Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32/Sirefef.DN trojan


  • This topic is locked This topic is locked
3 replies to this topic

#1 tofu1004

tofu1004

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 17 December 2011 - 10:49 PM

Hi, I have a trojan on my computer. :blink:

I get Win 7 Security 2012 pop ups. I have run rkill, TDSSKiller (log below), aswMBR (log below), malwareBYTES ( don't have the log anymore but can run it again if asked). I've gotten rid of the ping.exe virus but my ESET NOD32 Antivirus 4's web access protection shows as non-functional and log file show as "12/17/2011 5:33:56 PM Startup scanner file Operating memory C:\Windows\assembly\GAC_32\Desktop.ini a variant of Win32/Sirefef.DN trojan cleaned by deleting (after the next restart) YoonJoo-PC\YoonJoo"

Every time I restart, ESET NOD32 pops up with that message.

here is the log to aswMBR :

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-17 18:03:35
-----------------------------
18:03:35.010 OS Version: Windows x64 6.1.7601 Service Pack 1
18:03:35.011 Number of processors: 8 586 0x1E05
18:03:35.011 ComputerName: YOONJOO-PC UserName: YoonJoo
18:03:39.247 Initialize success
18:03:44.359 AVAST engine defs: 11121700
18:03:54.935 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:03:54.940 Disk 0 Vendor: ST310005 CC45 Size: 953869MB BusType: 8
18:03:54.955 Disk 0 MBR read successfully
18:03:54.958 Disk 0 MBR scan
18:03:54.964 Disk 0 Windows VISTA default MBR code
18:03:54.967 Service scanning
18:03:56.676 Modules scanning
18:03:56.684 Disk 0 trace - called modules:
18:03:56.711 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:03:56.719 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007dbb790]
18:03:56.727 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b01050]
18:03:59.744 AVAST engine scan C:\
18:19:34.833 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
18:20:15.566 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32:DNSChanger-VJ [Trj]
18:24:49.191 File: C:\Windows\System32\consrv.dll **INFECTED** Win32:Sirefef-FQ [Drp]
19:06:05.910 Scan finished successfully
19:21:43.994 Disk 0 MBR has been saved successfully to "C:\Users\YoonJoo\Desktop\MBR.dat"
19:21:43.998 The log file has been saved successfully to "C:\Users\YoonJoo\Desktop\aswMBR.txt"


and here is the TDSSKiller log:

19:22:23.0291 5088 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
19:22:23.0811 5088 ============================================================
19:22:23.0812 5088 Current date / time: 2011/12/17 19:22:23.0811
19:22:23.0812 5088 SystemInfo:
19:22:23.0812 5088
19:22:23.0812 5088 OS Version: 6.1.7601 ServicePack: 1.0
19:22:23.0812 5088 Product type: Workstation
19:22:23.0812 5088 ComputerName: YOONJOO-PC
19:22:23.0812 5088 UserName: YoonJoo
19:22:23.0812 5088 Windows directory: C:\Windows
19:22:23.0812 5088 System windows directory: C:\Windows
19:22:23.0812 5088 Running under WOW64
19:22:23.0812 5088 Processor architecture: Intel x64
19:22:23.0812 5088 Number of processors: 8
19:22:23.0812 5088 Page size: 0x1000
19:22:23.0812 5088 Boot type: Normal boot
19:22:23.0812 5088 ============================================================
19:22:24.0237 5088 Initialize success
19:22:38.0098 3748 ============================================================
19:22:38.0098 3748 Scan started
19:22:38.0098 3748 Mode: Manual;
19:22:38.0098 3748 ============================================================
19:22:39.0339 3748 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:22:39.0341 3748 1394ohci - ok
19:22:39.0370 3748 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:22:39.0372 3748 ACPI - ok
19:22:39.0388 3748 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:22:39.0389 3748 AcpiPmi - ok
19:22:39.0426 3748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:22:39.0430 3748 adp94xx - ok
19:22:39.0455 3748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:22:39.0458 3748 adpahci - ok
19:22:39.0490 3748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:22:39.0491 3748 adpu320 - ok
19:22:39.0549 3748 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:22:39.0553 3748 AFD - ok
19:22:39.0573 3748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:22:39.0574 3748 agp440 - ok
19:22:39.0589 3748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:22:39.0590 3748 aliide - ok
19:22:39.0612 3748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:22:39.0612 3748 amdide - ok
19:22:39.0625 3748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:22:39.0625 3748 AmdK8 - ok
19:22:39.0640 3748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:22:39.0641 3748 AmdPPM - ok
19:22:39.0685 3748 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:22:39.0686 3748 amdsata - ok
19:22:39.0713 3748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:22:39.0714 3748 amdsbs - ok
19:22:39.0731 3748 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:22:39.0741 3748 amdxata - ok
19:22:39.0814 3748 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:22:39.0815 3748 AppID - ok
19:22:39.0874 3748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:22:39.0875 3748 arc - ok
19:22:39.0895 3748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:22:39.0895 3748 arcsas - ok
19:22:39.0944 3748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:22:39.0945 3748 AsyncMac - ok
19:22:39.0986 3748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:22:39.0987 3748 atapi - ok
19:22:40.0050 3748 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
19:22:40.0063 3748 athr - ok
19:22:40.0129 3748 AtiHdmiService (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys
19:22:40.0130 3748 AtiHdmiService - ok
19:22:40.0232 3748 atikmdag (79ceb8d4f25cabe69f3762c90f5b06b8) C:\Windows\system32\DRIVERS\atikmdag.sys
19:22:40.0254 3748 atikmdag - ok
19:22:40.0301 3748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:22:40.0303 3748 b06bdrv - ok
19:22:40.0323 3748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:22:40.0325 3748 b57nd60a - ok
19:22:40.0385 3748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:22:40.0386 3748 Beep - ok
19:22:40.0403 3748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:22:40.0416 3748 blbdrive - ok
19:22:40.0469 3748 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:22:40.0470 3748 bowser - ok
19:22:40.0482 3748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:22:40.0482 3748 BrFiltLo - ok
19:22:40.0526 3748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:22:40.0528 3748 BrFiltUp - ok
19:22:40.0579 3748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:22:40.0608 3748 Brserid - ok
19:22:40.0634 3748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:22:40.0634 3748 BrSerWdm - ok
19:22:40.0652 3748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:22:40.0652 3748 BrUsbMdm - ok
19:22:40.0681 3748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:22:40.0682 3748 BrUsbSer - ok
19:22:40.0701 3748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:22:40.0702 3748 BTHMODEM - ok
19:22:40.0720 3748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:22:40.0720 3748 cdfs - ok
19:22:40.0746 3748 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:22:40.0747 3748 cdrom - ok
19:22:40.0758 3748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:22:40.0758 3748 circlass - ok
19:22:40.0788 3748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:22:40.0789 3748 CLFS - ok
19:22:40.0813 3748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:22:40.0813 3748 CmBatt - ok
19:22:40.0833 3748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:22:40.0833 3748 cmdide - ok
19:22:40.0877 3748 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:22:40.0881 3748 CNG - ok
19:22:40.0897 3748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:22:40.0898 3748 Compbatt - ok
19:22:40.0928 3748 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:22:40.0928 3748 CompositeBus - ok
19:22:40.0963 3748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:22:40.0964 3748 crcdisk - ok
19:22:41.0028 3748 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:22:41.0029 3748 DfsC - ok
19:22:41.0063 3748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:22:41.0063 3748 discache - ok
19:22:41.0122 3748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:22:41.0122 3748 Disk - ok
19:22:41.0177 3748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:22:41.0191 3748 drmkaud - ok
19:22:41.0259 3748 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:22:41.0268 3748 DXGKrnl - ok
19:22:41.0314 3748 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
19:22:41.0316 3748 eamonm - ok
19:22:41.0398 3748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:22:41.0423 3748 ebdrv - ok
19:22:41.0463 3748 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
19:22:41.0464 3748 ehdrv - ok
19:22:41.0503 3748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:22:41.0505 3748 elxstor - ok
19:22:41.0526 3748 epfwwfpr (954fade8e59f159b0a71d0cfcc99a76e) C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:22:41.0527 3748 epfwwfpr - ok
19:22:41.0547 3748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:22:41.0560 3748 ErrDev - ok
19:22:41.0606 3748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:22:41.0607 3748 exfat - ok
19:22:41.0628 3748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:22:41.0653 3748 fastfat - ok
19:22:41.0679 3748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:22:41.0679 3748 fdc - ok
19:22:41.0702 3748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:22:41.0703 3748 FileInfo - ok
19:22:41.0713 3748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:22:41.0714 3748 Filetrace - ok
19:22:41.0722 3748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:22:41.0723 3748 flpydisk - ok
19:22:41.0768 3748 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:22:41.0770 3748 FltMgr - ok
19:22:41.0822 3748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:22:41.0823 3748 FsDepends - ok
19:22:41.0842 3748 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:22:41.0853 3748 Fs_Rec - ok
19:22:41.0894 3748 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:22:41.0896 3748 fvevol - ok
19:22:41.0906 3748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:22:41.0907 3748 gagp30kx - ok
19:22:41.0973 3748 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:22:41.0973 3748 GEARAspiWDM - ok
19:22:42.0015 3748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:22:42.0016 3748 hcw85cir - ok
19:22:42.0050 3748 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:22:42.0050 3748 HDAudBus - ok
19:22:42.0074 3748 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
19:22:42.0075 3748 HECIx64 - ok
19:22:42.0098 3748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:22:42.0099 3748 HidBatt - ok
19:22:42.0110 3748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:22:42.0111 3748 HidBth - ok
19:22:42.0140 3748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:22:42.0141 3748 HidIr - ok
19:22:42.0164 3748 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:22:42.0164 3748 HidUsb - ok
19:22:42.0194 3748 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:22:42.0195 3748 HpSAMD - ok
19:22:42.0242 3748 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:22:42.0249 3748 HTTP - ok
19:22:42.0311 3748 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:22:42.0338 3748 hwpolicy - ok
19:22:42.0369 3748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:22:42.0370 3748 i8042prt - ok
19:22:42.0391 3748 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
19:22:42.0396 3748 iaStor - ok
19:22:42.0444 3748 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:22:42.0448 3748 iaStorV - ok
19:22:42.0507 3748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:22:42.0510 3748 iirsp - ok
19:22:42.0622 3748 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
19:22:42.0630 3748 IntcAzAudAddService - ok
19:22:42.0663 3748 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:22:42.0664 3748 IntcDAud - ok
19:22:42.0681 3748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:22:42.0681 3748 intelide - ok
19:22:42.0722 3748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:22:42.0723 3748 intelppm - ok
19:22:42.0780 3748 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:22:42.0781 3748 IpFilterDriver - ok
19:22:42.0823 3748 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:22:42.0825 3748 IPMIDRV - ok
19:22:42.0845 3748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:22:42.0846 3748 IPNAT - ok
19:22:42.0903 3748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:22:42.0903 3748 IRENUM - ok
19:22:42.0928 3748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:22:42.0929 3748 isapnp - ok
19:22:42.0947 3748 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:22:42.0948 3748 iScsiPrt - ok
19:22:42.0975 3748 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:22:42.0976 3748 k57nd60a - ok
19:22:42.0995 3748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:22:42.0995 3748 kbdclass - ok
19:22:43.0020 3748 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:22:43.0020 3748 kbdhid - ok
19:22:43.0042 3748 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:22:43.0042 3748 KSecDD - ok
19:22:43.0079 3748 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:22:43.0080 3748 KSecPkg - ok
19:22:43.0098 3748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:22:43.0098 3748 ksthunk - ok
19:22:43.0161 3748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:22:43.0162 3748 lltdio - ok
19:22:43.0212 3748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:22:43.0213 3748 LSI_FC - ok
19:22:43.0228 3748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:22:43.0229 3748 LSI_SAS - ok
19:22:43.0249 3748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:22:43.0250 3748 LSI_SAS2 - ok
19:22:43.0286 3748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:22:43.0288 3748 LSI_SCSI - ok
19:22:43.0306 3748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:22:43.0308 3748 luafv - ok
19:22:43.0361 3748 Lycosa (beb897ce49f7c991845d3aea0d298e53) C:\Windows\system32\drivers\Lycosa.sys
19:22:43.0362 3748 Lycosa - ok
19:22:43.0416 3748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:22:43.0417 3748 megasas - ok
19:22:43.0477 3748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:22:43.0511 3748 MegaSR - ok
19:22:43.0538 3748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:22:43.0540 3748 Modem - ok
19:22:43.0561 3748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:22:43.0571 3748 monitor - ok
19:22:43.0613 3748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:22:43.0616 3748 mouclass - ok
19:22:43.0632 3748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:22:43.0634 3748 mouhid - ok
19:22:43.0679 3748 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:22:43.0704 3748 mountmgr - ok
19:22:43.0744 3748 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:22:43.0753 3748 mpio - ok
19:22:43.0778 3748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:22:43.0789 3748 mpsdrv - ok
19:22:43.0860 3748 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
19:22:43.0863 3748 MREMP50 - ok
19:22:43.0895 3748 MREMP50a64 - ok
19:22:43.0900 3748 MREMPR5 - ok
19:22:43.0905 3748 MRENDIS5 - ok
19:22:43.0938 3748 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
19:22:43.0940 3748 MRESP50 - ok
19:22:43.0946 3748 MRESP50a64 - ok
19:22:43.0990 3748 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:22:43.0992 3748 MRxDAV - ok
19:22:44.0025 3748 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:22:44.0028 3748 mrxsmb - ok
19:22:44.0071 3748 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:22:44.0102 3748 mrxsmb10 - ok
19:22:44.0133 3748 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:22:44.0144 3748 mrxsmb20 - ok
19:22:44.0180 3748 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:22:44.0208 3748 msahci - ok
19:22:44.0226 3748 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:22:44.0237 3748 msdsm - ok
19:22:44.0256 3748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:22:44.0257 3748 Msfs - ok
19:22:44.0275 3748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:22:44.0276 3748 mshidkmdf - ok
19:22:44.0288 3748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:22:44.0300 3748 msisadrv - ok
19:22:44.0340 3748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:22:44.0341 3748 MSKSSRV - ok
19:22:44.0368 3748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:22:44.0370 3748 MSPCLOCK - ok
19:22:44.0391 3748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:22:44.0401 3748 MSPQM - ok
19:22:44.0477 3748 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:22:44.0482 3748 MsRPC - ok
19:22:44.0515 3748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:22:44.0516 3748 mssmbios - ok
19:22:44.0532 3748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:22:44.0533 3748 MSTEE - ok
19:22:44.0546 3748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:22:44.0547 3748 MTConfig - ok
19:22:44.0573 3748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:22:44.0601 3748 Mup - ok
19:22:44.0643 3748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:22:44.0668 3748 NativeWifiP - ok
19:22:44.0717 3748 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:22:44.0751 3748 NDIS - ok
19:22:44.0792 3748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:22:44.0811 3748 NdisCap - ok
19:22:44.0841 3748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:22:44.0842 3748 NdisTapi - ok
19:22:44.0882 3748 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:22:44.0884 3748 Ndisuio - ok
19:22:44.0936 3748 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:22:44.0961 3748 NdisWan - ok
19:22:45.0014 3748 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:22:45.0052 3748 NDProxy - ok
19:22:45.0065 3748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:22:45.0076 3748 NetBIOS - ok
19:22:45.0118 3748 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:22:45.0143 3748 NetBT - ok
19:22:45.0180 3748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:22:45.0201 3748 nfrd960 - ok
19:22:45.0212 3748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:22:45.0222 3748 Npfs - ok
19:22:45.0259 3748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:22:45.0286 3748 nsiproxy - ok
19:22:45.0360 3748 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:22:45.0389 3748 Ntfs - ok
19:22:45.0402 3748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:22:45.0412 3748 Null - ok
19:22:45.0446 3748 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:22:45.0459 3748 nvraid - ok
19:22:45.0492 3748 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:22:45.0514 3748 nvstor - ok
19:22:45.0548 3748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:22:45.0559 3748 nv_agp - ok
19:22:45.0589 3748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:22:45.0602 3748 ohci1394 - ok
19:22:45.0667 3748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:22:45.0681 3748 Parport - ok
19:22:45.0711 3748 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:22:45.0727 3748 partmgr - ok
19:22:45.0769 3748 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:22:45.0791 3748 pci - ok
19:22:45.0800 3748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:22:45.0810 3748 pciide - ok
19:22:45.0834 3748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:22:45.0846 3748 pcmcia - ok
19:22:45.0865 3748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:22:45.0891 3748 pcw - ok
19:22:45.0913 3748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:22:45.0926 3748 PEAUTH - ok
19:22:45.0983 3748 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:22:46.0012 3748 PptpMiniport - ok
19:22:46.0027 3748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:22:46.0038 3748 Processor - ok
19:22:46.0078 3748 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:22:46.0092 3748 Psched - ok
19:22:46.0120 3748 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:22:46.0132 3748 PxHlpa64 - ok
19:22:46.0181 3748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:22:46.0188 3748 ql2300 - ok
19:22:46.0230 3748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:22:46.0234 3748 ql40xx - ok
19:22:46.0257 3748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:22:46.0282 3748 QWAVEdrv - ok
19:22:46.0315 3748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:22:46.0341 3748 RasAcd - ok
19:22:46.0365 3748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:22:46.0366 3748 RasAgileVpn - ok
19:22:46.0412 3748 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:22:46.0443 3748 Rasl2tp - ok
19:22:46.0458 3748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:22:46.0460 3748 RasPppoe - ok
19:22:46.0475 3748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:22:46.0486 3748 RasSstp - ok
19:22:46.0522 3748 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:22:46.0527 3748 rdbss - ok
19:22:46.0547 3748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:22:46.0587 3748 rdpbus - ok
19:22:46.0613 3748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:22:46.0614 3748 RDPCDD - ok
19:22:46.0634 3748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:22:46.0635 3748 RDPENCDD - ok
19:22:46.0647 3748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:22:46.0648 3748 RDPREFMP - ok
19:22:46.0681 3748 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:22:46.0694 3748 RDPWD - ok
19:22:46.0732 3748 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:22:46.0734 3748 rdyboost - ok
19:22:46.0763 3748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:22:46.0775 3748 rspndr - ok
19:22:46.0789 3748 RxFilter - ok
19:22:46.0813 3748 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:22:46.0824 3748 sbp2port - ok
19:22:46.0858 3748 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:22:46.0871 3748 scfilter - ok
19:22:46.0897 3748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:22:46.0908 3748 secdrv - ok
19:22:46.0932 3748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:22:46.0942 3748 Serenum - ok
19:22:46.0976 3748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:22:47.0013 3748 Serial - ok
19:22:47.0032 3748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:22:47.0042 3748 sermouse - ok
19:22:47.0070 3748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:22:47.0081 3748 sffdisk - ok
19:22:47.0088 3748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:22:47.0099 3748 sffp_mmc - ok
19:22:47.0125 3748 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:22:47.0126 3748 sffp_sd - ok
19:22:47.0140 3748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:22:47.0150 3748 sfloppy - ok
19:22:47.0167 3748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:22:47.0187 3748 SiSRaid2 - ok
19:22:47.0223 3748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:22:47.0234 3748 SiSRaid4 - ok
19:22:47.0262 3748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:22:47.0264 3748 Smb - ok
19:22:47.0298 3748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:22:47.0310 3748 spldr - ok
19:22:47.0347 3748 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:22:47.0374 3748 srv - ok
19:22:47.0391 3748 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:22:47.0403 3748 srv2 - ok
19:22:47.0424 3748 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:22:47.0426 3748 srvnet - ok
19:22:47.0472 3748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:22:47.0473 3748 stexstor - ok
19:22:47.0518 3748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:22:47.0542 3748 swenum - ok
19:22:47.0630 3748 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:22:47.0638 3748 Tcpip - ok
19:22:47.0689 3748 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:22:47.0697 3748 TCPIP6 - ok
19:22:47.0738 3748 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:22:47.0739 3748 tcpipreg - ok
19:22:47.0763 3748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:22:47.0778 3748 TDPIPE - ok
19:22:47.0792 3748 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:22:47.0800 3748 TDTCP - ok
19:22:47.0843 3748 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:22:47.0870 3748 tdx - ok
19:22:47.0930 3748 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
19:22:47.0933 3748 teamviewervpn - ok
19:22:47.0949 3748 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:22:47.0966 3748 TermDD - ok
19:22:48.0025 3748 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:22:48.0027 3748 tssecsrv - ok
19:22:48.0081 3748 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:22:48.0119 3748 TsUsbFlt - ok
19:22:48.0137 3748 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:22:48.0148 3748 tunnel - ok
19:22:48.0187 3748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:22:48.0205 3748 uagp35 - ok
19:22:48.0242 3748 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:22:48.0246 3748 udfs - ok
19:22:48.0277 3748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:22:48.0296 3748 uliagpkx - ok
19:22:48.0315 3748 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:22:48.0328 3748 umbus - ok
19:22:48.0355 3748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:22:48.0366 3748 UmPass - ok
19:22:48.0423 3748 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:22:48.0434 3748 USBAAPL64 - ok
19:22:48.0457 3748 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:22:48.0468 3748 usbaudio - ok
19:22:48.0507 3748 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:22:48.0518 3748 usbccgp - ok
19:22:48.0538 3748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:22:48.0539 3748 usbcir - ok
19:22:48.0564 3748 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:22:48.0591 3748 usbehci - ok
19:22:48.0625 3748 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:22:48.0636 3748 usbhub - ok
19:22:48.0670 3748 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:22:48.0680 3748 usbohci - ok
19:22:48.0703 3748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:22:48.0720 3748 usbprint - ok
19:22:48.0753 3748 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:22:48.0754 3748 usbscan - ok
19:22:48.0773 3748 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:22:48.0774 3748 USBSTOR - ok
19:22:48.0791 3748 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:22:48.0792 3748 usbuhci - ok
19:22:48.0824 3748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:22:48.0849 3748 vdrvroot - ok
19:22:48.0878 3748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:22:48.0879 3748 vga - ok
19:22:48.0902 3748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:22:48.0912 3748 VgaSave - ok
19:22:48.0953 3748 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:22:48.0981 3748 vhdmp - ok
19:22:49.0005 3748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:22:49.0016 3748 viaide - ok
19:22:49.0059 3748 VKbms (3b59bb6d10cf969dbe4db93d9ead7fb4) C:\Windows\system32\DRIVERS\VKbms.sys
19:22:49.0095 3748 VKbms - ok
19:22:49.0133 3748 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:22:49.0154 3748 volmgr - ok
19:22:49.0198 3748 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:22:49.0200 3748 volmgrx - ok
19:22:49.0217 3748 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:22:49.0235 3748 volsnap - ok
19:22:49.0267 3748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:22:49.0279 3748 vsmraid - ok
19:22:49.0296 3748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:22:49.0307 3748 vwifibus - ok
19:22:49.0337 3748 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:22:49.0339 3748 vwififlt - ok
19:22:49.0362 3748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:22:49.0363 3748 WacomPen - ok
19:22:49.0388 3748 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:22:49.0399 3748 WANARP - ok
19:22:49.0403 3748 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:22:49.0404 3748 Wanarpv6 - ok
19:22:49.0435 3748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:22:49.0436 3748 Wd - ok
19:22:49.0462 3748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:22:49.0465 3748 Wdf01000 - ok
19:22:49.0527 3748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:22:49.0551 3748 WfpLwf - ok
19:22:49.0560 3748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:22:49.0570 3748 WIMMount - ok
19:22:49.0642 3748 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:22:49.0666 3748 WinUsb - ok
19:22:49.0698 3748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:22:49.0709 3748 WmiAcpi - ok
19:22:49.0756 3748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:22:49.0778 3748 ws2ifsl - ok
19:22:49.0822 3748 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:22:49.0833 3748 WudfPf - ok
19:22:49.0855 3748 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:22:49.0867 3748 WUDFRd - ok
19:22:49.0934 3748 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
19:22:49.0948 3748 \Device\Harddisk0\DR0 - ok
19:22:49.0955 3748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR5
19:22:54.0020 3748 \Device\Harddisk5\DR5 - ok
19:22:54.0028 3748 Boot (0x1200) (f88c2e6e89f4aa7ade0d235419c829e5) \Device\Harddisk0\DR0\Partition0
19:22:54.0030 3748 \Device\Harddisk0\DR0\Partition0 - ok
19:22:54.0076 3748 Boot (0x1200) (cb124c6cc632f1468483dbed9b38774c) \Device\Harddisk0\DR0\Partition1
19:22:54.0077 3748 \Device\Harddisk0\DR0\Partition1 - ok
19:22:54.0083 3748 Boot (0x1200) (a6477baf026c0f6683cb4b5ba56c999d) \Device\Harddisk5\DR5\Partition0
19:22:54.0085 3748 \Device\Harddisk5\DR5\Partition0 - ok
19:22:54.0087 3748 ============================================================
19:22:54.0087 3748 Scan finished
19:22:54.0087 3748 ============================================================
19:22:54.0105 0216 Detected object count: 0
19:22:54.0105 0216 Actual detected object count: 0

aswMBR keeps finding the same thing every time i run the scan.

What can I do to fix this? :wacko:

BC AdBot (Login to Remove)

 


#2 tofu1004

tofu1004
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 17 December 2011 - 11:32 PM

Hi again.

Here is the DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by YoonJoo at 20:22:56 on 2011-12-17
Microsoft Windows 7 Home Premium 6.1.7601.1.949.82.1033.18.8151.5623 [GMT -8:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Desktop.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\program files (x86)\teamviewer\version6\TeamViewer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\YoonJoo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version6\tv_x64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Razer\Razer Lycosa\razertra.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.att.net
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [PlayNC Launcher]
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [MouseTrayProfile] rundll32.exe "C:\ProgramData\MouseTrayProfile.dll",DllRegisterServer
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [Lycosa] "C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\YoonJoo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\YoonJoo\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UPDATE~1.LNK - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
LSP: pcapwsp.dll
LSP: mswsock.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{90D72A89-52C7-4F14-A347-BA77261ED5FD} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{90D72A89-52C7-4F14-A347-BA77261ED5FD}\2375942554634353 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{90D72A89-52C7-4F14-A347-BA77261ED5FD}\95F4F4E4A4F4F4D20534F5E4564777F627B6F513 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{90D72A89-52C7-4F14-A347-BA77261ED5FD}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{90D72A89-52C7-4F14-A347-BA77261ED5FD}\C696E6B637973795 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C3CBD79A-B270-4A87-9E12-1796FBC5AFF7} : DhcpNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun-x64: [Lycosa] "C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\YoonJoo\AppData\Roaming\Mozilla\Firefox\Profiles\lk195t5c.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: XUL Cache: {ccc0c04b-eee2-421b-a7b2-008e79a69653} - %profile%\extensions\{ccc0c04b-eee2-421b-a7b2-008e79a69653}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-1-12 810144]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-1-12 13336]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-9-14 517632]
R2 pcapsvc;ProxyCap Service;C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe [2010-9-18 635904]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-5-7 2280312]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lycosa;Lycosa Keyboard;C:\Windows\system32\drivers\Lycosa.sys --> C:\Windows\system32\drivers\Lycosa.sys [?]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
R3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]
S2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2011-12-17 21:15:46 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E083783C-D21F-4B3D-9978-53CE0C6980C2}
2011-12-17 21:15:35 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{5B189555-EAA3-499B-BE6B-C3893A393D09}
2011-12-17 09:30:07 -------- d-----we C:\Windows\system64
2011-12-17 09:15:10 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{AF4025FF-9834-4B8C-9008-22491D215EDE}
2011-12-17 09:14:59 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{C3B5C83A-8272-4F3A-B067-9EBAFD01CF22}
2011-12-17 03:10:35 103936 ----a-w- C:\ProgramData\MouseTrayProfile.dll
2011-12-16 21:14:35 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{7776AA93-AC82-4585-A5C4-341AF0B2B2B8}
2011-12-16 09:14:12 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{A4D5CDF0-2B24-4FBF-AA17-1D78891E491D}
2011-12-15 21:13:49 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{6416BB0F-B486-4CD1-8546-DE299A829FE1}
2011-12-15 09:13:26 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{A0B2420D-CEC8-4131-BC7E-B87592389DF5}
2011-12-14 21:13:03 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{FE7F8A49-F595-404C-BEB1-6A88DFD00486}
2011-12-14 09:17:58 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54CD4D1A-0C9E-49ED-89ED-92D4377EE74D}\mpengine.dll
2011-12-14 09:14:12 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-14 09:14:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 09:14:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-14 09:13:57 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-14 09:13:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 09:13:56 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-13 21:15:44 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{60507C14-DFF3-4BDE-B2BE-5739DC3472FB}
2011-12-13 09:15:21 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{82156114-B494-458A-B4BC-A70765635285}
2011-12-12 21:14:58 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{A4EB0620-846E-4F67-BA36-8C9829B4F13C}
2011-12-12 09:14:35 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{070E9DBC-70E6-4345-83BA-6EA1BB953AC3}
2011-12-11 21:14:13 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{81A8E0F9-1540-4163-A230-8AE335C2ACC9}
2011-12-11 09:13:50 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{5DA40B57-F39E-45D3-887D-00FBE4681A45}
2011-12-10 21:13:27 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{52DB551A-9F5C-44F3-9340-96F17D10C955}
2011-12-10 09:13:04 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{4071473F-987B-49E1-92F0-3C815EE3B2D9}
2011-12-10 09:12:52 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{8C6FFCE4-FA88-40FF-82B5-689B2C2932F4}
2011-12-09 21:12:28 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{BDB21E54-D8C6-4124-AAFE-735EE3685083}
2011-12-09 21:12:17 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E2E923C4-CF46-49C6-920D-F508830FFF5F}
2011-12-09 02:12:45 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{5598A5D5-26D7-4BE2-BD93-E62F67AD2189}
2011-12-09 02:12:34 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{84BF0A36-8AF2-4C9E-9B0D-7A8B2F536CB4}
2011-12-08 14:12:22 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{DA0674DE-C076-47BB-8CB4-642EE77F761E}
2011-12-08 14:12:11 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{69291A88-234A-4493-8062-DF81E259A190}
2011-12-08 02:11:59 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{131E471E-3530-449E-8C50-37BB43D0E9C2}
2011-12-08 02:11:47 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{CD44B5BD-B573-4ABF-B17A-2B3C2DC97691}
2011-12-07 07:58:13 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{F0BA512D-108F-4E42-AEA7-AB6D019F6359}
2011-12-07 07:58:02 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{09204A0E-9145-4472-ABE9-ED3F8A13F314}
2011-12-06 19:57:50 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{30BAD2CA-03C0-494F-9C99-EC421FE4CE01}
2011-12-06 19:57:39 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{76EB91B7-AF33-4BB9-83C7-C1826D330F3E}
2011-12-06 07:55:22 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{8FBE7515-A647-4926-B883-427EFC06895E}
2011-12-06 07:55:09 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{2A7C6C12-EE7C-4BB8-851F-FD6869D18FC6}
2011-11-28 08:39:43 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{48D77A92-5ED8-47B1-A8CF-1F7B5F5839DA}
2011-11-28 08:39:32 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{D7DB03BE-E0E3-43FA-BC81-B1683331EAB6}
2011-11-28 08:09:39 -------- d-----w- C:\Program Files\iTunes
2011-11-28 08:09:39 -------- d-----w- C:\Program Files\iPod
2011-11-28 08:09:39 -------- d-----w- C:\Program Files (x86)\iTunes
2011-11-28 07:59:52 -------- d-----w- C:\Program Files\Bonjour
2011-11-28 07:59:52 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-11-27 20:39:19 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{7CEDDD13-3993-4404-9F5B-2ABC77A131BB}
2011-11-27 20:39:08 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E0D15F08-B59F-467D-A2BE-99C8DA983178}
2011-11-27 08:38:56 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{EC1399BA-E7BC-4B93-9D3D-B4774DA91657}
2011-11-27 08:38:45 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{12803B84-1DF7-4A2C-B67F-A92A93ABE4C3}
2011-11-26 20:38:33 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{08F35ECD-472D-4CC8-8E3E-C1DDE83D2C5A}
2011-11-26 08:38:11 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{48F93127-547B-4924-885C-92B7B86718D9}
2011-11-26 08:37:59 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E453C880-8436-41DA-91DD-5A2702788862}
2011-11-25 20:37:35 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{F9C7EDF2-CC15-4DC7-A9B4-D9C8A5E59C6D}
2011-11-25 20:37:24 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{FFA79264-9508-48B9-8FBF-3C44C928EC68}
2011-11-24 22:27:04 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E277DD48-56B2-4862-BB2D-9262C2D0C679}
2011-11-24 22:26:53 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{D9122B74-0B01-43A2-9BEC-3FD665AAB899}
2011-11-22 17:49:35 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{C7E12FEA-39B9-4C14-B51C-662EBE92EAE6}
2011-11-22 17:49:24 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{48786BD5-DD48-433B-ACD9-E052E78B2864}
2011-11-22 16:47:09 -------- d-----w- C:\Users\YoonJoo\AppData\Local\ESET
2011-11-22 05:49:12 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{91DE0FD7-162E-44C4-91F3-4A4613364C41}
2011-11-21 10:09:55 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{EEF47172-0FD2-4EFA-A86E-0D8D994D71E0}
2011-11-21 10:09:44 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{BC502A51-FCC6-41F4-9B59-BF74CE413CD5}
2011-11-20 22:09:32 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{E811FC72-7B3B-4E6D-B4D2-A6E0A6D72616}
2011-11-20 22:09:21 -------- d-----w- C:\Users\YoonJoo\AppData\Local\{C396827D-60C2-429D-B4FC-9FD8C4F3BEF7}
2011-11-20 12:44:17 -------- d-----r- C:\Program Files (x86)\Skype
2011-11-18 23:09:14 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-18 23:08:59 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-11-18 23:08:59 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-11-18 23:08:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-11-18 23:08:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-11-18 23:08:53 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-18 23:08:53 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-18 23:08:51 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-11-18 23:08:51 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-11-18 23:08:51 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-11-18 23:08:51 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
.
==================== Find3M ====================
.
2011-11-18 23:28:08 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 22:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 13:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-24 22:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 22:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 20:23:14.30 ===============

Attached Files



#3 tofu1004

tofu1004
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 18 December 2011 - 02:26 PM

Hi, I posted the same logs on whatthetech.com and have gotten a response from a Super Member there. Thank you and I am closing this post!

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:02 AM

Posted 19 December 2011 - 01:36 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users