Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

blue screen of death


  • Please log in to reply
5 replies to this topic

#1 jennifermax

jennifermax

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 26 July 2012 - 01:40 PM

I am jennifermax and am new. I decided to join because I think my HP Pavillion is about to expire. I have backed up all my files. The problem is a recurring blue screen. I have windows 7 64 bit, and this HP Pavillion was purchased at the beginning of March of this year. The message that accompanied the last blue screen was Driver_IRQL_Not_Less_or_Equal

xxx STOP 0x00000001, 0x0000000000000020, 0x 0000000000000002, 0x FFFFF88001A6076C base at FFFFF 88001A3E00, DateStamp 4f56a5f3

I am not sure about all the characters as my handwriting is hard to read after a long sequence but about 95% of the characters are correct.

I suspect my computer might be infected. Avast stopped running well or allowing me to update. Spybot keeps finding malware. Malwarebytes finds nothing.

Please help me resolve this issue. The computer keeps freezing, is sluggish, and I keep having to shut it down after it freezes further harming the hard drive.

jennifermax

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:21 PM

Posted 26 July 2012 - 07:39 PM

Hello and welcome

Please try this MSFT Hotfix first.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


Now....
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jennifermax

jennifermax
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 31 July 2012 - 09:35 AM

This is a reply to boopme--but I was not sure how to reply.
Thanks you for the instructions. Here is what I found:
Malwarebytes did not find anything--I ran it both ways (chameleon and regular). Here are the logs for malwarebytes:

Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.31.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Michele :: MICHELE-HP [administrator]

Protection: Enabled

7/31/2012 9:27:11 AM
mbam-log-2012-07-31 (09-27-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 250845
Time elapsed: 11 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.31.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Michele :: MICHELE-HP [administrator]

Protection: Enabled

7/31/2012 9:57:42 AM
mbam-log-2012-07-31 (09-57-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 250876
Time elapsed: 11 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Subsequently I downloaded tdsskiller and ran it according to instructions. It found nothing. Here is the log:

10:13:56.0950 2516 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
10:13:57.0578 2516 ============================================================
10:13:57.0578 2516 Current date / time: 2012/07/31 10:13:57.0578
10:13:57.0578 2516 SystemInfo:
10:13:57.0578 2516
10:13:57.0578 2516 OS Version: 6.1.7601 ServicePack: 1.0
10:13:57.0579 2516 Product type: Workstation
10:13:57.0579 2516 ComputerName: MICHELE-HP
10:13:57.0579 2516 UserName: Michele
10:13:57.0579 2516 Windows directory: C:\Windows
10:13:57.0579 2516 System windows directory: C:\Windows
10:13:57.0579 2516 Running under WOW64
10:13:57.0579 2516 Processor architecture: Intel x64
10:13:57.0579 2516 Number of processors: 8
10:13:57.0579 2516 Page size: 0x1000
10:13:57.0579 2516 Boot type: Normal boot
10:13:57.0579 2516 ============================================================
10:13:58.0078 2516 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:13:58.0089 2516 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F65E00 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:14:04.0732 2516 ============================================================
10:14:04.0732 2516 \Device\Harddisk0\DR0:
10:14:04.0768 2516 MBR partitions:
10:14:04.0768 2516 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:14:04.0769 2516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x724F5800
10:14:04.0769 2516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72559800, BlocksNum 0x2179800
10:14:04.0769 2516 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x746D3000, BlocksNum 0x335B0
10:14:04.0769 2516 \Device\Harddisk1\DR1:
10:14:04.0773 2516 MBR partitions:
10:14:04.0773 2516 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86741
10:14:04.0773 2516 ============================================================
10:14:04.0797 2516 C: <-> \Device\Harddisk0\DR0\Partition1
10:14:04.0839 2516 D: <-> \Device\Harddisk0\DR0\Partition2
10:14:04.0953 2516 F: <-> \Device\Harddisk1\DR1\Partition0
10:14:04.0969 2516 H: <-> \Device\Harddisk0\DR0\Partition3
10:14:04.0970 2516 ============================================================
10:14:04.0970 2516 Initialize success
10:14:04.0970 2516 ============================================================
10:14:33.0456 6088 ============================================================
10:14:33.0456 6088 Scan started
10:14:33.0456 6088 Mode: Manual; TDLFS;
10:14:33.0456 6088 ============================================================
10:14:34.0005 6088 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:14:34.0011 6088 !SASCORE - ok
10:14:34.0195 6088 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:14:34.0201 6088 1394ohci - ok
10:14:34.0248 6088 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
10:14:34.0250 6088 Accelerometer - ok
10:14:34.0302 6088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:14:34.0309 6088 ACPI - ok
10:14:34.0342 6088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:14:34.0374 6088 AcpiPmi - ok
10:14:34.0599 6088 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:14:34.0605 6088 AdobeFlashPlayerUpdateSvc - ok
10:14:34.0669 6088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:14:34.0679 6088 adp94xx - ok
10:14:34.0720 6088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:14:34.0742 6088 adpahci - ok
10:14:34.0782 6088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:14:34.0791 6088 adpu320 - ok
10:14:34.0822 6088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:14:34.0826 6088 AeLookupSvc - ok
10:14:35.0050 6088 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
10:14:35.0057 6088 AESTFilters - ok
10:14:35.0572 6088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:14:36.0035 6088 AFD - ok
10:14:36.0064 6088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:14:36.0066 6088 agp440 - ok
10:14:36.0100 6088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:14:36.0102 6088 ALG - ok
10:14:36.0137 6088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:14:36.0139 6088 aliide - ok
10:14:36.0185 6088 AMD External Events Utility (951f9713ebb69866ea24e4e53d270a02) C:\Windows\system32\atiesrxx.exe
10:14:36.0191 6088 AMD External Events Utility - ok
10:14:36.0205 6088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:14:36.0214 6088 amdide - ok
10:14:36.0242 6088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:14:36.0244 6088 AmdK8 - ok
10:14:36.0646 6088 amdkmdag (c4a36b9afb5c993c0a750589bbeac845) C:\Windows\system32\DRIVERS\atikmdag.sys
10:14:36.0835 6088 amdkmdag - ok
10:14:36.0967 6088 amdkmdap (ee789ea97d06bec75fcd5e69bb69a93b) C:\Windows\system32\DRIVERS\atikmpag.sys
10:14:36.0982 6088 amdkmdap - ok
10:14:37.0025 6088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:14:37.0030 6088 AmdPPM - ok
10:14:37.0074 6088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:14:37.0078 6088 amdsata - ok
10:14:37.0109 6088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:14:37.0115 6088 amdsbs - ok
10:14:37.0145 6088 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:14:37.0146 6088 amdxata - ok
10:14:37.0180 6088 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:14:37.0182 6088 AppID - ok
10:14:37.0206 6088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:14:37.0208 6088 AppIDSvc - ok
10:14:37.0263 6088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:14:37.0266 6088 Appinfo - ok
10:14:37.0304 6088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:14:37.0310 6088 arc - ok
10:14:37.0336 6088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:14:37.0341 6088 arcsas - ok
10:14:37.0379 6088 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
10:14:37.0391 6088 aswFsBlk - ok
10:14:37.0427 6088 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
10:14:37.0452 6088 aswMonFlt - ok
10:14:37.0501 6088 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
10:14:37.0503 6088 aswRdr - ok
10:14:37.0554 6088 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
10:14:37.0569 6088 aswSnx - ok
10:14:37.0589 6088 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
10:14:37.0596 6088 aswSP - ok
10:14:37.0608 6088 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
10:14:37.0611 6088 aswTdi - ok
10:14:37.0638 6088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:14:37.0640 6088 AsyncMac - ok
10:14:37.0692 6088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:14:37.0694 6088 atapi - ok
10:14:37.0764 6088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:14:37.0771 6088 AudioEndpointBuilder - ok
10:14:37.0776 6088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:14:37.0779 6088 AudioSrv - ok
10:14:37.0853 6088 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:14:37.0858 6088 avast! Antivirus - ok
10:14:37.0903 6088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:14:37.0911 6088 AxInstSV - ok
10:14:37.0958 6088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:14:37.0967 6088 b06bdrv - ok
10:14:38.0012 6088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:14:38.0017 6088 b57nd60a - ok
10:14:38.0205 6088 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
10:14:38.0280 6088 BCM43XX - ok
10:14:38.0379 6088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:14:38.0387 6088 BDESVC - ok
10:14:38.0444 6088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:14:38.0447 6088 Beep - ok
10:14:38.0520 6088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:14:38.0551 6088 BFE - ok
10:14:38.0583 6088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
10:14:38.0608 6088 BITS - ok
10:14:38.0661 6088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:14:38.0664 6088 blbdrive - ok
10:14:38.0686 6088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:14:38.0693 6088 bowser - ok
10:14:38.0729 6088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:14:38.0731 6088 BrFiltLo - ok
10:14:38.0739 6088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:14:38.0740 6088 BrFiltUp - ok
10:14:38.0797 6088 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:14:38.0806 6088 Browser - ok
10:14:38.0846 6088 BrSerIb (6df544e72ff139e8fbbba6d0e569bea5) C:\Windows\system32\DRIVERS\BrSerIb.sys
10:14:38.0851 6088 BrSerIb - ok
10:14:38.0895 6088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:14:38.0909 6088 Brserid - ok
10:14:38.0933 6088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:14:38.0938 6088 BrSerWdm - ok
10:14:38.0960 6088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:14:38.0964 6088 BrUsbMdm - ok
10:14:38.0997 6088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:14:38.0999 6088 BrUsbSer - ok
10:14:39.0036 6088 BrUsbSIb (80082ad46578f0d3270d2e56d6433082) C:\Windows\system32\DRIVERS\BrUsbSIb.sys
10:14:39.0038 6088 BrUsbSIb - ok
10:14:39.0129 6088 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
10:14:39.0138 6088 BrYNSvc - ok
10:14:39.0184 6088 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:14:39.0186 6088 BthEnum - ok
10:14:39.0229 6088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:14:39.0231 6088 BTHMODEM - ok
10:14:39.0265 6088 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:14:39.0268 6088 BthPan - ok
10:14:39.0330 6088 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
10:14:39.0346 6088 BTHPORT - ok
10:14:39.0415 6088 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:14:39.0421 6088 bthserv - ok
10:14:39.0447 6088 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
10:14:39.0450 6088 BTHUSB - ok
10:14:39.0484 6088 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
10:14:39.0491 6088 btwampfl - ok
10:14:39.0508 6088 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
10:14:39.0511 6088 btwaudio - ok
10:14:39.0550 6088 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
10:14:39.0554 6088 btwavdt - ok
10:14:39.0643 6088 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:14:39.0659 6088 btwdins - ok
10:14:39.0677 6088 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:14:39.0679 6088 btwl2cap - ok
10:14:39.0684 6088 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
10:14:39.0686 6088 btwrchid - ok
10:14:39.0716 6088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:14:39.0718 6088 cdfs - ok
10:14:39.0760 6088 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:14:39.0763 6088 cdrom - ok
10:14:39.0813 6088 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:14:39.0820 6088 CertPropSvc - ok
10:14:39.0867 6088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:14:39.0872 6088 circlass - ok
10:14:39.0916 6088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:14:39.0930 6088 CLFS - ok
10:14:40.0146 6088 CLKMSVC10_38F51D56 (524dc3807cb1746225f9d26add19c319) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
10:14:40.0194 6088 CLKMSVC10_38F51D56 - ok
10:14:40.0265 6088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:14:40.0270 6088 clr_optimization_v2.0.50727_32 - ok
10:14:40.0317 6088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:14:40.0320 6088 clr_optimization_v2.0.50727_64 - ok
10:14:40.0388 6088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:14:40.0397 6088 clr_optimization_v4.0.30319_32 - ok
10:14:40.0449 6088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:14:40.0454 6088 clr_optimization_v4.0.30319_64 - ok
10:14:40.0536 6088 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
10:14:40.0538 6088 clwvd - ok
10:14:40.0571 6088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:14:40.0573 6088 CmBatt - ok
10:14:40.0590 6088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:14:40.0592 6088 cmdide - ok
10:14:40.0625 6088 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
10:14:40.0634 6088 CNG - ok
10:14:40.0670 6088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:14:40.0679 6088 Compbatt - ok
10:14:40.0737 6088 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:14:40.0741 6088 CompositeBus - ok
10:14:40.0759 6088 COMSysApp - ok
10:14:40.0792 6088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:14:40.0796 6088 crcdisk - ok
10:14:40.0832 6088 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:14:40.0836 6088 CryptSvc - ok
10:14:40.0863 6088 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
10:14:40.0866 6088 dc3d - ok
10:14:40.0909 6088 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:14:40.0916 6088 DcomLaunch - ok
10:14:40.0957 6088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:14:40.0992 6088 defragsvc - ok
10:14:41.0049 6088 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:14:41.0052 6088 DfsC - ok
10:14:41.0102 6088 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:14:41.0109 6088 Dhcp - ok
10:14:41.0145 6088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:14:41.0147 6088 discache - ok
10:14:41.0188 6088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:14:41.0191 6088 Disk - ok
10:14:41.0218 6088 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:14:41.0223 6088 Dnscache - ok
10:14:41.0266 6088 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:14:41.0279 6088 dot3svc - ok
10:14:41.0321 6088 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:14:41.0332 6088 DPS - ok
10:14:41.0366 6088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:14:41.0367 6088 drmkaud - ok
10:14:41.0424 6088 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:14:41.0440 6088 DXGKrnl - ok
10:14:41.0479 6088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:14:41.0482 6088 EapHost - ok
10:14:41.0615 6088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:14:41.0673 6088 ebdrv - ok
10:14:41.0767 6088 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:14:41.0771 6088 EFS - ok
10:14:41.0864 6088 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:14:41.0876 6088 ehRecvr - ok
10:14:41.0915 6088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:14:41.0918 6088 ehSched - ok
10:14:41.0989 6088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:14:41.0999 6088 elxstor - ok
10:14:42.0022 6088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:14:42.0023 6088 ErrDev - ok
10:14:42.0070 6088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:14:42.0079 6088 EventSystem - ok
10:14:42.0114 6088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:14:42.0119 6088 exfat - ok
10:14:42.0149 6088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:14:42.0154 6088 fastfat - ok
10:14:42.0235 6088 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:14:42.0253 6088 Fax - ok
10:14:42.0291 6088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:14:42.0294 6088 fdc - ok
10:14:42.0317 6088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:14:42.0321 6088 fdPHost - ok
10:14:42.0332 6088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:14:42.0334 6088 FDResPub - ok
10:14:42.0356 6088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:14:42.0359 6088 FileInfo - ok
10:14:42.0374 6088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:14:42.0376 6088 Filetrace - ok
10:14:42.0501 6088 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:14:42.0514 6088 FLEXnet Licensing Service - ok
10:14:42.0549 6088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:14:42.0551 6088 flpydisk - ok
10:14:42.0599 6088 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:14:42.0609 6088 FltMgr - ok
10:14:42.0668 6088 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:14:42.0688 6088 FontCache - ok
10:14:42.0756 6088 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:14:42.0760 6088 FontCache3.0.0.0 - ok
10:14:42.0868 6088 FPLService (cdc54db949d1e2bbf86b0c7ab86b912e) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
10:14:42.0873 6088 FPLService - ok
10:14:42.0981 6088 fsbts (d5c492752fccb61bffae361c82f914ac) C:\Windows\system32\Drivers\fsbts.sys
10:14:42.0983 6088 fsbts - ok
10:14:43.0015 6088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:14:43.0017 6088 FsDepends - ok
10:14:43.0034 6088 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:14:43.0035 6088 Fs_Rec - ok
10:14:43.0088 6088 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:14:43.0093 6088 fvevol - ok
10:14:43.0128 6088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:14:43.0131 6088 gagp30kx - ok
10:14:43.0183 6088 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:14:43.0188 6088 GameConsoleService - ok
10:14:43.0241 6088 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:14:43.0257 6088 gpsvc - ok
10:14:43.0382 6088 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:14:43.0386 6088 gupdate - ok
10:14:43.0408 6088 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:14:43.0409 6088 gupdatem - ok
10:14:43.0462 6088 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:14:43.0466 6088 gusvc - ok
10:14:43.0525 6088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:14:43.0528 6088 hcw85cir - ok
10:14:43.0585 6088 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:14:43.0596 6088 HdAudAddService - ok
10:14:43.0647 6088 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:14:43.0652 6088 HDAudBus - ok
10:14:43.0682 6088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:14:43.0701 6088 HidBatt - ok
10:14:43.0737 6088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:14:43.0742 6088 HidBth - ok
10:14:43.0758 6088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:14:43.0764 6088 HidIr - ok
10:14:43.0786 6088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:14:43.0821 6088 hidserv - ok
10:14:43.0876 6088 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:14:43.0878 6088 HidUsb - ok
10:14:43.0967 6088 HitmanProScheduler (90c298940644bcc41cb19db0db2e9ecc) C:\Program Files\HitmanPro\hmpsched.exe
10:14:43.0969 6088 HitmanProScheduler - ok
10:14:44.0002 6088 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:14:44.0005 6088 hkmsvc - ok
10:14:44.0043 6088 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:14:44.0050 6088 HomeGroupListener - ok
10:14:44.0080 6088 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:14:44.0086 6088 HomeGroupProvider - ok
10:14:44.0193 6088 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:14:44.0196 6088 HP Support Assistant Service - ok
10:14:44.0262 6088 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:14:44.0266 6088 HP Wireless Assistant Service - ok
10:14:44.0311 6088 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:14:44.0317 6088 HPClientSvc - ok
10:14:44.0383 6088 HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:14:44.0396 6088 HPDrvMntSvc.exe - ok
10:14:44.0450 6088 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
10:14:44.0471 6088 hpdskflt - ok
10:14:44.0553 6088 hpqwmiex (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:14:44.0570 6088 hpqwmiex - ok
10:14:44.0644 6088 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:14:44.0650 6088 HpSAMD - ok
10:14:44.0675 6088 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
10:14:44.0682 6088 hpsrv - ok
10:14:44.0730 6088 HPWMISVC (491ce9b6321fb74e4b37af2c47f98434) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:14:44.0734 6088 HPWMISVC - ok
10:14:44.0804 6088 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:14:44.0817 6088 HTTP - ok
10:14:44.0855 6088 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:14:44.0856 6088 hwpolicy - ok
10:14:44.0902 6088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:14:44.0905 6088 i8042prt - ok
10:14:44.0944 6088 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\DRIVERS\iaStor.sys
10:14:44.0947 6088 iaStor - ok
10:14:45.0040 6088 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:14:45.0042 6088 IAStorDataMgrSvc - ok
10:14:45.0098 6088 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:14:45.0107 6088 iaStorV - ok
10:14:45.0218 6088 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:14:45.0250 6088 idsvc - ok
10:14:45.0657 6088 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:14:45.0902 6088 igfx - ok
10:14:46.0031 6088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:14:46.0033 6088 iirsp - ok
10:14:46.0081 6088 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:14:46.0096 6088 IKEEXT - ok
10:14:46.0150 6088 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:14:46.0165 6088 IntcDAud - ok
10:14:46.0197 6088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:14:46.0199 6088 intelide - ok
10:14:46.0629 6088 intelkmd (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdpmd64.sys
10:14:46.0859 6088 intelkmd - ok
10:14:46.0977 6088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:14:46.0982 6088 intelppm - ok
10:14:47.0027 6088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:14:47.0036 6088 IPBusEnum - ok
10:14:47.0067 6088 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:14:47.0069 6088 IpFilterDriver - ok
10:14:47.0106 6088 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:14:47.0117 6088 iphlpsvc - ok
10:14:47.0150 6088 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:14:47.0152 6088 IPMIDRV - ok
10:14:47.0176 6088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:14:47.0202 6088 IPNAT - ok
10:14:47.0254 6088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:14:47.0256 6088 IRENUM - ok
10:14:47.0290 6088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:14:47.0292 6088 isapnp - ok
10:14:47.0419 6088 iscFlash (95bfe1b8e21a68bc5a59d37f3330629f) C:\Program Files (x86)\SP55068\iscflashx64.sys
10:14:47.0422 6088 iscFlash - ok
10:14:47.0456 6088 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:14:47.0473 6088 iScsiPrt - ok
10:14:47.0523 6088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:14:47.0528 6088 kbdclass - ok
10:14:47.0554 6088 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:14:47.0558 6088 kbdhid - ok
10:14:47.0589 6088 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:14:47.0591 6088 KeyIso - ok
10:14:47.0601 6088 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
10:14:47.0604 6088 KSecDD - ok
10:14:47.0621 6088 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
10:14:47.0625 6088 KSecPkg - ok
10:14:47.0658 6088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:14:47.0659 6088 ksthunk - ok
10:14:47.0690 6088 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:14:47.0698 6088 KtmRm - ok
10:14:47.0752 6088 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
10:14:47.0760 6088 LanmanServer - ok
10:14:47.0806 6088 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:14:47.0831 6088 LanmanWorkstation - ok
10:14:47.0915 6088 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:14:47.0918 6088 LightScribeService - ok
10:14:47.0953 6088 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:14:47.0955 6088 lltdio - ok
10:14:47.0988 6088 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:14:47.0996 6088 lltdsvc - ok
10:14:48.0005 6088 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:14:48.0008 6088 lmhosts - ok
10:14:48.0062 6088 LMS (c463a25f01c6237295917417c5e9e344) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:14:48.0070 6088 LMS - ok
10:14:48.0109 6088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:14:48.0113 6088 LSI_FC - ok
10:14:48.0149 6088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:14:48.0152 6088 LSI_SAS - ok
10:14:48.0270 6088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:14:48.0276 6088 LSI_SAS2 - ok
10:14:48.0306 6088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:14:48.0314 6088 LSI_SCSI - ok
10:14:48.0349 6088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:14:48.0356 6088 luafv - ok
10:14:48.0411 6088 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
10:14:48.0412 6088 MBAMProtector - ok
10:14:48.0580 6088 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:14:48.0603 6088 MBAMService - ok
10:14:48.0667 6088 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:14:48.0671 6088 Mcx2Svc - ok
10:14:48.0702 6088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:14:48.0704 6088 megasas - ok
10:14:48.0755 6088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:14:48.0761 6088 MegaSR - ok
10:14:48.0805 6088 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
10:14:48.0808 6088 MEIx64 - ok
10:14:48.0839 6088 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:14:48.0842 6088 MMCSS - ok
10:14:48.0875 6088 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:14:48.0877 6088 Modem - ok
10:14:48.0909 6088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:14:48.0910 6088 monitor - ok
10:14:48.0960 6088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:14:48.0963 6088 mouclass - ok
10:14:48.0980 6088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:14:48.0982 6088 mouhid - ok
10:14:49.0009 6088 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:14:49.0012 6088 mountmgr - ok
10:14:49.0044 6088 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:14:49.0052 6088 mpio - ok
10:14:49.0074 6088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:14:49.0085 6088 mpsdrv - ok
10:14:49.0140 6088 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:14:49.0156 6088 MpsSvc - ok
10:14:49.0183 6088 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:14:49.0187 6088 MRxDAV - ok
10:14:49.0225 6088 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:14:49.0229 6088 mrxsmb - ok
10:14:49.0265 6088 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:14:49.0280 6088 mrxsmb10 - ok
10:14:49.0299 6088 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:14:49.0304 6088 mrxsmb20 - ok
10:14:49.0325 6088 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:14:49.0328 6088 msahci - ok
10:14:49.0359 6088 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:14:49.0366 6088 msdsm - ok
10:14:49.0399 6088 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:14:49.0404 6088 MSDTC - ok
10:14:49.0442 6088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:14:49.0446 6088 Msfs - ok
10:14:49.0481 6088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:14:49.0495 6088 mshidkmdf - ok
10:14:49.0511 6088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:14:49.0533 6088 msisadrv - ok
10:14:49.0590 6088 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:14:49.0597 6088 MSiSCSI - ok
10:14:49.0601 6088 msiserver - ok
10:14:49.0634 6088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:14:49.0636 6088 MSKSSRV - ok
10:14:49.0649 6088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:14:49.0651 6088 MSPCLOCK - ok
10:14:49.0654 6088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:14:49.0655 6088 MSPQM - ok
10:14:49.0708 6088 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:14:49.0715 6088 MsRPC - ok
10:14:49.0749 6088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:14:49.0761 6088 mssmbios - ok
10:14:49.0801 6088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:14:49.0803 6088 MSTEE - ok
10:14:49.0817 6088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:14:49.0819 6088 MTConfig - ok
10:14:49.0859 6088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:14:49.0864 6088 Mup - ok
10:14:49.0923 6088 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:14:49.0935 6088 napagent - ok
10:14:50.0000 6088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:14:50.0013 6088 NativeWifiP - ok
10:14:50.0072 6088 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:14:50.0088 6088 NDIS - ok
10:14:50.0136 6088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:14:50.0138 6088 NdisCap - ok
10:14:50.0167 6088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:14:50.0169 6088 NdisTapi - ok
10:14:50.0220 6088 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:14:50.0222 6088 Ndisuio - ok
10:14:50.0264 6088 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:14:50.0269 6088 NdisWan - ok
10:14:50.0315 6088 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:14:50.0343 6088 NDProxy - ok
10:14:50.0390 6088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:14:50.0396 6088 NetBIOS - ok
10:14:50.0446 6088 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:14:50.0466 6088 NetBT - ok
10:14:50.0491 6088 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:14:50.0493 6088 Netlogon - ok
10:14:50.0548 6088 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:14:50.0560 6088 Netman - ok
10:14:50.0607 6088 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:14:50.0618 6088 netprofm - ok
10:14:50.0684 6088 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:14:50.0687 6088 NetTcpPortSharing - ok
10:14:50.0901 6088 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
10:14:51.0041 6088 netw5v64 - ok
10:14:51.0165 6088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:14:51.0168 6088 nfrd960 - ok
10:14:51.0205 6088 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:14:51.0234 6088 NlaSvc - ok
10:14:51.0274 6088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:14:51.0276 6088 Npfs - ok
10:14:51.0295 6088 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:14:51.0298 6088 nsi - ok
10:14:51.0310 6088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:14:51.0312 6088 nsiproxy - ok
10:14:51.0390 6088 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:14:51.0414 6088 Ntfs - ok
10:14:51.0515 6088 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:14:51.0519 6088 Null - ok
10:14:51.0561 6088 nusb3hub (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\DRIVERS\nusb3hub.sys
10:14:51.0565 6088 nusb3hub - ok
10:14:51.0598 6088 nusb3xhc (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:14:51.0603 6088 nusb3xhc - ok
10:14:51.0649 6088 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:14:51.0654 6088 nvraid - ok
10:14:51.0679 6088 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:14:51.0684 6088 nvstor - ok
10:14:51.0698 6088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:14:51.0701 6088 nv_agp - ok
10:14:51.0727 6088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:14:51.0731 6088 ohci1394 - ok
10:14:51.0816 6088 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:14:51.0820 6088 ose - ok
10:14:52.0063 6088 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:14:52.0189 6088 osppsvc - ok
10:14:52.0317 6088 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:14:52.0325 6088 p2pimsvc - ok
10:14:52.0374 6088 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:14:52.0384 6088 p2psvc - ok
10:14:52.0434 6088 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:14:52.0437 6088 Parport - ok
10:14:52.0476 6088 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:14:52.0480 6088 partmgr - ok
10:14:52.0532 6088 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:14:52.0538 6088 PcaSvc - ok
10:14:52.0580 6088 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:14:52.0584 6088 pci - ok
10:14:52.0604 6088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:14:52.0606 6088 pciide - ok
10:14:52.0633 6088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:14:52.0638 6088 pcmcia - ok
10:14:52.0666 6088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:14:52.0668 6088 pcw - ok
10:14:52.0704 6088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:14:52.0720 6088 PEAUTH - ok
10:14:52.0797 6088 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:14:52.0799 6088 PerfHost - ok
10:14:52.0879 6088 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:14:52.0953 6088 pla - ok
10:14:52.0992 6088 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:14:53.0018 6088 PlugPlay - ok
10:14:53.0042 6088 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:14:53.0046 6088 PNRPAutoReg - ok
10:14:53.0065 6088 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:14:53.0069 6088 PNRPsvc - ok
10:14:53.0131 6088 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
10:14:53.0133 6088 Point64 - ok
10:14:53.0178 6088 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:14:53.0189 6088 PolicyAgent - ok
10:14:53.0225 6088 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:14:53.0240 6088 Power - ok
10:14:53.0279 6088 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:14:53.0283 6088 PptpMiniport - ok
10:14:53.0303 6088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:14:53.0306 6088 Processor - ok
10:14:53.0350 6088 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:14:53.0357 6088 ProfSvc - ok
10:14:53.0369 6088 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:14:53.0371 6088 ProtectedStorage - ok
10:14:53.0436 6088 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:14:53.0445 6088 Psched - ok
10:14:53.0530 6088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:14:53.0572 6088 ql2300 - ok
10:14:53.0682 6088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:14:53.0686 6088 ql40xx - ok
10:14:53.0723 6088 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:14:53.0731 6088 QWAVE - ok
10:14:53.0757 6088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:14:53.0759 6088 QWAVEdrv - ok
10:14:53.0768 6088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:14:53.0770 6088 RasAcd - ok
10:14:53.0798 6088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:14:53.0800 6088 RasAgileVpn - ok
10:14:53.0848 6088 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:14:53.0856 6088 RasAuto - ok
10:14:53.0899 6088 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:14:53.0907 6088 Rasl2tp - ok
10:14:53.0971 6088 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:14:53.0980 6088 RasMan - ok
10:14:54.0013 6088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:14:54.0016 6088 RasPppoe - ok
10:14:54.0033 6088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:14:54.0035 6088 RasSstp - ok
10:14:54.0068 6088 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:14:54.0075 6088 rdbss - ok
10:14:54.0094 6088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:14:54.0096 6088 rdpbus - ok
10:14:54.0107 6088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:14:54.0108 6088 RDPCDD - ok
10:14:54.0121 6088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:14:54.0123 6088 RDPENCDD - ok
10:14:54.0156 6088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:14:54.0157 6088 RDPREFMP - ok
10:14:54.0190 6088 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:14:54.0220 6088 RDPWD - ok
10:14:54.0285 6088 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:14:54.0292 6088 rdyboost - ok
10:14:54.0322 6088 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:14:54.0327 6088 RemoteAccess - ok
10:14:54.0351 6088 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:14:54.0357 6088 RemoteRegistry - ok
10:14:54.0417 6088 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:14:54.0427 6088 RFCOMM - ok
10:14:54.0496 6088 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:14:54.0504 6088 RoxioNow Service - ok
10:14:54.0523 6088 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:14:54.0527 6088 RpcEptMapper - ok
10:14:54.0544 6088 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:14:54.0547 6088 RpcLocator - ok
10:14:54.0588 6088 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:14:54.0593 6088 RpcSs - ok
10:14:54.0641 6088 RSPCIESTOR (1f5e7af59b390261a85f5bedb1bb88b3) C:\Windows\system32\DRIVERS\RtsPStor.sys
10:14:54.0648 6088 RSPCIESTOR - ok
10:14:54.0675 6088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:14:54.0677 6088 rspndr - ok
10:14:54.0725 6088 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:14:54.0733 6088 RTL8167 - ok
10:14:54.0758 6088 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:14:54.0760 6088 SamSs - ok
10:14:54.0822 6088 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:14:54.0826 6088 SASDIFSV - ok
10:14:54.0859 6088 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:14:54.0861 6088 SASKUTIL - ok
10:14:54.0900 6088 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:14:54.0903 6088 sbp2port - ok
10:14:54.0977 6088 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:14:54.0996 6088 SBSDWSCService - ok
10:14:55.0028 6088 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:14:55.0035 6088 SCardSvr - ok
10:14:55.0080 6088 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:14:55.0100 6088 scfilter - ok
10:14:55.0171 6088 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:14:55.0191 6088 Schedule - ok
10:14:55.0226 6088 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:14:55.0227 6088 SCPolicySvc - ok
10:14:55.0278 6088 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
10:14:55.0287 6088 sdbus - ok
10:14:55.0318 6088 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:14:55.0329 6088 SDRSVC - ok
10:14:55.0460 6088 SDScannerService (43d29ecb8137eeae30b0970bbc7a5500) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
10:14:55.0485 6088 SDScannerService - ok
10:14:55.0611 6088 SDUpdateService (6b859b122e85c2c833e6d8c5dc4b07f3) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:14:55.0653 6088 SDUpdateService - ok
10:14:55.0695 6088 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:14:55.0697 6088 SDWSCService - ok
10:14:55.0807 6088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:14:55.0811 6088 secdrv - ok
10:14:55.0847 6088 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:14:55.0858 6088 seclogon - ok
10:14:55.0897 6088 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:14:55.0902 6088 SENS - ok
10:14:55.0924 6088 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:14:55.0937 6088 SensrSvc - ok
10:14:55.0968 6088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:14:55.0970 6088 Serenum - ok
10:14:55.0982 6088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:14:55.0985 6088 Serial - ok
10:14:56.0006 6088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:14:56.0008 6088 sermouse - ok
10:14:56.0045 6088 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:14:56.0050 6088 SessionEnv - ok
10:14:56.0070 6088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:14:56.0072 6088 sffdisk - ok
10:14:56.0082 6088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:14:56.0083 6088 sffp_mmc - ok
10:14:56.0097 6088 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:14:56.0099 6088 sffp_sd - ok
10:14:56.0140 6088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:14:56.0142 6088 sfloppy - ok
10:14:56.0188 6088 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:14:56.0196 6088 SharedAccess - ok
10:14:56.0251 6088 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:14:56.0262 6088 ShellHWDetection - ok
10:14:56.0316 6088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:14:56.0322 6088 SiSRaid2 - ok
10:14:56.0375 6088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:14:56.0379 6088 SiSRaid4 - ok
10:14:56.0411 6088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:14:56.0414 6088 Smb - ok
10:14:56.0462 6088 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:14:56.0465 6088 SNMPTRAP - ok
10:14:56.0494 6088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:14:56.0513 6088 spldr - ok
10:14:56.0572 6088 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:14:56.0592 6088 Spooler - ok
10:14:56.0781 6088 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:14:56.0854 6088 sppsvc - ok
10:14:56.0948 6088 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:14:56.0953 6088 sppuinotify - ok
10:14:57.0007 6088 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:14:57.0016 6088 srv - ok
10:14:57.0041 6088 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:14:57.0056 6088 srv2 - ok
10:14:57.0107 6088 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:14:57.0121 6088 SrvHsfHDA - ok
10:14:57.0186 6088 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:14:57.0244 6088 SrvHsfV92 - ok
10:14:57.0378 6088 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:14:57.0394 6088 SrvHsfWinac - ok
10:14:57.0423 6088 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:14:57.0427 6088 srvnet - ok
10:14:57.0467 6088 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:14:57.0473 6088 SSDPSRV - ok
10:14:57.0490 6088 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:14:57.0494 6088 SstpSvc - ok
10:14:57.0725 6088 STacSV (20e27aa5bcc01c2149830c05fe22f675) C:\Program Files\IDT\WDM\STacSV64.exe
10:14:57.0753 6088 STacSV - ok
10:14:57.0784 6088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:14:57.0786 6088 stexstor - ok
10:14:57.0846 6088 STHDA (beb37ce4e7456f5efa52d783d1e06d8c) C:\Windows\system32\DRIVERS\stwrt64.sys
10:14:57.0855 6088 STHDA - ok
10:14:57.0889 6088 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
10:14:57.0891 6088 StillCam - ok
10:14:57.0944 6088 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:14:57.0956 6088 stisvc - ok
10:14:57.0981 6088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:14:57.0983 6088 swenum - ok
10:14:58.0012 6088 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:14:58.0025 6088 swprv - ok
10:14:58.0085 6088 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
10:14:58.0110 6088 SynTP - ok
10:14:58.0291 6088 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:14:58.0348 6088 SysMain - ok
10:14:58.0474 6088 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:14:58.0482 6088 TabletInputService - ok
10:14:58.0502 6088 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:14:58.0510 6088 TapiSrv - ok
10:14:58.0538 6088 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:14:58.0543 6088 TBS - ok
10:14:58.0671 6088 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:14:58.0705 6088 Tcpip - ok
10:14:58.0879 6088 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:14:58.0888 6088 TCPIP6 - ok
10:14:59.0001 6088 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:14:59.0006 6088 tcpipreg - ok
10:14:59.0041 6088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:14:59.0043 6088 TDPIPE - ok
10:14:59.0070 6088 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:14:59.0072 6088 TDTCP - ok
10:14:59.0101 6088 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:14:59.0105 6088 tdx - ok
10:14:59.0135 6088 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:14:59.0137 6088 TermDD - ok
10:14:59.0193 6088 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:14:59.0215 6088 TermService - ok
10:14:59.0238 6088 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:14:59.0242 6088 Themes - ok
10:14:59.0261 6088 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:14:59.0263 6088 THREADORDER - ok
10:14:59.0282 6088 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:14:59.0300 6088 TrkWks - ok
10:14:59.0354 6088 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:14:59.0358 6088 TrustedInstaller - ok
10:14:59.0393 6088 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:14:59.0395 6088 tssecsrv - ok
10:14:59.0445 6088 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:14:59.0451 6088 TsUsbFlt - ok
10:14:59.0512 6088 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:14:59.0519 6088 tunnel - ok
10:14:59.0534 6088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:14:59.0537 6088 uagp35 - ok
10:14:59.0568 6088 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:14:59.0575 6088 udfs - ok
10:14:59.0605 6088 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:14:59.0609 6088 UI0Detect - ok
10:14:59.0636 6088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:14:59.0639 6088 uliagpkx - ok
10:14:59.0683 6088 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:14:59.0689 6088 umbus - ok
10:14:59.0710 6088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:14:59.0713 6088 UmPass - ok
10:14:59.0851 6088 UNS (3a1ecef8d49fc1a786a6ccd5a86a8878) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:14:59.0921 6088 UNS - ok
10:15:00.0031 6088 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:15:00.0052 6088 upnphost - ok
10:15:00.0104 6088 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:15:00.0107 6088 usbccgp - ok
10:15:00.0165 6088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:15:00.0168 6088 usbcir - ok
10:15:00.0187 6088 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:15:00.0190 6088 usbehci - ok
10:15:00.0222 6088 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:15:00.0240 6088 usbhub - ok
10:15:00.0273 6088 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:15:00.0281 6088 usbohci - ok
10:15:00.0307 6088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:15:00.0308 6088 usbprint - ok
10:15:00.0353 6088 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:15:00.0355 6088 usbscan - ok
10:15:00.0372 6088 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:15:00.0374 6088 USBSTOR - ok
10:15:00.0404 6088 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:15:00.0406 6088 usbuhci - ok
10:15:00.0437 6088 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:15:00.0441 6088 usbvideo - ok
10:15:00.0468 6088 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:15:00.0473 6088 UxSms - ok
10:15:00.0503 6088 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:15:00.0506 6088 VaultSvc - ok
10:15:00.0548 6088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:15:00.0553 6088 vdrvroot - ok
10:15:00.0634 6088 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:15:00.0657 6088 vds - ok
10:15:00.0700 6088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:15:00.0705 6088 vga - ok
10:15:00.0724 6088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:15:00.0728 6088 VgaSave - ok
10:15:00.0767 6088 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:15:00.0787 6088 vhdmp - ok
10:15:00.0831 6088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:15:00.0832 6088 viaide - ok
10:15:00.0858 6088 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:15:00.0860 6088 volmgr - ok
10:15:00.0898 6088 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:15:00.0905 6088 volmgrx - ok
10:15:00.0932 6088 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:15:00.0939 6088 volsnap - ok
10:15:00.0974 6088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:15:00.0979 6088 vsmraid - ok
10:15:01.0055 6088 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:15:01.0087 6088 VSS - ok
10:15:01.0203 6088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:15:01.0207 6088 vwifibus - ok
10:15:01.0229 6088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:15:01.0232 6088 vwififlt - ok
10:15:01.0261 6088 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:15:01.0263 6088 vwifimp - ok
10:15:01.0295 6088 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:15:01.0306 6088 W32Time - ok
10:15:01.0331 6088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:15:01.0333 6088 WacomPen - ok
10:15:01.0374 6088 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:01.0378 6088 WANARP - ok
10:15:01.0380 6088 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:01.0381 6088 Wanarpv6 - ok
10:15:01.0463 6088 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:15:01.0485 6088 WatAdminSvc - ok
10:15:01.0565 6088 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:15:01.0600 6088 wbengine - ok
10:15:01.0705 6088 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:15:01.0717 6088 WbioSrvc - ok
10:15:01.0756 6088 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:15:01.0766 6088 wcncsvc - ok
10:15:01.0789 6088 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:15:01.0794 6088 WcsPlugInService - ok
10:15:01.0844 6088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:15:01.0849 6088 Wd - ok
10:15:01.0887 6088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:15:01.0902 6088 Wdf01000 - ok
10:15:01.0935 6088 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:15:01.0941 6088 WdiServiceHost - ok
10:15:01.0943 6088 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:15:01.0947 6088 WdiSystemHost - ok
10:15:01.0988 6088 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:15:01.0997 6088 WebClient - ok
10:15:02.0029 6088 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:15:02.0037 6088 Wecsvc - ok
10:15:02.0054 6088 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:15:02.0059 6088 wercplsupport - ok
10:15:02.0101 6088 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:15:02.0109 6088 WerSvc - ok
10:15:02.0183 6088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:15:02.0185 6088 WfpLwf - ok
10:15:02.0200 6088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:15:02.0202 6088 WIMMount - ok
10:15:02.0245 6088 WinDefend - ok
10:15:02.0249 6088 WinHttpAutoProxySvc - ok
10:15:02.0347 6088 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:15:02.0361 6088 Winmgmt - ok
10:15:02.0592 6088 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:15:02.0648 6088 WinRM - ok
10:15:02.0785 6088 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
10:15:02.0787 6088 WinUsb - ok
10:15:02.0839 6088 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:15:02.0861 6088 Wlansvc - ok
10:15:02.0885 6088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:15:02.0887 6088 WmiAcpi - ok
10:15:02.0933 6088 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:15:02.0938 6088 wmiApSrv - ok
10:15:02.0969 6088 WMPNetworkSvc - ok
10:15:02.0993 6088 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:15:02.0998 6088 WPCSvc - ok
10:15:03.0034 6088 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:15:03.0065 6088 WPDBusEnum - ok
10:15:03.0114 6088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:15:03.0119 6088 ws2ifsl - ok
10:15:03.0156 6088 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
10:15:03.0165 6088 wscsvc - ok
10:15:03.0198 6088 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:15:03.0200 6088 WSDPrintDevice - ok
10:15:03.0203 6088 WSearch - ok
10:15:03.0291 6088 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:15:03.0347 6088 wuauserv - ok
10:15:03.0449 6088 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:15:03.0453 6088 WudfPf - ok
10:15:03.0473 6088 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:15:03.0477 6088 WUDFRd - ok
10:15:03.0506 6088 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:15:03.0513 6088 wudfsvc - ok
10:15:03.0552 6088 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:15:03.0570 6088 WwanSvc - ok
10:15:03.0615 6088 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
10:15:03.0628 6088 yukonw7 - ok
10:15:03.0653 6088 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:15:04.0398 6088 \Device\Harddisk0\DR0 - ok
10:15:04.0405 6088 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
10:15:04.0567 6088 \Device\Harddisk1\DR1 - ok
10:15:04.0585 6088 Boot (0x1200) (cedbb7f0495f16eaae2fe80f7128e3c3) \Device\Harddisk0\DR0\Partition0
10:15:04.0588 6088 \Device\Harddisk0\DR0\Partition0 - ok
10:15:04.0606 6088 Boot (0x1200) (5c69961ede96c40f5960fcb75f6e7f6f) \Device\Harddisk0\DR0\Partition1
10:15:04.0608 6088 \Device\Harddisk0\DR0\Partition1 - ok
10:15:04.0633 6088 Boot (0x1200) (3e13689f9b1b87a6f16f50bff991ba6a) \Device\Harddisk0\DR0\Partition2
10:15:04.0634 6088 \Device\Harddisk0\DR0\Partition2 - ok
10:15:04.0643 6088 Boot (0x1200) (415a71f98c043f5ec7f6ff54dd3f982b) \Device\Harddisk0\DR0\Partition3
10:15:04.0644 6088 \Device\Harddisk0\DR0\Partition3 - ok
10:15:04.0646 6088 Boot (0x1200) (6879e4db886cf3c591554215deb6b702) \Device\Harddisk1\DR1\Partition0
10:15:04.0647 6088 \Device\Harddisk1\DR1\Partition0 - ok
10:15:04.0647 6088 ============================================================
10:15:04.0647 6088 Scan finished
10:15:04.0647 6088 ============================================================
10:15:04.0653 3296 Detected object count: 0
10:15:04.0653 3296 Actual detected object count: 0

Hope this helps you. My computer continues to freeze and is working poorly.

Thanks for your help

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:21 PM

Posted 31 July 2012 - 10:07 AM

Hello Jennifer,
I'll take it the MSFT Hotfix also failed.

Lets do two more scans and rule out malware....
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jennifermax

jennifermax
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 04 August 2012 - 04:08 PM

I am replying to boopme's last set of instructions.

The second scan found malware and quarantined it. Do you think this is the end of the problem? I am skeptical. I tried to use a backup computer that has not been turned on for a while, and avast found a rootkit.

thanks.


aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-04 12:34:51
-----------------------------
12:34:51.104 OS Version: Windows x64 6.1.7601 Service Pack 1
12:34:51.104 Number of processors: 8 586 0x2A07
12:34:51.104 ComputerName: MICHELE-HP UserName: Michele
12:34:53.621 Initialize success
12:34:54.775 AVAST engine defs: 12080400
12:35:02.825 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:35:02.825 Disk 0 Vendor: TOSHIBA_ GL00 Size: 953869MB BusType: 3
12:35:02.841 Disk 0 MBR read successfully
12:35:02.841 Disk 0 MBR scan
12:35:03.340 Disk 0 Windows 7 default MBR code
12:35:03.371 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
12:35:04.026 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 936427 MB offset 409600
12:35:04.120 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17139 MB offset 1918212096
12:35:04.167 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1953312768
12:35:04.837 Disk 0 scanning C:\Windows\system32\drivers
12:35:22.312 Service scanning
12:36:10.896 Modules scanning
12:36:10.896 Disk 0 trace - called modules:
12:36:10.936 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
12:36:10.936 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007f61790]
12:36:10.946 3 CLASSPNP.SYS[fffff88001d6643f] -> nt!IofCallDriver -> [0xfffffa8007e63b10]
12:36:10.946 5 hpdskflt.sys[fffff88001cfd189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d03050]
12:36:12.855 AVAST engine scan C:\Windows
12:36:16.942 AVAST engine scan C:\Windows\system32
12:38:43.017 AVAST engine scan C:\Windows\system32\drivers
12:38:54.483 AVAST engine scan C:\Users\Michele
12:57:29.593 AVAST engine scan C:\ProgramData
12:59:07.322 Scan finished successfully
13:02:14.256 Disk 0 MBR has been saved successfully to "C:\Users\Michele\Desktop\MBR.dat"
13:02:14.256 The log file has been saved successfully to "C:\Users\Michele\Desktop\aswMBR.txt"


Eset log:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=f4b2a875d9c31844b5b87d5d8f4f05c4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-04 08:55:44
# local_time=2012-08-04 04:55:44 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 0 95643602 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=276054
# found=1
# cleaned=1
# scan_time=13592
F:\AMBROSE-PC\Backup Set 2012-05-12 083850\Backup Files 2012-05-12 083850\Backup files 2.zip Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:21 PM

Posted 05 August 2012 - 01:39 PM

Ok, it found an infection in the backed up files and cleaned it.

Where was the rootkit found?
Did it give it a name?
Did it say what was done with it?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users