ok
15:17:50.0951 1664 nvsvc (e937a615d4289e83e234c3ec26092431) C:\Windows\system32\nvvsvc.exe
15:17:50.0976 1664 nvsvc - ok
15:17:50.0998 1664 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:17:51.0010 1664 nv_agp - ok
15:17:51.0149 1664 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:17:51.0166 1664 odserv - ok
15:17:51.0196 1664 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:17:51.0199 1664 ohci1394 - ok
15:17:51.0240 1664 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:51.0252 1664 ose - ok
15:17:51.0294 1664 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:17:51.0309 1664 p2pimsvc - ok
15:17:51.0350 1664 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:17:51.0357 1664 p2psvc - ok
15:17:51.0382 1664 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:17:51.0384 1664 Parport - ok
15:17:51.0417 1664 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
15:17:51.0420 1664 partmgr - ok
15:17:51.0437 1664 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:17:51.0439 1664 Parvdm - ok
15:17:51.0462 1664 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:17:51.0473 1664 PcaSvc - ok
15:17:51.0484 1664 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:17:51.0488 1664 pci - ok
15:17:51.0498 1664 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:17:51.0500 1664 pciide - ok
15:17:51.0532 1664 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:51.0536 1664 pcmcia - ok
15:17:51.0547 1664 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:17:51.0550 1664 pcw - ok
15:17:51.0604 1664 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:17:51.0623 1664 PEAUTH - ok
15:17:51.0712 1664 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
15:17:51.0732 1664 PeerDistSvc - ok
15:17:51.0845 1664 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:17:51.0876 1664 pla - ok
15:17:51.0978 1664 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:17:51.0992 1664 PlugPlay - ok
15:17:52.0008 1664 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:17:52.0011 1664 PNRPAutoReg - ok
15:17:52.0042 1664 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:17:52.0046 1664 PNRPsvc - ok
15:17:52.0103 1664 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:17:52.0116 1664 PolicyAgent - ok
15:17:52.0151 1664 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:17:52.0162 1664 Power - ok
15:17:52.0204 1664 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:17:52.0206 1664 PptpMiniport - ok
15:17:52.0224 1664 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:17:52.0226 1664 Processor - ok
15:17:52.0266 1664 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
15:17:52.0276 1664 ProfSvc - ok
15:17:52.0306 1664 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:52.0308 1664 ProtectedStorage - ok
15:17:52.0338 1664 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:17:52.0341 1664 Psched - ok
15:17:52.0438 1664 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:17:52.0476 1664 ql2300 - ok
15:17:52.0570 1664 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:17:52.0573 1664 ql40xx - ok
15:17:52.0607 1664 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:17:52.0615 1664 QWAVE - ok
15:17:52.0626 1664 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:17:52.0629 1664 QWAVEdrv - ok
15:17:52.0642 1664 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:17:52.0643 1664 RasAcd - ok
15:17:52.0664 1664 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:17:52.0666 1664 RasAgileVpn - ok
15:17:52.0675 1664 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:17:52.0679 1664 RasAuto - ok
15:17:52.0697 1664 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:17:52.0700 1664 Rasl2tp - ok
15:17:52.0743 1664 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:17:52.0764 1664 RasMan - ok
15:17:52.0793 1664 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:17:52.0795 1664 RasPppoe - ok
15:17:52.0807 1664 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:17:52.0810 1664 RasSstp - ok
15:17:52.0852 1664 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:17:52.0866 1664 rdbss - ok
15:17:52.0901 1664 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:17:52.0903 1664 rdpbus - ok
15:17:52.0933 1664 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:17:52.0935 1664 RDPCDD - ok
15:17:52.0961 1664 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
15:17:52.0972 1664 RDPDR - ok
15:17:52.0995 1664 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:17:52.0997 1664 RDPENCDD - ok
15:17:53.0015 1664 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:17:53.0018 1664 RDPREFMP - ok
15:17:53.0053 1664 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
15:17:53.0086 1664 RDPWD - ok
15:17:53.0136 1664 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:17:53.0146 1664 rdyboost - ok
15:17:53.0174 1664 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:17:53.0177 1664 RemoteAccess - ok
15:17:53.0212 1664 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:17:53.0226 1664 RemoteRegistry - ok
15:17:53.0269 1664 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
15:17:53.0281 1664 RFCOMM - ok
15:17:53.0303 1664 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:17:53.0307 1664 RpcEptMapper - ok
15:17:53.0327 1664 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:17:53.0330 1664 RpcLocator - ok
15:17:53.0376 1664 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:17:53.0381 1664 RpcSs - ok
15:17:53.0429 1664 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:17:53.0431 1664 rspndr - ok
15:17:53.0460 1664 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
15:17:53.0463 1664 s3cap - ok
15:17:53.0495 1664 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:53.0497 1664 SamSs - ok
15:17:53.0549 1664 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:17:53.0551 1664 sbp2port - ok
15:17:53.0573 1664 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:17:53.0584 1664 SCardSvr - ok
15:17:53.0615 1664 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:17:53.0617 1664 scfilter - ok
15:17:53.0696 1664 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:17:53.0709 1664 Schedule - ok
15:17:53.0743 1664 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:17:53.0744 1664 SCPolicySvc - ok
15:17:53.0779 1664 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:17:53.0792 1664 SDRSVC - ok
15:17:53.0815 1664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:17:53.0818 1664 secdrv - ok
15:17:53.0833 1664 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:17:53.0837 1664 seclogon - ok
15:17:53.0849 1664 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:17:53.0854 1664 SENS - ok
15:17:53.0884 1664 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:17:53.0888 1664 SensrSvc - ok
15:17:53.0900 1664 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:17:53.0902 1664 Serenum - ok
15:17:53.0914 1664 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:17:53.0917 1664 Serial - ok
15:17:53.0947 1664 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:17:53.0949 1664 sermouse - ok
15:17:53.0992 1664 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:17:54.0004 1664 SessionEnv - ok
15:17:54.0029 1664 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:17:54.0030 1664 sffdisk - ok
15:17:54.0046 1664 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:17:54.0047 1664 sffp_mmc - ok
15:17:54.0059 1664 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:17:54.0061 1664 sffp_sd - ok
15:17:54.0071 1664 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:17:54.0073 1664 sfloppy - ok
15:17:54.0118 1664 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:17:54.0133 1664 SharedAccess - ok
15:17:54.0186 1664 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:17:54.0199 1664 ShellHWDetection - ok
15:17:54.0238 1664 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:17:54.0240 1664 sisagp - ok
15:17:54.0266 1664 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:17:54.0281 1664 SiSRaid2 - ok
15:17:54.0306 1664 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:17:54.0308 1664 SiSRaid4 - ok
15:17:54.0330 1664 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:17:54.0333 1664 Smb - ok
15:17:54.0368 1664 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
15:17:54.0377 1664 snapman - ok
15:17:54.0402 1664 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:17:54.0405 1664 SNMPTRAP - ok
15:17:54.0449 1664 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\Windows\system32\speedfan.sys
15:17:54.0454 1664 speedfan - ok
15:17:54.0469 1664 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:17:54.0471 1664 spldr - ok
15:17:54.0527 1664 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:17:54.0540 1664 Spooler - ok
15:17:54.0766 1664 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:17:54.0850 1664 sppsvc - ok
15:17:54.0952 1664 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:17:54.0956 1664 sppuinotify - ok
15:17:55.0017 1664 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:17:55.0032 1664 srv - ok
15:17:55.0057 1664 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:17:55.0071 1664 srv2 - ok
15:17:55.0105 1664 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:17:55.0114 1664 SrvHsfHDA - ok
15:17:55.0183 1664 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:17:55.0202 1664 SrvHsfV92 - ok
15:17:55.0251 1664 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:17:55.0269 1664 SrvHsfWinac - ok
15:17:55.0310 1664 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:17:55.0323 1664 srvnet - ok
15:17:55.0356 1664 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
15:17:55.0358 1664 sscdbus - ok
15:17:55.0377 1664 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:17:55.0380 1664 sscdmdfl - ok
15:17:55.0397 1664 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
15:17:55.0400 1664 sscdmdm - ok
15:17:55.0414 1664 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
15:17:55.0417 1664 sscdserd - ok
15:17:55.0454 1664 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:17:55.0464 1664 SSDPSRV - ok
15:17:55.0491 1664 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:17:55.0499 1664 SstpSvc - ok
15:17:55.0523 1664 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:17:55.0525 1664 stexstor - ok
15:17:55.0584 1664 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:17:55.0601 1664 StiSvc - ok
15:17:55.0640 1664 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
15:17:55.0642 1664 storflt - ok
15:17:55.0668 1664 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
15:17:55.0672 1664 StorSvc - ok
15:17:55.0688 1664 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
15:17:55.0690 1664 storvsc - ok
15:17:55.0703 1664 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:17:55.0705 1664 swenum - ok
15:17:55.0730 1664 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:17:55.0744 1664 swprv - ok
15:17:55.0847 1664 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:17:55.0879 1664 SysMain - ok
15:17:55.0917 1664 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:17:55.0921 1664 TabletInputService - ok
15:17:55.0966 1664 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:17:55.0981 1664 TapiSrv - ok
15:17:55.0998 1664 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:17:56.0004 1664 TBS - ok
15:17:56.0121 1664 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
15:17:56.0162 1664 Tcpip - ok
15:17:56.0190 1664 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
15:17:56.0199 1664 TCPIP6 - ok
15:17:56.0235 1664 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:17:56.0237 1664 tcpipreg - ok
15:17:56.0264 1664 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:17:56.0266 1664 TDPIPE - ok
15:17:56.0294 1664 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:17:56.0296 1664 TDTCP - ok
15:17:56.0329 1664 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:17:56.0332 1664 tdx - ok
15:17:56.0365 1664 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:17:56.0367 1664 TermDD - ok
15:17:56.0421 1664 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:17:56.0435 1664 TermService - ok
15:17:56.0454 1664 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:17:56.0457 1664 Themes - ok
15:17:56.0479 1664 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:17:56.0481 1664 THREADORDER - ok
15:17:56.0576 1664 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
15:17:56.0595 1664 timounter - ok
15:17:56.0621 1664 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:17:56.0625 1664 TrkWks - ok
15:17:56.0688 1664 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:17:56.0698 1664 TrustedInstaller - ok
15:17:56.0711 1664 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:17:56.0713 1664 tssecsrv - ok
15:17:56.0755 1664 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:17:56.0757 1664 TsUsbFlt - ok
15:17:56.0813 1664 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:17:56.0825 1664 tunnel - ok
15:17:56.0859 1664 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:17:56.0861 1664 uagp35 - ok
15:17:56.0909 1664 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:17:56.0916 1664 udfs - ok
15:17:56.0939 1664 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:17:56.0943 1664 UI0Detect - ok
15:17:56.0986 1664 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:17:56.0989 1664 uliagpkx - ok
15:17:57.0036 1664 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:17:57.0038 1664 umbus - ok
15:17:57.0056 1664 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:17:57.0058 1664 UmPass - ok
15:17:57.0099 1664 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
15:17:57.0107 1664 UmRdpService - ok
15:17:57.0135 1664 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:17:57.0149 1664 upnphost - ok
15:17:57.0186 1664 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
15:17:57.0188 1664 USBAAPL - ok
15:17:57.0205 1664 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:17:57.0208 1664 usbccgp - ok
15:17:57.0246 1664 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:17:57.0251 1664 usbcir - ok
15:17:57.0270 1664 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:17:57.0272 1664 usbehci - ok
15:17:57.0309 1664 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:17:57.0322 1664 usbhub - ok
15:17:57.0335 1664 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
15:17:57.0337 1664 usbohci - ok
15:17:57.0345 1664 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:17:57.0347 1664 usbprint - ok
15:17:57.0368 1664 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:17:57.0370 1664 USBSTOR - ok
15:17:57.0390 1664 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:17:57.0392 1664 usbuhci - ok
15:17:57.0405 1664 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:17:57.0409 1664 UxSms - ok
15:17:57.0436 1664 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:17:57.0438 1664 VaultSvc - ok
15:17:57.0454 1664 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:17:57.0457 1664 vdrvroot - ok
15:17:57.0513 1664 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:17:57.0523 1664 vds - ok
15:17:57.0536 1664 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:17:57.0538 1664 vga - ok
15:17:57.0553 1664 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:17:57.0555 1664 VgaSave - ok
15:17:57.0605 1664 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:17:57.0617 1664 vhdmp - ok
15:17:57.0656 1664 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:17:57.0658 1664 viaagp - ok
15:17:57.0670 1664 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:17:57.0673 1664 ViaC7 - ok
15:17:57.0682 1664 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:17:57.0684 1664 viaide - ok
15:17:57.0711 1664 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
15:17:57.0721 1664 vididr - ok
15:17:57.0742 1664 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
15:17:57.0745 1664 vidsflt53 - ok
15:17:57.0769 1664 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
15:17:57.0779 1664 vmbus - ok
15:17:57.0794 1664 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
15:17:57.0796 1664 VMBusHID - ok
15:17:57.0810 1664 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:17:57.0812 1664 volmgr - ok
15:17:57.0843 1664 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:17:57.0859 1664 volmgrx - ok
15:17:57.0887 1664 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:17:57.0894 1664 volsnap - ok
15:17:57.0919 1664 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:17:57.0929 1664 vsmraid - ok
15:17:58.0024 1664 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:17:58.0061 1664 VSS - ok
15:17:58.0078 1664 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
15:17:58.0080 1664 vwifibus - ok
15:17:58.0103 1664 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
15:17:58.0105 1664 vwififlt - ok
15:17:58.0123 1664 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
15:17:58.0124 1664 vwifimp - ok
15:17:58.0159 1664 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:17:58.0173 1664 W32Time - ok
15:17:58.0194 1664 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:17:58.0196 1664 WacomPen - ok
15:17:58.0242 1664 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:17:58.0245 1664 WANARP - ok
15:17:58.0248 1664 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:17:58.0250 1664 Wanarpv6 - ok
15:17:58.0356 1664 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:17:58.0394 1664 WatAdminSvc - ok
15:17:58.0499 1664 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:17:58.0536 1664 wbengine - ok
15:17:58.0556 1664 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:17:58.0567 1664 WbioSrvc - ok
15:17:58.0623 1664 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:17:58.0638 1664 wcncsvc - ok
15:17:58.0654 1664 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:17:58.0658 1664 WcsPlugInService - ok
15:17:58.0702 1664 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:17:58.0704 1664 Wd - ok
15:17:58.0744 1664 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:17:58.0766 1664 Wdf01000 - ok
15:17:58.0802 1664 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:17:58.0807 1664 WdiServiceHost - ok
15:17:58.0810 1664 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:17:58.0814 1664 WdiSystemHost - ok
15:17:58.0867 1664 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:17:58.0901 1664 WebClient - ok
15:17:58.0921 1664 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:17:58.0931 1664 Wecsvc - ok
15:17:58.0941 1664 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:17:58.0945 1664 wercplsupport - ok
15:17:58.0972 1664 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:17:58.0977 1664 WerSvc - ok
15:17:58.0995 1664 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:17:58.0997 1664 WfpLwf - ok
15:17:59.0003 1664 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:17:59.0005 1664 WIMMount - ok
15:17:59.0068 1664 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:17:59.0085 1664 winachsf - ok
15:17:59.0196 1664 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:17:59.0212 1664 WinDefend - ok
15:17:59.0221 1664 WinHttpAutoProxySvc - ok
15:17:59.0333 1664 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:17:59.0341 1664 Winmgmt - ok
15:17:59.0448 1664 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:17:59.0486 1664 WinRM - ok
15:17:59.0532 1664 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:17:59.0534 1664 WinUsb - ok
15:17:59.0611 1664 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:17:59.0631 1664 Wlansvc - ok
15:17:59.0725 1664 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:17:59.0730 1664 wlcrasvc - ok
15:17:59.0902 1664 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:59.0939 1664 wlidsvc - ok
15:18:00.0007 1664 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:18:00.0009 1664 WmiAcpi - ok
15:18:00.0060 1664 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:18:00.0073 1664 wmiApSrv - ok
15:18:00.0194 1664 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:18:00.0227 1664 WMPNetworkSvc - ok
15:18:00.0248 1664 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:18:00.0253 1664 WPCSvc - ok
15:18:00.0285 1664 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:18:00.0298 1664 WPDBusEnum - ok
15:18:00.0314 1664 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:18:00.0316 1664 ws2ifsl - ok
15:18:00.0333 1664 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
15:18:00.0338 1664 wscsvc - ok
15:18:00.0343 1664 WSearch - ok
15:18:00.0492 1664 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
15:18:00.0535 1664 wuauserv - ok
15:18:00.0627 1664 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:18:00.0630 1664 WudfPf - ok
15:18:00.0655 1664 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:00.0667 1664 WUDFRd - ok
15:18:00.0701 1664 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:18:00.0706 1664 wudfsvc - ok
15:18:00.0725 1664 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:18:00.0734 1664 WwanSvc - ok
15:18:00.0894 1664 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:18:00.0914 1664 YahooAUService - ok
15:18:00.0942 1664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:18:00.0995 1664 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:18:00.0995 1664 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:18:00.0999 1664 Boot (0x1200) (84cbf3157499c335c514643079455eba) \Device\Harddisk0\DR0\Partition0
15:18:01.0001 1664 \Device\Harddisk0\DR0\Partition0 - ok
15:18:01.0010 1664 Boot (0x1200) (e88c419a540816f6b5d01a44d0372b6a) \Device\Harddisk0\DR0\Partition1
15:18:01.0012 1664 \Device\Harddisk0\DR0\Partition1 - ok
15:18:01.0013 1664 ============================================================
15:18:01.0013 1664 Scan finished
15:18:01.0013 1664 ============================================================
15:18:01.0024 7008 Detected object count: 1
15:18:01.0024 7008 Actual detected object count: 1
15:19:17.0094 7008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
15:19:17.0094 7008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
15:19:24.0948 5920 Deinitialize success
Charliea
Active Member
 
Posts: 13
Joined: July 25th, 2012, 11:31 pm

Re: Please help me remove searchnu

Unread postby Charliea » July 29th, 2012, 7:08 pm

Sorry for the double post.. the first one didnt seem to be going anywhere just sitting there. So I closed out the page and reopened it and sent again.

ESETScan results:

C:\Program Files\Retrogamer_4wEI\Installr\1.bin\4wEIPlug.dll Win32/Toolbar.MyWebSearch application
C:\Program Files\Retrogamer_4wEI\Installr\1.bin\4wEZSETP.dll Win32/Toolbar.MyWebSearch.Q application
C:\Program Files\Retrogamer_4wEI\Installr\1.bin\NP4wEISb.dll Win32/Toolbar.MyWebSearch application
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\Dad\Desktop\Charlies Files\Charlies Files\Adobe.CS3.Master.Collection.Corporate\ACS3MCD1.iso a variant of Win32/Keygen.BR application
C:\Users\Dad\Desktop\Charlies Files\Charlies Files\Pinstripe\ipscan.exe Win32/NetTool.Portscan.C application
C:\Users\Dad\Desktop\Charlies Files\Music\MP3\MP3-1\Buggle - Video Killed the radio Star.wma probably a variant of Win32/Agent.EGTYVCM trojan
C:\Users\Dad\Desktop\Charlies Files\Music\MP3\MP3-2\Glenn Campbell - I wanna live.wma probably a variant of Win32/Agent.NTUFNLO trojan
C:\Users\Dad\Downloads\cdbxp_setup_4.4.1.3184.exe Win32/OpenCandy application
C:\Users\Dad\Downloads\Minecraft_v1.0(1).exe Win32/Adware.1ClickDownload.C application
C:\Users\Dad\Downloads\Minecraft_v1.0.exe Win32/Adware.1ClickDownload.C application
C:\_OTL\MovedFiles\07282012_212708\C_Program Files\RobotBoom_60EI\Installr\1.bin\60EIPlug.dll Win32/Toolbar.MyWebSearch application
C:\_OTL\MovedFiles\07282012_212708\C_Program Files\RobotBoom_60EI\Installr\1.bin\60EZSETP.dll Win32/Toolbar.MyWebSearch.Q application
C:\_OTL\MovedFiles\07282012_212708\C_Program Files\RobotBoom_60EI\Installr\1.bin\NP60EISb.dll Win32/Toolbar.MyWebSearch application
C:\_OTL\MovedFiles\07282012_212708\C_Program Files\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application
Charliea
Active Member
 
Posts: 13
Joined: July 25th, 2012, 11:31 pm

Re: Please help me remove searchnu

Unread postby pgmigg » July 30th, 2012, 12:13 am

Hello Charliea,

Rootkit Warning

Your computer has multiple infections, including a Rootkit. A rootkit is a set of software tools intended for concealing running processes, files or system data from the operating system.

You are strongly advised to do the following:

  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

DO NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its rootkit functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and re-installation of the operating system (OS).

To help you understand more, please take some time to read the following articles:

What are rootkits from Wikipedia
Why are rootkits dangerous
When should I re-format and reinstall my OS
What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
Back up and restore: frequently asked questions
Restoring your Vista-W7 backups

Should you have any questions please feel free to ask.

However, if you do not have the resources to reinstall your OS and would like me to attempt to clean your machine, I will be happy to do so.

Please let us know what you have decided to do in your next post.

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Please help me remove searchnu

Unread postby NonSuch » August 2nd, 2012, 11:44 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware