Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZEROACCESS rootkit symptoms found


  • Please log in to reply
3 replies to this topic

#1 Phumfeinz

Phumfeinz

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 23 November 2012 - 05:19 AM

So I was browsing the internet earlier when my screen suddenly changed to one of those ransomware screens, more specifically the Police Central e-crime Unit one (description here: http://forums.anvisoft.com/viewtopic-45-973-0.html). I did the usual system restore, full scan with Malwarebytes and Microsoft Security Essentials which seemed to do the trick as the computer is running fine again. I wanted to be sure though so I ran rkill and it came up with this:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/23/2012 10:12:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]

Checking Windows Service Integrity: 

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 11/23/2012 10:12:11 AM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

I'm not sure what to make of it, but if you guys could help me I'd be very grateful.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 AM

Posted 23 November 2012 - 05:42 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Phumfeinz

Phumfeinz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 23 November 2012 - 03:55 PM

TDSSkiller:

19:09:17.0363 4876  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:09:17.0531 4876  ============================================================
19:09:17.0531 4876  Current date / time: 2012/11/23 19:09:17.0531
19:09:17.0531 4876  SystemInfo:
19:09:17.0531 4876  
19:09:17.0532 4876  OS Version: 6.1.7601 ServicePack: 1.0
19:09:17.0532 4876  Product type: Workstation
19:09:17.0532 4876  ComputerName: JAKE-PC
19:09:17.0532 4876  UserName: Jake
19:09:17.0532 4876  Windows directory: C:\Windows
19:09:17.0532 4876  System windows directory: C:\Windows
19:09:17.0532 4876  Running under WOW64
19:09:17.0532 4876  Processor architecture: Intel x64
19:09:17.0532 4876  Number of processors: 4
19:09:17.0532 4876  Page size: 0x1000
19:09:17.0532 4876  Boot type: Normal boot
19:09:17.0532 4876  ============================================================
19:09:17.0853 4876  Drive \Device\Harddisk1\DR1 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:17.0866 4876  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:17.0868 4876  ============================================================
19:09:17.0868 4876  \Device\Harddisk1\DR1:
19:09:17.0868 4876  MBR partitions:
19:09:17.0868 4876  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:09:17.0868 4876  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F99800
19:09:17.0868 4876  \Device\Harddisk0\DR0:
19:09:17.0868 4876  MBR partitions:
19:09:17.0868 4876  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:09:17.0868 4876  ============================================================
19:09:17.0870 4876  C: <-> \Device\Harddisk1\DR1\Partition2
19:09:17.0896 4876  E: <-> \Device\Harddisk0\DR0\Partition1
19:09:17.0896 4876  ============================================================
19:09:17.0896 4876  Initialize success
19:09:17.0896 4876  ============================================================
19:09:38.0186 5104  ============================================================
19:09:38.0186 5104  Scan started
19:09:38.0186 5104  Mode: Manual; TDLFS; 
19:09:38.0186 5104  ============================================================
19:09:38.0761 5104  ================ Scan system memory ========================
19:09:38.0761 5104  System memory - ok
19:09:38.0762 5104  ================ Scan services =============================
19:09:38.0767 5104  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:09:38.0767 5104  !SASCORE - ok
19:09:38.0807 5104  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:09:38.0810 5104  1394ohci - ok
19:09:38.0817 5104  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:09:38.0822 5104  ACPI - ok
19:09:38.0825 5104  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:09:38.0825 5104  AcpiPmi - ok
19:09:38.0830 5104  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:09:38.0830 5104  AdobeARMservice - ok
19:09:38.0837 5104  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:09:38.0842 5104  adp94xx - ok
19:09:38.0847 5104  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:09:38.0851 5104  adpahci - ok
19:09:38.0855 5104  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:09:38.0857 5104  adpu320 - ok
19:09:38.0861 5104  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:09:38.0862 5104  AeLookupSvc - ok
19:09:38.0872 5104  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:09:38.0878 5104  AFD - ok
19:09:38.0882 5104  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:09:38.0883 5104  agp440 - ok
19:09:38.0886 5104  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:09:38.0887 5104  ALG - ok
19:09:38.0888 5104  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:09:38.0890 5104  aliide - ok
19:09:38.0933 5104  ALSysIO - ok
19:09:38.0975 5104  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:09:38.0976 5104  amdide - ok
19:09:38.0978 5104  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:09:38.0980 5104  AmdK8 - ok
19:09:38.0982 5104  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:09:38.0983 5104  AmdPPM - ok
19:09:38.0987 5104  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:09:38.0990 5104  amdsata - ok
19:09:38.0993 5104  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:09:38.0996 5104  amdsbs - ok
19:09:38.0998 5104  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:09:39.0000 5104  amdxata - ok
19:09:39.0002 5104  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:09:39.0003 5104  AppID - ok
19:09:39.0006 5104  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:09:39.0007 5104  AppIDSvc - ok
19:09:39.0010 5104  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:09:39.0011 5104  Appinfo - ok
19:09:39.0017 5104  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:09:39.0018 5104  Apple Mobile Device - ok
19:09:39.0021 5104  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:09:39.0022 5104  arc - ok
19:09:39.0026 5104  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:09:39.0027 5104  arcsas - ok
19:09:39.0037 5104  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:09:39.0041 5104  aspnet_state - ok
19:09:39.0043 5104  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:09:39.0043 5104  AsyncMac - ok
19:09:39.0046 5104  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:09:39.0046 5104  atapi - ok
19:09:39.0058 5104  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:09:39.0062 5104  AudioEndpointBuilder - ok
19:09:39.0073 5104  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:09:39.0076 5104  AudioSrv - ok
19:09:39.0079 5104  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:09:39.0082 5104  AxInstSV - ok
19:09:39.0088 5104  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:09:39.0093 5104  b06bdrv - ok
19:09:39.0098 5104  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:09:39.0102 5104  b57nd60a - ok
19:09:39.0106 5104  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:09:39.0107 5104  BDESVC - ok
19:09:39.0109 5104  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:09:39.0109 5104  Beep - ok
19:09:39.0123 5104  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:09:39.0127 5104  BFE - ok
19:09:39.0141 5104  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:09:39.0146 5104  BITS - ok
19:09:39.0148 5104  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:09:39.0149 5104  blbdrive - ok
19:09:39.0156 5104  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:09:39.0157 5104  Bonjour Service - ok
19:09:39.0161 5104  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:09:39.0162 5104  bowser - ok
19:09:39.0164 5104  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:09:39.0164 5104  BrFiltLo - ok
19:09:39.0167 5104  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:09:39.0167 5104  BrFiltUp - ok
19:09:39.0171 5104  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:09:39.0171 5104  Browser - ok
19:09:39.0176 5104  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:09:39.0179 5104  Brserid - ok
19:09:39.0182 5104  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:09:39.0183 5104  BrSerWdm - ok
19:09:39.0186 5104  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:09:39.0187 5104  BrUsbMdm - ok
19:09:39.0188 5104  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:09:39.0189 5104  BrUsbSer - ok
19:09:39.0192 5104  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:09:39.0193 5104  BTHMODEM - ok
19:09:39.0197 5104  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:09:39.0198 5104  bthserv - ok
19:09:39.0201 5104  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:09:39.0202 5104  cdfs - ok
19:09:39.0207 5104  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:09:39.0208 5104  cdrom - ok
19:09:39.0213 5104  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:09:39.0214 5104  CertPropSvc - ok
19:09:39.0216 5104  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:09:39.0217 5104  circlass - ok
19:09:39.0224 5104  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:09:39.0229 5104  CLFS - ok
19:09:39.0236 5104  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:39.0239 5104  clr_optimization_v2.0.50727_32 - ok
19:09:39.0243 5104  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:09:39.0246 5104  clr_optimization_v2.0.50727_64 - ok
19:09:39.0254 5104  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:09:39.0263 5104  clr_optimization_v4.0.30319_32 - ok
19:09:39.0267 5104  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:09:39.0273 5104  clr_optimization_v4.0.30319_64 - ok
19:09:39.0276 5104  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:09:39.0277 5104  CmBatt - ok
19:09:39.0279 5104  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:09:39.0279 5104  cmdide - ok
19:09:39.0327 5104  [ 0367F029425CBD5506E8DB2757FF3A8F ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
19:09:39.0381 5104  cmudaxp - ok
19:09:39.0387 5104  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:09:39.0391 5104  CNG - ok
19:09:39.0393 5104  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:09:39.0394 5104  Compbatt - ok
19:09:39.0397 5104  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:09:39.0398 5104  CompositeBus - ok
19:09:39.0399 5104  COMSysApp - ok
19:09:39.0404 5104  [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
19:09:39.0404 5104  cpuz135 - ok
19:09:39.0406 5104  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:09:39.0407 5104  crcdisk - ok
19:09:39.0411 5104  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:09:39.0412 5104  CryptSvc - ok
19:09:39.0423 5104  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:09:39.0426 5104  DcomLaunch - ok
19:09:39.0432 5104  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:09:39.0437 5104  defragsvc - ok
19:09:39.0439 5104  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:09:39.0441 5104  DfsC - ok
19:09:39.0448 5104  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:09:39.0449 5104  Dhcp - ok
19:09:39.0452 5104  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:09:39.0452 5104  discache - ok
19:09:39.0454 5104  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:09:39.0456 5104  Disk - ok
19:09:39.0461 5104  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:09:39.0462 5104  Dnscache - ok
19:09:39.0466 5104  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:09:39.0468 5104  dot3svc - ok
19:09:39.0473 5104  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
19:09:39.0476 5104  Dot4 - ok
19:09:39.0477 5104  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:09:39.0478 5104  Dot4Print - ok
19:09:39.0481 5104  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
19:09:39.0482 5104  dot4usb - ok
19:09:39.0487 5104  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:09:39.0488 5104  DPS - ok
19:09:39.0489 5104  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:09:39.0491 5104  drmkaud - ok
19:09:39.0498 5104  [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:09:39.0499 5104  dtsoftbus01 - ok
19:09:39.0516 5104  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:09:39.0521 5104  DXGKrnl - ok
19:09:39.0523 5104  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:09:39.0526 5104  EapHost - ok
19:09:39.0556 5104  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:09:39.0583 5104  ebdrv - ok
19:09:39.0586 5104  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:09:39.0587 5104  EFS - ok
19:09:39.0598 5104  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:09:39.0608 5104  ehRecvr - ok
19:09:39.0611 5104  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:09:39.0613 5104  ehSched - ok
19:09:39.0621 5104  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:09:39.0626 5104  elxstor - ok
19:09:39.0628 5104  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:09:39.0628 5104  ErrDev - ok
19:09:39.0639 5104  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:09:39.0641 5104  EventSystem - ok
19:09:39.0646 5104  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:09:39.0647 5104  exfat - ok
19:09:39.0651 5104  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:09:39.0653 5104  fastfat - ok
19:09:39.0663 5104  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:09:39.0671 5104  Fax - ok
19:09:39.0673 5104  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:09:39.0674 5104  fdc - ok
19:09:39.0676 5104  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:09:39.0677 5104  fdPHost - ok
19:09:39.0679 5104  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:09:39.0679 5104  FDResPub - ok
19:09:39.0682 5104  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:09:39.0683 5104  FileInfo - ok
19:09:39.0686 5104  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:09:39.0686 5104  Filetrace - ok
19:09:39.0688 5104  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:09:39.0689 5104  flpydisk - ok
19:09:39.0694 5104  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:09:39.0698 5104  FltMgr - ok
19:09:39.0716 5104  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
19:09:39.0721 5104  FontCache - ok
19:09:39.0723 5104  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:09:39.0726 5104  FontCache3.0.0.0 - ok
19:09:39.0728 5104  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:09:39.0729 5104  FsDepends - ok
19:09:39.0732 5104  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:09:39.0732 5104  Fs_Rec - ok
19:09:39.0737 5104  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:09:39.0739 5104  fvevol - ok
19:09:39.0743 5104  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:09:39.0744 5104  gagp30kx - ok
19:09:39.0747 5104  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:09:39.0747 5104  GEARAspiWDM - ok
19:09:39.0759 5104  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:09:39.0762 5104  gpsvc - ok
19:09:39.0764 5104  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:09:39.0766 5104  hcw85cir - ok
19:09:39.0772 5104  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:09:39.0776 5104  HdAudAddService - ok
19:09:39.0781 5104  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:09:39.0782 5104  HDAudBus - ok
19:09:39.0784 5104  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:09:39.0784 5104  HidBatt - ok
19:09:39.0789 5104  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:09:39.0791 5104  HidBth - ok
19:09:39.0793 5104  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:09:39.0794 5104  HidIr - ok
19:09:39.0797 5104  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:09:39.0798 5104  hidserv - ok
19:09:39.0801 5104  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:09:39.0801 5104  HidUsb - ok
19:09:39.0804 5104  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:09:39.0806 5104  hkmsvc - ok
19:09:39.0811 5104  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:09:39.0812 5104  HomeGroupListener - ok
19:09:39.0818 5104  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:09:39.0819 5104  HomeGroupProvider - ok
19:09:39.0828 5104  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:09:39.0832 5104  hpqcxs08 - ok
19:09:39.0837 5104  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:09:39.0839 5104  hpqddsvc - ok
19:09:39.0842 5104  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:09:39.0843 5104  HpSAMD - ok
19:09:39.0856 5104  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:09:39.0867 5104  HTTP - ok
19:09:39.0869 5104  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:09:39.0869 5104  hwpolicy - ok
19:09:39.0872 5104  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:09:39.0874 5104  i8042prt - ok
19:09:39.0882 5104  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:09:39.0888 5104  iaStorV - ok
19:09:39.0892 5104  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:09:39.0893 5104  IDriverT - ok
19:09:39.0907 5104  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:09:39.0921 5104  idsvc - ok
19:09:40.0102 5104  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:09:40.0279 5104  igfx - ok
19:09:40.0283 5104  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:09:40.0284 5104  iirsp - ok
19:09:40.0297 5104  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:09:40.0301 5104  IKEEXT - ok
19:09:40.0331 5104  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:09:40.0354 5104  IntcAzAudAddService - ok
19:09:40.0357 5104  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:09:40.0358 5104  intelide - ok
19:09:40.0361 5104  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:09:40.0361 5104  intelppm - ok
19:09:40.0364 5104  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:09:40.0367 5104  IPBusEnum - ok
19:09:40.0369 5104  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:09:40.0371 5104  IpFilterDriver - ok
19:09:40.0378 5104  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:09:40.0426 5104  iphlpsvc - ok
19:09:40.0429 5104  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:09:40.0431 5104  IPMIDRV - ok
19:09:40.0434 5104  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:09:40.0479 5104  IPNAT - ok
19:09:40.0491 5104  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:09:40.0495 5104  iPod Service - ok
19:09:40.0497 5104  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:09:40.0498 5104  IRENUM - ok
19:09:40.0500 5104  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:09:40.0501 5104  isapnp - ok
19:09:40.0506 5104  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:09:40.0509 5104  iScsiPrt - ok
19:09:40.0519 5104  [ 1D7AAB58F4E21697AF8F46EAA81823DD ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
19:09:40.0521 5104  k57nd60a - ok
19:09:40.0524 5104  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:09:40.0524 5104  kbdclass - ok
19:09:40.0527 5104  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:09:40.0527 5104  kbdhid - ok
19:09:40.0529 5104  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:09:40.0530 5104  KeyIso - ok
19:09:40.0538 5104  [ 2475646DA6B0080CF167C7631C09B98D ] KinoniSvc       C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
19:09:40.0581 5104  KinoniSvc - ok
19:09:40.0605 5104  [ C786C31E9645C1D6BF7B9FD047DC077F ] kinonivd        C:\Windows\system32\DRIVERS\kinonivd.sys
19:09:40.0659 5104  kinonivd - ok
19:09:40.0662 5104  [ D4FAB548E17157959D21CE7EAA2692C8 ] KINONI_Wave     C:\Windows\system32\drivers\kinonivad.sys
19:09:40.0667 5104  KINONI_Wave - ok
19:09:40.0670 5104  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:09:40.0671 5104  KSecDD - ok
19:09:40.0674 5104  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:09:40.0676 5104  KSecPkg - ok
19:09:40.0678 5104  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:09:40.0679 5104  ksthunk - ok
19:09:40.0684 5104  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:09:40.0688 5104  KtmRm - ok
19:09:40.0694 5104  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:09:40.0696 5104  LanmanServer - ok
19:09:40.0700 5104  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:09:40.0701 5104  LanmanWorkstation - ok
19:09:40.0704 5104  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
19:09:40.0705 5104  LGBusEnum - ok
19:09:40.0707 5104  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:09:40.0707 5104  LGVirHid - ok
19:09:40.0710 5104  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:09:40.0712 5104  lltdio - ok
19:09:40.0718 5104  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:09:40.0722 5104  lltdsvc - ok
19:09:40.0724 5104  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:09:40.0725 5104  lmhosts - ok
19:09:40.0729 5104  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:09:40.0730 5104  LSI_FC - ok
19:09:40.0733 5104  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:09:40.0735 5104  LSI_SAS - ok
19:09:40.0737 5104  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:09:40.0739 5104  LSI_SAS2 - ok
19:09:40.0742 5104  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:09:40.0743 5104  LSI_SCSI - ok
19:09:40.0747 5104  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:09:40.0750 5104  luafv - ok
19:09:40.0753 5104  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:09:40.0753 5104  MBAMProtector - ok
19:09:40.0760 5104  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:09:40.0761 5104  MBAMScheduler - ok
19:09:40.0769 5104  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:09:40.0772 5104  MBAMService - ok
19:09:40.0775 5104  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:09:40.0778 5104  Mcx2Svc - ok
19:09:40.0780 5104  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:09:40.0781 5104  megasas - ok
19:09:40.0786 5104  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:09:40.0789 5104  MegaSR - ok
19:09:40.0792 5104  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:09:40.0792 5104  MEIx64 - ok
19:09:40.0795 5104  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:09:40.0796 5104  MMCSS - ok
19:09:40.0798 5104  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:09:40.0799 5104  Modem - ok
19:09:40.0802 5104  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:09:40.0802 5104  monitor - ok
19:09:40.0806 5104  [ C030F9E822A057C1A7A9BB4EA3E8877E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:09:40.0814 5104  MotioninJoyXFilter - ok
19:09:40.0817 5104  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:09:40.0818 5104  mouclass - ok
19:09:40.0820 5104  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:09:40.0821 5104  mouhid - ok
19:09:40.0824 5104  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:09:40.0825 5104  mountmgr - ok
19:09:40.0830 5104  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:09:40.0832 5104  MozillaMaintenance - ok
19:09:40.0839 5104  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:09:40.0842 5104  MpFilter - ok
19:09:40.0846 5104  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:09:40.0849 5104  mpio - ok
19:09:40.0852 5104  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:09:40.0853 5104  mpsdrv - ok
19:09:40.0870 5104  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:09:40.0874 5104  MpsSvc - ok
19:09:40.0879 5104  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:09:40.0882 5104  MRxDAV - ok
19:09:40.0887 5104  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:09:40.0889 5104  mrxsmb - ok
19:09:40.0898 5104  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:09:40.0904 5104  mrxsmb10 - ok
19:09:40.0907 5104  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:09:40.0908 5104  mrxsmb20 - ok
19:09:40.0912 5104  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:09:40.0913 5104  msahci - ok
19:09:40.0916 5104  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:09:40.0919 5104  msdsm - ok
19:09:40.0923 5104  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:09:40.0925 5104  MSDTC - ok
19:09:40.0931 5104  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:09:40.0931 5104  Msfs - ok
19:09:40.0933 5104  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:09:40.0934 5104  mshidkmdf - ok
19:09:40.0936 5104  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:09:40.0936 5104  msisadrv - ok
19:09:40.0940 5104  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:09:40.0942 5104  MSiSCSI - ok
19:09:40.0944 5104  msiserver - ok
19:09:40.0948 5104  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:09:40.0948 5104  MSKSSRV - ok
19:09:40.0953 5104  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:09:40.0953 5104  MsMpSvc - ok
19:09:40.0955 5104  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:09:40.0956 5104  MSPCLOCK - ok
19:09:40.0958 5104  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:09:40.0959 5104  MSPQM - ok
19:09:40.0968 5104  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:09:40.0973 5104  MsRPC - ok
19:09:40.0977 5104  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:09:40.0978 5104  mssmbios - ok
19:09:40.0980 5104  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:09:40.0981 5104  MSTEE - ok
19:09:40.0983 5104  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:09:40.0984 5104  MTConfig - ok
19:09:40.0986 5104  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:09:40.0987 5104  Mup - ok
19:09:40.0994 5104  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:09:41.0000 5104  napagent - ok
19:09:41.0006 5104  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:09:41.0011 5104  NativeWifiP - ok
19:09:41.0021 5104  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:09:41.0029 5104  NDIS - ok
19:09:41.0032 5104  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:09:41.0033 5104  NdisCap - ok
19:09:41.0035 5104  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:09:41.0036 5104  NdisTapi - ok
19:09:41.0038 5104  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:09:41.0040 5104  Ndisuio - ok
19:09:41.0044 5104  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:09:41.0047 5104  NdisWan - ok
19:09:41.0050 5104  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:09:41.0051 5104  NDProxy - ok
19:09:41.0054 5104  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:09:41.0055 5104  Net Driver HPZ12 - ok
19:09:41.0058 5104  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:09:41.0059 5104  NetBIOS - ok
19:09:41.0064 5104  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:09:41.0068 5104  NetBT - ok
19:09:41.0070 5104  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:09:41.0071 5104  Netlogon - ok
19:09:41.0078 5104  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:09:41.0080 5104  Netman - ok
19:09:41.0083 5104  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:41.0086 5104  NetMsmqActivator - ok
19:09:41.0089 5104  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:41.0089 5104  NetPipeActivator - ok
19:09:41.0098 5104  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:09:41.0100 5104  netprofm - ok
19:09:41.0103 5104  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:41.0103 5104  NetTcpActivator - ok
19:09:41.0105 5104  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:41.0106 5104  NetTcpPortSharing - ok
19:09:41.0109 5104  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:09:41.0110 5104  nfrd960 - ok
19:09:41.0115 5104  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:09:41.0116 5104  NisDrv - ok
19:09:41.0123 5104  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
19:09:41.0124 5104  NisSrv - ok
19:09:41.0129 5104  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:09:41.0131 5104  NlaSvc - ok
19:09:41.0134 5104  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:09:41.0135 5104  Npfs - ok
19:09:41.0138 5104  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:09:41.0139 5104  nsi - ok
19:09:41.0141 5104  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:09:41.0141 5104  nsiproxy - ok
19:09:41.0160 5104  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:09:41.0173 5104  Ntfs - ok
19:09:41.0176 5104  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:09:41.0176 5104  Null - ok
19:09:41.0180 5104  [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:09:41.0181 5104  NVHDA - ok
19:09:41.0313 5104  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:09:41.0363 5104  nvlddmkm - ok
19:09:41.0369 5104  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:09:41.0371 5104  nvraid - ok
19:09:41.0375 5104  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:09:41.0377 5104  nvstor - ok
19:09:41.0386 5104  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:09:41.0390 5104  nvsvc - ok
19:09:41.0403 5104  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:09:41.0408 5104  nvUpdatusService - ok
19:09:41.0411 5104  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:09:41.0413 5104  nv_agp - ok
19:09:41.0416 5104  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:09:41.0418 5104  ohci1394 - ok
19:09:41.0422 5104  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:09:41.0425 5104  ose - ok
19:09:41.0507 5104  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:09:41.0587 5104  osppsvc - ok
19:09:41.0595 5104  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:09:41.0597 5104  p2pimsvc - ok
19:09:41.0607 5104  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:09:41.0610 5104  p2psvc - ok
19:09:41.0613 5104  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
19:09:41.0614 5104  Parport - ok
19:09:41.0617 5104  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:09:41.0618 5104  partmgr - ok
19:09:41.0623 5104  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:09:41.0624 5104  PcaSvc - ok
19:09:41.0630 5104  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:09:41.0632 5104  pci - ok
19:09:41.0634 5104  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:09:41.0635 5104  pciide - ok
19:09:41.0639 5104  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:09:41.0641 5104  pcmcia - ok
19:09:41.0644 5104  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:09:41.0645 5104  pcw - ok
19:09:41.0657 5104  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:09:41.0668 5104  PEAUTH - ok
19:09:41.0693 5104  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:09:41.0694 5104  PerfHost - ok
19:09:41.0712 5104  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:09:41.0726 5104  pla - ok
19:09:41.0735 5104  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:09:41.0737 5104  PlugPlay - ok
19:09:41.0741 5104  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:09:41.0742 5104  Pml Driver HPZ12 - ok
19:09:41.0744 5104  PnkBstrA - ok
19:09:41.0746 5104  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:09:41.0748 5104  PNRPAutoReg - ok
19:09:41.0754 5104  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:09:41.0756 5104  PNRPsvc - ok
19:09:41.0766 5104  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:09:41.0768 5104  PolicyAgent - ok
19:09:41.0774 5104  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:09:41.0775 5104  Power - ok
19:09:41.0779 5104  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:09:41.0782 5104  PptpMiniport - ok
19:09:41.0785 5104  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:09:41.0786 5104  Processor - ok
19:09:41.0791 5104  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:09:41.0792 5104  ProfSvc - ok
19:09:41.0794 5104  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:09:41.0795 5104  ProtectedStorage - ok
19:09:41.0799 5104  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:09:41.0801 5104  Psched - ok
19:09:41.0804 5104  [ 23EED24B0A780863DF35B500C4EA0733 ] PStrip64        C:\Windows\system32\drivers\pstrip64.sys
19:09:41.0809 5104  PStrip64 - ok
19:09:41.0827 5104  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:09:41.0842 5104  ql2300 - ok
19:09:41.0845 5104  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:09:41.0847 5104  ql40xx - ok
19:09:41.0852 5104  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:09:41.0856 5104  QWAVE - ok
19:09:41.0858 5104  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:09:41.0860 5104  QWAVEdrv - ok
19:09:41.0861 5104  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:09:41.0862 5104  RasAcd - ok
19:09:41.0865 5104  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:09:41.0866 5104  RasAgileVpn - ok
19:09:41.0870 5104  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:09:41.0872 5104  RasAuto - ok
19:09:41.0876 5104  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:09:41.0878 5104  Rasl2tp - ok
19:09:41.0883 5104  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:09:41.0888 5104  RasMan - ok
19:09:41.0891 5104  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:09:41.0892 5104  RasPppoe - ok
19:09:41.0895 5104  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:09:41.0897 5104  RasSstp - ok
19:09:41.0904 5104  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:09:41.0910 5104  rdbss - ok
19:09:41.0913 5104  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:09:41.0914 5104  rdpbus - ok
19:09:41.0915 5104  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:09:41.0916 5104  RDPCDD - ok
19:09:41.0919 5104  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:09:41.0919 5104  RDPENCDD - ok
19:09:41.0922 5104  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:09:41.0922 5104  RDPREFMP - ok
19:09:41.0926 5104  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:09:41.0928 5104  RDPWD - ok
19:09:41.0934 5104  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:09:41.0936 5104  rdyboost - ok
19:09:41.0941 5104  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:09:41.0943 5104  RemoteAccess - ok
19:09:41.0946 5104  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:09:41.0949 5104  RemoteRegistry - ok
19:09:41.0951 5104  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:09:41.0952 5104  RimUsb - ok
19:09:41.0955 5104  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:09:41.0956 5104  RpcEptMapper - ok
19:09:41.0958 5104  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:09:41.0959 5104  RpcLocator - ok
19:09:41.0970 5104  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:09:41.0973 5104  RpcSs - ok
19:09:41.0976 5104  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:09:41.0978 5104  rspndr - ok
19:09:41.0982 5104  [ 24510C4A77ABA3B07AEFA840DB888637 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
19:09:41.0984 5104  RzSynapse - ok
19:09:41.0987 5104  [ 301FBA4594FB5C0A469299A65106B4AA ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
19:09:41.0988 5104  s1018bus - ok
19:09:41.0991 5104  [ D1D7C744F79710357E60FC04D125ED01 ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
19:09:41.0991 5104  s1018mdfl - ok
19:09:41.0995 5104  [ 7DBE12CCCD837D4266B2DDD80A329C09 ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
19:09:41.0997 5104  s1018mdm - ok
19:09:42.0000 5104  [ 065FF5E62D2D18A6D93FD925546CD549 ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
19:09:42.0002 5104  s1018mgmt - ok
19:09:42.0005 5104  [ 5101D815BDF0D667E3D5F0EA727CAAEE ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
19:09:42.0006 5104  s1018nd5 - ok
19:09:42.0009 5104  [ 13F220C65B444AC9BDA49DACFC3230BB ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
19:09:42.0011 5104  s1018obex - ok
19:09:42.0014 5104  [ CE7D8BCE80211D8A35F6BD7A87791860 ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
19:09:42.0016 5104  s1018unic - ok
19:09:42.0018 5104  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:09:42.0019 5104  SamSs - ok
19:09:42.0021 5104  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:09:42.0021 5104  SASDIFSV - ok
19:09:42.0024 5104  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:09:42.0024 5104  SASKUTIL - ok
19:09:42.0027 5104  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:09:42.0028 5104  sbp2port - ok
19:09:42.0033 5104  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:09:42.0036 5104  SCardSvr - ok
19:09:42.0039 5104  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:09:42.0040 5104  scfilter - ok
19:09:42.0056 5104  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:09:42.0062 5104  Schedule - ok
19:09:42.0065 5104  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:09:42.0066 5104  SCPolicySvc - ok
19:09:42.0069 5104  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:09:42.0072 5104  SDRSVC - ok
19:09:42.0074 5104  [ 0A6A1C9A7F80A2A5DCCED5C4C0473765 ] se64a           C:\Windows\system32\drivers\se64a.sys
19:09:42.0081 5104  se64a - ok
19:09:42.0083 5104  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:09:42.0084 5104  secdrv - ok
19:09:42.0087 5104  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:09:42.0088 5104  seclogon - ok
19:09:42.0091 5104  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:09:42.0092 5104  SENS - ok
19:09:42.0096 5104  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:09:42.0098 5104  SensrSvc - ok
19:09:42.0100 5104  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:09:42.0101 5104  Serenum - ok
19:09:42.0104 5104  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:09:42.0106 5104  Serial - ok
19:09:42.0108 5104  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:09:42.0109 5104  sermouse - ok
19:09:42.0115 5104  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:09:42.0117 5104  SessionEnv - ok
19:09:42.0119 5104  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:09:42.0120 5104  sffdisk - ok
19:09:42.0122 5104  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:09:42.0122 5104  sffp_mmc - ok
19:09:42.0124 5104  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:09:42.0125 5104  sffp_sd - ok
19:09:42.0127 5104  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:09:42.0128 5104  sfloppy - ok
19:09:42.0133 5104  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:09:42.0138 5104  SharedAccess - ok
19:09:42.0144 5104  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:09:42.0146 5104  ShellHWDetection - ok
19:09:42.0149 5104  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:09:42.0150 5104  SiSRaid2 - ok
19:09:42.0153 5104  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:09:42.0154 5104  SiSRaid4 - ok
19:09:42.0157 5104  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:09:42.0159 5104  Smb - ok
19:09:42.0163 5104  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:09:42.0164 5104  SNMPTRAP - ok
19:09:42.0166 5104  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:09:42.0167 5104  spldr - ok
19:09:42.0174 5104  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:09:42.0177 5104  Spooler - ok
19:09:42.0234 5104  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:09:42.0288 5104  sppsvc - ok
19:09:42.0291 5104  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:09:42.0293 5104  sppuinotify - ok
19:09:42.0302 5104  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:09:42.0309 5104  srv - ok
19:09:42.0318 5104  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:09:42.0324 5104  srv2 - ok
19:09:42.0330 5104  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:09:42.0333 5104  srvnet - ok
19:09:42.0338 5104  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:09:42.0340 5104  SSDPSRV - ok
19:09:42.0343 5104  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:09:42.0345 5104  SstpSvc - ok
19:09:42.0347 5104  Steam Client Service - ok
19:09:42.0354 5104  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:09:42.0355 5104  Stereo Service - ok
19:09:42.0358 5104  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:09:42.0359 5104  stexstor - ok
19:09:42.0371 5104  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:09:42.0381 5104  stisvc - ok
19:09:42.0384 5104  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:09:42.0384 5104  swenum - ok
19:09:42.0393 5104  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:09:42.0401 5104  swprv - ok
19:09:42.0422 5104  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:09:42.0440 5104  SysMain - ok
19:09:42.0443 5104  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:09:42.0445 5104  TabletInputService - ok
19:09:42.0448 5104  [ 9E071B77E60DA51C144D3C3E0484FF1D ] tap0901_openvpn_accl C:\Windows\system32\DRIVERS\tap0901_openvpn_accl.sys
19:09:42.0455 5104  tap0901_openvpn_accl - ok
19:09:42.0461 5104  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:09:42.0466 5104  TapiSrv - ok
19:09:42.0470 5104  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:09:42.0471 5104  TBS - ok
19:09:42.0494 5104  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:09:42.0511 5104  Tcpip - ok
19:09:42.0530 5104  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:09:42.0537 5104  TCPIP6 - ok
19:09:42.0541 5104  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:09:42.0542 5104  tcpipreg - ok
19:09:42.0544 5104  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:09:42.0545 5104  TDPIPE - ok
19:09:42.0548 5104  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:09:42.0549 5104  TDTCP - ok
19:09:42.0553 5104  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:09:42.0556 5104  tdx - ok
19:09:42.0559 5104  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:09:42.0560 5104  TermDD - ok
19:09:42.0572 5104  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:09:42.0582 5104  TermService - ok
19:09:42.0585 5104  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:09:42.0586 5104  Themes - ok
19:09:42.0589 5104  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:09:42.0590 5104  THREADORDER - ok
19:09:42.0593 5104  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:09:42.0594 5104  TrkWks - ok
19:09:42.0598 5104  [ 9BF9E809FBB2D5D0403B32B15ABE5F30 ] TrojanKillerDriver C:\Windows\system32\DRIVERS\gtkdrv.sys
19:09:42.0603 5104  TrojanKillerDriver - ok
19:09:42.0608 5104  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:09:42.0609 5104  TrustedInstaller - ok
19:09:42.0612 5104  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:09:42.0614 5104  tssecsrv - ok
19:09:42.0616 5104  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:09:42.0617 5104  TsUsbFlt - ok
19:09:42.0620 5104  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:09:42.0622 5104  TsUsbGD - ok
19:09:42.0625 5104  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:09:42.0628 5104  tunnel - ok
19:09:42.0631 5104  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:09:42.0632 5104  uagp35 - ok
19:09:42.0638 5104  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:09:42.0642 5104  udfs - ok
19:09:42.0647 5104  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:09:42.0648 5104  UI0Detect - ok
19:09:42.0651 5104  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:09:42.0653 5104  uliagpkx - ok
19:09:42.0656 5104  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:09:42.0657 5104  umbus - ok
19:09:42.0660 5104  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:09:42.0661 5104  UmPass - ok
19:09:42.0669 5104  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:09:42.0671 5104  upnphost - ok
19:09:42.0674 5104  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:09:42.0675 5104  USBAAPL64 - ok
19:09:42.0678 5104  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:09:42.0680 5104  usbccgp - ok
19:09:42.0684 5104  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:09:42.0686 5104  usbcir - ok
19:09:42.0689 5104  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:09:42.0690 5104  usbehci - ok
19:09:42.0697 5104  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:09:42.0701 5104  usbhub - ok
19:09:42.0703 5104  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:09:42.0705 5104  usbohci - ok
19:09:42.0707 5104  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:09:42.0708 5104  usbprint - ok
19:09:42.0711 5104  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:09:42.0712 5104  usbscan - ok
19:09:42.0715 5104  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
19:09:42.0716 5104  usbser - ok
19:09:42.0719 5104  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:09:42.0726 5104  USBSTOR - ok
19:09:42.0729 5104  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:09:42.0730 5104  usbuhci - ok
19:09:42.0733 5104  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:09:42.0734 5104  UxSms - ok
19:09:42.0736 5104  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:09:42.0737 5104  VaultSvc - ok
19:09:42.0740 5104  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:09:42.0740 5104  vdrvroot - ok
19:09:42.0750 5104  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:09:42.0758 5104  vds - ok
19:09:42.0760 5104  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:09:42.0761 5104  vga - ok
19:09:42.0764 5104  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:09:42.0765 5104  VgaSave - ok
19:09:42.0769 5104  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:09:42.0772 5104  vhdmp - ok
19:09:42.0774 5104  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:09:42.0774 5104  viaide - ok
19:09:42.0778 5104  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:09:42.0779 5104  volmgr - ok
19:09:42.0786 5104  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:09:42.0792 5104  volmgrx - ok
19:09:42.0796 5104  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:09:42.0799 5104  volsnap - ok
19:09:42.0803 5104  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:09:42.0805 5104  vsmraid - ok
19:09:42.0830 5104  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:09:42.0853 5104  VSS - ok
19:09:42.0855 5104  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:09:42.0856 5104  vwifibus - ok
19:09:42.0863 5104  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:09:42.0868 5104  W32Time - ok
19:09:42.0872 5104  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:09:42.0873 5104  WacomPen - ok
19:09:42.0877 5104  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:09:42.0878 5104  WANARP - ok
19:09:42.0881 5104  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:09:42.0882 5104  Wanarpv6 - ok
19:09:42.0907 5104  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:09:42.0930 5104  WatAdminSvc - ok
19:09:42.0950 5104  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:09:42.0967 5104  wbengine - ok
19:09:42.0972 5104  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:09:42.0975 5104  WbioSrvc - ok
19:09:42.0981 5104  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:09:42.0986 5104  wcncsvc - ok
19:09:42.0988 5104  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:09:42.0990 5104  WcsPlugInService - ok
19:09:42.0992 5104  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:09:42.0993 5104  Wd - ok
19:09:43.0002 5104  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:09:43.0009 5104  Wdf01000 - ok
19:09:43.0013 5104  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:09:43.0014 5104  WdiServiceHost - ok
19:09:43.0016 5104  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:09:43.0018 5104  WdiSystemHost - ok
19:09:43.0022 5104  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:09:43.0025 5104  WebClient - ok
19:09:43.0030 5104  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:09:43.0034 5104  Wecsvc - ok
19:09:43.0037 5104  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:09:43.0039 5104  wercplsupport - ok
19:09:43.0043 5104  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:09:43.0045 5104  WerSvc - ok
19:09:43.0047 5104  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:09:43.0048 5104  WfpLwf - ok
19:09:43.0050 5104  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:09:43.0051 5104  WIMMount - ok
19:09:43.0053 5104  WinDefend - ok
19:09:43.0056 5104  WinHttpAutoProxySvc - ok
19:09:43.0066 5104  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:09:43.0067 5104  Winmgmt - ok
19:09:43.0106 5104  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:09:43.0145 5104  WinRM - ok
19:09:43.0150 5104  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:09:43.0151 5104  WinUsb - ok
19:09:43.0163 5104  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:09:43.0172 5104  Wlansvc - ok
19:09:43.0207 5104  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:09:43.0216 5104  wlidsvc - ok
19:09:43.0219 5104  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:09:43.0220 5104  WmiAcpi - ok
19:09:43.0225 5104  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:09:43.0228 5104  wmiApSrv - ok
19:09:43.0230 5104  WMPNetworkSvc - ok
19:09:43.0233 5104  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:09:43.0234 5104  WPCSvc - ok
19:09:43.0238 5104  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:09:43.0241 5104  WPDBusEnum - ok
19:09:43.0243 5104  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:09:43.0244 5104  ws2ifsl - ok
19:09:43.0248 5104  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:09:43.0249 5104  wscsvc - ok
19:09:43.0252 5104  WSearch - ok
19:09:43.0278 5104  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:09:43.0288 5104  wuauserv - ok
19:09:43.0291 5104  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:09:43.0292 5104  WudfPf - ok
19:09:43.0296 5104  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:09:43.0299 5104  WUDFRd - ok
19:09:43.0302 5104  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:09:43.0303 5104  wudfsvc - ok
19:09:43.0307 5104  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:09:43.0311 5104  WwanSvc - ok
19:09:43.0315 5104  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:09:43.0323 5104  xusb21 - ok
19:09:43.0325 5104  ================ Scan global ===============================
19:09:43.0328 5104  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:09:43.0331 5104  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:09:43.0335 5104  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:09:43.0339 5104  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:09:43.0347 5104  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:09:43.0349 5104  [Global] - ok
19:09:43.0349 5104  ================ Scan MBR ==================================
19:09:43.0350 5104  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:09:43.0467 5104  \Device\Harddisk1\DR1 - ok
19:09:43.0468 5104  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:09:43.0523 5104  \Device\Harddisk0\DR0 - ok
19:09:43.0523 5104  ================ Scan VBR ==================================
19:09:43.0524 5104  [ 496C3C040D8C0FF11DEE2D99C40F4308 ] \Device\Harddisk1\DR1\Partition1
19:09:43.0525 5104  \Device\Harddisk1\DR1\Partition1 - ok
19:09:43.0527 5104  [ 4FAA1C501696D1DC329FCCDFF94D572D ] \Device\Harddisk1\DR1\Partition2
19:09:43.0528 5104  \Device\Harddisk1\DR1\Partition2 - ok
19:09:43.0529 5104  [ 795A1C6EC4C3C83849141B25374F6E22 ] \Device\Harddisk0\DR0\Partition1
19:09:43.0530 5104  \Device\Harddisk0\DR0\Partition1 - ok
19:09:43.0530 5104  ============================================================
19:09:43.0530 5104  Scan finished
19:09:43.0530 5104  ============================================================
19:09:43.0535 2052  Detected object count: 0
19:09:43.0535 2052  Actual detected object count: 0
19:11:00.0201 5896  Deinitialize success




aswMBR:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-23 19:12:15
-----------------------------
19:12:15.895    OS Version: Windows x64 6.1.7601 Service Pack 1
19:12:15.895    Number of processors: 4 586 0x2A07
19:12:15.895    ComputerName: JAKE-PC  UserName: Jake
19:12:16.084    Initialize success
19:13:25.350    AVAST engine defs: 12112301
19:13:40.540    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-a
19:13:40.541    Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
19:13:40.542    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
19:13:40.543    Disk 1 Vendor: OCZ-AGILITY3 2.06 Size: 57241MB BusType: 3
19:13:40.546    Disk 1 MBR read successfully
19:13:40.547    Disk 1 MBR scan
19:13:40.581    Disk 1 Windows 7 default MBR code
19:13:40.583    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:13:40.600    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS        57139 MB offset 206848
19:13:40.632    Disk 1 scanning C:\Windows\system32\drivers
19:13:45.392    Service scanning
19:13:57.343    Modules scanning
19:13:57.348    Disk 1 trace - called modules:
19:13:57.352    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
19:13:57.359    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800753b060]
19:13:57.363    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8007334520]
19:13:57.373    5 ACPI.sys[fffff88000f187a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8007336060]
19:13:57.543    AVAST engine scan C:\Windows
19:13:58.371    AVAST engine scan C:\Windows\system32
19:15:32.492    AVAST engine scan C:\Windows\system32\drivers
19:15:37.728    AVAST engine scan C:\Users\Jake
19:17:13.123    AVAST engine scan C:\ProgramData
19:17:44.097    Scan finished successfully
19:18:47.220    Disk 1 MBR has been saved successfully to "C:\Users\Jake\Desktop\MBR.dat"
19:18:47.254    The log file has been saved successfully to "C:\Users\Jake\Desktop\aswMBR.txt"





ESET:

C:\Program Files (x86)\GridinSoft Trojan Killer\trojankiller.exe	a variant of Win32/1AntiVirus application	cleaned by deleting - quarantined
E:\Jake\Firefox Downloads\cbsidlm-cbsi5_0_1_80-Pandora_Recovery-BP2-10694796.exe	a variant of Win32/CNETInstaller.A application	cleaned by deleting - quarantined
E:\Jake\Firefox Downloads\cnet_DTLite4413-0173_exe.exe	a variant of Win32/InstallCore.D application	cleaned by deleting - quarantined
E:\Jake\Firefox Downloads\cnet_FSViewerSetup46_exe.exe	a variant of Win32/InstallCore.D application	cleaned by deleting - quarantined
E:\Jake\Firefox Downloads\gtk2138setup.exe	a variant of Win32/1AntiVirus application	cleaned by deleting - quarantined
E:\Julie\Downloads\iLividSetupV1(1).exe	Win32/Toolbar.SearchSuite application	cleaned by deleting - quarantined
E:\Julie\Downloads\iLividSetupV1.exe	Win32/Toolbar.SearchSuite application	cleaned by deleting - quarantined


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 AM

Posted 23 November 2012 - 04:12 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users