Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Phantom ads playing in background


  • This topic is locked This topic is locked
5 replies to this topic

#1 moviebuff2

moviebuff2

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 18 June 2012 - 05:50 PM

Hello all,

I have quite a few things wrong with my work computer but I will start off with the most annoying. Recently, ads just started playing over my speakers. Nothing is shown on the screen. I've Ctrl-Alt-Delete to see if any program was running in the background to no avail. I've run Malwarebytes and it's detected nothing. Any help would be much appreciated. Thanks :)

I have Windows 7 Home Premium

Edited by moviebuff2, 18 June 2012 - 05:52 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:06 AM

Posted 18 June 2012 - 09:24 PM

Hello and welcome.. Lets see what these say.


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>>

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

>>>>


Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 moviebuff2

moviebuff2
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 18 June 2012 - 11:18 PM

Thanks for the quick reply.

Here you go.

21:57:44.0444 4044 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
21:57:45.0014 4044 ============================================================
21:57:45.0014 4044 Current date / time: 2012/06/18 21:57:45.0014
21:57:45.0014 4044 SystemInfo:
21:57:45.0014 4044
21:57:45.0014 4044 OS Version: 6.1.7601 ServicePack: 1.0
21:57:45.0014 4044 Product type: Workstation
21:57:45.0014 4044 ComputerName: MARQUISCINEMA
21:57:45.0014 4044 UserName: marquis cinema
21:57:45.0014 4044 Windows directory: C:\Windows
21:57:45.0014 4044 System windows directory: C:\Windows
21:57:45.0014 4044 Running under WOW64
21:57:45.0014 4044 Processor architecture: Intel x64
21:57:45.0014 4044 Number of processors: 1
21:57:45.0014 4044 Page size: 0x1000
21:57:45.0014 4044 Boot type: Normal boot
21:57:45.0014 4044 ============================================================
21:57:45.0974 4044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:46.0012 4044 ============================================================
21:57:46.0012 4044 \Device\Harddisk0\DR0:
21:57:46.0012 4044 MBR partitions:
21:57:46.0012 4044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:57:46.0012 4044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
21:57:46.0012 4044 ============================================================
21:57:46.0039 4044 C: <-> \Device\Harddisk0\DR0\Partition1
21:57:46.0039 4044 ============================================================
21:57:46.0039 4044 Initialize success
21:57:46.0039 4044 ============================================================
21:58:00.0292 2676 ============================================================
21:58:00.0292 2676 Scan started
21:58:00.0292 2676 Mode: Manual; TDLFS;
21:58:00.0292 2676 ============================================================
21:58:02.0007 2676 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:58:02.0011 2676 1394ohci - ok
21:58:02.0093 2676 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:58:02.0097 2676 ACPI - ok
21:58:02.0128 2676 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:58:02.0129 2676 AcpiPmi - ok
21:58:02.0246 2676 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:58:02.0248 2676 AdobeARMservice - ok
21:58:02.0379 2676 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:58:02.0383 2676 AdobeFlashPlayerUpdateSvc - ok
21:58:02.0445 2676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:58:02.0453 2676 adp94xx - ok
21:58:02.0497 2676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:58:02.0503 2676 adpahci - ok
21:58:02.0527 2676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:58:02.0530 2676 adpu320 - ok
21:58:02.0574 2676 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:58:02.0576 2676 AeLookupSvc - ok
21:58:02.0644 2676 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:58:02.0651 2676 AFD - ok
21:58:02.0690 2676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:58:02.0693 2676 agp440 - ok
21:58:02.0721 2676 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:58:02.0723 2676 ALG - ok
21:58:02.0765 2676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:58:02.0769 2676 aliide - ok
21:58:02.0794 2676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:58:02.0796 2676 amdide - ok
21:58:02.0829 2676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:58:02.0831 2676 AmdK8 - ok
21:58:02.0861 2676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:58:02.0863 2676 AmdPPM - ok
21:58:02.0906 2676 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:58:02.0909 2676 amdsata - ok
21:58:02.0943 2676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:58:02.0946 2676 amdsbs - ok
21:58:02.0974 2676 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:58:02.0974 2676 amdxata - ok
21:58:03.0023 2676 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:58:03.0025 2676 AppID - ok
21:58:03.0067 2676 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:58:03.0068 2676 AppIDSvc - ok
21:58:03.0119 2676 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:58:03.0121 2676 Appinfo - ok
21:58:03.0159 2676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:58:03.0161 2676 arc - ok
21:58:03.0190 2676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:58:03.0192 2676 arcsas - ok
21:58:03.0221 2676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:58:03.0223 2676 AsyncMac - ok
21:58:03.0269 2676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:58:03.0271 2676 atapi - ok
21:58:03.0367 2676 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:58:03.0386 2676 AudioEndpointBuilder - ok
21:58:03.0407 2676 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:58:03.0411 2676 AudioSrv - ok
21:58:03.0458 2676 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:58:03.0461 2676 AxInstSV - ok
21:58:03.0516 2676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:58:03.0524 2676 b06bdrv - ok
21:58:03.0568 2676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:58:03.0573 2676 b57nd60a - ok
21:58:03.0613 2676 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:58:03.0615 2676 BDESVC - ok
21:58:03.0645 2676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:58:03.0647 2676 Beep - ok
21:58:03.0714 2676 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:58:03.0725 2676 BITS - ok
21:58:03.0760 2676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:58:03.0762 2676 blbdrive - ok
21:58:03.0805 2676 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:58:03.0807 2676 bowser - ok
21:58:03.0830 2676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:58:03.0832 2676 BrFiltLo - ok
21:58:03.0859 2676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:58:03.0860 2676 BrFiltUp - ok
21:58:03.0948 2676 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:58:03.0973 2676 Browser - ok
21:58:04.0035 2676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:58:04.0039 2676 Brserid - ok
21:58:04.0073 2676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:58:04.0074 2676 BrSerWdm - ok
21:58:04.0092 2676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:58:04.0093 2676 BrUsbMdm - ok
21:58:04.0122 2676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:58:04.0124 2676 BrUsbSer - ok
21:58:04.0149 2676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:58:04.0154 2676 BTHMODEM - ok
21:58:04.0205 2676 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:58:04.0207 2676 bthserv - ok
21:58:04.0270 2676 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
21:58:04.0272 2676 BVRPMPR5a64 - ok
21:58:04.0318 2676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:58:04.0322 2676 cdfs - ok
21:58:04.0370 2676 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:58:04.0373 2676 cdrom - ok
21:58:04.0443 2676 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:58:04.0445 2676 CertPropSvc - ok
21:58:04.0469 2676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:58:04.0473 2676 circlass - ok
21:58:04.0514 2676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:58:04.0519 2676 CLFS - ok
21:58:04.0581 2676 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:58:04.0586 2676 clr_optimization_v2.0.50727_32 - ok
21:58:04.0623 2676 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:58:04.0627 2676 clr_optimization_v2.0.50727_64 - ok
21:58:04.0677 2676 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:58:04.0683 2676 clr_optimization_v4.0.30319_32 - ok
21:58:04.0715 2676 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:58:04.0722 2676 clr_optimization_v4.0.30319_64 - ok
21:58:04.0759 2676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:58:04.0761 2676 CmBatt - ok
21:58:04.0798 2676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:58:04.0799 2676 cmdide - ok
21:58:04.0854 2676 cmyucznp (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\cmyucznp.sys
21:58:04.0855 2676 cmyucznp - ok
21:58:04.0919 2676 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:58:04.0925 2676 CNG - ok
21:58:04.0943 2676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:58:04.0945 2676 Compbatt - ok
21:58:04.0995 2676 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:58:04.0996 2676 CompositeBus - ok
21:58:05.0015 2676 COMSysApp - ok
21:58:05.0043 2676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:58:05.0044 2676 crcdisk - ok
21:58:05.0108 2676 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:58:05.0111 2676 CryptSvc - ok
21:58:05.0156 2676 dbudhfae (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\dbudhfae.sys
21:58:05.0157 2676 dbudhfae - ok
21:58:05.0222 2676 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:58:05.0230 2676 DcomLaunch - ok
21:58:05.0278 2676 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:58:05.0283 2676 defragsvc - ok
21:58:05.0327 2676 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:58:05.0328 2676 DfsC - ok
21:58:05.0366 2676 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:58:05.0370 2676 Dhcp - ok
21:58:05.0406 2676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:58:05.0407 2676 discache - ok
21:58:05.0445 2676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:58:05.0447 2676 Disk - ok
21:58:05.0491 2676 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:58:05.0494 2676 Dnscache - ok
21:58:05.0543 2676 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:58:05.0547 2676 dot3svc - ok
21:58:05.0574 2676 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:58:05.0577 2676 DPS - ok
21:58:05.0615 2676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:58:05.0619 2676 drmkaud - ok
21:58:05.0689 2676 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:58:05.0696 2676 DXGKrnl - ok
21:58:05.0732 2676 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:58:05.0738 2676 EapHost - ok
21:58:05.0870 2676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:58:05.0923 2676 ebdrv - ok
21:58:06.0023 2676 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:58:06.0025 2676 EFS - ok
21:58:06.0105 2676 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:58:06.0114 2676 ehRecvr - ok
21:58:06.0146 2676 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:58:06.0148 2676 ehSched - ok
21:58:06.0225 2676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:58:06.0232 2676 elxstor - ok
21:58:06.0287 2676 emvfodgi (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\emvfodgi.sys
21:58:06.0289 2676 emvfodgi - ok
21:58:06.0330 2676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:58:06.0331 2676 ErrDev - ok
21:58:06.0394 2676 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:58:06.0399 2676 EventSystem - ok
21:58:06.0433 2676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:58:06.0436 2676 exfat - ok
21:58:06.0475 2676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:58:06.0478 2676 fastfat - ok
21:58:06.0558 2676 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:58:06.0567 2676 Fax - ok
21:58:06.0597 2676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:58:06.0599 2676 fdc - ok
21:58:06.0632 2676 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:58:06.0636 2676 fdPHost - ok
21:58:06.0661 2676 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:58:06.0663 2676 FDResPub - ok
21:58:06.0693 2676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:58:06.0694 2676 FileInfo - ok
21:58:06.0720 2676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:58:06.0723 2676 Filetrace - ok
21:58:06.0746 2676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:58:06.0748 2676 flpydisk - ok
21:58:06.0820 2676 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:58:06.0824 2676 FltMgr - ok
21:58:06.0898 2676 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:58:06.0920 2676 FontCache - ok
21:58:06.0988 2676 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:58:06.0991 2676 FontCache3.0.0.0 - ok
21:58:07.0047 2676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:58:07.0048 2676 FsDepends - ok
21:58:07.0104 2676 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
21:58:07.0106 2676 fssfltr - ok
21:58:07.0248 2676 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:58:07.0280 2676 fsssvc - ok
21:58:07.0370 2676 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:58:07.0372 2676 Fs_Rec - ok
21:58:07.0440 2676 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:58:07.0443 2676 fvevol - ok
21:58:07.0479 2676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:58:07.0481 2676 gagp30kx - ok
21:58:07.0580 2676 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
21:58:07.0586 2676 GameConsoleService - ok
21:58:07.0646 2676 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:58:07.0655 2676 gpsvc - ok
21:58:07.0753 2676 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
21:58:07.0775 2676 Greg_Service - ok
21:58:07.0870 2676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:58:07.0873 2676 hcw85cir - ok
21:58:07.0930 2676 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:58:07.0935 2676 HdAudAddService - ok
21:58:07.0990 2676 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:58:07.0992 2676 HDAudBus - ok
21:58:08.0015 2676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:58:08.0020 2676 HidBatt - ok
21:58:08.0062 2676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:58:08.0066 2676 HidBth - ok
21:58:08.0081 2676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:58:08.0085 2676 HidIr - ok
21:58:08.0121 2676 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:58:08.0123 2676 hidserv - ok
21:58:08.0156 2676 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:58:08.0157 2676 HidUsb - ok
21:58:08.0202 2676 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:58:08.0205 2676 hkmsvc - ok
21:58:08.0259 2676 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:58:08.0263 2676 HomeGroupListener - ok
21:58:08.0292 2676 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:58:08.0296 2676 HomeGroupProvider - ok
21:58:08.0355 2676 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:58:08.0358 2676 HpSAMD - ok
21:58:08.0419 2676 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:58:08.0427 2676 HTTP - ok
21:58:08.0476 2676 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:58:08.0476 2676 hwpolicy - ok
21:58:08.0537 2676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:58:08.0539 2676 i8042prt - ok
21:58:08.0598 2676 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:58:08.0603 2676 iaStorV - ok
21:58:08.0639 2676 iczelcnk (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\iczelcnk.sys
21:58:08.0640 2676 iczelcnk - ok
21:58:08.0720 2676 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:58:08.0731 2676 idsvc - ok
21:58:08.0775 2676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:58:08.0776 2676 iirsp - ok
21:58:08.0856 2676 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:58:08.0867 2676 IKEEXT - ok
21:58:08.0972 2676 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
21:58:08.0985 2676 IntcAzAudAddService - ok
21:58:09.0162 2676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:58:09.0164 2676 intelide - ok
21:58:09.0205 2676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:58:09.0206 2676 intelppm - ok
21:58:09.0239 2676 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:58:09.0242 2676 IPBusEnum - ok
21:58:09.0282 2676 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:58:09.0286 2676 IpFilterDriver - ok
21:58:09.0326 2676 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:58:09.0328 2676 IPMIDRV - ok
21:58:09.0373 2676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:58:09.0375 2676 IPNAT - ok
21:58:09.0409 2676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:58:09.0410 2676 IRENUM - ok
21:58:09.0453 2676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:58:09.0455 2676 isapnp - ok
21:58:09.0495 2676 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:58:09.0498 2676 iScsiPrt - ok
21:58:09.0540 2676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:58:09.0541 2676 kbdclass - ok
21:58:09.0578 2676 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:58:09.0580 2676 kbdhid - ok
21:58:09.0628 2676 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:58:09.0629 2676 KeyIso - ok
21:58:09.0654 2676 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:58:09.0656 2676 KSecDD - ok
21:58:09.0689 2676 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:58:09.0691 2676 KSecPkg - ok
21:58:09.0732 2676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:58:09.0736 2676 ksthunk - ok
21:58:09.0793 2676 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:58:09.0800 2676 KtmRm - ok
21:58:09.0864 2676 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:58:09.0872 2676 LanmanServer - ok
21:58:09.0923 2676 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:58:09.0927 2676 LanmanWorkstation - ok
21:58:09.0972 2676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:58:09.0974 2676 lltdio - ok
21:58:10.0028 2676 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:58:10.0033 2676 lltdsvc - ok
21:58:10.0059 2676 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:58:10.0063 2676 lmhosts - ok
21:58:10.0115 2676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:58:10.0120 2676 LSI_FC - ok
21:58:10.0143 2676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:58:10.0146 2676 LSI_SAS - ok
21:58:10.0177 2676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:58:10.0179 2676 LSI_SAS2 - ok
21:58:10.0215 2676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:58:10.0219 2676 LSI_SCSI - ok
21:58:10.0253 2676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:58:10.0255 2676 luafv - ok
21:58:10.0325 2676 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
21:58:10.0326 2676 MBAMProtector - ok
21:58:10.0399 2676 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:58:10.0407 2676 MBAMService - ok
21:58:10.0454 2676 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:58:10.0457 2676 Mcx2Svc - ok
21:58:10.0490 2676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:58:10.0491 2676 megasas - ok
21:58:10.0519 2676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:58:10.0524 2676 MegaSR - ok
21:58:10.0555 2676 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:58:10.0558 2676 MMCSS - ok
21:58:10.0581 2676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:58:10.0583 2676 Modem - ok
21:58:10.0632 2676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:58:10.0633 2676 monitor - ok
21:58:10.0678 2676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:58:10.0679 2676 mouclass - ok
21:58:10.0713 2676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:58:10.0714 2676 mouhid - ok
21:58:10.0757 2676 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:58:10.0758 2676 mountmgr - ok
21:58:10.0803 2676 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:58:10.0806 2676 mpio - ok
21:58:10.0848 2676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:58:10.0852 2676 mpsdrv - ok
21:58:10.0878 2676 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:58:10.0880 2676 MRxDAV - ok
21:58:10.0925 2676 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:58:10.0927 2676 mrxsmb - ok
21:58:10.0979 2676 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:58:10.0983 2676 mrxsmb10 - ok
21:58:11.0010 2676 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:58:11.0013 2676 mrxsmb20 - ok
21:58:11.0055 2676 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:58:11.0058 2676 msahci - ok
21:58:11.0099 2676 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:58:11.0102 2676 msdsm - ok
21:58:11.0148 2676 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:58:11.0154 2676 MSDTC - ok
21:58:11.0204 2676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:58:11.0206 2676 Msfs - ok
21:58:11.0238 2676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:58:11.0239 2676 mshidkmdf - ok
21:58:11.0276 2676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:58:11.0277 2676 msisadrv - ok
21:58:11.0310 2676 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:58:11.0314 2676 MSiSCSI - ok
21:58:11.0326 2676 msiserver - ok
21:58:11.0359 2676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:58:11.0360 2676 MSKSSRV - ok
21:58:11.0386 2676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:58:11.0388 2676 MSPCLOCK - ok
21:58:11.0412 2676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:58:11.0413 2676 MSPQM - ok
21:58:11.0469 2676 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:58:11.0473 2676 MsRPC - ok
21:58:11.0520 2676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:58:11.0522 2676 mssmbios - ok
21:58:11.0561 2676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:58:11.0563 2676 MSTEE - ok
21:58:11.0586 2676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:58:11.0588 2676 MTConfig - ok
21:58:11.0614 2676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:58:11.0615 2676 Mup - ok
21:58:11.0655 2676 myrnwetx (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\myrnwetx.sys
21:58:11.0656 2676 myrnwetx - ok
21:58:11.0709 2676 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:58:11.0717 2676 napagent - ok
21:58:11.0766 2676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:58:11.0771 2676 NativeWifiP - ok
21:58:11.0834 2676 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:58:11.0845 2676 NDIS - ok
21:58:11.0880 2676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:58:11.0882 2676 NdisCap - ok
21:58:11.0928 2676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:58:11.0929 2676 NdisTapi - ok
21:58:11.0982 2676 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:58:11.0983 2676 Ndisuio - ok
21:58:12.0026 2676 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:58:12.0029 2676 NdisWan - ok
21:58:12.0067 2676 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:58:12.0069 2676 NDProxy - ok
21:58:12.0196 2676 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:58:12.0212 2676 Nero BackItUp Scheduler 4.0 - ok
21:58:12.0272 2676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:58:12.0274 2676 NetBIOS - ok
21:58:12.0314 2676 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:58:12.0318 2676 NetBT - ok
21:58:12.0358 2676 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:58:12.0359 2676 Netlogon - ok
21:58:12.0408 2676 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:58:12.0414 2676 Netman - ok
21:58:12.0458 2676 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:58:12.0464 2676 netprofm - ok
21:58:12.0544 2676 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:58:12.0547 2676 NetTcpPortSharing - ok
21:58:12.0590 2676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:58:12.0592 2676 nfrd960 - ok
21:58:12.0625 2676 niayocwa (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\niayocwa.sys
21:58:12.0626 2676 niayocwa - ok
21:58:12.0689 2676 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:58:12.0698 2676 NlaSvc - ok
21:58:12.0722 2676 notqpoyt (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\notqpoyt.sys
21:58:12.0723 2676 notqpoyt - ok
21:58:12.0745 2676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:58:12.0747 2676 Npfs - ok
21:58:12.0782 2676 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:58:12.0787 2676 nsi - ok
21:58:12.0822 2676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:58:12.0824 2676 nsiproxy - ok
21:58:12.0880 2676 nsisfviy (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\nsisfviy.sys
21:58:12.0882 2676 nsisfviy - ok
21:58:12.0986 2676 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:58:13.0015 2676 Ntfs - ok
21:58:13.0103 2676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:58:13.0105 2676 Null - ok
21:58:13.0587 2676 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:58:13.0677 2676 nvlddmkm - ok
21:58:13.0772 2676 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:58:13.0776 2676 nvraid - ok
21:58:13.0824 2676 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:58:13.0827 2676 nvstor - ok
21:58:13.0877 2676 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys
21:58:13.0879 2676 nvstor64 - ok
21:58:13.0935 2676 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe
21:58:13.0938 2676 nvsvc - ok
21:58:13.0991 2676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:58:13.0994 2676 nv_agp - ok
21:58:14.0330 2676 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:58:14.0336 2676 odserv - ok
21:58:14.0389 2676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:58:14.0391 2676 ohci1394 - ok
21:58:14.0428 2676 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:58:14.0431 2676 ose - ok
21:58:14.0479 2676 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:58:14.0485 2676 p2pimsvc - ok
21:58:14.0533 2676 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:58:14.0540 2676 p2psvc - ok
21:58:14.0573 2676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:58:14.0575 2676 Parport - ok
21:58:14.0610 2676 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:58:14.0612 2676 partmgr - ok
21:58:14.0643 2676 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:58:14.0646 2676 PcaSvc - ok
21:58:14.0693 2676 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:58:14.0695 2676 pci - ok
21:58:14.0736 2676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:58:14.0737 2676 pciide - ok
21:58:14.0780 2676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:58:14.0783 2676 pcmcia - ok
21:58:14.0810 2676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:58:14.0812 2676 pcw - ok
21:58:14.0858 2676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:58:14.0866 2676 PEAUTH - ok
21:58:14.0944 2676 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:58:14.0947 2676 PerfHost - ok
21:58:15.0065 2676 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:58:15.0090 2676 pla - ok
21:58:15.0149 2676 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:58:15.0156 2676 PlugPlay - ok
21:58:15.0189 2676 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:58:15.0192 2676 PNRPAutoReg - ok
21:58:15.0228 2676 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:58:15.0232 2676 PNRPsvc - ok
21:58:15.0267 2676 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:58:15.0279 2676 PolicyAgent - ok
21:58:15.0315 2676 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:58:15.0323 2676 Power - ok
21:58:15.0375 2676 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:58:15.0377 2676 PptpMiniport - ok
21:58:15.0411 2676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:58:15.0413 2676 Processor - ok
21:58:15.0466 2676 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:58:15.0470 2676 ProfSvc - ok
21:58:15.0497 2676 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:58:15.0499 2676 ProtectedStorage - ok
21:58:15.0578 2676 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:58:15.0580 2676 Psched - ok
21:58:15.0641 2676 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
21:58:15.0642 2676 PSI - ok
21:58:15.0717 2676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:58:15.0742 2676 ql2300 - ok
21:58:15.0841 2676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:58:15.0843 2676 ql40xx - ok
21:58:15.0893 2676 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:58:15.0898 2676 QWAVE - ok
21:58:15.0923 2676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:58:15.0925 2676 QWAVEdrv - ok
21:58:15.0953 2676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:58:15.0955 2676 RasAcd - ok
21:58:15.0988 2676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:58:15.0990 2676 RasAgileVpn - ok
21:58:16.0014 2676 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:58:16.0019 2676 RasAuto - ok
21:58:16.0065 2676 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:58:16.0067 2676 Rasl2tp - ok
21:58:16.0097 2676 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:58:16.0103 2676 RasMan - ok
21:58:16.0124 2676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:58:16.0126 2676 RasPppoe - ok
21:58:16.0154 2676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:58:16.0157 2676 RasSstp - ok
21:58:16.0196 2676 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:58:16.0200 2676 rdbss - ok
21:58:16.0228 2676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:58:16.0230 2676 rdpbus - ok
21:58:16.0254 2676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:58:16.0256 2676 RDPCDD - ok
21:58:16.0292 2676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:58:16.0298 2676 RDPENCDD - ok
21:58:16.0331 2676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:58:16.0332 2676 RDPREFMP - ok
21:58:16.0380 2676 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:58:16.0384 2676 RDPWD - ok
21:58:16.0446 2676 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:58:16.0448 2676 rdyboost - ok
21:58:16.0506 2676 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:58:16.0509 2676 RemoteAccess - ok
21:58:16.0543 2676 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:58:16.0546 2676 RemoteRegistry - ok
21:58:16.0575 2676 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:58:16.0577 2676 RpcEptMapper - ok
21:58:16.0616 2676 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:58:16.0622 2676 RpcLocator - ok
21:58:16.0678 2676 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:58:16.0684 2676 RpcSs - ok
21:58:16.0727 2676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:58:16.0729 2676 rspndr - ok
21:58:16.0778 2676 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:58:16.0782 2676 RTL8167 - ok
21:58:16.0821 2676 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:58:16.0823 2676 SamSs - ok
21:58:16.0860 2676 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:58:16.0863 2676 sbp2port - ok
21:58:16.0907 2676 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:58:16.0911 2676 SCardSvr - ok
21:58:16.0954 2676 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:58:16.0956 2676 scfilter - ok
21:58:17.0034 2676 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:58:17.0060 2676 Schedule - ok
21:58:17.0123 2676 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:58:17.0124 2676 SCPolicySvc - ok
21:58:17.0155 2676 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:58:17.0160 2676 SDRSVC - ok
21:58:17.0215 2676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:58:17.0216 2676 secdrv - ok
21:58:17.0265 2676 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:58:17.0277 2676 seclogon - ok
21:58:17.0375 2676 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
21:58:17.0386 2676 Secunia PSI Agent - ok
21:58:17.0417 2676 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
21:58:17.0423 2676 Secunia Update Agent - ok
21:58:17.0499 2676 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:58:17.0504 2676 SENS - ok
21:58:17.0533 2676 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:58:17.0539 2676 SensrSvc - ok
21:58:17.0585 2676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:58:17.0586 2676 Serenum - ok
21:58:17.0626 2676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:58:17.0629 2676 Serial - ok
21:58:17.0672 2676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:58:17.0674 2676 sermouse - ok
21:58:17.0739 2676 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:58:17.0743 2676 SessionEnv - ok
21:58:17.0777 2676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:58:17.0779 2676 sffdisk - ok
21:58:17.0808 2676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:58:17.0809 2676 sffp_mmc - ok
21:58:17.0837 2676 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:58:17.0839 2676 sffp_sd - ok
21:58:17.0876 2676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:58:17.0877 2676 sfloppy - ok
21:58:17.0924 2676 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:58:17.0930 2676 SharedAccess - ok
21:58:17.0986 2676 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:58:17.0992 2676 ShellHWDetection - ok
21:58:18.0025 2676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:58:18.0026 2676 SiSRaid2 - ok
21:58:18.0048 2676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:58:18.0060 2676 SiSRaid4 - ok
21:58:18.0087 2676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:58:18.0090 2676 Smb - ok
21:58:18.0143 2676 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:58:18.0145 2676 SNMPTRAP - ok
21:58:18.0165 2676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:58:18.0166 2676 spldr - ok
21:58:18.0222 2676 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:58:18.0230 2676 Spooler - ok
21:58:18.0382 2676 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:58:18.0450 2676 sppsvc - ok
21:58:18.0540 2676 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:58:18.0543 2676 sppuinotify - ok
21:58:18.0614 2676 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:58:18.0620 2676 srv - ok
21:58:18.0662 2676 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:58:18.0667 2676 srv2 - ok
21:58:18.0692 2676 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:58:18.0695 2676 srvnet - ok
21:58:18.0742 2676 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:58:18.0745 2676 SSDPSRV - ok
21:58:18.0773 2676 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:58:18.0776 2676 SstpSvc - ok
21:58:18.0811 2676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:58:18.0813 2676 stexstor - ok
21:58:18.0888 2676 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:58:18.0896 2676 stisvc - ok
21:58:18.0937 2676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:58:18.0938 2676 swenum - ok
21:58:19.0077 2676 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:58:19.0085 2676 SwitchBoard - ok
21:58:19.0142 2676 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:58:19.0150 2676 swprv - ok
21:58:19.0193 2676 sylbwmjt (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\sylbwmjt.sys
21:58:19.0194 2676 sylbwmjt - ok
21:58:19.0292 2676 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:58:19.0329 2676 SysMain - ok
21:58:19.0426 2676 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:58:19.0429 2676 TabletInputService - ok
21:58:19.0463 2676 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:58:19.0469 2676 TapiSrv - ok
21:58:19.0506 2676 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:58:19.0509 2676 TBS - ok
21:58:19.0616 2676 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:58:19.0653 2676 Tcpip - ok
21:58:19.0799 2676 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:58:19.0812 2676 TCPIP6 - ok
21:58:19.0905 2676 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:58:19.0907 2676 tcpipreg - ok
21:58:19.0950 2676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:58:19.0954 2676 TDPIPE - ok
21:58:19.0992 2676 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:58:19.0993 2676 TDTCP - ok
21:58:20.0029 2676 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:58:20.0031 2676 tdx - ok
21:58:20.0081 2676 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:58:20.0082 2676 TermDD - ok
21:58:20.0125 2676 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:58:20.0135 2676 TermService - ok
21:58:20.0189 2676 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:58:20.0191 2676 Themes - ok
21:58:20.0227 2676 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:58:20.0229 2676 THREADORDER - ok
21:58:20.0260 2676 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:58:20.0263 2676 TrkWks - ok
21:58:20.0327 2676 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:58:20.0330 2676 TrustedInstaller - ok
21:58:20.0382 2676 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:58:20.0384 2676 tssecsrv - ok
21:58:20.0445 2676 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:58:20.0447 2676 TsUsbFlt - ok
21:58:20.0509 2676 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:58:20.0512 2676 tunnel - ok
21:58:20.0548 2676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:58:20.0554 2676 uagp35 - ok
21:58:20.0608 2676 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:58:20.0613 2676 udfs - ok
21:58:20.0672 2676 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:58:20.0675 2676 UI0Detect - ok
21:58:20.0724 2676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:58:20.0726 2676 uliagpkx - ok
21:58:20.0783 2676 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:58:20.0784 2676 umbus - ok
21:58:20.0822 2676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:58:20.0824 2676 UmPass - ok
21:58:20.0895 2676 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
21:58:20.0898 2676 Updater Service - ok
21:58:20.0957 2676 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:58:20.0964 2676 upnphost - ok
21:58:20.0991 2676 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:58:20.0993 2676 usbccgp - ok
21:58:21.0040 2676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:58:21.0043 2676 usbcir - ok
21:58:21.0083 2676 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:58:21.0084 2676 usbehci - ok
21:58:21.0132 2676 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:58:21.0136 2676 usbhub - ok
21:58:21.0162 2676 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:58:21.0163 2676 usbohci - ok
21:58:21.0198 2676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:58:21.0199 2676 usbprint - ok
21:58:21.0238 2676 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:58:21.0240 2676 usbscan - ok
21:58:21.0266 2676 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:58:21.0272 2676 USBSTOR - ok
21:58:21.0321 2676 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:58:21.0323 2676 usbuhci - ok
21:58:21.0364 2676 usdzervr (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\usdzervr.sys
21:58:21.0365 2676 usdzervr - ok
21:58:21.0400 2676 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:58:21.0403 2676 UxSms - ok
21:58:21.0449 2676 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:58:21.0450 2676 VaultSvc - ok
21:58:21.0478 2676 vcvedjyo (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\vcvedjyo.sys
21:58:21.0479 2676 vcvedjyo - ok
21:58:21.0530 2676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:58:21.0530 2676 vdrvroot - ok
21:58:21.0599 2676 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:58:21.0607 2676 vds - ok
21:58:21.0640 2676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:58:21.0642 2676 vga - ok
21:58:21.0673 2676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:58:21.0675 2676 VgaSave - ok
21:58:21.0719 2676 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:58:21.0723 2676 vhdmp - ok
21:58:21.0766 2676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:58:21.0770 2676 viaide - ok
21:58:21.0809 2676 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:58:21.0811 2676 volmgr - ok
21:58:21.0867 2676 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:58:21.0873 2676 volmgrx - ok
21:58:21.0920 2676 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:58:21.0923 2676 volsnap - ok
21:58:21.0970 2676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:58:21.0974 2676 vsmraid - ok
21:58:22.0077 2676 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:58:22.0114 2676 VSS - ok
21:58:22.0193 2676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:58:22.0195 2676 vwifibus - ok
21:58:22.0258 2676 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:58:22.0264 2676 W32Time - ok
21:58:22.0309 2676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:58:22.0312 2676 WacomPen - ok
21:58:22.0369 2676 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:58:22.0372 2676 WANARP - ok
21:58:22.0386 2676 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:58:22.0388 2676 Wanarpv6 - ok
21:58:22.0487 2676 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:58:22.0525 2676 WatAdminSvc - ok
21:58:22.0620 2676 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:58:22.0650 2676 wbengine - ok
21:58:22.0748 2676 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:58:22.0753 2676 WbioSrvc - ok
21:58:22.0802 2676 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:58:22.0808 2676 wcncsvc - ok
21:58:22.0853 2676 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:58:22.0855 2676 WcsPlugInService - ok
21:58:22.0912 2676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:58:22.0913 2676 Wd - ok
21:58:22.0965 2676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:58:22.0973 2676 Wdf01000 - ok
21:58:23.0005 2676 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:58:23.0009 2676 WdiServiceHost - ok
21:58:23.0026 2676 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:58:23.0029 2676 WdiSystemHost - ok
21:58:23.0093 2676 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:58:23.0098 2676 WebClient - ok
21:58:23.0146 2676 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:58:23.0152 2676 Wecsvc - ok
21:58:23.0191 2676 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:58:23.0195 2676 wercplsupport - ok
21:58:23.0238 2676 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:58:23.0242 2676 WerSvc - ok
21:58:23.0305 2676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:58:23.0307 2676 WfpLwf - ok
21:58:23.0333 2676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:58:23.0338 2676 WIMMount - ok
21:58:23.0362 2676 WinHttpAutoProxySvc - ok
21:58:23.0424 2676 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:58:23.0427 2676 Winmgmt - ok
21:58:23.0535 2676 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:58:23.0576 2676 WinRM - ok
21:58:23.0708 2676 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:58:23.0709 2676 WinUsb - ok
21:58:23.0770 2676 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:58:23.0783 2676 Wlansvc - ok
21:58:23.0881 2676 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:58:23.0887 2676 wlcrasvc - ok
21:58:24.0045 2676 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:58:24.0092 2676 wlidsvc - ok
21:58:24.0209 2676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:58:24.0210 2676 WmiAcpi - ok
21:58:24.0278 2676 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:58:24.0282 2676 wmiApSrv - ok
21:58:24.0329 2676 WMPNetworkSvc - ok
21:58:24.0376 2676 wngrerlf (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\wngrerlf.sys
21:58:24.0377 2676 wngrerlf - ok
21:58:24.0414 2676 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:58:24.0416 2676 WPCSvc - ok
21:58:24.0462 2676 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:58:24.0465 2676 WPDBusEnum - ok
21:58:24.0506 2676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:58:24.0508 2676 ws2ifsl - ok
21:58:24.0527 2676 WSearch - ok
21:58:24.0652 2676 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:58:24.0693 2676 wuauserv - ok
21:58:24.0800 2676 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:58:24.0802 2676 WudfPf - ok
21:58:24.0846 2676 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:58:24.0850 2676 WUDFRd - ok
21:58:24.0883 2676 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:58:24.0886 2676 wudfsvc - ok
21:58:24.0930 2676 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:58:24.0936 2676 WwanSvc - ok
21:58:24.0992 2676 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0
21:58:27.0935 2676 \Device\Harddisk0\DR0 - ok
21:58:27.0977 2676 Boot (0x1200) (5ec99f953836ad8469a755e21620eda4) \Device\Harddisk0\DR0\Partition0
21:58:27.0979 2676 \Device\Harddisk0\DR0\Partition0 - ok
21:58:27.0999 2676 Boot (0x1200) (ac8aad07f5dcf7c5e833b9e74e66cdf3) \Device\Harddisk0\DR0\Partition1
21:58:28.0004 2676 \Device\Harddisk0\DR0\Partition1 - ok
21:58:28.0012 2676 ============================================================
21:58:28.0012 2676 Scan finished
21:58:28.0012 2676 ============================================================
21:58:28.0042 2672 Detected object count: 0
21:58:28.0042 2672 Actual detected object count: 0
22:00:24.0814 3136 Deinitialize success



Heres the second one:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-18 22:01:06
-----------------------------
22:01:06.544 OS Version: Windows x64 6.1.7601 Service Pack 1
22:01:06.544 Number of processors: 1 586 0x1601
22:01:06.546 ComputerName: MARQUISCINEMA UserName:
22:01:08.975 Initialize success
22:02:02.918 AVAST engine defs: 12061802
22:02:12.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000051
22:02:12.749 Disk 0 Vendor: ST350041 CC44 Size: 476940MB BusType: 3
22:02:12.763 Disk 0 MBR read successfully
22:02:12.767 Disk 0 MBR scan
22:02:12.778 Disk 0 unknown MBR code
22:02:12.785 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
22:02:12.809 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
22:02:12.825 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463526 MB offset 27469824
22:02:12.848 Disk 0 scanning C:\Windows\system32\drivers
22:02:25.816 Service scanning
22:02:49.280 Modules scanning
22:02:49.295 Disk 0 trace - called modules:
22:02:49.324 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
22:02:49.692 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031a5060]
22:02:49.703 3 CLASSPNP.SYS[fffff88001bbd43f] -> nt!IofCallDriver -> [0xfffffa8002b8a7a0]
22:02:49.715 5 ACPI.sys[fffff88000f0c7a1] -> nt!IofCallDriver -> \Device\00000051[0xfffffa8002b8a060]
22:02:51.008 AVAST engine scan C:\Windows
22:02:53.372 AVAST engine scan C:\Windows\system32
22:03:04.874 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
22:04:47.736 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
22:04:49.656 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
22:05:56.619 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32:DNSChanger-VJ [Trj]
22:05:56.674 File: C:\Windows\assembly\temp\U\80000064.@ **INFECTED** Win32:Malware-gen
22:05:57.388 AVAST engine scan C:\Windows\system32\drivers
22:06:13.239 AVAST engine scan C:\Users\marquis cinema
22:07:47.483 Disk 0 MBR has been saved successfully to "C:\Users\marquis cinema\Desktop\MBR.dat"
22:07:47.515 The log file has been saved successfully to "C:\Users\marquis cinema\Desktop\aswMBR.txt"


When I ran the GMER it said the following "Gmer hasn't found any system modification" and no log was available for me to save.

Thanks again.

W

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:06 AM

Posted 19 June 2012 - 09:38 AM

Hello and you're welcome!

Apears there may be a hidden infction in the asw log...We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
SKIP GMER, post the aswMBR log from above.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 moviebuff2

moviebuff2
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 21 June 2012 - 10:43 AM

Just posted logs.

Thanks for your help.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:06 AM

Posted 21 June 2012 - 11:24 AM

Thank you!
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users