Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with "trojan dropper.generic_c.MMI" - what do I do?


  • Please log in to reply
3 replies to this topic

#1 lmai

lmai

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:29 PM

Posted 08 July 2012 - 08:28 AM

Hi. First post in the bleepingcomputer forums!

My computer is infected with the "trojan dropper.generic_c.MMI" virus. This started over a week ago. My AVG Free Home Edition will pop up every time the laptop is powered on and report that there has been this infection. The only option it gives is to ignore the threat. I will run the manual scan, only to end in the same result of ignoring the threat. I have also run Malwarebytes Anti-Malware, but it could not remove the virus either. The internet has also been hijacked- occasionally, it will randomly take me to a site where it advertises how to clean up the virus (don't worry, I don't click on the links it gives). Those are the only steps I have taken to try and remove the virus.

I am running Windows 7 Home Premium 64-bit with Service Pack 1. Browsers used are Firefox and Chrome. Protection from AVG Anti-virus Free Edition 2012 and Malwarebytes Anti-Malware.

Your assistance is greatly appreciated. Hope to hear back soon of a battleplan against this virus!

Thanks,
lmai

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:29 PM

Posted 08 July 2012 - 08:39 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 lmai

lmai
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:29 PM

Posted 08 July 2012 - 10:31 AM

Hi. Thanks for the reply. I also forgot to note that I am using a different computer to access bleepingcomputer because the infected computer will not let me access that site. Here are the logs that come from the programs run on the infected laptop:


TDSS Killer log


09:43:10.0596 4288 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
09:43:11.0620 4288 ============================================================
09:43:11.0620 4288 Current date / time: 2012/07/08 09:43:11.0620
09:43:11.0620 4288 SystemInfo:
09:43:11.0620 4288
09:43:11.0620 4288 OS Version: 6.1.7601 ServicePack: 1.0
09:43:11.0620 4288 Product type: Workstation
09:43:11.0620 4288 ComputerName: MAIDAU-PC
09:43:11.0621 4288 UserName: MAI DAU
09:43:11.0621 4288 Windows directory: C:\Windows
09:43:11.0621 4288 System windows directory: C:\Windows
09:43:11.0621 4288 Running under WOW64
09:43:11.0621 4288 Processor architecture: Intel x64
09:43:11.0621 4288 Number of processors: 2
09:43:11.0621 4288 Page size: 0x1000
09:43:11.0621 4288 Boot type: Normal boot
09:43:11.0621 4288 ============================================================
09:43:13.0529 4288 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:43:13.0673 4288 ============================================================
09:43:13.0673 4288 \Device\Harddisk0\DR0:
09:43:13.0724 4288 MBR partitions:
09:43:13.0724 4288 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
09:43:13.0724 4288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
09:43:13.0724 4288 ============================================================
09:43:13.0763 4288 C: <-> \Device\Harddisk0\DR0\Partition1
09:43:13.0763 4288 ============================================================
09:43:13.0763 4288 Initialize success
09:43:13.0763 4288 ============================================================
09:45:53.0616 5052 ============================================================
09:45:53.0616 5052 Scan started
09:45:53.0616 5052 Mode: Manual; TDLFS;
09:45:53.0616 5052 ============================================================
09:45:57.0175 5052 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:45:57.0175 5052 1394ohci - ok
09:45:57.0215 5052 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:45:57.0215 5052 ACPI - ok
09:45:57.0255 5052 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:45:57.0255 5052 AcpiPmi - ok
09:45:57.0375 5052 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:45:57.0375 5052 AdobeFlashPlayerUpdateSvc - ok
09:45:57.0445 5052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:45:57.0455 5052 adp94xx - ok
09:45:57.0475 5052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:45:57.0485 5052 adpahci - ok
09:45:57.0495 5052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:45:57.0505 5052 adpu320 - ok
09:45:57.0535 5052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:45:57.0535 5052 AeLookupSvc - ok
09:45:57.0595 5052 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:45:57.0595 5052 AFD - ok
09:45:57.0645 5052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:45:57.0645 5052 agp440 - ok
09:45:57.0695 5052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:45:57.0695 5052 ALG - ok
09:45:57.0745 5052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:45:57.0745 5052 aliide - ok
09:45:57.0755 5052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:45:57.0755 5052 amdide - ok
09:45:57.0795 5052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:45:57.0795 5052 AmdK8 - ok
09:45:57.0805 5052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:45:57.0815 5052 AmdPPM - ok
09:45:57.0855 5052 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:45:57.0855 5052 amdsata - ok
09:45:57.0895 5052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:45:57.0905 5052 amdsbs - ok
09:45:57.0925 5052 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:45:57.0925 5052 amdxata - ok
09:45:57.0965 5052 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:45:57.0965 5052 AppID - ok
09:45:57.0995 5052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:45:57.0995 5052 AppIDSvc - ok
09:45:58.0055 5052 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:45:58.0055 5052 Appinfo - ok
09:45:58.0095 5052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:45:58.0095 5052 arc - ok
09:45:58.0105 5052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:45:58.0105 5052 arcsas - ok
09:45:58.0135 5052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:45:58.0135 5052 AsyncMac - ok
09:45:58.0175 5052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:45:58.0175 5052 atapi - ok
09:45:58.0245 5052 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:45:58.0255 5052 AudioEndpointBuilder - ok
09:45:58.0265 5052 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:45:58.0265 5052 AudioSrv - ok
09:45:58.0575 5052 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
09:45:58.0685 5052 AVGIDSAgent - ok
09:45:58.0965 5052 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:45:58.0965 5052 AVGIDSDriver - ok
09:45:59.0025 5052 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
09:45:59.0025 5052 AVGIDSFilter - ok
09:45:59.0095 5052 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
09:45:59.0095 5052 AVGIDSHA - ok
09:45:59.0195 5052 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
09:45:59.0205 5052 Avgldx64 - ok
09:45:59.0275 5052 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
09:45:59.0285 5052 Avgmfx64 - ok
09:45:59.0315 5052 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
09:45:59.0315 5052 Avgrkx64 - ok
09:45:59.0375 5052 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
09:45:59.0385 5052 Avgtdia - ok
09:45:59.0545 5052 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
09:45:59.0545 5052 avgwd - ok
09:45:59.0605 5052 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:45:59.0605 5052 AxInstSV - ok
09:45:59.0735 5052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:45:59.0745 5052 b06bdrv - ok
09:45:59.0815 5052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:45:59.0815 5052 b57nd60a - ok
09:45:59.0955 5052 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:45:59.0955 5052 BBSvc - ok
09:46:00.0015 5052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:46:00.0015 5052 BDESVC - ok
09:46:00.0045 5052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:46:00.0045 5052 Beep - ok
09:46:00.0165 5052 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:46:00.0175 5052 BFE - ok
09:46:00.0235 5052 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:46:00.0245 5052 BITS - ok
09:46:00.0325 5052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:46:00.0325 5052 blbdrive - ok
09:46:00.0365 5052 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:46:00.0365 5052 bowser - ok
09:46:00.0385 5052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:46:00.0385 5052 BrFiltLo - ok
09:46:00.0405 5052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:46:00.0405 5052 BrFiltUp - ok
09:46:00.0465 5052 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:46:00.0465 5052 Browser - ok
09:46:00.0505 5052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:46:00.0515 5052 Brserid - ok
09:46:00.0525 5052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:46:00.0525 5052 BrSerWdm - ok
09:46:00.0535 5052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:46:00.0535 5052 BrUsbMdm - ok
09:46:00.0545 5052 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:46:00.0545 5052 BrUsbSer - ok
09:46:00.0545 5052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:46:00.0555 5052 BTHMODEM - ok
09:46:00.0585 5052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:46:00.0585 5052 bthserv - ok
09:46:00.0625 5052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:46:00.0645 5052 cdfs - ok
09:46:00.0715 5052 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:46:00.0715 5052 cdrom - ok
09:46:00.0765 5052 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:46:00.0775 5052 CertPropSvc - ok
09:46:00.0815 5052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:46:00.0815 5052 circlass - ok
09:46:00.0885 5052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:46:00.0885 5052 CLFS - ok
09:46:00.0975 5052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:46:00.0985 5052 clr_optimization_v2.0.50727_32 - ok
09:46:01.0075 5052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:46:01.0075 5052 clr_optimization_v2.0.50727_64 - ok
09:46:01.0165 5052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:46:01.0165 5052 clr_optimization_v4.0.30319_32 - ok
09:46:01.0245 5052 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:46:01.0245 5052 clr_optimization_v4.0.30319_64 - ok
09:46:01.0295 5052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:46:01.0295 5052 CmBatt - ok
09:46:01.0325 5052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:46:01.0335 5052 cmdide - ok
09:46:01.0395 5052 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:46:01.0395 5052 CNG - ok
09:46:01.0445 5052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:46:01.0455 5052 Compbatt - ok
09:46:01.0485 5052 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:46:01.0485 5052 CompositeBus - ok
09:46:01.0505 5052 COMSysApp - ok
09:46:01.0545 5052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:46:01.0545 5052 crcdisk - ok
09:46:01.0615 5052 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
09:46:01.0615 5052 CryptSvc - ok
09:46:01.0675 5052 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:46:01.0675 5052 CtClsFlt - ok
09:46:01.0755 5052 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:46:01.0765 5052 DcomLaunch - ok
09:46:01.0815 5052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:46:01.0815 5052 defragsvc - ok
09:46:01.0875 5052 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:46:01.0875 5052 DfsC - ok
09:46:01.0945 5052 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:46:01.0945 5052 Dhcp - ok
09:46:02.0005 5052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:46:02.0005 5052 discache - ok
09:46:02.0045 5052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:46:02.0045 5052 Disk - ok
09:46:02.0085 5052 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:46:02.0085 5052 Dnscache - ok
09:46:02.0215 5052 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
09:46:02.0225 5052 DockLoginService - ok
09:46:02.0265 5052 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:46:02.0275 5052 dot3svc - ok
09:46:02.0305 5052 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:46:02.0305 5052 DPS - ok
09:46:02.0345 5052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:46:02.0345 5052 drmkaud - ok
09:46:02.0415 5052 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:46:02.0415 5052 DXGKrnl - ok
09:46:02.0455 5052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:46:02.0455 5052 EapHost - ok
09:46:02.0585 5052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:46:02.0655 5052 ebdrv - ok
09:46:03.0175 5052 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:46:03.0175 5052 EFS - ok
09:46:03.0605 5052 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:46:03.0625 5052 ehRecvr - ok
09:46:03.0685 5052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:46:03.0685 5052 ehSched - ok
09:46:03.0865 5052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:46:03.0885 5052 elxstor - ok
09:46:03.0915 5052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:46:03.0915 5052 ErrDev - ok
09:46:03.0985 5052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:46:03.0995 5052 EventSystem - ok
09:46:04.0035 5052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:46:04.0045 5052 exfat - ok
09:46:04.0085 5052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:46:04.0085 5052 fastfat - ok
09:46:04.0275 5052 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:46:04.0325 5052 Fax - ok
09:46:04.0355 5052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:46:04.0355 5052 fdc - ok
09:46:04.0395 5052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:46:04.0395 5052 fdPHost - ok
09:46:04.0425 5052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:46:04.0425 5052 FDResPub - ok
09:46:04.0525 5052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:46:04.0535 5052 FileInfo - ok
09:46:04.0565 5052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:46:04.0565 5052 Filetrace - ok
09:46:04.0585 5052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:46:04.0585 5052 flpydisk - ok
09:46:04.0675 5052 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:46:04.0675 5052 FltMgr - ok
09:46:04.0845 5052 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:46:04.0885 5052 FontCache - ok
09:46:04.0975 5052 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:46:04.0985 5052 FontCache3.0.0.0 - ok
09:46:05.0045 5052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:46:05.0045 5052 FsDepends - ok
09:46:05.0155 5052 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
09:46:05.0155 5052 fssfltr - ok
09:46:05.0445 5052 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:46:05.0465 5052 fsssvc - ok
09:46:05.0625 5052 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:46:05.0625 5052 Fs_Rec - ok
09:46:05.0715 5052 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:46:05.0715 5052 fvevol - ok
09:46:05.0735 5052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:46:05.0745 5052 gagp30kx - ok
09:46:05.0805 5052 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
09:46:05.0805 5052 GoToAssist - ok
09:46:05.0915 5052 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:46:05.0915 5052 gpsvc - ok
09:46:06.0005 5052 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:06.0005 5052 gupdate - ok
09:46:06.0025 5052 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:06.0035 5052 gupdatem - ok
09:46:06.0055 5052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:46:06.0055 5052 hcw85cir - ok
09:46:06.0115 5052 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:46:06.0115 5052 HDAudBus - ok
09:46:06.0145 5052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:46:06.0155 5052 HidBatt - ok
09:46:06.0165 5052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:46:06.0165 5052 HidBth - ok
09:46:06.0175 5052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:46:06.0185 5052 HidIr - ok
09:46:06.0225 5052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:46:06.0225 5052 hidserv - ok
09:46:06.0285 5052 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
09:46:06.0285 5052 HidUsb - ok
09:46:06.0325 5052 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:46:06.0325 5052 hkmsvc - ok
09:46:06.0375 5052 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:46:06.0385 5052 HomeGroupListener - ok
09:46:06.0425 5052 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:46:06.0435 5052 HomeGroupProvider - ok
09:46:06.0475 5052 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:46:06.0485 5052 HpSAMD - ok
09:46:06.0565 5052 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:46:06.0575 5052 HTTP - ok
09:46:06.0605 5052 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:46:06.0605 5052 hwpolicy - ok
09:46:06.0755 5052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:46:06.0765 5052 i8042prt - ok
09:46:06.0835 5052 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:46:06.0845 5052 iaStorV - ok
09:46:07.0475 5052 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:46:07.0485 5052 idsvc - ok
09:46:07.0895 5052 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:46:08.0105 5052 igfx - ok
09:46:08.0205 5052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:46:08.0205 5052 iirsp - ok
09:46:08.0265 5052 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:46:08.0275 5052 IKEEXT - ok
09:46:08.0325 5052 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
09:46:08.0325 5052 IntcHdmiAddService - ok
09:46:08.0355 5052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:46:08.0355 5052 intelide - ok
09:46:08.0405 5052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:46:08.0405 5052 intelppm - ok
09:46:08.0425 5052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:46:08.0435 5052 IPBusEnum - ok
09:46:08.0475 5052 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:46:08.0475 5052 IpFilterDriver - ok
09:46:08.0515 5052 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:46:08.0515 5052 IPMIDRV - ok
09:46:08.0545 5052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:46:08.0545 5052 IPNAT - ok
09:46:08.0605 5052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:46:08.0605 5052 IRENUM - ok
09:46:08.0645 5052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:46:08.0645 5052 isapnp - ok
09:46:08.0705 5052 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:46:08.0715 5052 iScsiPrt - ok
09:46:08.0755 5052 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys
09:46:08.0755 5052 k57nd60a - ok
09:46:08.0815 5052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:46:08.0815 5052 kbdclass - ok
09:46:08.0855 5052 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:46:08.0855 5052 kbdhid - ok
09:46:08.0895 5052 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:46:08.0895 5052 KeyIso - ok
09:46:08.0935 5052 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:46:08.0935 5052 KSecDD - ok
09:46:08.0955 5052 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:46:08.0955 5052 KSecPkg - ok
09:46:09.0005 5052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:46:09.0015 5052 ksthunk - ok
09:46:09.0055 5052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:46:09.0065 5052 KtmRm - ok
09:46:09.0125 5052 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:46:09.0135 5052 LanmanServer - ok
09:46:09.0165 5052 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:46:09.0175 5052 LanmanWorkstation - ok
09:46:09.0215 5052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:46:09.0215 5052 lltdio - ok
09:46:09.0245 5052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:46:09.0255 5052 lltdsvc - ok
09:46:09.0275 5052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:46:09.0275 5052 lmhosts - ok
09:46:09.0325 5052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:46:09.0325 5052 LSI_FC - ok
09:46:09.0335 5052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:46:09.0345 5052 LSI_SAS - ok
09:46:09.0355 5052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:46:09.0355 5052 LSI_SAS2 - ok
09:46:09.0375 5052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:46:09.0375 5052 LSI_SCSI - ok
09:46:09.0405 5052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:46:09.0405 5052 luafv - ok
09:46:09.0445 5052 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:46:09.0445 5052 Mcx2Svc - ok
09:46:09.0475 5052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:46:09.0475 5052 megasas - ok
09:46:09.0495 5052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:46:09.0495 5052 MegaSR - ok
09:46:09.0535 5052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:46:09.0535 5052 MMCSS - ok
09:46:09.0565 5052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:46:09.0565 5052 Modem - ok
09:46:09.0595 5052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:46:09.0595 5052 monitor - ok
09:46:09.0635 5052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
09:46:09.0635 5052 mouclass - ok
09:46:09.0675 5052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:46:09.0675 5052 mouhid - ok
09:46:09.0705 5052 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:46:09.0705 5052 mountmgr - ok
09:46:09.0825 5052 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:46:09.0825 5052 MozillaMaintenance - ok
09:46:09.0865 5052 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:46:09.0865 5052 mpio - ok
09:46:09.0895 5052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:46:09.0905 5052 mpsdrv - ok
09:46:09.0955 5052 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:46:09.0955 5052 MRxDAV - ok
09:46:10.0005 5052 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:46:10.0005 5052 mrxsmb - ok
09:46:10.0055 5052 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:46:10.0055 5052 mrxsmb10 - ok
09:46:10.0095 5052 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:46:10.0095 5052 mrxsmb20 - ok
09:46:10.0125 5052 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:46:10.0125 5052 msahci - ok
09:46:10.0145 5052 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:46:10.0155 5052 msdsm - ok
09:46:10.0195 5052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:46:10.0195 5052 MSDTC - ok
09:46:10.0235 5052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:46:10.0245 5052 Msfs - ok
09:46:10.0255 5052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:46:10.0265 5052 mshidkmdf - ok
09:46:10.0295 5052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:46:10.0305 5052 msisadrv - ok
09:46:10.0335 5052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:46:10.0335 5052 MSiSCSI - ok
09:46:10.0335 5052 msiserver - ok
09:46:10.0375 5052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:46:10.0375 5052 MSKSSRV - ok
09:46:10.0395 5052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:46:10.0395 5052 MSPCLOCK - ok
09:46:10.0415 5052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:46:10.0415 5052 MSPQM - ok
09:46:10.0475 5052 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:46:10.0475 5052 MsRPC - ok
09:46:10.0515 5052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:46:10.0515 5052 mssmbios - ok
09:46:10.0535 5052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:46:10.0535 5052 MSTEE - ok
09:46:10.0555 5052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:46:10.0555 5052 MTConfig - ok
09:46:10.0575 5052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:46:10.0575 5052 Mup - ok
09:46:10.0615 5052 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:46:10.0625 5052 napagent - ok
09:46:10.0675 5052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:46:10.0675 5052 NativeWifiP - ok
09:46:10.0775 5052 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:46:10.0785 5052 NDIS - ok
09:46:10.0835 5052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:46:10.0835 5052 NdisCap - ok
09:46:10.0865 5052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:46:10.0865 5052 NdisTapi - ok
09:46:10.0915 5052 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:46:10.0915 5052 Ndisuio - ok
09:46:10.0965 5052 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:46:10.0975 5052 NdisWan - ok
09:46:11.0015 5052 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:46:11.0015 5052 NDProxy - ok
09:46:11.0065 5052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:46:11.0065 5052 NetBIOS - ok
09:46:11.0105 5052 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:46:11.0105 5052 NetBT - ok
09:46:11.0145 5052 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:46:11.0145 5052 Netlogon - ok
09:46:11.0185 5052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:46:11.0185 5052 Netman - ok
09:46:11.0225 5052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:46:11.0225 5052 netprofm - ok
09:46:11.0315 5052 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:46:11.0325 5052 NetTcpPortSharing - ok
09:46:11.0575 5052 NETw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\NETw5v64.sys
09:46:11.0695 5052 NETw5v64 - ok
09:46:11.0835 5052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:46:11.0835 5052 nfrd960 - ok
09:46:11.0895 5052 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:46:11.0895 5052 NlaSvc - ok
09:46:11.0925 5052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:46:11.0925 5052 Npfs - ok
09:46:11.0965 5052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:46:11.0965 5052 nsi - ok
09:46:11.0975 5052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:46:11.0975 5052 nsiproxy - ok
09:46:12.0075 5052 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:46:12.0085 5052 Ntfs - ok
09:46:12.0175 5052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:46:12.0175 5052 Null - ok
09:46:12.0225 5052 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:46:12.0225 5052 nvraid - ok
09:46:12.0245 5052 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:46:12.0245 5052 nvstor - ok
09:46:12.0265 5052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:46:12.0265 5052 nv_agp - ok
09:46:12.0295 5052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:46:12.0305 5052 ohci1394 - ok
09:46:12.0345 5052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:46:12.0355 5052 p2pimsvc - ok
09:46:12.0385 5052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:46:12.0395 5052 p2psvc - ok
09:46:12.0435 5052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:46:12.0435 5052 Parport - ok
09:46:12.0515 5052 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:46:12.0515 5052 partmgr - ok
09:46:12.0555 5052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:46:12.0555 5052 PcaSvc - ok
09:46:12.0615 5052 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:46:12.0615 5052 pci - ok
09:46:12.0635 5052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:46:12.0645 5052 pciide - ok
09:46:12.0685 5052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:46:12.0695 5052 pcmcia - ok
09:46:12.0715 5052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:46:12.0725 5052 pcw - ok
09:46:12.0785 5052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:46:12.0795 5052 PEAUTH - ok
09:46:12.0955 5052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:46:12.0965 5052 PerfHost - ok
09:46:13.0115 5052 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:46:13.0145 5052 pla - ok
09:46:13.0215 5052 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:46:13.0215 5052 PlugPlay - ok
09:46:13.0255 5052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:46:13.0255 5052 PNRPAutoReg - ok
09:46:13.0285 5052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:46:13.0285 5052 PNRPsvc - ok
09:46:13.0335 5052 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:46:13.0345 5052 PolicyAgent - ok
09:46:13.0375 5052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:46:13.0375 5052 Power - ok
09:46:13.0435 5052 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:46:13.0435 5052 PptpMiniport - ok
09:46:13.0465 5052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:46:13.0475 5052 Processor - ok
09:46:13.0545 5052 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
09:46:13.0545 5052 ProfSvc - ok
09:46:13.0585 5052 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:46:13.0585 5052 ProtectedStorage - ok
09:46:13.0635 5052 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:46:13.0635 5052 Psched - ok
09:46:13.0675 5052 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:46:13.0685 5052 PxHlpa64 - ok
09:46:13.0815 5052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:46:13.0835 5052 ql2300 - ok
09:46:13.0945 5052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:46:13.0945 5052 ql40xx - ok
09:46:13.0985 5052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:46:13.0985 5052 QWAVE - ok
09:46:13.0995 5052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:46:14.0005 5052 QWAVEdrv - ok
09:46:14.0015 5052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:46:14.0015 5052 RasAcd - ok
09:46:14.0055 5052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:46:14.0055 5052 RasAgileVpn - ok
09:46:14.0085 5052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:46:14.0085 5052 RasAuto - ok
09:46:14.0135 5052 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:46:14.0135 5052 Rasl2tp - ok
09:46:14.0175 5052 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:46:14.0185 5052 RasMan - ok
09:46:14.0225 5052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:46:14.0225 5052 RasPppoe - ok
09:46:14.0255 5052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:46:14.0255 5052 RasSstp - ok
09:46:14.0305 5052 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:46:14.0315 5052 rdbss - ok
09:46:14.0345 5052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:46:14.0345 5052 rdpbus - ok
09:46:14.0355 5052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:46:14.0355 5052 RDPCDD - ok
09:46:14.0375 5052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:46:14.0385 5052 RDPENCDD - ok
09:46:14.0405 5052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:46:14.0405 5052 RDPREFMP - ok
09:46:14.0445 5052 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
09:46:14.0455 5052 RDPWD - ok
09:46:14.0515 5052 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:46:14.0525 5052 rdyboost - ok
09:46:14.0555 5052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:46:14.0565 5052 RemoteAccess - ok
09:46:14.0605 5052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:46:14.0615 5052 RemoteRegistry - ok
09:46:14.0655 5052 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
09:46:14.0655 5052 rimmptsk - ok
09:46:14.0685 5052 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
09:46:14.0685 5052 rimsptsk - ok
09:46:14.0715 5052 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
09:46:14.0725 5052 rismxdp - ok
09:46:14.0785 5052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:46:14.0785 5052 RpcEptMapper - ok
09:46:14.0815 5052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:46:14.0825 5052 RpcLocator - ok
09:46:14.0885 5052 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:46:14.0885 5052 RpcSs - ok
09:46:14.0935 5052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:46:14.0945 5052 rspndr - ok
09:46:14.0995 5052 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:46:15.0005 5052 SamSs - ok
09:46:15.0075 5052 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:46:15.0075 5052 sbp2port - ok
09:46:15.0155 5052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:46:15.0155 5052 SCardSvr - ok
09:46:15.0205 5052 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:46:15.0205 5052 scfilter - ok
09:46:15.0295 5052 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:46:15.0305 5052 Schedule - ok
09:46:15.0345 5052 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:46:15.0345 5052 SCPolicySvc - ok
09:46:15.0415 5052 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
09:46:15.0415 5052 sdbus - ok
09:46:15.0465 5052 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:46:15.0475 5052 SDRSVC - ok
09:46:15.0585 5052 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:46:15.0585 5052 SeaPort - ok
09:46:15.0625 5052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:46:15.0625 5052 secdrv - ok
09:46:15.0665 5052 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:46:15.0665 5052 seclogon - ok
09:46:15.0695 5052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:46:15.0695 5052 SENS - ok
09:46:15.0715 5052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:46:15.0725 5052 SensrSvc - ok
09:46:15.0745 5052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:46:15.0745 5052 Serenum - ok
09:46:15.0785 5052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:46:15.0795 5052 Serial - ok
09:46:15.0815 5052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:46:15.0825 5052 sermouse - ok
09:46:15.0855 5052 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:46:15.0855 5052 SessionEnv - ok
09:46:15.0885 5052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:46:15.0895 5052 sffdisk - ok
09:46:15.0915 5052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:46:15.0915 5052 sffp_mmc - ok
09:46:15.0935 5052 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:46:15.0935 5052 sffp_sd - ok
09:46:15.0965 5052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:46:15.0965 5052 sfloppy - ok
09:46:16.0075 5052 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:46:16.0085 5052 SftService - ok
09:46:16.0215 5052 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:46:16.0215 5052 ShellHWDetection - ok
09:46:16.0265 5052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:46:16.0265 5052 SiSRaid2 - ok
09:46:16.0275 5052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:46:16.0275 5052 SiSRaid4 - ok
09:46:16.0395 5052 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
09:46:16.0395 5052 SkypeUpdate - ok
09:46:16.0435 5052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:46:16.0435 5052 Smb - ok
09:46:16.0485 5052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:46:16.0485 5052 SNMPTRAP - ok
09:46:16.0495 5052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:46:16.0495 5052 spldr - ok
09:46:16.0545 5052 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:46:16.0555 5052 Spooler - ok
09:46:16.0785 5052 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:46:16.0855 5052 sppsvc - ok
09:46:16.0975 5052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:46:16.0985 5052 sppuinotify - ok
09:46:17.0075 5052 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
09:46:17.0075 5052 sprtsvc_DellSupportCenter - ok
09:46:17.0145 5052 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:46:17.0155 5052 srv - ok
09:46:17.0185 5052 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:46:17.0185 5052 srv2 - ok
09:46:17.0205 5052 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:46:17.0205 5052 srvnet - ok
09:46:17.0255 5052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:46:17.0255 5052 SSDPSRV - ok
09:46:17.0275 5052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:46:17.0285 5052 SstpSvc - ok
09:46:17.0385 5052 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
09:46:17.0395 5052 STacSV - ok
09:46:17.0435 5052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:46:17.0435 5052 stexstor - ok
09:46:17.0555 5052 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
09:46:17.0585 5052 STHDA - ok
09:46:17.0665 5052 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:46:17.0665 5052 stisvc - ok
09:46:17.0695 5052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:46:17.0695 5052 swenum - ok
09:46:17.0745 5052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:46:17.0755 5052 swprv - ok
09:46:17.0795 5052 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
09:46:17.0795 5052 SynTP - ok
09:46:17.0905 5052 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:46:17.0925 5052 SysMain - ok
09:46:18.0025 5052 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:46:18.0035 5052 TabletInputService - ok
09:46:18.0065 5052 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:46:18.0075 5052 TapiSrv - ok
09:46:18.0105 5052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:46:18.0105 5052 TBS - ok
09:46:18.0235 5052 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:46:18.0255 5052 Tcpip - ok
09:46:18.0445 5052 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:46:18.0455 5052 TCPIP6 - ok
09:46:18.0575 5052 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:46:18.0575 5052 tcpipreg - ok
09:46:18.0615 5052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:46:18.0615 5052 TDPIPE - ok
09:46:18.0655 5052 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:46:18.0655 5052 TDTCP - ok
09:46:18.0705 5052 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:46:18.0705 5052 tdx - ok
09:46:18.0775 5052 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:46:18.0785 5052 TermDD - ok
09:46:18.0835 5052 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:46:18.0845 5052 TermService - ok
09:46:18.0875 5052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:46:18.0885 5052 Themes - ok
09:46:18.0905 5052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:46:18.0915 5052 THREADORDER - ok
09:46:18.0925 5052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:46:18.0925 5052 TrkWks - ok
09:46:18.0995 5052 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:46:18.0995 5052 TrustedInstaller - ok
09:46:19.0035 5052 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:46:19.0035 5052 tssecsrv - ok
09:46:19.0095 5052 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:46:19.0095 5052 TsUsbFlt - ok
09:46:19.0155 5052 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:46:19.0165 5052 tunnel - ok
09:46:19.0195 5052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:46:19.0195 5052 uagp35 - ok
09:46:19.0245 5052 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:46:19.0245 5052 udfs - ok
09:46:19.0275 5052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:46:19.0285 5052 UI0Detect - ok
09:46:19.0315 5052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:46:19.0315 5052 uliagpkx - ok
09:46:19.0345 5052 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:46:19.0345 5052 umbus - ok
09:46:19.0375 5052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:46:19.0375 5052 UmPass - ok
09:46:19.0415 5052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:46:19.0425 5052 upnphost - ok
09:46:19.0465 5052 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:46:19.0465 5052 usbccgp - ok
09:46:19.0505 5052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:46:19.0505 5052 usbcir - ok
09:46:19.0535 5052 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:46:19.0535 5052 usbehci - ok
09:46:19.0565 5052 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:46:19.0565 5052 usbhub - ok
09:46:19.0595 5052 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:46:19.0605 5052 usbohci - ok
09:46:19.0645 5052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:46:19.0645 5052 usbprint - ok
09:46:19.0685 5052 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:46:19.0685 5052 usbscan - ok
09:46:19.0715 5052 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
09:46:19.0715 5052 USBSTOR - ok
09:46:19.0735 5052 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
09:46:19.0735 5052 usbuhci - ok
09:46:19.0765 5052 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
09:46:19.0765 5052 usbvideo - ok
09:46:19.0795 5052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:46:19.0795 5052 UxSms - ok
09:46:19.0835 5052 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:46:19.0835 5052 VaultSvc - ok
09:46:19.0885 5052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:46:19.0885 5052 vdrvroot - ok
09:46:19.0945 5052 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:46:19.0955 5052 vds - ok
09:46:19.0985 5052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:46:19.0995 5052 vga - ok
09:46:20.0005 5052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:46:20.0005 5052 VgaSave - ok
09:46:20.0045 5052 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:46:20.0055 5052 vhdmp - ok
09:46:20.0075 5052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:46:20.0075 5052 viaide - ok
09:46:20.0095 5052 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:46:20.0095 5052 volmgr - ok
09:46:20.0145 5052 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:46:20.0145 5052 volmgrx - ok
09:46:20.0195 5052 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:46:20.0195 5052 volsnap - ok
09:46:20.0225 5052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:46:20.0225 5052 vsmraid - ok
09:46:20.0325 5052 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:46:20.0345 5052 VSS - ok
09:46:20.0545 5052 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
09:46:20.0555 5052 vToolbarUpdater11.1.0 - ok
09:46:20.0655 5052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:46:20.0665 5052 vwifibus - ok
09:46:20.0785 5052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:46:20.0795 5052 W32Time - ok
09:46:20.0825 5052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:46:20.0825 5052 WacomPen - ok
09:46:20.0885 5052 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:46:20.0885 5052 WANARP - ok
09:46:20.0885 5052 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:46:20.0895 5052 Wanarpv6 - ok
09:46:21.0065 5052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:46:21.0075 5052 WatAdminSvc - ok
09:46:21.0165 5052 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:46:21.0185 5052 wbengine - ok
09:46:21.0285 5052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:46:21.0295 5052 WbioSrvc - ok
09:46:21.0345 5052 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:46:21.0345 5052 wcncsvc - ok
09:46:21.0375 5052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:46:21.0375 5052 WcsPlugInService - ok
09:46:21.0415 5052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:46:21.0415 5052 Wd - ok
09:46:21.0455 5052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:46:21.0455 5052 Wdf01000 - ok
09:46:21.0485 5052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:46:21.0485 5052 WdiServiceHost - ok
09:46:21.0485 5052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:46:21.0495 5052 WdiSystemHost - ok
09:46:21.0535 5052 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:46:21.0535 5052 WebClient - ok
09:46:21.0565 5052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:46:21.0565 5052 Wecsvc - ok
09:46:21.0595 5052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:46:21.0595 5052 wercplsupport - ok
09:46:21.0605 5052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:46:21.0615 5052 WerSvc - ok
09:46:21.0675 5052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:46:21.0685 5052 WfpLwf - ok
09:46:21.0735 5052 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
09:46:21.0735 5052 WimFltr - ok
09:46:21.0755 5052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:46:21.0755 5052 WIMMount - ok
09:46:21.0765 5052 WinHttpAutoProxySvc - ok
09:46:21.0825 5052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:46:21.0835 5052 Winmgmt - ok
09:46:21.0925 5052 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:46:21.0955 5052 WinRM - ok
09:46:22.0105 5052 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:46:22.0115 5052 WinUsb - ok
09:46:22.0195 5052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:46:22.0205 5052 Wlansvc - ok
09:46:22.0285 5052 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:46:22.0285 5052 wlcrasvc - ok
09:46:22.0415 5052 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:46:22.0425 5052 wlidsvc - ok
09:46:22.0545 5052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:46:22.0545 5052 WmiAcpi - ok
09:46:22.0735 5052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:46:22.0735 5052 wmiApSrv - ok
09:46:22.0785 5052 WMPNetworkSvc - ok
09:46:22.0825 5052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:46:22.0825 5052 WPCSvc - ok
09:46:22.0865 5052 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:46:22.0875 5052 WPDBusEnum - ok
09:46:22.0915 5052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:46:22.0915 5052 ws2ifsl - ok
09:46:22.0915 5052 WSearch - ok
09:46:23.0265 5052 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:46:23.0305 5052 wuauserv - ok
09:46:23.0455 5052 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:46:23.0455 5052 WudfPf - ok
09:46:23.0495 5052 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:46:23.0505 5052 WUDFRd - ok
09:46:23.0545 5052 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:46:23.0545 5052 wudfsvc - ok
09:46:23.0585 5052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:46:23.0585 5052 WwanSvc - ok
09:46:23.0735 5052 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:46:23.0735 5052 YahooAUService - ok
09:46:23.0835 5052 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:46:24.0735 5052 \Device\Harddisk0\DR0 - ok
09:46:24.0765 5052 Boot (0x1200) (127da5c5830d7121c9a9049c25e9e492) \Device\Harddisk0\DR0\Partition0
09:46:24.0775 5052 \Device\Harddisk0\DR0\Partition0 - ok
09:46:24.0785 5052 Boot (0x1200) (d79b19afbc99083a7539feeff5d90240) \Device\Harddisk0\DR0\Partition1
09:46:24.0785 5052 \Device\Harddisk0\DR0\Partition1 - ok
09:46:24.0785 5052 ============================================================
09:46:24.0785 5052 Scan finished
09:46:24.0785 5052 ============================================================
09:46:24.0805 4708 Detected object count: 0
09:46:24.0805 4708 Actual detected object count: 0


aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-08 09:53:57
-----------------------------
09:53:57.391 OS Version: Windows x64 6.1.7601 Service Pack 1
09:53:57.391 Number of processors: 2 586 0x170A
09:53:57.391 ComputerName: MAIDAU-PC UserName: MAI DAU
09:54:01.778 Initialize success
09:58:52.132 AVAST engine defs: 12070800
10:00:18.091 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:00:18.091 Disk 0 Vendor: TOSHIBA_MK5055GSX FG000D Size: 476940MB BusType: 11
10:00:18.091 Disk 1 \Device\Harddisk1\SR0 -> \Device\SdBus-0
10:00:18.107 Disk 1 Vendor: ( Size: 29MB BusType: 12
10:00:18.138 Disk 0 MBR read successfully
10:00:18.154 Disk 0 MBR scan
10:00:18.154 Disk 0 Windows VISTA default MBR code
10:00:18.169 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
10:00:18.169 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
10:00:18.201 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
10:00:18.232 Disk 0 scanning C:\Windows\system32\drivers
10:00:29.339 Service scanning
10:01:07.153 Modules scanning
10:01:07.153 Disk 0 trace - called modules:
10:01:07.247 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:01:07.263 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c1e060]
10:01:07.263 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800469a1f0]
10:01:11.506 AVAST engine scan C:\Windows
10:01:13.908 AVAST engine scan C:\Windows\system32
10:03:11.434 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:03:14.983 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:05:04.461 AVAST engine scan C:\Windows\system32\drivers
10:05:26.254 AVAST engine scan C:\Users\MAI DAU
10:09:25.581 Disk 0 MBR has been saved successfully to "C:\Users\MAI DAU\Documents\MBR.dat"
10:09:25.596 The log file has been saved successfully to "C:\Users\MAI DAU\Documents\aswMBR.txt"


ESET log


C:\Windows\Installer\{226665ff-17f4-becc-6403-1e07e0bffa81}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{226665ff-17f4-becc-6403-1e07e0bffa81}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{226665ff-17f4-becc-6403-1e07e0bffa81}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats


Thanks again!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:29 PM

Posted 08 July 2012 - 11:33 PM

We need advanced tools to remove this

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users