Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smart check data recovery virus


  • Please log in to reply
6 replies to this topic

#1 fallenwinters

fallenwinters

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 27 June 2012 - 02:31 PM

Good day,

I'm using Windows 7 Ultimate 32bit.

I was browsing the internet using internet explorer 8 and all of the sudden my applications closed and my background went black. All of my programs in my taskbar are gone. No programs on my Start menu as well. I can't see any folders on my drive: C as well.

And then there is a pop up program "SMART Check" telling me that my hard disk failed and giving me a lot of errors. It also added an icon on my desktop "Data_Recovery".

I searched the web on how I can remove this virus and I found one: http://malwaretips.com/blogs/how-to-remove-s-m-a-r-t-check/

I followed the instructions and the virus is still there when I tried to restart my computer.

Now, almost all of the time I'm getting redirected to a unknown website whenever I try searching on google.

Please let me know how we can get rid of this virus and I appreciate the help in advance!

Thank you,

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 PM

Posted 27 June 2012 - 02:48 PM

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 fallenwinters

fallenwinters
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 27 June 2012 - 03:02 PM

I downloaded the tdsskiller but it won't run. Do you want me to download the other files or do I need to launch tdsskiller first before running the other programs?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 PM

Posted 27 June 2012 - 03:26 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot click on REPAIR

Now run the tools

#5 fallenwinters

fallenwinters
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 29 June 2012 - 09:27 AM

Here's the log for TDSSkiller

08:58:17.0414 1184 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
08:58:17.0835 1184 ============================================================
08:58:17.0835 1184 Current date / time: 2012/06/29 08:58:17.0835
08:58:17.0835 1184 SystemInfo:
08:58:17.0835 1184
08:58:17.0851 1184 OS Version: 6.1.7600 ServicePack: 0.0
08:58:17.0851 1184 Product type: Workstation
08:58:17.0851 1184 ComputerName: TTHEBERGE-PC
08:58:17.0851 1184 UserName: ttheberge
08:58:17.0851 1184 Windows directory: C:\Windows
08:58:17.0851 1184 System windows directory: C:\Windows
08:58:17.0851 1184 Processor architecture: Intel x86
08:58:17.0851 1184 Number of processors: 1
08:58:17.0851 1184 Page size: 0x1000
08:58:17.0851 1184 Boot type: Normal boot
08:58:17.0851 1184 ============================================================
08:58:20.0939 1184 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:58:20.0954 1184 ============================================================
08:58:20.0954 1184 \Device\Harddisk0\DR0:
08:58:20.0954 1184 MBR partitions:
08:58:20.0954 1184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EA5CB
08:58:20.0954 1184 ============================================================
08:58:21.0141 1184 C: <-> \Device\Harddisk0\DR0\Partition0
08:58:21.0141 1184 ============================================================
08:58:21.0141 1184 Initialize success
08:58:21.0141 1184 ============================================================
08:58:43.0440 3004 ============================================================
08:58:43.0440 3004 Scan started
08:58:43.0440 3004 Mode: Manual; TDLFS;
08:58:43.0440 3004 ============================================================
08:58:49.0818 3004 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
08:58:49.0818 3004 1394ohci - ok
08:58:49.0896 3004 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
08:58:49.0896 3004 ACPI - ok
08:58:50.0021 3004 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
08:58:50.0036 3004 AcpiPmi - ok
08:58:50.0910 3004 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:58:50.0910 3004 AdobeFlashPlayerUpdateSvc - ok
08:58:51.0596 3004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
08:58:51.0643 3004 adp94xx - ok
08:58:51.0814 3004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
08:58:51.0830 3004 adpahci - ok
08:58:52.0142 3004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
08:58:52.0142 3004 adpu320 - ok
08:58:52.0204 3004 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
08:58:52.0204 3004 AeLookupSvc - ok
08:58:53.0077 3004 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
08:58:53.0093 3004 AFD - ok
08:58:53.0171 3004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
08:58:53.0171 3004 agp440 - ok
08:58:53.0358 3004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
08:58:53.0358 3004 aic78xx - ok
08:58:53.0451 3004 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
08:58:53.0483 3004 ALG - ok
08:58:53.0639 3004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
08:58:53.0670 3004 aliide - ok
08:58:53.0732 3004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
08:58:53.0732 3004 amdagp - ok
08:58:53.0779 3004 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
08:58:53.0779 3004 amdide - ok
08:58:53.0841 3004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
08:58:53.0857 3004 AmdK8 - ok
08:58:53.0872 3004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
08:58:53.0888 3004 AmdPPM - ok
08:58:54.0231 3004 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
08:58:54.0247 3004 amdsata - ok
08:58:54.0902 3004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
08:58:54.0917 3004 amdsbs - ok
08:58:55.0011 3004 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
08:58:55.0011 3004 amdxata - ok
08:58:55.0245 3004 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
08:58:55.0260 3004 AppID - ok
08:58:55.0510 3004 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
08:58:55.0541 3004 AppIDSvc - ok
08:58:55.0728 3004 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
08:58:55.0744 3004 Appinfo - ok
08:58:55.0806 3004 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
08:58:55.0806 3004 AppMgmt - ok
08:58:55.0868 3004 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
08:58:55.0868 3004 arc - ok
08:58:55.0946 3004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
08:58:55.0946 3004 arcsas - ok
08:58:56.0040 3004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
08:58:56.0040 3004 AsyncMac - ok
08:58:56.0258 3004 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
08:58:56.0258 3004 atapi - ok
08:58:57.0693 3004 Ati External Event Utility (86acb6a60c50e99eb8e68710d5a12654) C:\Windows\system32\Ati2evxx.exe
08:58:57.0724 3004 Ati External Event Utility - ok
08:58:58.0675 3004 atikmdag (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys
08:58:58.0784 3004 atikmdag - ok
08:58:59.0533 3004 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
08:58:59.0564 3004 AudioEndpointBuilder - ok
08:58:59.0580 3004 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
08:58:59.0580 3004 Audiosrv - ok
08:58:59.0658 3004 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
08:58:59.0658 3004 AxInstSV - ok
08:58:59.0954 3004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
08:58:59.0985 3004 b06bdrv - ok
08:59:00.0094 3004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
08:59:00.0110 3004 b57nd60x - ok
08:59:00.0172 3004 bcm4sbxp (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
08:59:00.0172 3004 bcm4sbxp - ok
08:59:00.0235 3004 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
08:59:00.0235 3004 BDESVC - ok
08:59:00.0281 3004 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
08:59:00.0281 3004 Beep - ok
08:59:00.0406 3004 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
08:59:00.0437 3004 BITS - ok
08:59:00.0484 3004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
08:59:00.0500 3004 blbdrive - ok
08:59:00.0718 3004 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe
08:59:00.0734 3004 Bonjour Service - ok
08:59:00.0796 3004 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
08:59:00.0796 3004 bowser - ok
08:59:00.0827 3004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:59:00.0827 3004 BrFiltLo - ok
08:59:00.0843 3004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:59:00.0843 3004 BrFiltUp - ok
08:59:00.0968 3004 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
08:59:00.0968 3004 Browser - ok
08:59:01.0061 3004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
08:59:01.0077 3004 Brserid - ok
08:59:01.0092 3004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
08:59:01.0092 3004 BrSerWdm - ok
08:59:01.0108 3004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:59:01.0108 3004 BrUsbMdm - ok
08:59:01.0108 3004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
08:59:01.0123 3004 BrUsbSer - ok
08:59:01.0123 3004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
08:59:01.0139 3004 BTHMODEM - ok
08:59:01.0186 3004 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
08:59:01.0186 3004 bthserv - ok
08:59:01.0248 3004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
08:59:01.0248 3004 cdfs - ok
08:59:01.0373 3004 Cdr4_xp (681a83e2b0ae8ab723a98a42edb7629a) C:\Windows\system32\drivers\Cdr4_xp.sys
08:59:01.0373 3004 Cdr4_xp - ok
08:59:01.0389 3004 Cdralw2k (8732a257f57aaa718f0c587cf5d0b430) C:\Windows\system32\drivers\Cdralw2k.sys
08:59:01.0389 3004 Cdralw2k - ok
08:59:01.0435 3004 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
08:59:01.0435 3004 cdrom - ok
08:59:01.0545 3004 cdudf_xp (65a9c15050c06829c8d907dbd39c13e1) C:\Windows\system32\drivers\cdudf_xp.sys
08:59:01.0545 3004 cdudf_xp - ok
08:59:01.0591 3004 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
08:59:01.0591 3004 CertPropSvc - ok
08:59:01.0622 3004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
08:59:01.0622 3004 circlass - ok
08:59:01.0841 3004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
08:59:01.0856 3004 CLFS - ok
08:59:02.0044 3004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:59:02.0044 3004 clr_optimization_v2.0.50727_32 - ok
08:59:02.0106 3004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
08:59:02.0106 3004 CmBatt - ok
08:59:02.0121 3004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
08:59:02.0121 3004 cmdide - ok
08:59:02.0184 3004 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
08:59:02.0199 3004 CNG - ok
08:59:02.0215 3004 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
08:59:02.0215 3004 Compbatt - ok
08:59:02.0262 3004 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
08:59:02.0277 3004 CompositeBus - ok
08:59:02.0293 3004 COMSysApp - ok
08:59:02.0324 3004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
08:59:02.0340 3004 crcdisk - ok
08:59:02.0402 3004 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
08:59:02.0418 3004 CryptSvc - ok
08:59:02.0480 3004 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
08:59:02.0496 3004 CSC - ok
08:59:02.0792 3004 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll
08:59:02.0808 3004 CscService - ok
08:59:03.0307 3004 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
08:59:03.0307 3004 DcomLaunch - ok
08:59:03.0618 3004 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
08:59:03.0618 3004 defragsvc - ok
08:59:03.0946 3004 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
08:59:03.0962 3004 DfsC - ok
08:59:04.0227 3004 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
08:59:04.0242 3004 Dhcp - ok
08:59:04.0305 3004 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
08:59:04.0320 3004 discache - ok
08:59:04.0492 3004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
08:59:04.0492 3004 Disk - ok
08:59:04.0570 3004 Dnscache (d0722e963d3c6145446874241401b209) C:\Windows\System32\dnsrslvr.dll
08:59:04.0585 3004 Dnscache - ok
08:59:04.0632 3004 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
08:59:04.0648 3004 dot3svc - ok
08:59:04.0710 3004 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
08:59:04.0726 3004 DPS - ok
08:59:04.0788 3004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
08:59:04.0788 3004 drmkaud - ok
08:59:04.0850 3004 DVDVRRdr_xp (668ffa03397aa70aae3bff2c81775a59) C:\Windows\system32\drivers\DVDVRRdr_xp.sys
08:59:04.0850 3004 DVDVRRdr_xp - ok
08:59:04.0913 3004 dvd_2K (240ea965412f5db3a6e587700c1fe4ea) C:\Windows\system32\drivers\dvd_2K.sys
08:59:04.0913 3004 dvd_2K - ok
08:59:05.0334 3004 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
08:59:05.0334 3004 DXGKrnl - ok
08:59:05.0443 3004 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
08:59:05.0459 3004 EapHost - ok
08:59:06.0441 3004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
08:59:06.0519 3004 ebdrv - ok
08:59:06.0706 3004 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
08:59:06.0706 3004 EFS - ok
08:59:06.0831 3004 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
08:59:06.0846 3004 ehRecvr - ok
08:59:07.0127 3004 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
08:59:07.0127 3004 ehSched - ok
08:59:07.0392 3004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
08:59:07.0408 3004 elxstor - ok
08:59:07.0439 3004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
08:59:07.0439 3004 ErrDev - ok
08:59:07.0610 3004 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
08:59:07.0626 3004 EventSystem - ok
08:59:07.0673 3004 evlqqupd - ok
08:59:07.0735 3004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
08:59:07.0735 3004 exfat - ok
08:59:07.0813 3004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
08:59:07.0813 3004 fastfat - ok
08:59:08.0250 3004 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
08:59:08.0281 3004 Fax - ok
08:59:08.0312 3004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
08:59:08.0312 3004 fdc - ok
08:59:08.0375 3004 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
08:59:08.0375 3004 fdPHost - ok
08:59:08.0437 3004 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
08:59:08.0453 3004 FDResPub - ok
08:59:08.0484 3004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
08:59:08.0484 3004 FileInfo - ok
08:59:08.0499 3004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
08:59:08.0499 3004 Filetrace - ok
08:59:08.0749 3004 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:59:08.0780 3004 FLEXnet Licensing Service - ok
08:59:08.0842 3004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
08:59:08.0842 3004 flpydisk - ok
08:59:08.0983 3004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
08:59:08.0983 3004 FltMgr - ok
08:59:09.0451 3004 FontCache (b6512a85815fdc3d560c3705f5bdb93d) C:\Windows\system32\FntCache.dll
08:59:09.0497 3004 FontCache - ok
08:59:09.0731 3004 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:59:09.0731 3004 FontCache3.0.0.0 - ok
08:59:09.0762 3004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
08:59:09.0762 3004 FsDepends - ok
08:59:09.0887 3004 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
08:59:09.0887 3004 fssfltr - ok
08:59:10.0963 3004 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
08:59:11.0010 3004 fsssvc - ok
08:59:11.0431 3004 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
08:59:11.0431 3004 Fs_Rec - ok
08:59:11.0634 3004 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
08:59:11.0649 3004 fvevol - ok
08:59:11.0727 3004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:59:11.0758 3004 gagp30kx - ok
08:59:12.0164 3004 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
08:59:12.0195 3004 gpsvc - ok
08:59:12.0460 3004 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
08:59:12.0460 3004 gupdate - ok
08:59:12.0491 3004 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
08:59:12.0491 3004 gupdatem - ok
08:59:12.0569 3004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:59:12.0585 3004 gusvc - ok
08:59:12.0632 3004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
08:59:12.0632 3004 hcw85cir - ok
08:59:12.0725 3004 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
08:59:12.0741 3004 HdAudAddService - ok
08:59:12.0975 3004 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
08:59:12.0990 3004 HDAudBus - ok
08:59:13.0037 3004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
08:59:13.0053 3004 HidBatt - ok
08:59:13.0084 3004 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
08:59:13.0131 3004 HidBth - ok
08:59:13.0162 3004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
08:59:13.0177 3004 HidIr - ok
08:59:13.0209 3004 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
08:59:13.0209 3004 hidserv - ok
08:59:13.0271 3004 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
08:59:13.0271 3004 HidUsb - ok
08:59:13.0365 3004 hitmanpro36 (47eece68857817f39c8c6f33a7e5e76c) C:\Windows\system32\drivers\hitmanpro36.sys
08:59:13.0365 3004 hitmanpro36 - ok
08:59:13.0411 3004 HitmanProScheduler (da53819fbb21e6ff91d377283597a6c6) C:\Program Files\HitmanPro\hmpsched.exe
08:59:13.0411 3004 HitmanProScheduler - ok
08:59:13.0489 3004 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
08:59:13.0505 3004 hkmsvc - ok
08:59:13.0692 3004 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
08:59:13.0708 3004 HomeGroupListener - ok
08:59:13.0754 3004 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
08:59:13.0770 3004 HomeGroupProvider - ok
08:59:14.0019 3004 HP LaserJet Service (f90dd89e8a482ac976dd4e1029802e49) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
08:59:14.0019 3004 HP LaserJet Service - ok
08:59:14.0051 3004 HP1210FAX (7330493e27af4dc73de0f3293e8b5514) C:\Windows\system32\Drivers\HPM1210FAX.sys
08:59:14.0051 3004 HP1210FAX - ok
08:59:14.0160 3004 HPM1210RcvFaxSrvc (1451ab76d18af31d9be3176fc90f58d1) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
08:59:14.0175 3004 HPM1210RcvFaxSrvc - ok
08:59:14.0207 3004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
08:59:14.0222 3004 HpSAMD - ok
08:59:14.0269 3004 HPSIService (86d9f218677e8b9357a5d9309cd495dc) C:\Windows\system32\HPSIsvc.exe
08:59:14.0269 3004 HPSIService - ok
08:59:14.0409 3004 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
08:59:14.0425 3004 HTTP - ok
08:59:14.0472 3004 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
08:59:14.0472 3004 hwpolicy - ok
08:59:14.0643 3004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
08:59:14.0643 3004 i8042prt - ok
08:59:14.0799 3004 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
08:59:14.0815 3004 iaStorV - ok
08:59:15.0329 3004 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:59:15.0329 3004 IDriverT - ok
08:59:16.0327 3004 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:59:16.0374 3004 idsvc - ok
08:59:16.0546 3004 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
08:59:16.0546 3004 iirsp - ok
08:59:16.0702 3004 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
08:59:16.0733 3004 IKEEXT - ok
08:59:16.0780 3004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
08:59:16.0780 3004 intelide - ok
08:59:16.0826 3004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
08:59:16.0826 3004 intelppm - ok
08:59:16.0873 3004 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
08:59:16.0873 3004 IPBusEnum - ok
08:59:16.0936 3004 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:59:16.0936 3004 IpFilterDriver - ok
08:59:16.0982 3004 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
08:59:16.0982 3004 IPMIDRV - ok
08:59:17.0013 3004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
08:59:17.0013 3004 IPNAT - ok
08:59:17.0076 3004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
08:59:17.0076 3004 IRENUM - ok
08:59:17.0169 3004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
08:59:17.0185 3004 isapnp - ok
08:59:17.0403 3004 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
08:59:17.0403 3004 iScsiPrt - ok
08:59:17.0466 3004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
08:59:17.0466 3004 kbdclass - ok
08:59:17.0512 3004 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
08:59:17.0512 3004 kbdhid - ok
08:59:17.0590 3004 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:59:17.0590 3004 KeyIso - ok
08:59:17.0653 3004 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
08:59:17.0653 3004 KSecDD - ok
08:59:17.0715 3004 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
08:59:17.0715 3004 KSecPkg - ok
08:59:17.0762 3004 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
08:59:17.0778 3004 KtmRm - ok
08:59:17.0856 3004 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
08:59:17.0871 3004 LanmanServer - ok
08:59:17.0949 3004 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
08:59:17.0949 3004 LanmanWorkstation - ok
08:59:18.0058 3004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
08:59:18.0074 3004 lltdio - ok
08:59:18.0152 3004 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
08:59:18.0167 3004 lltdsvc - ok
08:59:18.0199 3004 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
08:59:18.0199 3004 lmhosts - ok
08:59:18.0245 3004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:59:18.0261 3004 LSI_FC - ok
08:59:18.0323 3004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:59:18.0339 3004 LSI_SAS - ok
08:59:18.0370 3004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:59:18.0370 3004 LSI_SAS2 - ok
08:59:18.0401 3004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:59:18.0417 3004 LSI_SCSI - ok
08:59:18.0479 3004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
08:59:18.0495 3004 luafv - ok
08:59:18.0573 3004 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
08:59:18.0573 3004 Mcx2Svc - ok
08:59:18.0620 3004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
08:59:18.0620 3004 megasas - ok
08:59:18.0682 3004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
08:59:18.0698 3004 MegaSR - ok
08:59:18.0838 3004 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
08:59:18.0838 3004 Microsoft Office Groove Audit Service - ok
08:59:18.0947 3004 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:59:18.0947 3004 MMCSS - ok
08:59:19.0009 3004 mmc_2K (26a06fb2315ad15613420054107be520) C:\Windows\system32\drivers\mmc_2K.sys
08:59:19.0009 3004 mmc_2K - ok
08:59:19.0087 3004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
08:59:19.0103 3004 Modem - ok
08:59:19.0165 3004 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
08:59:19.0165 3004 monitor - ok
08:59:19.0228 3004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
08:59:19.0228 3004 mouclass - ok
08:59:19.0306 3004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
08:59:19.0321 3004 mouhid - ok
08:59:19.0368 3004 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
08:59:19.0368 3004 mountmgr - ok
08:59:19.0415 3004 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
08:59:19.0415 3004 mpio - ok
08:59:19.0446 3004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
08:59:19.0446 3004 mpsdrv - ok
08:59:19.0493 3004 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
08:59:19.0508 3004 MRxDAV - ok
08:59:19.0555 3004 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:59:19.0571 3004 mrxsmb - ok
08:59:19.0664 3004 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:59:19.0664 3004 mrxsmb10 - ok
08:59:19.0711 3004 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:59:19.0711 3004 mrxsmb20 - ok
08:59:19.0742 3004 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
08:59:19.0758 3004 msahci - ok
08:59:19.0805 3004 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
08:59:19.0805 3004 msdsm - ok
08:59:19.0852 3004 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
08:59:19.0867 3004 MSDTC - ok
08:59:19.0898 3004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
08:59:19.0898 3004 Msfs - ok
08:59:19.0929 3004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
08:59:19.0945 3004 mshidkmdf - ok
08:59:19.0976 3004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
08:59:19.0976 3004 msisadrv - ok
08:59:20.0039 3004 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
08:59:20.0054 3004 MSiSCSI - ok
08:59:20.0054 3004 msiserver - ok
08:59:20.0101 3004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
08:59:20.0101 3004 MSKSSRV - ok
08:59:20.0117 3004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
08:59:20.0117 3004 MSPCLOCK - ok
08:59:20.0148 3004 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
08:59:20.0148 3004 MSPQM - ok
08:59:20.0335 3004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
08:59:20.0351 3004 MsRPC - ok
08:59:20.0382 3004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
08:59:20.0382 3004 mssmbios - ok
08:59:20.0397 3004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
08:59:20.0397 3004 MSTEE - ok
08:59:20.0413 3004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
08:59:20.0413 3004 MTConfig - ok
08:59:20.0475 3004 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
08:59:20.0475 3004 Mup - ok
08:59:20.0553 3004 mvusbews (da52265242677e1c03b2560a03172612) C:\Windows\system32\Drivers\mvusbews.sys
08:59:20.0553 3004 mvusbews - ok
08:59:20.0616 3004 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
08:59:20.0647 3004 napagent - ok
08:59:20.0772 3004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
08:59:20.0772 3004 NativeWifiP - ok
08:59:20.0865 3004 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
08:59:20.0881 3004 NDIS - ok
08:59:20.0927 3004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
08:59:20.0943 3004 NdisCap - ok
08:59:20.0974 3004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
08:59:20.0974 3004 NdisTapi - ok
08:59:21.0021 3004 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
08:59:21.0021 3004 Ndisuio - ok
08:59:21.0083 3004 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
08:59:21.0083 3004 NdisWan - ok
08:59:21.0130 3004 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
08:59:21.0130 3004 NDProxy - ok
08:59:21.0255 3004 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
08:59:21.0271 3004 Net Driver HPZ12 - ok
08:59:21.0317 3004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
08:59:21.0317 3004 NetBIOS - ok
08:59:21.0349 3004 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
08:59:21.0395 3004 NetBT - ok
08:59:21.0458 3004 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:59:21.0473 3004 Netlogon - ok
08:59:21.0723 3004 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
08:59:21.0738 3004 Netman - ok
08:59:21.0816 3004 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
08:59:21.0832 3004 netprofm - ok
08:59:21.0972 3004 netr28u (105a0947e6e01e5a6b76dad87547cd89) C:\Windows\system32\DRIVERS\netr28u.sys
08:59:21.0972 3004 netr28u - ok
08:59:22.0097 3004 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:59:22.0113 3004 NetTcpPortSharing - ok
08:59:22.0159 3004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
08:59:22.0159 3004 nfrd960 - ok
08:59:22.0393 3004 NitroDriverReadSpool2 (6a3f413dbf95f152af9f8bd2af2bc48a) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
08:59:22.0393 3004 NitroDriverReadSpool2 - ok
08:59:22.0456 3004 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
08:59:22.0487 3004 NlaSvc - ok
08:59:22.0549 3004 nlsX86cc (0543fa119cf3fd2203851fd71202ffe1) C:\Windows\system32\NLSSRV32.EXE
08:59:22.0549 3004 nlsX86cc - ok
08:59:22.0580 3004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
08:59:22.0580 3004 Npfs - ok
08:59:22.0612 3004 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
08:59:22.0612 3004 nsi - ok
08:59:22.0658 3004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
08:59:22.0674 3004 nsiproxy - ok
08:59:22.0846 3004 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
08:59:22.0877 3004 Ntfs - ok
08:59:22.0970 3004 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
08:59:22.0970 3004 Null - ok
08:59:23.0079 3004 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
08:59:23.0095 3004 nvraid - ok
08:59:23.0142 3004 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
08:59:23.0142 3004 nvstor - ok
08:59:23.0267 3004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
08:59:23.0267 3004 nv_agp - ok
08:59:23.0625 3004 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:59:23.0672 3004 odserv - ok
08:59:23.0703 3004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
08:59:23.0703 3004 ohci1394 - ok
08:59:23.0766 3004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:59:23.0766 3004 ose - ok
08:59:23.0844 3004 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:59:23.0875 3004 p2pimsvc - ok
08:59:23.0953 3004 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
08:59:23.0999 3004 p2psvc - ok
08:59:24.0046 3004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
08:59:24.0046 3004 Parport - ok
08:59:24.0077 3004 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
08:59:24.0077 3004 partmgr - ok
08:59:24.0109 3004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
08:59:24.0109 3004 Parvdm - ok
08:59:24.0420 3004 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
08:59:24.0452 3004 PcaSvc - ok
08:59:24.0514 3004 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
08:59:24.0530 3004 pci - ok
08:59:24.0576 3004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
08:59:24.0576 3004 pciide - ok
08:59:24.0654 3004 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
08:59:24.0670 3004 pcmcia - ok
08:59:24.0717 3004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
08:59:24.0717 3004 pcw - ok
08:59:24.0826 3004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
08:59:24.0842 3004 PEAUTH - ok
08:59:25.0044 3004 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
08:59:25.0075 3004 PeerDistSvc - ok
08:59:25.0341 3004 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
08:59:25.0372 3004 pla - ok
08:59:25.0590 3004 PlugPlay (2cc2008f1296968fba162ed9f9afe328) C:\Windows\system32\umpnpmgr.dll
08:59:25.0621 3004 PlugPlay - ok
08:59:25.0762 3004 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
08:59:25.0777 3004 Pml Driver HPZ12 - ok
08:59:25.0871 3004 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
08:59:25.0871 3004 PNRPAutoReg - ok
08:59:26.0276 3004 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:59:26.0276 3004 PNRPsvc - ok
08:59:26.0385 3004 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
08:59:26.0416 3004 PolicyAgent - ok
08:59:26.0635 3004 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
08:59:26.0650 3004 Power - ok
08:59:26.0744 3004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
08:59:26.0744 3004 PptpMiniport - ok
08:59:26.0806 3004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
08:59:26.0806 3004 Processor - ok
08:59:26.0915 3004 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
08:59:26.0931 3004 ProfSvc - ok
08:59:27.0040 3004 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:59:27.0040 3004 ProtectedStorage - ok
08:59:27.0337 3004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
08:59:27.0368 3004 Psched - ok
08:59:27.0711 3004 pwd_2k (55b943f509ed863b86e685aee1445890) C:\Windows\system32\drivers\pwd_2k.sys
08:59:27.0711 3004 pwd_2k - ok
08:59:28.0740 3004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
08:59:28.0787 3004 ql2300 - ok
08:59:30.0003 3004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
08:59:30.0034 3004 ql40xx - ok
08:59:30.0284 3004 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
08:59:30.0330 3004 QWAVE - ok
08:59:30.0424 3004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
08:59:30.0440 3004 QWAVEdrv - ok
08:59:30.0471 3004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
08:59:30.0471 3004 RasAcd - ok
08:59:30.0642 3004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:59:30.0658 3004 RasAgileVpn - ok
08:59:30.0907 3004 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
08:59:30.0907 3004 RasAuto - ok
08:59:30.0954 3004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:59:30.0954 3004 Rasl2tp - ok
08:59:31.0188 3004 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
08:59:31.0204 3004 RasMan - ok
08:59:31.0266 3004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
08:59:31.0282 3004 RasPppoe - ok
08:59:31.0313 3004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
08:59:31.0328 3004 RasSstp - ok
08:59:31.0360 3004 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
08:59:31.0375 3004 rdbss - ok
08:59:31.0422 3004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
08:59:31.0438 3004 rdpbus - ok
08:59:31.0469 3004 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:59:31.0469 3004 RDPCDD - ok
08:59:31.0547 3004 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
08:59:31.0547 3004 RDPDR - ok
08:59:31.0578 3004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
08:59:31.0578 3004 RDPENCDD - ok
08:59:31.0625 3004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
08:59:31.0625 3004 RDPREFMP - ok
08:59:31.0656 3004 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
08:59:31.0672 3004 RDPWD - ok
08:59:31.0734 3004 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
08:59:31.0734 3004 rdyboost - ok
08:59:31.0765 3004 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
08:59:31.0765 3004 RemoteAccess - ok
08:59:31.0859 3004 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
08:59:31.0859 3004 RemoteRegistry - ok
08:59:31.0921 3004 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
08:59:31.0921 3004 RimUsb - ok
08:59:31.0968 3004 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
08:59:31.0968 3004 RpcEptMapper - ok
08:59:32.0015 3004 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
08:59:32.0030 3004 RpcLocator - ok
08:59:32.0093 3004 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
08:59:32.0093 3004 RpcSs - ok
08:59:32.0155 3004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
08:59:32.0155 3004 rspndr - ok
08:59:32.0186 3004 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
08:59:32.0202 3004 s3cap - ok
08:59:32.0233 3004 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:59:32.0233 3004 SamSs - ok
08:59:32.0280 3004 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
08:59:32.0295 3004 sbp2port - ok
08:59:32.0436 3004 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
08:59:32.0467 3004 SCardSvr - ok
08:59:32.0498 3004 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
08:59:32.0498 3004 scfilter - ok
08:59:32.0670 3004 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
08:59:32.0701 3004 Schedule - ok
08:59:32.0732 3004 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
08:59:32.0732 3004 SCPolicySvc - ok
08:59:32.0841 3004 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
08:59:32.0857 3004 SDRSVC - ok
08:59:32.0919 3004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
08:59:32.0935 3004 secdrv - ok
08:59:32.0950 3004 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
08:59:32.0950 3004 seclogon - ok
08:59:33.0075 3004 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
08:59:33.0075 3004 SENS - ok
08:59:33.0122 3004 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
08:59:33.0122 3004 SensrSvc - ok
08:59:33.0153 3004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
08:59:33.0153 3004 Serenum - ok
08:59:33.0184 3004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
08:59:33.0184 3004 Serial - ok
08:59:33.0231 3004 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
08:59:33.0247 3004 sermouse - ok
08:59:33.0324 3004 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
08:59:33.0340 3004 SessionEnv - ok
08:59:33.0356 3004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
08:59:33.0356 3004 sffdisk - ok
08:59:33.0371 3004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
08:59:33.0371 3004 sffp_mmc - ok
08:59:33.0387 3004 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
08:59:33.0387 3004 sffp_sd - ok
08:59:33.0402 3004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
08:59:33.0402 3004 sfloppy - ok
08:59:33.0480 3004 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
08:59:33.0496 3004 ShellHWDetection - ok
08:59:33.0527 3004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
08:59:34.0073 3004 sisagp - ok
08:59:34.0104 3004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:59:34.0104 3004 SiSRaid2 - ok
08:59:34.0151 3004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
08:59:34.0151 3004 SiSRaid4 - ok
08:59:34.0182 3004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
08:59:34.0198 3004 Smb - ok
08:59:34.0245 3004 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
08:59:34.0245 3004 SNMPTRAP - ok
08:59:34.0322 3004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
08:59:34.0322 3004 spldr - ok
08:59:34.0712 3004 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
08:59:34.0728 3004 Spooler - ok
08:59:36.0506 3004 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
08:59:36.0584 3004 sppsvc - ok
08:59:36.0817 3004 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
08:59:36.0833 3004 sppuinotify - ok
08:59:36.0973 3004 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
08:59:36.0989 3004 srv - ok
08:59:37.0270 3004 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
08:59:37.0332 3004 srv2 - ok
08:59:37.0379 3004 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
08:59:37.0379 3004 srvnet - ok
08:59:37.0535 3004 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
08:59:37.0550 3004 SSDPSRV - ok
08:59:37.0582 3004 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
08:59:37.0597 3004 SstpSvc - ok
08:59:37.0660 3004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
08:59:37.0675 3004 stexstor - ok
08:59:37.0769 3004 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
08:59:37.0769 3004 StillCam - ok
08:59:37.0909 3004 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
08:59:37.0925 3004 StiSvc - ok
08:59:37.0987 3004 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
08:59:37.0987 3004 storflt - ok
08:59:38.0018 3004 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
08:59:38.0034 3004 storvsc - ok
08:59:38.0081 3004 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
08:59:38.0081 3004 swenum - ok
08:59:38.0314 3004 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:59:38.0330 3004 SwitchBoard - ok
08:59:38.0424 3004 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
08:59:38.0455 3004 swprv - ok
08:59:38.0813 3004 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
08:59:38.0860 3004 SysMain - ok
08:59:38.0907 3004 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
08:59:38.0907 3004 TabletInputService - ok
08:59:38.0938 3004 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
08:59:38.0969 3004 TapiSrv - ok
08:59:39.0047 3004 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
08:59:39.0063 3004 TBS - ok
08:59:39.0780 3004 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
08:59:39.0827 3004 Tcpip - ok
08:59:39.0874 3004 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
08:59:39.0874 3004 TCPIP6 - ok
08:59:39.0983 3004 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
08:59:39.0983 3004 tcpipreg - ok
08:59:40.0045 3004 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
08:59:40.0045 3004 TDPIPE - ok
08:59:40.0092 3004 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
08:59:40.0092 3004 TDTCP - ok
08:59:40.0186 3004 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
08:59:40.0186 3004 tdx - ok
08:59:40.0498 3004 TeamViewer6 (12eb792f908d263381162d9bb304b520) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
08:59:40.0513 3004 TeamViewer6 - ok
08:59:40.0700 3004 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
08:59:40.0700 3004 TermDD - ok
08:59:41.0262 3004 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
08:59:41.0277 3004 TermService - ok
08:59:41.0324 3004 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
08:59:41.0324 3004 Themes - ok
08:59:41.0355 3004 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:59:41.0371 3004 THREADORDER - ok
08:59:41.0480 3004 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
08:59:41.0480 3004 TrkWks - ok
08:59:41.0698 3004 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
08:59:41.0839 3004 TrustedInstaller - ok
08:59:41.0917 3004 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:59:41.0932 3004 tssecsrv - ok
08:59:42.0088 3004 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
08:59:42.0088 3004 tunnel - ok
08:59:42.0119 3004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
08:59:42.0119 3004 uagp35 - ok
08:59:42.0213 3004 UDFReadr (e3f66ac25ac2a0b7fda19df4651def82) C:\Windows\system32\drivers\UDFReadr.sys
08:59:42.0213 3004 UDFReadr - ok
08:59:42.0291 3004 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
08:59:42.0306 3004 udfs - ok
08:59:42.0431 3004 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
08:59:42.0447 3004 UI0Detect - ok
08:59:42.0462 3004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
08:59:42.0462 3004 uliagpkx - ok
08:59:42.0509 3004 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
08:59:42.0509 3004 umbus - ok
08:59:42.0540 3004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
08:59:42.0540 3004 UmPass - ok
08:59:42.0618 3004 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll
08:59:42.0634 3004 UmRdpService - ok
08:59:42.0696 3004 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
08:59:42.0712 3004 upnphost - ok
08:59:42.0774 3004 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
08:59:42.0790 3004 usbccgp - ok
08:59:42.0821 3004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
08:59:42.0821 3004 usbcir - ok
08:59:42.0868 3004 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
08:59:42.0868 3004 usbehci - ok
08:59:42.0946 3004 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
08:59:42.0977 3004 usbhub - ok
08:59:43.0008 3004 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
08:59:43.0008 3004 usbohci - ok
08:59:43.0055 3004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
08:59:43.0055 3004 usbprint - ok
08:59:43.0102 3004 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
08:59:43.0117 3004 usbscan - ok
08:59:43.0133 3004 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:59:43.0133 3004 USBSTOR - ok
08:59:43.0164 3004 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
08:59:43.0164 3004 usbuhci - ok
08:59:43.0242 3004 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
08:59:43.0258 3004 UxSms - ok
08:59:43.0336 3004 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:59:43.0336 3004 VaultSvc - ok
08:59:43.0398 3004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
08:59:43.0414 3004 vdrvroot - ok
08:59:43.0803 3004 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
08:59:43.0819 3004 vds - ok
08:59:43.0928 3004 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
08:59:43.0928 3004 vga - ok
08:59:43.0959 3004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
08:59:43.0959 3004 VgaSave - ok
08:59:44.0131 3004 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
08:59:44.0162 3004 vhdmp - ok
08:59:44.0302 3004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
08:59:44.0334 3004 viaagp - ok
08:59:44.0536 3004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
08:59:44.0536 3004 ViaC7 - ok
08:59:44.0614 3004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
08:59:44.0614 3004 viaide - ok
08:59:44.0786 3004 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
08:59:44.0817 3004 vmbus - ok
08:59:44.0864 3004 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
08:59:44.0895 3004 VMBusHID - ok
08:59:45.0004 3004 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
08:59:45.0004 3004 volmgr - ok
08:59:45.0316 3004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
08:59:45.0332 3004 volmgrx - ok
08:59:46.0267 3004 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
08:59:46.0298 3004 volsnap - ok
08:59:46.0766 3004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
08:59:46.0797 3004 vsmraid - ok
08:59:47.0951 3004 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
08:59:47.0998 3004 VSS - ok
08:59:48.0076 3004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
08:59:48.0092 3004 vwifibus - ok
08:59:48.0232 3004 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
08:59:48.0248 3004 vwififlt - ok
08:59:48.0715 3004 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
08:59:48.0731 3004 W32Time - ok
08:59:48.0793 3004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
08:59:48.0793 3004 WacomPen - ok
08:59:48.0949 3004 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
08:59:48.0949 3004 WANARP - ok
08:59:48.0965 3004 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
08:59:48.0965 3004 Wanarpv6 - ok
08:59:49.0308 3004 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
08:59:49.0339 3004 WatAdminSvc - ok
08:59:49.0807 3004 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
08:59:49.0854 3004 wbengine - ok
08:59:49.0885 3004 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
08:59:49.0901 3004 WbioSrvc - ok
08:59:49.0947 3004 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
08:59:49.0979 3004 wcncsvc - ok
08:59:50.0010 3004 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
08:59:50.0025 3004 WcsPlugInService - ok
08:59:50.0212 3004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
08:59:50.0228 3004 Wd - ok
08:59:50.0290 3004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
08:59:50.0322 3004 Wdf01000 - ok
08:59:50.0353 3004 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:59:50.0368 3004 WdiServiceHost - ok
08:59:50.0384 3004 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:59:50.0384 3004 WdiSystemHost - ok
08:59:50.0649 3004 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
08:59:50.0649 3004 WebClient - ok
08:59:50.0711 3004 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
08:59:50.0711 3004 Wecsvc - ok
08:59:50.0789 3004 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
08:59:50.0789 3004 wercplsupport - ok
08:59:50.0836 3004 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
08:59:50.0836 3004 WerSvc - ok
08:59:50.0899 3004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
08:59:50.0899 3004 WfpLwf - ok
08:59:50.0930 3004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
08:59:50.0930 3004 WIMMount - ok
08:59:50.0945 3004 WinHttpAutoProxySvc - ok
08:59:51.0242 3004 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
08:59:51.0273 3004 Winmgmt - ok
08:59:51.0631 3004 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
08:59:51.0678 3004 WinRM - ok
08:59:51.0787 3004 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
08:59:51.0787 3004 WinUsb - ok
08:59:52.0099 3004 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
08:59:52.0130 3004 Wlansvc - ok
08:59:52.0333 3004 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:59:52.0364 3004 wlcrasvc - ok
08:59:52.0863 3004 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:59:52.0895 3004 wlidsvc - ok
08:59:53.0752 3004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
08:59:53.0752 3004 WmiAcpi - ok
08:59:53.0877 3004 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
08:59:53.0893 3004 wmiApSrv - ok
08:59:54.0844 3004 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
08:59:54.0875 3004 WMPNetworkSvc - ok
08:59:54.0922 3004 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
08:59:54.0922 3004 WPCSvc - ok
08:59:55.0015 3004 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
08:59:55.0015 3004 WPDBusEnum - ok
08:59:55.0062 3004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
08:59:55.0062 3004 ws2ifsl - ok
08:59:55.0078 3004 WSearch - ok
08:59:55.0452 3004 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
08:59:55.0499 3004 wuauserv - ok
08:59:55.0826 3004 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
08:59:55.0826 3004 WudfPf - ok
08:59:55.0982 3004 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:59:55.0998 3004 WUDFRd - ok
08:59:56.0107 3004 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
08:59:56.0107 3004 wudfsvc - ok
08:59:56.0200 3004 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
08:59:56.0200 3004 WwanSvc - ok
08:59:56.0263 3004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:59:57.0510 3004 \Device\Harddisk0\DR0 - ok
08:59:57.0541 3004 Boot (0x1200) (6b7149785f21f60337c33757eb74016e) \Device\Harddisk0\DR0\Partition0
08:59:57.0541 3004 \Device\Harddisk0\DR0\Partition0 - ok
08:59:57.0541 3004 ============================================================
08:59:57.0541 3004 Scan finished
08:59:57.0541 3004 ============================================================
08:59:57.0573 0184 Detected object count: 0
08:59:57.0573 0184 Actual detected object count: 0
09:00:03.0077 1588 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-29 09:00:20
-----------------------------
09:00:20.558 OS Version: Windows 6.1.7600
09:00:20.558 Number of processors: 1 586 0x605
09:00:20.558 ComputerName: TTHEBERGE-PC UserName: ttheberge
09:00:32.955 Initialize success
09:01:30.774 AVAST engine defs: 12062901
09:01:54.248 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:01:54.248 Disk 0 Vendor: ST3808110AS 3.ADJ Size: 76293MB BusType: 3
09:01:54.279 Disk 0 MBR read successfully
09:01:54.295 Disk 0 MBR scan
09:01:54.295 Disk 0 Windows 7 default MBR code
09:01:54.311 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76244 MB offset 80325
09:01:54.311 Disk 0 scanning sectors +156249984
09:01:55.824 Disk 0 scanning C:\Windows\system32\drivers
09:02:36.487 Service scanning
09:03:39.315 Modules scanning
09:04:39.335 Module: C:\Windows\System32\user32.dll **SUSPICIOUS**
09:04:52.890 Disk 0 trace - called modules:
09:04:52.905 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll pciide.sys PCIIDEX.SYS atapi.sys
09:04:52.905 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a0a828]
09:04:52.905 3 CLASSPNP.SYS[88d7359e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8590a908]
09:04:54.808 AVAST engine scan C:\Windows
09:04:57.476 AVAST engine scan C:\Windows\system32
09:04:58.427 File: C:\Windows\system32\3a74162a.dll **INFECTED** Win32:Ezula-AKN [Adw]
09:08:30.592 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:10:12.394 AVAST engine scan C:\Windows\system32\drivers
09:10:35.605 AVAST engine scan C:\Users\ttheberge
09:11:42.075 File: C:\Users\ttheberge\AppData\Local\Temp\001041ef.exe **INFECTED** Win32:Malware-gen
09:11:42.091 File: C:\Users\ttheberge\AppData\Local\Temp\001063c1.exe **INFECTED** Win32:Zbot-OTN [Trj]
09:13:12.267 AVAST engine scan C:\ProgramData
09:13:12.361 File: C:\ProgramData\0D5o2xKk.exe **INFECTED** Win32:Malware-gen
09:16:53.502 File: C:\ProgramData\UvtUqwKUwIUlyC.exe **INFECTED** Win32:FakeSysdef-NH [Trj]
09:16:59.274 Scan finished successfully
09:20:24.570 Disk 0 MBR has been saved successfully to "\\whp-srv\home\ttheberge\Desktop\MBR.dat"
09:20:24.585 The log file has been saved successfully to "\\whp-srv\home\ttheberge\Desktop\aswMBR.txt"

#6 fallenwinters

fallenwinters
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 29 June 2012 - 09:32 AM

I couldn't download the ESET link. It says "Error 404 (Not Found)!!1)

"404. Thatís an error.
The requested URL /special/eos/esetsmartinstaller_enu.exe was not found on this server. Thatís all we know."

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 PM

Posted 29 June 2012 - 11:48 AM

Press Windows+R key and type

notepad and click ok

Now copy this script
@echo off
del /f /s /q "C:\Windows\system32\3a74162a.dll"
del /f /s /q "C:\ProgramData\0D5o2xKk.exe"
del /f /s /q "C:\ProgramData\UvtUqwKUwIUlyC.exe"
del /f /s /q "C:\Windows\assembly\GAC\Desktop.ini"
del /f /s /q "C:\Users\ttheberge\AppData\Local\Temp\001041ef.exe"
del /f /s /q "C:\Users\ttheberge\AppData\Local\Temp\001063c1.exe"
del %0

Save it as

filename:remove.bat
Save as type:All types

Run the bat file

Reboot to normal mode,run ESET online scanner again

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users