Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus help - hidden files and internet redirects


  • Please log in to reply
15 replies to this topic

#1 Eric Seigneuray

Eric Seigneuray

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 01 April 2012 - 06:25 AM

Brand new to this site so excuse me if I'm not post this corretcly or in the wrong place. I got hit with a virus this week which rmeoved all desktop icons and would not let me do anything. I was able to go-back to a week earlier. Now I have the following issues (at least):

1. all my data files are hidden.
2. any Google searches lead me to different sites, nothing to do with the search.
3. my internet favorites are gone (least of my troubles).

Any ideas as to what virus I got hit with and how to repair this?

PS: I user Trend Micro Titanium Internet Security (2012)...


[Moderator edit: post moved to more appropriate forum. jgw]

Edited by jgweed, 01 April 2012 - 06:48 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 01 April 2012 - 08:49 AM

Download

http://www.bleepingcomputer.com/download/anti-virus/unhide

Run it and it should restored your hidden files

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 01 April 2012 - 11:36 AM

Hi, Thanbks for your help!

I ran the unhide that made a big difference.

TDSSkiller didn't load. Probably a 64 bit issue?

Ran the GMER scan. It appeared to run even though my PC is 64 bit. The saved log had nothing in though. Maybe the 64b issue.

The aswMBR doesn't seem to do anything. I ran it and nothing seems to happen.

My files are all unhidden (as far as I can tell) and my internet favorites appear to be back. The only issue I can see is that when I do a Google search, selecting any of the links redirects me to other sights.

Any ideas?

Thanks again!!!!

PS: Here's the Unhide.txt info:

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 04/01/2012 11:02:49 AM
Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 357469 files processed.

Processing the D:\ drive
Finished processing the D:\ drive. 17058 files processed.

Restoring the Start Menu.
* 13 Shortcuts and Desktop items were restored.


Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
* NoActiveDesktopChanges policy was found and deleted!
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Program finished at: 04/01/2012 11:15:42 AM
Execution time: 0 hours(s), 12 minute(s), and 53 seconds(s)

Edited by Eric Seigneuray, 01 April 2012 - 11:37 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 01 April 2012 - 01:25 PM

Please create a restore point ,also back up important datas before running this tool.This is just a small precaution

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

Run TDSSkiller and aswmbr after this tool and post the logs

good luck

Edited by narenxp, 01 April 2012 - 01:25 PM.


#5 Ragdoll2012

Ragdoll2012

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 06 April 2012 - 01:42 AM

Download

http://www.bleepingcomputer.com/download/anti-virus/unhide

Run it and it should restored your hidden files

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here



#6 Ragdoll2012

Ragdoll2012

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 06 April 2012 - 01:46 AM

I hope I'm doing this right. I HATE p'o'in people off.

I can't seem to download the unhide.exe. I'm at step 7 of removing S.M.A.R.T. HDD trojan. This process hasn't been smooth (the hitpro didn't allow me to do a 30 day trial...so I purchased it. It didn't remove the infections, do I clicked 'delete' for each infected file. That seemed to work).

Did I compromise the entire process?

Just getting that hour glass circle thingy, going around and around when I click on the unhide.exe link.

I would be so over-the-top grateful for assitance.

Thanks so much....and Happy Easter weekend everyone!

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 06 April 2012 - 09:30 AM

did you run FIXTDSS?

#8 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 07 April 2012 - 09:47 AM

Ok, I ran FIXTDSS and TDSSkiller. Both ran okay. aswmbr crashes and restarts my PC in safety mode. As for the logs, can I attach fule here are should I just copy and paste? Thanks again.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 07 April 2012 - 09:59 AM

Run aswmbr in safemode

Post the TDSSkiller log located in C drive

How is your PC now?

#10 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 09 April 2012 - 07:42 PM

I'm going to run aswmbr (safe mode) tonight. PC's getting better. Internet searches and resulting links bring you to the right websites. I did notice that on You Tube videos I have a bright green bar across the top and there are ghost images on the video. Getting there though... Here's the TDSSkiller log:

08:06:06.0456 2744 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
08:06:06.0721 2744 ============================================================
08:06:06.0721 2744 Current date / time: 2012/04/05 08:06:06.0721
08:06:06.0721 2744 SystemInfo:
08:06:06.0721 2744
08:06:06.0721 2744 OS Version: 6.1.7601 ServicePack: 1.0
08:06:06.0721 2744 Product type: Workstation
08:06:06.0721 2744 ComputerName: BASEMENT-HP
08:06:06.0721 2744 UserName: Eric
08:06:06.0721 2744 Windows directory: C:\Windows
08:06:06.0721 2744 System windows directory: C:\Windows
08:06:06.0721 2744 Running under WOW64
08:06:06.0721 2744 Processor architecture: Intel x64
08:06:06.0721 2744 Number of processors: 4
08:06:06.0721 2744 Page size: 0x1000
08:06:06.0721 2744 Boot type: Normal boot
08:06:06.0721 2744 ============================================================
08:06:11.0620 2744 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:06:11.0682 2744 \Device\Harddisk0\DR0:
08:06:11.0682 2744 MBR used
08:06:11.0682 2744 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x55E8CAB7
08:06:11.0682 2744 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x55E8CAF6, BlocksNum 0x16B4BFA
08:06:11.0823 2744 Initialize success
08:06:11.0823 2744 ============================================================
08:06:15.0130 5612 ============================================================
08:06:15.0130 5612 Scan started
08:06:15.0130 5612 Mode: Manual;
08:06:15.0130 5612 ============================================================
08:06:18.0921 5612 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:06:18.0936 5612 1394ohci - ok
08:06:18.0983 5612 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
08:06:18.0983 5612 61883 - ok
08:06:19.0233 5612 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
08:06:19.0279 5612 ACDaemon - ok
08:06:19.0326 5612 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:06:19.0342 5612 ACPI - ok
08:06:19.0389 5612 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:06:19.0389 5612 AcpiPmi - ok
08:06:19.0545 5612 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:06:19.0576 5612 AdobeARMservice - ok
08:06:19.0857 5612 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:06:19.0903 5612 AdobeFlashPlayerUpdateSvc - ok
08:06:20.0075 5612 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:06:20.0091 5612 adp94xx - ok
08:06:20.0137 5612 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:06:20.0137 5612 adpahci - ok
08:06:20.0200 5612 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:06:20.0200 5612 adpu320 - ok
08:06:20.0247 5612 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:06:20.0247 5612 AeLookupSvc - ok
08:06:20.0356 5612 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:06:20.0371 5612 AFD - ok
08:06:20.0418 5612 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:06:20.0418 5612 agp440 - ok
08:06:20.0449 5612 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:06:20.0449 5612 ALG - ok
08:06:20.0496 5612 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:06:20.0496 5612 aliide - ok
08:06:20.0527 5612 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:06:20.0527 5612 amdide - ok
08:06:20.0574 5612 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:06:20.0590 5612 AmdK8 - ok
08:06:20.0621 5612 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:06:20.0621 5612 AmdPPM - ok
08:06:20.0652 5612 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:06:20.0652 5612 amdsata - ok
08:06:20.0683 5612 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:06:20.0683 5612 amdsbs - ok
08:06:20.0699 5612 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:06:20.0715 5612 amdxata - ok
08:06:20.0917 5612 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
08:06:20.0933 5612 Amsp - ok
08:06:21.0198 5612 APC UPS Service (c4d2b444ff83cf348ec6589de5d09386) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
08:06:21.0229 5612 APC UPS Service - ok
08:06:21.0557 5612 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:06:21.0557 5612 AppID - ok
08:06:21.0619 5612 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:06:21.0635 5612 AppIDSvc - ok
08:06:21.0682 5612 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:06:21.0682 5612 Appinfo - ok
08:06:21.0853 5612 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:06:21.0869 5612 Apple Mobile Device - ok
08:06:21.0994 5612 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:06:21.0994 5612 arc - ok
08:06:22.0025 5612 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:06:22.0025 5612 arcsas - ok
08:06:22.0087 5612 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
08:06:22.0103 5612 ArcSoftKsUFilter - ok
08:06:22.0353 5612 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:06:22.0368 5612 aspnet_state - ok
08:06:22.0431 5612 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:06:22.0431 5612 AsyncMac - ok
08:06:22.0462 5612 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:06:22.0462 5612 atapi - ok
08:06:22.0540 5612 atashost (ef515aa701529d43548264b9994a8df3) C:\Windows\SysWOW64\atashost.exe
08:06:22.0571 5612 atashost - ok
08:06:22.0852 5612 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
08:06:22.0977 5612 atikmdag - ok
08:06:23.0086 5612 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:06:23.0117 5612 AudioEndpointBuilder - ok
08:06:23.0148 5612 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:06:23.0164 5612 AudioSrv - ok
08:06:23.0211 5612 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
08:06:23.0211 5612 Avc - ok
08:06:23.0289 5612 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:06:23.0304 5612 AxInstSV - ok
08:06:23.0367 5612 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:06:23.0382 5612 b06bdrv - ok
08:06:23.0429 5612 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:06:23.0445 5612 b57nd60a - ok
08:06:23.0601 5612 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:06:23.0647 5612 BBSvc - ok
08:06:23.0710 5612 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:06:23.0710 5612 BDESVC - ok
08:06:23.0741 5612 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:06:23.0757 5612 Beep - ok
08:06:23.0866 5612 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:06:23.0928 5612 BFE - ok
08:06:24.0115 5612 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:06:24.0147 5612 BITS - ok
08:06:24.0427 5612 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:06:24.0443 5612 blbdrive - ok
08:06:24.0568 5612 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
08:06:24.0599 5612 Bonjour Service - ok
08:06:24.0708 5612 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:06:24.0708 5612 bowser - ok
08:06:24.0771 5612 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:06:24.0771 5612 BrFiltLo - ok
08:06:24.0802 5612 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:06:24.0802 5612 BrFiltUp - ok
08:06:24.0880 5612 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:06:24.0880 5612 Browser - ok
08:06:24.0911 5612 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:06:24.0927 5612 Brserid - ok
08:06:24.0942 5612 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:06:24.0942 5612 BrSerWdm - ok
08:06:24.0973 5612 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:06:24.0973 5612 BrUsbMdm - ok
08:06:24.0989 5612 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:06:25.0005 5612 BrUsbSer - ok
08:06:25.0020 5612 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:06:25.0020 5612 BTHMODEM - ok
08:06:25.0083 5612 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:06:25.0083 5612 bthserv - ok
08:06:25.0114 5612 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:06:25.0129 5612 cdfs - ok
08:06:25.0176 5612 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:06:25.0176 5612 cdrom - ok
08:06:25.0239 5612 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:06:25.0239 5612 CertPropSvc - ok
08:06:25.0270 5612 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:06:25.0285 5612 circlass - ok
08:06:25.0332 5612 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:06:25.0348 5612 CLFS - ok
08:06:25.0488 5612 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:06:25.0488 5612 clr_optimization_v2.0.50727_32 - ok
08:06:25.0551 5612 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:06:25.0551 5612 clr_optimization_v2.0.50727_64 - ok
08:06:25.0675 5612 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:06:25.0675 5612 clr_optimization_v4.0.30319_32 - ok
08:06:25.0785 5612 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:06:25.0785 5612 clr_optimization_v4.0.30319_64 - ok
08:06:25.0909 5612 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:06:25.0909 5612 CmBatt - ok
08:06:25.0941 5612 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:06:25.0941 5612 cmdide - ok
08:06:26.0065 5612 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:06:26.0065 5612 CNG - ok
08:06:26.0128 5612 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:06:26.0128 5612 Compbatt - ok
08:06:26.0175 5612 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:06:26.0175 5612 CompositeBus - ok
08:06:26.0190 5612 COMSysApp - ok
08:06:26.0221 5612 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:06:26.0221 5612 crcdisk - ok
08:06:26.0268 5612 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
08:06:26.0284 5612 CryptSvc - ok
08:06:26.0346 5612 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:06:26.0346 5612 DcomLaunch - ok
08:06:26.0424 5612 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:06:26.0424 5612 defragsvc - ok
08:06:26.0487 5612 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:06:26.0487 5612 DfsC - ok
08:06:26.0580 5612 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:06:26.0596 5612 Dhcp - ok
08:06:26.0611 5612 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:06:26.0627 5612 discache - ok
08:06:26.0658 5612 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:06:26.0658 5612 Disk - ok
08:06:26.0689 5612 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:06:26.0705 5612 Dnscache - ok
08:06:26.0752 5612 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:06:26.0752 5612 dot3svc - ok
08:06:26.0799 5612 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
08:06:26.0799 5612 dot4 - ok
08:06:26.0845 5612 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
08:06:26.0845 5612 Dot4Print - ok
08:06:26.0877 5612 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
08:06:26.0877 5612 dot4usb - ok
08:06:26.0955 5612 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:06:26.0955 5612 DPS - ok
08:06:27.0017 5612 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:06:27.0033 5612 drmkaud - ok
08:06:27.0157 5612 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:06:27.0173 5612 DXGKrnl - ok
08:06:27.0360 5612 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:06:27.0391 5612 EapHost - ok
08:06:27.0641 5612 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:06:27.0735 5612 ebdrv - ok
08:06:27.0781 5612 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:06:27.0797 5612 EFS - ok
08:06:27.0891 5612 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:06:27.0906 5612 ehRecvr - ok
08:06:27.0937 5612 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:06:27.0953 5612 ehSched - ok
08:06:27.0984 5612 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:06:28.0015 5612 elxstor - ok
08:06:28.0031 5612 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:06:28.0047 5612 ErrDev - ok
08:06:28.0093 5612 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:06:28.0125 5612 EventSystem - ok
08:06:28.0156 5612 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:06:28.0218 5612 exfat - ok
08:06:28.0265 5612 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:06:28.0265 5612 fastfat - ok
08:06:28.0359 5612 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:06:28.0390 5612 Fax - ok
08:06:28.0421 5612 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:06:28.0421 5612 fdc - ok
08:06:28.0452 5612 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:06:28.0468 5612 fdPHost - ok
08:06:28.0483 5612 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:06:28.0515 5612 FDResPub - ok
08:06:28.0530 5612 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:06:28.0530 5612 FileInfo - ok
08:06:28.0546 5612 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:06:28.0561 5612 Filetrace - ok
08:06:28.0593 5612 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:06:28.0593 5612 flpydisk - ok
08:06:28.0671 5612 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:06:28.0686 5612 FltMgr - ok
08:06:28.0733 5612 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:06:28.0764 5612 FontCache - ok
08:06:28.0936 5612 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:06:28.0936 5612 FontCache3.0.0.0 - ok
08:06:29.0092 5612 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:06:29.0092 5612 FsDepends - ok
08:06:29.0139 5612 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
08:06:29.0154 5612 fssfltr - ok
08:06:29.0310 5612 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:06:29.0482 5612 fsssvc - ok
08:06:29.0731 5612 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
08:06:29.0731 5612 Fs_Rec - ok
08:06:29.0825 5612 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:06:29.0825 5612 fvevol - ok
08:06:29.0872 5612 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:06:29.0872 5612 gagp30kx - ok
08:06:29.0950 5612 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
08:06:30.0012 5612 GameConsoleService - ok
08:06:30.0106 5612 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
08:06:30.0121 5612 GEARAspiWDM - ok
08:06:30.0199 5612 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:06:30.0262 5612 gpsvc - ok
08:06:30.0355 5612 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:06:30.0387 5612 gupdate - ok
08:06:30.0433 5612 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:06:30.0433 5612 gupdatem - ok
08:06:30.0465 5612 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:06:30.0511 5612 gusvc - ok
08:06:30.0761 5612 HCW85BDA (98405343d7dcd330fe1b08c8f4c3900c) C:\Windows\system32\drivers\HCW85BDA.sys
08:06:30.0823 5612 HCW85BDA - ok
08:06:30.0933 5612 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:06:30.0948 5612 hcw85cir - ok
08:06:31.0026 5612 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:06:31.0026 5612 HdAudAddService - ok
08:06:31.0089 5612 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:06:31.0104 5612 HDAudBus - ok
08:06:31.0135 5612 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:06:31.0135 5612 HidBatt - ok
08:06:31.0167 5612 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:06:31.0167 5612 HidBth - ok
08:06:31.0229 5612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:06:31.0229 5612 HidIr - ok
08:06:31.0276 5612 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:06:31.0291 5612 hidserv - ok
08:06:31.0338 5612 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:06:31.0338 5612 HidUsb - ok
08:06:31.0385 5612 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:06:31.0416 5612 hkmsvc - ok
08:06:31.0463 5612 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:06:31.0494 5612 HomeGroupListener - ok
08:06:31.0557 5612 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:06:31.0588 5612 HomeGroupProvider - ok
08:06:31.0822 5612 HP Health Check Service (cb383ab0b8ba871d893b86d3c9a3ed9f) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
08:06:31.0884 5612 HP Health Check Service - ok
08:06:32.0025 5612 HPBtnSrv (deb82af183f1cd06813d91ed104c645c) c:\hp\HPEZBTN\HPBtnSrv.exe
08:06:32.0071 5612 HPBtnSrv - ok
08:06:32.0212 5612 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:06:32.0227 5612 HpSAMD - ok
08:06:32.0305 5612 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:06:32.0321 5612 HTTP - ok
08:06:32.0383 5612 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:06:32.0383 5612 hwpolicy - ok
08:06:32.0430 5612 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:06:32.0430 5612 i8042prt - ok
08:06:32.0477 5612 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:06:32.0493 5612 iaStorV - ok
08:06:32.0664 5612 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:06:32.0773 5612 IDriverT - ok
08:06:33.0070 5612 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:06:33.0085 5612 idsvc - ok
08:06:33.0163 5612 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:06:33.0179 5612 iirsp - ok
08:06:33.0226 5612 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:06:33.0273 5612 IKEEXT - ok
08:06:33.0366 5612 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
08:06:33.0413 5612 IntcAzAudAddService - ok
08:06:33.0569 5612 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:06:33.0585 5612 intelide - ok
08:06:33.0647 5612 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:06:33.0647 5612 intelppm - ok
08:06:33.0694 5612 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:06:33.0725 5612 IPBusEnum - ok
08:06:33.0803 5612 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:06:33.0803 5612 IpFilterDriver - ok
08:06:33.0850 5612 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:06:33.0897 5612 iphlpsvc - ok
08:06:33.0959 5612 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:06:33.0959 5612 IPMIDRV - ok
08:06:33.0990 5612 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:06:33.0990 5612 IPNAT - ok
08:06:34.0053 5612 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
08:06:34.0099 5612 iPod Service - ok
08:06:34.0131 5612 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:06:34.0177 5612 IRENUM - ok
08:06:34.0193 5612 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:06:34.0209 5612 isapnp - ok
08:06:34.0240 5612 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:06:34.0240 5612 iScsiPrt - ok
08:06:34.0271 5612 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:06:34.0271 5612 kbdclass - ok
08:06:34.0318 5612 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:06:34.0318 5612 kbdhid - ok
08:06:34.0365 5612 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:06:34.0365 5612 KeyIso - ok
08:06:34.0489 5612 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:06:34.0505 5612 KSecDD - ok
08:06:34.0536 5612 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:06:34.0552 5612 KSecPkg - ok
08:06:34.0599 5612 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:06:34.0599 5612 ksthunk - ok
08:06:34.0661 5612 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:06:34.0692 5612 KtmRm - ok
08:06:34.0755 5612 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:06:34.0786 5612 LanmanServer - ok
08:06:34.0848 5612 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:06:34.0864 5612 LanmanWorkstation - ok
08:06:34.0957 5612 libusb0 (acec35f181075b20a5ef4a71958b13df) C:\Windows\system32\drivers\libusb0.sys
08:06:34.0973 5612 libusb0 - ok
08:06:35.0098 5612 LightScribeService (71c6a95a5f0ccc87298c4dd0f2c3635a) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:06:35.0160 5612 LightScribeService - ok
08:06:35.0254 5612 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:06:35.0254 5612 lltdio - ok
08:06:35.0332 5612 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:06:35.0363 5612 lltdsvc - ok
08:06:35.0379 5612 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:06:35.0394 5612 lmhosts - ok
08:06:35.0457 5612 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:06:35.0457 5612 LSI_FC - ok
08:06:35.0488 5612 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:06:35.0503 5612 LSI_SAS - ok
08:06:35.0535 5612 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:06:35.0535 5612 LSI_SAS2 - ok
08:06:35.0550 5612 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:06:35.0566 5612 LSI_SCSI - ok
08:06:35.0581 5612 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:06:35.0581 5612 luafv - ok
08:06:35.0644 5612 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:06:35.0659 5612 Mcx2Svc - ok
08:06:35.0675 5612 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:06:35.0675 5612 megasas - ok
08:06:35.0706 5612 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:06:35.0722 5612 MegaSR - ok
08:06:35.0769 5612 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:06:35.0800 5612 MMCSS - ok
08:06:35.0847 5612 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:06:35.0847 5612 Modem - ok
08:06:35.0893 5612 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:06:35.0893 5612 monitor - ok
08:06:35.0940 5612 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:06:35.0940 5612 mouclass - ok
08:06:35.0971 5612 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:06:35.0971 5612 mouhid - ok
08:06:36.0034 5612 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:06:36.0034 5612 mountmgr - ok
08:06:36.0065 5612 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:06:36.0065 5612 mpio - ok
08:06:36.0096 5612 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:06:36.0096 5612 mpsdrv - ok
08:06:36.0159 5612 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:06:36.0237 5612 MpsSvc - ok
08:06:36.0283 5612 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:06:36.0283 5612 MRxDAV - ok
08:06:36.0315 5612 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:06:36.0330 5612 mrxsmb - ok
08:06:36.0424 5612 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:06:36.0439 5612 mrxsmb10 - ok
08:06:36.0471 5612 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:06:36.0471 5612 mrxsmb20 - ok
08:06:36.0502 5612 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:06:36.0517 5612 msahci - ok
08:06:36.0549 5612 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:06:36.0549 5612 msdsm - ok
08:06:36.0595 5612 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:06:36.0627 5612 MSDTC - ok
08:06:36.0689 5612 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
08:06:36.0689 5612 MSDV - ok
08:06:36.0736 5612 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:06:36.0736 5612 Msfs - ok
08:06:36.0798 5612 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:06:36.0798 5612 mshidkmdf - ok
08:06:36.0829 5612 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:06:36.0829 5612 msisadrv - ok
08:06:36.0892 5612 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:06:36.0907 5612 MSiSCSI - ok
08:06:36.0923 5612 msiserver - ok
08:06:36.0970 5612 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:06:36.0970 5612 MSKSSRV - ok
08:06:37.0001 5612 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:06:37.0001 5612 MSPCLOCK - ok
08:06:37.0017 5612 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:06:37.0017 5612 MSPQM - ok
08:06:37.0063 5612 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:06:37.0063 5612 MsRPC - ok
08:06:37.0095 5612 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:06:37.0095 5612 mssmbios - ok
08:06:37.0126 5612 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:06:37.0126 5612 MSTEE - ok
08:06:37.0157 5612 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:06:37.0157 5612 MTConfig - ok
08:06:37.0188 5612 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:06:37.0188 5612 Mup - ok
08:06:37.0251 5612 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:06:37.0282 5612 napagent - ok
08:06:37.0344 5612 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:06:37.0360 5612 NativeWifiP - ok
08:06:37.0500 5612 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:06:37.0531 5612 NDIS - ok
08:06:37.0578 5612 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:06:37.0594 5612 NdisCap - ok
08:06:37.0625 5612 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:06:37.0625 5612 NdisTapi - ok
08:06:37.0687 5612 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:06:37.0687 5612 Ndisuio - ok
08:06:37.0734 5612 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:06:37.0750 5612 NdisWan - ok
08:06:37.0781 5612 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:06:37.0797 5612 NDProxy - ok
08:06:37.0812 5612 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:06:37.0828 5612 NetBIOS - ok
08:06:37.0906 5612 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:06:37.0906 5612 NetBT - ok
08:06:37.0953 5612 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:06:37.0953 5612 Netlogon - ok
08:06:38.0046 5612 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:06:38.0062 5612 Netman - ok
08:06:38.0202 5612 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:06:38.0218 5612 NetMsmqActivator - ok
08:06:38.0249 5612 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:06:38.0249 5612 NetPipeActivator - ok
08:06:38.0280 5612 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:06:38.0280 5612 netprofm - ok
08:06:38.0358 5612 netr28x (44d4bd55191624c82a2745296ba42814) C:\Windows\system32\DRIVERS\netr28x.sys
08:06:38.0389 5612 netr28x - ok
08:06:38.0421 5612 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:06:38.0421 5612 NetTcpActivator - ok
08:06:38.0436 5612 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:06:38.0436 5612 NetTcpPortSharing - ok
08:06:38.0483 5612 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:06:38.0483 5612 nfrd960 - ok
08:06:38.0561 5612 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:06:38.0592 5612 NlaSvc - ok
08:06:38.0623 5612 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:06:38.0623 5612 Npfs - ok
08:06:38.0670 5612 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:06:38.0717 5612 nsi - ok
08:06:38.0748 5612 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:06:38.0748 5612 nsiproxy - ok
08:06:38.0826 5612 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:06:38.0873 5612 Ntfs - ok
08:06:38.0889 5612 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:06:38.0904 5612 Null - ok
08:06:38.0982 5612 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
08:06:38.0998 5612 NVENETFD - ok
08:06:39.0622 5612 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:06:39.0747 5612 nvlddmkm - ok
08:06:39.0934 5612 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
08:06:39.0949 5612 NVNET - ok
08:06:39.0996 5612 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:06:39.0996 5612 nvraid - ok
08:06:40.0027 5612 nvrd64 (78b96ec0352c6bb4788ebc200a2cadbf) C:\Windows\system32\DRIVERS\nvrd64.sys
08:06:40.0043 5612 nvrd64 - ok
08:06:40.0074 5612 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
08:06:40.0074 5612 nvsmu - ok
08:06:40.0121 5612 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:06:40.0121 5612 nvstor - ok
08:06:40.0246 5612 nvstor64 (4d9aba962d7ece81866f96d5f69fb2b8) C:\Windows\system32\DRIVERS\nvstor64.sys
08:06:40.0246 5612 nvstor64 - ok
08:06:40.0308 5612 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
08:06:40.0355 5612 nvsvc - ok
08:06:40.0495 5612 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
08:06:40.0558 5612 nvUpdatusService - ok
08:06:40.0761 5612 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:06:40.0776 5612 nv_agp - ok
08:06:41.0026 5612 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:06:41.0104 5612 odserv - ok
08:06:41.0291 5612 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:06:41.0291 5612 ohci1394 - ok
08:06:41.0431 5612 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:06:41.0463 5612 ose - ok
08:06:41.0541 5612 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:06:41.0572 5612 p2pimsvc - ok
08:06:41.0650 5612 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:06:41.0697 5612 p2psvc - ok
08:06:41.0759 5612 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:06:41.0775 5612 Parport - ok
08:06:41.0821 5612 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
08:06:41.0821 5612 partmgr - ok
08:06:41.0837 5612 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:06:41.0868 5612 PcaSvc - ok
08:06:41.0899 5612 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:06:41.0899 5612 pci - ok
08:06:41.0931 5612 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:06:41.0931 5612 pciide - ok
08:06:41.0962 5612 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:06:41.0977 5612 pcmcia - ok
08:06:41.0993 5612 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:06:41.0993 5612 pcw - ok
08:06:42.0024 5612 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:06:42.0040 5612 PEAUTH - ok
08:06:42.0118 5612 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:06:42.0165 5612 PerfHost - ok
08:06:42.0289 5612 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:06:42.0352 5612 pla - ok
08:06:42.0414 5612 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:06:42.0430 5612 PlugPlay - ok
08:06:42.0477 5612 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:06:42.0508 5612 PNRPAutoReg - ok
08:06:42.0539 5612 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:06:42.0539 5612 PNRPsvc - ok
08:06:42.0633 5612 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:06:42.0679 5612 PolicyAgent - ok
08:06:42.0742 5612 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:06:42.0757 5612 Power - ok
08:06:42.0851 5612 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:06:42.0851 5612 PptpMiniport - ok
08:06:42.0913 5612 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:06:42.0913 5612 Processor - ok
08:06:42.0976 5612 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
08:06:43.0023 5612 ProfSvc - ok
08:06:43.0069 5612 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:06:43.0069 5612 ProtectedStorage - ok
08:06:43.0101 5612 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
08:06:43.0116 5612 Ps2 - ok
08:06:43.0179 5612 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:06:43.0179 5612 Psched - ok
08:06:43.0381 5612 QBCFMonitorService (0f1f42c39ab2b16db957a7a1756feffb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:06:43.0444 5612 QBCFMonitorService - ok
08:06:43.0491 5612 QBFCService (92aa40e2b692e8637d45fb2d01137d17) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:06:43.0537 5612 QBFCService - ok
08:06:43.0834 5612 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:06:43.0896 5612 ql2300 - ok
08:06:43.0974 5612 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:06:43.0974 5612 ql40xx - ok
08:06:44.0021 5612 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:06:44.0052 5612 QWAVE - ok
08:06:44.0068 5612 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:06:44.0068 5612 QWAVEdrv - ok
08:06:44.0099 5612 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:06:44.0099 5612 RasAcd - ok
08:06:44.0208 5612 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:06:44.0208 5612 RasAgileVpn - ok
08:06:44.0224 5612 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:06:44.0255 5612 RasAuto - ok
08:06:44.0302 5612 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:06:44.0302 5612 Rasl2tp - ok
08:06:44.0349 5612 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:06:44.0380 5612 RasMan - ok
08:06:44.0411 5612 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:06:44.0411 5612 RasPppoe - ok
08:06:44.0442 5612 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:06:44.0442 5612 RasSstp - ok
08:06:44.0505 5612 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:06:44.0520 5612 rdbss - ok
08:06:44.0536 5612 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:06:44.0551 5612 rdpbus - ok
08:06:44.0567 5612 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:06:44.0567 5612 RDPCDD - ok
08:06:44.0614 5612 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:06:44.0614 5612 RDPENCDD - ok
08:06:44.0645 5612 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:06:44.0645 5612 RDPREFMP - ok
08:06:44.0692 5612 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
08:06:44.0692 5612 RDPWD - ok
08:06:44.0739 5612 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:06:44.0754 5612 rdyboost - ok
08:06:44.0801 5612 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:06:44.0817 5612 RemoteAccess - ok
08:06:44.0879 5612 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:06:44.0895 5612 RemoteRegistry - ok
08:06:44.0941 5612 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:06:44.0957 5612 RpcEptMapper - ok
08:06:45.0019 5612 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:06:45.0035 5612 RpcLocator - ok
08:06:45.0082 5612 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:06:45.0097 5612 RpcSs - ok
08:06:45.0144 5612 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:06:45.0144 5612 rspndr - ok
08:06:45.0191 5612 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:06:45.0191 5612 SamSs - ok
08:06:45.0316 5612 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:06:45.0331 5612 sbp2port - ok
08:06:45.0363 5612 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:06:45.0394 5612 SCardSvr - ok
08:06:45.0441 5612 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:06:45.0441 5612 scfilter - ok
08:06:45.0519 5612 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:06:45.0550 5612 Schedule - ok
08:06:45.0690 5612 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:06:45.0690 5612 SCPolicySvc - ok
08:06:45.0831 5612 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:06:45.0846 5612 SDRSVC - ok
08:06:46.0018 5612 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:06:46.0065 5612 SeaPort - ok
08:06:46.0267 5612 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:06:46.0267 5612 secdrv - ok
08:06:46.0314 5612 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:06:46.0330 5612 seclogon - ok
08:06:46.0392 5612 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:06:46.0408 5612 SENS - ok
08:06:46.0439 5612 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:06:46.0455 5612 SensrSvc - ok
08:06:46.0486 5612 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:06:46.0501 5612 Serenum - ok
08:06:46.0533 5612 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:06:46.0533 5612 Serial - ok
08:06:46.0564 5612 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:06:46.0564 5612 sermouse - ok
08:06:46.0626 5612 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:06:46.0642 5612 SessionEnv - ok
08:06:46.0673 5612 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:06:46.0673 5612 sffdisk - ok
08:06:46.0704 5612 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:06:46.0720 5612 sffp_mmc - ok
08:06:46.0751 5612 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:06:46.0751 5612 sffp_sd - ok
08:06:46.0767 5612 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:06:46.0767 5612 sfloppy - ok
08:06:46.0829 5612 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:06:46.0860 5612 SharedAccess - ok
08:06:46.0907 5612 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:06:46.0938 5612 ShellHWDetection - ok
08:06:46.0954 5612 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:06:46.0969 5612 SiSRaid2 - ok
08:06:46.0985 5612 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:06:47.0001 5612 SiSRaid4 - ok
08:06:47.0016 5612 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:06:47.0016 5612 Smb - ok
08:06:47.0094 5612 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:06:47.0110 5612 SNMPTRAP - ok
08:06:47.0141 5612 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:06:47.0141 5612 spldr - ok
08:06:47.0219 5612 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:06:47.0250 5612 Spooler - ok
08:06:47.0484 5612 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:06:47.0515 5612 sppsvc - ok
08:06:47.0578 5612 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:06:47.0593 5612 sppuinotify - ok
08:06:47.0640 5612 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:06:47.0640 5612 srv - ok
08:06:47.0687 5612 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:06:47.0703 5612 srv2 - ok
08:06:47.0734 5612 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:06:47.0734 5612 srvnet - ok
08:06:47.0781 5612 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:06:47.0812 5612 SSDPSRV - ok
08:06:47.0874 5612 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:06:47.0905 5612 SstpSvc - ok
08:06:47.0952 5612 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:06:47.0952 5612 stexstor - ok
08:06:48.0061 5612 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:06:48.0108 5612 stisvc - ok
08:06:48.0139 5612 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:06:48.0139 5612 swenum - ok
08:06:48.0171 5612 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:06:48.0217 5612 swprv - ok
08:06:48.0436 5612 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:06:48.0483 5612 SysMain - ok
08:06:48.0841 5612 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:06:48.0873 5612 TabletInputService - ok
08:06:49.0044 5612 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:06:49.0060 5612 TapiSrv - ok
08:06:49.0122 5612 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:06:49.0138 5612 TBS - ok
08:06:49.0247 5612 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
08:06:49.0294 5612 Tcpip - ok
08:06:49.0356 5612 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
08:06:49.0372 5612 TCPIP6 - ok
08:06:49.0434 5612 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:06:49.0434 5612 tcpipreg - ok
08:06:49.0481 5612 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:06:49.0497 5612 TDPIPE - ok
08:06:49.0528 5612 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:06:49.0528 5612 TDTCP - ok
08:06:49.0590 5612 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:06:49.0590 5612 tdx - ok
08:06:49.0621 5612 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:06:49.0621 5612 TermDD - ok
08:06:49.0731 5612 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:06:49.0809 5612 TermService - ok
08:06:49.0840 5612 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:06:49.0855 5612 Themes - ok
08:06:49.0887 5612 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:06:49.0902 5612 THREADORDER - ok
08:06:49.0949 5612 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
08:06:49.0949 5612 tmactmon - ok
08:06:50.0011 5612 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
08:06:50.0011 5612 tmcomm - ok
08:06:50.0074 5612 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
08:06:50.0074 5612 tmevtmgr - ok
08:06:50.0105 5612 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
08:06:50.0105 5612 tmtdi - ok
08:06:50.0152 5612 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:06:50.0214 5612 TrkWks - ok
08:06:50.0323 5612 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:06:50.0323 5612 TrustedInstaller - ok
08:06:50.0448 5612 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:06:50.0448 5612 tssecsrv - ok
08:06:50.0526 5612 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:06:50.0526 5612 TsUsbFlt - ok
08:06:50.0573 5612 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:06:50.0573 5612 tunnel - ok
08:06:50.0651 5612 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:06:50.0651 5612 uagp35 - ok
08:06:50.0791 5612 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
08:06:50.0838 5612 uCamMonitor - ok
08:06:50.0947 5612 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:06:50.0963 5612 udfs - ok
08:06:51.0010 5612 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:06:51.0025 5612 UI0Detect - ok
08:06:51.0057 5612 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:06:51.0072 5612 uliagpkx - ok
08:06:51.0103 5612 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:06:51.0103 5612 umbus - ok
08:06:51.0166 5612 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:06:51.0166 5612 UmPass - ok
08:06:51.0213 5612 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:06:51.0259 5612 upnphost - ok
08:06:51.0322 5612 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
08:06:51.0337 5612 USBAAPL64 - ok
08:06:51.0400 5612 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
08:06:51.0400 5612 usbaudio - ok
08:06:51.0431 5612 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:06:51.0431 5612 usbccgp - ok
08:06:51.0478 5612 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:06:51.0493 5612 usbcir - ok
08:06:51.0509 5612 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:06:51.0525 5612 usbehci - ok
08:06:51.0540 5612 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:06:51.0556 5612 usbhub - ok
08:06:51.0571 5612 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
08:06:51.0571 5612 usbohci - ok
08:06:51.0618 5612 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:06:51.0618 5612 usbprint - ok
08:06:51.0681 5612 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:06:51.0681 5612 usbscan - ok
08:06:51.0712 5612 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:06:51.0712 5612 USBSTOR - ok
08:06:51.0743 5612 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:06:51.0743 5612 usbuhci - ok
08:06:51.0790 5612 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
08:06:51.0790 5612 usbvideo - ok
08:06:51.0852 5612 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:06:51.0868 5612 UxSms - ok
08:06:51.0915 5612 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:06:51.0915 5612 VaultSvc - ok
08:06:51.0930 5612 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:06:51.0930 5612 vdrvroot - ok
08:06:52.0008 5612 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:06:52.0071 5612 vds - ok
08:06:52.0117 5612 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:06:52.0133 5612 vga - ok
08:06:52.0211 5612 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:06:52.0211 5612 VgaSave - ok
08:06:52.0273 5612 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:06:52.0273 5612 vhdmp - ok
08:06:52.0320 5612 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:06:52.0320 5612 viaide - ok
08:06:52.0351 5612 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:06:52.0351 5612 volmgr - ok
08:06:52.0414 5612 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:06:52.0414 5612 volmgrx - ok
08:06:52.0476 5612 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:06:52.0492 5612 volsnap - ok
08:06:52.0523 5612 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:06:52.0523 5612 vsmraid - ok
08:06:52.0679 5612 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:06:52.0757 5612 VSS - ok
08:06:52.0773 5612 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:06:52.0788 5612 vwifibus - ok
08:06:52.0819 5612 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:06:52.0835 5612 vwififlt - ok
08:06:52.0882 5612 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:06:52.0929 5612 W32Time - ok
08:06:52.0960 5612 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:06:52.0975 5612 WacomPen - ok
08:06:53.0022 5612 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:06:53.0038 5612 WANARP - ok
08:06:53.0038 5612 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:06:53.0038 5612 Wanarpv6 - ok
08:06:53.0147 5612 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:06:53.0209 5612 WatAdminSvc - ok
08:06:53.0350 5612 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:06:53.0412 5612 wbengine - ok
08:06:53.0475 5612 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:06:53.0506 5612 WbioSrvc - ok
08:06:53.0631 5612 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:06:53.0662 5612 wcncsvc - ok
08:06:53.0693 5612 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:06:53.0709 5612 WcsPlugInService - ok
08:06:53.0787 5612 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:06:53.0787 5612 Wd - ok
08:06:53.0833 5612 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
08:06:53.0833 5612 WDC_SAM - ok
08:06:53.0880 5612 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:06:53.0896 5612 Wdf01000 - ok
08:06:53.0927 5612 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:06:53.0943 5612 WdiServiceHost - ok
08:06:53.0958 5612 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:06:53.0958 5612 WdiSystemHost - ok
08:06:54.0005 5612 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:06:54.0052 5612 WebClient - ok
08:06:54.0067 5612 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:06:54.0114 5612 Wecsvc - ok
08:06:54.0130 5612 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:06:54.0145 5612 wercplsupport - ok
08:06:54.0208 5612 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:06:54.0223 5612 WerSvc - ok
08:06:54.0411 5612 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:06:54.0426 5612 WfpLwf - ok
08:06:54.0442 5612 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:06:54.0457 5612 WIMMount - ok
08:06:54.0504 5612 WinDefend - ok
08:06:54.0520 5612 WinHttpAutoProxySvc - ok
08:06:54.0613 5612 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:06:54.0645 5612 Winmgmt - ok
08:06:54.0894 5612 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:06:54.0988 5612 WinRM - ok
08:06:55.0300 5612 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:06:55.0300 5612 WinUsb - ok
08:06:55.0471 5612 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:06:55.0549 5612 Wlansvc - ok
08:06:55.0690 5612 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:06:55.0752 5612 wlcrasvc - ok
08:06:56.0127 5612 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:06:56.0173 5612 wlidsvc - ok
08:06:56.0283 5612 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:06:56.0283 5612 WmiAcpi - ok
08:06:56.0439 5612 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:06:56.0517 5612 wmiApSrv - ok
08:06:56.0579 5612 WMPNetworkSvc - ok
08:06:56.0782 5612 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:06:56.0813 5612 WPCSvc - ok
08:06:56.0860 5612 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:06:56.0891 5612 WPDBusEnum - ok
08:06:56.0953 5612 WPFFontCache_v0400 - ok
08:06:57.0031 5612 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:06:57.0031 5612 ws2ifsl - ok
08:06:57.0063 5612 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
08:06:57.0078 5612 wscsvc - ok
08:06:57.0141 5612 WSearch - ok
08:06:57.0593 5612 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
08:06:57.0655 5612 wuauserv - ok
08:06:57.0921 5612 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:06:57.0921 5612 WudfPf - ok
08:06:58.0030 5612 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:06:58.0030 5612 WUDFRd - ok
08:06:58.0092 5612 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:06:58.0108 5612 wudfsvc - ok
08:06:58.0186 5612 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:06:58.0233 5612 WwanSvc - ok
08:06:58.0279 5612 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:06:58.0326 5612 \Device\Harddisk0\DR0 - ok
08:06:58.0326 5612 Boot (0x1200) (a45cfb8b6dca343e531614c7c4d7da8e) \Device\Harddisk0\DR0\Partition0
08:06:58.0326 5612 \Device\Harddisk0\DR0\Partition0 - ok
08:06:58.0342 5612 Boot (0x1200) (2d94a7065ed79791b5e2d8bafbd46c5a) \Device\Harddisk0\DR0\Partition1
08:06:58.0342 5612 \Device\Harddisk0\DR0\Partition1 - ok
08:06:58.0342 5612 ============================================================
08:06:58.0342 5612 Scan finished
08:06:58.0342 5612 ============================================================
08:06:58.0373 4148 Detected object count: 0
08:06:58.0373 4148 Actual detected object count: 0
08:07:31.0617 5580 Deinitialize success

#11 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 09 April 2012 - 08:40 PM

Ran aswMbr. Here's the log text:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-05 08:20:16
-----------------------------
08:20:16.880 OS Version: Windows x64 6.1.7601 Service Pack 1
08:20:16.880 Number of processors: 4 586 0x203
08:20:16.880 ComputerName: BASEMENT-HP UserName: Eric
08:20:19.594 Initialize success
08:20:31.466 AVAST engine defs: 12040500
08:20:38.736 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
08:20:38.736 Disk 0 Vendor: ST375063 HP21 Size: 715404MB BusType: 8
08:20:38.751 Disk 0 MBR read successfully
08:20:38.751 Disk 0 MBR scan
08:20:38.767 Disk 0 Windows 7 default MBR code
08:20:38.767 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 703769 MB offset 63
08:20:38.798 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11625 MB offset 1441319670
08:20:38.907 Disk 0 scanning C:\Windows\system32\drivers
08:21:00.685 Service scanning
08:21:44.911 Modules scanning
08:21:44.911 Disk 0 trace - called modules:
08:21:44.958 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
08:21:44.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005b7d060]
08:21:44.973 3 CLASSPNP.SYS[fffff8800109743f] -> nt!IofCallDriver -> [0xfffffa80050007a0]
08:21:44.973 5 ACPI.sys[fffff88000e727a1] -> nt!IofCallDriver -> \Device\00000061[0xfffffa8005000060]
08:22:19.421 AVAST engine scan C:\Windows
08:22:23.711 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
08:22:23.726 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-09 20:43:49
-----------------------------
20:43:49.450 OS Version: Windows x64 6.1.7601 Service Pack 1
20:43:49.450 Number of processors: 4 586 0x203
20:43:49.450 ComputerName: BASEMENT-HP UserName: Eric
20:43:55.394 Initialize success
20:44:55.044 AVAST engine defs: 12040901
20:45:07.992 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
20:45:07.992 Disk 0 Vendor: ST375063 HP21 Size: 715404MB BusType: 8
20:45:08.008 Disk 0 MBR read successfully
20:45:08.008 Disk 0 MBR scan
20:45:08.023 Disk 0 Windows 7 default MBR code
20:45:08.023 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 703769 MB offset 63
20:45:08.055 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11625 MB offset 1441319670
20:45:08.133 Disk 0 scanning C:\Windows\system32\drivers
20:45:29.551 Service scanning
20:45:58.926 Modules scanning
20:45:58.926 Disk 0 trace - called modules:
20:45:58.957 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
20:45:58.957 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005b98060]
20:45:59.472 3 CLASSPNP.SYS[fffff88000dc443f] -> nt!IofCallDriver -> [0xfffffa8004eb1e40]
20:45:59.472 5 ACPI.sys[fffff88000f3e7a1] -> nt!IofCallDriver -> \Device\00000061[0xfffffa8005000790]
20:46:02.951 AVAST engine scan C:\Windows
20:46:08.926 AVAST engine scan C:\Windows\system32
20:50:44.422 AVAST engine scan C:\Windows\system32\drivers
20:51:03.485 AVAST engine scan C:\Users\Eric
21:05:52.234 AVAST engine scan C:\ProgramData
21:13:13.901 Scan finished successfully
21:26:48.566 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
21:26:48.582 The log file has been saved successfully to "C:\aswMBR.txt"

And I still have the video issue...

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 11 April 2012 - 04:30 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#13 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 11 April 2012 - 06:09 AM

Ok, I'll do that tonight...thanks!!!

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:01 AM

Posted 11 April 2012 - 06:29 AM

:thumbup2:

#15 Eric Seigneuray

Eric Seigneuray
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 11 April 2012 - 08:09 PM

Malware bytes log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.11.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Eric :: BASEMENT-HP [administrator]

4/11/2012 5:39:05 PM
mbam-log-2012-04-11 (17-39-05).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 595209
Time elapsed: 3 hour(s), 19 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users