Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop ups in lower corners of browser...


  • This topic is locked This topic is locked
9 replies to this topic

#1 thesharkman

thesharkman

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 11:38 AM

hi gurus,

i've been afflicted with a pop up appearing on either the lower left or right corner (it was happening on both corners...lucky me!) of my browser (ie8 and google chrome). i'm running win7, 64bit. what i've done so far after reading threads with similar issues is:

1) have run malware bytes (found nothing);
2) ran superantispyware and deleted what was found (found 173 ad tracking cookies);
3) ran rogue killer and fixed hosts;
4) rebooted after any process that has required it.

i use ESET smart security (scan found no threats).

after doing the above, i still have some occurance of the pop up, but it is happening less than before i ran the above. any assistance to get rid of the bug i missed would be greatly appreciate...tia.

shark

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:57 PM

Posted 05 September 2012 - 11:45 AM

Hello, lets try 2 more please.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 thesharkman

thesharkman
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 12:29 PM

hi boopme,

appreciate the reply. here are the two logs:

1) TDSSKiller did not find anything nor did it request for a reboot:

09:54:37.0650 5848 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:54:38.0118 5848 ============================================================
09:54:38.0118 5848 Current date / time: 2012/09/05 09:54:38.0118
09:54:38.0118 5848 SystemInfo:
09:54:38.0118 5848
09:54:38.0118 5848 OS Version: 6.1.7601 ServicePack: 1.0
09:54:38.0118 5848 Product type: Workstation
09:54:38.0118 5848 ComputerName: LC-PC
09:54:38.0118 5848 UserName: lc
09:54:38.0118 5848 Windows directory: C:\Windows
09:54:38.0118 5848 System windows directory: C:\Windows
09:54:38.0118 5848 Running under WOW64
09:54:38.0118 5848 Processor architecture: Intel x64
09:54:38.0118 5848 Number of processors: 4
09:54:38.0118 5848 Page size: 0x1000
09:54:38.0118 5848 Boot type: Normal boot
09:54:38.0118 5848 ============================================================
09:54:39.0756 5848 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:54:39.0787 5848 ============================================================
09:54:39.0787 5848 \Device\Harddisk0\DR0:
09:54:39.0787 5848 MBR partitions:
09:54:39.0787 5848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1C98000
09:54:39.0787 5848 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1CAC000, BlocksNum 0x386D8000
09:54:39.0787 5848 ============================================================
09:54:39.0834 5848 C: <-> \Device\Harddisk0\DR0\Partition2
09:54:39.0834 5848 ============================================================
09:54:39.0834 5848 Initialize success
09:54:39.0834 5848 ============================================================
09:56:44.0417 6032 ============================================================
09:56:44.0417 6032 Scan started
09:56:44.0417 6032 Mode: Manual; TDLFS;
09:56:44.0417 6032 ============================================================
09:56:44.0573 6032 ================ Scan system memory ========================
09:56:44.0573 6032 System memory - ok
09:56:44.0573 6032 ================ Scan services =============================
09:56:44.0651 6032 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:56:44.0651 6032 !SASCORE - ok
09:56:44.0776 6032 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:56:44.0776 6032 1394ohci - ok
09:56:44.0807 6032 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:56:44.0823 6032 ACPI - ok
09:56:44.0823 6032 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:56:44.0823 6032 AcpiPmi - ok
09:56:44.0963 6032 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:44.0963 6032 AdobeFlashPlayerUpdateSvc - ok
09:56:44.0995 6032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:56:45.0010 6032 adp94xx - ok
09:56:45.0026 6032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:56:45.0041 6032 adpahci - ok
09:56:45.0057 6032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:56:45.0057 6032 adpu320 - ok
09:56:45.0088 6032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:56:45.0088 6032 AeLookupSvc - ok
09:56:45.0119 6032 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:56:45.0119 6032 AFD - ok
09:56:45.0151 6032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:56:45.0151 6032 agp440 - ok
09:56:45.0166 6032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:56:45.0166 6032 ALG - ok
09:56:45.0182 6032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:56:45.0182 6032 aliide - ok
09:56:45.0213 6032 [ B9C8770F3061582DA3F9AB39071DEE37 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:56:45.0213 6032 AMD External Events Utility - ok
09:56:45.0244 6032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:56:45.0244 6032 amdide - ok
09:56:45.0260 6032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:56:45.0260 6032 AmdK8 - ok
09:56:45.0400 6032 [ 31D7999C389C7F1EFFD4B861B64ECAA9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:56:45.0525 6032 amdkmdag - ok
09:56:45.0541 6032 [ 48E49CB63CB14E1A6EE80A14381213B0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:56:45.0541 6032 amdkmdap - ok
09:56:45.0556 6032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:56:45.0556 6032 AmdPPM - ok
09:56:45.0587 6032 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:56:45.0587 6032 amdsata - ok
09:56:45.0619 6032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:56:45.0634 6032 amdsbs - ok
09:56:45.0650 6032 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:56:45.0650 6032 amdxata - ok
09:56:45.0665 6032 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:56:45.0665 6032 AppID - ok
09:56:45.0681 6032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:56:45.0681 6032 AppIDSvc - ok
09:56:45.0697 6032 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:56:45.0697 6032 Appinfo - ok
09:56:45.0712 6032 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:56:45.0728 6032 AppMgmt - ok
09:56:45.0743 6032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:56:45.0743 6032 arc - ok
09:56:45.0759 6032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:56:45.0759 6032 arcsas - ok
09:56:45.0837 6032 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:56:45.0837 6032 aspnet_state - ok
09:56:45.0868 6032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:45.0868 6032 AsyncMac - ok
09:56:45.0899 6032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:56:45.0899 6032 atapi - ok
09:56:45.0931 6032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:45.0931 6032 AudioEndpointBuilder - ok
09:56:45.0946 6032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:56:45.0946 6032 AudioSrv - ok
09:56:45.0962 6032 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:56:45.0977 6032 AxInstSV - ok
09:56:45.0993 6032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:56:45.0993 6032 b06bdrv - ok
09:56:46.0024 6032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:56:46.0024 6032 b57nd60a - ok
09:56:46.0055 6032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:56:46.0055 6032 BDESVC - ok
09:56:46.0055 6032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:56:46.0055 6032 Beep - ok
09:56:46.0071 6032 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:56:46.0071 6032 BFE - ok
09:56:46.0102 6032 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:56:46.0118 6032 BITS - ok
09:56:46.0133 6032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:46.0133 6032 blbdrive - ok
09:56:46.0211 6032 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:56:46.0211 6032 Bonjour Service - ok
09:56:46.0243 6032 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:56:46.0243 6032 bowser - ok
09:56:46.0258 6032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:56:46.0258 6032 BrFiltLo - ok
09:56:46.0258 6032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:56:46.0258 6032 BrFiltUp - ok
09:56:46.0289 6032 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:56:46.0289 6032 Browser - ok
09:56:46.0305 6032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:56:46.0305 6032 Brserid - ok
09:56:46.0321 6032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:46.0321 6032 BrSerWdm - ok
09:56:46.0336 6032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:46.0336 6032 BrUsbMdm - ok
09:56:46.0352 6032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:46.0352 6032 BrUsbSer - ok
09:56:46.0367 6032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:56:46.0367 6032 BTHMODEM - ok
09:56:46.0399 6032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:56:46.0399 6032 bthserv - ok
09:56:46.0414 6032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:56:46.0414 6032 cdfs - ok
09:56:46.0430 6032 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:56:46.0430 6032 cdrom - ok
09:56:46.0445 6032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:56:46.0445 6032 CertPropSvc - ok
09:56:46.0461 6032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:56:46.0461 6032 circlass - ok
09:56:46.0477 6032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:56:46.0477 6032 CLFS - ok
09:56:46.0523 6032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:46.0523 6032 clr_optimization_v2.0.50727_32 - ok
09:56:46.0555 6032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:56:46.0555 6032 clr_optimization_v2.0.50727_64 - ok
09:56:46.0586 6032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:46.0586 6032 clr_optimization_v4.0.30319_32 - ok
09:56:46.0601 6032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:56:46.0601 6032 clr_optimization_v4.0.30319_64 - ok
09:56:46.0617 6032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:56:46.0617 6032 CmBatt - ok
09:56:46.0633 6032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:56:46.0648 6032 cmdide - ok
09:56:46.0679 6032 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:56:46.0679 6032 CNG - ok
09:56:46.0726 6032 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
09:56:46.0742 6032 CnxtHdAudService - ok
09:56:46.0773 6032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:56:46.0773 6032 Compbatt - ok
09:56:46.0804 6032 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:56:46.0804 6032 CompositeBus - ok
09:56:46.0820 6032 COMSysApp - ok
09:56:46.0835 6032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:56:46.0835 6032 crcdisk - ok
09:56:46.0867 6032 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:56:46.0867 6032 CryptSvc - ok
09:56:46.0882 6032 [ DFA60FF101EB2341D7D0D5B883C31DF3 ] CSAPrintService C:\Windows\csasvc.exe
09:56:46.0882 6032 CSAPrintService - ok
09:56:46.0913 6032 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:56:46.0913 6032 CSC - ok
09:56:46.0929 6032 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:56:46.0945 6032 CscService - ok
09:56:46.0960 6032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:56:46.0960 6032 DcomLaunch - ok
09:56:46.0991 6032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:56:46.0991 6032 defragsvc - ok
09:56:46.0991 6032 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:56:47.0007 6032 DfsC - ok
09:56:47.0023 6032 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:56:47.0038 6032 Dhcp - ok
09:56:47.0069 6032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:56:47.0069 6032 discache - ok
09:56:47.0085 6032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:56:47.0085 6032 Disk - ok
09:56:47.0116 6032 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:56:47.0116 6032 dmvsc - ok
09:56:47.0132 6032 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:56:47.0147 6032 Dnscache - ok
09:56:47.0163 6032 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:56:47.0179 6032 dot3svc - ok
09:56:47.0179 6032 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:56:47.0194 6032 DPS - ok
09:56:47.0225 6032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:56:47.0225 6032 drmkaud - ok
09:56:47.0257 6032 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:56:47.0257 6032 DXGKrnl - ok
09:56:47.0303 6032 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
09:56:47.0303 6032 eamonm - ok
09:56:47.0319 6032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:56:47.0319 6032 EapHost - ok
09:56:47.0381 6032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:56:47.0444 6032 ebdrv - ok
09:56:47.0475 6032 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:56:47.0475 6032 EFS - ok
09:56:47.0522 6032 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
09:56:47.0522 6032 ehdrv - ok
09:56:47.0569 6032 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:56:47.0584 6032 ehRecvr - ok
09:56:47.0600 6032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:56:47.0600 6032 ehSched - ok
09:56:47.0678 6032 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
09:56:47.0678 6032 ekrn - ok
09:56:47.0709 6032 ElbyCDIO - ok
09:56:47.0709 6032 ElbyDelay - ok
09:56:47.0740 6032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:56:47.0740 6032 elxstor - ok
09:56:47.0756 6032 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
09:56:47.0756 6032 epfw - ok
09:56:47.0771 6032 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
09:56:47.0771 6032 EpfwLWF - ok
09:56:47.0787 6032 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
09:56:47.0787 6032 epfwwfp - ok
09:56:47.0803 6032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:56:47.0803 6032 ErrDev - ok
09:56:47.0834 6032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:56:47.0834 6032 EventSystem - ok
09:56:47.0849 6032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:56:47.0849 6032 exfat - ok
09:56:47.0881 6032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:56:47.0881 6032 fastfat - ok
09:56:47.0912 6032 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:56:47.0912 6032 Fax - ok
09:56:47.0927 6032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:56:47.0927 6032 fdc - ok
09:56:47.0959 6032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:56:47.0959 6032 fdPHost - ok
09:56:47.0959 6032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:56:47.0959 6032 FDResPub - ok
09:56:47.0974 6032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:56:47.0974 6032 FileInfo - ok
09:56:47.0990 6032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:56:47.0990 6032 Filetrace - ok
09:56:48.0068 6032 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:56:48.0083 6032 FLEXnet Licensing Service - ok
09:56:48.0083 6032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:56:48.0083 6032 flpydisk - ok
09:56:48.0115 6032 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:56:48.0115 6032 FltMgr - ok
09:56:48.0146 6032 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:56:48.0161 6032 FontCache - ok
09:56:48.0208 6032 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:56:48.0208 6032 FontCache3.0.0.0 - ok
09:56:48.0208 6032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:56:48.0224 6032 FsDepends - ok
09:56:48.0239 6032 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:56:48.0239 6032 Fs_Rec - ok
09:56:48.0255 6032 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:56:48.0271 6032 fvevol - ok
09:56:48.0286 6032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:56:48.0286 6032 gagp30kx - ok
09:56:48.0317 6032 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:56:48.0317 6032 gpsvc - ok
09:56:48.0333 6032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:56:48.0333 6032 hcw85cir - ok
09:56:48.0380 6032 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:56:48.0380 6032 HdAudAddService - ok
09:56:48.0395 6032 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:48.0395 6032 HDAudBus - ok
09:56:48.0411 6032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:56:48.0411 6032 HidBatt - ok
09:56:48.0427 6032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:56:48.0442 6032 HidBth - ok
09:56:48.0458 6032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:56:48.0458 6032 HidIr - ok
09:56:48.0489 6032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:56:48.0489 6032 hidserv - ok
09:56:48.0505 6032 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:56:48.0520 6032 HidUsb - ok
09:56:48.0536 6032 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:56:48.0536 6032 hkmsvc - ok
09:56:48.0551 6032 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:48.0551 6032 HomeGroupListener - ok
09:56:48.0583 6032 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:48.0598 6032 HomeGroupProvider - ok
09:56:48.0614 6032 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:56:48.0614 6032 HpSAMD - ok
09:56:48.0645 6032 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:56:48.0645 6032 HTTP - ok
09:56:48.0661 6032 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:56:48.0661 6032 hwpolicy - ok
09:56:48.0676 6032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:48.0676 6032 i8042prt - ok
09:56:48.0707 6032 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:56:48.0707 6032 iaStorV - ok
09:56:48.0754 6032 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:56:48.0770 6032 idsvc - ok
09:56:48.0785 6032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:56:48.0785 6032 iirsp - ok
09:56:48.0817 6032 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:56:48.0832 6032 IKEEXT - ok
09:56:48.0848 6032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:56:48.0848 6032 intelide - ok
09:56:48.0863 6032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:56:48.0863 6032 intelppm - ok
09:56:48.0926 6032 [ A2E6B2597EE255D7C63EAB804D788AE1 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:56:48.0926 6032 IntuitUpdateService - ok
09:56:48.0941 6032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:56:48.0941 6032 IPBusEnum - ok
09:56:48.0957 6032 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:48.0957 6032 IpFilterDriver - ok
09:56:49.0004 6032 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:56:49.0004 6032 iphlpsvc - ok
09:56:49.0019 6032 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:56:49.0019 6032 IPMIDRV - ok
09:56:49.0035 6032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:56:49.0035 6032 IPNAT - ok
09:56:49.0051 6032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:56:49.0051 6032 IRENUM - ok
09:56:49.0082 6032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:56:49.0082 6032 isapnp - ok
09:56:49.0097 6032 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:56:49.0097 6032 iScsiPrt - ok
09:56:49.0144 6032 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:56:49.0144 6032 jhi_service - ok
09:56:49.0160 6032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:49.0160 6032 kbdclass - ok
09:56:49.0175 6032 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:49.0175 6032 kbdhid - ok
09:56:49.0191 6032 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:56:49.0191 6032 KeyIso - ok
09:56:49.0207 6032 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:56:49.0222 6032 KSecDD - ok
09:56:49.0238 6032 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:56:49.0238 6032 KSecPkg - ok
09:56:49.0238 6032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:56:49.0253 6032 ksthunk - ok
09:56:49.0269 6032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:56:49.0285 6032 KtmRm - ok
09:56:49.0316 6032 [ A6FE2E63441094074F57243FB0FDB45A ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
09:56:49.0316 6032 L8042mou - ok
09:56:49.0331 6032 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:56:49.0331 6032 LanmanServer - ok
09:56:49.0347 6032 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:49.0347 6032 LanmanWorkstation - ok
09:56:49.0409 6032 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
09:56:49.0425 6032 LBTServ - ok
09:56:49.0441 6032 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:56:49.0441 6032 LHidFilt - ok
09:56:49.0472 6032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:56:49.0472 6032 lltdio - ok
09:56:49.0503 6032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:56:49.0519 6032 lltdsvc - ok
09:56:49.0534 6032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:56:49.0534 6032 lmhosts - ok
09:56:49.0550 6032 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:56:49.0550 6032 LMouFilt - ok
09:56:49.0581 6032 [ F518C34C137348B7DBE5343ACC646A1C ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
09:56:49.0581 6032 LMouKE - ok
09:56:49.0612 6032 [ 5F5899711DF18A02162B6D518C17B0D7 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:56:49.0612 6032 LMS - ok
09:56:49.0643 6032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:56:49.0643 6032 LSI_FC - ok
09:56:49.0659 6032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:56:49.0659 6032 LSI_SAS - ok
09:56:49.0675 6032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:56:49.0675 6032 LSI_SAS2 - ok
09:56:49.0690 6032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:56:49.0690 6032 LSI_SCSI - ok
09:56:49.0721 6032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:56:49.0721 6032 luafv - ok
09:56:49.0753 6032 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:56:49.0753 6032 Mcx2Svc - ok
09:56:49.0768 6032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:56:49.0768 6032 megasas - ok
09:56:49.0784 6032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:56:49.0784 6032 MegaSR - ok
09:56:49.0815 6032 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:56:49.0815 6032 MEIx64 - ok
09:56:49.0987 6032 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:56:50.0002 6032 Microsoft Office Groove Audit Service - ok
09:56:50.0018 6032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:56:50.0018 6032 MMCSS - ok
09:56:50.0033 6032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:56:50.0049 6032 Modem - ok
09:56:50.0065 6032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:56:50.0065 6032 monitor - ok
09:56:50.0096 6032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:56:50.0096 6032 mouclass - ok
09:56:50.0111 6032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:56:50.0111 6032 mouhid - ok
09:56:50.0143 6032 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:56:50.0143 6032 mountmgr - ok
09:56:50.0158 6032 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:56:50.0158 6032 mpio - ok
09:56:50.0174 6032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:56:50.0174 6032 mpsdrv - ok
09:56:50.0205 6032 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:56:50.0205 6032 MpsSvc - ok
09:56:50.0221 6032 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:56:50.0221 6032 MRxDAV - ok
09:56:50.0252 6032 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:50.0252 6032 mrxsmb - ok
09:56:50.0252 6032 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:50.0252 6032 mrxsmb10 - ok
09:56:50.0252 6032 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:50.0252 6032 mrxsmb20 - ok
09:56:50.0283 6032 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:56:50.0283 6032 msahci - ok
09:56:50.0299 6032 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:56:50.0314 6032 msdsm - ok
09:56:50.0330 6032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:56:50.0330 6032 MSDTC - ok
09:56:50.0345 6032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:56:50.0345 6032 Msfs - ok
09:56:50.0361 6032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:56:50.0361 6032 mshidkmdf - ok
09:56:50.0377 6032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:56:50.0377 6032 msisadrv - ok
09:56:50.0392 6032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:56:50.0392 6032 MSiSCSI - ok
09:56:50.0392 6032 msiserver - ok
09:56:50.0423 6032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:56:50.0423 6032 MSKSSRV - ok
09:56:50.0439 6032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:56:50.0439 6032 MSPCLOCK - ok
09:56:50.0455 6032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:56:50.0455 6032 MSPQM - ok
09:56:50.0470 6032 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:56:50.0486 6032 MsRPC - ok
09:56:50.0501 6032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:56:50.0501 6032 mssmbios - ok
09:56:50.0501 6032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:56:50.0501 6032 MSTEE - ok
09:56:50.0517 6032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:56:50.0517 6032 MTConfig - ok
09:56:50.0517 6032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:56:50.0517 6032 Mup - ok
09:56:50.0548 6032 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:56:50.0548 6032 napagent - ok
09:56:50.0595 6032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:56:50.0611 6032 NativeWifiP - ok
09:56:50.0642 6032 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
09:56:50.0642 6032 NBVol - ok
09:56:50.0642 6032 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
09:56:50.0642 6032 NBVolUp - ok
09:56:50.0689 6032 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:56:50.0704 6032 NDIS - ok
09:56:50.0720 6032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:56:50.0720 6032 NdisCap - ok
09:56:50.0735 6032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:56:50.0751 6032 NdisTapi - ok
09:56:50.0751 6032 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:56:50.0751 6032 Ndisuio - ok
09:56:50.0767 6032 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:56:50.0767 6032 NdisWan - ok
09:56:50.0767 6032 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:56:50.0767 6032 NDProxy - ok
09:56:50.0782 6032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:56:50.0782 6032 NetBIOS - ok
09:56:50.0798 6032 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:56:50.0798 6032 NetBT - ok
09:56:50.0813 6032 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:56:50.0813 6032 Netlogon - ok
09:56:50.0829 6032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:56:50.0829 6032 Netman - ok
09:56:50.0860 6032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:50.0860 6032 NetMsmqActivator - ok
09:56:50.0860 6032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:50.0860 6032 NetPipeActivator - ok
09:56:50.0876 6032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:56:50.0891 6032 netprofm - ok
09:56:50.0891 6032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:50.0891 6032 NetTcpActivator - ok
09:56:50.0891 6032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:50.0891 6032 NetTcpPortSharing - ok
09:56:50.0923 6032 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
09:56:50.0923 6032 netvsc - ok
09:56:50.0954 6032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:56:50.0954 6032 nfrd960 - ok
09:56:50.0985 6032 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:56:50.0985 6032 NlaSvc - ok
09:56:51.0063 6032 [ 447108589F2074FFCD3FCFB690E43026 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
09:56:51.0063 6032 nlsX86cc - ok
09:56:51.0079 6032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:56:51.0094 6032 Npfs - ok
09:56:51.0094 6032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:56:51.0110 6032 nsi - ok
09:56:51.0125 6032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:56:51.0125 6032 nsiproxy - ok
09:56:51.0172 6032 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:56:51.0203 6032 Ntfs - ok
09:56:51.0219 6032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:56:51.0219 6032 Null - ok
09:56:51.0250 6032 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
09:56:51.0250 6032 nusb3hub - ok
09:56:51.0266 6032 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:56:51.0281 6032 nusb3xhc - ok
09:56:51.0297 6032 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:56:51.0297 6032 nvraid - ok
09:56:51.0313 6032 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:56:51.0313 6032 nvstor - ok
09:56:51.0328 6032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:56:51.0344 6032 nv_agp - ok
09:56:51.0391 6032 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:56:51.0406 6032 odserv - ok
09:56:51.0422 6032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:56:51.0437 6032 ohci1394 - ok
09:56:51.0453 6032 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:56:51.0453 6032 ose - ok
09:56:51.0500 6032 [ DAF5D6B1696D42140839CD557336EFC8 ] OXSDIDRV_x64 C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys
09:56:51.0500 6032 OXSDIDRV_x64 - ok
09:56:51.0531 6032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:56:51.0531 6032 p2pimsvc - ok
09:56:51.0547 6032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:56:51.0547 6032 p2psvc - ok
09:56:51.0562 6032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:56:51.0562 6032 Parport - ok
09:56:51.0593 6032 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:56:51.0593 6032 partmgr - ok
09:56:51.0609 6032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:56:51.0609 6032 PcaSvc - ok
09:56:51.0625 6032 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:56:51.0640 6032 pci - ok
09:56:51.0640 6032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:56:51.0640 6032 pciide - ok
09:56:51.0671 6032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:56:51.0671 6032 pcmcia - ok
09:56:51.0671 6032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:56:51.0671 6032 pcw - ok
09:56:51.0703 6032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:56:51.0703 6032 PEAUTH - ok
09:56:51.0749 6032 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:56:51.0781 6032 PeerDistSvc - ok
09:56:51.0796 6032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:56:51.0796 6032 PerfHost - ok
09:56:51.0843 6032 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:56:51.0874 6032 pla - ok
09:56:51.0905 6032 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:56:51.0905 6032 PlugPlay - ok
09:56:51.0937 6032 [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:56:51.0937 6032 Pml Driver HPZ12 - ok
09:56:51.0952 6032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:56:51.0952 6032 PNRPAutoReg - ok
09:56:51.0983 6032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:56:51.0983 6032 PNRPsvc - ok
09:56:51.0999 6032 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:56:51.0999 6032 PolicyAgent - ok
09:56:52.0030 6032 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:56:52.0030 6032 Power - ok
09:56:52.0061 6032 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:56:52.0061 6032 PptpMiniport - ok
09:56:52.0077 6032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:56:52.0093 6032 Processor - ok
09:56:52.0108 6032 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
09:56:52.0108 6032 ProfSvc - ok
09:56:52.0124 6032 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:56:52.0124 6032 ProtectedStorage - ok
09:56:52.0139 6032 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:56:52.0139 6032 Psched - ok
09:56:52.0171 6032 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:56:52.0171 6032 PxHlpa64 - ok
09:56:52.0249 6032 [ DE050F20F541C3731C2CCA1F8224C9B2 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:56:52.0249 6032 QBCFMonitorService - ok
09:56:52.0264 6032 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:56:52.0264 6032 QBFCService - ok
09:56:52.0327 6032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:56:52.0358 6032 ql2300 - ok
09:56:52.0358 6032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:56:52.0373 6032 ql40xx - ok
09:56:52.0405 6032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:56:52.0405 6032 QWAVE - ok
09:56:52.0420 6032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:56:52.0436 6032 QWAVEdrv - ok
09:56:52.0436 6032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:56:52.0451 6032 RasAcd - ok
09:56:52.0467 6032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:56:52.0467 6032 RasAgileVpn - ok
09:56:52.0483 6032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:56:52.0483 6032 RasAuto - ok
09:56:52.0498 6032 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:56:52.0498 6032 Rasl2tp - ok
09:56:52.0514 6032 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:56:52.0529 6032 RasMan - ok
09:56:52.0529 6032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:56:52.0529 6032 RasPppoe - ok
09:56:52.0529 6032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:56:52.0545 6032 RasSstp - ok
09:56:52.0607 6032 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:56:52.0607 6032 rdbss - ok
09:56:52.0623 6032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:56:52.0623 6032 rdpbus - ok
09:56:52.0639 6032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:56:52.0639 6032 RDPCDD - ok
09:56:52.0654 6032 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:56:52.0670 6032 RDPDR - ok
09:56:52.0670 6032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:56:52.0670 6032 RDPENCDD - ok
09:56:52.0670 6032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:56:52.0670 6032 RDPREFMP - ok
09:56:52.0685 6032 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:56:52.0701 6032 RDPWD - ok
09:56:52.0717 6032 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:56:52.0717 6032 rdyboost - ok
09:56:52.0748 6032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:56:52.0748 6032 RemoteAccess - ok
09:56:52.0763 6032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:56:52.0763 6032 RemoteRegistry - ok
09:56:52.0795 6032 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
09:56:52.0795 6032 RMCAST - ok
09:56:52.0888 6032 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:56:52.0919 6032 RoxMediaDB12OEM - ok
09:56:52.0935 6032 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:56:52.0951 6032 RoxWatch12 - ok
09:56:52.0966 6032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:56:52.0966 6032 RpcEptMapper - ok
09:56:52.0982 6032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:56:52.0982 6032 RpcLocator - ok
09:56:52.0997 6032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:56:52.0997 6032 RpcSs - ok
09:56:53.0029 6032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:56:53.0029 6032 rspndr - ok
09:56:53.0060 6032 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:56:53.0075 6032 RTL8167 - ok
09:56:53.0091 6032 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:56:53.0107 6032 s3cap - ok
09:56:53.0122 6032 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:56:53.0122 6032 SamSs - ok
09:56:53.0169 6032 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:56:53.0169 6032 SASDIFSV - ok
09:56:53.0185 6032 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:56:53.0185 6032 SASKUTIL - ok
09:56:53.0200 6032 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:56:53.0200 6032 sbp2port - ok
09:56:53.0231 6032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:56:53.0231 6032 SCardSvr - ok
09:56:53.0247 6032 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:56:53.0247 6032 scfilter - ok
09:56:53.0278 6032 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:56:53.0294 6032 Schedule - ok
09:56:53.0309 6032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:56:53.0309 6032 SCPolicySvc - ok
09:56:53.0325 6032 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:56:53.0325 6032 SDRSVC - ok
09:56:53.0341 6032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:56:53.0341 6032 secdrv - ok
09:56:53.0356 6032 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:56:53.0356 6032 seclogon - ok
09:56:53.0372 6032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:56:53.0387 6032 SENS - ok
09:56:53.0387 6032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:56:53.0403 6032 SensrSvc - ok
09:56:53.0419 6032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:56:53.0419 6032 Serenum - ok
09:56:53.0434 6032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:56:53.0434 6032 Serial - ok
09:56:53.0465 6032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:56:53.0465 6032 sermouse - ok
09:56:53.0481 6032 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:56:53.0481 6032 SessionEnv - ok
09:56:53.0497 6032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:56:53.0497 6032 sffdisk - ok
09:56:53.0512 6032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:56:53.0512 6032 sffp_mmc - ok
09:56:53.0528 6032 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:56:53.0528 6032 sffp_sd - ok
09:56:53.0543 6032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:56:53.0559 6032 sfloppy - ok
09:56:53.0575 6032 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:56:53.0590 6032 SharedAccess - ok
09:56:53.0606 6032 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:56:53.0606 6032 ShellHWDetection - ok
09:56:53.0621 6032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:56:53.0637 6032 SiSRaid2 - ok
09:56:53.0637 6032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:56:53.0637 6032 SiSRaid4 - ok
09:56:53.0668 6032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:56:53.0668 6032 Smb - ok
09:56:53.0699 6032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:56:53.0715 6032 SNMPTRAP - ok
09:56:53.0715 6032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:56:53.0715 6032 spldr - ok
09:56:53.0731 6032 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:56:53.0746 6032 Spooler - ok
09:56:53.0809 6032 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:56:53.0809 6032 sppsvc - ok
09:56:53.0824 6032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:56:53.0824 6032 sppuinotify - ok
09:56:53.0855 6032 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:56:53.0855 6032 srv - ok
09:56:53.0871 6032 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:56:53.0871 6032 srv2 - ok
09:56:53.0887 6032 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:56:53.0887 6032 srvnet - ok
09:56:53.0902 6032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:56:53.0918 6032 SSDPSRV - ok
09:56:53.0918 6032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:56:53.0933 6032 SstpSvc - ok
09:56:53.0949 6032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:56:53.0949 6032 stexstor - ok
09:56:53.0980 6032 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:56:53.0980 6032 stisvc - ok
09:56:54.0027 6032 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:56:54.0027 6032 stllssvr - ok
09:56:54.0043 6032 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:56:54.0058 6032 StorSvc - ok
09:56:54.0074 6032 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:56:54.0089 6032 storvsc - ok
09:56:54.0105 6032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:56:54.0105 6032 swenum - ok
09:56:54.0136 6032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:56:54.0136 6032 swprv - ok
09:56:54.0152 6032 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
09:56:54.0167 6032 SynthVid - ok
09:56:54.0199 6032 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:56:54.0214 6032 SysMain - ok
09:56:54.0245 6032 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:56:54.0245 6032 TabletInputService - ok
09:56:54.0245 6032 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:56:54.0261 6032 TapiSrv - ok
09:56:54.0277 6032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:56:54.0277 6032 TBS - ok
09:56:54.0323 6032 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:56:54.0355 6032 Tcpip - ok
09:56:54.0401 6032 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:56:54.0417 6032 TCPIP6 - ok
09:56:54.0433 6032 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:56:54.0433 6032 tcpipreg - ok
09:56:54.0448 6032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:56:54.0448 6032 TDPIPE - ok
09:56:54.0464 6032 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:56:54.0479 6032 TDTCP - ok
09:56:54.0479 6032 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:56:54.0495 6032 tdx - ok
09:56:54.0511 6032 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:56:54.0511 6032 TermDD - ok
09:56:54.0542 6032 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:56:54.0542 6032 TermService - ok
09:56:54.0557 6032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:56:54.0557 6032 Themes - ok
09:56:54.0573 6032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:56:54.0573 6032 THREADORDER - ok
09:56:54.0589 6032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:56:54.0604 6032 TrkWks - ok
09:56:54.0635 6032 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:56:54.0635 6032 TrustedInstaller - ok
09:56:54.0651 6032 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:56:54.0651 6032 tssecsrv - ok
09:56:54.0682 6032 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:56:54.0682 6032 TsUsbFlt - ok
09:56:54.0698 6032 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:56:54.0698 6032 TsUsbGD - ok
09:56:54.0854 6032 [ B66983B129D26C8D13E4055DB5134BE5 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
09:56:54.0869 6032 TuneUp.Defrag - ok
09:56:54.0901 6032 [ 06057242AE20DE851DFCBB6863F1C9BC ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
09:56:54.0916 6032 TuneUp.UtilitiesSvc - ok
09:56:54.0932 6032 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
09:56:54.0932 6032 TuneUpUtilitiesDrv - ok
09:56:54.0963 6032 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:56:54.0963 6032 tunnel - ok
09:56:54.0963 6032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:56:54.0963 6032 uagp35 - ok
09:56:54.0979 6032 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:56:54.0994 6032 udfs - ok
09:56:55.0010 6032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:56:55.0025 6032 UI0Detect - ok
09:56:55.0041 6032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:56:55.0041 6032 uliagpkx - ok
09:56:55.0088 6032 [ 694BCF23662F97D987CF4C6739C35F8B ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
09:56:55.0088 6032 UltraMonUtility - ok
09:56:55.0103 6032 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:56:55.0103 6032 umbus - ok
09:56:55.0103 6032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:56:55.0119 6032 UmPass - ok
09:56:55.0135 6032 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:56:55.0135 6032 UmRdpService - ok
09:56:55.0213 6032 [ F7A1F83F28B125AA3737BC06EABB0CD5 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:56:55.0213 6032 UNS - ok
09:56:55.0244 6032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:56:55.0244 6032 upnphost - ok
09:56:55.0275 6032 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:56:55.0275 6032 usbccgp - ok
09:56:55.0306 6032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:56:55.0306 6032 usbcir - ok
09:56:55.0322 6032 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:56:55.0322 6032 usbehci - ok
09:56:55.0353 6032 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:56:55.0353 6032 usbhub - ok
09:56:55.0369 6032 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:56:55.0369 6032 usbohci - ok
09:56:55.0400 6032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:56:55.0400 6032 usbprint - ok
09:56:55.0400 6032 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:56:55.0400 6032 USBSTOR - ok
09:56:55.0431 6032 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:56:55.0431 6032 usbuhci - ok
09:56:55.0447 6032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:56:55.0462 6032 UxSms - ok
09:56:55.0493 6032 [ DCC46AA99A1DB65296D1FE5B30CFE0CF ] UxTuneUp C:\Windows\System32\uxtuneup.dll
09:56:55.0493 6032 UxTuneUp - ok
09:56:55.0493 6032 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:56:55.0509 6032 VaultSvc - ok
09:56:55.0509 6032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:56:55.0509 6032 vdrvroot - ok
09:56:55.0540 6032 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:56:55.0540 6032 vds - ok
09:56:55.0556 6032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:56:55.0571 6032 vga - ok
09:56:55.0587 6032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:56:55.0587 6032 VgaSave - ok
09:56:55.0603 6032 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:56:55.0603 6032 vhdmp - ok
09:56:55.0618 6032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:56:55.0618 6032 viaide - ok
09:56:55.0634 6032 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:56:55.0649 6032 VMBusHID - ok
09:56:55.0665 6032 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:56:55.0665 6032 volmgr - ok
09:56:55.0681 6032 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:56:55.0681 6032 volmgrx - ok
09:56:55.0696 6032 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:56:55.0696 6032 volsnap - ok
09:56:55.0712 6032 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
09:56:55.0712 6032 vpcbus - ok
09:56:55.0743 6032 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
09:56:55.0743 6032 vpcnfltr - ok
09:56:55.0759 6032 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
09:56:55.0759 6032 vpcusb - ok
09:56:55.0790 6032 [ 30D4243726A15A14F5C5E45898D14394 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
09:56:55.0790 6032 vpcvmm - ok
09:56:55.0805 6032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:56:55.0805 6032 vsmraid - ok
09:56:55.0868 6032 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:56:55.0883 6032 VSS - ok
09:56:55.0899 6032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:56:55.0899 6032 vwifibus - ok
09:56:55.0930 6032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:56:55.0930 6032 W32Time - ok
09:56:55.0946 6032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:56:55.0946 6032 WacomPen - ok
09:56:55.0977 6032 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:56:55.0977 6032 WANARP - ok
09:56:55.0977 6032 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:56:55.0977 6032 Wanarpv6 - ok
09:56:56.0039 6032 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:56:56.0071 6032 WatAdminSvc - ok
09:56:56.0102 6032 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:56:56.0133 6032 wbengine - ok
09:56:56.0133 6032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:56:56.0149 6032 WbioSrvc - ok
09:56:56.0164 6032 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:56:56.0164 6032 wcncsvc - ok
09:56:56.0180 6032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:56:56.0180 6032 WcsPlugInService - ok
09:56:56.0211 6032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:56:56.0211 6032 Wd - ok
09:56:56.0227 6032 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:56:56.0242 6032 Wdf01000 - ok
09:56:56.0258 6032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:56:56.0258 6032 WdiServiceHost - ok
09:56:56.0258 6032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:56:56.0258 6032 WdiSystemHost - ok
09:56:56.0273 6032 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:56:56.0289 6032 WebClient - ok
09:56:56.0289 6032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:56:56.0289 6032 Wecsvc - ok
09:56:56.0305 6032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:56:56.0305 6032 wercplsupport - ok
09:56:56.0336 6032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:56:56.0336 6032 WerSvc - ok
09:56:56.0351 6032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:56:56.0351 6032 WfpLwf - ok
09:56:56.0367 6032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:56:56.0367 6032 WIMMount - ok
09:56:56.0367 6032 WinDefend - ok
09:56:56.0383 6032 WinHttpAutoProxySvc - ok
09:56:56.0539 6032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:56:56.0539 6032 Winmgmt - ok
09:56:56.0570 6032 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:56:56.0617 6032 WinRM - ok
09:56:56.0648 6032 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:56:56.0648 6032 WinUsb - ok
09:56:56.0663 6032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:56:56.0679 6032 Wlansvc - ok
09:56:56.0710 6032 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:56:56.0710 6032 wlcrasvc - ok
09:56:56.0757 6032 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:56:56.0773 6032 wlidsvc - ok
09:56:56.0788 6032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:56:56.0788 6032 WmiAcpi - ok
09:56:56.0819 6032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:56:56.0819 6032 wmiApSrv - ok
09:56:56.0835 6032 WMPNetworkSvc - ok
09:56:56.0866 6032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:56:56.0866 6032 WPCSvc - ok
09:56:56.0882 6032 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:56:56.0882 6032 WPDBusEnum - ok
09:56:56.0882 6032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:56:56.0897 6032 ws2ifsl - ok
09:56:56.0897 6032 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:56:56.0913 6032 wscsvc - ok
09:56:56.0929 6032 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:56:56.0929 6032 WSDPrintDevice - ok
09:56:56.0929 6032 WSearch - ok
09:56:56.0991 6032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:56:57.0007 6032 wuauserv - ok
09:56:57.0022 6032 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:56:57.0022 6032 WudfPf - ok
09:56:57.0038 6032 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:56:57.0038 6032 WUDFRd - ok
09:56:57.0053 6032 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:56:57.0069 6032 wudfsvc - ok
09:56:57.0069 6032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:56:57.0085 6032 WwanSvc - ok
09:56:57.0085 6032 ================ Scan global ===============================
09:56:57.0100 6032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:56:57.0116 6032 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:56:57.0131 6032 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:56:57.0147 6032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:56:57.0163 6032 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:56:57.0178 6032 [Global] - ok
09:56:57.0178 6032 ================ Scan MBR ==================================
09:56:57.0194 6032 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:56:57.0428 6032 \Device\Harddisk0\DR0 - ok
09:56:57.0428 6032 ================ Scan VBR ==================================
09:56:57.0428 6032 [ 80100AB28149EAAFA4715AA2C20E1CC7 ] \Device\Harddisk0\DR0\Partition1
09:56:57.0443 6032 \Device\Harddisk0\DR0\Partition1 - ok
09:56:57.0459 6032 [ 96FFA7AD781F68392D67B779796E649D ] \Device\Harddisk0\DR0\Partition2
09:56:57.0475 6032 \Device\Harddisk0\DR0\Partition2 - ok
09:56:57.0475 6032 ============================================================
09:56:57.0475 6032 Scan finished
09:56:57.0475 6032 ============================================================
09:56:57.0475 2376 Detected object count: 0
09:56:57.0475 2376 Actual detected object count: 0
09:58:11.0762 5692 Deinitialize success

==============================================================================================

2) aswMBR log:

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 09:59:24
-----------------------------
09:59:24.777 OS Version: Windows x64 6.1.7601 Service Pack 1
09:59:24.777 Number of processors: 4 586 0x2A07
09:59:24.777 ComputerName: LC-PC UserName: lc
09:59:26.212 Initialize success
10:01:32.352 AVAST engine defs: 12090501
10:01:42.024 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:01:42.024 Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
10:01:42.040 Disk 0 MBR read successfully
10:01:42.055 Disk 0 MBR scan
10:01:42.055 Disk 0 Windows VISTA default MBR code
10:01:42.055 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:01:42.071 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14640 MB offset 81920
10:01:42.086 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462256 MB offset 30064640
10:01:42.102 Disk 0 scanning C:\Windows\system32\drivers
10:01:56.875 Service scanning
10:02:19.105 Modules scanning
10:02:19.105 Disk 0 trace - called modules:
10:02:19.121 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:02:19.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007aa6060]
10:02:19.136 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800742a060]
10:02:28.824 AVAST engine scan C:\Windows
10:02:31.616 AVAST engine scan C:\Windows\system32
10:05:50.969 AVAST engine scan C:\Windows\system32\drivers
10:06:09.284 AVAST engine scan C:\Users\lc
10:10:01.180 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:10:01.180 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 09:59:24
-----------------------------
09:59:24.777 OS Version: Windows x64 6.1.7601 Service Pack 1
09:59:24.777 Number of processors: 4 586 0x2A07
09:59:24.777 ComputerName: LC-PC UserName: lc
09:59:26.212 Initialize success
10:01:32.352 AVAST engine defs: 12090501
10:01:42.024 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:01:42.024 Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
10:01:42.040 Disk 0 MBR read successfully
10:01:42.055 Disk 0 MBR scan
10:01:42.055 Disk 0 Windows VISTA default MBR code
10:01:42.055 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:01:42.071 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14640 MB offset 81920
10:01:42.086 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462256 MB offset 30064640
10:01:42.102 Disk 0 scanning C:\Windows\system32\drivers
10:01:56.875 Service scanning
10:02:19.105 Modules scanning
10:02:19.105 Disk 0 trace - called modules:
10:02:19.121 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:02:19.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007aa6060]
10:02:19.136 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800742a060]
10:02:28.824 AVAST engine scan C:\Windows
10:02:31.616 AVAST engine scan C:\Windows\system32
10:05:50.969 AVAST engine scan C:\Windows\system32\drivers
10:06:09.284 AVAST engine scan C:\Users\lc
10:10:01.180 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:10:01.180 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"
10:14:40.148 AVAST engine scan C:\ProgramData
10:15:38.929 Scan finished successfully
10:17:21.748 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:17:21.748 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 09:59:24
-----------------------------
09:59:24.777 OS Version: Windows x64 6.1.7601 Service Pack 1
09:59:24.777 Number of processors: 4 586 0x2A07
09:59:24.777 ComputerName: LC-PC UserName: lc
09:59:26.212 Initialize success
10:01:32.352 AVAST engine defs: 12090501
10:01:42.024 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:01:42.024 Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
10:01:42.040 Disk 0 MBR read successfully
10:01:42.055 Disk 0 MBR scan
10:01:42.055 Disk 0 Windows VISTA default MBR code
10:01:42.055 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:01:42.071 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14640 MB offset 81920
10:01:42.086 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462256 MB offset 30064640
10:01:42.102 Disk 0 scanning C:\Windows\system32\drivers
10:01:56.875 Service scanning
10:02:19.105 Modules scanning
10:02:19.105 Disk 0 trace - called modules:
10:02:19.121 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:02:19.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007aa6060]
10:02:19.136 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800742a060]
10:02:28.824 AVAST engine scan C:\Windows
10:02:31.616 AVAST engine scan C:\Windows\system32
10:05:50.969 AVAST engine scan C:\Windows\system32\drivers
10:06:09.284 AVAST engine scan C:\Users\lc
10:10:01.180 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:10:01.180 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"
10:14:40.148 AVAST engine scan C:\ProgramData
10:15:38.929 Scan finished successfully
10:17:21.748 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:17:21.748 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"
10:18:03.622 Disk 0 MBR has been saved successfully to "C:\Users\lc\Desktop\MBR.dat"
10:18:03.638 The log file has been saved successfully to "C:\Users\lc\Desktop\aswMBR.txt"

========================================================================================

shark

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:57 PM

Posted 05 September 2012 - 02:07 PM

Is it any better?

In not then run..
Download Bootkit Remover to your Desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 thesharkman

thesharkman
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 03:06 PM

Is it any better?


hi boop,

nope, i'm still getting the pop ups. will run bootkit and report back.

shark

#6 thesharkman

thesharkman
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 03:10 PM

bootkit result:

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Service Pack 1 (build 7601), 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000003`95800000
Boot sector MD5 is: 0ec6b2481fc707d1e901dc2a875f2826

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

-----------------------------

shark

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:57 PM

Posted 05 September 2012 - 03:18 PM

Ok,Appears we need adeeper look to get this off.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 thesharkman

thesharkman
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 03:25 PM

will do.... be back w/ my report. thx!

shark

#9 thesharkman

thesharkman
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 05 September 2012 - 04:06 PM

boopme,

here is the new thread in the BleepingComputer.com> Security> Virus, Trojan, Spyware, and Malware Removal Logs:

http://www.bleepingcomputer.com/forums/topic467604.html

the DDS log is posted and the attach.txt is attached.

thanks for looking.

shark

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:57 PM

Posted 05 September 2012 - 07:35 PM

Thank you.
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users