Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Growing potential Ddos hack / Chrome-navigation-error Redirect


  • Please log in to reply
3 replies to this topic

#1 Swirly

Swirly

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:29 PM

Posted 16 February 2014 - 07:05 PM

A few days ago my chrome browser was redirected to http:// "chrome-navigation-error (.) info. [Do not click that domain]

It appeared at first to be a Google error notice.

When it happened again I checked the whois ownership information and also where the domain was hosted.

It was under Godaddy for domain registrar and had privacy turned on.

Hosted by Amazon AWS.

Both of these are know to host malware creators.

 

 

I played around with different fixes from other posts I viewed here on Bleeping Computer.

I actually found other old malware/viruses and a trojan and removed those with the help of

Malwarebytes Anti-Malware program, TDSSKiller.

 

But still didn't change redirect problem.

I then viewed the source code on the offending domain.

It appeared to be trying to force the install of an known extension.

 

This really raised my hackles and I started to look around for other people with same problem.

 

I found a thread on reddit with many people experiencing same problem.

I followed some tips (like blocking offending domain in host file) 

Even with blocking both 0.0.0.0  "chrome-navigation-error (.) info

and 127.0.0.1 etc, nothing stopped it. (restarted pc over and over, flushed DNS, nothing changed)

 

I then ran  Netstat and a bunch of commands and found  chrome-navigation-error (.) info was connecting via mDNSResponder (Bonjour) 

 

I removed all apple services and restarted computer. Finally netstat stopped showing chrome-navigation-error (.) info.

 

I do have some other strange connections and am wondering if I still have whatever this fiendish thing is on my pc.

 

This is my first post here, so I don't know if I can post links.

If so , please check out the thread on Reddit with many concerned people trying frantically to figure out what this is.

http://www.reddit.com/r/chrome/comments/1xgwcc/how_do_i_remove_chrome_malware_from_a_mac/?sort=new

 

I am running Windows 8, have Chrome and Firefox.
 
Thank you.   :bowdown:


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:29 PM

Posted 16 February 2014 - 08:06 PM

What were were doing when this happened?

When I clicked on that domain, I get nothing but a white page with about:blank in the url bar.

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Edited by cryptodan, 16 February 2014 - 08:08 PM.


#3 Swirly

Swirly
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:29 PM

Posted 16 February 2014 - 09:31 PM

Hi, thanks for your help.

 

Gah! You clicked the link ? But I imagine you are protected against everything. 

 

Each time that the Google browser window was redirected, I was right clicking on links. (To very popular sites, paypal, youtube, financial sites)

 

 

So on the Reddit thread I referenced, a user is claiming that he has figured out what is impacting so many users plus me.

It doesn't make much sense to me.

 

Here is what he wrote:

http://www.reddit.com/r/chrome/comments/1xgwcc/how_do_i_remove_chrome_malware_from_a_mac/cfh147x

 

"

]Deteriorate 3 points

 

2 hours

 ago

*

I can say with absolute confidence that I have discovered exactly what is happening here.

This is a large-scale botnet operation. Yes, that's right. I was running TCPView and discovered many instances of [System Process] running, each connected to a different residential IP address, each belonging to an internet user, other infected machines in this botnet. Several minutes later, more instances appeared, sending/receiving large volumes of data. Mind you, this is with literally nothing running on the system. I also checked my system with Autoruns, but there's nothing to really point out -- everything looks clean.

I also noticed a connection to onlinehome-server.info -- a well known domain used in spreading malware.

How did this occur? It's unknown right now, but here's a similar case, involving this very domain:http://www.forumpostersunion.com/showthread.php?t=8214

Now, keep in mind that activity like this will come and go, running in intervals. And usually new victims won't see activity like this until they're added to the "hive" by the operator of the botnet.

Edit: onlinehome-server.info was also used to distribute malware in a 2011 "Twitter worm" attack --http://isc.sans.edu/diary/Possible+new+Twitter+worm/10297

Edit #2: Something else, this attack could have a multitude of goals -- bolstering a botnet being one of them.

Edit #3: I'm running Windows 8.1 x64 "

 

I ran Farbar, adwcleaner and TDSSKiller last night

 

04:27:20.0577 2636  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
04:27:20.0577 2636  UEFI system
04:27:51.0568 2636  ============================================================
04:27:51.0568 2636  Current date / time: 2014/02/15 04:27:51.0568
04:27:51.0568 2636  SystemInfo:
04:27:51.0568 2636  
04:27:51.0568 2636  OS Version: 6.2.9200 ServicePack: 0.0
04:27:51.0568 2636  Product type: Workstation
04:27:51.0568 2636  ComputerName: Wxxx
04:27:51.0569 2636  UserName: Glixxxxxxxxx
04:27:51.0569 2636  Windows directory: C:\windows
04:27:51.0569 2636  System windows directory: C:\windows
04:27:51.0569 2636  Running under WOW64
04:27:51.0569 2636  Processor architecture: Intel x64
04:27:51.0569 2636  Number of processors: 2
04:27:51.0569 2636  Page size: 0x1000
04:27:51.0569 2636  Boot type: Normal boot
04:27:51.0569 2636  ============================================================
04:27:53.0343 2636  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:27:53.0369 2636  ============================================================
04:27:53.0369 2636  \Device\Harddisk0\DR0:
04:27:53.0370 2636  GPT partitions:
04:27:53.0371 2636  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {32050E50-76EA-4EBF-8E61-ECA3C55FCF56}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
04:27:53.0371 2636  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {106150D4-D652-4B7F-AEB9-7F7AB2463861}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
04:27:53.0371 2636  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {85E9ECDC-195C-489A-9C72-24359E0D3DB2}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
04:27:53.0371 2636  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D26FCEC5-7645-40AC-935A-55E1E924E27F}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x3718D000
04:27:53.0372 2636  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C77004FD-43ED-4DD3-8A1E-E0214CF097AB}, Name: Basic data partition, StartLBA 0x3735D800, BlocksNum 0x2E28800
04:27:53.0372 2636  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {35CDBA89-734F-4EC9-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186000, BlocksNum 0x200000
04:27:53.0372 2636  MBR partitions:
04:27:53.0372 2636  ============================================================
04:27:53.0402 2636  C: <-> \Device\Harddisk0\DR0\Partition4
04:27:53.0402 2636  ============================================================
04:27:53.0402 2636  Initialize success
04:27:53.0402 2636  ============================================================
04:28:04.0444 2416  ============================================================
04:28:04.0444 2416  Scan started
04:28:04.0444 2416  Mode: Manual; 
04:28:04.0444 2416  ============================================================
04:28:10.0714 2416  ================ Scan system memory ========================
04:28:10.0714 2416  System memory - ok
04:28:10.0715 2416  ================ Scan services =============================
04:28:11.0028 2416  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
04:28:11.0032 2416  1394ohci - ok
04:28:11.0043 2416  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
04:28:11.0046 2416  3ware - ok
04:28:11.0066 2416  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
04:28:11.0072 2416  ACPI - ok
04:28:11.0080 2416  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
04:28:11.0083 2416  acpiex - ok
04:28:11.0104 2416  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
04:28:11.0106 2416  acpipagr - ok
04:28:11.0114 2416  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
04:28:11.0116 2416  AcpiPmi - ok
04:28:11.0123 2416  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
04:28:11.0125 2416  acpitime - ok
04:28:11.0241 2416  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
04:28:11.0244 2416  AdobeARMservice - ok
04:28:11.0283 2416  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
04:28:11.0292 2416  adp94xx - ok
04:28:11.0332 2416  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
04:28:11.0337 2416  adpahci - ok
04:28:11.0347 2416  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
04:28:11.0350 2416  adpu320 - ok
04:28:11.0382 2416  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
04:28:11.0385 2416  AeLookupSvc - ok
04:28:11.0447 2416  [ 7C0E0EDF18D6CC565D7BFBB451709FA5 ] AFD             C:\windows\system32\drivers\afd.sys
04:28:11.0455 2416  AFD - ok
04:28:11.0478 2416  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
04:28:11.0481 2416  agp440 - ok
04:28:11.0510 2416  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
04:28:11.0512 2416  ALG - ok
04:28:11.0545 2416  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
04:28:11.0549 2416  AllUserInstallAgent - ok
04:28:11.0598 2416  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
04:28:11.0602 2416  AMD External Events Utility - ok
04:28:11.0646 2416  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
04:28:11.0649 2416  AmdK8 - ok
04:28:11.0879 2416  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
04:28:12.0053 2416  amdkmdag - ok
04:28:12.0090 2416  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
04:28:12.0097 2416  amdkmdap - ok
04:28:12.0132 2416  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
04:28:12.0134 2416  AmdPPM - ok
04:28:12.0175 2416  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
04:28:12.0176 2416  amdsata - ok
04:28:12.0199 2416  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
04:28:12.0203 2416  amdsbs - ok
04:28:12.0218 2416  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
04:28:12.0220 2416  amdxata - ok
04:28:12.0285 2416  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
04:28:12.0287 2416  AppID - ok
04:28:12.0330 2416  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
04:28:12.0333 2416  AppIDSvc - ok
04:28:12.0359 2416  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
04:28:12.0361 2416  Appinfo - ok
04:28:12.0438 2416  [ F518545E5B7623AD49ABE7F8776EFA46 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:28:12.0441 2416  Apple Mobile Device - ok
04:28:12.0451 2416  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
04:28:12.0454 2416  arc - ok
04:28:12.0472 2416  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
04:28:12.0474 2416  arcsas - ok
04:28:12.0482 2416  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
04:28:12.0484 2416  AsyncMac - ok
04:28:12.0670 2416  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
04:28:12.0672 2416  atapi - ok
04:28:12.0734 2416  [ 51B7849747A0582096A41A366454E88E ] AtherosSvc      C:\windows\system32\AdminService.exe
04:28:12.0738 2416  AtherosSvc - ok
04:28:12.0832 2416  [ F17ABC4AA1FE4989E812858261414FE5 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
04:28:12.0873 2416  athr - ok
04:28:12.0960 2416  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
04:28:12.0963 2416  AudioEndpointBuilder - ok
04:28:13.0016 2416  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\windows\System32\Audiosrv.dll
04:28:13.0025 2416  Audiosrv - ok
04:28:13.0054 2416  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
04:28:13.0058 2416  AxInstSV - ok
04:28:13.0102 2416  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
04:28:13.0108 2416  b06bdrv - ok
04:28:13.0129 2416  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
04:28:13.0131 2416  BasicDisplay - ok
04:28:13.0142 2416  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
04:28:13.0144 2416  BasicRender - ok
04:28:13.0187 2416  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\windows\System32\bdesvc.dll
04:28:13.0191 2416  BDESVC - ok
04:28:13.0255 2416  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
04:28:13.0256 2416  Beep - ok
04:28:13.0346 2416  [ 53AA55632B94622F2DC3695E86EF9363 ] BFE             C:\windows\System32\bfe.dll
04:28:13.0356 2416  BFE - ok
04:28:13.0400 2416  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
04:28:13.0412 2416  BITS - ok
04:28:13.0524 2416  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:28:13.0530 2416  Bonjour Service - ok
04:28:13.0564 2416  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
04:28:13.0566 2416  bowser - ok
04:28:13.0605 2416  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
04:28:13.0608 2416  BrokerInfrastructure - ok
04:28:13.0645 2416  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
04:28:13.0648 2416  Browser - ok
04:28:13.0677 2416  [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
04:28:13.0684 2416  BtFilter - ok
04:28:13.0718 2416  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
04:28:13.0721 2416  BthAvrcpTg - ok
04:28:13.0747 2416  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
04:28:13.0749 2416  BthEnum - ok
04:28:13.0795 2416  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
04:28:13.0813 2416  BthHFEnum - ok
04:28:13.0840 2416  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
04:28:13.0842 2416  bthhfhid - ok
04:28:13.0880 2416  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
04:28:13.0886 2416  BthLEEnum - ok
04:28:13.0932 2416  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
04:28:13.0934 2416  BTHMODEM - ok
04:28:13.0965 2416  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
04:28:13.0967 2416  BthPan - ok
04:28:14.0053 2416  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
04:28:14.0073 2416  BTHPORT - ok
04:28:14.0101 2416  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
04:28:14.0104 2416  bthserv - ok
04:28:14.0118 2416  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
04:28:14.0120 2416  BTHUSB - ok
04:28:14.0134 2416  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
04:28:14.0137 2416  cdfs - ok
04:28:14.0146 2416  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
04:28:14.0149 2416  cdrom - ok
04:28:14.0190 2416  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
04:28:14.0195 2416  CertPropSvc - ok
04:28:14.0215 2416  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
04:28:14.0217 2416  circlass - ok
04:28:14.0248 2416  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
04:28:14.0254 2416  CLFS - ok
04:28:14.0273 2416  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
04:28:14.0274 2416  CmBatt - ok
04:28:14.0316 2416  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\windows\system32\Drivers\cng.sys
04:28:14.0323 2416  CNG - ok
04:28:14.0334 2416  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
04:28:14.0335 2416  CompositeBus - ok
04:28:14.0342 2416  COMSysApp - ok
04:28:14.0358 2416  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
04:28:14.0360 2416  condrv - ok
04:28:14.0394 2416  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\windows\system32\cryptsvc.dll
04:28:14.0396 2416  CryptSvc - ok
04:28:14.0425 2416  [ FAEF4C245BE832DB41B15DAAC336AFB7 ] dam             C:\windows\system32\drivers\dam.sys
04:28:14.0426 2416  dam - ok
04:28:14.0479 2416  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
04:28:14.0490 2416  DcomLaunch - ok
04:28:14.0533 2416  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
04:28:14.0539 2416  defragsvc - ok
04:28:14.0570 2416  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
04:28:14.0576 2416  DeviceAssociationService - ok
04:28:14.0619 2416  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
04:28:14.0624 2416  DeviceInstall - ok
04:28:14.0659 2416  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
04:28:14.0662 2416  Dfsc - ok
04:28:14.0712 2416  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\windows\system32\dhcpcore.dll
04:28:14.0717 2416  Dhcp - ok
04:28:14.0755 2416  [ 2816852764A682EECAA2B1CAA7978DC2 ] DIFMBUS         C:\windows\System32\drivers\DIFMBUS.sys
04:28:14.0758 2416  DIFMBUS - ok
04:28:14.0785 2416  [ EDB58F57059542241ACCF15FA56AF332 ] DIFMCDF         C:\windows\System32\drivers\DIFMCDF.sys
04:28:14.0788 2416  DIFMCDF - ok
04:28:14.0796 2416  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
04:28:14.0798 2416  discache - ok
04:28:14.0838 2416  [ AE3786294CC246A5403783E1B86A0168 ] disk            C:\windows\system32\drivers\disk.sys
04:28:14.0841 2416  disk - ok
04:28:14.0850 2416  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
04:28:14.0851 2416  dmvsc - ok
04:28:14.0887 2416  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
04:28:14.0891 2416  Dnscache - ok
04:28:14.0922 2416  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
04:28:14.0927 2416  dot3svc - ok
04:28:14.0960 2416  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
04:28:14.0964 2416  DPS - ok
04:28:15.0003 2416  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
04:28:15.0006 2416  drmkaud - ok
04:28:15.0036 2416  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
04:28:15.0041 2416  DsmSvc - ok
04:28:15.0107 2416  [ E6AF4DF1817953D73C519B17CF849756 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
04:28:15.0123 2416  DXGKrnl - ok
04:28:15.0163 2416  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
04:28:15.0167 2416  Eaphost - ok
04:28:15.0268 2416  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
04:28:15.0303 2416  ebdrv - ok
04:28:15.0328 2416  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
04:28:15.0331 2416  EFS - ok
04:28:15.0360 2416  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
04:28:15.0363 2416  EhStorClass - ok
04:28:15.0381 2416  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
04:28:15.0384 2416  EhStorTcgDrv - ok
04:28:15.0394 2416  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
04:28:15.0395 2416  ErrDev - ok
04:28:15.0453 2416  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
04:28:15.0461 2416  EventSystem - ok
04:28:15.0485 2416  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
04:28:15.0488 2416  exfat - ok
04:28:15.0498 2416  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
04:28:15.0501 2416  fastfat - ok
04:28:15.0531 2416  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
04:28:15.0541 2416  Fax - ok
04:28:15.0550 2416  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
04:28:15.0552 2416  fdc - ok
04:28:15.0578 2416  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
04:28:15.0581 2416  fdPHost - ok
04:28:15.0602 2416  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
04:28:15.0605 2416  FDResPub - ok
04:28:15.0629 2416  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
04:28:15.0633 2416  fhsvc - ok
04:28:15.0651 2416  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
04:28:15.0653 2416  FileInfo - ok
04:28:15.0667 2416  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
04:28:15.0668 2416  Filetrace - ok
04:28:15.0676 2416  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
04:28:15.0678 2416  flpydisk - ok
04:28:15.0703 2416  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
04:28:15.0708 2416  FltMgr - ok
04:28:15.0774 2416  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\windows\system32\FntCache.dll
04:28:15.0790 2416  FontCache - ok
04:28:15.0888 2416  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:28:15.0895 2416  FontCache3.0.0.0 - ok
04:28:15.0907 2416  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
04:28:15.0910 2416  FsDepends - ok
04:28:15.0940 2416  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
04:28:15.0942 2416  Fs_Rec - ok
04:28:16.0077 2416  [ C1646A95EAC515F60CDB2A7A8A013C1E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
04:28:16.0082 2416  fvevol - ok
04:28:16.0116 2416  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
04:28:16.0119 2416  FxPPM - ok
04:28:16.0142 2416  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
04:28:16.0144 2416  gagp30kx - ok
04:28:16.0174 2416  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
04:28:16.0176 2416  GEARAspiWDM - ok
04:28:16.0202 2416  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
04:28:16.0214 2416  gencounter - ok
04:28:16.0259 2416  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
04:28:16.0275 2416  GPIOClx0101 - ok
04:28:16.0334 2416  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
04:28:16.0351 2416  gpsvc - ok
04:28:16.0392 2416  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:28:16.0396 2416  gupdate - ok
04:28:16.0408 2416  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:28:16.0409 2416  gupdatem - ok
04:28:16.0457 2416  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
04:28:16.0461 2416  gusvc - ok
04:28:16.0505 2416  [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
04:28:16.0511 2416  HdAudAddService - ok
04:28:16.0678 2416  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
04:28:16.0681 2416  HDAudBus - ok
04:28:16.0712 2416  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
04:28:16.0714 2416  HidBatt - ok
04:28:16.0748 2416  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
04:28:16.0750 2416  HidBth - ok
04:28:16.0855 2416  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
04:28:16.0857 2416  hidi2c - ok
04:28:16.0871 2416  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
04:28:16.0874 2416  HidIr - ok
04:28:16.0910 2416  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
04:28:16.0913 2416  hidserv - ok
04:28:16.0946 2416  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
04:28:16.0948 2416  HidUsb - ok
04:28:16.0981 2416  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
04:28:16.0985 2416  hkmsvc - ok
04:28:17.0020 2416  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
04:28:17.0025 2416  HomeGroupListener - ok
04:28:17.0066 2416  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
04:28:17.0072 2416  HomeGroupProvider - ok
04:28:17.0081 2416  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
04:28:17.0083 2416  HpSAMD - ok
04:28:17.0138 2416  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
04:28:17.0148 2416  HTTP - ok
04:28:17.0161 2416  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
04:28:17.0164 2416  hwpolicy - ok
04:28:17.0182 2416  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
04:28:17.0183 2416  hyperkbd - ok
04:28:17.0190 2416  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
04:28:17.0192 2416  HyperVideo - ok
04:28:17.0212 2416  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
04:28:17.0215 2416  i8042prt - ok
04:28:17.0261 2416  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
04:28:17.0267 2416  iaStorV - ok
04:28:17.0278 2416  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
04:28:17.0280 2416  iirsp - ok
04:28:17.0334 2416  [ E455C83E029121270BED73CDAC381F37 ] IKEEXT          C:\windows\System32\ikeext.dll
04:28:17.0348 2416  IKEEXT - ok
04:28:17.0359 2416  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
04:28:17.0360 2416  intelide - ok
04:28:17.0383 2416  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\windows\System32\drivers\intelppm.sys
04:28:17.0386 2416  intelppm - ok
04:28:17.0395 2416  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
04:28:17.0398 2416  IpFilterDriver - ok
04:28:17.0438 2416  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
04:28:17.0449 2416  iphlpsvc - ok
04:28:17.0463 2416  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
04:28:17.0465 2416  IPMIDRV - ok
04:28:17.0473 2416  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
04:28:17.0476 2416  IPNAT - ok
04:28:17.0530 2416  [ F7ED08D4BC89D7AC6135C1556A89157F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
04:28:17.0538 2416  iPod Service - ok
04:28:17.0545 2416  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
04:28:17.0548 2416  IRENUM - ok
04:28:17.0556 2416  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
04:28:17.0558 2416  isapnp - ok
04:28:17.0599 2416  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
04:28:17.0604 2416  iScsiPrt - ok
04:28:17.0623 2416  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
04:28:17.0625 2416  kbdclass - ok
04:28:17.0640 2416  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
04:28:17.0643 2416  kbdhid - ok
04:28:17.0653 2416  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
04:28:17.0655 2416  kdnic - ok
04:28:17.0669 2416  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
04:28:17.0670 2416  KeyIso - ok
04:28:17.0679 2416  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
04:28:17.0681 2416  KSecDD - ok
04:28:17.0720 2416  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
04:28:17.0724 2416  KSecPkg - ok
04:28:17.0740 2416  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
04:28:17.0742 2416  ksthunk - ok
04:28:17.0793 2416  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
04:28:17.0800 2416  KtmRm - ok
04:28:17.0834 2416  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
04:28:17.0841 2416  LanmanServer - ok
04:28:17.0870 2416  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
04:28:17.0874 2416  LanmanWorkstation - ok
04:28:17.0891 2416  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
04:28:17.0892 2416  lltdio - ok
04:28:17.0921 2416  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
04:28:17.0927 2416  lltdsvc - ok
04:28:17.0950 2416  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
04:28:17.0953 2416  lmhosts - ok
04:28:18.0005 2416  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
04:28:18.0008 2416  LSI_SAS - ok
04:28:18.0015 2416  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
04:28:18.0018 2416  LSI_SAS2 - ok
04:28:18.0027 2416  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
04:28:18.0031 2416  LSI_SCSI - ok
04:28:18.0042 2416  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
04:28:18.0044 2416  LSI_SSS - ok
04:28:18.0082 2416  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
04:28:18.0089 2416  LSM - ok
04:28:18.0124 2416  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
04:28:18.0127 2416  luafv - ok
04:28:18.0159 2416  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
04:28:18.0161 2416  MBAMProtector - ok
04:28:18.0218 2416  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
04:28:18.0226 2416  MBAMScheduler - ok
04:28:18.0285 2416  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
04:28:18.0294 2416  MBAMService - ok
04:28:18.0348 2416  [ 968BFF74AEB683C962960ECE0CAE4135 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
04:28:18.0353 2416  McComponentHostService - ok
04:28:18.0411 2416  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
04:28:18.0413 2416  megasas - ok
04:28:18.0442 2416  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
04:28:18.0448 2416  MegaSR - ok
04:28:18.0482 2416  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
04:28:18.0485 2416  MMCSS - ok
04:28:18.0491 2416  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
04:28:18.0493 2416  Modem - ok
04:28:18.0517 2416  [ ECFDDEBFD613A849763EDDA3B1DF5FA7 ] ModernMix       C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
04:28:18.0519 2416  ModernMix - ok
04:28:18.0555 2416  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
04:28:18.0558 2416  monitor - ok
04:28:18.0581 2416  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
04:28:18.0583 2416  mouclass - ok
04:28:18.0601 2416  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
04:28:18.0603 2416  mouhid - ok
04:28:18.0617 2416  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
04:28:18.0619 2416  mountmgr - ok
04:28:18.0652 2416  [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
04:28:18.0656 2416  MozillaMaintenance - ok
04:28:18.0712 2416  [ 4CCBBD4944777CA100B9A6C2F149A46F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
04:28:18.0715 2416  mpsdrv - ok
04:28:18.0758 2416  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D ] MpsSvc          C:\windows\system32\mpssvc.dll
04:28:18.0770 2416  MpsSvc - ok
04:28:18.0790 2416  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
04:28:18.0794 2416  MRxDAV - ok
04:28:18.0829 2416  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
04:28:18.0834 2416  mrxsmb - ok
04:28:18.0844 2416  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
04:28:18.0848 2416  mrxsmb10 - ok
04:28:18.0871 2416  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
04:28:18.0876 2416  mrxsmb20 - ok
04:28:18.0896 2416  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
04:28:18.0899 2416  MsBridge - ok
04:28:18.0916 2416  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
04:28:18.0920 2416  MSDTC - ok
04:28:18.0941 2416  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
04:28:18.0942 2416  Msfs - ok
04:28:18.0978 2416  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
04:28:18.0980 2416  msgpiowin32 - ok
04:28:19.0004 2416  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
04:28:19.0006 2416  mshidkmdf - ok
04:28:19.0026 2416  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
04:28:19.0027 2416  mshidumdf - ok
04:28:19.0047 2416  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
04:28:19.0048 2416  msisadrv - ok
04:28:19.0087 2416  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
04:28:19.0091 2416  MSiSCSI - ok
04:28:19.0096 2416  msiserver - ok
04:28:19.0110 2416  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
04:28:19.0112 2416  MSKSSRV - ok
04:28:19.0120 2416  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
04:28:19.0123 2416  MsLldp - ok
04:28:19.0129 2416  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
04:28:19.0130 2416  MSPCLOCK - ok
04:28:19.0143 2416  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
04:28:19.0144 2416  MSPQM - ok
04:28:19.0156 2416  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
04:28:19.0162 2416  MsRPC - ok
04:28:19.0188 2416  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
04:28:19.0190 2416  mssmbios - ok
04:28:19.0206 2416  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
04:28:19.0208 2416  MSTEE - ok
04:28:19.0215 2416  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
04:28:19.0218 2416  MTConfig - ok
04:28:19.0226 2416  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
04:28:19.0228 2416  Mup - ok
04:28:19.0236 2416  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
04:28:19.0239 2416  mvumis - ok
04:28:19.0294 2416  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
04:28:19.0301 2416  napagent - ok
04:28:19.0347 2416  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
04:28:19.0353 2416  NativeWifiP - ok
04:28:19.0391 2416  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
04:28:19.0395 2416  NcaSvc - ok
04:28:19.0411 2416  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
04:28:19.0414 2416  NcdAutoSetup - ok
04:28:19.0473 2416  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\windows\system32\drivers\ndis.sys
04:28:19.0485 2416  NDIS - ok
04:28:19.0506 2416  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
04:28:19.0508 2416  NdisCap - ok
04:28:19.0515 2416  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
04:28:19.0518 2416  NdisImPlatform - ok
04:28:19.0533 2416  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
04:28:19.0534 2416  NdisTapi - ok
04:28:19.0543 2416  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
04:28:19.0545 2416  Ndisuio - ok
04:28:19.0578 2416  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
04:28:19.0582 2416  NdisWan - ok
04:28:19.0662 2416  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
04:28:19.0664 2416  NDISWANLEGACY - ok
04:28:19.0706 2416  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
04:28:19.0707 2416  NDProxy - ok
04:28:19.0716 2416  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
04:28:19.0718 2416  Ndu - ok
04:28:19.0727 2416  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
04:28:19.0729 2416  NetBIOS - ok
04:28:19.0764 2416  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
04:28:19.0769 2416  NetBT - ok
04:28:19.0788 2416  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
04:28:19.0790 2416  Netlogon - ok
04:28:19.0833 2416  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
04:28:19.0839 2416  Netman - ok
04:28:19.0872 2416  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\windows\System32\netprofmsvc.dll
04:28:19.0880 2416  netprofm - ok
04:28:19.0947 2416  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:28:19.0956 2416  NetTcpPortSharing - ok
04:28:19.0984 2416  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
04:28:19.0986 2416  nfrd960 - ok
04:28:20.0012 2416  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
04:28:20.0018 2416  NlaSvc - ok
04:28:20.0040 2416  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
04:28:20.0042 2416  Npfs - ok
04:28:20.0063 2416  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
04:28:20.0064 2416  npsvctrig - ok
04:28:20.0086 2416  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
04:28:20.0089 2416  nsi - ok
04:28:20.0096 2416  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
04:28:20.0097 2416  nsiproxy - ok
04:28:20.0252 2416  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
04:28:20.0275 2416  Ntfs - ok
04:28:20.0293 2416  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
04:28:20.0295 2416  Null - ok
04:28:20.0689 2416  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
04:28:21.0004 2416  nvlddmkm - ok
04:28:21.0029 2416  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
04:28:21.0031 2416  nvraid - ok
04:28:21.0055 2416  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
04:28:21.0059 2416  nvstor - ok
04:28:21.0067 2416  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
04:28:21.0070 2416  nv_agp - ok
04:28:21.0128 2416  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:28:21.0132 2416  ose - ok
04:28:21.0189 2416  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
04:28:21.0195 2416  p2pimsvc - ok
04:28:21.0219 2416  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
04:28:21.0227 2416  p2psvc - ok
04:28:21.0242 2416  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
04:28:21.0245 2416  Parport - ok
04:28:21.0288 2416  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
04:28:21.0291 2416  partmgr - ok
04:28:21.0339 2416  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
04:28:21.0346 2416  PcaSvc - ok
04:28:21.0368 2416  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
04:28:21.0373 2416  pci - ok
04:28:21.0392 2416  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
04:28:21.0394 2416  pciide - ok
04:28:21.0431 2416  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
04:28:21.0436 2416  pcmcia - ok
04:28:21.0445 2416  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
04:28:21.0447 2416  pcw - ok
04:28:21.0472 2416  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
04:28:21.0474 2416  pdc - ok
04:28:21.0532 2416  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
04:28:21.0541 2416  PEAUTH - ok
04:28:21.0721 2416  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
04:28:21.0797 2416  PerfHost - ok
04:28:21.0878 2416  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
04:28:21.0895 2416  pla - ok
04:28:21.0952 2416  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
04:28:21.0959 2416  PlugPlay - ok
04:28:21.0976 2416  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
04:28:21.0980 2416  PNRPAutoReg - ok
04:28:22.0020 2416  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
04:28:22.0024 2416  PNRPsvc - ok
04:28:22.0055 2416  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
04:28:22.0063 2416  PolicyAgent - ok
04:28:22.0074 2416  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
04:28:22.0078 2416  Power - ok
04:28:22.0126 2416  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
04:28:22.0139 2416  PptpMiniport - ok
04:28:22.0363 2416  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
04:28:24.0781 2416  PrintNotify - ok
04:28:25.0381 2416  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\windows\System32\drivers\processr.sys
04:28:25.0383 2416  Processor - ok
04:28:25.0579 2416  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
04:28:25.0622 2416  ProfSvc - ok
04:28:25.0691 2416  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
04:28:25.0695 2416  Psched - ok
04:28:25.0783 2416  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
04:28:25.0789 2416  QWAVE - ok
04:28:25.0919 2416  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
04:28:25.0921 2416  QWAVEdrv - ok
04:28:25.0964 2416  [ 194ED3C117525613E701FF257882303E ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
04:28:25.0966 2416  RadioHIDMini - ok
04:28:26.0000 2416  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
04:28:26.0002 2416  RasAcd - ok
04:28:26.0042 2416  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
04:28:26.0044 2416  RasAgileVpn - ok
04:28:26.0075 2416  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
04:28:26.0078 2416  RasAuto - ok
04:28:26.0128 2416  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
04:28:26.0140 2416  Rasl2tp - ok
04:28:26.0196 2416  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
04:28:26.0202 2416  RasMan - ok
04:28:26.0210 2416  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
04:28:26.0212 2416  RasPppoe - ok
04:28:26.0232 2416  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
04:28:26.0234 2416  RasSstp - ok
04:28:26.0291 2416  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
04:28:26.0830 2416  rdbss - ok
04:28:26.0863 2416  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
04:28:26.0866 2416  rdpbus - ok
04:28:26.0879 2416  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
04:28:26.0882 2416  RDPDR - ok
04:28:26.0922 2416  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
04:28:26.0925 2416  RdpVideoMiniport - ok
04:28:26.0936 2416  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
04:28:26.0940 2416  RDPWD - ok
04:28:26.0968 2416  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
04:28:26.0971 2416  rdyboost - ok
04:28:27.0019 2416  [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
04:28:27.0022 2416  RealNetworks Downloader Resolver Service - ok
04:28:27.0052 2416  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
04:28:27.0057 2416  RemoteAccess - ok
04:28:27.0112 2416  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
04:28:27.0117 2416  RemoteRegistry - ok
04:28:27.0157 2416  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
04:28:27.0160 2416  RFCOMM - ok
04:28:27.0191 2416  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
04:28:27.0195 2416  RpcEptMapper - ok
04:28:27.0239 2416  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
04:28:27.0242 2416  RpcLocator - ok
04:28:27.0281 2416  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
04:28:27.0289 2416  RpcSs - ok
04:28:27.0321 2416  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
04:28:27.0324 2416  rspndr - ok
04:28:27.0371 2416  [ 4E6F99CCF3F3149CEC2D576005FD3D15 ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
04:28:27.0377 2416  RSUSBVSTOR - ok
04:28:27.0427 2416  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
04:28:27.0460 2416  RTL8168 - ok
04:28:27.0507 2416  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
04:28:27.0508 2416  s3cap - ok
04:28:27.0542 2416  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
04:28:27.0544 2416  SamSs - ok
04:28:27.0578 2416  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
04:28:27.0580 2416  sbp2port - ok
04:28:27.0648 2416  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
04:28:27.0654 2416  SCardSvr - ok
04:28:27.0664 2416  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
04:28:27.0667 2416  scfilter - ok
04:28:27.0734 2416  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
04:28:27.0751 2416  Schedule - ok
04:28:27.0791 2416  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
04:28:27.0794 2416  SCPolicySvc - ok
04:28:27.0818 2416  [ F58B030A0664385C707B8C1C63682041 ] sdbus           C:\windows\System32\drivers\sdbus.sys
04:28:27.0822 2416  sdbus - ok
04:28:27.0850 2416  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
04:28:27.0855 2416  SDRSVC - ok
04:28:27.0880 2416  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\windows\System32\drivers\sdstor.sys
04:28:27.0882 2416  sdstor - ok
04:28:27.0896 2416  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
04:28:27.0899 2416  secdrv - ok
04:28:27.0936 2416  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
04:28:27.0939 2416  seclogon - ok
04:28:27.0966 2416  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
04:28:27.0969 2416  SENS - ok
04:28:27.0990 2416  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
04:28:27.0995 2416  SensrSvc - ok
04:28:28.0017 2416  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
04:28:28.0019 2416  SerCx - ok
04:28:28.0025 2416  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
04:28:28.0027 2416  Serenum - ok
04:28:28.0049 2416  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
04:28:28.0053 2416  Serial - ok
04:28:28.0063 2416  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
04:28:28.0065 2416  sermouse - ok
04:28:28.0122 2416  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
04:28:28.0129 2416  SessionEnv - ok
04:28:28.0137 2416  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
04:28:28.0140 2416  sfloppy - ok
04:28:28.0172 2416  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
04:28:28.0179 2416  SharedAccess - ok
04:28:28.0229 2416  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
04:28:28.0237 2416  ShellHWDetection - ok
04:28:28.0245 2416  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
04:28:28.0247 2416  SiSRaid2 - ok
04:28:28.0289 2416  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
04:28:28.0292 2416  SiSRaid4 - ok
04:28:28.0317 2416  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
04:28:28.0320 2416  SNMPTRAP - ok
04:28:28.0355 2416  [ 9110193D93960E38B8692E4519C75D72 ] spaceport       C:\windows\system32\drivers\spaceport.sys
04:28:28.0360 2416  spaceport - ok
04:28:28.0383 2416  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
04:28:28.0385 2416  SpbCx - ok
04:28:28.0436 2416  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
04:28:28.0451 2416  Spooler - ok
04:28:28.0617 2416  [ 061A977C920FBE4BF71FF47C966DDDCA ] sppsvc          C:\windows\system32\sppsvc.exe
04:28:28.0671 2416  sppsvc - ok
04:28:28.0694 2416  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
04:28:28.0699 2416  srv - ok
04:28:28.0746 2416  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
04:28:28.0753 2416  srv2 - ok
04:28:28.0770 2416  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
04:28:28.0775 2416  srvnet - ok
04:28:28.0819 2416  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
04:28:28.0825 2416  SSDPSRV - ok
04:28:28.0856 2416  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
04:28:28.0860 2416  SstpSvc - ok
04:28:28.0924 2416  [ 882E2063832AA21716D2C17F11BE4079 ] Start8          C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
04:28:28.0927 2416  Start8 - ok
04:28:28.0971 2416  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
04:28:28.0974 2416  stexstor - ok
04:28:29.0037 2416  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
04:28:29.0046 2416  stisvc - ok
04:28:29.0071 2416  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
04:28:29.0074 2416  storahci - ok
04:28:29.0094 2416  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
04:28:29.0096 2416  storflt - ok
04:28:29.0135 2416  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
04:28:29.0140 2416  StorSvc - ok
04:28:29.0164 2416  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
04:28:29.0167 2416  storvsc - ok
04:28:29.0182 2416  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
04:28:29.0185 2416  svsvc - ok
04:28:29.0200 2416  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
04:28:29.0202 2416  swenum - ok
04:28:29.0222 2416  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
04:28:29.0241 2416  swprv - ok
04:28:29.0310 2416  SWUpdateService - ok
04:28:29.0371 2416  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\windows\system32\sysmain.dll
04:28:29.0388 2416  SysMain - ok
04:28:29.0417 2416  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
04:28:29.0424 2416  SystemEventsBroker - ok
04:28:29.0454 2416  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
04:28:29.0458 2416  TabletInputService - ok
04:28:29.0496 2416  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
04:28:29.0503 2416  TapiSrv - ok
04:28:29.0610 2416  [ 37D85E873C9531A2F88DD9C63D3F8A9E ] Tcpip           C:\windows\system32\drivers\tcpip.sys
04:28:29.0635 2416  Tcpip - ok
04:28:29.0671 2416  [ 37D85E873C9531A2F88DD9C63D3F8A9E ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
04:28:29.0685 2416  TCPIP6 - ok
04:28:29.0717 2416  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
04:28:29.0720 2416  tcpipreg - ok
04:28:29.0747 2416  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
04:28:29.0750 2416  tdx - ok
04:28:29.0765 2416  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
04:28:29.0767 2416  terminpt - ok
04:28:29.0814 2416  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
04:28:29.0825 2416  TermService - ok
04:28:29.0847 2416  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
04:28:29.0850 2416  Themes - ok
04:28:29.0875 2416  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
04:28:29.0879 2416  THREADORDER - ok
04:28:29.0922 2416  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
04:28:29.0926 2416  TimeBroker - ok
04:28:30.0069 2416  [ 942E7D304E70630CFE4FC1EDDCFC1CDB ] TorchCrashHandler C:\Users\Glixxxxxxxxx\AppData\Local\Torch\Update\TorchCrashHandler.exe
04:28:30.0213 2416  TorchCrashHandler - ok
04:28:30.0246 2416  [ E94F7A7B48C7638D1F3F8089344C97B7 ] TPM             C:\windows\system32\drivers\tpm.sys
04:28:30.0249 2416  TPM - ok
04:28:30.0281 2416  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
04:28:30.0285 2416  TrkWks - ok
04:28:30.0340 2416  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
04:28:30.0344 2416  TrustedInstaller - ok
04:28:30.0380 2416  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
04:28:30.0383 2416  TsUsbFlt - ok
04:28:30.0389 2416  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
04:28:30.0392 2416  TsUsbGD - ok
04:28:30.0426 2416  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
04:28:30.0429 2416  tunnel - ok
04:28:30.0452 2416  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
04:28:30.0455 2416  uagp35 - ok
04:28:30.0463 2416  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
04:28:30.0465 2416  UASPStor - ok
04:28:30.0519 2416  [ 061BA3EE0D2BE17944990544008CF190 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
04:28:30.0524 2416  UCX01000 - ok
04:28:30.0557 2416  [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
04:28:30.0562 2416  udfs - ok
04:28:30.0584 2416  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
04:28:30.0587 2416  UI0Detect - ok
04:28:30.0605 2416  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
04:28:30.0608 2416  uliagpkx - ok
04:28:30.0615 2416  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
04:28:30.0617 2416  umbus - ok
04:28:30.0625 2416  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
04:28:30.0627 2416  UmPass - ok
04:28:30.0675 2416  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
04:28:30.0682 2416  UmRdpService - ok
04:28:30.0704 2416  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
04:28:30.0713 2416  upnphost - ok
04:28:30.0729 2416  [ C976C4306F9AE133D6BBD47FDFC3BF92 ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
04:28:30.0733 2416  usbccgp - ok
04:28:30.0757 2416  [ 427B6DB8C05A5A977E8C3525370A2595 ] usbcir          C:\windows\System32\drivers\usbcir.sys
04:28:30.0760 2416  usbcir - ok
04:28:30.0816 2416  [ B24FDEB1B18496F1B463782235AA3AF1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
04:28:30.0819 2416  usbehci - ok
04:28:30.0851 2416  [ F8C2A832DF9403F5EA8080CBDBDA95FB ] usbhub          C:\windows\System32\drivers\usbhub.sys
04:28:30.0859 2416  usbhub - ok
04:28:30.0900 2416  [ E5F7328B1D29BCE791862CD3C0DD382A ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
04:28:30.0907 2416  USBHUB3 - ok
04:28:30.0936 2416  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
04:28:30.0939 2416  usbohci - ok
04:28:30.0998 2416  [ 9FDBA6982582A6F2354144980F641E7B ] usbprint        C:\windows\System32\drivers\usbprint.sys
04:28:30.0999 2416  usbprint - ok
04:28:31.0037 2416  [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
04:28:31.0041 2416  USBSTOR - ok
04:28:31.0066 2416  [ 1ABF657259DB57F7E5558E4DF1357C0C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
04:28:31.0068 2416  usbuhci - ok
04:28:31.0095 2416  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
04:28:31.0099 2416  usbvideo - ok
04:28:31.0128 2416  [ 8DC398D7B8E02C929A2096E74A170970 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
04:28:31.0133 2416  USBXHCI - ok
04:28:31.0147 2416  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
04:28:31.0149 2416  VaultSvc - ok
04:28:31.0180 2416  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
04:28:31.0183 2416  vdrvroot - ok
04:28:31.0223 2416  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\windows\System32\vds.exe
04:28:31.0234 2416  vds - ok
04:28:31.0243 2416  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
04:28:31.0246 2416  VerifierExt - ok
04:28:31.0282 2416  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
04:28:31.0290 2416  vhdmp - ok
04:28:31.0307 2416  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
04:28:31.0309 2416  viaide - ok
04:28:31.0322 2416  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
04:28:31.0326 2416  vmbus - ok
04:28:31.0333 2416  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
04:28:31.0335 2416  VMBusHID - ok
04:28:31.0392 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
04:28:31.0399 2416  vmicheartbeat - ok
04:28:31.0409 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
04:28:31.0412 2416  vmickvpexchange - ok
04:28:31.0437 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
04:28:31.0441 2416  vmicrdv - ok
04:28:31.0457 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
04:28:31.0461 2416  vmicshutdown - ok
04:28:31.0469 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
04:28:31.0472 2416  vmictimesync - ok
04:28:31.0481 2416  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
04:28:31.0484 2416  vmicvss - ok
04:28:31.0561 2416  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
04:28:31.0582 2416  volmgr - ok
04:28:31.0632 2416  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
04:28:31.0638 2416  volmgrx - ok
04:28:31.0696 2416  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\windows\system32\drivers\volsnap.sys
04:28:31.0701 2416  volsnap - ok
04:28:31.0716 2416  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
04:28:31.0718 2416  vpci - ok
04:28:31.0726 2416  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
04:28:31.0729 2416  vsmraid - ok
04:28:31.0799 2416  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\windows\system32\vssvc.exe
04:28:31.0817 2416  VSS - ok
04:28:31.0837 2416  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
04:28:31.0843 2416  VSTXRAID - ok
04:28:31.0871 2416  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
04:28:31.0873 2416  vwifibus - ok
04:28:31.0886 2416  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
04:28:31.0888 2416  vwififlt - ok
04:28:31.0904 2416  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
04:28:31.0906 2416  vwifimp - ok
04:28:31.0973 2416  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
04:28:31.0981 2416  W32Time - ok
04:28:31.0993 2416  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
04:28:31.0995 2416  WacomPen - ok
04:28:32.0033 2416  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
04:28:32.0036 2416  Wanarp - ok
04:28:32.0041 2416  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
04:28:32.0042 2416  Wanarpv6 - ok
04:28:32.0097 2416  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
04:28:32.0116 2416  wbengine - ok
04:28:32.0137 2416  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
04:28:32.0145 2416  WbioSrvc - ok
04:28:32.0180 2416  [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
04:28:32.0186 2416  Wcmsvc - ok
04:28:32.0229 2416  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\windows\System32\wcncsvc.dll
04:28:32.0238 2416  wcncsvc - ok
04:28:32.0263 2416  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
04:28:32.0267 2416  WcsPlugInService - ok
04:28:32.0294 2416  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
04:28:32.0297 2416  Wd - ok
04:28:32.0326 2416  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
04:28:32.0328 2416  WdBoot - ok
04:28:32.0361 2416  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
04:28:32.0417 2416  Wdf01000 - ok
04:28:32.0434 2416  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
04:28:32.0439 2416  WdFilter - ok
04:28:32.0472 2416  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
04:28:32.0476 2416  WdiServiceHost - ok
04:28:32.0482 2416  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
04:28:32.0485 2416  WdiSystemHost - ok
04:28:32.0537 2416  [ 9B1384CE8E681D2D77BB3524B8E86311 ] WebClient       C:\windows\System32\webclnt.dll
04:28:32.0544 2416  WebClient - ok
04:28:32.0565 2416  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
04:28:32.0572 2416  Wecsvc - ok
04:28:32.0593 2416  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
04:28:32.0597 2416  wercplsupport - ok
04:28:32.0630 2416  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
04:28:32.0635 2416  WerSvc - ok
04:28:32.0663 2416  [ 44BB9C31E6242C4BD1CE7C2B440C2533 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
04:28:32.0666 2416  WFPLWFS - ok
04:28:32.0700 2416  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
04:28:32.0703 2416  WiaRpc - ok
04:28:32.0732 2416  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
04:28:32.0735 2416  WIMMount - ok
04:28:32.0769 2416  WinDefend - ok
04:28:32.0812 2416  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
04:28:32.0822 2416  WinHttpAutoProxySvc - ok
04:28:32.0889 2416  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
04:28:32.0897 2416  Winmgmt - ok
04:28:32.0980 2416  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
04:28:33.0012 2416  WinRM - ok
04:28:33.0064 2416  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
04:28:33.0067 2416  WinUsb - ok
04:28:33.0138 2416  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\windows\System32\wlansvc.dll
04:28:33.0157 2416  WlanSvc - ok
04:28:33.0234 2416  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
04:28:33.0257 2416  wlidsvc - ok
04:28:33.0282 2416  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
04:28:33.0283 2416  WmiAcpi - ok
04:28:33.0313 2416  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
04:28:33.0317 2416  wmiApSrv - ok
04:28:33.0345 2416  WMPNetworkSvc - ok
04:28:33.0367 2416  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
04:28:33.0370 2416  wpcfltr - ok
04:28:33.0401 2416  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
04:28:33.0404 2416  WPCSvc - ok
04:28:33.0427 2416  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
04:28:33.0431 2416  WPDBusEnum - ok
04:28:33.0438 2416  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
04:28:33.0440 2416  WpdUpFltr - ok
04:28:33.0448 2416  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
04:28:33.0451 2416  ws2ifsl - ok
04:28:33.0479 2416  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
04:28:33.0484 2416  wscsvc - ok
04:28:33.0494 2416  WSearch - ok
04:28:33.0637 2416  [ D4D04839F3DFAF09D94BAB1016F7A297 ] WSService       C:\windows\System32\WSService.dll
04:28:33.0680 2416  WSService - ok
04:28:33.0795 2416  [ 311E5E1976E0BD9110A88B93158055D5 ] wuauserv        C:\windows\system32\wuaueng.dll
04:28:33.0832 2416  wuauserv - ok
04:28:33.0857 2416  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
04:28:33.0859 2416  WudfPf - ok
04:28:33.0868 2416  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
04:28:33.0871 2416  WUDFRd - ok
04:28:33.0903 2416  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
04:28:33.0907 2416  wudfsvc - ok
04:28:33.0915 2416  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
04:28:33.0917 2416  WUDFWpdFs - ok
04:28:33.0924 2416  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
04:28:33.0926 2416  WUDFWpdMtp - ok
04:28:34.0003 2416  [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc         C:\windows\System32\wwansvc.dll
04:28:34.0012 2416  WwanSvc - ok
04:28:34.0032 2416  ================ Scan global ===============================
04:28:34.0071 2416  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
04:28:34.0097 2416  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
04:28:34.0180 2416  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
04:28:34.0307 2416  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
04:28:34.0314 2416  [Global] - ok
04:28:34.0315 2416  ================ Scan MBR ==================================
04:28:34.0324 2416  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
04:28:34.0333 2416  \Device\Harddisk0\DR0 - ok
04:28:34.0334 2416  ================ Scan VBR ==================================
04:28:34.0343 2416  [ 2EFF2C693DF9BBA85165B472EC33A75B ] \Device\Harddisk0\DR0\Partition1
04:28:34.0346 2416  \Device\Harddisk0\DR0\Partition1 - ok
04:28:34.0361 2416  [ BDDF6D989A64E27EF46E3D2D116D7E8E ] \Device\Harddisk0\DR0\Partition2
04:28:34.0362 2416  \Device\Harddisk0\DR0\Partition2 - ok
04:28:34.0377 2416  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
04:28:34.0378 2416  \Device\Harddisk0\DR0\Partition3 - ok
04:28:34.0396 2416  [ 87C10066BFCF53A8FDCB2D97072868A3 ] \Device\Harddisk0\DR0\Partition4
04:28:34.0400 2416  \Device\Harddisk0\DR0\Partition4 - ok
04:28:34.0426 2416  [ E82136DD838D04A00E148CE31C51C2C1 ] \Device\Harddisk0\DR0\Partition5
04:28:34.0429 2416  \Device\Harddisk0\DR0\Partition5 - ok
04:28:34.0444 2416  [ C7CA99218E9364BF00430806A4374981 ] \Device\Harddisk0\DR0\Partition6
04:28:34.0446 2416  \Device\Harddisk0\DR0\Partition6 - ok
04:28:34.0448 2416  ============================================================
04:28:34.0448 2416  Scan finished
04:28:34.0448 2416  ============================================================
04:28:34.0462 1156  Detected object count: 0
04:28:34.0462 1156  Actual detected object count: 0
04:29:24.0520 2332  Deinitialize success
 
 
 
# AdwCleaner v3.018 - Report created 15/02/2014 at 22:25:50
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Gli 
# Running from : C:\Users\Glit e\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : torchcrashhandler
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\torchcrashhandler
Folder Deleted : C:\Program Files (x86)\MyPC Backup 
Folder Deleted : C:\Users\GlitterDove\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\GlitterDove\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\GlitterDove\AppData\Local\torch
Folder Deleted : C:\Users\GlitterDove\AppData\Roaming\Systweak
Folder Deleted : C:\Users\GlitterDove\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\GlitterDove\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\GlitterDove\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\GlitterDove\AppData\Roaming\Mozilla\Firefox\Profiles\8udixl7x.default\searchplugins\bingp.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\torch
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Gl rDove\AppData\Roaming\Mozilla\Firefox\Profiles\8udixl7x.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Gli ove\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3095 octets] - [15/02/2014 22:23:15]
AdwCleaner[S0].txt - [2990 octets] - [15/02/2014 22:25:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3050 octets] ##########
 

Edited by Queen-Evie, 16 February 2014 - 10:39 PM.
deleted Farbar Recovery Scan Tool (FRST.txt) log. FRST is not allowed in Am I Infected? It is allowed only in Malware Removal Logs


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:29 PM

Posted 16 February 2014 - 09:47 PM

FRST is not what I ask that you run, please run the other tools.

I see nothing in your tdss killer log, and because of the presence of this file:

File Deleted : C:\windows\System32\roboot64.exe

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Edited by cryptodan, 16 February 2014 - 09:49 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users