Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8 system can't turn on defender


  • Please log in to reply
11 replies to this topic

#1 mackerman

mackerman

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 03 August 2013 - 02:02 AM

Hi.

I've got windows 8 64 bit, and for some time now I have been unable to turn on defender antivrus.

I've tried doing it from the sidebar and get the message 'windows defender has been turned off and isn't monitoring etc'.

Then when I try to turn it on from the 'Action centre' I just click through to a folder being opened with this address: 'G:\Windows\system32'

Is this an infection? How do I fix it?

Thanks very much for your help.

Cheers

mackerman



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 AM

Posted 03 August 2013 - 02:07 AM

:welcome:

 

Let's look for malware and then we will try to restore the services.

 

:step1: Install and run MBAM

:step2:  Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step3: ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 03 August 2013 - 03:34 AM

Hi godfatherking, thanks for helping out! Here are the logs:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.03.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Toby :: TOBY-PC [administrator]

Protection: Enabled

03/08/2013 17:36:46
MBAM-log-2013-08-03 (18-29-29).txt

Scan type: Full scan (G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 721389
Time elapsed: 50 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
G:\Qoobox\Quarantine\G\Users\Toby\AppData\Roaming\Windows\Data\cgminer.exe.vir (PUP.BitCoinMiner) -> No action taken.
G:\Windows.old\Users\Toby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ST2QAAKA\bi_downloader[1].exe (PUP.Optional.Somoto) -> No action taken.

(end)

 

17:27:50.0101 2168  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:27:51.0337 2168  ============================================================
17:27:51.0337 2168  Current date / time: 2013/08/03 17:27:51.0337
17:27:51.0337 2168  SystemInfo:
17:27:51.0337 2168  
17:27:51.0337 2168  OS Version: 6.2.9200 ServicePack: 0.0
17:27:51.0337 2168  Product type: Workstation
17:27:51.0337 2168  ComputerName: TOBY-PC
17:27:51.0337 2168  UserName: Toby
17:27:51.0337 2168  Windows directory: G:\Windows
17:27:51.0338 2168  System windows directory: G:\Windows
17:27:51.0338 2168  Running under WOW64
17:27:51.0338 2168  Processor architecture: Intel x64
17:27:51.0338 2168  Number of processors: 8
17:27:51.0338 2168  Page size: 0x1000
17:27:51.0338 2168  Boot type: Normal boot
17:27:51.0338 2168  ============================================================
17:27:51.0598 2168  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:51.0623 2168  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:51.0632 2168  Drive \Device\Harddisk2\DR2 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:51.0785 2168  ============================================================
17:27:51.0785 2168  \Device\Harddisk0\DR0:
17:27:51.0786 2168  MBR partitions:
17:27:51.0786 2168  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D70
17:27:51.0786 2168  \Device\Harddisk1\DR1:
17:27:51.0786 2168  GPT partitions:
17:27:51.0787 2168  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C49DB8C5-AE3D-4CEE-B859-98BA319D9B8E}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
17:27:51.0787 2168  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {34CCA69D-0864-4B6E-B080-BC61017ED9EC}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
17:27:51.0787 2168  MBR partitions:
17:27:51.0787 2168  \Device\Harddisk2\DR2:
17:27:51.0787 2168  MBR partitions:
17:27:51.0787 2168  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1DCEF8DB
17:27:51.0787 2168  ============================================================
17:27:51.0809 2168  C: <-> \Device\Harddisk1\DR1\Partition2
17:27:51.0830 2168  D: <-> \Device\Harddisk0\DR0\Partition1
17:27:51.0832 2168  G: <-> \Device\Harddisk2\DR2\Partition1
17:27:51.0832 2168  ============================================================
17:27:51.0832 2168  Initialize success
17:27:51.0832 2168  ============================================================
17:28:24.0794 4836  ============================================================
17:28:24.0794 4836  Scan started
17:28:24.0794 4836  Mode: Manual; TDLFS;
17:28:24.0794 4836  ============================================================
17:28:25.0439 4836  ================ Scan system memory ========================
17:28:25.0439 4836  System memory - ok
17:28:25.0440 4836  ================ Scan services =============================
17:28:25.0476 4836  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        G:\Windows\System32\drivers\1394ohci.sys
17:28:25.0478 4836  1394ohci - ok
17:28:25.0482 4836  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           G:\Windows\system32\drivers\3ware.sys
17:28:25.0484 4836  3ware - ok
17:28:25.0492 4836  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            G:\Windows\system32\drivers\ACPI.sys
17:28:25.0495 4836  ACPI - ok
17:28:25.0499 4836  [ DC968C37822117E576B933F34A2D130C ] acpiex          G:\Windows\system32\Drivers\acpiex.sys
17:28:25.0501 4836  acpiex - ok
17:28:25.0503 4836  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        G:\Windows\System32\drivers\acpipagr.sys
17:28:25.0505 4836  acpipagr - ok
17:28:25.0508 4836  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         G:\Windows\System32\drivers\acpipmi.sys
17:28:25.0509 4836  AcpiPmi - ok
17:28:25.0512 4836  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        G:\Windows\System32\drivers\acpitime.sys
17:28:25.0513 4836  acpitime - ok
17:28:25.0522 4836  [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 G:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
17:28:25.0524 4836  AdobeActiveFileMonitor11.0 - ok
17:28:25.0530 4836  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice G:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:28:25.0531 4836  AdobeARMservice - ok
17:28:25.0554 4836  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc G:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:28:25.0556 4836  AdobeFlashPlayerUpdateSvc - ok
17:28:25.0563 4836  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         G:\Windows\system32\drivers\adp94xx.sys
17:28:25.0567 4836  adp94xx - ok
17:28:25.0573 4836  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         G:\Windows\system32\drivers\adpahci.sys
17:28:25.0577 4836  adpahci - ok
17:28:25.0581 4836  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         G:\Windows\system32\drivers\adpu320.sys
17:28:25.0584 4836  adpu320 - ok
17:28:25.0590 4836  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     G:\Windows\System32\aelupsvc.dll
17:28:25.0591 4836  AeLookupSvc - ok
17:28:25.0598 4836  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             G:\Windows\system32\drivers\afd.sys
17:28:25.0603 4836  AFD - ok
17:28:25.0607 4836  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          G:\Windows\system32\drivers\agp440.sys
17:28:25.0608 4836  agp440 - ok
17:28:25.0612 4836  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             G:\Windows\System32\alg.exe
17:28:25.0614 4836  ALG - ok
17:28:25.0616 4836  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent G:\Windows\system32\AUInstallAgent.dll
17:28:25.0617 4836  AllUserInstallAgent - ok
17:28:25.0621 4836  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           G:\Windows\System32\drivers\amdk8.sys
17:28:25.0623 4836  AmdK8 - ok
17:28:25.0627 4836  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          G:\Windows\System32\drivers\amdppm.sys
17:28:25.0628 4836  AmdPPM - ok
17:28:25.0631 4836  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         G:\Windows\system32\drivers\amdsata.sys
17:28:25.0632 4836  amdsata - ok
17:28:25.0637 4836  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          G:\Windows\system32\drivers\amdsbs.sys
17:28:25.0640 4836  amdsbs - ok
17:28:25.0644 4836  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         G:\Windows\system32\drivers\amdxata.sys
17:28:25.0644 4836  amdxata - ok
17:28:25.0648 4836  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           G:\Windows\system32\drivers\appid.sys
17:28:25.0649 4836  AppID - ok
17:28:25.0652 4836  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        G:\Windows\System32\appidsvc.dll
17:28:25.0652 4836  AppIDSvc - ok
17:28:25.0656 4836  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         G:\Windows\System32\appinfo.dll
17:28:25.0656 4836  Appinfo - ok
17:28:25.0661 4836  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device G:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:28:25.0663 4836  Apple Mobile Device - ok
17:28:25.0668 4836  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         G:\Windows\System32\appmgmts.dll
17:28:25.0669 4836  AppMgmt - ok
17:28:25.0672 4836  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             G:\Windows\system32\drivers\arc.sys
17:28:25.0674 4836  arc - ok
17:28:25.0678 4836  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          G:\Windows\system32\drivers\arcsas.sys
17:28:25.0679 4836  arcsas - ok
17:28:25.0682 4836  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        G:\Windows\system32\DRIVERS\asyncmac.sys
17:28:25.0684 4836  AsyncMac - ok
17:28:25.0686 4836  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           G:\Windows\system32\drivers\atapi.sys
17:28:25.0687 4836  atapi - ok
17:28:25.0691 4836  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder G:\Windows\System32\AudioEndpointBuilder.dll
17:28:25.0692 4836  AudioEndpointBuilder - ok
17:28:25.0702 4836  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        G:\Windows\System32\Audiosrv.dll
17:28:25.0708 4836  Audiosrv - ok
17:28:25.0712 4836  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        G:\Windows\System32\AxInstSV.dll
17:28:25.0713 4836  AxInstSV - ok
17:28:25.0721 4836  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         G:\Windows\system32\drivers\bxvbda.sys
17:28:25.0726 4836  b06bdrv - ok
17:28:25.0730 4836  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    G:\Windows\System32\drivers\BasicDisplay.sys
17:28:25.0731 4836  BasicDisplay - ok
17:28:25.0734 4836  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     G:\Windows\System32\drivers\BasicRender.sys
17:28:25.0736 4836  BasicRender - ok
17:28:25.0741 4836  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          G:\Windows\System32\bdesvc.dll
17:28:25.0742 4836  BDESVC - ok
17:28:25.0745 4836  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            G:\Windows\system32\drivers\Beep.sys
17:28:25.0745 4836  Beep - ok
17:28:25.0755 4836  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             G:\Windows\System32\bfe.dll
17:28:25.0760 4836  BFE - ok
17:28:25.0770 4836  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            G:\Windows\system32\qmgr.dll
17:28:25.0777 4836  BITS - ok
17:28:25.0785 4836  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service G:\Program Files\Bonjour\mDNSResponder.exe
17:28:25.0788 4836  Bonjour Service - ok
17:28:25.0792 4836  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          G:\Windows\system32\DRIVERS\bowser.sys
17:28:25.0794 4836  bowser - ok
17:28:25.0798 4836  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure G:\Windows\System32\bisrv.dll
17:28:25.0799 4836  BrokerInfrastructure - ok
17:28:25.0803 4836  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         G:\Windows\System32\browser.dll
17:28:25.0805 4836  Browser - ok
17:28:25.0808 4836  [ D4FA5A33E345CFB6D635579A8EE02399 ] BthA2DP         G:\Windows\system32\drivers\BthA2DP.sys
17:28:25.0810 4836  BthA2DP - ok
17:28:25.0813 4836  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      G:\Windows\System32\drivers\BthAvrcpTg.sys
17:28:25.0814 4836  BthAvrcpTg - ok
17:28:25.0817 4836  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         G:\Windows\System32\drivers\BthEnum.sys
17:28:25.0818 4836  BthEnum - ok
17:28:25.0821 4836  [ E695E706C9E11DD5201605F1F6B4505C ] BthHFAud        G:\Windows\System32\drivers\BthHfAud.sys
17:28:25.0822 4836  BthHFAud - ok
17:28:25.0825 4836  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       G:\Windows\System32\drivers\bthhfenum.sys
17:28:25.0826 4836  BthHFEnum - ok
17:28:25.0829 4836  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        G:\Windows\System32\drivers\BthHFHid.sys
17:28:25.0831 4836  bthhfhid - ok
17:28:25.0836 4836  [ 447A41162B74E345C8E80A681867C653 ] BthHFSrv        G:\Windows\System32\BthHFSrv.dll
17:28:25.0839 4836  BthHFSrv - ok
17:28:25.0842 4836  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        G:\Windows\System32\drivers\bthmodem.sys
17:28:25.0844 4836  BTHMODEM - ok
17:28:25.0847 4836  [ 091BB978E9504D0AD14586929431A957 ] BthPan          G:\Windows\system32\DRIVERS\bthpan.sys
17:28:25.0850 4836  BthPan - ok
17:28:25.0862 4836  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         G:\Windows\System32\Drivers\BTHport.sys
17:28:25.0870 4836  BTHPORT - ok
17:28:25.0874 4836  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         G:\Windows\system32\bthserv.dll
17:28:25.0875 4836  bthserv - ok
17:28:25.0878 4836  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          G:\Windows\System32\Drivers\BTHUSB.sys
17:28:25.0880 4836  BTHUSB - ok
17:28:25.0882 4836  catchme - ok
17:28:25.0886 4836  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            G:\Windows\system32\DRIVERS\cdfs.sys
17:28:25.0888 4836  cdfs - ok
17:28:25.0892 4836  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           G:\Windows\System32\drivers\cdrom.sys
17:28:25.0893 4836  cdrom - ok
17:28:25.0897 4836  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     G:\Windows\System32\certprop.dll
17:28:25.0898 4836  CertPropSvc - ok
17:28:25.0901 4836  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        G:\Windows\System32\drivers\circlass.sys
17:28:25.0903 4836  circlass - ok
17:28:25.0908 4836  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            G:\Windows\system32\drivers\CLFS.sys
17:28:25.0912 4836  CLFS - ok
17:28:25.0919 4836  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          G:\Windows\System32\drivers\CmBatt.sys
17:28:25.0920 4836  CmBatt - ok
17:28:25.0927 4836  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             G:\Windows\system32\Drivers\cng.sys
17:28:25.0933 4836  CNG - ok
17:28:25.0946 4836  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    G:\Windows\System32\drivers\CompositeBus.sys
17:28:25.0947 4836  CompositeBus - ok
17:28:25.0950 4836  COMSysApp - ok
17:28:25.0954 4836  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          G:\Windows\system32\drivers\condrv.sys
17:28:25.0955 4836  condrv - ok
17:28:25.0959 4836  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        G:\Windows\system32\cryptsvc.dll
17:28:25.0960 4836  CryptSvc - ok
17:28:25.0967 4836  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             G:\Windows\system32\drivers\csc.sys
17:28:25.0973 4836  CSC - ok
17:28:25.0983 4836  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      G:\Windows\System32\cscsvc.dll
17:28:25.0988 4836  CscService - ok
17:28:25.0992 4836  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             G:\Windows\system32\drivers\dam.sys
17:28:25.0993 4836  dam - ok
17:28:25.0998 4836  [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d            G:\Windows\System32\drivers\dc3d.sys
17:28:25.0999 4836  dc3d - ok
17:28:26.0010 4836  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      G:\Windows\system32\rpcss.dll
17:28:26.0017 4836  DcomLaunch - ok
17:28:26.0023 4836  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       G:\Windows\System32\defragsvc.dll
17:28:26.0026 4836  defragsvc - ok
17:28:26.0032 4836  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService G:\Windows\system32\das.dll
17:28:26.0035 4836  DeviceAssociationService - ok
17:28:26.0038 4836  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   G:\Windows\system32\umpnpmgr.dll
17:28:26.0040 4836  DeviceInstall - ok
17:28:26.0043 4836  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            G:\Windows\system32\Drivers\dfsc.sys
17:28:26.0045 4836  Dfsc - ok
17:28:26.0051 4836  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            G:\Windows\system32\dhcpcore.dll
17:28:26.0053 4836  Dhcp - ok
17:28:26.0056 4836  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        G:\Windows\system32\drivers\discache.sys
17:28:26.0057 4836  discache - ok
17:28:26.0062 4836  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            G:\Windows\system32\drivers\disk.sys
17:28:26.0064 4836  disk - ok
17:28:26.0067 4836  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           G:\Windows\System32\drivers\dmvsc.sys
17:28:26.0067 4836  dmvsc - ok
17:28:26.0072 4836  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        G:\Windows\System32\dnsrslvr.dll
17:28:26.0073 4836  Dnscache - ok
17:28:26.0079 4836  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         G:\Windows\System32\dot3svc.dll
17:28:26.0081 4836  dot3svc - ok
17:28:26.0086 4836  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             G:\Windows\system32\dps.dll
17:28:26.0087 4836  DPS - ok
17:28:26.0093 4836  [ CCA30A1F8398B46431A03CF6BB0F8789 ] DragonSvc       G:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
17:28:26.0096 4836  DragonSvc - ok
17:28:26.0098 4836  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         G:\Windows\system32\drivers\drmkaud.sys
17:28:26.0100 4836  drmkaud - ok
17:28:26.0104 4836  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          G:\Windows\System32\DeviceSetupManager.dll
17:28:26.0105 4836  DsmSvc - ok
17:28:26.0112 4836  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     G:\Windows\System32\drivers\dtsoftbus01.sys
17:28:26.0115 4836  dtsoftbus01 - ok
17:28:26.0130 4836  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         G:\Windows\System32\drivers\dxgkrnl.sys
17:28:26.0141 4836  DXGKrnl - ok
17:28:26.0144 4836  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         G:\Windows\System32\eapsvc.dll
17:28:26.0145 4836  Eaphost - ok
17:28:26.0176 4836  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           G:\Windows\system32\drivers\evbda.sys
17:28:26.0199 4836  ebdrv - ok
17:28:26.0203 4836  [ F702AB6181513303AB0FC8D59E52708B ] EFS             G:\Windows\System32\lsass.exe
17:28:26.0205 4836  EFS - ok
17:28:26.0209 4836  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     G:\Windows\system32\drivers\EhStorClass.sys
17:28:26.0211 4836  EhStorClass - ok
17:28:26.0218 4836  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    G:\Windows\system32\drivers\EhStorTcgDrv.sys
17:28:26.0221 4836  EhStorTcgDrv - ok
17:28:26.0227 4836  [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv        G:\Windows\system32\epmntdrv.sys
17:28:26.0230 4836  epmntdrv - ok
17:28:26.0235 4836  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          G:\Windows\System32\drivers\errdev.sys
17:28:26.0237 4836  ErrDev - ok
17:28:26.0241 4836  [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv        G:\Windows\system32\EuGdiDrv.sys
17:28:26.0242 4836  EuGdiDrv - ok
17:28:26.0253 4836  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     G:\Windows\system32\es.dll
17:28:26.0255 4836  EventSystem - ok
17:28:26.0261 4836  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           G:\Windows\system32\drivers\exfat.sys
17:28:26.0263 4836  exfat - ok
17:28:26.0269 4836  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         G:\Windows\system32\drivers\fastfat.sys
17:28:26.0271 4836  fastfat - ok
17:28:26.0281 4836  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             G:\Windows\system32\fxssvc.exe
17:28:26.0287 4836  Fax - ok
17:28:26.0290 4836  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             G:\Windows\System32\drivers\fdc.sys
17:28:26.0293 4836  fdc - ok
17:28:26.0295 4836  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         G:\Windows\system32\fdPHost.dll
17:28:26.0296 4836  fdPHost - ok
17:28:26.0300 4836  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        G:\Windows\system32\fdrespub.dll
17:28:26.0300 4836  FDResPub - ok
17:28:26.0304 4836  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           G:\Windows\system32\fhsvc.dll
17:28:26.0305 4836  fhsvc - ok
17:28:26.0308 4836  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        G:\Windows\system32\drivers\fileinfo.sys
17:28:26.0309 4836  FileInfo - ok
17:28:26.0312 4836  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       G:\Windows\system32\drivers\filetrace.sys
17:28:26.0313 4836  Filetrace - ok
17:28:26.0316 4836  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        G:\Windows\System32\drivers\flpydisk.sys
17:28:26.0316 4836  flpydisk - ok
17:28:26.0322 4836  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          G:\Windows\system32\drivers\fltmgr.sys
17:28:26.0326 4836  FltMgr - ok
17:28:26.0340 4836  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       G:\Windows\system32\FntCache.dll
17:28:26.0351 4836  FontCache - ok
17:28:26.0356 4836  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 G:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:28:26.0357 4836  FontCache3.0.0.0 - ok
17:28:26.0360 4836  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       G:\Windows\system32\drivers\FsDepends.sys
17:28:26.0361 4836  FsDepends - ok
17:28:26.0364 4836  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          G:\Windows\system32\drivers\Fs_Rec.sys
17:28:26.0365 4836  Fs_Rec - ok
17:28:26.0371 4836  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          G:\Windows\system32\DRIVERS\fvevol.sys
17:28:26.0377 4836  fvevol - ok
17:28:26.0379 4836  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           G:\Windows\System32\drivers\fxppm.sys
17:28:26.0379 4836  FxPPM - ok
17:28:26.0382 4836  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        G:\Windows\system32\drivers\gagp30kx.sys
17:28:26.0384 4836  gagp30kx - ok
17:28:26.0387 4836  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     G:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:28:26.0388 4836  GEARAspiWDM - ok
17:28:26.0391 4836  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      G:\Windows\System32\drivers\vmgencounter.sys
17:28:26.0392 4836  gencounter - ok
17:28:26.0397 4836  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     G:\Windows\system32\Drivers\msgpioclx.sys
17:28:26.0398 4836  GPIOClx0101 - ok
17:28:26.0412 4836  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           G:\Windows\System32\gpsvc.dll
17:28:26.0423 4836  gpsvc - ok
17:28:26.0429 4836  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:26.0433 4836  gupdate - ok
17:28:26.0437 4836  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:26.0437 4836  gupdatem - ok
17:28:26.0441 4836  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           G:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:28:26.0445 4836  gusvc - ok
17:28:26.0451 4836  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService G:\Windows\system32\drivers\HdAudio.sys
17:28:26.0455 4836  HdAudAddService - ok
17:28:26.0459 4836  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        G:\Windows\System32\drivers\HDAudBus.sys
17:28:26.0459 4836  HDAudBus - ok
17:28:26.0461 4836  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         G:\Windows\System32\drivers\HidBatt.sys
17:28:26.0463 4836  HidBatt - ok
17:28:26.0466 4836  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          G:\Windows\System32\drivers\hidbth.sys
17:28:26.0469 4836  HidBth - ok
17:28:26.0471 4836  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          G:\Windows\System32\drivers\hidi2c.sys
17:28:26.0471 4836  hidi2c - ok
17:28:26.0474 4836  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           G:\Windows\System32\drivers\hidir.sys
17:28:26.0476 4836  HidIr - ok
17:28:26.0478 4836  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         G:\Windows\System32\hidserv.dll
17:28:26.0480 4836  hidserv - ok
17:28:26.0482 4836  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          G:\Windows\System32\drivers\hidusb.sys
17:28:26.0484 4836  HidUsb - ok
17:28:26.0486 4836  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          G:\Windows\system32\kmsvc.dll
17:28:26.0489 4836  hkmsvc - ok
17:28:26.0494 4836  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener G:\Windows\system32\ListSvc.dll
17:28:26.0495 4836  HomeGroupListener - ok
17:28:26.0502 4836  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider G:\Windows\system32\provsvc.dll
17:28:26.0505 4836  HomeGroupProvider - ok
17:28:26.0510 4836  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          G:\Windows\system32\drivers\HpSAMD.sys
17:28:26.0512 4836  HpSAMD - ok
17:28:26.0522 4836  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            G:\Windows\system32\drivers\HTTP.sys
17:28:26.0528 4836  HTTP - ok
17:28:26.0548 4836  [ 51ACD072EC7863BFDE2B5B6A5383F945 ] HWiNFO32        G:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
17:28:26.0549 4836  HWiNFO32 - ok
17:28:26.0552 4836  [ 2A98301068801700906C06649860FE94 ] hwpolicy        G:\Windows\system32\drivers\hwpolicy.sys
17:28:26.0552 4836  hwpolicy - ok
17:28:26.0555 4836  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        G:\Windows\System32\drivers\hyperkbd.sys
17:28:26.0557 4836  hyperkbd - ok
17:28:26.0559 4836  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      G:\Windows\system32\DRIVERS\HyperVideo.sys
17:28:26.0559 4836  HyperVideo - ok
17:28:26.0564 4836  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        G:\Windows\System32\drivers\i8042prt.sys
17:28:26.0565 4836  i8042prt - ok
17:28:26.0572 4836  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         G:\Windows\system32\drivers\iaStorV.sys
17:28:26.0576 4836  iaStorV - ok
17:28:26.0580 4836  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        G:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:28:26.0583 4836  IDriverT - ok
17:28:26.0585 4836  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           G:\Windows\system32\drivers\iirsp.sys
17:28:26.0587 4836  iirsp - ok
17:28:26.0600 4836  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          G:\Windows\System32\ikeext.dll
17:28:26.0608 4836  IKEEXT - ok
17:28:26.0611 4836  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        G:\Windows\system32\drivers\intelide.sys
17:28:26.0611 4836  intelide - ok
17:28:26.0616 4836  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        G:\Windows\System32\drivers\intelppm.sys
17:28:26.0618 4836  intelppm - ok
17:28:26.0620 4836  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  G:\Windows\system32\DRIVERS\ipfltdrv.sys
17:28:26.0623 4836  IpFilterDriver - ok
17:28:26.0633 4836  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        G:\Windows\System32\iphlpsvc.dll
17:28:26.0640 4836  iphlpsvc - ok
17:28:26.0644 4836  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         G:\Windows\System32\drivers\IPMIDrv.sys
17:28:26.0645 4836  IPMIDRV - ok
17:28:26.0649 4836  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           G:\Windows\system32\drivers\ipnat.sys
17:28:26.0651 4836  IPNAT - ok
17:28:26.0661 4836  [ 0FF335D687C85097725A53458160E81E ] iPod Service    G:\Program Files\iPod\bin\iPodService.exe
17:28:26.0666 4836  iPod Service - ok
17:28:26.0670 4836  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          G:\Windows\system32\drivers\irenum.sys
17:28:26.0670 4836  IRENUM - ok
17:28:26.0673 4836  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          G:\Windows\system32\drivers\isapnp.sys
17:28:26.0674 4836  isapnp - ok
17:28:26.0679 4836  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        G:\Windows\System32\drivers\msiscsi.sys
17:28:26.0682 4836  iScsiPrt - ok
17:28:26.0688 4836  [ CB30BC4ECF8B96BC090EC5DA09E9B17D ] k57nd60a        G:\Windows\system32\DRIVERS\k57nd60a.sys
17:28:26.0692 4836  k57nd60a - ok
17:28:26.0696 4836  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        G:\Windows\System32\drivers\kbdclass.sys
17:28:26.0697 4836  kbdclass - ok
17:28:26.0700 4836  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          G:\Windows\System32\drivers\kbdhid.sys
17:28:26.0701 4836  kbdhid - ok
17:28:26.0704 4836  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           G:\Windows\system32\DRIVERS\kdnic.sys
17:28:26.0704 4836  kdnic - ok
17:28:26.0707 4836  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          G:\Windows\system32\lsass.exe
17:28:26.0708 4836  KeyIso - ok
17:28:26.0711 4836  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          G:\Windows\system32\Drivers\ksecdd.sys
17:28:26.0713 4836  KSecDD - ok
17:28:26.0717 4836  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         G:\Windows\system32\Drivers\ksecpkg.sys
17:28:26.0719 4836  KSecPkg - ok
17:28:26.0722 4836  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         G:\Windows\system32\drivers\ksthunk.sys
17:28:26.0723 4836  ksthunk - ok
17:28:26.0729 4836  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           G:\Windows\system32\msdtckrm.dll
17:28:26.0735 4836  KtmRm - ok
17:28:26.0740 4836  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    G:\Windows\System32\srvsvc.dll
17:28:26.0743 4836  LanmanServer - ok
17:28:26.0748 4836  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation G:\Windows\System32\wkssvc.dll
17:28:26.0751 4836  LanmanWorkstation - ok
17:28:26.0758 4836  [ 70FB6254E29150A7A4A39FDFFD306C33 ] LBTServ         G:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:28:26.0762 4836  LBTServ - ok
17:28:26.0767 4836  [ 1470EF17E02E82E4F43346DF9E9F11E1 ] LHidFilt        G:\Windows\system32\DRIVERS\LHidFilt.Sys
17:28:26.0768 4836  LHidFilt - ok
17:28:26.0771 4836  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          G:\Windows\system32\DRIVERS\lltdio.sys
17:28:26.0772 4836  lltdio - ok
17:28:26.0778 4836  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         G:\Windows\System32\lltdsvc.dll
17:28:26.0780 4836  lltdsvc - ok
17:28:26.0783 4836  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         G:\Windows\System32\lmhsvc.dll
17:28:26.0784 4836  lmhosts - ok
17:28:26.0787 4836  [ 12814AE119E959437BEA3110F81BD188 ] LMouFilt        G:\Windows\system32\DRIVERS\LMouFilt.Sys
17:28:26.0788 4836  LMouFilt - ok
17:28:26.0793 4836  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         G:\Windows\system32\drivers\lsi_sas.sys
17:28:26.0794 4836  LSI_SAS - ok
17:28:26.0798 4836  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        G:\Windows\system32\drivers\lsi_sas2.sys
17:28:26.0800 4836  LSI_SAS2 - ok
17:28:26.0803 4836  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        G:\Windows\system32\drivers\lsi_scsi.sys
17:28:26.0805 4836  LSI_SCSI - ok
17:28:26.0808 4836  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         G:\Windows\system32\drivers\lsi_sss.sys
17:28:26.0810 4836  LSI_SSS - ok
17:28:26.0816 4836  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             G:\Windows\System32\lsm.dll
17:28:26.0820 4836  LSM - ok
17:28:26.0824 4836  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           G:\Windows\system32\drivers\luafv.sys
17:28:26.0826 4836  luafv - ok
17:28:26.0831 4836  [ A0A527569856B9814E8920F52EBB67F5 ] LVRS64          G:\Windows\system32\DRIVERS\lvrs64.sys
17:28:26.0835 4836  LVRS64 - ok
17:28:26.0879 4836  [ 415E344294D1C0D04627B29146F68481 ] LVUVC64         G:\Windows\system32\DRIVERS\lvuvc64.sys
17:28:26.0935 4836  LVUVC64 - ok
17:28:26.0944 4836  [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon   G:\Windows\system32\drivers\mbamchameleon.sys
17:28:26.0944 4836  mbamchameleon - ok
17:28:26.0950 4836  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   G:\Windows\system32\drivers\mbam.sys
17:28:26.0951 4836  MBAMProtector - ok
17:28:26.0957 4836  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:28:26.0961 4836  MBAMScheduler - ok
17:28:26.0970 4836  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:28:26.0975 4836  MBAMService - ok
17:28:26.0977 4836  mbamswissarmy - ok
17:28:26.0980 4836  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         G:\Windows\system32\drivers\megasas.sys
17:28:26.0981 4836  megasas - ok
17:28:26.0987 4836  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          G:\Windows\system32\drivers\MegaSR.sys
17:28:26.0991 4836  MegaSR - ok
17:28:26.0994 4836  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           G:\Windows\system32\mmcss.dll
17:28:26.0996 4836  MMCSS - ok
17:28:26.0999 4836  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           G:\Windows\system32\drivers\modem.sys
17:28:26.0999 4836  Modem - ok
17:28:27.0002 4836  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         G:\Windows\System32\drivers\monitor.sys
17:28:27.0004 4836  monitor - ok
17:28:27.0007 4836  [ 618446B98C79776654340CE27C73485E ] mouclass        G:\Windows\System32\drivers\mouclass.sys
17:28:27.0008 4836  mouclass - ok
17:28:27.0011 4836  [ C0ADEBED913295803B579ED288936CBB ] mouhid          G:\Windows\System32\drivers\mouhid.sys
17:28:27.0011 4836  mouhid - ok
17:28:27.0015 4836  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        G:\Windows\system32\drivers\mountmgr.sys
17:28:27.0016 4836  mountmgr - ok
17:28:27.0020 4836  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance G:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:28:27.0021 4836  MozillaMaintenance - ok
17:28:27.0025 4836  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          G:\Windows\system32\drivers\mpsdrv.sys
17:28:27.0026 4836  mpsdrv - ok
17:28:27.0037 4836  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          G:\Windows\system32\mpssvc.dll
17:28:27.0043 4836  MpsSvc - ok
17:28:27.0048 4836  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          G:\Windows\system32\drivers\mrxdav.sys
17:28:27.0050 4836  MRxDAV - ok
17:28:27.0056 4836  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          G:\Windows\system32\DRIVERS\mrxsmb.sys
17:28:27.0060 4836  mrxsmb - ok
17:28:27.0066 4836  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        G:\Windows\system32\DRIVERS\mrxsmb10.sys
17:28:27.0069 4836  mrxsmb10 - ok
17:28:27.0074 4836  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        G:\Windows\system32\DRIVERS\mrxsmb20.sys
17:28:27.0076 4836  mrxsmb20 - ok
17:28:27.0080 4836  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        G:\Windows\system32\DRIVERS\bridge.sys
17:28:27.0082 4836  MsBridge - ok
17:28:27.0086 4836  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           G:\Windows\System32\msdtc.exe
17:28:27.0088 4836  MSDTC - ok
17:28:27.0093 4836  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            G:\Windows\system32\drivers\Msfs.sys
17:28:27.0093 4836  Msfs - ok
17:28:27.0096 4836  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     G:\Windows\System32\drivers\msgpiowin32.sys
17:28:27.0098 4836  msgpiowin32 - ok
17:28:27.0100 4836  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       G:\Windows\System32\drivers\mshidkmdf.sys
17:28:27.0101 4836  mshidkmdf - ok
17:28:27.0104 4836  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       G:\Windows\System32\drivers\mshidumdf.sys
17:28:27.0105 4836  mshidumdf - ok
17:28:27.0108 4836  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        G:\Windows\system32\drivers\msisadrv.sys
17:28:27.0109 4836  msisadrv - ok
17:28:27.0113 4836  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         G:\Windows\system32\iscsiexe.dll
17:28:27.0114 4836  MSiSCSI - ok
17:28:27.0116 4836  msiserver - ok
17:28:27.0119 4836  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         G:\Windows\system32\drivers\MSKSSRV.sys
17:28:27.0120 4836  MSKSSRV - ok
17:28:27.0123 4836  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          G:\Windows\system32\DRIVERS\mslldp.sys
17:28:27.0124 4836  MsLldp - ok
17:28:27.0127 4836  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        G:\Windows\system32\drivers\MSPCLOCK.sys
17:28:27.0127 4836  MSPCLOCK - ok
17:28:27.0130 4836  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           G:\Windows\system32\drivers\MSPQM.sys
17:28:27.0131 4836  MSPQM - ok
17:28:27.0137 4836  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           G:\Windows\system32\drivers\MsRPC.sys
17:28:27.0140 4836  MsRPC - ok
17:28:27.0145 4836  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        G:\Windows\System32\drivers\mssmbios.sys
17:28:27.0146 4836  mssmbios - ok
17:28:27.0148 4836  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           G:\Windows\system32\drivers\MSTEE.sys
17:28:27.0149 4836  MSTEE - ok
17:28:27.0152 4836  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        G:\Windows\System32\drivers\MTConfig.sys
17:28:27.0153 4836  MTConfig - ok
17:28:27.0156 4836  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             G:\Windows\system32\Drivers\mup.sys
17:28:27.0158 4836  Mup - ok
17:28:27.0161 4836  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          G:\Windows\system32\drivers\mvumis.sys
17:28:27.0162 4836  mvumis - ok
17:28:27.0169 4836  [ 4B18840511D720BA118D3017E8165875 ] napagent        G:\Windows\system32\qagentRT.dll
17:28:27.0173 4836  napagent - ok
17:28:27.0180 4836  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     G:\Windows\system32\DRIVERS\nwifi.sys
17:28:27.0184 4836  NativeWifiP - ok
17:28:27.0188 4836  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          G:\Windows\System32\ncasvc.dll
17:28:27.0190 4836  NcaSvc - ok
17:28:27.0193 4836  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    G:\Windows\System32\NcdAutoSetup.dll
17:28:27.0194 4836  NcdAutoSetup - ok
17:28:27.0206 4836  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            G:\Windows\system32\drivers\ndis.sys
17:28:27.0213 4836  NDIS - ok
17:28:27.0216 4836  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         G:\Windows\system32\DRIVERS\ndiscap.sys
17:28:27.0216 4836  NdisCap - ok
17:28:27.0220 4836  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  G:\Windows\system32\DRIVERS\NdisImPlatform.sys
17:28:27.0222 4836  NdisImPlatform - ok
17:28:27.0225 4836  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        G:\Windows\system32\DRIVERS\ndistapi.sys
17:28:27.0225 4836  NdisTapi - ok
17:28:27.0228 4836  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         G:\Windows\system32\DRIVERS\ndisuio.sys
17:28:27.0230 4836  Ndisuio - ok
17:28:27.0234 4836  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         G:\Windows\system32\DRIVERS\ndiswan.sys
17:28:27.0236 4836  NdisWan - ok
17:28:27.0240 4836  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   G:\Windows\system32\DRIVERS\ndiswan.sys
17:28:27.0241 4836  NDISWANLEGACY - ok
17:28:27.0244 4836  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         G:\Windows\system32\drivers\NDProxy.sys
17:28:27.0245 4836  NDProxy - ok
17:28:27.0249 4836  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             G:\Windows\system32\drivers\Ndu.sys
17:28:27.0250 4836  Ndu - ok
17:28:27.0253 4836  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         G:\Windows\system32\DRIVERS\netaapl64.sys
17:28:27.0254 4836  Netaapl - ok
17:28:27.0256 4836  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         G:\Windows\system32\DRIVERS\netbios.sys
17:28:27.0258 4836  NetBIOS - ok
17:28:27.0263 4836  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           G:\Windows\system32\DRIVERS\netbt.sys
17:28:27.0266 4836  NetBT - ok
17:28:27.0273 4836  [ 40DE9F282262D5CD87DC6091277FE149 ] NETGEARGenieDaemon G:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
17:28:27.0276 4836  NETGEARGenieDaemon - ok
17:28:27.0279 4836  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        G:\Windows\system32\lsass.exe
17:28:27.0280 4836  Netlogon - ok
17:28:27.0285 4836  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          G:\Windows\System32\netman.dll
17:28:27.0287 4836  Netman - ok
17:28:27.0294 4836  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        G:\Windows\System32\netprofmsvc.dll
17:28:27.0297 4836  netprofm - ok
17:28:27.0305 4836  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing G:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:28:27.0311 4836  NetTcpPortSharing - ok
17:28:27.0314 4836  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         G:\Windows\system32\drivers\nfrd960.sys
17:28:27.0314 4836  nfrd960 - ok
17:28:27.0320 4836  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          G:\Windows\System32\nlasvc.dll
17:28:27.0324 4836  NlaSvc - ok
17:28:27.0328 4836  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             G:\Windows\system32\drivers\NPF.sys
17:28:27.0329 4836  NPF - ok
17:28:27.0332 4836  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            G:\Windows\system32\drivers\Npfs.sys
17:28:27.0333 4836  Npfs - ok
17:28:27.0336 4836  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       G:\Windows\System32\drivers\npsvctrig.sys
17:28:27.0337 4836  npsvctrig - ok
17:28:27.0339 4836  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             G:\Windows\system32\nsisvc.dll
17:28:27.0341 4836  nsi - ok
17:28:27.0344 4836  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        G:\Windows\system32\drivers\nsiproxy.sys
17:28:27.0345 4836  nsiproxy - ok
17:28:27.0365 4836  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            G:\Windows\system32\drivers\Ntfs.sys
17:28:27.0379 4836  Ntfs - ok
17:28:27.0382 4836  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            G:\Windows\system32\drivers\Null.sys
17:28:27.0384 4836  Null - ok
17:28:27.0388 4836  [ 554964B900AE2954B8B589B6287034AC ] NVHDA           G:\Windows\system32\drivers\nvhda64v.sys
17:28:27.0390 4836  NVHDA - ok
17:28:27.0523 4836  [ CAE36B87BA85C83FDC6DBDC75FB79A12 ] nvlddmkm        G:\Windows\system32\DRIVERS\nvlddmkm.sys
17:28:27.0607 4836  nvlddmkm - ok
17:28:27.0614 4836  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          G:\Windows\system32\drivers\nvraid.sys
17:28:27.0616 4836  nvraid - ok
17:28:27.0620 4836  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          G:\Windows\system32\drivers\nvstor.sys
17:28:27.0622 4836  nvstor - ok
17:28:27.0764 4836  [ 912602BB857F31BAAD644C993D0E5F8D ] NvStreamSvc     G:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:28:27.0870 4836  NvStreamSvc - ok
17:28:27.0883 4836  [ 184DCB033167A5A23AED43780105A759 ] nvsvc           G:\Windows\system32\nvvsvc.exe
17:28:27.0891 4836  nvsvc - ok
17:28:27.0911 4836  [ 056EF5C4AF4BD002AEAE417412C8EB71 ] nvUpdatusService G:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:28:27.0934 4836  nvUpdatusService - ok
17:28:27.0949 4836  [ 92E4BEE1A9EC0572F794B5BAECC0B599 ] nvvad_WaveExtensible G:\Windows\system32\drivers\nvvad64v.sys
17:28:27.0951 4836  nvvad_WaveExtensible - ok
17:28:27.0958 4836  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          G:\Windows\system32\drivers\nv_agp.sys
17:28:27.0960 4836  nv_agp - ok
17:28:27.0967 4836  [ B9C125314A025127FE562C116D614AA3 ] ose64           G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:28:27.0970 4836  ose64 - ok
17:28:27.0980 4836  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        G:\Windows\system32\pnrpsvc.dll
17:28:27.0985 4836  p2pimsvc - ok
17:28:27.0993 4836  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          G:\Windows\system32\p2psvc.dll
17:28:27.0999 4836  p2psvc - ok
17:28:28.0005 4836  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         G:\Windows\System32\drivers\parport.sys
17:28:28.0007 4836  Parport - ok
17:28:28.0010 4836  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         G:\Windows\system32\drivers\partmgr.sys
17:28:28.0012 4836  partmgr - ok
17:28:28.0018 4836  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          G:\Windows\System32\pcasvc.dll
17:28:28.0021 4836  PcaSvc - ok
17:28:28.0026 4836  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             G:\Windows\system32\drivers\pci.sys
17:28:28.0029 4836  pci - ok
17:28:28.0032 4836  [ F9908D274D458220F91E89B54D78D837 ] pciide          G:\Windows\system32\drivers\pciide.sys
17:28:28.0033 4836  pciide - ok
17:28:28.0038 4836  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          G:\Windows\system32\drivers\pcmcia.sys
17:28:28.0040 4836  pcmcia - ok
17:28:28.0044 4836  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             G:\Windows\system32\drivers\pcw.sys
17:28:28.0044 4836  pcw - ok
17:28:28.0047 4836  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             G:\Windows\system32\drivers\pdc.sys
17:28:28.0049 4836  pdc - ok
17:28:28.0059 4836  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          G:\Windows\system32\drivers\peauth.sys
17:28:28.0065 4836  PEAUTH - ok
17:28:28.0089 4836  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     G:\Windows\system32\peerdistsvc.dll
17:28:28.0109 4836  PeerDistSvc - ok
17:28:28.0129 4836  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        G:\Windows\SysWow64\perfhost.exe
17:28:28.0133 4836  PerfHost - ok
17:28:28.0166 4836  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             G:\Windows\system32\pla.dll
17:28:28.0187 4836  pla - ok
17:28:28.0191 4836  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        G:\Windows\system32\umpnpmgr.dll
17:28:28.0193 4836  PlugPlay - ok
17:28:28.0196 4836  PnkBstrA - ok
17:28:28.0200 4836  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     G:\Windows\system32\pnrpauto.dll
17:28:28.0202 4836  PNRPAutoReg - ok
17:28:28.0207 4836  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         G:\Windows\system32\pnrpsvc.dll
17:28:28.0210 4836  PNRPsvc - ok
17:28:28.0214 4836  [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64         G:\Windows\System32\drivers\point64.sys
17:28:28.0216 4836  Point64 - ok
17:28:28.0223 4836  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     G:\Windows\System32\ipsecsvc.dll
17:28:28.0227 4836  PolicyAgent - ok
17:28:28.0231 4836  [ F1E067F56373F11EA4B785CAE823740A ] Power           G:\Windows\system32\umpo.dll
17:28:28.0233 4836  Power - ok
17:28:28.0237 4836  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    G:\Windows\system32\DRIVERS\raspptp.sys
17:28:28.0239 4836  PptpMiniport - ok
17:28:28.0268 4836  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     G:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:28:28.0311 4836  PrintNotify - ok
17:28:28.0315 4836  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       G:\Windows\System32\drivers\processr.sys
17:28:28.0317 4836  Processor - ok
17:28:28.0322 4836  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         G:\Windows\system32\profsvc.dll
17:28:28.0325 4836  ProfSvc - ok
17:28:28.0330 4836  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          G:\Windows\system32\DRIVERS\pacer.sys
17:28:28.0332 4836  Psched - ok
17:28:28.0336 4836  [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64        G:\Windows\system32\Drivers\PxHlpa64.sys
17:28:28.0338 4836  PxHlpa64 - ok
17:28:28.0344 4836  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           G:\Windows\system32\qwave.dll
17:28:28.0347 4836  QWAVE - ok
17:28:28.0350 4836  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        G:\Windows\system32\drivers\qwavedrv.sys
17:28:28.0351 4836  QWAVEdrv - ok
17:28:28.0354 4836  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          G:\Windows\system32\DRIVERS\rasacd.sys
17:28:28.0355 4836  RasAcd - ok
17:28:28.0360 4836  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     G:\Windows\system32\DRIVERS\AgileVpn.sys
17:28:28.0361 4836  RasAgileVpn - ok
17:28:28.0365 4836  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         G:\Windows\System32\rasauto.dll
17:28:28.0367 4836  RasAuto - ok
17:28:28.0371 4836  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         G:\Windows\system32\DRIVERS\rasl2tp.sys
17:28:28.0372 4836  Rasl2tp - ok
17:28:28.0378 4836  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          G:\Windows\System32\rasmans.dll
17:28:28.0382 4836  RasMan - ok
17:28:28.0385 4836  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        G:\Windows\system32\DRIVERS\raspppoe.sys
17:28:28.0386 4836  RasPppoe - ok
17:28:28.0389 4836  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         G:\Windows\system32\DRIVERS\rassstp.sys
17:28:28.0390 4836  RasSstp - ok
17:28:28.0397 4836  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           G:\Windows\system32\DRIVERS\rdbss.sys
17:28:28.0401 4836  rdbss - ok
17:28:28.0405 4836  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          G:\Windows\System32\drivers\rdpbus.sys
17:28:28.0406 4836  rdpbus - ok
17:28:28.0410 4836  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           G:\Windows\system32\drivers\rdpdr.sys
17:28:28.0412 4836  RDPDR - ok
17:28:28.0417 4836  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport G:\Windows\system32\drivers\rdpvideominiport.sys
17:28:28.0418 4836  RdpVideoMiniport - ok
17:28:28.0423 4836  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           G:\Windows\system32\drivers\RDPWD.sys
17:28:28.0425 4836  RDPWD - ok
17:28:28.0430 4836  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        G:\Windows\system32\drivers\rdyboost.sys
17:28:28.0432 4836  rdyboost - ok
17:28:28.0435 4836  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    G:\Windows\System32\mprdim.dll
17:28:28.0437 4836  RemoteAccess - ok
17:28:28.0441 4836  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  G:\Windows\system32\regsvc.dll
17:28:28.0443 4836  RemoteRegistry - ok
17:28:28.0452 4836  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          G:\Windows\System32\drivers\rfcomm.sys
17:28:28.0454 4836  RFCOMM - ok
17:28:28.0457 4836  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    G:\Windows\System32\RpcEpMap.dll
17:28:28.0459 4836  RpcEptMapper - ok
17:28:28.0462 4836  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      G:\Windows\system32\locator.exe
17:28:28.0463 4836  RpcLocator - ok
17:28:28.0473 4836  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           G:\Windows\system32\rpcss.dll
17:28:28.0478 4836  RpcSs - ok
17:28:28.0481 4836  [ E04E770DD198B9399640717145E79EBF ] rspndr          G:\Windows\system32\DRIVERS\rspndr.sys
17:28:28.0482 4836  rspndr - ok
17:28:28.0486 4836  [ 1440C0DA81C700BD61142BC569477D81 ] RTCore64        G:\Program Files (x86)\EVGA Precision X\RTCore64.sys
17:28:28.0487 4836  RTCore64 - ok
17:28:28.0490 4836  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           G:\Windows\System32\drivers\vms3cap.sys
17:28:28.0491 4836  s3cap - ok
17:28:28.0494 4836  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           G:\Windows\system32\lsass.exe
17:28:28.0495 4836  SamSs - ok
17:28:28.0499 4836  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        G:\Windows\system32\drivers\sbp2port.sys
17:28:28.0500 4836  sbp2port - ok
17:28:28.0502 4836  SBSDWSCService - ok
17:28:28.0507 4836  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        G:\Windows\System32\SCardSvr.dll
17:28:28.0509 4836  SCardSvr - ok
17:28:28.0512 4836  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        G:\Windows\system32\DRIVERS\scfilter.sys
17:28:28.0514 4836  scfilter - ok
17:28:28.0527 4836  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        G:\Windows\system32\schedsvc.dll
17:28:28.0537 4836  Schedule - ok
17:28:28.0541 4836  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     G:\Windows\System32\certprop.dll
17:28:28.0542 4836  SCPolicySvc - ok
17:28:28.0546 4836  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           G:\Windows\System32\drivers\sdbus.sys
17:28:28.0549 4836  sdbus - ok
17:28:28.0553 4836  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          G:\Windows\System32\SDRSVC.dll
17:28:28.0555 4836  SDRSVC - ok
17:28:28.0569 4836  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService G:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:28:28.0577 4836  SDScannerService - ok
17:28:28.0580 4836  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          G:\Windows\System32\drivers\sdstor.sys
17:28:28.0582 4836  sdstor - ok
17:28:28.0596 4836  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService G:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:28:28.0605 4836  SDUpdateService - ok
17:28:28.0611 4836  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    G:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:28:28.0613 4836  SDWSCService - ok
17:28:28.0616 4836  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          G:\Windows\system32\drivers\secdrv.sys
17:28:28.0617 4836  secdrv - ok
17:28:28.0620 4836  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        G:\Windows\system32\seclogon.dll
17:28:28.0621 4836  seclogon - ok
17:28:28.0625 4836  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            G:\Windows\system32\sens.dll
17:28:28.0627 4836  SENS - ok
17:28:28.0631 4836  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        G:\Windows\system32\sensrsvc.dll
17:28:28.0632 4836  SensrSvc - ok
17:28:28.0635 4836  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           G:\Windows\system32\drivers\SerCx.sys
17:28:28.0636 4836  SerCx - ok
17:28:28.0639 4836  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         G:\Windows\System32\drivers\serenum.sys
17:28:28.0639 4836  Serenum - ok
17:28:28.0642 4836  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          G:\Windows\System32\drivers\serial.sys
17:28:28.0643 4836  Serial - ok
17:28:28.0646 4836  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        G:\Windows\System32\drivers\sermouse.sys
17:28:28.0647 4836  sermouse - ok
17:28:28.0656 4836  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      G:\Windows\system32\sessenv.dll
17:28:28.0659 4836  SessionEnv - ok
17:28:28.0662 4836  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         G:\Windows\System32\drivers\sfloppy.sys
17:28:28.0663 4836  sfloppy - ok
17:28:28.0670 4836  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    G:\Windows\System32\ipnathlp.dll
17:28:28.0673 4836  SharedAccess - ok
17:28:28.0682 4836  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection G:\Windows\System32\shsvcs.dll
17:28:28.0686 4836  ShellHWDetection - ok
17:28:28.0689 4836  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        G:\Windows\system32\drivers\SiSRaid2.sys
17:28:28.0691 4836  SiSRaid2 - ok
17:28:28.0694 4836  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        G:\Windows\system32\drivers\sisraid4.sys
17:28:28.0696 4836  SiSRaid4 - ok
17:28:28.0701 4836  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        G:\Windows\System32\snmptrap.exe
17:28:28.0703 4836  SNMPTRAP - ok
17:28:28.0708 4836  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       G:\Windows\system32\drivers\spaceport.sys
17:28:28.0712 4836  spaceport - ok
17:28:28.0715 4836  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           G:\Windows\system32\drivers\SpbCx.sys
17:28:28.0716 4836  SpbCx - ok
17:28:28.0726 4836  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         G:\Windows\System32\spoolsv.exe
17:28:28.0733 4836  Spooler - ok
17:28:28.0778 4836  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          G:\Windows\system32\sppsvc.exe
17:28:28.0829 4836  sppsvc - ok
17:28:28.0838 4836  [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd            G:\Windows\System32\Drivers\sptd.sys
17:28:28.0843 4836  sptd - ok
17:28:28.0849 4836  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             G:\Windows\system32\DRIVERS\srv.sys
17:28:28.0853 4836  srv - ok
17:28:28.0862 4836  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            G:\Windows\system32\DRIVERS\srv2.sys
17:28:28.0867 4836  srv2 - ok
17:28:28.0872 4836  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          G:\Windows\system32\DRIVERS\srvnet.sys
17:28:28.0875 4836  srvnet - ok
17:28:28.0880 4836  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         G:\Windows\System32\ssdpsrv.dll
17:28:28.0884 4836  SSDPSRV - ok
17:28:28.0888 4836  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         G:\Windows\system32\sstpsvc.dll
17:28:28.0889 4836  SstpSvc - ok
17:28:28.0892 4836  Steam Client Service - ok
17:28:28.0900 4836  [ CC10CE3A1AE2C9486DC345B118F44DE8 ] Stereo Service  G:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:28:28.0903 4836  Stereo Service - ok
17:28:28.0907 4836  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        G:\Windows\system32\drivers\stexstor.sys
17:28:28.0908 4836  stexstor - ok
17:28:28.0916 4836  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          G:\Windows\System32\wiaservc.dll
17:28:28.0921 4836  stisvc - ok
17:28:28.0924 4836  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        G:\Windows\system32\drivers\storahci.sys
17:28:28.0925 4836  storahci - ok
17:28:28.0929 4836  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         G:\Windows\system32\DRIVERS\vmstorfl.sys
17:28:28.0931 4836  storflt - ok
17:28:28.0936 4836  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         G:\Windows\system32\storsvc.dll
17:28:28.0937 4836  StorSvc - ok
17:28:28.0944 4836  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         G:\Windows\system32\drivers\storvsc.sys
17:28:28.0946 4836  storvsc - ok
17:28:28.0949 4836  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         G:\Windows\System32\drivers\storvsp.sys
17:28:28.0950 4836  storvsp - ok
17:28:28.0953 4836  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           G:\Windows\system32\svsvc.dll
17:28:28.0954 4836  svsvc - ok
17:28:28.0957 4836  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          G:\Windows\System32\drivers\swenum.sys
17:28:28.0958 4836  swenum - ok
17:28:28.0966 4836  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     G:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:28:28.0970 4836  SwitchBoard - ok
17:28:28.0977 4836  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           G:\Windows\System32\swprv.dll
17:28:28.0982 4836  swprv - ok
17:28:28.0996 4836  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         G:\Windows\system32\sysmain.dll
17:28:29.0005 4836  SysMain - ok
17:28:29.0010 4836  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker G:\Windows\System32\SystemEventsBrokerServer.dll
17:28:29.0013 4836  SystemEventsBroker - ok
17:28:29.0016 4836  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService G:\Windows\System32\TabSvc.dll
17:28:29.0018 4836  TabletInputService - ok
17:28:29.0023 4836  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         G:\Windows\System32\tapisrv.dll
17:28:29.0026 4836  TapiSrv - ok
17:28:29.0049 4836  [ 0D05E0147C1329C53AAF97882DEDD96A ] Tcpip           G:\Windows\system32\drivers\tcpip.sys
17:28:29.0064 4836  Tcpip - ok
17:28:29.0087 4836  [ 0D05E0147C1329C53AAF97882DEDD96A ] TCPIP6          G:\Windows\system32\DRIVERS\tcpip.sys
17:28:29.0098 4836  TCPIP6 - ok
17:28:29.0102 4836  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        G:\Windows\system32\drivers\tcpipreg.sys
17:28:29.0104 4836  tcpipreg - ok
17:28:29.0108 4836  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             G:\Windows\system32\DRIVERS\tdx.sys
17:28:29.0110 4836  tdx - ok
17:28:29.0113 4836  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        G:\Windows\System32\drivers\terminpt.sys
17:28:29.0114 4836  terminpt - ok
17:28:29.0122 4836  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     G:\Windows\System32\termsrv.dll
17:28:29.0127 4836  TermService - ok
17:28:29.0130 4836  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          G:\Windows\system32\themeservice.dll
17:28:29.0132 4836  Themes - ok
17:28:29.0135 4836  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     G:\Windows\system32\mmcss.dll
17:28:29.0136 4836  THREADORDER - ok
17:28:29.0140 4836  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      G:\Windows\System32\TimeBrokerServer.dll
17:28:29.0142 4836  TimeBroker - ok
17:28:29.0147 4836  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             G:\Windows\system32\drivers\tpm.sys
17:28:29.0149 4836  TPM - ok
17:28:29.0153 4836  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          G:\Windows\System32\trkwks.dll
17:28:29.0155 4836  TrkWks - ok
17:28:29.0159 4836  [ 370A6907DDF79532A39319492B1FA38A ] truecrypt       G:\Windows\system32\drivers\truecrypt.sys
17:28:29.0163 4836  truecrypt - ok
17:28:29.0166 4836  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller G:\Windows\servicing\TrustedInstaller.exe
17:28:29.0168 4836  TrustedInstaller - ok
17:28:29.0172 4836  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        G:\Windows\system32\drivers\tsusbflt.sys
17:28:29.0173 4836  TsUsbFlt - ok
17:28:29.0176 4836  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         G:\Windows\System32\drivers\TsUsbGD.sys
17:28:29.0177 4836  TsUsbGD - ok
17:28:29.0181 4836  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          G:\Windows\system32\DRIVERS\tunnel.sys
17:28:29.0183 4836  tunnel - ok
17:28:29.0186 4836  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          G:\Windows\system32\drivers\uagp35.sys
17:28:29.0187 4836  uagp35 - ok
17:28:29.0190 4836  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        G:\Windows\System32\drivers\uaspstor.sys
17:28:29.0192 4836  UASPStor - ok
17:28:29.0196 4836  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        G:\Windows\System32\drivers\ucx01000.sys
17:28:29.0199 4836  UCX01000 - ok
17:28:29.0204 4836  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            G:\Windows\system32\DRIVERS\udfs.sys
17:28:29.0208 4836  udfs - ok
17:28:29.0213 4836  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       G:\Windows\system32\UI0Detect.exe
17:28:29.0215 4836  UI0Detect - ok
17:28:29.0218 4836  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        G:\Windows\system32\drivers\uliagpkx.sys
17:28:29.0219 4836  uliagpkx - ok
17:28:29.0223 4836  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           G:\Windows\System32\drivers\umbus.sys
17:28:29.0223 4836  umbus - ok
17:28:29.0226 4836  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          G:\Windows\System32\drivers\umpass.sys
17:28:29.0227 4836  UmPass - ok
17:28:29.0232 4836  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    G:\Windows\System32\umrdp.dll
17:28:29.0235 4836  UmRdpService - ok
17:28:29.0242 4836  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        G:\Windows\System32\upnphost.dll
17:28:29.0247 4836  upnphost - ok
17:28:29.0250 4836  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       G:\Windows\System32\Drivers\usbaapl64.sys
17:28:29.0252 4836  USBAAPL64 - ok
17:28:29.0256 4836  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        G:\Windows\system32\drivers\usbaudio.sys
17:28:29.0257 4836  usbaudio - ok
17:28:29.0261 4836  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         G:\Windows\System32\drivers\usbccgp.sys
17:28:29.0263 4836  usbccgp - ok
17:28:29.0266 4836  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          G:\Windows\System32\drivers\usbcir.sys
17:28:29.0268 4836  usbcir - ok
17:28:29.0271 4836  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         G:\Windows\System32\drivers\usbehci.sys
17:28:29.0273 4836  usbehci - ok
17:28:29.0280 4836  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          G:\Windows\System32\drivers\usbhub.sys
17:28:29.0285 4836  usbhub - ok
17:28:29.0292 4836  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         G:\Windows\System32\drivers\UsbHub3.sys
17:28:29.0296 4836  USBHUB3 - ok
17:28:29.0300 4836  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         G:\Windows\System32\drivers\usbohci.sys
17:28:29.0301 4836  usbohci - ok
17:28:29.0304 4836  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        G:\Windows\System32\drivers\usbprint.sys
17:28:29.0305 4836  usbprint - ok
17:28:29.0308 4836  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         G:\Windows\System32\drivers\usbscan.sys
17:28:29.0309 4836  usbscan - ok
17:28:29.0312 4836  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         G:\Windows\System32\drivers\USBSTOR.SYS
17:28:29.0314 4836  USBSTOR - ok
17:28:29.0318 4836  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         G:\Windows\System32\drivers\usbuhci.sys
17:28:29.0318 4836  usbuhci - ok
17:28:29.0323 4836  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        G:\Windows\System32\Drivers\usbvideo.sys
17:28:29.0333 4836  usbvideo - ok
17:28:29.0347 4836  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         G:\Windows\System32\drivers\USBXHCI.SYS
17:28:29.0351 4836  USBXHCI - ok
17:28:29.0354 4836  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        G:\Windows\system32\lsass.exe
17:28:29.0355 4836  VaultSvc - ok
17:28:29.0358 4836  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        G:\Windows\system32\drivers\vdrvroot.sys
17:28:29.0359 4836  vdrvroot - ok
17:28:29.0367 4836  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             G:\Windows\System32\vds.exe
17:28:29.0373 4836  vds - ok
17:28:29.0377 4836  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     G:\Windows\system32\drivers\VerifierExt.sys
17:28:29.0379 4836  VerifierExt - ok
17:28:29.0386 4836  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           G:\Windows\System32\drivers\vhdmp.sys
17:28:29.0391 4836  vhdmp - ok
17:28:29.0394 4836  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          G:\Windows\system32\drivers\viaide.sys
17:28:29.0395 4836  viaide - ok
17:28:29.0402 4836  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             G:\Windows\System32\drivers\Vid.sys
17:28:29.0404 4836  Vid - ok
17:28:29.0408 4836  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           G:\Windows\system32\drivers\vmbus.sys
17:28:29.0410 4836  vmbus - ok
17:28:29.0414 4836  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        G:\Windows\System32\drivers\VMBusHID.sys
17:28:29.0414 4836  VMBusHID - ok
17:28:29.0418 4836  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          G:\Windows\System32\drivers\vmbusr.sys
17:28:29.0420 4836  vmbusr - ok
17:28:29.0425 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   G:\Windows\System32\ICSvc.dll
17:28:29.0428 4836  vmicheartbeat - ok
17:28:29.0433 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange G:\Windows\System32\ICSvc.dll
17:28:29.0435 4836  vmickvpexchange - ok
17:28:29.0439 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         G:\Windows\System32\ICSvc.dll
17:28:29.0442 4836  vmicrdv - ok
17:28:29.0447 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    G:\Windows\System32\ICSvc.dll
17:28:29.0449 4836  vmicshutdown - ok
17:28:29.0453 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    G:\Windows\System32\ICSvc.dll
17:28:29.0455 4836  vmictimesync - ok
17:28:29.0460 4836  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         G:\Windows\System32\ICSvc.dll
17:28:29.0462 4836  vmicvss - ok
17:28:29.0465 4836  VMSMP - ok
17:28:29.0468 4836  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          G:\Windows\system32\drivers\volmgr.sys
17:28:29.0470 4836  volmgr - ok
17:28:29.0476 4836  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         G:\Windows\system32\drivers\volmgrx.sys
17:28:29.0480 4836  volmgrx - ok
17:28:29.0486 4836  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         G:\Windows\system32\drivers\volsnap.sys
17:28:29.0489 4836  volsnap - ok
17:28:29.0493 4836  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            G:\Windows\System32\drivers\vpci.sys
17:28:29.0494 4836  vpci - ok
17:28:29.0497 4836  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         G:\Windows\System32\drivers\vpcivsp.sys
17:28:29.0497 4836  vpcivsp - ok
17:28:29.0501 4836  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         G:\Windows\system32\drivers\vsmraid.sys
17:28:29.0504 4836  vsmraid - ok
17:28:29.0520 4836  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             G:\Windows\system32\vssvc.exe
17:28:29.0532 4836  VSS - ok
17:28:29.0538 4836  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        G:\Windows\system32\drivers\vstxraid.sys
17:28:29.0542 4836  VSTXRAID - ok
17:28:29.0545 4836  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        G:\Windows\System32\drivers\vwifibus.sys
17:28:29.0546 4836  vwifibus - ok
17:28:29.0552 4836  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         G:\Windows\system32\w32time.dll
17:28:29.0557 4836  W32Time - ok
17:28:29.0560 4836  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        G:\Windows\System32\drivers\wacompen.sys
17:28:29.0561 4836  WacomPen - ok
17:28:29.0564 4836  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          G:\Windows\system32\DRIVERS\wanarp.sys
17:28:29.0566 4836  Wanarp - ok
17:28:29.0569 4836  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        G:\Windows\system32\DRIVERS\wanarp.sys
17:28:29.0569 4836  Wanarpv6 - ok
17:28:29.0586 4836  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        G:\Windows\system32\wbengine.exe
17:28:29.0599 4836  wbengine - ok
17:28:29.0605 4836  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        G:\Windows\System32\wbiosrvc.dll
17:28:29.0609 4836  WbioSrvc - ok
17:28:29.0614 4836  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          G:\Windows\System32\wcmsvc.dll
17:28:29.0616 4836  Wcmsvc - ok
17:28:29.0624 4836  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         G:\Windows\System32\wcncsvc.dll
17:28:29.0628 4836  wcncsvc - ok
17:28:29.0631 4836  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService G:\Windows\System32\WcsPlugInService.dll
17:28:29.0633 4836  WcsPlugInService - ok
17:28:29.0636 4836  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              G:\Windows\system32\drivers\wd.sys
17:28:29.0636 4836  Wd - ok
17:28:29.0639 4836  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          G:\Windows\system32\drivers\WdBoot.sys
17:28:29.0640 4836  WdBoot - ok
17:28:29.0643 4836  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         G:\Windows\System32\drivers\wdcsam64.sys
17:28:29.0645 4836  WDC_SAM - ok
17:28:29.0654 4836  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        G:\Windows\system32\drivers\Wdf01000.sys
17:28:29.0660 4836  Wdf01000 - ok
17:28:29.0665 4836  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        G:\Windows\system32\drivers\WdFilter.sys
17:28:29.0668 4836  WdFilter - ok
17:28:29.0671 4836  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  G:\Windows\system32\wdi.dll
17:28:29.0673 4836  WdiServiceHost - ok
17:28:29.0676 4836  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   G:\Windows\system32\wdi.dll
17:28:29.0678 4836  WdiSystemHost - ok
17:28:29.0684 4836  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       G:\Windows\System32\webclnt.dll
17:28:29.0687 4836  WebClient - ok
17:28:29.0692 4836  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          G:\Windows\system32\wecsvc.dll
17:28:29.0694 4836  Wecsvc - ok
17:28:29.0698 4836  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   G:\Windows\System32\wercplsupport.dll
17:28:29.0700 4836  wercplsupport - ok
17:28:29.0704 4836  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          G:\Windows\System32\WerSvc.dll
17:28:29.0706 4836  WerSvc - ok
17:28:29.0709 4836  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         G:\Windows\system32\DRIVERS\wfplwfs.sys
17:28:29.0711 4836  WFPLWFS - ok
17:28:29.0714 4836  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          G:\Windows\System32\wiarpc.dll
17:28:29.0716 4836  WiaRpc - ok
17:28:29.0719 4836  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        G:\Windows\system32\drivers\wimmount.sys
17:28:29.0720 4836  WIMMount - ok
17:28:29.0722 4836  WinDefend - ok
17:28:29.0734 4836  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc G:\Windows\system32\winhttp.dll
17:28:29.0740 4836  WinHttpAutoProxySvc - ok
17:28:29.0749 4836  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         G:\Windows\system32\wbem\WMIsvc.dll
17:28:29.0752 4836  Winmgmt - ok
17:28:29.0780 4836  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           G:\Windows\system32\WsmSvc.dll
17:28:29.0803 4836  WinRM - ok
17:28:29.0808 4836  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          G:\Windows\system32\DRIVERS\WinUsb.sys
17:28:29.0809 4836  WinUsb - ok
17:28:29.0824 4836  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         G:\Windows\System32\wlansvc.dll
17:28:29.0836 4836  WlanSvc - ok
17:28:29.0855 4836  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         G:\Windows\system32\wlidsvc.dll
17:28:29.0870 4836  wlidsvc - ok
17:28:29.0882 4836  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         G:\Windows\System32\drivers\wmiacpi.sys
17:28:29.0883 4836  WmiAcpi - ok
17:28:29.0895 4836  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        G:\Windows\system32\wbem\WmiApSrv.exe
17:28:29.0896 4836  wmiApSrv - ok
17:28:29.0899 4836  WMPNetworkSvc - ok
17:28:29.0903 4836  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         G:\Windows\system32\DRIVERS\wpcfltr.sys
17:28:29.0904 4836  wpcfltr - ok
17:28:29.0907 4836  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          G:\Windows\System32\wpcsvc.dll
17:28:29.0909 4836  WPCSvc - ok
17:28:29.0912 4836  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      G:\Windows\system32\wpdbusenum.dll
17:28:29.0914 4836  WPDBusEnum - ok
17:28:29.0917 4836  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       G:\Windows\system32\drivers\WpdUpFltr.sys
17:28:29.0917 4836  WpdUpFltr - ok
17:28:29.0920 4836  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         G:\Windows\system32\drivers\ws2ifsl.sys
17:28:29.0920 4836  ws2ifsl - ok
17:28:29.0924 4836  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          G:\Windows\system32\wscsvc.dll
17:28:29.0926 4836  wscsvc - ok
17:28:29.0929 4836  WSearch - ok
17:28:29.0964 4836  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       G:\Windows\System32\WSService.dll
17:28:29.0984 4836  WSService - ok
17:28:30.0038 4836  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        G:\Windows\system32\wuaueng.dll
17:28:30.0072 4836  wuauserv - ok
17:28:30.0076 4836  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          G:\Windows\system32\drivers\WudfPf.sys
17:28:30.0078 4836  WudfPf - ok
17:28:30.0082 4836  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    G:\Windows\system32\DRIVERS\WUDFRd.sys
17:28:30.0084 4836  WUDFSensorLP - ok
17:28:30.0087 4836  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         G:\Windows\System32\WUDFSvc.dll
17:28:30.0089 4836  wudfsvc - ok
17:28:30.0094 4836  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       G:\Windows\system32\DRIVERS\WUDFRd.sys
17:28:30.0095 4836  WUDFWpdFs - ok
17:28:30.0098 4836  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      G:\Windows\system32\DRIVERS\WUDFRd.sys
17:28:30.0099 4836  WUDFWpdMtp - ok
17:28:30.0106 4836  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         G:\Windows\System32\wwansvc.dll
17:28:30.0110 4836  WwanSvc - ok
17:28:30.0119 4836  ================ Scan global ===============================
17:28:30.0123 4836  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] G:\Windows\system32\basesrv.dll
17:28:30.0128 4836  [ E9343076AE704D20BB0D01F3AF3EFFEF ] G:\Windows\system32\winsrv.dll
17:28:30.0132 4836  [ BD7C6949984D19AAA609896B675E7357 ] G:\Windows\system32\sxssrv.dll
17:28:30.0139 4836  [ 8F226143046435C75C033B0C52E90FFE ] G:\Windows\system32\services.exe
17:28:30.0143 4836  [Global] - ok
17:28:30.0144 4836  ================ Scan MBR ==================================
17:28:30.0146 4836  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:28:30.0439 4836  \Device\Harddisk0\DR0 - ok
17:28:30.0442 4836  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:28:30.0527 4836  \Device\Harddisk1\DR1 - ok
17:28:30.0530 4836  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:28:30.0626 4836  \Device\Harddisk2\DR2 - ok
17:28:30.0626 4836  ================ Scan VBR ==================================
17:28:30.0628 4836  [ AC0F563F5128A1B890F3D99FBAC69FA1 ] \Device\Harddisk0\DR0\Partition1
17:28:30.0630 4836  \Device\Harddisk0\DR0\Partition1 - ok
17:28:30.0632 4836  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
17:28:30.0632 4836  \Device\Harddisk1\DR1\Partition1 - ok
17:28:30.0634 4836  [ 3B26A6C99B717D6EDCEAA4383061C91A ] \Device\Harddisk1\DR1\Partition2
17:28:30.0635 4836  \Device\Harddisk1\DR1\Partition2 - ok
17:28:30.0638 4836  [ 5BD9ECBED2768F0C43388498E3645A8B ] \Device\Harddisk2\DR2\Partition1
17:28:30.0639 4836  \Device\Harddisk2\DR2\Partition1 - ok
17:28:30.0640 4836  ============================================================
17:28:30.0640 4836  Scan finished
17:28:30.0640 4836  ============================================================
17:28:30.0645 4040  Detected object count: 0
17:28:30.0645 4040  Actual detected object count: 0
17:28:44.0220 2016  Deinitialize success

Eset to follow when it has finished.



#4 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 03 August 2013 - 10:43 AM

eset results:

 

G:\Program Files\JDownloader 2\toolbar.exe    Win32/Toolbar.Conduit application
G:\Program Files (x86)\Adobe\Acrobat 11.0\adobe.acrobat.xi.pro.patch-MPT.exe    a variant of Win32/HackTool.Patcher.T application
G:\Program Files (x86)\The Elder Scrolls V Skyrim\steam_api.dll    a variant of Win32/Packed.VMProtect.AAH trojan
G:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip    Win32/Bagle.gen.zip worm
G:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip    Win32/Bagle.gen.zip worm
G:\Users\Toby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AM2JB5A5\bi_downloader[1].exe    Win32/Somoto.A application
G:\Users\Toby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2LLI1JU\BiTool[1].dll    Win32/Somoto.B application
G:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip    Win32/Bagle.gen.zip worm

 



#5 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 AM

Posted 03 August 2013 - 10:56 AM

== Remove the files ESET has found ==

 

  • Copy all text in the code box (below)...to Notepad.
    @echo off
    del /f /s /q "G:\Program Files\JDownloader 2\toolbar.exe"
    del /f /s /q "G:\Program Files (x86)\Adobe\Acrobat 11.0\adobe.acrobat.xi.pro.patch-MPT.exe"
    del /f /s /q "G:\Program Files (x86)\The Elder Scrolls V Skyrim\steam_api.dll"
    del /f /s /q "G:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip"
    del /f /s /q "G:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip" 
    del /f /s /q "G:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip" 
    del %0

     

     

     

  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: batfileicon.gif<--XPvista_bat_icon.png<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

========================

 

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


Edited by GodfatherKing, 03 August 2013 - 10:57 AM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#6 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 03 August 2013 - 09:23 PM

Files deleted & here is the log from Security Check:

 

 Results of screen317's Security Check version 0.99.71  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Companion 2.4.8.5   
 Java 7 Update 25  
 Adobe Flash Player     11.8.800.94  
 Mozilla Firefox (22.0)
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Spybot Teatimer.exe is disabled!
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive G:  %
````````````````````End of Log``````````````````````

 



#7 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 03 August 2013 - 11:18 PM

Also - when I installed Avira it suggested uninstalling MalwareBytes anti-malware. Is this OK? Thanks.



#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 AM

Posted 04 August 2013 - 02:13 AM

"Yes there are a few vendors that do force you to remove ANY other security software not just MBAM before they will allow you to install their software. Once you've installed their software you can then go ahead and install MBAM and setup exclusions to allow both programs to work together. "

 

Source: http://forums.malwarebytes.org/index.php?showtopic=124352


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 05 August 2013 - 03:11 AM

OK thanks. Is it necessary to reinstall MBAM with avira? I'm wondering - everything seems OK now on my PC, but I still can't reactivate windows defender. Should I be at all worried about this?

Cheers



#10 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 AM

Posted 05 August 2013 - 03:34 AM

Yes I would install/keep MBAM, it's very good program.

In Windows 8, Windows Defender is integrated as AV (Windows Defender and Windows SmartScreen are built into Windows 8 and Windows RT and help guard your PC against viruses, spyware, and other malicious software in real time.)

 

But if you choice for Avira, Avira will deactive Windows Defender in Windows 8. Because 2 AV's running is not a good idea.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#11 mackerman

mackerman
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 05 August 2013 - 06:18 AM

Thanks. Is there anything else I need to do to my PC do you think? I still can't deactivate avira and run defender - which was the original problem.

CHeers



#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 AM

Posted 05 August 2013 - 02:32 PM

Yes, I would remove Spybot - Search & Destroy, MBAM is good replacement for it.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users