Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MalwareBytes: Successfully blocked access to a potentially malicious website


  • This topic is locked This topic is locked
25 replies to this topic

#1 marija_peg

marija_peg

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 24 January 2013 - 02:16 PM

For the last 5 minutes I have been getting this pop-up every 10 seconds, the website is 195.161.25.18, type:incoming, process: svchost.exe.
I ran SuperAntiSpyware which found 18 tracking cookies which I removed, MalwareBytes found nothing and I did a CCleaner sweep. Advice?

Another one just showed up, the website is different: 77.78.229.60, also svchost.exe
Thank you.

edit: another pop-up, website 91.188.38.18 (don't know if this is relevant, so just in case)

Edited by marija_peg, 24 January 2013 - 02:17 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:40 AM

Posted 24 January 2013 - 02:55 PM

Hello, well the IP is not a good one.
http://myip.ms/view/ip_addresses/3282114816/195.161.25.0_195.161.25.255#p_owner

You have the Paid MBAM?

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 24 January 2013 - 03:06 PM

TDSSKiller

21:02:05.0509 2844 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:02:05.0655 2844 ============================================================
21:02:05.0655 2844 Current date / time: 2013/01/24 21:02:05.0655
21:02:05.0655 2844 SystemInfo:
21:02:05.0655 2844
21:02:05.0655 2844 OS Version: 6.1.7601 ServicePack: 1.0
21:02:05.0655 2844 Product type: Workstation
21:02:05.0655 2844 ComputerName: GREGS
21:02:05.0655 2844 UserName: XX
21:02:05.0655 2844 Windows directory: C:\Windows
21:02:05.0655 2844 System windows directory: C:\Windows
21:02:05.0655 2844 Processor architecture: Intel x86
21:02:05.0655 2844 Number of processors: 2
21:02:05.0655 2844 Page size: 0x1000
21:02:05.0655 2844 Boot type: Normal boot
21:02:05.0655 2844 ============================================================
21:02:06.0570 2844 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:02:06.0572 2844 ============================================================
21:02:06.0572 2844 \Device\Harddisk0\DR0:
21:02:06.0573 2844 MBR partitions:
21:02:06.0573 2844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:02:06.0573 2844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x18FFF2C9
21:02:06.0593 2844 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19031B08, BlocksNum 0x318253B9
21:02:06.0593 2844 ============================================================
21:02:06.0655 2844 C: <-> \Device\Harddisk0\DR0\Partition2
21:02:06.0693 2844 D: <-> \Device\Harddisk0\DR0\Partition3
21:02:06.0693 2844 ============================================================
21:02:06.0693 2844 Initialize success
21:02:06.0693 2844 ============================================================
21:02:26.0013 3976 ============================================================
21:02:26.0013 3976 Scan started
21:02:26.0013 3976 Mode: Manual; TDLFS;
21:02:26.0013 3976 ============================================================
21:02:26.0182 3976 ================ Scan system memory ========================
21:02:26.0182 3976 System memory - ok
21:02:26.0183 3976 ================ Scan services =============================
21:02:26.0353 3976 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:02:26.0354 3976 !SASCORE - ok
21:02:26.0812 3976 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:02:26.0816 3976 1394ohci - ok
21:02:26.0854 3976 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:02:26.0859 3976 ACPI - ok
21:02:26.0891 3976 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:02:26.0892 3976 AcpiPmi - ok
21:02:27.0028 3976 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:27.0030 3976 AdobeARMservice - ok
21:02:27.0141 3976 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:27.0145 3976 AdobeFlashPlayerUpdateSvc - ok
21:02:27.0206 3976 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:02:27.0213 3976 adp94xx - ok
21:02:27.0236 3976 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:02:27.0241 3976 adpahci - ok
21:02:27.0246 3976 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:02:27.0250 3976 adpu320 - ok
21:02:27.0278 3976 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:02:27.0280 3976 AeLookupSvc - ok
21:02:27.0323 3976 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:02:27.0328 3976 AFD - ok
21:02:27.0362 3976 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:02:27.0364 3976 agp440 - ok
21:02:27.0392 3976 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:02:27.0394 3976 aic78xx - ok
21:02:27.0418 3976 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:02:27.0421 3976 ALG - ok
21:02:27.0453 3976 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:02:27.0455 3976 aliide - ok
21:02:27.0470 3976 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:02:27.0471 3976 amdagp - ok
21:02:27.0487 3976 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:02:27.0489 3976 amdide - ok
21:02:27.0520 3976 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:02:27.0522 3976 AmdK8 - ok
21:02:27.0526 3976 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:02:27.0528 3976 AmdPPM - ok
21:02:27.0555 3976 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:02:27.0557 3976 amdsata - ok
21:02:27.0563 3976 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:02:27.0566 3976 amdsbs - ok
21:02:27.0583 3976 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:02:27.0585 3976 amdxata - ok
21:02:27.0641 3976 [ 755D74BED450F7342F9D0AB01EFCF1AA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
21:02:27.0644 3976 AmUStor - ok
21:02:27.0720 3976 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:02:27.0737 3976 AppID - ok
21:02:27.0778 3976 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:02:27.0780 3976 AppIDSvc - ok
21:02:27.0818 3976 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:02:27.0820 3976 Appinfo - ok
21:02:27.0843 3976 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:02:27.0844 3976 AppMgmt - ok
21:02:27.0877 3976 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:02:27.0879 3976 arc - ok
21:02:27.0884 3976 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:02:27.0886 3976 arcsas - ok
21:02:27.0954 3976 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:02:27.0956 3976 ASLDRService - ok
21:02:27.0972 3976 [ B9FDFA552EBA5B4BF377F7CCEC9B8BC7 ] ASMMAP C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys
21:02:27.0975 3976 ASMMAP - ok
21:02:28.0025 3976 [ A3938D491EAEE2B83D3A3631C3273182 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
21:02:28.0028 3976 asmthub3 - ok
21:02:28.0070 3976 [ FE5FFED1DBA8DA0C9064202207301BA4 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
21:02:28.0075 3976 asmtxhci - ok
21:02:28.0112 3976 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:28.0114 3976 AsyncMac - ok
21:02:28.0154 3976 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:02:28.0155 3976 atapi - ok
21:02:28.0211 3976 [ 988E54F204136709E2CF1185E54BFA65 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
21:02:28.0213 3976 AthBTPort - ok
21:02:28.0301 3976 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
21:02:28.0302 3976 Atheros Bt&Wlan Coex Agent - ok
21:02:28.0328 3976 [ 95A7A938518F7D86B0D03FA06B034F0B ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
21:02:28.0329 3976 AtherosSvc - ok
21:02:28.0359 3976 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:02:28.0361 3976 ATKGFNEXSrv - ok
21:02:28.0415 3976 [ 6C12AD7F62FD34775C097D8FD1727EC9 ] ATKWMIACPIIO C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys
21:02:28.0417 3976 ATKWMIACPIIO - ok
21:02:28.0469 3976 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:28.0476 3976 AudioEndpointBuilder - ok
21:02:28.0484 3976 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:02:28.0488 3976 Audiosrv - ok
21:02:28.0500 3976 Avgfwfd - ok
21:02:28.0736 3976 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
21:02:28.0883 3976 AVGIDSAgent - ok
21:02:28.0941 3976 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
21:02:28.0944 3976 AVGIDSDriver - ok
21:02:28.0957 3976 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
21:02:28.0959 3976 AVGIDSHX - ok
21:02:28.0973 3976 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
21:02:28.0987 3976 AVGIDSShim - ok
21:02:29.0005 3976 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
21:02:29.0008 3976 Avgldx86 - ok
21:02:29.0045 3976 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
21:02:29.0048 3976 Avglogx - ok
21:02:29.0061 3976 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
21:02:29.0064 3976 Avgmfx86 - ok
21:02:29.0084 3976 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
21:02:29.0086 3976 Avgrkx86 - ok
21:02:29.0110 3976 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
21:02:29.0113 3976 Avgtdix - ok
21:02:29.0150 3976 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
21:02:29.0152 3976 avgwd - ok
21:02:29.0202 3976 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:02:29.0205 3976 AxInstSV - ok
21:02:29.0243 3976 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:02:29.0251 3976 b06bdrv - ok
21:02:29.0280 3976 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:02:29.0284 3976 b57nd60x - ok
21:02:29.0331 3976 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:02:29.0334 3976 BDESVC - ok
21:02:29.0348 3976 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:02:29.0348 3976 Beep - ok
21:02:29.0403 3976 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:02:29.0410 3976 BFE - ok
21:02:29.0464 3976 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:02:29.0469 3976 BITS - ok
21:02:29.0491 3976 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:02:29.0493 3976 blbdrive - ok
21:02:29.0521 3976 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:02:29.0523 3976 bowser - ok
21:02:29.0525 3976 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:02:29.0527 3976 BrFiltLo - ok
21:02:29.0530 3976 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:02:29.0531 3976 BrFiltUp - ok
21:02:29.0567 3976 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
21:02:29.0569 3976 Browser - ok
21:02:29.0593 3976 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:02:29.0597 3976 Brserid - ok
21:02:29.0601 3976 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:02:29.0603 3976 BrSerWdm - ok
21:02:29.0608 3976 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:02:29.0610 3976 BrUsbMdm - ok
21:02:29.0612 3976 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:02:29.0613 3976 BrUsbSer - ok
21:02:29.0665 3976 [ CBD9F479F1023D479DF61C0753C7EEC9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
21:02:29.0670 3976 BTATH_A2DP - ok
21:02:29.0691 3976 [ 2429BE4D0BC548C98FAB18244E701FD7 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
21:02:29.0694 3976 btath_avdt - ok
21:02:29.0722 3976 [ A270CA996F3B265D936D4114D11D36E8 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
21:02:29.0724 3976 BTATH_BUS - ok
21:02:29.0739 3976 [ F093C20121DEB3885658CE9E2BBE0ED2 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
21:02:29.0742 3976 BTATH_HCRP - ok
21:02:29.0759 3976 [ DE74F771A80886C51BE8108AA76829C1 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:02:29.0761 3976 BTATH_LWFLT - ok
21:02:29.0791 3976 [ 7F58F896225B0D35A0BFABA05AE88B0A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
21:02:29.0796 3976 BTATH_RCP - ok
21:02:29.0826 3976 [ 301B5A5A7D2CA91724B8E299310E5F98 ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
21:02:29.0832 3976 BTATH_VDP - ok
21:02:29.0899 3976 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:02:29.0901 3976 BthEnum - ok
21:02:29.0920 3976 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:02:29.0922 3976 BTHMODEM - ok
21:02:29.0949 3976 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:02:29.0951 3976 BthPan - ok
21:02:29.0996 3976 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:02:30.0002 3976 BTHPORT - ok
21:02:30.0048 3976 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:02:30.0050 3976 bthserv - ok
21:02:30.0070 3976 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:02:30.0073 3976 BTHUSB - ok
21:02:30.0110 3976 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:02:30.0112 3976 cdfs - ok
21:02:30.0152 3976 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:02:30.0153 3976 cdrom - ok
21:02:30.0207 3976 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:02:30.0210 3976 CertPropSvc - ok
21:02:30.0225 3976 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:02:30.0227 3976 circlass - ok
21:02:30.0269 3976 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:02:30.0274 3976 CLFS - ok
21:02:30.0426 3976 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:30.0428 3976 clr_optimization_v2.0.50727_32 - ok
21:02:30.0606 3976 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:30.0609 3976 clr_optimization_v4.0.30319_32 - ok
21:02:30.0638 3976 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:02:30.0640 3976 CmBatt - ok
21:02:30.0665 3976 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:02:30.0667 3976 cmdide - ok
21:02:30.0718 3976 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
21:02:30.0724 3976 CNG - ok
21:02:30.0761 3976 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:02:30.0762 3976 Compbatt - ok
21:02:30.0815 3976 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:02:30.0817 3976 CompositeBus - ok
21:02:30.0829 3976 COMSysApp - ok
21:02:30.0875 3976 [ 651E7A42942D0B0E4571887F40F408B4 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
21:02:30.0880 3976 cphs - ok
21:02:30.0883 3976 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:02:30.0886 3976 crcdisk - ok
21:02:30.0971 3976 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:02:30.0974 3976 CryptSvc - ok
21:02:31.0020 3976 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:02:31.0026 3976 CSC - ok
21:02:31.0078 3976 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:02:31.0085 3976 CscService - ok
21:02:31.0139 3976 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:02:31.0146 3976 DcomLaunch - ok
21:02:31.0175 3976 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:02:31.0180 3976 defragsvc - ok
21:02:31.0222 3976 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:02:31.0224 3976 DfsC - ok
21:02:31.0281 3976 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:02:31.0283 3976 Dhcp - ok
21:02:31.0320 3976 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:02:31.0322 3976 discache - ok
21:02:31.0339 3976 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:02:31.0341 3976 Disk - ok
21:02:31.0371 3976 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:02:31.0374 3976 Dnscache - ok
21:02:31.0405 3976 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:02:31.0409 3976 dot3svc - ok
21:02:31.0446 3976 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:02:31.0449 3976 DPS - ok
21:02:31.0490 3976 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:02:31.0492 3976 drmkaud - ok
21:02:31.0538 3976 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:02:31.0548 3976 DXGKrnl - ok
21:02:31.0599 3976 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:02:31.0602 3976 EapHost - ok
21:02:31.0696 3976 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:02:31.0764 3976 ebdrv - ok
21:02:31.0800 3976 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:02:31.0802 3976 EFS - ok
21:02:31.0939 3976 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:02:31.0946 3976 ehRecvr - ok
21:02:31.0978 3976 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:02:31.0980 3976 ehSched - ok
21:02:32.0044 3976 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:02:32.0050 3976 elxstor - ok
21:02:32.0092 3976 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:02:32.0094 3976 ErrDev - ok
21:02:32.0180 3976 [ 6F857AA66D3E4CC215376B1C265E06F8 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
21:02:32.0182 3976 ETD - ok
21:02:32.0209 3976 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:02:32.0214 3976 EventSystem - ok
21:02:32.0333 3976 [ 00FA69825F68032B601AA1C60E75F06A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:02:32.0347 3976 EvtEng - ok
21:02:32.0394 3976 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:02:32.0397 3976 exfat - ok
21:02:32.0411 3976 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:02:32.0416 3976 fastfat - ok
21:02:32.0462 3976 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:02:32.0470 3976 Fax - ok
21:02:32.0494 3976 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:02:32.0495 3976 fdc - ok
21:02:32.0520 3976 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:02:32.0522 3976 fdPHost - ok
21:02:32.0525 3976 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:02:32.0527 3976 FDResPub - ok
21:02:32.0530 3976 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:02:32.0532 3976 FileInfo - ok
21:02:32.0544 3976 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:02:32.0546 3976 Filetrace - ok
21:02:32.0548 3976 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:02:32.0551 3976 flpydisk - ok
21:02:32.0557 3976 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:02:32.0560 3976 FltMgr - ok
21:02:32.0618 3976 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:02:32.0632 3976 FontCache - ok
21:02:32.0712 3976 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:02:32.0714 3976 FontCache3.0.0.0 - ok
21:02:32.0717 3976 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:02:32.0719 3976 FsDepends - ok
21:02:32.0746 3976 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:02:32.0747 3976 Fs_Rec - ok
21:02:32.0791 3976 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:02:32.0795 3976 fvevol - ok
21:02:32.0816 3976 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:02:32.0818 3976 gagp30kx - ok
21:02:32.0862 3976 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:02:32.0871 3976 gpsvc - ok
21:02:32.0965 3976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:02:32.0967 3976 gupdate - ok
21:02:32.0970 3976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:02:32.0972 3976 gupdatem - ok
21:02:32.0985 3976 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:02:32.0987 3976 hcw85cir - ok
21:02:33.0046 3976 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:02:33.0051 3976 HdAudAddService - ok
21:02:33.0099 3976 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:02:33.0102 3976 HDAudBus - ok
21:02:33.0105 3976 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:02:33.0107 3976 HidBatt - ok
21:02:33.0126 3976 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:02:33.0129 3976 HidBth - ok
21:02:33.0132 3976 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:02:33.0134 3976 HidIr - ok
21:02:33.0147 3976 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:02:33.0149 3976 hidserv - ok
21:02:33.0174 3976 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:02:33.0176 3976 HidUsb - ok
21:02:33.0203 3976 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:02:33.0206 3976 hkmsvc - ok
21:02:33.0247 3976 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:02:33.0251 3976 HomeGroupListener - ok
21:02:33.0304 3976 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:02:33.0308 3976 HomeGroupProvider - ok
21:02:33.0346 3976 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:02:33.0348 3976 HpSAMD - ok
21:02:33.0403 3976 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:02:33.0410 3976 HTTP - ok
21:02:33.0451 3976 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:02:33.0453 3976 hwpolicy - ok
21:02:33.0494 3976 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:02:33.0496 3976 i8042prt - ok
21:02:33.0539 3976 [ 9615DAF540B2C04DC871D10D7AE59F38 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:02:33.0542 3976 iaStor - ok
21:02:33.0585 3976 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:02:33.0590 3976 iaStorV - ok
21:02:33.0686 3976 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:02:33.0701 3976 idsvc - ok
21:02:33.0821 3976 [ 08635472A005E4881FBF0164AA19B44F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:02:33.0912 3976 igfx - ok
21:02:33.0951 3976 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:02:33.0953 3976 iirsp - ok
21:02:34.0013 3976 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:02:34.0022 3976 IKEEXT - ok
21:02:34.0137 3976 [ EDEE2DA9E9DB2A9601221B903451BB7C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:02:34.0206 3976 IntcAzAudAddService - ok
21:02:34.0244 3976 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:02:34.0249 3976 IntcDAud - ok
21:02:34.0276 3976 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:02:34.0278 3976 intelide - ok
21:02:34.0320 3976 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:02:34.0322 3976 intelppm - ok
21:02:34.0338 3976 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:02:34.0341 3976 IPBusEnum - ok
21:02:34.0345 3976 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:02:34.0347 3976 IpFilterDriver - ok
21:02:34.0385 3976 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:02:34.0393 3976 iphlpsvc - ok
21:02:34.0431 3976 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:02:34.0433 3976 IPMIDRV - ok
21:02:34.0436 3976 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:02:34.0439 3976 IPNAT - ok
21:02:34.0462 3976 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:02:34.0463 3976 IRENUM - ok
21:02:34.0506 3976 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:02:34.0508 3976 isapnp - ok
21:02:34.0522 3976 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:02:34.0526 3976 iScsiPrt - ok
21:02:34.0557 3976 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:02:34.0559 3976 kbdclass - ok
21:02:34.0588 3976 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:02:34.0590 3976 kbdhid - ok
21:02:34.0627 3976 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
21:02:34.0629 3976 kbfiltr - ok
21:02:34.0655 3976 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:02:34.0657 3976 KeyIso - ok
21:02:34.0690 3976 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:02:34.0692 3976 KSecDD - ok
21:02:34.0705 3976 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:02:34.0708 3976 KSecPkg - ok
21:02:34.0747 3976 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:02:34.0753 3976 KtmRm - ok
21:02:34.0797 3976 [ ED8227578B0A3A3F8545388FB11782C1 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
21:02:34.0799 3976 L1C - ok
21:02:34.0827 3976 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:02:34.0832 3976 LanmanServer - ok
21:02:34.0857 3976 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:02:34.0861 3976 LanmanWorkstation - ok
21:02:34.0905 3976 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:02:34.0908 3976 lltdio - ok
21:02:34.0932 3976 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:02:34.0936 3976 lltdsvc - ok
21:02:34.0939 3976 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:02:34.0941 3976 lmhosts - ok
21:02:34.0951 3976 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:02:34.0953 3976 LSI_FC - ok
21:02:34.0957 3976 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:02:34.0959 3976 LSI_SAS - ok
21:02:34.0963 3976 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:02:34.0965 3976 LSI_SAS2 - ok
21:02:34.0970 3976 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:02:34.0975 3976 LSI_SCSI - ok
21:02:34.0978 3976 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:02:34.0980 3976 luafv - ok
21:02:35.0029 3976 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:02:35.0031 3976 MBAMProtector - ok
21:02:35.0088 3976 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:02:35.0094 3976 MBAMScheduler - ok
21:02:35.0130 3976 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:02:35.0140 3976 MBAMService - ok
21:02:35.0184 3976 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:02:35.0187 3976 Mcx2Svc - ok
21:02:35.0207 3976 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:02:35.0210 3976 megasas - ok
21:02:35.0216 3976 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:02:35.0220 3976 MegaSR - ok
21:02:35.0269 3976 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
21:02:35.0271 3976 MEI - ok
21:02:35.0468 3976 Microsoft SharePoint Workspace Audit Service - ok
21:02:35.0492 3976 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:02:35.0495 3976 MMCSS - ok
21:02:35.0503 3976 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:02:35.0504 3976 Modem - ok
21:02:35.0527 3976 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:02:35.0558 3976 monitor - ok
21:02:35.0666 3976 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:02:35.0668 3976 mouclass - ok
21:02:35.0693 3976 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:02:35.0695 3976 mouhid - ok
21:02:35.0737 3976 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:02:35.0739 3976 mountmgr - ok
21:02:35.0752 3976 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:02:35.0757 3976 mpio - ok
21:02:35.0804 3976 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:02:35.0806 3976 mpsdrv - ok
21:02:35.0932 3976 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:02:35.0941 3976 MpsSvc - ok
21:02:35.0994 3976 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:02:35.0997 3976 MRxDAV - ok
21:02:36.0033 3976 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:02:36.0035 3976 mrxsmb - ok
21:02:36.0047 3976 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:02:36.0051 3976 mrxsmb10 - ok
21:02:36.0079 3976 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:02:36.0082 3976 mrxsmb20 - ok
21:02:36.0116 3976 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:02:36.0118 3976 msahci - ok
21:02:36.0161 3976 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:02:36.0164 3976 msdsm - ok
21:02:36.0186 3976 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:02:36.0191 3976 MSDTC - ok
21:02:36.0240 3976 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:02:36.0242 3976 Msfs - ok
21:02:36.0245 3976 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:02:36.0247 3976 mshidkmdf - ok
21:02:36.0263 3976 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:02:36.0264 3976 msisadrv - ok
21:02:36.0296 3976 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:02:36.0300 3976 MSiSCSI - ok
21:02:36.0302 3976 msiserver - ok
21:02:36.0312 3976 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:02:36.0314 3976 MSKSSRV - ok
21:02:36.0317 3976 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:02:36.0318 3976 MSPCLOCK - ok
21:02:36.0321 3976 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:02:36.0323 3976 MSPQM - ok
21:02:36.0327 3976 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:02:36.0331 3976 MsRPC - ok
21:02:36.0377 3976 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:02:36.0379 3976 mssmbios - ok
21:02:36.0396 3976 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:02:36.0398 3976 MSTEE - ok
21:02:36.0401 3976 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:02:36.0402 3976 MTConfig - ok
21:02:36.0406 3976 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:02:36.0408 3976 Mup - ok
21:02:36.0497 3976 [ E14ACF696EA9F7A9C2F4938E23B78854 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:02:36.0501 3976 MyWiFiDHCPDNS - ok
21:02:36.0542 3976 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:02:36.0549 3976 napagent - ok
21:02:36.0575 3976 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:02:36.0579 3976 NativeWifiP - ok
21:02:36.0628 3976 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:02:36.0637 3976 NDIS - ok
21:02:36.0674 3976 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:02:36.0675 3976 NdisCap - ok
21:02:36.0689 3976 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:02:36.0690 3976 NdisTapi - ok
21:02:36.0720 3976 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:02:36.0722 3976 Ndisuio - ok
21:02:36.0762 3976 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:02:36.0765 3976 NdisWan - ok
21:02:36.0806 3976 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:02:36.0808 3976 NDProxy - ok
21:02:36.0823 3976 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:02:36.0825 3976 NetBIOS - ok
21:02:36.0860 3976 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:02:36.0864 3976 NetBT - ok
21:02:36.0877 3976 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:02:36.0879 3976 Netlogon - ok
21:02:36.0928 3976 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:02:36.0933 3976 Netman - ok
21:02:36.0962 3976 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:02:36.0968 3976 netprofm - ok
21:02:36.0997 3976 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:37.0000 3976 NetTcpPortSharing - ok
21:02:37.0179 3976 [ 9C23121705590D54DB8A8C6033C782D9 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
21:02:37.0350 3976 NETwNs32 - ok
21:02:37.0392 3976 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:02:37.0394 3976 nfrd960 - ok
21:02:37.0424 3976 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:02:37.0429 3976 NlaSvc - ok
21:02:37.0432 3976 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:02:37.0434 3976 Npfs - ok
21:02:37.0453 3976 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:02:37.0455 3976 nsi - ok
21:02:37.0458 3976 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:02:37.0459 3976 nsiproxy - ok
21:02:37.0504 3976 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:02:37.0538 3976 Ntfs - ok
21:02:37.0571 3976 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:02:37.0572 3976 Null - ok
21:02:37.0613 3976 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:02:37.0616 3976 nvraid - ok
21:02:37.0632 3976 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:02:37.0635 3976 nvstor - ok
21:02:37.0674 3976 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:02:37.0677 3976 nv_agp - ok
21:02:37.0711 3976 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:02:37.0713 3976 ohci1394 - ok
21:02:37.0793 3976 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:37.0796 3976 ose - ok
21:02:37.0978 3976 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:02:38.0103 3976 osppsvc - ok
21:02:38.0154 3976 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:02:38.0160 3976 p2pimsvc - ok
21:02:38.0184 3976 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:02:38.0190 3976 p2psvc - ok
21:02:38.0213 3976 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:02:38.0215 3976 Parport - ok
21:02:38.0248 3976 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:02:38.0251 3976 partmgr - ok
21:02:38.0271 3976 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:02:38.0273 3976 Parvdm - ok
21:02:38.0278 3976 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:02:38.0282 3976 PcaSvc - ok
21:02:38.0300 3976 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:02:38.0304 3976 pci - ok
21:02:38.0346 3976 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:02:38.0347 3976 pciide - ok
21:02:38.0366 3976 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:02:38.0369 3976 pcmcia - ok
21:02:38.0372 3976 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:02:38.0374 3976 pcw - ok
21:02:38.0393 3976 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:02:38.0401 3976 PEAUTH - ok
21:02:38.0441 3976 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:02:38.0472 3976 PeerDistSvc - ok
21:02:38.0533 3976 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:02:38.0587 3976 pla - ok
21:02:38.0663 3976 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:02:38.0669 3976 PlugPlay - ok
21:02:38.0682 3976 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:02:38.0686 3976 PNRPAutoReg - ok
21:02:38.0692 3976 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:02:38.0695 3976 PNRPsvc - ok
21:02:38.0723 3976 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:02:38.0729 3976 PolicyAgent - ok
21:02:38.0770 3976 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:02:38.0774 3976 Power - ok
21:02:38.0804 3976 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:02:38.0807 3976 PptpMiniport - ok
21:02:38.0814 3976 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:02:38.0815 3976 Processor - ok
21:02:38.0860 3976 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
21:02:38.0866 3976 ProfSvc - ok
21:02:38.0877 3976 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:02:38.0879 3976 ProtectedStorage - ok
21:02:38.0910 3976 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:02:38.0912 3976 Psched - ok
21:02:38.0947 3976 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:02:38.0975 3976 ql2300 - ok
21:02:38.0979 3976 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:02:38.0982 3976 ql40xx - ok
21:02:39.0026 3976 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:02:39.0031 3976 QWAVE - ok
21:02:39.0034 3976 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:02:39.0036 3976 QWAVEdrv - ok
21:02:39.0039 3976 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:02:39.0040 3976 RasAcd - ok
21:02:39.0081 3976 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:02:39.0083 3976 RasAgileVpn - ok
21:02:39.0102 3976 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:02:39.0105 3976 RasAuto - ok
21:02:39.0109 3976 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:39.0111 3976 Rasl2tp - ok
21:02:39.0145 3976 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:02:39.0150 3976 RasMan - ok
21:02:39.0181 3976 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:39.0183 3976 RasPppoe - ok
21:02:39.0187 3976 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:02:39.0189 3976 RasSstp - ok
21:02:39.0221 3976 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:02:39.0226 3976 rdbss - ok
21:02:39.0229 3976 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:02:39.0231 3976 rdpbus - ok
21:02:39.0268 3976 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:39.0270 3976 RDPCDD - ok
21:02:39.0283 3976 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:02:39.0286 3976 RDPDR - ok
21:02:39.0305 3976 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:02:39.0306 3976 RDPENCDD - ok
21:02:39.0316 3976 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:02:39.0317 3976 RDPREFMP - ok
21:02:39.0374 3976 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:02:39.0376 3976 RdpVideoMiniport - ok
21:02:39.0409 3976 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:02:39.0413 3976 RDPWD - ok
21:02:39.0463 3976 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:02:39.0472 3976 rdyboost - ok
21:02:39.0556 3976 [ 7031A7D5C3B773BFA14EA5956A18942A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:02:39.0563 3976 RegSrvc - ok
21:02:39.0612 3976 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:02:39.0615 3976 RemoteAccess - ok
21:02:39.0638 3976 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:02:39.0642 3976 RemoteRegistry - ok
21:02:39.0680 3976 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:02:39.0682 3976 RFCOMM - ok
21:02:39.0711 3976 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:02:39.0713 3976 RpcEptMapper - ok
21:02:39.0735 3976 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:02:39.0738 3976 RpcLocator - ok
21:02:39.0761 3976 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:02:39.0765 3976 RpcSs - ok
21:02:39.0803 3976 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:02:39.0806 3976 rspndr - ok
21:02:39.0830 3976 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:02:39.0831 3976 s3cap - ok
21:02:39.0843 3976 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:02:39.0845 3976 SamSs - ok
21:02:39.0903 3976 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:02:39.0904 3976 SASDIFSV - ok
21:02:39.0917 3976 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:02:39.0919 3976 SASKUTIL - ok
21:02:39.0957 3976 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:02:39.0960 3976 sbp2port - ok
21:02:39.0984 3976 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:02:39.0989 3976 SCardSvr - ok
21:02:40.0016 3976 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:02:40.0018 3976 scfilter - ok
21:02:40.0069 3976 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:02:40.0084 3976 Schedule - ok
21:02:40.0128 3976 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:02:40.0130 3976 SCPolicySvc - ok
21:02:40.0169 3976 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:02:40.0173 3976 SDRSVC - ok
21:02:40.0210 3976 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:02:40.0212 3976 secdrv - ok
21:02:40.0225 3976 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:02:40.0228 3976 seclogon - ok
21:02:40.0242 3976 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:02:40.0245 3976 SENS - ok
21:02:40.0270 3976 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:02:40.0273 3976 SensrSvc - ok
21:02:40.0276 3976 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:02:40.0278 3976 Serenum - ok
21:02:40.0281 3976 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:02:40.0284 3976 Serial - ok
21:02:40.0296 3976 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:02:40.0298 3976 sermouse - ok
21:02:40.0339 3976 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:02:40.0343 3976 SessionEnv - ok
21:02:40.0368 3976 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:02:40.0370 3976 sffdisk - ok
21:02:40.0382 3976 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:02:40.0384 3976 sffp_mmc - ok
21:02:40.0395 3976 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:02:40.0396 3976 sffp_sd - ok
21:02:40.0399 3976 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:02:40.0402 3976 sfloppy - ok
21:02:40.0434 3976 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:02:40.0440 3976 SharedAccess - ok
21:02:40.0494 3976 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:02:40.0500 3976 ShellHWDetection - ok
21:02:40.0536 3976 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:02:40.0538 3976 sisagp - ok
21:02:40.0562 3976 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:02:40.0564 3976 SiSRaid2 - ok
21:02:40.0568 3976 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:02:40.0570 3976 SiSRaid4 - ok
21:02:40.0627 3976 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:02:40.0628 3976 SkypeUpdate - ok
21:02:40.0653 3976 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:02:40.0655 3976 Smb - ok
21:02:40.0706 3976 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:02:40.0709 3976 SNMPTRAP - ok
21:02:40.0712 3976 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:02:40.0714 3976 spldr - ok
21:02:40.0754 3976 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
21:02:40.0760 3976 Spooler - ok
21:02:40.0860 3976 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:02:40.0882 3976 sppsvc - ok
21:02:40.0914 3976 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:02:40.0918 3976 sppuinotify - ok
21:02:40.0952 3976 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:02:40.0957 3976 srv - ok
21:02:40.0994 3976 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:02:41.0000 3976 srv2 - ok
21:02:41.0031 3976 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:02:41.0034 3976 srvnet - ok
21:02:41.0055 3976 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:02:41.0059 3976 SSDPSRV - ok
21:02:41.0064 3976 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:02:41.0068 3976 SstpSvc - ok
21:02:41.0099 3976 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:02:41.0101 3976 stexstor - ok
21:02:41.0146 3976 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:02:41.0154 3976 StiSvc - ok
21:02:41.0199 3976 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:02:41.0200 3976 storflt - ok
21:02:41.0209 3976 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:02:41.0210 3976 storvsc - ok
21:02:41.0238 3976 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
21:02:41.0239 3976 swenum - ok
21:02:41.0265 3976 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:02:41.0271 3976 swprv - ok
21:02:41.0274 3976 Synth3dVsc - ok
21:02:41.0326 3976 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:02:41.0361 3976 SysMain - ok
21:02:41.0389 3976 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:02:41.0393 3976 TabletInputService - ok
21:02:41.0427 3976 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:02:41.0433 3976 TapiSrv - ok
21:02:41.0460 3976 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:02:41.0464 3976 TBS - ok
21:02:41.0512 3976 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:02:41.0544 3976 Tcpip - ok
21:02:41.0600 3976 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:02:41.0608 3976 TCPIP6 - ok
21:02:41.0643 3976 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:02:41.0644 3976 tcpipreg - ok
21:02:41.0678 3976 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:02:41.0679 3976 TDPIPE - ok
21:02:41.0682 3976 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:02:41.0684 3976 TDTCP - ok
21:02:41.0711 3976 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:02:41.0713 3976 tdx - ok
21:02:41.0756 3976 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:02:41.0758 3976 TermDD - ok
21:02:41.0805 3976 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:02:41.0811 3976 TermService - ok
21:02:41.0825 3976 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:02:41.0829 3976 Themes - ok
21:02:41.0847 3976 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:02:41.0849 3976 THREADORDER - ok
21:02:41.0873 3976 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:02:41.0877 3976 TrkWks - ok
21:02:41.0960 3976 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\Windows\system32\drivers\TrueSight.sys
21:02:41.0961 3976 TrueSight - ok
21:02:42.0006 3976 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:02:42.0012 3976 TrustedInstaller - ok
21:02:42.0029 3976 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:02:42.0031 3976 tssecsrv - ok
21:02:42.0070 3976 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:02:42.0072 3976 TsUsbFlt - ok
21:02:42.0075 3976 tsusbhub - ok
21:02:42.0136 3976 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:02:42.0139 3976 tunnel - ok
21:02:42.0177 3976 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:02:42.0178 3976 uagp35 - ok
21:02:42.0248 3976 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:02:42.0252 3976 udfs - ok
21:02:42.0304 3976 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:02:42.0307 3976 UI0Detect - ok
21:02:42.0379 3976 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:02:42.0380 3976 uliagpkx - ok
21:02:42.0443 3976 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
21:02:42.0445 3976 umbus - ok
21:02:42.0462 3976 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:02:42.0463 3976 UmPass - ok
21:02:42.0575 3976 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:02:42.0579 3976 UmRdpService - ok
21:02:42.0598 3976 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:02:42.0605 3976 upnphost - ok
21:02:42.0627 3976 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:02:42.0629 3976 usbccgp - ok
21:02:42.0676 3976 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:02:42.0679 3976 usbcir - ok
21:02:42.0708 3976 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:02:42.0710 3976 usbehci - ok
21:02:42.0752 3976 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:02:42.0756 3976 usbhub - ok
21:02:42.0774 3976 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:02:42.0776 3976 usbohci - ok
21:02:42.0802 3976 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:02:42.0803 3976 usbprint - ok
21:02:42.0827 3976 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:02:42.0829 3976 USBSTOR - ok
21:02:42.0852 3976 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:02:42.0854 3976 usbuhci - ok
21:02:42.0942 3976 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:02:42.0945 3976 usbvideo - ok
21:02:42.0989 3976 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:02:42.0992 3976 UxSms - ok
21:02:43.0010 3976 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:02:43.0011 3976 VaultSvc - ok
21:02:43.0063 3976 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:02:43.0065 3976 vdrvroot - ok
21:02:43.0223 3976 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:02:43.0230 3976 vds - ok
21:02:43.0249 3976 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:02:43.0251 3976 vga - ok
21:02:43.0255 3976 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:02:43.0256 3976 VgaSave - ok
21:02:43.0275 3976 VGPU - ok
21:02:43.0334 3976 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:02:43.0335 3976 vhdmp - ok
21:02:43.0391 3976 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:02:43.0393 3976 viaagp - ok
21:02:43.0423 3976 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:02:43.0426 3976 ViaC7 - ok
21:02:43.0479 3976 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:02:43.0481 3976 viaide - ok
21:02:43.0590 3976 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:02:43.0593 3976 vmbus - ok
21:02:43.0629 3976 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:02:43.0631 3976 VMBusHID - ok
21:02:43.0659 3976 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:02:43.0661 3976 volmgr - ok
21:02:43.0717 3976 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:02:43.0721 3976 volmgrx - ok
21:02:43.0772 3976 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:02:43.0776 3976 volsnap - ok
21:02:43.0838 3976 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:02:43.0840 3976 vsmraid - ok
21:02:44.0257 3976 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:02:44.0272 3976 VSS - ok
21:02:44.0293 3976 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:02:44.0295 3976 vwifibus - ok
21:02:44.0300 3976 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:02:44.0301 3976 vwififlt - ok
21:02:44.0328 3976 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:02:44.0329 3976 vwifimp - ok
21:02:44.0399 3976 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:02:44.0406 3976 W32Time - ok
21:02:44.0418 3976 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:02:44.0419 3976 WacomPen - ok
21:02:44.0457 3976 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:02:44.0459 3976 WANARP - ok
21:02:44.0461 3976 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:02:44.0462 3976 Wanarpv6 - ok
21:02:44.0558 3976 [ BF1B800C2E8C1C1BF4CF6AE3188E1744 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:02:44.0600 3976 WatAdminSvc - ok
21:02:44.0670 3976 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:02:44.0733 3976 wbengine - ok
21:02:44.0782 3976 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:02:44.0786 3976 WbioSrvc - ok
21:02:44.0843 3976 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:02:44.0849 3976 wcncsvc - ok
21:02:44.0876 3976 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:02:44.0879 3976 WcsPlugInService - ok
21:02:44.0908 3976 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:02:44.0909 3976 Wd - ok
21:02:45.0036 3976 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:02:45.0044 3976 Wdf01000 - ok
21:02:45.0058 3976 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:02:45.0061 3976 WdiServiceHost - ok
21:02:45.0064 3976 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:02:45.0067 3976 WdiSystemHost - ok
21:02:45.0147 3976 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:02:45.0152 3976 WebClient - ok
21:02:45.0196 3976 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:02:45.0201 3976 Wecsvc - ok
21:02:45.0230 3976 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:02:45.0233 3976 wercplsupport - ok
21:02:45.0271 3976 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:02:45.0274 3976 WerSvc - ok
21:02:45.0325 3976 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:02:45.0327 3976 WfpLwf - ok
21:02:45.0330 3976 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:02:45.0332 3976 WIMMount - ok
21:02:45.0416 3976 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:02:45.0425 3976 WinDefend - ok
21:02:45.0428 3976 WinHttpAutoProxySvc - ok
21:02:45.0685 3976 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:02:45.0689 3976 Winmgmt - ok
21:02:45.0790 3976 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:02:45.0805 3976 WinRM - ok
21:02:45.0907 3976 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:02:45.0919 3976 Wlansvc - ok
21:02:45.0956 3976 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:02:45.0957 3976 WmiAcpi - ok
21:02:45.0993 3976 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:02:45.0997 3976 wmiApSrv - ok
21:02:46.0147 3976 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:02:46.0154 3976 WMPNetworkSvc - ok
21:02:46.0366 3976 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
21:02:46.0371 3976 WMZuneComm - ok
21:02:46.0394 3976 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:02:46.0398 3976 WPCSvc - ok
21:02:46.0428 3976 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:02:46.0432 3976 WPDBusEnum - ok
21:02:46.0460 3976 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:02:46.0461 3976 ws2ifsl - ok
21:02:46.0475 3976 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
21:02:46.0479 3976 wscsvc - ok
21:02:46.0481 3976 WSearch - ok
21:02:46.0549 3976 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:02:46.0596 3976 wuauserv - ok
21:02:46.0763 3976 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:02:46.0765 3976 WudfPf - ok
21:02:47.0000 3976 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:02:47.0001 3976 WUDFRd - ok
21:02:47.0154 3976 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:02:47.0158 3976 wudfsvc - ok
21:02:47.0190 3976 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:02:47.0195 3976 WwanSvc - ok
21:02:47.0702 3976 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
21:02:47.0741 3976 ZuneNetworkSvc - ok
21:02:47.0935 3976 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
21:02:48.0025 3976 ZuneWlanCfgSvc - ok
21:02:48.0063 3976 ================ Scan global ===============================
21:02:48.0112 3976 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:02:48.0146 3976 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
21:02:48.0155 3976 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
21:02:48.0190 3976 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:02:48.0231 3976 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:02:48.0236 3976 [Global] - ok
21:02:48.0236 3976 ================ Scan MBR ==================================
21:02:48.0246 3976 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:02:50.0462 3976 \Device\Harddisk0\DR0 - ok
21:02:50.0463 3976 ================ Scan VBR ==================================
21:02:50.0463 3976 [ C85DD242B1D2EC37A399B93E99CEEE24 ] \Device\Harddisk0\DR0\Partition1
21:02:50.0465 3976 \Device\Harddisk0\DR0\Partition1 - ok
21:02:51.0351 3976 [ D8BBE7B9217B57DFD9DFAC2712BA686D ] \Device\Harddisk0\DR0\Partition2
21:02:51.0353 3976 \Device\Harddisk0\DR0\Partition2 - ok
21:02:51.0354 3976 [ 7988B2CABEA0B2736A1F9F5D1D32FD6A ] \Device\Harddisk0\DR0\Partition3
21:02:51.0356 3976 \Device\Harddisk0\DR0\Partition3 - ok
21:02:51.0356 3976 ============================================================
21:02:51.0356 3976 Scan finished
21:02:51.0356 3976 ============================================================
21:02:51.0358 5276 Detected object count: 0
21:02:51.0358 5276 Actual detected object count: 0
21:03:37.0107 4320 Deinitialize success

#4 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 24 January 2013 - 03:11 PM

ADWCleaner

# AdwCleaner v2.107 - Logfile created 01/24/2013 at 21:07:14
# Updated 21/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : XX - XX
# Boot Mode : Normal
# Running from : C:\Users\XX\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\Conduit

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\XX\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [897 octets] - [24/01/2013 21:07:14]

########## EOF - C:\AdwCleaner[S1].txt - [956 octets] ##########

#5 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 24 January 2013 - 05:14 PM

Just an info. ESET Online scanner is still running, it is around 72% and so far it has found 4 threats, two being Open Candy applications (in C) and the other two Bundled Toolbar.Ask Application and Somoto (in D). Earlier, I have already posted in this forum about the Somoto problem because of which I had to reinstall Windows (several times actually) and it seemed I somehow got rid of it. The file that contains it is an earlier backup :(
When I reinstalled Windows, the D partition was kept intact.

EDIT: My laptop is now running very slowly and it still hasn't gone past the backup file. A couple of things of recent weird computer behaviour just came to my mind. Recently I lost all my start menu icons, that is I was left only with empty folders. It just happened one day, there was no obvious reason.
After the Somoto incident, I regularly used Antivirus scans (now I installed AVG), MalwareBytes and SuperAntiSpyware.
Also, before losing the start menu icons, my CPU usage was very high, that was maybe 2 weeks ago. It went up to 100%. I would shut down all the processes and leave only the necessary ones, but nothing, any virus or malware search returned nothing. I decided to do another install of Windows since I did not have the time or the nerves to deal with yet another computer problem. This time I completely formatted C. After installing everything, CPU was again rather high. I searched on the internet and found out about SearchIndexer, which kept popping on my processes list so I disabled indexing and the CPU usage seemed fine after that. Oh, I don't know anymore :(((

Edited by marija_peg, 24 January 2013 - 05:45 PM.


#6 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 24 January 2013 - 05:50 PM

I have stopped the ESETscan, because I have to turn off my notebook and go home, this scan took 2,5 hours :/ I will do another scan later when I come home. This is what I got so far:
D:\XYZ\Antivirus\Adaware_Installer.exe Win32/OpenCandy application
D:\Backup 21.11\GREGOR\Backup Set 2011-11-21 180100\Backup Files 2011-11-21 180100\Backup files 2.zip multiple threats
D:\GREGS\Backup Set 2011-12-14 231237\Backup Files 2011-12-14 231237\Backup files 3.zip a variant of Win32/Bundled.Toolbar.Ask application
D:\GREGS\Backup Set 2012-01-08 192736\Backup Files 2012-01-15 190001\Backup files 3.zip a variant of Win32/Somoto.A application

I hate Somoto.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:40 AM

Posted 24 January 2013 - 07:18 PM

OK,we'll get it off.
Looks like you also backedup infected files. Are all your backups on the D drive?
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 25 January 2013 - 05:19 AM

Yes, they are all on D, there is the one mentioned and another one, Windows Image Backup.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:40 AM

Posted 25 January 2013 - 10:10 AM

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot



Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


How is it running now?
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#10 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 25 January 2013 - 10:32 AM

Actually, at the moment I am running the Eset Online Scanner as I did not finish the one yesterday, it is already running for an hour and 20 minutes now and it again found two Open Candy applications. It is currently scanning the Backup. Should I do all the above after that?
In general, my computer is running fine. CPU Usage is around 50% but I assume that's relatively OK because of the scan...

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:40 AM

Posted 25 January 2013 - 10:47 AM

Yes... The last scan is to see if there is any other junk still hanging sarund.

Let the ESET finish.. It can take long but is very thorough.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#12 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 25 January 2013 - 01:42 PM

ESET:

D:\XX\Antivirus\Adaware_Installer.exe Win32/OpenCandy application deleted - quarantined
D:\Backup 21.11\GREGOR\Backup Set 2011-11-21 180100\Backup Files 2011-11-21 180100\Backup files 2.zip multiple threats deleted - quarantined
D:\GREGOR\Backup Set 2011-12-14 231237\Backup Files 2011-12-14 231237\Backup files 3.zip a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
D:\GREGOR\Backup Set 2012-01-08 192736\Backup Files 2012-01-15 190001\Backup files 3.zip a variant of Win32/Somoto.A application deleted - quarantined
D:\GREGOR\Backup Set 2012-02-12 190001\Backup Files 2012-02-12 190001\Backup files 3.zip a variant of Win32/Somoto.A application deleted - quarantined
D:\GREGOR\Backup Set 2012-02-26 190003\Backup Files 2012-02-26 190003\Backup files 4.zip a variant of Win32/Somoto.A application deleted - quarantined
D:\GREGOR\Backup Set 2013-01-04 223424\Backup Files 2013-01-04 223424\Backup files 4.zip a variant of Win32/Somoto.A application deleted - quarantined

#13 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 25 January 2013 - 01:46 PM

When I clicked on the link to download Junkware removal tool, Google Chrome warned me that the file appears malicious.. Should I download it anyway?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:40 AM

Posted 25 January 2013 - 02:04 PM

Yes,it's safe. We made the tool here at BC.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#15 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:40 PM

Posted 25 January 2013 - 05:27 PM

RKill:

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/25/2013 07:53:57 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* C:\Windows\System32\dllhost.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users