Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast finds win32, trojan.dropper.bcminer


  • Please log in to reply
3 replies to this topic

#1 petergriffen

petergriffen

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:11:59 PM

Posted 01 August 2012 - 08:56 PM

Malwarebytes finds trojan.dropper.bcminer Avast keeps popping up all the time about win32. Whats my next step please.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:59 PM

Posted 01 August 2012 - 09:16 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 petergriffen

petergriffen
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:11:59 PM

Posted 01 August 2012 - 10:32 PM

22:37:48.0212 3944 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:37:48.0508 3944 ============================================================
22:37:48.0508 3944 Current date / time: 2012/08/01 22:37:48.0508
22:37:48.0508 3944 SystemInfo:
22:37:48.0508 3944
22:37:48.0508 3944 OS Version: 6.1.7601 ServicePack: 1.0
22:37:48.0508 3944 Product type: Workstation
22:37:48.0508 3944 ComputerName: KATHRYN-PC
22:37:48.0508 3944 UserName: Kathryn
22:37:48.0508 3944 Windows directory: C:\Windows
22:37:48.0508 3944 System windows directory: C:\Windows
22:37:48.0508 3944 Running under WOW64
22:37:48.0508 3944 Processor architecture: Intel x64
22:37:48.0508 3944 Number of processors: 1
22:37:48.0508 3944 Page size: 0x1000
22:37:48.0508 3944 Boot type: Normal boot
22:37:48.0508 3944 ============================================================
22:37:50.0661 3944 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:37:50.0661 3944 ============================================================
22:37:50.0676 3944 \Device\Harddisk0\DR0:
22:37:50.0676 3944 MBR partitions:
22:37:50.0676 3944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
22:37:50.0676 3944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
22:37:50.0676 3944 ============================================================
22:37:50.0754 3944 C: <-> \Device\Harddisk0\DR0\Partition1
22:37:50.0754 3944 ============================================================
22:37:50.0754 3944 Initialize success
22:37:50.0754 3944 ============================================================
22:38:15.0106 0772 ============================================================
22:38:15.0106 0772 Scan started
22:38:15.0106 0772 Mode: Manual; TDLFS;
22:38:15.0106 0772 ============================================================
22:38:16.0822 0772 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:38:16.0838 0772 1394ohci - ok
22:38:16.0900 0772 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:38:16.0900 0772 ACPI - ok
22:38:16.0947 0772 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:38:16.0947 0772 AcpiPmi - ok
22:38:17.0041 0772 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:38:17.0041 0772 Adobe LM Service - ok
22:38:17.0181 0772 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:38:17.0181 0772 AdobeARMservice - ok
22:38:17.0243 0772 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:38:17.0259 0772 adp94xx - ok
22:38:17.0306 0772 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:38:17.0306 0772 adpahci - ok
22:38:17.0337 0772 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:38:17.0337 0772 adpu320 - ok
22:38:17.0399 0772 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:38:17.0399 0772 AeLookupSvc - ok
22:38:17.0462 0772 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:38:17.0477 0772 AFD - ok
22:38:17.0524 0772 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:38:17.0524 0772 agp440 - ok
22:38:17.0587 0772 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:38:17.0587 0772 ALG - ok
22:38:17.0618 0772 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:38:17.0618 0772 aliide - ok
22:38:17.0633 0772 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:38:17.0649 0772 amdide - ok
22:38:17.0711 0772 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:38:17.0711 0772 AmdK8 - ok
22:38:17.0711 0772 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:38:17.0727 0772 AmdPPM - ok
22:38:17.0774 0772 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:38:17.0774 0772 amdsata - ok
22:38:17.0821 0772 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:38:17.0821 0772 amdsbs - ok
22:38:17.0836 0772 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:38:17.0836 0772 amdxata - ok
22:38:17.0899 0772 ApfiltrService (d5ec94cb176f682eafc823eca8d90dc6) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:38:17.0899 0772 ApfiltrService - ok
22:38:17.0961 0772 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:38:17.0961 0772 AppID - ok
22:38:17.0992 0772 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:38:17.0992 0772 AppIDSvc - ok
22:38:18.0039 0772 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:38:18.0039 0772 Appinfo - ok
22:38:18.0179 0772 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:38:18.0179 0772 Apple Mobile Device - ok
22:38:18.0242 0772 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:38:18.0242 0772 arc - ok
22:38:18.0257 0772 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:38:18.0257 0772 arcsas - ok
22:38:18.0320 0772 ASPI - ok
22:38:18.0367 0772 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
22:38:18.0382 0772 aswFsBlk - ok
22:38:18.0445 0772 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
22:38:18.0445 0772 aswMonFlt - ok
22:38:18.0507 0772 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
22:38:18.0507 0772 aswRdr - ok
22:38:18.0601 0772 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
22:38:18.0601 0772 aswSnx - ok
22:38:18.0679 0772 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
22:38:18.0679 0772 aswSP - ok
22:38:18.0757 0772 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
22:38:18.0772 0772 aswTdi - ok
22:38:18.0819 0772 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:38:18.0819 0772 AsyncMac - ok
22:38:18.0866 0772 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:38:18.0866 0772 atapi - ok
22:38:18.0944 0772 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:38:18.0959 0772 AudioEndpointBuilder - ok
22:38:18.0975 0772 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:38:18.0975 0772 AudioSrv - ok
22:38:19.0100 0772 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:38:19.0100 0772 avast! Antivirus - ok
22:38:19.0147 0772 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:38:19.0147 0772 AxInstSV - ok
22:38:19.0209 0772 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:38:19.0209 0772 b06bdrv - ok
22:38:19.0256 0772 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:38:19.0271 0772 b57nd60a - ok
22:38:19.0443 0772 BCM43XX (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:38:19.0459 0772 BCM43XX - ok
22:38:19.0568 0772 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:38:19.0568 0772 BDESVC - ok
22:38:19.0615 0772 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:38:19.0630 0772 Beep - ok
22:38:19.0724 0772 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:38:19.0739 0772 BITS - ok
22:38:19.0786 0772 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:38:19.0786 0772 blbdrive - ok
22:38:19.0864 0772 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:38:19.0880 0772 Bonjour Service - ok
22:38:19.0927 0772 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:38:19.0927 0772 bowser - ok
22:38:19.0942 0772 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:38:19.0942 0772 BrFiltLo - ok
22:38:19.0958 0772 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:38:19.0958 0772 BrFiltUp - ok
22:38:20.0020 0772 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:38:20.0020 0772 Browser - ok
22:38:20.0051 0772 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:38:20.0051 0772 Brserid - ok
22:38:20.0067 0772 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:38:20.0067 0772 BrSerWdm - ok
22:38:20.0083 0772 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:38:20.0083 0772 BrUsbMdm - ok
22:38:20.0098 0772 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:38:20.0098 0772 BrUsbSer - ok
22:38:20.0114 0772 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:38:20.0114 0772 BTHMODEM - ok
22:38:20.0161 0772 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:38:20.0161 0772 bthserv - ok
22:38:20.0192 0772 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:38:20.0192 0772 cdfs - ok
22:38:20.0254 0772 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:38:20.0270 0772 cdrom - ok
22:38:20.0317 0772 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:38:20.0317 0772 CertPropSvc - ok
22:38:20.0363 0772 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:38:20.0363 0772 circlass - ok
22:38:20.0410 0772 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:38:20.0410 0772 CLFS - ok
22:38:20.0504 0772 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:38:20.0504 0772 clr_optimization_v2.0.50727_32 - ok
22:38:20.0566 0772 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:38:20.0566 0772 clr_optimization_v2.0.50727_64 - ok
22:38:20.0675 0772 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:38:20.0738 0772 clr_optimization_v4.0.30319_32 - ok
22:38:20.0785 0772 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:38:20.0785 0772 clr_optimization_v4.0.30319_64 - ok
22:38:20.0831 0772 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:38:20.0831 0772 CmBatt - ok
22:38:20.0863 0772 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:38:20.0863 0772 cmdide - ok
22:38:20.0925 0772 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:38:20.0925 0772 CNG - ok
22:38:20.0972 0772 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:38:20.0972 0772 Compbatt - ok
22:38:21.0019 0772 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:38:21.0019 0772 CompositeBus - ok
22:38:21.0050 0772 COMSysApp - ok
22:38:21.0081 0772 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:38:21.0081 0772 crcdisk - ok
22:38:21.0143 0772 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:38:21.0143 0772 CryptSvc - ok
22:38:21.0206 0772 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:38:21.0221 0772 DcomLaunch - ok
22:38:21.0253 0772 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:38:21.0268 0772 defragsvc - ok
22:38:21.0315 0772 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:38:21.0315 0772 DfsC - ok
22:38:21.0377 0772 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys
22:38:21.0377 0772 DgiVecp - ok
22:38:21.0455 0772 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:38:21.0455 0772 Dhcp - ok
22:38:21.0487 0772 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:38:21.0502 0772 discache - ok
22:38:21.0549 0772 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:38:21.0549 0772 Disk - ok
22:38:21.0674 0772 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
22:38:21.0674 0772 DKbFltr - ok
22:38:21.0721 0772 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:38:21.0721 0772 Dnscache - ok
22:38:21.0783 0772 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:38:21.0783 0772 dot3svc - ok
22:38:21.0845 0772 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
22:38:21.0861 0772 Dot4 - ok
22:38:21.0923 0772 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
22:38:21.0923 0772 Dot4Print - ok
22:38:21.0955 0772 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
22:38:21.0955 0772 dot4usb - ok
22:38:21.0986 0772 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:38:21.0986 0772 DPS - ok
22:38:22.0033 0772 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:38:22.0033 0772 drmkaud - ok
22:38:22.0126 0772 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:38:22.0126 0772 DXGKrnl - ok
22:38:22.0173 0772 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:38:22.0173 0772 EapHost - ok
22:38:22.0329 0772 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:38:22.0376 0772 ebdrv - ok
22:38:22.0485 0772 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:38:22.0485 0772 EFS - ok
22:38:22.0579 0772 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:38:22.0594 0772 ehRecvr - ok
22:38:22.0625 0772 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:38:22.0625 0772 ehSched - ok
22:38:22.0719 0772 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:38:22.0735 0772 elxstor - ok
22:38:22.0844 0772 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
22:38:22.0859 0772 ePowerSvc - ok
22:38:22.0969 0772 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:38:22.0969 0772 ErrDev - ok
22:38:23.0015 0772 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:38:23.0031 0772 EventSystem - ok
22:38:23.0062 0772 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:38:23.0078 0772 exfat - ok
22:38:23.0109 0772 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:38:23.0109 0772 fastfat - ok
22:38:23.0312 0772 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:38:23.0327 0772 Fax - ok
22:38:23.0359 0772 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:38:23.0359 0772 fdc - ok
22:38:23.0405 0772 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:38:23.0405 0772 fdPHost - ok
22:38:23.0437 0772 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:38:23.0437 0772 FDResPub - ok
22:38:23.0483 0772 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:38:23.0483 0772 FileInfo - ok
22:38:23.0499 0772 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:38:23.0499 0772 Filetrace - ok
22:38:23.0624 0772 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:38:23.0639 0772 FLEXnet Licensing Service - ok
22:38:23.0671 0772 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:38:23.0671 0772 flpydisk - ok
22:38:23.0920 0772 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:38:23.0920 0772 FltMgr - ok
22:38:23.0998 0772 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:38:24.0029 0772 FontCache - ok
22:38:24.0123 0772 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:38:24.0123 0772 FontCache3.0.0.0 - ok
22:38:24.0404 0772 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:38:24.0419 0772 FsDepends - ok
22:38:24.0544 0772 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:38:24.0544 0772 Fs_Rec - ok
22:38:24.0622 0772 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:38:24.0638 0772 fvevol - ok
22:38:25.0028 0772 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:38:25.0059 0772 gagp30kx - ok
22:38:25.0153 0772 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:38:25.0153 0772 GEARAspiWDM - ok
22:38:26.0947 0772 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:38:26.0978 0772 gpsvc - ok
22:38:27.0259 0772 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:38:27.0259 0772 gupdate - ok
22:38:27.0399 0772 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:38:27.0399 0772 gupdatem - ok
22:38:27.0477 0772 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:38:27.0477 0772 gusvc - ok
22:38:27.0555 0772 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:38:27.0555 0772 hcw85cir - ok
22:38:27.0664 0772 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:38:27.0664 0772 HdAudAddService - ok
22:38:28.0397 0772 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:38:28.0413 0772 HDAudBus - ok
22:38:28.0694 0772 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:38:28.0709 0772 HidBatt - ok
22:38:28.0741 0772 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:38:28.0756 0772 HidBth - ok
22:38:28.0756 0772 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:38:28.0772 0772 HidIr - ok
22:38:28.0803 0772 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:38:28.0819 0772 hidserv - ok
22:38:28.0881 0772 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:38:28.0881 0772 HidUsb - ok
22:38:28.0928 0772 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:38:28.0928 0772 hkmsvc - ok
22:38:28.0990 0772 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:38:29.0006 0772 HomeGroupListener - ok
22:38:29.0037 0772 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:38:29.0053 0772 HomeGroupProvider - ok
22:38:29.0333 0772 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:38:29.0333 0772 hpqcxs08 - ok
22:38:29.0380 0772 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:38:29.0380 0772 hpqddsvc - ok
22:38:29.0458 0772 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:38:29.0458 0772 HpSAMD - ok
22:38:29.0614 0772 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:38:29.0630 0772 HTTP - ok
22:38:29.0692 0772 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:38:29.0692 0772 hwpolicy - ok
22:38:29.0833 0772 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:38:29.0833 0772 i8042prt - ok
22:38:29.0957 0772 IAANTMON (660bf3255a1eb18ed803fd2fba6ae400) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:38:29.0957 0772 IAANTMON - ok
22:38:30.0316 0772 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys
22:38:30.0332 0772 iaStor - ok
22:38:30.0503 0772 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:38:30.0503 0772 iaStorV - ok
22:38:30.0675 0772 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:38:30.0691 0772 idsvc - ok
22:38:31.0783 0772 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:38:31.0923 0772 igfx - ok
22:38:32.0204 0772 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:38:32.0204 0772 iirsp - ok
22:38:32.0500 0772 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:38:32.0547 0772 IKEEXT - ok
22:38:32.0828 0772 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
22:38:32.0843 0772 IntcAzAudAddService - ok
22:38:33.0015 0772 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:38:33.0015 0772 intelide - ok
22:38:33.0062 0772 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:38:33.0062 0772 intelppm - ok
22:38:33.0124 0772 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:38:33.0124 0772 IPBusEnum - ok
22:38:33.0187 0772 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:38:33.0187 0772 IpFilterDriver - ok
22:38:33.0233 0772 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:38:33.0233 0772 IPMIDRV - ok
22:38:33.0374 0772 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:38:33.0374 0772 IPNAT - ok
22:38:33.0530 0772 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
22:38:33.0592 0772 iPod Service - ok
22:38:33.0655 0772 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:38:33.0655 0772 IRENUM - ok
22:38:33.0686 0772 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:38:33.0686 0772 isapnp - ok
22:38:33.0779 0772 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:38:33.0779 0772 iScsiPrt - ok
22:38:33.0873 0772 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:38:33.0873 0772 kbdclass - ok
22:38:33.0967 0772 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:38:33.0967 0772 kbdhid - ok
22:38:34.0076 0772 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:34.0076 0772 KeyIso - ok
22:38:34.0169 0772 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:38:34.0169 0772 KSecDD - ok
22:38:34.0263 0772 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:38:34.0263 0772 KSecPkg - ok
22:38:34.0341 0772 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:38:34.0341 0772 ksthunk - ok
22:38:34.0419 0772 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:38:34.0419 0772 KtmRm - ok
22:38:34.0466 0772 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:38:34.0466 0772 L1C - ok
22:38:34.0513 0772 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:38:34.0513 0772 LanmanServer - ok
22:38:34.0559 0772 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:38:34.0575 0772 LanmanWorkstation - ok
22:38:34.0762 0772 Lavasoft Ad-Aware Service (bb35c1500b546b534dea0b758aac2d25) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
22:38:34.0793 0772 Lavasoft Ad-Aware Service - ok
22:38:34.0934 0772 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
22:38:34.0949 0772 Lavasoft Kernexplorer - ok
22:38:35.0090 0772 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
22:38:35.0105 0772 Lbd - ok
22:38:35.0137 0772 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:38:35.0152 0772 lltdio - ok
22:38:35.0199 0772 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:38:35.0215 0772 lltdsvc - ok
22:38:35.0230 0772 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:38:35.0230 0772 lmhosts - ok
22:38:35.0324 0772 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:38:35.0324 0772 LSI_FC - ok
22:38:35.0355 0772 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:38:35.0355 0772 LSI_SAS - ok
22:38:35.0371 0772 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:38:35.0386 0772 LSI_SAS2 - ok
22:38:35.0433 0772 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:38:35.0433 0772 LSI_SCSI - ok
22:38:35.0464 0772 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:38:35.0464 0772 luafv - ok
22:38:35.0511 0772 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:38:35.0527 0772 Mcx2Svc - ok
22:38:35.0527 0772 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:38:35.0542 0772 megasas - ok
22:38:35.0573 0772 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:38:35.0573 0772 MegaSR - ok
22:38:35.0620 0772 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:38:35.0620 0772 MMCSS - ok
22:38:35.0651 0772 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:38:35.0651 0772 Modem - ok
22:38:35.0683 0772 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:38:35.0683 0772 monitor - ok
22:38:35.0761 0772 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:38:35.0761 0772 mouclass - ok
22:38:35.0807 0772 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:38:35.0807 0772 mouhid - ok
22:38:35.0854 0772 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:38:35.0854 0772 mountmgr - ok
22:38:35.0995 0772 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:38:35.0995 0772 MozillaMaintenance - ok
22:38:36.0026 0772 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:38:36.0041 0772 mpio - ok
22:38:36.0073 0772 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:38:36.0073 0772 mpsdrv - ok
22:38:36.0104 0772 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:38:36.0104 0772 MRxDAV - ok
22:38:36.0135 0772 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:38:36.0151 0772 mrxsmb - ok
22:38:36.0197 0772 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:38:36.0197 0772 mrxsmb10 - ok
22:38:36.0229 0772 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:38:36.0229 0772 mrxsmb20 - ok
22:38:36.0275 0772 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:38:36.0275 0772 msahci - ok
22:38:36.0307 0772 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:38:36.0307 0772 msdsm - ok
22:38:36.0353 0772 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:38:36.0353 0772 MSDTC - ok
22:38:36.0416 0772 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:38:36.0416 0772 Msfs - ok
22:38:36.0447 0772 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:38:36.0447 0772 mshidkmdf - ok
22:38:36.0463 0772 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:38:36.0478 0772 msisadrv - ok
22:38:36.0509 0772 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:38:36.0509 0772 MSiSCSI - ok
22:38:36.0525 0772 msiserver - ok
22:38:36.0572 0772 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:38:36.0587 0772 MSKSSRV - ok
22:38:36.0603 0772 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:36.0603 0772 MSPCLOCK - ok
22:38:36.0603 0772 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:38:36.0619 0772 MSPQM - ok
22:38:36.0665 0772 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:38:36.0665 0772 MsRPC - ok
22:38:36.0712 0772 Msrpscsrwmv - ok
22:38:36.0759 0772 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:38:36.0759 0772 mssmbios - ok
22:38:36.0821 0772 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:38:36.0821 0772 MSTEE - ok
22:38:36.0853 0772 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys
22:38:36.0868 0772 msvad_simple - ok
22:38:36.0899 0772 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:38:36.0899 0772 MTConfig - ok
22:38:36.0931 0772 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:38:36.0931 0772 Mup - ok
22:38:36.0977 0772 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:38:36.0977 0772 napagent - ok
22:38:37.0055 0772 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:38:37.0055 0772 NativeWifiP - ok
22:38:37.0133 0772 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:38:37.0133 0772 NDIS - ok
22:38:37.0180 0772 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:38:37.0196 0772 NdisCap - ok
22:38:37.0227 0772 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:37.0227 0772 NdisTapi - ok
22:38:37.0258 0772 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:37.0258 0772 Ndisuio - ok
22:38:37.0305 0772 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:37.0321 0772 NdisWan - ok
22:38:37.0383 0772 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:38:37.0383 0772 NDProxy - ok
22:38:37.0492 0772 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
22:38:37.0492 0772 Net Driver HPZ12 - ok
22:38:37.0570 0772 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:38:37.0570 0772 NetBIOS - ok
22:38:37.0664 0772 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:38:37.0664 0772 NetBT - ok
22:38:37.0711 0772 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:37.0726 0772 Netlogon - ok
22:38:37.0773 0772 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:38:37.0789 0772 Netman - ok
22:38:37.0820 0772 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:38:37.0820 0772 netprofm - ok
22:38:37.0898 0772 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:38:37.0898 0772 NetTcpPortSharing - ok
22:38:37.0945 0772 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:38:37.0945 0772 nfrd960 - ok
22:38:38.0023 0772 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:38:38.0023 0772 NlaSvc - ok
22:38:38.0054 0772 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:38:38.0054 0772 Npfs - ok
22:38:38.0101 0772 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:38:38.0101 0772 nsi - ok
22:38:38.0132 0772 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:38:38.0132 0772 nsiproxy - ok
22:38:38.0506 0772 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:38:38.0522 0772 Ntfs - ok
22:38:38.0662 0772 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:38:38.0662 0772 Null - ok
22:38:38.0865 0772 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:38:38.0896 0772 nvraid - ok
22:38:38.0943 0772 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:38:38.0943 0772 nvstor - ok
22:38:38.0990 0772 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:38:38.0990 0772 nv_agp - ok
22:38:39.0115 0772 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:38:39.0130 0772 odserv - ok
22:38:39.0161 0772 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:38:39.0161 0772 ohci1394 - ok
22:38:39.0224 0772 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:38:39.0224 0772 ose - ok
22:38:39.0317 0772 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:38:39.0364 0772 p2pimsvc - ok
22:38:39.0411 0772 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:38:39.0427 0772 p2psvc - ok
22:38:39.0489 0772 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:38:39.0489 0772 Parport - ok
22:38:39.0520 0772 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:38:39.0536 0772 partmgr - ok
22:38:39.0598 0772 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:38:39.0598 0772 PcaSvc - ok
22:38:39.0661 0772 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:38:39.0661 0772 pci - ok
22:38:39.0676 0772 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:38:39.0676 0772 pciide - ok
22:38:39.0723 0772 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:38:39.0723 0772 pcmcia - ok
22:38:39.0801 0772 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:38:39.0801 0772 pcw - ok
22:38:39.0848 0772 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:38:39.0848 0772 PEAUTH - ok
22:38:40.0113 0772 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:38:40.0129 0772 PerfHost - ok
22:38:40.0347 0772 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:38:40.0378 0772 pla - ok
22:38:40.0441 0772 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:38:40.0456 0772 PlugPlay - ok
22:38:40.0550 0772 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
22:38:40.0565 0772 Pml Driver HPZ12 - ok
22:38:40.0597 0772 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:38:40.0597 0772 PNRPAutoReg - ok
22:38:40.0643 0772 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:38:40.0643 0772 PNRPsvc - ok
22:38:40.0690 0772 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:38:40.0706 0772 PolicyAgent - ok
22:38:40.0768 0772 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:38:40.0768 0772 Power - ok
22:38:40.0831 0772 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:38:40.0846 0772 PptpMiniport - ok
22:38:40.0893 0772 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:38:40.0893 0772 Processor - ok
22:38:40.0940 0772 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:38:40.0940 0772 ProfSvc - ok
22:38:41.0174 0772 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:41.0174 0772 ProtectedStorage - ok
22:38:41.0423 0772 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:38:41.0423 0772 Psched - ok
22:38:41.0564 0772 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:38:41.0595 0772 ql2300 - ok
22:38:42.0079 0772 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:38:42.0079 0772 ql40xx - ok
22:38:42.0125 0772 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:38:42.0141 0772 QWAVE - ok
22:38:42.0172 0772 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:38:42.0172 0772 QWAVEdrv - ok
22:38:42.0235 0772 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
22:38:42.0235 0772 RapiMgr - ok
22:38:42.0313 0772 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:38:42.0328 0772 RasAcd - ok
22:38:42.0469 0772 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:38:42.0484 0772 RasAgileVpn - ok
22:38:42.0593 0772 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:38:42.0609 0772 RasAuto - ok
22:38:42.0656 0772 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:42.0671 0772 Rasl2tp - ok
22:38:42.0734 0772 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:38:42.0734 0772 RasMan - ok
22:38:42.0781 0772 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:42.0781 0772 RasPppoe - ok
22:38:42.0812 0772 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:38:42.0812 0772 RasSstp - ok
22:38:42.0890 0772 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:38:42.0890 0772 rdbss - ok
22:38:42.0905 0772 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:38:42.0921 0772 rdpbus - ok
22:38:42.0952 0772 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:42.0952 0772 RDPCDD - ok
22:38:42.0983 0772 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:38:42.0999 0772 RDPENCDD - ok
22:38:43.0015 0772 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:38:43.0030 0772 RDPREFMP - ok
22:38:43.0093 0772 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:38:43.0093 0772 RDPWD - ok
22:38:43.0155 0772 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:38:43.0155 0772 rdyboost - ok
22:38:43.0233 0772 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:38:43.0233 0772 RemoteAccess - ok
22:38:43.0810 0772 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:38:43.0841 0772 RemoteRegistry - ok
22:38:43.0982 0772 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
22:38:43.0982 0772 RimUsb - ok
22:38:44.0091 0772 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
22:38:44.0091 0772 RimVSerPort - ok
22:38:44.0153 0772 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
22:38:44.0169 0772 ROOTMODEM - ok
22:38:44.0200 0772 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:38:44.0200 0772 RpcEptMapper - ok
22:38:44.0247 0772 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:38:44.0247 0772 RpcLocator - ok
22:38:44.0294 0772 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:38:44.0309 0772 RpcSs - ok
22:38:44.0341 0772 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:38:44.0341 0772 rspndr - ok
22:38:44.0419 0772 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
22:38:44.0419 0772 RSUSBSTOR - ok
22:38:44.0481 0772 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:44.0481 0772 SamSs - ok
22:38:44.0528 0772 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:38:44.0528 0772 sbp2port - ok
22:38:44.0762 0772 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:38:44.0777 0772 SCardSvr - ok
22:38:44.0855 0772 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:38:44.0871 0772 scfilter - ok
22:38:45.0058 0772 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:38:45.0074 0772 Schedule - ok
22:38:45.0121 0772 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:38:45.0121 0772 SCPolicySvc - ok
22:38:45.0167 0772 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:38:45.0183 0772 SDRSVC - ok
22:38:45.0245 0772 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:38:45.0261 0772 secdrv - ok
22:38:45.0339 0772 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:38:45.0339 0772 seclogon - ok
22:38:45.0370 0772 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:38:45.0386 0772 SENS - ok
22:38:45.0417 0772 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:38:45.0417 0772 SensrSvc - ok
22:38:45.0448 0772 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:38:45.0464 0772 Serenum - ok
22:38:45.0511 0772 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:38:45.0511 0772 Serial - ok
22:38:45.0557 0772 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:38:45.0557 0772 sermouse - ok
22:38:45.0667 0772 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:38:45.0667 0772 SessionEnv - ok
22:38:45.0713 0772 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:38:45.0713 0772 sffdisk - ok
22:38:45.0745 0772 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:38:45.0745 0772 sffp_mmc - ok
22:38:45.0760 0772 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:38:45.0760 0772 sffp_sd - ok
22:38:45.0807 0772 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:38:45.0807 0772 sfloppy - ok
22:38:45.0869 0772 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:38:45.0869 0772 ShellHWDetection - ok
22:38:45.0901 0772 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:38:45.0901 0772 SiSRaid2 - ok
22:38:45.0932 0772 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:38:45.0932 0772 SiSRaid4 - ok
22:38:45.0963 0772 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:38:45.0979 0772 Smb - ok
22:38:46.0041 0772 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:38:46.0041 0772 SNMPTRAP - ok
22:38:46.0072 0772 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:38:46.0072 0772 spldr - ok
22:38:46.0135 0772 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:38:46.0150 0772 Spooler - ok
22:38:46.0322 0772 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:38:46.0369 0772 sppsvc - ok
22:38:46.0462 0772 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:38:46.0478 0772 sppuinotify - ok
22:38:46.0525 0772 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:38:46.0540 0772 srv - ok
22:38:46.0571 0772 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:38:46.0587 0772 srv2 - ok
22:38:46.0618 0772 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:38:46.0618 0772 srvnet - ok
22:38:46.0665 0772 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:38:46.0665 0772 SSDPSRV - ok
22:38:46.0727 0772 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
22:38:46.0727 0772 SSPORT - ok
22:38:46.0759 0772 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:38:46.0759 0772 SstpSvc - ok
22:38:46.0790 0772 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:38:46.0790 0772 stexstor - ok
22:38:46.0852 0772 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:38:46.0868 0772 stisvc - ok
22:38:46.0899 0772 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:38:46.0899 0772 swenum - ok
22:38:46.0946 0772 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:38:46.0946 0772 swprv - ok
22:38:47.0024 0772 SynTP (29e44e2ca898845f520fa333edab4776) C:\Windows\system32\DRIVERS\SynTP.sys
22:38:47.0039 0772 SynTP - ok
22:38:47.0601 0772 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:38:47.0663 0772 SysMain - ok
22:38:47.0788 0772 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:38:47.0788 0772 TabletInputService - ok
22:38:47.0851 0772 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:38:47.0851 0772 TapiSrv - ok
22:38:47.0913 0772 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:38:47.0929 0772 TBS - ok
22:38:48.0100 0772 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:38:48.0131 0772 Tcpip - ok
22:38:48.0334 0772 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:38:48.0334 0772 TCPIP6 - ok
22:38:48.0459 0772 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:38:48.0459 0772 tcpipreg - ok
22:38:48.0506 0772 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:38:48.0506 0772 TDPIPE - ok
22:38:48.0537 0772 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:38:48.0537 0772 TDTCP - ok
22:38:48.0584 0772 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:38:48.0599 0772 tdx - ok
22:38:48.0631 0772 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:38:48.0631 0772 TermDD - ok
22:38:48.0693 0772 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:38:48.0709 0772 TermService - ok
22:38:48.0740 0772 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:38:48.0740 0772 Themes - ok
22:38:48.0787 0772 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:38:48.0787 0772 THREADORDER - ok
22:38:48.0818 0772 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:38:48.0818 0772 TrkWks - ok
22:38:48.0880 0772 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:38:48.0880 0772 TrustedInstaller - ok
22:38:48.0927 0772 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:38:48.0927 0772 tssecsrv - ok
22:38:49.0005 0772 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:38:49.0005 0772 TsUsbFlt - ok
22:38:49.0067 0772 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:38:49.0083 0772 tunnel - ok
22:38:49.0114 0772 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:38:49.0114 0772 uagp35 - ok
22:38:49.0161 0772 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:38:49.0177 0772 udfs - ok
22:38:49.0223 0772 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:38:49.0223 0772 UI0Detect - ok
22:38:49.0317 0772 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:38:49.0317 0772 uliagpkx - ok
22:38:49.0379 0772 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:38:49.0379 0772 umbus - ok
22:38:49.0411 0772 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:38:49.0411 0772 UmPass - ok
22:38:49.0567 0772 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
22:38:49.0582 0772 Updater Service - ok
22:38:49.0707 0772 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:38:49.0707 0772 upnphost - ok
22:38:49.0801 0772 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:38:49.0816 0772 USBAAPL64 - ok
22:38:49.0863 0772 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
22:38:49.0863 0772 usbbus - ok
22:38:49.0941 0772 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:49.0957 0772 usbccgp - ok
22:38:50.0050 0772 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:38:50.0066 0772 usbcir - ok
22:38:50.0128 0772 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
22:38:50.0128 0772 UsbDiag - ok
22:38:50.0191 0772 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:38:50.0191 0772 usbehci - ok
22:38:50.0253 0772 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:38:50.0253 0772 usbhub - ok
22:38:50.0315 0772 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
22:38:50.0315 0772 USBModem - ok
22:38:50.0347 0772 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
22:38:50.0347 0772 usbohci - ok
22:38:50.0393 0772 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:38:50.0393 0772 usbprint - ok
22:38:50.0440 0772 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:38:50.0440 0772 usbscan - ok
22:38:50.0487 0772 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:38:50.0487 0772 USBSTOR - ok
22:38:50.0518 0772 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:38:50.0534 0772 usbuhci - ok
22:38:50.0581 0772 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:38:50.0581 0772 usbvideo - ok
22:38:50.0643 0772 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
22:38:50.0659 0772 usb_rndisx - ok
22:38:50.0690 0772 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:38:50.0705 0772 UxSms - ok
22:38:50.0737 0772 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:50.0737 0772 VaultSvc - ok
22:38:50.0799 0772 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:38:50.0799 0772 vdrvroot - ok
22:38:50.0861 0772 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:38:50.0861 0772 vds - ok
22:38:50.0908 0772 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:50.0908 0772 vga - ok
22:38:50.0939 0772 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:38:50.0939 0772 VgaSave - ok
22:38:50.0986 0772 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:38:50.0986 0772 vhdmp - ok
22:38:51.0017 0772 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:38:51.0017 0772 viaide - ok
22:38:51.0033 0772 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:38:51.0033 0772 volmgr - ok
22:38:51.0080 0772 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:38:51.0095 0772 volmgrx - ok
22:38:51.0111 0772 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:38:51.0127 0772 volsnap - ok
22:38:51.0158 0772 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:38:51.0173 0772 vsmraid - ok
22:38:51.0267 0772 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:38:51.0298 0772 VSS - ok
22:38:51.0454 0772 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:38:51.0454 0772 vwifibus - ok
22:38:51.0532 0772 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:38:51.0532 0772 vwififlt - ok
22:38:51.0579 0772 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:38:51.0579 0772 vwifimp - ok
22:38:51.0641 0772 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:38:51.0641 0772 W32Time - ok
22:38:51.0704 0772 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:38:51.0719 0772 WacomPen - ok
22:38:51.0766 0772 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:51.0766 0772 WANARP - ok
22:38:51.0782 0772 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:51.0782 0772 Wanarpv6 - ok
22:38:51.0969 0772 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:38:51.0985 0772 WatAdminSvc - ok
22:38:52.0094 0772 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:38:52.0109 0772 wbengine - ok
22:38:52.0437 0772 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:38:52.0437 0772 WbioSrvc - ok
22:38:52.0687 0772 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
22:38:52.0702 0772 WcesComm - ok
22:38:52.0749 0772 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:38:52.0765 0772 wcncsvc - ok
22:38:52.0796 0772 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:38:52.0796 0772 WcsPlugInService - ok
22:38:52.0858 0772 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:38:52.0858 0772 Wd - ok
22:38:52.0952 0772 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:38:52.0952 0772 Wdf01000 - ok
22:38:52.0983 0772 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:38:52.0983 0772 WdiServiceHost - ok
22:38:52.0999 0772 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:38:52.0999 0772 WdiSystemHost - ok
22:38:53.0045 0772 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:38:53.0045 0772 WebClient - ok
22:38:53.0092 0772 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:38:53.0092 0772 Wecsvc - ok
22:38:53.0123 0772 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:38:53.0123 0772 wercplsupport - ok
22:38:53.0155 0772 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:38:53.0155 0772 WerSvc - ok
22:38:53.0248 0772 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:38:53.0248 0772 WfpLwf - ok
22:38:53.0264 0772 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:38:53.0264 0772 WIMMount - ok
22:38:53.0279 0772 WinHttpAutoProxySvc - ok
22:38:53.0373 0772 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:38:53.0373 0772 Winmgmt - ok
22:38:53.0591 0772 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:38:53.0623 0772 WinRM - ok
22:38:53.0779 0772 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:38:53.0794 0772 WinUsb - ok
22:38:53.0857 0772 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:38:53.0872 0772 Wlansvc - ok
22:38:53.0935 0772 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:38:53.0935 0772 WmiAcpi - ok
22:38:53.0997 0772 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:38:53.0997 0772 wmiApSrv - ok
22:38:54.0059 0772 WMPNetworkSvc - ok
22:38:54.0091 0772 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:38:54.0106 0772 WPCSvc - ok
22:38:54.0137 0772 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:38:54.0153 0772 WPDBusEnum - ok
22:38:54.0184 0772 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:38:54.0184 0772 ws2ifsl - ok
22:38:54.0231 0772 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:38:54.0231 0772 WSDPrintDevice - ok
22:38:54.0247 0772 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
22:38:54.0262 0772 WSDScan - ok
22:38:54.0262 0772 WSearch - ok
22:38:54.0403 0772 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:38:54.0434 0772 wuauserv - ok
22:38:54.0559 0772 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:38:54.0559 0772 WudfPf - ok
22:38:54.0621 0772 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:54.0637 0772 WUDFRd - ok
22:38:54.0668 0772 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:38:54.0668 0772 wudfsvc - ok
22:38:55.0011 0772 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:38:55.0027 0772 WwanSvc - ok
22:38:55.0105 0772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:38:55.0495 0772 \Device\Harddisk0\DR0 - ok
22:38:55.0541 0772 Boot (0x1200) (e22c2cff6c6c574c9f9ac6556816b50c) \Device\Harddisk0\DR0\Partition0
22:38:55.0541 0772 \Device\Harddisk0\DR0\Partition0 - ok
22:38:55.0588 0772 Boot (0x1200) (882ffa6d2852a907991eb8c34bde766c) \Device\Harddisk0\DR0\Partition1
22:38:55.0588 0772 \Device\Harddisk0\DR0\Partition1 - ok
22:38:55.0588 0772 ============================================================
22:38:55.0588 0772 Scan finished
22:38:55.0588 0772 ============================================================
22:38:55.0604 1204 Detected object count: 0
22:38:55.0604 1204 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 22:39:10
-----------------------------
22:39:10.481 OS Version: Windows x64 6.1.7601 Service Pack 1
22:39:10.481 Number of processors: 1 586 0x170A
22:39:10.481 ComputerName: KATHRYN-PC UserName: Kathryn
22:39:12.072 Initialize success
22:39:12.275 AVAST engine defs: 12080101
22:39:43.117 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:39:43.117 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
22:39:43.133 Disk 0 MBR read successfully
22:39:43.133 Disk 0 MBR scan
22:39:43.133 Disk 0 Windows 7 default MBR code
22:39:43.148 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
22:39:43.164 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
22:39:43.164 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226080 MB offset 25382700
22:39:43.195 Disk 0 scanning C:\Windows\system32\drivers
22:39:55.676 Service scanning
22:40:30.352 Modules scanning
22:40:30.360 Disk 0 trace - called modules:
22:40:30.390 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
22:40:30.722 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003e56060]
22:40:30.729 3 CLASSPNP.SYS[fffff88001b4843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002e3c050]
22:40:31.904 AVAST engine scan C:\Windows
22:40:33.771 AVAST engine scan C:\Windows\system32
22:42:59.393 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:43:02.412 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:44:18.398 AVAST engine scan C:\Windows\system32\drivers
22:46:04.540 AVAST engine scan C:\Users\Kathryn
22:47:56.623 AVAST engine scan C:\ProgramData
22:50:08.839 Disk 0 MBR has been saved successfully to "C:\Users\Kathryn\Desktop\MBR.dat"
22:50:08.841 The log file has been saved successfully to "C:\Users\Kathryn\Desktop\aswMBR.txt"



C:\Windows\Installer\{67f42eec-e809-1ef3-daf2-a79a2c99c9c5}\U\00000008.@ Win64/Agent.BA trojan
Operating memory a variant of Win32/Sirefef.EZ trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:59 PM

Posted 01 August 2012 - 10:37 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users