Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Failing to Update


  • This topic is locked This topic is locked
6 replies to this topic

#1 redrockit

redrockit

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 28 March 2012 - 01:28 PM

After Microsoft security Essentials supposedly quarantining the Exploit win32/cve-2010-1885A I thought all was well. Malwarebytes then failed to load, and Windows/Microsoft Update just appears to give 1 update repeatedly. My Windows Media Player Fails to see anything in any of my libraries when I can see them using Windows Explorer. Please help. Short of doing a restore to system default I decided to run Combofix. See the log, any help gratefully received.

Attached File  combofixlog.txt   30.7KB   4 downloads

BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 37,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:31 AM

Posted 01 April 2012 - 09:48 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

Please post the logs for my review.

#3 redrockit

redrockit
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 03 April 2012 - 04:10 AM

10:08:07.0002 0364 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
10:08:07.0206 0364 ============================================================
10:08:07.0206 0364 Current date / time: 2012/04/03 10:08:07.0206
10:08:07.0206 0364 SystemInfo:
10:08:07.0206 0364
10:08:07.0206 0364 OS Version: 6.1.7601 ServicePack: 1.0
10:08:07.0206 0364 Product type: Workstation
10:08:07.0206 0364 ComputerName: DUNCANIKKI-PC
10:08:07.0207 0364 UserName: DuncaNikki
10:08:07.0207 0364 Windows directory: C:\Windows
10:08:07.0207 0364 System windows directory: C:\Windows
10:08:07.0207 0364 Running under WOW64
10:08:07.0207 0364 Processor architecture: Intel x64
10:08:07.0207 0364 Number of processors: 4
10:08:07.0207 0364 Page size: 0x1000
10:08:07.0207 0364 Boot type: Normal boot
10:08:07.0207 0364 ============================================================
10:08:09.0320 0364 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:08:09.0325 0364 \Device\Harddisk0\DR0:
10:08:09.0325 0364 MBR used
10:08:09.0325 0364 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x7337D000
10:08:09.0325 0364 Initialize success
10:08:09.0325 0364 ============================================================
10:08:17.0777 3836 ============================================================
10:08:17.0777 3836 Scan started
10:08:17.0777 3836 Mode: Manual;
10:08:17.0777 3836 ============================================================
10:08:18.0552 3836 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:08:18.0555 3836 1394ohci - ok
10:08:18.0609 3836 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:08:18.0613 3836 ACPI - ok
10:08:18.0629 3836 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:08:18.0630 3836 AcpiPmi - ok
10:08:18.0656 3836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:08:18.0661 3836 adp94xx - ok
10:08:18.0676 3836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:08:18.0680 3836 adpahci - ok
10:08:18.0689 3836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:08:18.0691 3836 adpu320 - ok
10:08:18.0725 3836 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:08:18.0727 3836 AeLookupSvc - ok
10:08:18.0837 3836 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
10:08:18.0838 3836 Afc - ok
10:08:18.0882 3836 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:08:18.0887 3836 AFD - ok
10:08:18.0901 3836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:08:18.0903 3836 agp440 - ok
10:08:18.0919 3836 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:08:18.0920 3836 ALG - ok
10:08:18.0935 3836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:08:18.0936 3836 aliide - ok
10:08:18.0970 3836 AMD External Events Utility (770e25a0df8785b8e3dcf3e6a7982973) C:\Windows\system32\atiesrxx.exe
10:08:18.0972 3836 AMD External Events Utility - ok
10:08:19.0008 3836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:08:19.0009 3836 amdide - ok
10:08:19.0043 3836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:08:19.0044 3836 AmdK8 - ok
10:08:19.0076 3836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:08:19.0077 3836 AmdPPM - ok
10:08:19.0095 3836 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:08:19.0097 3836 amdsata - ok
10:08:19.0116 3836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:08:19.0118 3836 amdsbs - ok
10:08:19.0132 3836 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:08:19.0134 3836 amdxata - ok
10:08:19.0176 3836 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:08:19.0178 3836 AppID - ok
10:08:19.0191 3836 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:08:19.0192 3836 AppIDSvc - ok
10:08:19.0223 3836 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:08:19.0224 3836 Appinfo - ok
10:08:19.0244 3836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:08:19.0246 3836 arc - ok
10:08:19.0259 3836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:08:19.0261 3836 arcsas - ok
10:08:19.0295 3836 AsIO (a82c01606dc27d05d9d3bfb6bb807e32) C:\Windows\syswow64\drivers\AsIO.sys
10:08:19.0296 3836 AsIO - ok
10:08:19.0330 3836 AsSysCtrlService (798a87b2d7ad73b16b7cd968c5d1f18f) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
10:08:19.0385 3836 AsSysCtrlService - ok
10:08:19.0402 3836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:08:19.0403 3836 AsyncMac - ok
10:08:19.0413 3836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:08:19.0414 3836 atapi - ok
10:08:19.0457 3836 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
10:08:19.0459 3836 AtiHdmiService - ok
10:08:19.0549 3836 atikmdag (9ffafa1eeab3509735ed649296bb9224) C:\Windows\system32\DRIVERS\atikmdag.sys
10:08:19.0607 3836 atikmdag - ok
10:08:19.0624 3836 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
10:08:19.0624 3836 AtiPcie - ok
10:08:19.0659 3836 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:08:19.0666 3836 AudioEndpointBuilder - ok
10:08:19.0707 3836 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:08:19.0710 3836 AudioSrv - ok
10:08:19.0839 3836 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:08:19.0841 3836 AxInstSV - ok
10:08:19.0877 3836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:08:19.0882 3836 b06bdrv - ok
10:08:19.0897 3836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:08:19.0900 3836 b57nd60a - ok
10:08:19.0951 3836 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:08:19.0953 3836 BDESVC - ok
10:08:19.0966 3836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:08:19.0967 3836 Beep - ok
10:08:20.0001 3836 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:08:20.0008 3836 BFE - ok
10:08:20.0046 3836 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
10:08:20.0056 3836 BITS - ok
10:08:20.0124 3836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:08:20.0125 3836 blbdrive - ok
10:08:20.0157 3836 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:08:20.0159 3836 bowser - ok
10:08:20.0166 3836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:08:20.0167 3836 BrFiltLo - ok
10:08:20.0174 3836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:08:20.0175 3836 BrFiltUp - ok
10:08:20.0204 3836 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:08:20.0205 3836 BridgeMP - ok
10:08:20.0232 3836 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:08:20.0233 3836 Browser - ok
10:08:20.0252 3836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:08:20.0255 3836 Brserid - ok
10:08:20.0268 3836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:08:20.0269 3836 BrSerWdm - ok
10:08:20.0280 3836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:08:20.0281 3836 BrUsbMdm - ok
10:08:20.0290 3836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:08:20.0291 3836 BrUsbSer - ok
10:08:20.0307 3836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:08:20.0308 3836 BTHMODEM - ok
10:08:20.0324 3836 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:08:20.0326 3836 bthserv - ok
10:08:20.0329 3836 catchme - ok
10:08:20.0346 3836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:08:20.0348 3836 cdfs - ok
10:08:20.0382 3836 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:08:20.0384 3836 cdrom - ok
10:08:20.0407 3836 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:08:20.0409 3836 CertPropSvc - ok
10:08:20.0421 3836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:08:20.0422 3836 circlass - ok
10:08:20.0439 3836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:08:20.0454 3836 CLFS - ok
10:08:20.0514 3836 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:20.0516 3836 clr_optimization_v2.0.50727_32 - ok
10:08:20.0553 3836 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:08:20.0555 3836 clr_optimization_v2.0.50727_64 - ok
10:08:20.0630 3836 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:08:20.0632 3836 clr_optimization_v4.0.30319_32 - ok
10:08:20.0647 3836 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:08:20.0648 3836 clr_optimization_v4.0.30319_64 - ok
10:08:20.0656 3836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:08:20.0657 3836 CmBatt - ok
10:08:20.0680 3836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:08:20.0681 3836 cmdide - ok
10:08:20.0720 3836 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:08:20.0725 3836 CNG - ok
10:08:20.0753 3836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:08:20.0754 3836 Compbatt - ok
10:08:20.0769 3836 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:08:20.0770 3836 CompositeBus - ok
10:08:20.0777 3836 COMSysApp - ok
10:08:20.0795 3836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:08:20.0796 3836 crcdisk - ok
10:08:20.0827 3836 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:08:20.0830 3836 CryptSvc - ok
10:08:20.0929 3836 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:08:20.0933 3836 cvhsvc - ok
10:08:20.0989 3836 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
10:08:20.0990 3836 dc3d - ok
10:08:21.0026 3836 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:08:21.0032 3836 DcomLaunch - ok
10:08:21.0065 3836 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:08:21.0069 3836 defragsvc - ok
10:08:21.0123 3836 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:08:21.0125 3836 DfsC - ok
10:08:21.0158 3836 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:08:21.0161 3836 Dhcp - ok
10:08:21.0176 3836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:08:21.0177 3836 discache - ok
10:08:21.0192 3836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:08:21.0194 3836 Disk - ok
10:08:21.0241 3836 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:08:21.0244 3836 Dnscache - ok
10:08:21.0274 3836 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:08:21.0277 3836 dot3svc - ok
10:08:21.0300 3836 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:08:21.0302 3836 DPS - ok
10:08:21.0316 3836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:08:21.0317 3836 drmkaud - ok
10:08:21.0392 3836 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:08:21.0401 3836 DXGKrnl - ok
10:08:21.0417 3836 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:08:21.0419 3836 EapHost - ok
10:08:21.0506 3836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:08:21.0537 3836 ebdrv - ok
10:08:21.0549 3836 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:08:21.0550 3836 EFS - ok
10:08:21.0626 3836 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:08:21.0664 3836 ehRecvr - ok
10:08:21.0687 3836 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:08:21.0714 3836 ehSched - ok
10:08:21.0739 3836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:08:21.0745 3836 elxstor - ok
10:08:21.0775 3836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:08:21.0776 3836 ErrDev - ok
10:08:21.0813 3836 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:08:21.0817 3836 EventSystem - ok
10:08:21.0826 3836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:08:21.0829 3836 exfat - ok
10:08:21.0840 3836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:08:21.0843 3836 fastfat - ok
10:08:21.0879 3836 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:08:21.0887 3836 Fax - ok
10:08:21.0933 3836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:08:21.0934 3836 fdc - ok
10:08:21.0960 3836 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:08:21.0961 3836 fdPHost - ok
10:08:21.0974 3836 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:08:21.0975 3836 FDResPub - ok
10:08:22.0005 3836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:08:22.0007 3836 FileInfo - ok
10:08:22.0021 3836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:08:22.0022 3836 Filetrace - ok
10:08:22.0030 3836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:08:22.0032 3836 flpydisk - ok
10:08:22.0060 3836 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:08:22.0064 3836 FltMgr - ok
10:08:22.0116 3836 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:08:22.0127 3836 FontCache - ok
10:08:22.0222 3836 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:08:22.0223 3836 FontCache3.0.0.0 - ok
10:08:22.0244 3836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:08:22.0246 3836 FsDepends - ok
10:08:22.0270 3836 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:08:22.0271 3836 Fs_Rec - ok
10:08:22.0314 3836 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:08:22.0317 3836 fvevol - ok
10:08:22.0333 3836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:08:22.0335 3836 gagp30kx - ok
10:08:22.0375 3836 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:08:22.0383 3836 gpsvc - ok
10:08:22.0529 3836 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:08:22.0530 3836 gupdate - ok
10:08:22.0586 3836 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:08:22.0587 3836 gupdatem - ok
10:08:22.0611 3836 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:08:22.0613 3836 gusvc - ok
10:08:22.0639 3836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:08:22.0640 3836 hcw85cir - ok
10:08:22.0674 3836 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:08:22.0678 3836 HdAudAddService - ok
10:08:22.0708 3836 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:08:22.0709 3836 HDAudBus - ok
10:08:22.0727 3836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:08:22.0728 3836 HidBatt - ok
10:08:22.0738 3836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:08:22.0739 3836 HidBth - ok
10:08:22.0757 3836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:08:22.0758 3836 HidIr - ok
10:08:22.0774 3836 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:08:22.0776 3836 hidserv - ok
10:08:22.0797 3836 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:08:22.0797 3836 HidUsb - ok
10:08:22.0821 3836 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:08:22.0823 3836 hkmsvc - ok
10:08:22.0852 3836 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:08:22.0855 3836 HomeGroupListener - ok
10:08:22.0866 3836 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:08:22.0870 3836 HomeGroupProvider - ok
10:08:22.0888 3836 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:08:22.0889 3836 HpSAMD - ok
10:08:22.0912 3836 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:08:22.0921 3836 HTTP - ok
10:08:22.0935 3836 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:08:22.0936 3836 hwpolicy - ok
10:08:22.0954 3836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:08:22.0955 3836 i8042prt - ok
10:08:22.0976 3836 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:08:22.0981 3836 iaStorV - ok
10:08:23.0021 3836 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:08:23.0029 3836 idsvc - ok
10:08:23.0053 3836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:08:23.0054 3836 iirsp - ok
10:08:23.0103 3836 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:08:23.0112 3836 IKEEXT - ok
10:08:23.0161 3836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:08:23.0161 3836 intelide - ok
10:08:23.0181 3836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:08:23.0182 3836 intelppm - ok
10:08:23.0214 3836 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:08:23.0216 3836 IPBusEnum - ok
10:08:23.0230 3836 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:08:23.0231 3836 IpFilterDriver - ok
10:08:23.0272 3836 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:08:23.0278 3836 iphlpsvc - ok
10:08:23.0306 3836 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:08:23.0307 3836 IPMIDRV - ok
10:08:23.0323 3836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:08:23.0324 3836 IPNAT - ok
10:08:23.0344 3836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:08:23.0344 3836 IRENUM - ok
10:08:23.0374 3836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:08:23.0376 3836 isapnp - ok
10:08:23.0408 3836 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:08:23.0414 3836 iScsiPrt - ok
10:08:23.0442 3836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:08:23.0446 3836 kbdclass - ok
10:08:23.0498 3836 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:08:23.0499 3836 kbdhid - ok
10:08:23.0546 3836 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:08:23.0549 3836 KeyIso - ok
10:08:23.0583 3836 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:08:23.0586 3836 KSecDD - ok
10:08:23.0606 3836 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:08:23.0610 3836 KSecPkg - ok
10:08:23.0657 3836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:08:23.0665 3836 ksthunk - ok
10:08:23.0722 3836 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:08:23.0733 3836 KtmRm - ok
10:08:23.0753 3836 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
10:08:23.0762 3836 LanmanServer - ok
10:08:23.0820 3836 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:08:23.0827 3836 LanmanWorkstation - ok
10:08:23.0879 3836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:08:23.0882 3836 lltdio - ok
10:08:23.0938 3836 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:08:23.0947 3836 lltdsvc - ok
10:08:23.0965 3836 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:08:23.0969 3836 lmhosts - ok
10:08:23.0997 3836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:08:23.0999 3836 LSI_FC - ok
10:08:24.0015 3836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:08:24.0017 3836 LSI_SAS - ok
10:08:24.0032 3836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:08:24.0033 3836 LSI_SAS2 - ok
10:08:24.0050 3836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:08:24.0052 3836 LSI_SCSI - ok
10:08:24.0067 3836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:08:24.0069 3836 luafv - ok
10:08:24.0129 3836 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:08:24.0177 3836 Mcx2Svc - ok
10:08:24.0195 3836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:08:24.0196 3836 megasas - ok
10:08:24.0232 3836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:08:24.0236 3836 MegaSR - ok
10:08:24.0248 3836 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:08:24.0250 3836 MMCSS - ok
10:08:24.0262 3836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:08:24.0263 3836 Modem - ok
10:08:24.0273 3836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:08:24.0273 3836 monitor - ok
10:08:24.0287 3836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:08:24.0288 3836 mouclass - ok
10:08:24.0300 3836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:08:24.0301 3836 mouhid - ok
10:08:24.0355 3836 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:08:24.0356 3836 mountmgr - ok
10:08:24.0378 3836 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:08:24.0380 3836 MpFilter - ok
10:08:24.0405 3836 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:08:24.0407 3836 mpio - ok
10:08:24.0437 3836 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:08:24.0438 3836 MpNWMon - ok
10:08:24.0451 3836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:08:24.0452 3836 mpsdrv - ok
10:08:24.0485 3836 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:08:24.0495 3836 MpsSvc - ok
10:08:24.0524 3836 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:08:24.0526 3836 MRxDAV - ok
10:08:24.0598 3836 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:08:24.0601 3836 mrxsmb - ok
10:08:24.0626 3836 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:08:24.0629 3836 mrxsmb10 - ok
10:08:24.0667 3836 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:08:24.0669 3836 mrxsmb20 - ok
10:08:24.0708 3836 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:08:24.0709 3836 msahci - ok
10:08:24.0736 3836 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:08:24.0738 3836 msdsm - ok
10:08:24.0767 3836 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:08:24.0770 3836 MSDTC - ok
10:08:24.0794 3836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:08:24.0795 3836 Msfs - ok
10:08:24.0829 3836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:08:24.0830 3836 mshidkmdf - ok
10:08:24.0916 3836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:08:24.0917 3836 msisadrv - ok
10:08:25.0008 3836 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:08:25.0011 3836 MSiSCSI - ok
10:08:25.0017 3836 msiserver - ok
10:08:25.0032 3836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:08:25.0033 3836 MSKSSRV - ok
10:08:25.0164 3836 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:08:25.0164 3836 MsMpSvc - ok
10:08:25.0179 3836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:08:25.0180 3836 MSPCLOCK - ok
10:08:25.0200 3836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:08:25.0201 3836 MSPQM - ok
10:08:25.0229 3836 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:08:25.0233 3836 MsRPC - ok
10:08:25.0247 3836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:08:25.0247 3836 mssmbios - ok
10:08:25.0281 3836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:08:25.0282 3836 MSTEE - ok
10:08:25.0290 3836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:08:25.0291 3836 MTConfig - ok
10:08:25.0311 3836 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
10:08:25.0312 3836 MTsensor - ok
10:08:25.0337 3836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:08:25.0338 3836 Mup - ok
10:08:25.0372 3836 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:08:25.0377 3836 napagent - ok
10:08:25.0395 3836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:08:25.0398 3836 NativeWifiP - ok
10:08:25.0420 3836 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:08:25.0429 3836 NDIS - ok
10:08:25.0443 3836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:08:25.0446 3836 NdisCap - ok
10:08:25.0457 3836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:08:25.0458 3836 NdisTapi - ok
10:08:25.0478 3836 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:08:25.0479 3836 Ndisuio - ok
10:08:25.0513 3836 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:08:25.0515 3836 NdisWan - ok
10:08:25.0542 3836 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:08:25.0543 3836 NDProxy - ok
10:08:25.0551 3836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:08:25.0552 3836 NetBIOS - ok
10:08:25.0586 3836 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:08:25.0589 3836 NetBT - ok
10:08:25.0615 3836 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:08:25.0616 3836 Netlogon - ok
10:08:25.0652 3836 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:08:25.0656 3836 Netman - ok
10:08:25.0678 3836 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:08:25.0683 3836 netprofm - ok
10:08:25.0755 3836 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:08:25.0757 3836 NetTcpPortSharing - ok
10:08:25.0783 3836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:08:25.0784 3836 nfrd960 - ok
10:08:25.0814 3836 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:08:25.0816 3836 NisDrv - ok
10:08:25.0839 3836 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:08:25.0842 3836 NisSrv - ok
10:08:25.0855 3836 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:08:25.0859 3836 NlaSvc - ok
10:08:25.0875 3836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:08:25.0876 3836 Npfs - ok
10:08:25.0904 3836 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:08:25.0906 3836 nsi - ok
10:08:25.0913 3836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:08:25.0914 3836 nsiproxy - ok
10:08:25.0961 3836 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:08:25.0977 3836 Ntfs - ok
10:08:25.0988 3836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:08:25.0988 3836 Null - ok
10:08:26.0025 3836 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:08:26.0027 3836 nvraid - ok
10:08:26.0045 3836 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:08:26.0047 3836 nvstor - ok
10:08:26.0066 3836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:08:26.0068 3836 nv_agp - ok
10:08:26.0084 3836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:08:26.0086 3836 ohci1394 - ok
10:08:26.0151 3836 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:26.0153 3836 ose - ok
10:08:26.0235 3836 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:08:26.0280 3836 osppsvc - ok
10:08:26.0300 3836 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:08:26.0304 3836 p2pimsvc - ok
10:08:26.0327 3836 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:08:26.0332 3836 p2psvc - ok
10:08:26.0346 3836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:08:26.0348 3836 Parport - ok
10:08:26.0372 3836 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:08:26.0374 3836 partmgr - ok
10:08:26.0387 3836 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:08:26.0390 3836 PcaSvc - ok
10:08:26.0408 3836 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:08:26.0410 3836 pci - ok
10:08:26.0426 3836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:08:26.0427 3836 pciide - ok
10:08:26.0445 3836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:08:26.0448 3836 pcmcia - ok
10:08:26.0460 3836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:08:26.0461 3836 pcw - ok
10:08:26.0497 3836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:08:26.0504 3836 PEAUTH - ok
10:08:26.0559 3836 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:08:26.0560 3836 PerfHost - ok
10:08:26.0638 3836 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:08:26.0653 3836 pla - ok
10:08:26.0718 3836 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:08:26.0724 3836 PlugPlay - ok
10:08:26.0745 3836 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:08:26.0747 3836 PNRPAutoReg - ok
10:08:26.0757 3836 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:08:26.0760 3836 PNRPsvc - ok
10:08:26.0793 3836 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
10:08:26.0794 3836 Point64 - ok
10:08:26.0823 3836 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:08:26.0829 3836 PolicyAgent - ok
10:08:26.0857 3836 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:08:26.0860 3836 Power - ok
10:08:26.0890 3836 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:08:26.0893 3836 PptpMiniport - ok
10:08:26.0906 3836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:08:26.0907 3836 Processor - ok
10:08:26.0922 3836 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:08:26.0925 3836 ProfSvc - ok
10:08:26.0956 3836 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:08:26.0957 3836 ProtectedStorage - ok
10:08:26.0987 3836 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:08:26.0988 3836 Psched - ok
10:08:27.0023 3836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:08:27.0038 3836 ql2300 - ok
10:08:27.0047 3836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:08:27.0048 3836 ql40xx - ok
10:08:27.0078 3836 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:08:27.0081 3836 QWAVE - ok
10:08:27.0092 3836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:08:27.0093 3836 QWAVEdrv - ok
10:08:27.0100 3836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:08:27.0101 3836 RasAcd - ok
10:08:27.0127 3836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:08:27.0128 3836 RasAgileVpn - ok
10:08:27.0147 3836 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:08:27.0150 3836 RasAuto - ok
10:08:27.0180 3836 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:08:27.0182 3836 Rasl2tp - ok
10:08:27.0201 3836 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:08:27.0205 3836 RasMan - ok
10:08:27.0222 3836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:08:27.0224 3836 RasPppoe - ok
10:08:27.0238 3836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:08:27.0239 3836 RasSstp - ok
10:08:27.0270 3836 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:08:27.0273 3836 rdbss - ok
10:08:27.0287 3836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:08:27.0288 3836 rdpbus - ok
10:08:27.0315 3836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:08:27.0315 3836 RDPCDD - ok
10:08:27.0329 3836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:08:27.0329 3836 RDPENCDD - ok
10:08:27.0343 3836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:08:27.0344 3836 RDPREFMP - ok
10:08:27.0386 3836 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:08:27.0389 3836 RDPWD - ok
10:08:27.0418 3836 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:08:27.0420 3836 rdyboost - ok
10:08:27.0483 3836 Realtek11nSU (bbfcac1c23b867ae5d7ef96df40680c5) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
10:08:27.0522 3836 Realtek11nSU - ok
10:08:27.0548 3836 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:08:27.0550 3836 RemoteAccess - ok
10:08:27.0569 3836 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:08:27.0572 3836 RemoteRegistry - ok
10:08:27.0615 3836 RichVideo (4d05898896ec49cf663dda61041ab096) C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
10:08:27.0618 3836 RichVideo - ok
10:08:27.0634 3836 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:08:27.0636 3836 RpcEptMapper - ok
10:08:27.0650 3836 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:08:27.0652 3836 RpcLocator - ok
10:08:27.0683 3836 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:08:27.0687 3836 RpcSs - ok
10:08:27.0708 3836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:08:27.0710 3836 rspndr - ok
10:08:27.0741 3836 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
10:08:27.0744 3836 RTHDMIAzAudService - ok
10:08:27.0788 3836 RTL2832UBDA (646b22badbd24c6d528aa6b8abe0ec0e) C:\Windows\system32\drivers\RTL2832UBDA.sys
10:08:27.0792 3836 RTL2832UBDA - ok
10:08:27.0829 3836 RTL2832UUSB (c4d4ef0ff8f43a4d5c4f5f05a7f13631) C:\Windows\system32\Drivers\RTL2832UUSB.sys
10:08:27.0830 3836 RTL2832UUSB - ok
10:08:27.0839 3836 RTL2832U_IRHID (19faa5e7cf3d5263f4e79450a03e50ca) C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
10:08:27.0840 3836 RTL2832U_IRHID - ok
10:08:27.0876 3836 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:08:27.0881 3836 RTL8167 - ok
10:08:27.0912 3836 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys
10:08:27.0919 3836 RTL8192su - ok
10:08:27.0950 3836 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:08:27.0951 3836 SamSs - ok
10:08:27.0984 3836 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:08:27.0985 3836 sbp2port - ok
10:08:28.0011 3836 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:08:28.0014 3836 SCardSvr - ok
10:08:28.0044 3836 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:08:28.0045 3836 scfilter - ok
10:08:28.0088 3836 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:08:28.0099 3836 Schedule - ok
10:08:28.0124 3836 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:08:28.0125 3836 SCPolicySvc - ok
10:08:28.0153 3836 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:08:28.0156 3836 SDRSVC - ok
10:08:28.0190 3836 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
10:08:28.0193 3836 SeaPort - ok
10:08:28.0221 3836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:08:28.0222 3836 secdrv - ok
10:08:28.0258 3836 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:08:28.0259 3836 seclogon - ok
10:08:28.0277 3836 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:08:28.0279 3836 SENS - ok
10:08:28.0297 3836 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:08:28.0299 3836 SensrSvc - ok
10:08:28.0309 3836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:08:28.0311 3836 Serenum - ok
10:08:28.0326 3836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:08:28.0328 3836 Serial - ok
10:08:28.0347 3836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:08:28.0348 3836 sermouse - ok
10:08:28.0381 3836 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:08:28.0383 3836 SessionEnv - ok
10:08:28.0397 3836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:08:28.0398 3836 sffdisk - ok
10:08:28.0413 3836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:08:28.0414 3836 sffp_mmc - ok
10:08:28.0428 3836 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:08:28.0429 3836 sffp_sd - ok
10:08:28.0444 3836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:08:28.0452 3836 sfloppy - ok
10:08:28.0490 3836 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:08:28.0498 3836 Sftfs - ok
10:08:28.0557 3836 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:08:28.0562 3836 sftlist - ok
10:08:28.0578 3836 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:08:28.0581 3836 Sftplay - ok
10:08:28.0609 3836 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:08:28.0610 3836 Sftredir - ok
10:08:28.0620 3836 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:08:28.0621 3836 Sftvol - ok
10:08:28.0644 3836 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:08:28.0646 3836 sftvsa - ok
10:08:28.0692 3836 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:08:28.0696 3836 SharedAccess - ok
10:08:28.0732 3836 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:08:28.0736 3836 ShellHWDetection - ok
10:08:28.0745 3836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:08:28.0746 3836 SiSRaid2 - ok
10:08:28.0755 3836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:08:28.0756 3836 SiSRaid4 - ok
10:08:28.0764 3836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:08:28.0766 3836 Smb - ok
10:08:28.0791 3836 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:08:28.0793 3836 SNMPTRAP - ok
10:08:28.0805 3836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:08:28.0806 3836 spldr - ok
10:08:28.0823 3836 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:08:28.0830 3836 Spooler - ok
10:08:28.0911 3836 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:08:28.0944 3836 sppsvc - ok
10:08:28.0967 3836 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:08:28.0969 3836 sppuinotify - ok
10:08:29.0016 3836 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:08:29.0021 3836 srv - ok
10:08:29.0055 3836 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:08:29.0060 3836 srv2 - ok
10:08:29.0078 3836 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:08:29.0080 3836 srvnet - ok
10:08:29.0103 3836 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:08:29.0106 3836 SSDPSRV - ok
10:08:29.0118 3836 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:08:29.0120 3836 SstpSvc - ok
10:08:29.0148 3836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:08:29.0149 3836 stexstor - ok
10:08:29.0201 3836 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:08:29.0208 3836 stisvc - ok
10:08:29.0228 3836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:08:29.0228 3836 swenum - ok
10:08:29.0250 3836 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:08:29.0256 3836 swprv - ok
10:08:29.0296 3836 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:08:29.0313 3836 SysMain - ok
10:08:29.0357 3836 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:08:29.0360 3836 TabletInputService - ok
10:08:29.0379 3836 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:08:29.0384 3836 TapiSrv - ok
10:08:29.0396 3836 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:08:29.0398 3836 TBS - ok
10:08:29.0441 3836 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:08:29.0459 3836 Tcpip - ok
10:08:29.0485 3836 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:08:29.0494 3836 TCPIP6 - ok
10:08:29.0525 3836 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:08:29.0526 3836 tcpipreg - ok
10:08:29.0542 3836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:08:29.0543 3836 TDPIPE - ok
10:08:29.0566 3836 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:08:29.0567 3836 TDTCP - ok
10:08:29.0600 3836 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:08:29.0602 3836 tdx - ok
10:08:29.0615 3836 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:08:29.0616 3836 TermDD - ok
10:08:29.0647 3836 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:08:29.0655 3836 TermService - ok
10:08:29.0669 3836 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:08:29.0671 3836 Themes - ok
10:08:29.0696 3836 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:08:29.0697 3836 THREADORDER - ok
10:08:29.0709 3836 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:08:29.0711 3836 TrkWks - ok
10:08:29.0748 3836 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:08:29.0750 3836 TrustedInstaller - ok
10:08:29.0775 3836 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:08:29.0777 3836 tssecsrv - ok
10:08:29.0808 3836 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:08:29.0809 3836 TsUsbFlt - ok
10:08:29.0844 3836 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:08:29.0846 3836 tunnel - ok
10:08:29.0863 3836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:08:29.0864 3836 uagp35 - ok
10:08:29.0882 3836 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:08:29.0885 3836 udfs - ok
10:08:29.0905 3836 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:08:29.0907 3836 UI0Detect - ok
10:08:29.0923 3836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:08:29.0925 3836 uliagpkx - ok
10:08:29.0941 3836 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:08:29.0943 3836 umbus - ok
10:08:29.0969 3836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:08:29.0970 3836 UmPass - ok
10:08:29.0992 3836 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:08:29.0997 3836 upnphost - ok
10:08:30.0033 3836 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:08:30.0035 3836 usbccgp - ok
10:08:30.0052 3836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:08:30.0054 3836 usbcir - ok
10:08:30.0067 3836 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:08:30.0068 3836 usbehci - ok
10:08:30.0089 3836 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:08:30.0093 3836 usbhub - ok
10:08:30.0111 3836 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
10:08:30.0112 3836 usbohci - ok
10:08:30.0136 3836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:08:30.0139 3836 usbprint - ok
10:08:30.0184 3836 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:08:30.0185 3836 usbscan - ok
10:08:30.0210 3836 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:08:30.0220 3836 USBSTOR - ok
10:08:30.0234 3836 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:08:30.0235 3836 usbuhci - ok
10:08:30.0247 3836 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:08:30.0249 3836 UxSms - ok
10:08:30.0276 3836 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:08:30.0277 3836 VaultSvc - ok
10:08:30.0292 3836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:08:30.0293 3836 vdrvroot - ok
10:08:30.0317 3836 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:08:30.0323 3836 vds - ok
10:08:30.0336 3836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:08:30.0337 3836 vga - ok
10:08:30.0356 3836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:08:30.0357 3836 VgaSave - ok
10:08:30.0372 3836 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:08:30.0375 3836 vhdmp - ok
10:08:30.0423 3836 VIAHdAudAddService (ba1da5cd689e9473d99731a2e1ff2fb5) C:\Windows\system32\drivers\viahduaa.sys
10:08:30.0429 3836 VIAHdAudAddService - ok
10:08:30.0443 3836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:08:30.0458 3836 viaide - ok
10:08:30.0470 3836 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:08:30.0472 3836 volmgr - ok
10:08:30.0500 3836 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:08:30.0504 3836 volmgrx - ok
10:08:30.0553 3836 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:08:30.0556 3836 volsnap - ok
10:08:30.0576 3836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:08:30.0579 3836 vsmraid - ok
10:08:30.0618 3836 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:08:30.0634 3836 VSS - ok
10:08:30.0642 3836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:08:30.0643 3836 vwifibus - ok
10:08:30.0662 3836 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:08:30.0663 3836 vwififlt - ok
10:08:30.0680 3836 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:08:30.0685 3836 W32Time - ok
10:08:30.0695 3836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:08:30.0696 3836 WacomPen - ok
10:08:30.0714 3836 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:08:30.0716 3836 WANARP - ok
10:08:30.0731 3836 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:08:30.0731 3836 Wanarpv6 - ok
10:08:30.0825 3836 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:08:30.0837 3836 WatAdminSvc - ok
10:08:30.0887 3836 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:08:30.0895 3836 wbengine - ok
10:08:30.0910 3836 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:08:30.0913 3836 WbioSrvc - ok
10:08:30.0956 3836 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:08:30.0961 3836 wcncsvc - ok
10:08:30.0972 3836 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:08:30.0974 3836 WcsPlugInService - ok
10:08:30.0982 3836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:08:30.0983 3836 Wd - ok
10:08:31.0015 3836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:08:31.0022 3836 Wdf01000 - ok
10:08:31.0034 3836 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:08:31.0036 3836 WdiServiceHost - ok
10:08:31.0040 3836 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:08:31.0041 3836 WdiSystemHost - ok
10:08:31.0070 3836 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:08:31.0074 3836 WebClient - ok
10:08:31.0099 3836 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:08:31.0103 3836 Wecsvc - ok
10:08:31.0119 3836 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:08:31.0122 3836 wercplsupport - ok
10:08:31.0138 3836 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:08:31.0141 3836 WerSvc - ok
10:08:31.0158 3836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:08:31.0159 3836 WfpLwf - ok
10:08:31.0172 3836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:08:31.0173 3836 WIMMount - ok
10:08:31.0221 3836 WinDefend - ok
10:08:31.0228 3836 WinHttpAutoProxySvc - ok
10:08:31.0280 3836 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:08:31.0282 3836 Winmgmt - ok
10:08:31.0342 3836 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:08:31.0362 3836 WinRM - ok
10:08:31.0389 3836 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
10:08:31.0390 3836 WinUSB - ok
10:08:31.0419 3836 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:08:31.0428 3836 Wlansvc - ok
10:08:31.0513 3836 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:08:31.0534 3836 wlidsvc - ok
10:08:31.0550 3836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:08:31.0551 3836 WmiAcpi - ok
10:08:31.0569 3836 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:08:31.0572 3836 wmiApSrv - ok
10:08:31.0602 3836 WMPNetworkSvc - ok
10:08:31.0656 3836 WMZuneComm (58540037a4a3eeeefa47c84100e1694f) C:\Program Files\Zune\WMZuneComm.exe
10:08:31.0659 3836 WMZuneComm - ok
10:08:31.0681 3836 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:08:31.0682 3836 WPCSvc - ok
10:08:31.0714 3836 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:08:31.0717 3836 WPDBusEnum - ok
10:08:31.0739 3836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:08:31.0740 3836 ws2ifsl - ok
10:08:31.0761 3836 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
10:08:31.0763 3836 wscsvc - ok
10:08:31.0770 3836 WSearch - ok
10:08:31.0819 3836 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:08:31.0842 3836 wuauserv - ok
10:08:31.0872 3836 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:08:31.0874 3836 WudfPf - ok
10:08:31.0908 3836 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:08:31.0910 3836 WUDFRd - ok
10:08:31.0931 3836 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:08:31.0935 3836 wudfsvc - ok
10:08:31.0950 3836 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:08:31.0954 3836 WwanSvc - ok
10:08:31.0972 3836 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
10:08:31.0976 3836 yukonw7 - ok
10:08:32.0105 3836 ZuneNetworkSvc (d6ef205269c2a584af6b56b9f95010f8) C:\Program Files\Zune\ZuneNss.exe
10:08:32.0180 3836 ZuneNetworkSvc - ok
10:08:32.0213 3836 ZuneWlanCfgSvc (7a565afe58f3822a9e622868e5cc0e5c) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:08:32.0218 3836 ZuneWlanCfgSvc - ok
10:08:32.0231 3836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:08:32.0274 3836 \Device\Harddisk0\DR0 - ok
10:08:32.0277 3836 Boot (0x1200) (b0ccc1d3b7032a43bae8ace48d8c86b3) \Device\Harddisk0\DR0\Partition0
10:08:32.0278 3836 \Device\Harddisk0\DR0\Partition0 - ok
10:08:32.0279 3836 ============================================================
10:08:32.0279 3836 Scan finished
10:08:32.0279 3836 ============================================================
10:08:32.0290 2468 Detected object count: 0
10:08:32.0290 2468 Actual detected object count: 0

#4 nasdaq

nasdaq

  • Malware Response Team
  • 37,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:31 AM

Posted 03 April 2012 - 09:00 AM

Nothing suspicious in that log also.

===

Short of doing a restore to system default I decided to run Combofix. See the log, any help gratefully received.


Windows 7 normally does some good system restore point.

Can you not run system restore and see if you have a good restore point just prior to your difficulties?

#5 redrockit

redrockit
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 03 April 2012 - 09:58 AM

Attached File  MBR.zip   1.48KB   1 downloads

#6 nasdaq

nasdaq

  • Malware Response Team
  • 37,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:31 AM

Posted 03 April 2012 - 01:40 PM

The master boot record is clean.

Have you seen mypost No. 4?

#7 nasdaq

nasdaq

  • Malware Response Team
  • 37,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:31 AM

Posted 09 April 2012 - 09:57 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users