Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

Trojan Horse Dropper.Generic_c.MMI

(New)
(!)

dcatkc's Avatar
dcatkc dcatkc is offline
Member with 2 posts.
THREAD STARTER
 
Join Date: Aug 2012
Experience: Beginner
03-Aug-2012, 03:57 PM #1
Trojan Horse Dropper.Generic_c.MMI
Hi! Newbie here.

I have read through the on-going thread between Evaryn and Conspire on this trojan. I am having the same issues on my computer with AVG constantly flagging it down.

Here is the HijackThis and DDS logs.

I have also performed the first steps recommended by Conspire to Evaryn using aswMBR and TDSSKiller. I will post the logs for those separately following this.

Thanks!



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:52:14 PM, on 8/3/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Users\Daniel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Eye-Fi] "C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe -update plugin
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DF3441D-F11F-4196-B084-CF77EC063C5C}: NameServer = 10.205.24.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McciServiceHost - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11976 bytes



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by Daniel at 15:52:51 on 2012-08-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.4490 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local;<local>
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Eye-Fi] "C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe -update plugin
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: $talisma_url$
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{07E60E28-C050-4FFD-BFE2-27F74C49B13F} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3DF3441D-F11F-4196-B084-CF77EC063C5C} : NameServer = 10.205.24.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\hifc9yea.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-16 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-1-6 331608]
R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-1-4 363336]
R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-11-16 517632]
R2 McciServiceHost;McciServiceHost;C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe [2011-11-16 315392]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250056]
S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe [2012-1-6 77520]
S3 HPFXBULKLEDM;HPFXBULKLEDM;C:\Windows\system32\drivers\hppdbulkio.sys --> C:\Windows\system32\drivers\hppdbulkio.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-14 22:05:26 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-12 08:05:03 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 20:57:32 -------- d-----w- C:\Temp
2012-07-11 20:53:10 -------- d-----w- C:\Users\Daniel\AppData\Local\Samsung
2012-07-11 20:53:04 -------- d-----w- C:\Users\Daniel\AppData\Roaming\Samsung
2012-07-11 20:52:08 99384 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2012-07-11 20:52:08 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
2012-07-11 20:52:08 203320 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2012-07-11 20:52:08 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2012-07-11 20:50:18 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
2012-07-11 20:50:08 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll
2012-07-11 20:50:08 -------- d-----w- C:\Program Files (x86)\MarkAny
2012-07-11 20:49:49 -------- d-----w- C:\ProgramData\Samsung
2012-07-11 20:49:49 -------- d-----w- C:\Program Files (x86)\Samsung
2012-07-11 09:01:05 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-07-11 09:01:05 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-07-11 09:01:05 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-07-11 09:01:05 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-07-11 09:01:05 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-07-11 09:01:05 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-07-11 09:01:05 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-07-11 09:01:05 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-07-11 09:01:05 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
.
==================== Find3M ====================
.
2012-08-02 23:34:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-02 23:34:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-01 00:52:30 60304 ----a-w- C:\Users\Daniel\g2mdlhlpx.exe
2012-05-29 05:38:50 330240 ----a-w- C:\Windows\MASetupCaller.dll
2012-05-19 00:27:23 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-05-19 00:27:23 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 15:55:29.45 ===============
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
dcatkc's Avatar
dcatkc dcatkc is offline
Member with 2 posts.
THREAD STARTER
 
Join Date: Aug 2012
Experience: Beginner
03-Aug-2012, 04:05 PM #2
aswMBR log and TDSS Killer log:



aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-03 15:09:54
-----------------------------
15:09:54.840 OS Version: Windows x64 6.1.7601 Service Pack 1
15:09:54.840 Number of processors: 4 586 0x2505
15:09:54.842 ComputerName: SCD-01 UserName: Daniel
15:10:00.096 Initialize success
15:11:22.086 AVAST engine defs: 12080300
15:11:30.764 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:11:30.766 Disk 0 Vendor: ST95005620AS SD23 Size: 476940MB BusType: 11
15:11:30.771 Disk 0 MBR read successfully
15:11:30.774 Disk 0 MBR scan
15:11:30.779 Disk 0 Windows 7 default MBR code
15:11:30.787 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:11:30.793 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
15:11:30.837 Disk 0 scanning C:\Windows\system32\drivers
15:11:43.788 Service scanning
15:12:01.539 Modules scanning
15:12:01.553 Disk 0 trace - called modules:
15:12:01.565 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:12:01.575 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008395060]
15:12:01.580 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80081dcb10]
15:12:01.586 5 hpdskflt.sys[fffff88001990189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80080b6060]
15:12:03.758 AVAST engine scan C:\Windows
15:12:06.339 AVAST engine scan C:\Windows\system32
15:13:53.555 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:13:55.445 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:15:16.710 AVAST engine scan C:\Windows\system32\drivers
15:15:41.406 AVAST engine scan C:\Users\Daniel
15:23:21.666 File: C:\Users\Daniel\AppData\Local\Temp\0138e025081d.exe **INFECTED** Win32:Ransom-MQ [Trj]
15:23:21.996 File: C:\Users\Daniel\AppData\Local\Temp\124kkk290347.exe **INFECTED** Win32:Ransom-MQ [Trj]
15:46:29.641 AVAST engine scan C:\ProgramData
15:47:41.533 Scan finished successfully
15:49:09.005 Disk 0 MBR has been saved successfully to "C:\Users\Daniel\Desktop\MBR.dat"
15:49:09.005 The log file has been saved successfully to "C:\Users\Daniel\Desktop\aswMBR.txt"




15:58:18.0763 209976 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:58:19.0434 209976 ============================================================
15:58:19.0434 209976 Current date / time: 2012/08/03 15:58:19.0434
15:58:19.0434 209976 SystemInfo:
15:58:19.0434 209976
15:58:19.0434 209976 OS Version: 6.1.7601 ServicePack: 1.0
15:58:19.0434 209976 Product type: Workstation
15:58:19.0434 209976 ComputerName: SCD-01
15:58:19.0434 209976 UserName: Daniel
15:58:19.0434 209976 Windows directory: C:\Windows
15:58:19.0434 209976 System windows directory: C:\Windows
15:58:19.0434 209976 Running under WOW64
15:58:19.0434 209976 Processor architecture: Intel x64
15:58:19.0434 209976 Number of processors: 4
15:58:19.0434 209976 Page size: 0x1000
15:58:19.0434 209976 Boot type: Normal boot
15:58:19.0434 209976 ============================================================
15:58:20.0624 209976 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:58:20.0714 209976 Drive \Device\Harddisk5\DR5 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:58:31.0951 209976 ============================================================
15:58:31.0951 209976 \Device\Harddisk0\DR0:
15:58:31.0951 209976 MBR partitions:
15:58:31.0951 209976 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:58:31.0951 209976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:58:31.0951 209976 \Device\Harddisk5\DR5:
15:58:31.0953 209976 MBR partitions:
15:58:31.0953 209976 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
15:58:31.0953 209976 ============================================================
15:58:31.0962 209976 C: <-> \Device\Harddisk0\DR0\Partition1
15:58:31.0990 209976 I: <-> \Device\Harddisk5\DR5\Partition0
15:58:31.0990 209976 ============================================================
15:58:31.0990 209976 Initialize success
15:58:31.0990 209976 ============================================================
16:01:51.0307 172296 ============================================================
16:01:51.0307 172296 Scan started
16:01:51.0307 172296 Mode: Manual;
16:01:51.0307 172296 ============================================================
16:01:52.0817 172296 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:01:52.0817 172296 1394ohci - ok
16:01:52.0847 172296 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:01:52.0847 172296 Accelerometer - ok
16:01:52.0897 172296 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:01:52.0907 172296 ACPI - ok
16:01:52.0927 172296 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:01:52.0927 172296 AcpiPmi - ok
16:01:52.0987 172296 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:01:52.0987 172296 AdobeARMservice - ok
16:01:53.0117 172296 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:01:53.0117 172296 AdobeFlashPlayerUpdateSvc - ok
16:01:53.0187 172296 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:01:53.0197 172296 adp94xx - ok
16:01:53.0227 172296 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:01:53.0237 172296 adpahci - ok
16:01:53.0267 172296 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:01:53.0267 172296 adpu320 - ok
16:01:53.0287 172296 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:01:53.0287 172296 AeLookupSvc - ok
16:01:53.0327 172296 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
16:01:53.0327 172296 AESTFilters - ok
16:01:53.0407 172296 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:01:53.0417 172296 AFD - ok
16:01:53.0427 172296 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:01:53.0437 172296 agp440 - ok
16:01:53.0447 172296 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:01:53.0447 172296 ALG - ok
16:01:53.0477 172296 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:01:53.0477 172296 aliide - ok
16:01:53.0527 172296 AMD External Events Utility (48619a29f9c9c3cfeb66718dd03d8057) C:\Windows\system32\atiesrxx.exe
16:01:53.0537 172296 AMD External Events Utility - ok
16:01:53.0557 172296 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:01:53.0557 172296 amdide - ok
16:01:53.0577 172296 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:01:53.0577 172296 AmdK8 - ok
16:01:53.0968 172296 amdkmdag (06bf0785de714637eba9bb1084b28626) C:\Windows\system32\DRIVERS\atikmdag.sys
16:01:54.0098 172296 amdkmdag - ok
16:01:54.0238 172296 amdkmdap (2dec3274589ff6889ab05adceeb0f642) C:\Windows\system32\DRIVERS\atikmpag.sys
16:01:54.0248 172296 amdkmdap - ok
16:01:54.0268 172296 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:01:54.0268 172296 AmdPPM - ok
16:01:54.0318 172296 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:01:54.0318 172296 amdsata - ok
16:01:54.0348 172296 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:01:54.0348 172296 amdsbs - ok
16:01:54.0368 172296 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:01:54.0368 172296 amdxata - ok
16:01:54.0388 172296 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:01:54.0398 172296 AppID - ok
16:01:54.0398 172296 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:01:54.0398 172296 AppIDSvc - ok
16:01:54.0418 172296 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:01:54.0418 172296 Appinfo - ok
16:01:54.0448 172296 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:01:54.0448 172296 Apple Mobile Device - ok
16:01:54.0458 172296 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:01:54.0468 172296 arc - ok
16:01:54.0478 172296 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:01:54.0478 172296 arcsas - ok
16:01:54.0488 172296 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:01:54.0488 172296 AsyncMac - ok
16:01:54.0498 172296 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:01:54.0498 172296 atapi - ok
16:01:54.0588 172296 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:01:54.0608 172296 AudioEndpointBuilder - ok
16:01:54.0608 172296 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:01:54.0618 172296 AudioSrv - ok
16:01:54.0848 172296 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:01:54.0928 172296 AVGIDSAgent - ok
16:01:55.0058 172296 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:01:55.0058 172296 AVGIDSDriver - ok
16:01:55.0088 172296 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:01:55.0088 172296 AVGIDSEH - ok
16:01:55.0098 172296 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:01:55.0098 172296 AVGIDSFilter - ok
16:01:55.0128 172296 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:01:55.0138 172296 Avgldx64 - ok
16:01:55.0148 172296 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:01:55.0158 172296 Avgmfx64 - ok
16:01:55.0178 172296 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:01:55.0178 172296 Avgrkx64 - ok
16:01:55.0228 172296 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:01:55.0238 172296 Avgtdia - ok
16:01:55.0278 172296 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:01:55.0288 172296 avgwd - ok
16:01:55.0298 172296 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:01:55.0298 172296 AxInstSV - ok
16:01:55.0388 172296 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:01:55.0388 172296 b06bdrv - ok
16:01:55.0468 172296 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:01:55.0468 172296 b57nd60a - ok
16:01:55.0648 172296 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:01:55.0698 172296 BCM43XX - ok
16:01:55.0798 172296 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:01:55.0798 172296 BDESVC - ok
16:01:55.0828 172296 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:01:55.0828 172296 Beep - ok
16:01:55.0848 172296 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:01:55.0848 172296 blbdrive - ok
16:01:55.0918 172296 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:01:55.0928 172296 Bonjour Service - ok
16:01:55.0958 172296 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:01:55.0958 172296 bowser - ok
16:01:55.0968 172296 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:01:55.0968 172296 BrFiltLo - ok
16:01:55.0968 172296 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:01:55.0968 172296 BrFiltUp - ok
16:01:55.0988 172296 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:01:55.0988 172296 Browser - ok
16:01:56.0038 172296 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:01:56.0038 172296 Brserid - ok
16:01:56.0048 172296 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:01:56.0048 172296 BrSerWdm - ok
16:01:56.0048 172296 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:01:56.0048 172296 BrUsbMdm - ok
16:01:56.0058 172296 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:01:56.0058 172296 BrUsbSer - ok
16:01:56.0088 172296 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:01:56.0088 172296 BTHMODEM - ok
16:01:56.0108 172296 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:01:56.0108 172296 bthserv - ok
16:01:56.0118 172296 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:01:56.0128 172296 cdfs - ok
16:01:56.0158 172296 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:01:56.0158 172296 cdrom - ok
16:01:56.0178 172296 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:01:56.0178 172296 CertPropSvc - ok
16:01:56.0198 172296 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:01:56.0198 172296 circlass - ok
16:01:56.0228 172296 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:01:56.0238 172296 CLFS - ok
16:01:56.0288 172296 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:01:56.0288 172296 clr_optimization_v2.0.50727_32 - ok
16:01:56.0308 172296 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:01:56.0318 172296 clr_optimization_v2.0.50727_64 - ok
16:01:56.0368 172296 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:01:56.0378 172296 clr_optimization_v4.0.30319_32 - ok
16:01:56.0598 172296 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:01:56.0598 172296 clr_optimization_v4.0.30319_64 - ok
16:01:56.0618 172296 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:01:56.0618 172296 CmBatt - ok
16:01:56.0638 172296 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:01:56.0638 172296 cmdide - ok
16:01:56.0678 172296 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:01:56.0688 172296 CNG - ok
16:01:56.0698 172296 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:01:56.0708 172296 Compbatt - ok
16:01:56.0718 172296 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:01:56.0718 172296 CompositeBus - ok
16:01:56.0718 172296 COMSysApp - ok
16:01:56.0728 172296 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:01:56.0728 172296 crcdisk - ok
16:01:56.0758 172296 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:01:56.0768 172296 CryptSvc - ok
16:01:56.0808 172296 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:01:56.0818 172296 DcomLaunch - ok
16:01:56.0838 172296 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:01:56.0848 172296 defragsvc - ok
16:01:56.0868 172296 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:01:56.0868 172296 DfsC - ok
16:01:56.0888 172296 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
16:01:56.0898 172296 dg_ssudbus - ok
16:01:56.0938 172296 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:01:56.0948 172296 Dhcp - ok
16:01:56.0968 172296 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:01:56.0968 172296 discache - ok
16:01:57.0008 172296 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:01:57.0008 172296 Disk - ok
16:01:57.0058 172296 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:01:57.0058 172296 Dnscache - ok
16:01:57.0118 172296 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:01:57.0128 172296 dot3svc - ok
16:01:57.0148 172296 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:01:57.0158 172296 DPS - ok
16:01:57.0168 172296 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:01:57.0168 172296 drmkaud - ok
16:01:57.0238 172296 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:01:57.0258 172296 DXGKrnl - ok
16:01:57.0278 172296 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:01:57.0278 172296 EapHost - ok
16:01:57.0488 172296 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:01:57.0538 172296 ebdrv - ok
16:01:57.0668 172296 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:01:57.0668 172296 EFS - ok
16:01:57.0748 172296 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:01:57.0758 172296 ehRecvr - ok
16:01:57.0788 172296 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:01:57.0788 172296 ehSched - ok
16:01:57.0838 172296 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:01:57.0858 172296 elxstor - ok
16:01:57.0868 172296 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:01:57.0868 172296 ErrDev - ok
16:01:57.0908 172296 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:01:57.0918 172296 EventSystem - ok
16:01:57.0938 172296 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:01:57.0948 172296 exfat - ok
16:01:58.0008 172296 ExpatShieldService (507942b5bfdbb8efd0e03bde9f72bc86) C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
16:01:58.0018 172296 ExpatShieldService - ok
16:01:58.0098 172296 ExpatSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
16:01:58.0108 172296 ExpatSrv - ok
16:01:58.0128 172296 ExpatTrayService (1034f1285e474fcbb850afd2dc712837) C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
16:01:58.0128 172296 ExpatTrayService - ok
16:01:58.0148 172296 ExpatWd - ok
16:01:58.0188 172296 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:01:58.0198 172296 fastfat - ok
16:01:58.0248 172296 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:01:58.0258 172296 Fax - ok
16:01:58.0278 172296 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:01:58.0288 172296 fdc - ok
16:01:58.0288 172296 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:01:58.0288 172296 fdPHost - ok
16:01:58.0298 172296 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:01:58.0298 172296 FDResPub - ok
16:01:58.0308 172296 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:01:58.0308 172296 FileInfo - ok
16:01:58.0318 172296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:01:58.0318 172296 Filetrace - ok
16:01:58.0318 172296 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:01:58.0328 172296 flpydisk - ok
16:01:58.0348 172296 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:01:58.0358 172296 FltMgr - ok
16:01:58.0428 172296 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:01:58.0448 172296 FontCache - ok
16:01:58.0498 172296 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:01:58.0498 172296 FontCache3.0.0.0 - ok
16:01:58.0518 172296 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:01:58.0518 172296 FsDepends - ok
16:01:58.0518 172296 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:01:58.0528 172296 Fs_Rec - ok
16:01:58.0558 172296 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:01:58.0568 172296 fvevol - ok
16:01:58.0578 172296 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:01:58.0578 172296 gagp30kx - ok
16:01:58.0588 172296 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:01:58.0588 172296 GEARAspiWDM - ok
16:01:58.0648 172296 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:01:58.0658 172296 gpsvc - ok
16:01:58.0678 172296 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:01:58.0678 172296 hcw85cir - ok
16:01:58.0708 172296 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:01:58.0718 172296 HdAudAddService - ok
16:01:58.0768 172296 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:01:58.0768 172296 HDAudBus - ok
16:01:58.0788 172296 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:01:58.0798 172296 HECIx64 - ok
16:01:58.0798 172296 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:01:58.0798 172296 HidBatt - ok
16:01:58.0808 172296 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:01:58.0808 172296 HidBth - ok
16:01:58.0818 172296 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:01:58.0818 172296 HidIr - ok
16:01:58.0828 172296 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:01:58.0828 172296 hidserv - ok
16:01:58.0838 172296 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:01:58.0848 172296 HidUsb - ok
16:01:58.0858 172296 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:01:58.0858 172296 hkmsvc - ok
16:01:58.0898 172296 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:01:58.0898 172296 HomeGroupListener - ok
16:01:58.0938 172296 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:01:58.0938 172296 HomeGroupProvider - ok
16:01:58.0948 172296 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:01:58.0948 172296 hpdskflt - ok
16:01:58.0978 172296 HPFXBULKLEDM (bd34ee11b8123a27472621db1c9a06ad) C:\Windows\system32\drivers\hppdbulkio.sys
16:01:58.0978 172296 HPFXBULKLEDM - ok
16:01:58.0988 172296 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:01:58.0998 172296 HpSAMD - ok
16:01:58.0998 172296 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
16:01:59.0008 172296 hpsrv - ok
16:01:59.0098 172296 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:01:59.0118 172296 HTTP - ok
16:01:59.0128 172296 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:01:59.0128 172296 hwpolicy - ok
16:01:59.0168 172296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:01:59.0168 172296 i8042prt - ok
16:01:59.0238 172296 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:01:59.0248 172296 iaStorV - ok
16:01:59.0328 172296 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:01:59.0358 172296 idsvc - ok
16:02:00.0079 172296 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:02:00.0259 172296 igfx - ok
16:02:00.0359 172296 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:02:00.0359 172296 iirsp - ok
16:02:00.0399 172296 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:02:00.0429 172296 IKEEXT - ok
16:02:00.0489 172296 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:02:00.0489 172296 Impcd - ok
16:02:00.0509 172296 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:02:00.0509 172296 intelide - ok
16:02:01.0019 172296 intelkmd (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdpmd64.sys
16:02:01.0189 172296 intelkmd - ok
16:02:01.0329 172296 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:02:01.0329 172296 intelppm - ok
16:02:01.0339 172296 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:02:01.0349 172296 IPBusEnum - ok
16:02:01.0369 172296 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:02:01.0369 172296 IpFilterDriver - ok
16:02:01.0389 172296 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:02:01.0389 172296 IPMIDRV - ok
16:02:01.0419 172296 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:02:01.0419 172296 IPNAT - ok
16:02:01.0509 172296 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:02:01.0519 172296 iPod Service - ok
16:02:01.0529 172296 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:02:01.0529 172296 IRENUM - ok
16:02:01.0549 172296 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:02:01.0549 172296 isapnp - ok
16:02:01.0579 172296 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:02:01.0589 172296 iScsiPrt - ok
16:02:01.0649 172296 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:02:01.0659 172296 kbdclass - ok
16:02:01.0669 172296 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:02:01.0669 172296 kbdhid - ok
16:02:01.0689 172296 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:01.0689 172296 KeyIso - ok
16:02:01.0699 172296 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:02:01.0709 172296 KSecDD - ok
16:02:01.0719 172296 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:02:01.0729 172296 KSecPkg - ok
16:02:01.0739 172296 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:02:01.0739 172296 ksthunk - ok
16:02:01.0769 172296 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:02:01.0779 172296 KtmRm - ok
16:02:01.0819 172296 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:02:01.0819 172296 LanmanServer - ok
16:02:01.0849 172296 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:02:01.0849 172296 LanmanWorkstation - ok
16:02:01.0889 172296 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:02:01.0889 172296 lltdio - ok
16:02:01.0919 172296 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:02:01.0939 172296 lltdsvc - ok
16:02:01.0949 172296 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:02:01.0949 172296 lmhosts - ok
16:02:01.0979 172296 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:02:01.0979 172296 LSI_FC - ok
16:02:01.0989 172296 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:02:01.0989 172296 LSI_SAS - ok
16:02:01.0999 172296 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:02:01.0999 172296 LSI_SAS2 - ok
16:02:02.0009 172296 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:02:02.0009 172296 LSI_SCSI - ok
16:02:02.0039 172296 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:02:02.0039 172296 luafv - ok
16:02:02.0069 172296 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
16:02:02.0099 172296 LVRS64 - ok
16:02:02.0399 172296 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:02:02.0489 172296 LVUVC64 - ok
16:02:02.0539 172296 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
16:02:02.0559 172296 McciCMService - ok
16:02:02.0609 172296 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
16:02:02.0619 172296 McciCMService64 - ok
16:02:02.0689 172296 McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
16:02:02.0689 172296 McciServiceHost - ok
16:02:02.0780 172296 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:02:02.0790 172296 Mcx2Svc - ok
16:02:02.0810 172296 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:02:02.0830 172296 MDM - ok
16:02:02.0860 172296 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:02:02.0860 172296 megasas - ok
16:02:02.0890 172296 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:02:02.0910 172296 MegaSR - ok
16:02:02.0930 172296 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:02.0930 172296 MMCSS - ok
16:02:02.0950 172296 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:02:02.0960 172296 Modem - ok
16:02:02.0980 172296 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:02:02.0980 172296 monitor - ok
16:02:03.0000 172296 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:02:03.0000 172296 mouclass - ok
16:02:03.0020 172296 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:02:03.0020 172296 mouhid - ok
16:02:03.0030 172296 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:02:03.0040 172296 mountmgr - ok
16:02:03.0130 172296 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:02:03.0130 172296 MozillaMaintenance - ok
16:02:03.0150 172296 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:02:03.0160 172296 mpio - ok
16:02:03.0170 172296 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:02:03.0170 172296 mpsdrv - ok
16:02:03.0190 172296 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:02:03.0190 172296 MREMP50 - ok
16:02:03.0230 172296 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
16:02:03.0230 172296 MREMP50a64 - ok
16:02:03.0230 172296 MREMPR5 - ok
16:02:03.0230 172296 MRENDIS5 - ok
16:02:03.0240 172296 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:02:03.0240 172296 MRESP50 - ok
16:02:03.0250 172296 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
16:02:03.0250 172296 MRESP50a64 - ok
16:02:03.0280 172296 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:02:03.0290 172296 MRxDAV - ok
16:02:03.0310 172296 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:02:03.0320 172296 mrxsmb - ok
16:02:03.0350 172296 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:02:03.0360 172296 mrxsmb10 - ok
16:02:03.0390 172296 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:02:03.0390 172296 mrxsmb20 - ok
16:02:03.0400 172296 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:02:03.0400 172296 msahci - ok
16:02:03.0420 172296 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:02:03.0420 172296 msdsm - ok
16:02:03.0450 172296 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:02:03.0450 172296 MSDTC - ok
16:02:03.0460 172296 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:02:03.0470 172296 Msfs - ok
16:02:03.0470 172296 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:02:03.0470 172296 mshidkmdf - ok
16:02:03.0480 172296 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:02:03.0480 172296 msisadrv - ok
16:02:03.0520 172296 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:02:03.0530 172296 MSiSCSI - ok
16:02:03.0530 172296 msiserver - ok
16:02:03.0540 172296 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:02:03.0540 172296 MSKSSRV - ok
16:02:03.0560 172296 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:02:03.0560 172296 MSPCLOCK - ok
16:02:03.0560 172296 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:02:03.0560 172296 MSPQM - ok
16:02:03.0610 172296 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:02:03.0620 172296 MsRPC - ok
16:02:03.0630 172296 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:02:03.0630 172296 mssmbios - ok
16:02:03.0650 172296 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:02:03.0650 172296 MSTEE - ok
16:02:03.0660 172296 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:02:03.0660 172296 MTConfig - ok
16:02:03.0680 172296 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:02:03.0680 172296 Mup - ok
16:02:03.0710 172296 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:02:03.0720 172296 napagent - ok
16:02:03.0780 172296 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:02:03.0780 172296 NativeWifiP - ok
16:02:03.0850 172296 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:02:03.0870 172296 NDIS - ok
16:02:03.0880 172296 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:02:03.0880 172296 NdisCap - ok
16:02:03.0910 172296 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:02:03.0910 172296 NdisTapi - ok
16:02:03.0920 172296 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:02:03.0920 172296 Ndisuio - ok
16:02:03.0940 172296 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:02:03.0950 172296 NdisWan - ok
16:02:03.0960 172296 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:02:03.0960 172296 NDProxy - ok
16:02:03.0970 172296 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:02:03.0970 172296 NetBIOS - ok
16:02:04.0000 172296 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:02:04.0010 172296 NetBT - ok
16:02:04.0030 172296 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:04.0030 172296 Netlogon - ok
16:02:04.0090 172296 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:02:04.0110 172296 Netman - ok
16:02:04.0130 172296 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:02:04.0140 172296 netprofm - ok
16:02:04.0180 172296 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:02:04.0180 172296 NetTcpPortSharing - ok
16:02:04.0190 172296 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:02:04.0190 172296 nfrd960 - ok
16:02:04.0230 172296 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:02:04.0240 172296 NlaSvc - ok
16:02:04.0250 172296 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:02:04.0250 172296 Npfs - ok
16:02:04.0260 172296 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:02:04.0260 172296 nsi - ok
16:02:04.0260 172296 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:02:04.0270 172296 nsiproxy - ok
16:02:04.0350 172296 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:02:04.0380 172296 Ntfs - ok
16:02:04.0470 172296 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:02:04.0470 172296 Null - ok
16:02:04.0490 172296 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:02:04.0500 172296 nvraid - ok
16:02:04.0530 172296 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:02:04.0530 172296 nvstor - ok
16:02:04.0550 172296 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:02:04.0550 172296 nv_agp - ok
16:02:04.0590 172296 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:02:04.0600 172296 odserv - ok
16:02:04.0640 172296 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:02:04.0640 172296 ohci1394 - ok
16:02:04.0680 172296 OpenVPNService (447d71ffcefad01d6787422a6286a182) C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
16:02:04.0690 172296 OpenVPNService - ok
16:02:04.0730 172296 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:02:04.0730 172296 ose - ok
16:02:04.0770 172296 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:04.0790 172296 p2pimsvc - ok
16:02:04.0820 172296 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:02:04.0830 172296 p2psvc - ok
16:02:04.0850 172296 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:02:04.0850 172296 Parport - ok
16:02:04.0870 172296 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:02:04.0870 172296 partmgr - ok
16:02:04.0900 172296 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:02:04.0900 172296 PcaSvc - ok
16:02:04.0930 172296 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:02:04.0930 172296 pci - ok
16:02:04.0950 172296 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:02:04.0960 172296 pciide - ok
16:02:04.0980 172296 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:02:05.0000 172296 pcmcia - ok
16:02:05.0010 172296 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:02:05.0010 172296 pcw - ok
16:02:05.0090 172296 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:02:05.0110 172296 PEAUTH - ok
16:02:05.0150 172296 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:02:05.0160 172296 PerfHost - ok
16:02:05.0300 172296 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:02:05.0330 172296 pla - ok
16:02:05.0380 172296 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:02:05.0390 172296 PlugPlay - ok
16:02:05.0410 172296 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:02:05.0410 172296 PNRPAutoReg - ok
16:02:05.0440 172296 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:05.0440 172296 PNRPsvc - ok
16:02:05.0480 172296 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:02:05.0500 172296 PolicyAgent - ok
16:02:05.0520 172296 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:02:05.0530 172296 Power - ok
16:02:05.0550 172296 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:02:05.0550 172296 PptpMiniport - ok
16:02:05.0580 172296 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:02:05.0580 172296 Processor - ok
16:02:05.0610 172296 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:02:05.0610 172296 ProfSvc - ok
16:02:05.0630 172296 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:05.0630 172296 ProtectedStorage - ok
16:02:05.0650 172296 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:02:05.0650 172296 Psched - ok
16:02:05.0741 172296 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:02:05.0771 172296 ql2300 - ok
16:02:05.0881 172296 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:02:05.0891 172296 ql40xx - ok
16:02:05.0941 172296 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:02:05.0951 172296 QWAVE - ok
16:02:05.0971 172296 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:02:05.0971 172296 QWAVEdrv - ok
16:02:05.0981 172296 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:02:05.0991 172296 RasAcd - ok
16:02:06.0021 172296 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:02:06.0021 172296 RasAgileVpn - ok
16:02:06.0031 172296 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:02:06.0041 172296 RasAuto - ok
16:02:06.0051 172296 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:02:06.0051 172296 Rasl2tp - ok
16:02:06.0091 172296 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:02:06.0111 172296 RasMan - ok
16:02:06.0131 172296 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:02:06.0131 172296 RasPppoe - ok
16:02:06.0141 172296 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:02:06.0141 172296 RasSstp - ok
16:02:06.0171 172296 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:02:06.0181 172296 rdbss - ok
16:02:06.0191 172296 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:02:06.0191 172296 rdpbus - ok
16:02:06.0201 172296 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:02:06.0201 172296 RDPCDD - ok
16:02:06.0221 172296 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:02:06.0221 172296 RDPENCDD - ok
16:02:06.0231 172296 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:02:06.0241 172296 RDPREFMP - ok
16:02:06.0271 172296 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:02:06.0271 172296 RDPWD - ok
16:02:06.0311 172296 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:02:06.0311 172296 rdyboost - ok
16:02:06.0331 172296 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:02:06.0331 172296 RemoteAccess - ok
16:02:06.0351 172296 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:02:06.0361 172296 RemoteRegistry - ok
16:02:06.0371 172296 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:02:06.0371 172296 RpcEptMapper - ok
16:02:06.0381 172296 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:02:06.0381 172296 RpcLocator - ok
16:02:06.0431 172296 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:02:06.0431 172296 RpcSs - ok
16:02:06.0471 172296 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:02:06.0471 172296 rspndr - ok
16:02:06.0521 172296 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:02:06.0531 172296 RTL8167 - ok
16:02:06.0541 172296 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:06.0541 172296 SamSs - ok
16:02:06.0571 172296 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:02:06.0571 172296 sbp2port - ok
16:02:06.0611 172296 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:02:06.0611 172296 SCardSvr - ok
16:02:06.0621 172296 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:02:06.0621 172296 scfilter - ok
16:02:06.0891 172296 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:02:06.0911 172296 Schedule - ok
16:02:06.0951 172296 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:02:06.0951 172296 SCPolicySvc - ok
16:02:06.0981 172296 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:02:06.0991 172296 SDRSVC - ok
16:02:07.0021 172296 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:02:07.0021 172296 secdrv - ok
16:02:07.0031 172296 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:02:07.0031 172296 seclogon - ok
16:02:07.0041 172296 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:02:07.0051 172296 SENS - ok
16:02:07.0071 172296 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:02:07.0071 172296 SensrSvc - ok
16:02:07.0081 172296 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:02:07.0081 172296 Serenum - ok
16:02:07.0111 172296 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:02:07.0111 172296 Serial - ok
16:02:07.0131 172296 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:02:07.0131 172296 sermouse - ok
16:02:07.0151 172296 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:02:07.0151 172296 SessionEnv - ok
16:02:07.0151 172296 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:02:07.0161 172296 sffdisk - ok
16:02:07.0171 172296 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:02:07.0171 172296 sffp_mmc - ok
16:02:07.0181 172296 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:02:07.0181 172296 sffp_sd - ok
16:02:07.0181 172296 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:02:07.0181 172296 sfloppy - ok
16:02:07.0221 172296 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:02:07.0241 172296 ShellHWDetection - ok
16:02:07.0251 172296 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:02:07.0251 172296 SiSRaid2 - ok
16:02:07.0261 172296 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:02:07.0271 172296 SiSRaid4 - ok
16:02:07.0311 172296 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:02:07.0321 172296 SkypeUpdate - ok
16:02:07.0351 172296 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:02:07.0351 172296 Smb - ok
16:02:07.0381 172296 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:02:07.0391 172296 SNMPTRAP - ok
16:02:07.0391 172296 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:02:07.0391 172296 spldr - ok
16:02:07.0441 172296 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:02:07.0461 172296 Spooler - ok
16:02:07.0721 172296 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:02:07.0811 172296 sppsvc - ok
16:02:07.0941 172296 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:02:07.0941 172296 sppuinotify - ok
16:02:07.0991 172296 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:02:08.0001 172296 srv - ok
16:02:08.0041 172296 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:02:08.0051 172296 srv2 - ok
16:02:08.0101 172296 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:02:08.0111 172296 srvnet - ok
16:02:08.0141 172296 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:02:08.0151 172296 SSDPSRV - ok
16:02:08.0161 172296 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:02:08.0161 172296 SstpSvc - ok
16:02:08.0201 172296 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:02:08.0211 172296 ssudmdm - ok
16:02:08.0251 172296 STacSV (b00068ba94f5f306911b14b425aaeb56) C:\Program Files\IDT\WDM\STacSV64.exe
16:02:08.0261 172296 STacSV - ok
16:02:08.0281 172296 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:02:08.0281 172296 stexstor - ok
16:02:08.0331 172296 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys
16:02:08.0351 172296 STHDA - ok
16:02:08.0411 172296 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:02:08.0431 172296 stisvc - ok
16:02:08.0441 172296 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:02:08.0441 172296 swenum - ok
16:02:08.0481 172296 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:02:08.0501 172296 swprv - ok
16:02:08.0551 172296 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
16:02:08.0561 172296 SynTP - ok
16:02:08.0681 172296 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:02:08.0753 172296 SysMain - ok
16:02:08.0853 172296 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:02:08.0853 172296 TabletInputService - ok
16:02:08.0893 172296 tap0901 (3b73c849b41fb20d77b0e553214061a5) C:\Windows\system32\DRIVERS\tap0901.sys
16:02:08.0893 172296 tap0901 - ok
16:02:08.0923 172296 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
16:02:08.0923 172296 taphss - ok
16:02:08.0953 172296 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:02:08.0963 172296 TapiSrv - ok
16:02:08.0973 172296 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:02:08.0973 172296 TBS - ok
16:02:09.0129 172296 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:02:09.0160 172296 Tcpip - ok
16:02:09.0410 172296 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:02:09.0426 172296 TCPIP6 - ok
16:02:09.0519 172296 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:02:09.0535 172296 tcpipreg - ok
16:02:09.0550 172296 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:02:09.0550 172296 TDPIPE - ok
16:02:09.0566 172296 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:02:09.0566 172296 TDTCP - ok
16:02:09.0582 172296 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:02:09.0582 172296 tdx - ok
16:02:09.0597 172296 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:02:09.0597 172296 TermDD - ok
16:02:09.0660 172296 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:02:09.0675 172296 TermService - ok
16:02:09.0691 172296 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:02:09.0691 172296 Themes - ok
16:02:09.0706 172296 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:09.0706 172296 THREADORDER - ok
16:02:09.0722 172296 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:02:09.0722 172296 TrkWks - ok
16:02:09.0753 172296 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:02:09.0753 172296 TrustedInstaller - ok
16:02:09.0769 172296 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:02:09.0769 172296 tssecsrv - ok
16:02:09.0800 172296 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:02:09.0816 172296 TsUsbFlt - ok
16:02:09.0847 172296 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:02:09.0847 172296 tunnel - ok
16:02:09.0878 172296 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:02:09.0878 172296 uagp35 - ok
16:02:09.0925 172296 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:02:09.0940 172296 udfs - ok
16:02:09.0956 172296 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:02:09.0956 172296 UI0Detect - ok
16:02:09.0972 172296 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:02:09.0972 172296 uliagpkx - ok
16:02:10.0018 172296 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:02:10.0018 172296 umbus - ok
16:02:10.0034 172296 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:02:10.0034 172296 UmPass - ok
16:02:10.0065 172296 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:02:10.0081 172296 UMVPFSrv - ok
16:02:10.0128 172296 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:02:10.0128 172296 upnphost - ok
16:02:10.0159 172296 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:02:10.0159 172296 USBAAPL64 - ok
16:02:10.0206 172296 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:02:10.0206 172296 usbaudio - ok
16:02:10.0221 172296 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:02:10.0221 172296 usbccgp - ok
16:02:10.0252 172296 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:02:10.0252 172296 usbcir - ok
16:02:10.0268 172296 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:02:10.0268 172296 usbehci - ok
16:02:10.0315 172296 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:02:10.0315 172296 usbhub - ok
16:02:10.0330 172296 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:02:10.0346 172296 usbohci - ok
16:02:10.0346 172296 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:02:10.0346 172296 usbprint - ok
16:02:10.0377 172296 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:02:10.0377 172296 USBSTOR - ok
16:02:10.0377 172296 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:02:10.0377 172296 usbuhci - ok
16:02:10.0408 172296 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:02:10.0408 172296 usbvideo - ok
16:02:10.0424 172296 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:02:10.0424 172296 UxSms - ok
16:02:10.0440 172296 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:10.0440 172296 VaultSvc - ok
16:02:10.0471 172296 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:02:10.0471 172296 vdrvroot - ok
16:02:10.0518 172296 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:02:10.0533 172296 vds - ok
16:02:10.0549 172296 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:02:10.0549 172296 vga - ok
16:02:10.0580 172296 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:02:10.0580 172296 VgaSave - ok
16:02:10.0627 172296 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:02:10.0627 172296 vhdmp - ok
16:02:10.0658 172296 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:02:10.0658 172296 viaide - ok
16:02:10.0674 172296 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:02:10.0674 172296 volmgr - ok
16:02:10.0705 172296 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:02:10.0720 172296 volmgrx - ok
16:02:10.0767 172296 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:02:10.0783 172296 volsnap - ok
16:02:10.0814 172296 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:02:10.0814 172296 vsmraid - ok
16:02:10.0923 172296 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:02:10.0954 172296 VSS - ok
16:02:11.0064 172296 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:02:11.0064 172296 vwifibus - ok
16:02:11.0110 172296 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:02:11.0110 172296 vwififlt - ok
16:02:11.0176 172296 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:02:11.0186 172296 W32Time - ok
16:02:11.0206 172296 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:02:11.0206 172296 WacomPen - ok
16:02:11.0256 172296 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:02:11.0256 172296 WANARP - ok
16:02:11.0256 172296 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:02:11.0266 172296 Wanarpv6 - ok
16:02:11.0376 172296 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:02:11.0406 172296 WatAdminSvc - ok
16:02:11.0516 172296 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:02:11.0556 172296 wbengine - ok
16:02:11.0696 172296 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:02:11.0706 172296 WbioSrvc - ok
16:02:11.0756 172296 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:02:11.0766 172296 wcncsvc - ok
16:02:11.0776 172296 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:02:11.0776 172296 WcsPlugInService - ok
16:02:11.0796 172296 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:02:11.0796 172296 Wd - ok
16:02:12.0066 172296 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:02:12.0096 172296 Wdf01000 - ok
16:02:12.0106 172296 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:02:12.0116 172296 WdiServiceHost - ok
16:02:12.0116 172296 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:02:12.0116 172296 WdiSystemHost - ok
16:02:12.0156 172296 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:02:12.0166 172296 WebClient - ok
16:02:12.0206 172296 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:02:12.0206 172296 Wecsvc - ok
16:02:12.0226 172296 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:02:12.0226 172296 wercplsupport - ok
16:02:12.0266 172296 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:02:12.0266 172296 WerSvc - ok
16:02:12.0296 172296 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:02:12.0296 172296 WfpLwf - ok
16:02:12.0316 172296 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:02:12.0316 172296 WIMMount - ok
16:02:12.0326 172296 WinHttpAutoProxySvc - ok
16:02:12.0376 172296 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:02:12.0386 172296 Winmgmt - ok
16:02:12.0526 172296 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:02:12.0566 172296 WinRM - ok
16:02:12.0696 172296 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:02:12.0696 172296 WinUsb - ok
16:02:12.0766 172296 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:02:12.0796 172296 Wlansvc - ok
16:02:12.0816 172296 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:02:12.0816 172296 WmiAcpi - ok
16:02:12.0876 172296 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:02:12.0876 172296 wmiApSrv - ok
16:02:12.0896 172296 WMPNetworkSvc - ok
16:02:12.0906 172296 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:02:12.0906 172296 WPCSvc - ok
16:02:12.0926 172296 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:02:12.0926 172296 WPDBusEnum - ok
16:02:12.0936 172296 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:02:12.0936 172296 ws2ifsl - ok
16:02:12.0946 172296 WSearch - ok
16:02:12.0966 172296 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:02:12.0966 172296 WudfPf - ok
16:02:12.0996 172296 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:02:12.0996 172296 WUDFRd - ok
16:02:13.0026 172296 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:02:13.0026 172296 wudfsvc - ok
16:02:13.0066 172296 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:02:13.0066 172296 WwanSvc - ok
16:02:13.0136 172296 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:02:13.0386 172296 \Device\Harddisk0\DR0 - ok
16:02:13.0386 172296 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR5
16:02:13.0401 172296 \Device\Harddisk5\DR5 - ok
16:02:13.0401 172296 Boot (0x1200) (57501dc68b402891a62a2c4acdfbb193) \Device\Harddisk0\DR0\Partition0
16:02:13.0401 172296 \Device\Harddisk0\DR0\Partition0 - ok
16:02:13.0401 172296 Boot (0x1200) (2a47045d573c3ba03af2ac54ce9a0db9) \Device\Harddisk0\DR0\Partition1
16:02:13.0401 172296 \Device\Harddisk0\DR0\Partition1 - ok
16:02:13.0417 172296 Boot (0x1200) (1faae2aa410791d50fd13530deff56ce) \Device\Harddisk5\DR5\Partition0
16:02:13.0417 172296 \Device\Harddisk5\DR5\Partition0 - ok
16:02:13.0417 172296 ============================================================
16:02:13.0417 172296 Scan finished
16:02:13.0417 172296 ============================================================
16:02:13.0432 221164 Detected object count: 0
16:02:13.0432 221164 Actual detected object count: 0
16:02:29.0388 150668 Deinitialize success
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2