Jump to content

IP Blocked Coreserviceshell.exe HELP!


Recommended Posts

Dear Support Team,

Recently MBAM has keeps showing multiple IP blocks when I serve the net.

I have Trend Micro Titanium Internet Security running. The message (an example) as shown below pops up whenever there is an IP block. The port keeps changing each time

IP-BLOCK 89.248.168.164 (Type: outgoing, Port: 49838, Process: coreserviceshell.exe)

I would like to check that if everything is alright or is it malware related?

Link to post
Share on other sites

Hello slient_o

Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here

or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2

Run by Joon Kiat at 17:11:50 on 2012-12-31

Microsoft Windows 7 Home Premium 6.1.7601.1.949.82.1033.18.8094.5585 [GMT 8:00]

.

AV: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Lenovo\Nsd\startup.exe

C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe

C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\LockKey\LockKey.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe

C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\igfxtray.exe

C:\Windows\system32\hkcmd.exe

C:\Windows\system32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE

C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE

C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE

C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\DAP\DAP.EXE

C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN

mStart Page = hxxp://lenovo.msn.com

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Joon Kiat\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe

mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"

mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"

mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\JOONKI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm

IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm

IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm

IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{0576B5CE-B332-423D-97A8-76B8CA8475A5} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{EA593651-80A1-4D30-B2BF-844AAD975AB6} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{EA593651-80A1-4D30-B2BF-844AAD975AB6}\44F6D696E69636723702960586F6E656 : DHCPNameServer = 165.21.83.88 165.21.100.88

TCP: Interfaces\{EA593651-80A1-4D30-B2BF-844AAD975AB6}\E45535 : DHCPNameServer = 137.132.0.254 137.132.0.252

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

LSA: Notification Packages = scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

x64-mStart Page = hxxp://lenovo.msn.com

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [synLenovoGestureMgr] C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4

x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

x64-Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe

x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe

x64-Run: [CNAP2 Launcher] C:\Windows\System32\spool\DRIVERS\x64\3\CNAP2LAK.EXE

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Joon Kiat\AppData\Roaming\Mozilla\Firefox\Profiles\o608gk9v.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.sg/

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Joon Kiat\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Users\Joon Kiat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Joon Kiat\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-12-29 17:21; {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}; C:\Program Files (x86)\DAP\DAPFireFox

FF - ExtSQL: 2012-12-29 17:21; daplinkchecker@speedbit.com; C:\Program Files (x86)\DAP\daplinkchecker

.

============= SERVICES / DRIVERS ===============

.

R0 fbfmon;fbfmon;C:\Windows\System32\drivers\fbfmon.sys [2012-3-29 57952]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-26 16152]

R0 LHDmgr;LHDmgr;C:\Windows\System32\drivers\LhdX64.sys [2012-3-29 39008]

R0 NSD;NSD;C:\Windows\System32\drivers\nsd.sys [2012-3-29 24160]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-3-29 28992]

R1 BPntDrv;BPntDrv;C:\Windows\System32\drivers\BPntDrv.sys [2012-3-29 13408]

R1 Nsdfltr;Nsdfltr;C:\Windows\System32\drivers\Nsdfltr.sys [2012-3-29 59488]

R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-9-1 77184]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-9-1 275912]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-29 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-9 607456]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-3-29 161560]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-30 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-30 682344]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-29 363800]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\System32\drivers\AcpiVpc.sys [2011-12-16 30816]

R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-3-29 134696]

R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-3-29 621096]

R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-3-29 89640]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-3-29 39976]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-1-29 31088]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-1-5 331264]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-26 355096]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-26 785688]

R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-10-26 173656]

R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-28 111216]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-30 24176]

R3 rtsuvc;Lenovo EasyCamera;C:\Windows\System32\drivers\rtsuvc.sys [2012-3-29 8208488]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 tmeevw;tmeevw;C:\Windows\System32\drivers\tmeevw.sys [2012-9-1 67344]

R3 tmnciesc;tmnciesc;C:\Windows\System32\drivers\tmnciesc.sys [2012-9-1 210704]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]

S2 NSDSvc;Fast boot service of lenovo;C:\Windows\System32\NSDSvc.exe [2012-3-29 120160]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-1 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-22 121840]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== File Associations ===============

.

FileExt: .scr: RasWin.Script=C:\Program Files (x86)\RasWin\RasWin.exe -script "%1"

.

=============== Created Last 30 ================

.

2012-12-30 02:33:09 -------- d-----w- C:\Users\Joon Kiat\AppData\Roaming\Malwarebytes

2012-12-30 02:32:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-12-30 02:32:43 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-30 02:32:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-12-30 02:32:35 -------- d-----w- C:\Users\Joon Kiat\AppData\Local\Programs

2012-12-29 09:22:09 -------- d-----w- C:\Users\Joon Kiat\AppData\Roaming\EQATEC Analytics

2012-12-29 09:21:26 -------- d-----w- C:\ProgramData\SpeedBit

2012-12-29 09:21:23 -------- d-----w- C:\Program Files (x86)\DAP

2012-12-29 09:21:12 172032 ----a-w- C:\Windows\SysWow64\AniGIF.ocx

2012-12-29 09:20:13 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedBit

2012-12-21 19:00:42 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-21 19:00:42 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-21 19:00:41 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-21 19:00:40 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-12 12:12:57 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-12-12 12:11:43 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-12-12 12:11:42 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-12-04 09:04:42 90824 ----a-w- C:\Windows\SysWow64\EasyHook32.dll

2012-12-01 09:51:54 -------- d--h--w- C:\Windows\msdownld.tmp

2012-12-01 09:51:49 -------- d-----w- C:\Windows\SysWow64\directx

2012-12-01 09:25:51 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys

.

==================== Find3M ====================

.

2012-12-13 04:42:12 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-13 04:42:12 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-11-20 13:08:26 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-20 13:08:24 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-11-20 13:08:24 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll

2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

.

============= FINISH: 17:12:57.82 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 1/9/2012 5:51:57 PM

System Uptime: 31/12/2012 5:08:21 PM (0 hours ago)

.

Motherboard: LENOVO | | Product Name

Processor: Intel® Core i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 653 GiB total, 430.89 GiB free.

D: is FIXED (NTFS) - 25 GiB total, 21.73 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Atheros AR9285 Wireless Network Adapter

Device ID: PCI\VEN_168C&DEV_002B&SUBSYS_30A117AA&REV_01\4&18901DAC&0&00E1

Manufacturer: Atheros Communications Inc.

Name: Atheros AR9285 Wireless Network Adapter

PNP Device ID: PCI\VEN_168C&DEV_002B&SUBSYS_30A117AA&REV_01\4&18901DAC&0&00E1

Service: athr

.

==== System Restore Points ===================

.

RP41: 20/12/2012 3:29:16 PM - Scheduled Checkpoint

RP42: 22/12/2012 3:00:12 AM - Windows Update

RP43: 29/12/2012 7:29:43 PM - Scheduled Checkpoint

RP44: 31/12/2012 5:00:03 PM - Removed Microsoft Games for Windows Marketplace

RP45: 31/12/2012 5:00:27 PM - Removed Microsoft Games for Windows - LIVE Redistributable

RP46: 31/12/2012 5:00:52 PM - Removed Microsoft Games for Windows Marketplace

.

==== Installed Programs ======================

.

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atheros WLAN Client Installation Program

Canon LBP6000/LBP6018

Counter-Strike

D3DX10

Dota 2

Download Accelerator Plus (DAP)

Dual-Core Optimizer

Energy Management

Foxit Reader

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Control Center

Intel® Management Engine Components

Intel® OpenCL CPU Runtime

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

Intelligent Touchpad

Java 7 Update 9

Java Auto Updater

JMicron Flash Media Controller Driver

Junk Mail filter update

Left 4 Dead 2

Lenovo Bluetooth with Enhanced Data Rate Software

Lenovo EasyCamera

Lenovo EE Boot Optimizer

Lenovo OneKey Recovery

Lenovo YouCam

LockKey

Malwarebytes Anti-Malware version 1.70.0.1100

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft PowerPoint Viewer

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Mozilla Firefox 17.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Nsd

NVIDIA Control Panel 290.56

NVIDIA Graphics Driver 290.56

NVIDIA Install Application

NVIDIA Optimus 1.6.24

NVIDIA PhysX

NVIDIA PhysX System Software 9.11.1111

NVIDIA Update 1.6.24

NVIDIA Update Components

Onekey Theater

OpenOffice.org 3.4.1

Power2Go

RasWin (remove only)

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Steam

Synaptics Pointing Device Driver

Team Fortress 2

Trend Micro Titanium

Trend Micro Titanium Internet Security 2012

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

UserGuide

VeriFace

VLC media player 2.0.3

Winamp

Winamp Detector Plug-in

Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1)

Windows Live ?件包

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Live 影像中心

Windows Live 照片?

Windows Live 程式集

WinRAR 4.20 (64-bit)

用于?程?接的 Windows Live Mesh ActiveX 控件(??中文)

適用遠端連線的 Windows Live Mesh ActiveX 控制項

.

==== Event Viewer Messages From Past Week ========

.

31/12/2012 11:40:55 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

31/12/2012 1:55:43 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.1 with the system having network hardware address 00-26-75-6B-86-8C. Network operations on this system may be disrupted as a result.

.

==== End Of File ===========================

Link to post
Share on other sites

Dear Maurice,

Thank you for your reply. I have yet to run the DDS but here's an update. Today, the same IP was blocked but it was coming from left4dead2.exe on Steam. Just wondering, could this be due to MBAM working in conflict with Trend Micro? When both programs are attempting to work together?

a) Take Steam out of auto-start with Windows. Let's reduce startup complications. Let's not play games whilst we hunt for malware.

Do not do any online games, or websurfing, etc.

b) Using this MBAM F.A.Q. section as a "template" ==> http://forums.malwarebytes.org/index.php?act=findpost&pid=162099

put "trust" settings in both your TrendMicro and also in MBAM

that way the 2 will better respect the other.

Let me know when you have completed this. There's much more to follow.

Link to post
Share on other sites

Dear Maurice,

My version of trend micro seems to be a different one from the link. However, I have done what I believe is similar on my version to what is show there. My version does not have a n exception for spyware n viruses and that there is only a tab called 'exceptions list', so I have put everything there. How do I add trend micro to the exceptions list for MBAM? Thank you.

Link to post
Share on other sites

Hello,

Let's put that aside. Do the following:

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

P.S. + BTW

CoreServiceShell.exe is a component of Anti-Malware from Trend Micro Inc.

Credit to Systemlookup.com for the information

so at least, that exe is legitimate.

Edited by Maurice Naggar
Link to post
Share on other sites

Dear Maurice,

I have already finished running the scans and the reports are as follows below. Btw, there was another ip block today and it seems to be coming from svchost.exe.

IP-BLOCK 60.173.8.172 (Type: incoming, Port: 6666, Process: svchost.exe) 'this seems dubious to me' and the IP seems to be a foreign IP.

Anyway, the logs are being posted in the order Adwcleaner, TDSSKILLER and RKReport below.

Link to post
Share on other sites

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 20:07:27

# Updated 29/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Joon Kiat - JOONKIAT-PC

# Boot Mode : Normal

# Running from : C:\Users\Joon Kiat\Desktop\Cleanup\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Partner

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Joon Kiat\AppData\Roaming\Mozilla\Firefox\Profiles\o608gk9v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Joon Kiat\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [876 octets] - [02/01/2013 20:07:27]

########## EOF - C:\AdwCleaner[R1].txt - [935 octets] ##########

Link to post
Share on other sites

20:08:05.0712 3424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

20:08:06.0364 3424 ============================================================

20:08:06.0364 3424 Current date / time: 2013/01/02 20:08:06.0364

20:08:06.0364 3424 SystemInfo:

20:08:06.0364 3424

20:08:06.0364 3424 OS Version: 6.1.7601 ServicePack: 1.0

20:08:06.0364 3424 Product type: Workstation

20:08:06.0364 3424 ComputerName: JOONKIAT-PC

20:08:06.0364 3424 UserName: Joon Kiat

20:08:06.0364 3424 Windows directory: C:\Windows

20:08:06.0364 3424 System windows directory: C:\Windows

20:08:06.0364 3424 Running under WOW64

20:08:06.0364 3424 Processor architecture: Intel x64

20:08:06.0364 3424 Number of processors: 8

20:08:06.0364 3424 Page size: 0x1000

20:08:06.0364 3424 Boot type: Normal boot

20:08:06.0364 3424 ============================================================

20:08:06.0754 3424 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:08:06.0769 3424 ============================================================

20:08:06.0769 3424 \Device\Harddisk0\DR0:

20:08:06.0769 3424 MBR partitions:

20:08:06.0769 3424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000

20:08:06.0769 3424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51AE1000

20:08:06.0769 3424 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x51B45800, BlocksNum 0x32F0000

20:08:06.0769 3424 ============================================================

20:08:06.0807 3424 C: <-> \Device\Harddisk0\DR0\Partition2

20:08:06.0849 3424 D: <-> \Device\Harddisk0\DR0\Partition3

20:08:06.0849 3424 ============================================================

20:08:06.0849 3424 Initialize success

20:08:06.0849 3424 ============================================================

20:08:08.0174 10220 ============================================================

20:08:08.0174 10220 Scan started

20:08:08.0174 10220 Mode: Manual;

20:08:08.0174 10220 ============================================================

20:08:08.0814 10220 ================ Scan system memory ========================

20:08:08.0814 10220 System memory - ok

20:08:08.0814 10220 ================ Scan services =============================

20:08:09.0048 10220 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:08:09.0063 10220 1394ohci - ok

20:08:09.0079 10220 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:08:09.0095 10220 ACPI - ok

20:08:09.0110 10220 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:08:09.0110 10220 AcpiPmi - ok

20:08:09.0157 10220 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys

20:08:09.0157 10220 ACPIVPC - ok

20:08:09.0282 10220 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:08:09.0282 10220 AdobeARMservice - ok

20:08:09.0344 10220 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

20:08:09.0344 10220 adp94xx - ok

20:08:09.0378 10220 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

20:08:09.0386 10220 adpahci - ok

20:08:09.0408 10220 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

20:08:09.0413 10220 adpu320 - ok

20:08:09.0438 10220 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:08:09.0438 10220 AeLookupSvc - ok

20:08:09.0501 10220 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:08:09.0516 10220 AFD - ok

20:08:09.0548 10220 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:08:09.0548 10220 agp440 - ok

20:08:09.0594 10220 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:08:09.0594 10220 ALG - ok

20:08:09.0626 10220 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:08:09.0641 10220 aliide - ok

20:08:09.0641 10220 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:08:09.0641 10220 amdide - ok

20:08:09.0657 10220 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

20:08:09.0657 10220 AmdK8 - ok

20:08:09.0672 10220 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

20:08:09.0672 10220 AmdPPM - ok

20:08:09.0688 10220 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:08:09.0688 10220 amdsata - ok

20:08:09.0704 10220 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

20:08:09.0704 10220 amdsbs - ok

20:08:09.0719 10220 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:08:09.0719 10220 amdxata - ok

20:08:09.0813 10220 [ 1B7D1F0A0DFADBC797C16364792A7AA5 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

20:08:09.0813 10220 Amsp - ok

20:08:09.0844 10220 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:08:09.0844 10220 AppID - ok

20:08:09.0875 10220 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:08:09.0877 10220 AppIDSvc - ok

20:08:09.0889 10220 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

20:08:09.0891 10220 Appinfo - ok

20:08:09.0936 10220 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

20:08:09.0936 10220 arc - ok

20:08:09.0936 10220 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

20:08:09.0936 10220 arcsas - ok

20:08:10.0030 10220 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:08:10.0030 10220 aspnet_state - ok

20:08:10.0077 10220 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:08:10.0077 10220 AsyncMac - ok

20:08:10.0108 10220 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:08:10.0108 10220 atapi - ok

20:08:10.0217 10220 [ 16567AB05CD34F46D0DCBB129CA143C2 ] athr C:\Windows\system32\DRIVERS\athrx.sys

20:08:10.0279 10220 athr - ok

20:08:10.0326 10220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:08:10.0342 10220 AudioEndpointBuilder - ok

20:08:10.0357 10220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:08:10.0373 10220 AudioSrv - ok

20:08:10.0403 10220 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:08:10.0406 10220 AxInstSV - ok

20:08:10.0460 10220 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

20:08:10.0460 10220 b06bdrv - ok

20:08:10.0507 10220 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:08:10.0507 10220 b57nd60a - ok

20:08:10.0554 10220 [ 638AC077E7EF7D27D03062E486E8BF01 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys

20:08:10.0554 10220 bcbtums - ok

20:08:10.0601 10220 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:08:10.0601 10220 BDESVC - ok

20:08:10.0632 10220 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:08:10.0632 10220 Beep - ok

20:08:10.0694 10220 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:08:10.0710 10220 BFE - ok

20:08:10.0741 10220 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

20:08:10.0757 10220 BITS - ok

20:08:10.0788 10220 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:08:10.0803 10220 blbdrive - ok

20:08:10.0835 10220 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:08:10.0835 10220 bowser - ok

20:08:10.0866 10220 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys

20:08:10.0866 10220 BPntDrv - ok

20:08:10.0897 10220 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

20:08:10.0897 10220 BrFiltLo - ok

20:08:10.0920 10220 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

20:08:10.0922 10220 BrFiltUp - ok

20:08:10.0952 10220 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:08:10.0954 10220 Browser - ok

20:08:10.0962 10220 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:08:10.0966 10220 Brserid - ok

20:08:10.0969 10220 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:08:10.0971 10220 BrSerWdm - ok

20:08:10.0975 10220 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:08:10.0976 10220 BrUsbMdm - ok

20:08:10.0982 10220 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:08:10.0984 10220 BrUsbSer - ok

20:08:11.0064 10220 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

20:08:11.0064 10220 BthEnum - ok

20:08:11.0079 10220 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

20:08:11.0079 10220 BTHMODEM - ok

20:08:11.0126 10220 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

20:08:11.0126 10220 BthPan - ok

20:08:11.0173 10220 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

20:08:11.0188 10220 BTHPORT - ok

20:08:11.0220 10220 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:08:11.0220 10220 bthserv - ok

20:08:11.0251 10220 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

20:08:11.0251 10220 BTHUSB - ok

20:08:11.0298 10220 [ 52700700E776E0F78D5199883CA87037 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

20:08:11.0313 10220 btwampfl - ok

20:08:11.0344 10220 [ 404063E7ECE29E38816D3E152966EA36 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

20:08:11.0344 10220 btwaudio - ok

20:08:11.0376 10220 [ 8CA7CABD13316ABACE386D9F380B4CF3 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

20:08:11.0376 10220 btwavdt - ok

20:08:11.0442 10220 [ CB12D3CCCACC9F0F7C87A9F416AF8929 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

20:08:11.0454 10220 btwdins - ok

20:08:11.0480 10220 [ 41933521A618475644B6E8D8487AF326 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys

20:08:11.0480 10220 BTWDPAN - ok

20:08:11.0512 10220 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

20:08:11.0512 10220 btwl2cap - ok

20:08:11.0527 10220 [ 71A04F2D9DEB21B162561EB574D7D629 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

20:08:11.0527 10220 btwrchid - ok

20:08:11.0558 10220 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:08:11.0558 10220 cdfs - ok

20:08:11.0605 10220 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:08:11.0605 10220 cdrom - ok

20:08:11.0652 10220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:08:11.0652 10220 CertPropSvc - ok

20:08:11.0683 10220 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

20:08:11.0683 10220 circlass - ok

20:08:11.0714 10220 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:08:11.0714 10220 CLFS - ok

20:08:11.0824 10220 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:08:11.0824 10220 clr_optimization_v2.0.50727_32 - ok

20:08:11.0855 10220 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:08:11.0870 10220 clr_optimization_v2.0.50727_64 - ok

20:08:11.0940 10220 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:08:11.0943 10220 clr_optimization_v4.0.30319_32 - ok

20:08:11.0972 10220 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:08:11.0975 10220 clr_optimization_v4.0.30319_64 - ok

20:08:12.0012 10220 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys

20:08:12.0012 10220 clwvd - ok

20:08:12.0028 10220 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:08:12.0028 10220 CmBatt - ok

20:08:12.0059 10220 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:08:12.0059 10220 cmdide - ok

20:08:12.0106 10220 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

20:08:12.0122 10220 CNG - ok

20:08:12.0137 10220 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

20:08:12.0153 10220 Compbatt - ok

20:08:12.0184 10220 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

20:08:12.0184 10220 CompositeBus - ok

20:08:12.0200 10220 COMSysApp - ok

20:08:12.0356 10220 [ EA551EFC7CE28FA3D1DC188F12E488AD ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

20:08:12.0356 10220 cphs - ok

20:08:12.0402 10220 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

20:08:12.0402 10220 crcdisk - ok

20:08:12.0434 10220 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:08:12.0434 10220 CryptSvc - ok

20:08:12.0575 10220 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

20:08:12.0575 10220 cvhsvc - ok

20:08:12.0621 10220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:08:12.0621 10220 DcomLaunch - ok

20:08:12.0668 10220 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:08:12.0668 10220 defragsvc - ok

20:08:12.0715 10220 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:08:12.0715 10220 DfsC - ok

20:08:12.0746 10220 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:08:12.0746 10220 Dhcp - ok

20:08:12.0777 10220 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:08:12.0777 10220 discache - ok

20:08:12.0809 10220 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

20:08:12.0809 10220 Disk - ok

20:08:12.0840 10220 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:08:12.0840 10220 Dnscache - ok

20:08:12.0855 10220 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:08:12.0855 10220 dot3svc - ok

20:08:12.0871 10220 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:08:12.0871 10220 DPS - ok

20:08:12.0918 10220 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:08:12.0918 10220 drmkaud - ok

20:08:12.0949 10220 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:08:12.0996 10220 DXGKrnl - ok

20:08:13.0043 10220 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:08:13.0043 10220 EapHost - ok

20:08:13.0121 10220 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

20:08:13.0215 10220 ebdrv - ok

20:08:13.0262 10220 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:08:13.0262 10220 EFS - ok

20:08:13.0324 10220 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:08:13.0340 10220 ehRecvr - ok

20:08:13.0386 10220 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:08:13.0386 10220 ehSched - ok

20:08:13.0433 10220 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

20:08:13.0449 10220 elxstor - ok

20:08:13.0449 10220 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:08:13.0449 10220 ErrDev - ok

20:08:13.0514 10220 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:08:13.0521 10220 EventSystem - ok

20:08:13.0587 10220 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:08:13.0587 10220 exfat - ok

20:08:13.0602 10220 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:08:13.0602 10220 fastfat - ok

20:08:13.0649 10220 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:08:13.0665 10220 Fax - ok

20:08:13.0696 10220 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB ] fbfmon C:\Windows\system32\drivers\fbfmon.sys

20:08:13.0696 10220 fbfmon - ok

20:08:13.0727 10220 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

20:08:13.0727 10220 fdc - ok

20:08:13.0758 10220 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:08:13.0758 10220 fdPHost - ok

20:08:13.0790 10220 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:08:13.0790 10220 FDResPub - ok

20:08:13.0821 10220 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:08:13.0821 10220 FileInfo - ok

20:08:13.0836 10220 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:08:13.0836 10220 Filetrace - ok

20:08:13.0868 10220 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

20:08:13.0883 10220 flpydisk - ok

20:08:13.0899 10220 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:08:13.0899 10220 FltMgr - ok

20:08:13.0977 10220 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

20:08:14.0016 10220 FontCache - ok

20:08:14.0064 10220 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:08:14.0064 10220 FontCache3.0.0.0 - ok

20:08:14.0080 10220 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:08:14.0080 10220 FsDepends - ok

20:08:14.0111 10220 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:08:14.0111 10220 Fs_Rec - ok

20:08:14.0173 10220 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:08:14.0173 10220 fvevol - ok

20:08:14.0204 10220 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

20:08:14.0204 10220 gagp30kx - ok

20:08:14.0251 10220 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:08:14.0267 10220 gpsvc - ok

20:08:14.0360 10220 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:08:14.0360 10220 gupdate - ok

20:08:14.0376 10220 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:08:14.0392 10220 gupdatem - ok

20:08:14.0407 10220 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

20:08:14.0423 10220 gusvc - ok

20:08:14.0454 10220 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:08:14.0454 10220 hcw85cir - ok

20:08:14.0470 10220 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:08:14.0485 10220 HdAudAddService - ok

20:08:14.0519 10220 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

20:08:14.0521 10220 HDAudBus - ok

20:08:14.0525 10220 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

20:08:14.0527 10220 HidBatt - ok

20:08:14.0531 10220 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

20:08:14.0533 10220 HidBth - ok

20:08:14.0551 10220 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

20:08:14.0553 10220 HidIr - ok

20:08:14.0578 10220 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

20:08:14.0579 10220 hidserv - ok

20:08:14.0588 10220 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

20:08:14.0588 10220 HidUsb - ok

20:08:14.0604 10220 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:08:14.0604 10220 hkmsvc - ok

20:08:14.0620 10220 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:08:14.0635 10220 HomeGroupListener - ok

20:08:14.0651 10220 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:08:14.0666 10220 HomeGroupProvider - ok

20:08:14.0698 10220 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:08:14.0698 10220 HpSAMD - ok

20:08:14.0729 10220 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:08:14.0744 10220 HTTP - ok

20:08:14.0760 10220 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:08:14.0760 10220 hwpolicy - ok

20:08:14.0791 10220 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

20:08:14.0807 10220 i8042prt - ok

20:08:14.0854 10220 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

20:08:14.0869 10220 iaStor - ok

20:08:14.0916 10220 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

20:08:14.0916 10220 IAStorDataMgrSvc - ok

20:08:14.0947 10220 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:08:14.0947 10220 iaStorV - ok

20:08:15.0010 10220 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:08:15.0010 10220 idsvc - ok

20:08:15.0288 10220 [ 0638D16029B1C800908D965AC78970C7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

20:08:15.0538 10220 igfx - ok

20:08:15.0575 10220 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

20:08:15.0576 10220 iirsp - ok

20:08:15.0599 10220 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:08:15.0614 10220 IKEEXT - ok

20:08:15.0724 10220 [ D830262519DDCDFC8BE34EB7047C22DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:08:15.0802 10220 IntcAzAudAddService - ok

20:08:15.0848 10220 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

20:08:15.0848 10220 IntcDAud - ok

20:08:15.0926 10220 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

20:08:15.0926 10220 Intel® Capability Licensing Service Interface - ok

20:08:15.0958 10220 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:08:15.0958 10220 intelide - ok

20:08:15.0989 10220 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:08:15.0989 10220 intelppm - ok

20:08:16.0020 10220 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:08:16.0036 10220 IPBusEnum - ok

20:08:16.0036 10220 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:08:16.0051 10220 IpFilterDriver - ok

20:08:16.0099 10220 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:08:16.0107 10220 iphlpsvc - ok

20:08:16.0107 10220 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:08:16.0107 10220 IPMIDRV - ok

20:08:16.0123 10220 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:08:16.0123 10220 IPNAT - ok

20:08:16.0138 10220 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:08:16.0138 10220 IRENUM - ok

20:08:16.0170 10220 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:08:16.0170 10220 isapnp - ok

20:08:16.0185 10220 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:08:16.0201 10220 iScsiPrt - ok

20:08:16.0248 10220 [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys

20:08:16.0248 10220 iusb3hcs - ok

20:08:16.0294 10220 [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys

20:08:16.0294 10220 iusb3hub - ok

20:08:16.0341 10220 [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys

20:08:16.0357 10220 iusb3xhc - ok

20:08:16.0404 10220 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

20:08:16.0404 10220 jhi_service - ok

20:08:16.0466 10220 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys

20:08:16.0466 10220 JMCR - ok

20:08:16.0497 10220 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:08:16.0513 10220 kbdclass - ok

20:08:16.0528 10220 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

20:08:16.0528 10220 kbdhid - ok

20:08:16.0544 10220 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:08:16.0544 10220 KeyIso - ok

20:08:16.0582 10220 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:08:16.0586 10220 KSecDD - ok

20:08:16.0622 10220 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:08:16.0627 10220 KSecPkg - ok

20:08:16.0645 10220 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:08:16.0647 10220 ksthunk - ok

20:08:16.0679 10220 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:08:16.0679 10220 KtmRm - ok

20:08:16.0711 10220 [ E84DA1A93978B3700EA63414357B9BA3 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

20:08:16.0726 10220 L1C - ok

20:08:16.0773 10220 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

20:08:16.0773 10220 LanmanServer - ok

20:08:16.0804 10220 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:08:16.0804 10220 LanmanWorkstation - ok

20:08:16.0835 10220 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys

20:08:16.0835 10220 LHDmgr - ok

20:08:16.0882 10220 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:08:16.0882 10220 lltdio - ok

20:08:16.0913 10220 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:08:16.0929 10220 lltdsvc - ok

20:08:16.0945 10220 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:08:16.0945 10220 lmhosts - ok

20:08:16.0976 10220 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

20:08:16.0976 10220 LMS - ok

20:08:17.0023 10220 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

20:08:17.0023 10220 LSI_FC - ok

20:08:17.0038 10220 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

20:08:17.0038 10220 LSI_SAS - ok

20:08:17.0038 10220 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

20:08:17.0054 10220 LSI_SAS2 - ok

20:08:17.0054 10220 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

20:08:17.0054 10220 LSI_SCSI - ok

20:08:17.0069 10220 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:08:17.0069 10220 luafv - ok

20:08:17.0160 10220 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

20:08:17.0160 10220 MBAMProtector - ok

20:08:17.0253 10220 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:08:17.0253 10220 MBAMScheduler - ok

20:08:17.0300 10220 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:08:17.0300 10220 MBAMService - ok

20:08:17.0331 10220 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:08:17.0347 10220 Mcx2Svc - ok

20:08:17.0362 10220 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

20:08:17.0362 10220 megasas - ok

20:08:17.0394 10220 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

20:08:17.0394 10220 MegaSR - ok

20:08:17.0425 10220 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

20:08:17.0425 10220 MEIx64 - ok

20:08:17.0456 10220 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:08:17.0456 10220 MMCSS - ok

20:08:17.0487 10220 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:08:17.0487 10220 Modem - ok

20:08:17.0503 10220 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:08:17.0503 10220 monitor - ok

20:08:17.0534 10220 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

20:08:17.0534 10220 mouclass - ok

20:08:17.0534 10220 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:08:17.0550 10220 mouhid - ok

20:08:17.0565 10220 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:08:17.0565 10220 mountmgr - ok

20:08:17.0623 10220 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:08:17.0626 10220 MozillaMaintenance - ok

20:08:17.0641 10220 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:08:17.0645 10220 mpio - ok

20:08:17.0659 10220 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:08:17.0659 10220 mpsdrv - ok

20:08:17.0706 10220 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:08:17.0722 10220 MpsSvc - ok

20:08:17.0722 10220 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:08:17.0737 10220 MRxDAV - ok

20:08:17.0784 10220 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:08:17.0784 10220 mrxsmb - ok

20:08:17.0815 10220 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:08:17.0815 10220 mrxsmb10 - ok

20:08:17.0862 10220 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:08:17.0862 10220 mrxsmb20 - ok

20:08:17.0878 10220 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:08:17.0878 10220 msahci - ok

20:08:17.0909 10220 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:08:17.0909 10220 msdsm - ok

20:08:17.0925 10220 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:08:17.0925 10220 MSDTC - ok

20:08:17.0956 10220 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:08:17.0956 10220 Msfs - ok

20:08:17.0987 10220 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:08:17.0987 10220 mshidkmdf - ok

20:08:18.0003 10220 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:08:18.0003 10220 msisadrv - ok

20:08:18.0018 10220 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:08:18.0034 10220 MSiSCSI - ok

20:08:18.0034 10220 msiserver - ok

20:08:18.0065 10220 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:08:18.0065 10220 MSKSSRV - ok

20:08:18.0081 10220 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:08:18.0081 10220 MSPCLOCK - ok

20:08:18.0096 10220 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:08:18.0096 10220 MSPQM - ok

20:08:18.0117 10220 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:08:18.0124 10220 MsRPC - ok

20:08:18.0140 10220 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

20:08:18.0141 10220 mssmbios - ok

20:08:18.0144 10220 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:08:18.0145 10220 MSTEE - ok

20:08:18.0148 10220 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

20:08:18.0149 10220 MTConfig - ok

20:08:18.0160 10220 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:08:18.0161 10220 Mup - ok

20:08:18.0189 10220 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:08:18.0189 10220 napagent - ok

20:08:18.0221 10220 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:08:18.0221 10220 NativeWifiP - ok

20:08:18.0283 10220 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:08:18.0299 10220 NDIS - ok

20:08:18.0314 10220 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:08:18.0314 10220 NdisCap - ok

20:08:18.0345 10220 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:08:18.0345 10220 NdisTapi - ok

20:08:18.0361 10220 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:08:18.0361 10220 Ndisuio - ok

20:08:18.0377 10220 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:08:18.0377 10220 NdisWan - ok

20:08:18.0392 10220 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:08:18.0408 10220 NDProxy - ok

20:08:18.0408 10220 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:08:18.0423 10220 NetBIOS - ok

20:08:18.0423 10220 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:08:18.0439 10220 NetBT - ok

20:08:18.0455 10220 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:08:18.0455 10220 Netlogon - ok

20:08:18.0486 10220 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:08:18.0486 10220 Netman - ok

20:08:18.0564 10220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:18.0564 10220 NetMsmqActivator - ok

20:08:18.0564 10220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:18.0564 10220 NetPipeActivator - ok

20:08:18.0595 10220 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:08:18.0595 10220 netprofm - ok

20:08:18.0611 10220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:18.0611 10220 NetTcpActivator - ok

20:08:18.0611 10220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:18.0611 10220 NetTcpPortSharing - ok

20:08:18.0650 10220 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

20:08:18.0652 10220 nfrd960 - ok

20:08:18.0688 10220 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:08:18.0704 10220 NlaSvc - ok

20:08:18.0719 10220 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:08:18.0719 10220 Npfs - ok

20:08:18.0751 10220 [ 686398C3A52EE6588948EAC0C01B126C ] NSD C:\Windows\system32\drivers\nsd.sys

20:08:18.0751 10220 NSD - ok

20:08:18.0766 10220 [ 2152DC8E58391562C9F07998C6FCCF8C ] Nsdfltr C:\Windows\system32\drivers\Nsdfltr.sys

20:08:18.0766 10220 Nsdfltr - ok

20:08:18.0782 10220 [ 486EC2BDC09FBAC5814032D38215010A ] NSDSvc C:\Windows\System32\NSDSvc.exe

20:08:18.0782 10220 NSDSvc - ok

20:08:18.0813 10220 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:08:18.0813 10220 nsi - ok

20:08:18.0829 10220 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:08:18.0844 10220 nsiproxy - ok

20:08:18.0891 10220 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:08:18.0938 10220 Ntfs - ok

20:08:18.0969 10220 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:08:18.0969 10220 Null - ok

20:08:19.0266 10220 [ 9B635F8CC717E51F4780DF61B1BD74C0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:08:19.0484 10220 nvlddmkm - ok

20:08:19.0531 10220 [ 6077B62EADE7B4B692AFB92ACEA3A154 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

20:08:19.0531 10220 nvpciflt - ok

20:08:19.0562 10220 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:08:19.0562 10220 nvraid - ok

20:08:19.0562 10220 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:08:19.0578 10220 nvstor - ok

Link to post
Share on other sites

20:08:19.0625 10220 [ DE6940FB71C4CAE080A7F5D824A68EBE ] nvsvc C:\Windows\system32\nvvsvc.exe

20:08:19.0640 10220 nvsvc - ok

20:08:19.0718 10220 [ 0AEC60D3DB51C327E501FDEFE42EC4C1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:08:19.0734 10220 nvUpdatusService - ok

20:08:19.0734 10220 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:08:19.0749 10220 nv_agp - ok

20:08:19.0749 10220 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

20:08:19.0749 10220 ohci1394 - ok

20:08:19.0796 10220 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:08:19.0796 10220 ose - ok

20:08:19.0936 10220 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

20:08:19.0968 10220 osppsvc - ok

20:08:19.0983 10220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:08:19.0983 10220 p2pimsvc - ok

20:08:19.0999 10220 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:08:20.0014 10220 p2psvc - ok

20:08:20.0030 10220 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

20:08:20.0046 10220 Parport - ok

20:08:20.0061 10220 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:08:20.0077 10220 partmgr - ok

20:08:20.0092 10220 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:08:20.0092 10220 PcaSvc - ok

20:08:20.0124 10220 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:08:20.0124 10220 pci - ok

20:08:20.0139 10220 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:08:20.0139 10220 pciide - ok

20:08:20.0155 10220 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

20:08:20.0170 10220 pcmcia - ok

20:08:20.0193 10220 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:08:20.0195 10220 pcw - ok

20:08:20.0214 10220 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:08:20.0222 10220 PEAUTH - ok

20:08:20.0342 10220 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:08:20.0342 10220 PerfHost - ok

20:08:20.0404 10220 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:08:20.0435 10220 pla - ok

20:08:20.0482 10220 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:08:20.0482 10220 PlugPlay - ok

20:08:20.0498 10220 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:08:20.0513 10220 PNRPAutoReg - ok

20:08:20.0513 10220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:08:20.0513 10220 PNRPsvc - ok

20:08:20.0560 10220 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:08:20.0560 10220 PolicyAgent - ok

20:08:20.0576 10220 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:08:20.0591 10220 Power - ok

20:08:20.0622 10220 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:08:20.0622 10220 PptpMiniport - ok

20:08:20.0638 10220 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

20:08:20.0638 10220 Processor - ok

20:08:20.0669 10220 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:08:20.0669 10220 ProfSvc - ok

20:08:20.0697 10220 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:08:20.0699 10220 ProtectedStorage - ok

20:08:20.0719 10220 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:08:20.0722 10220 Psched - ok

20:08:20.0762 10220 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

20:08:20.0809 10220 ql2300 - ok

20:08:20.0825 10220 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

20:08:20.0825 10220 ql40xx - ok

20:08:20.0872 10220 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:08:20.0872 10220 QWAVE - ok

20:08:20.0887 10220 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:08:20.0887 10220 QWAVEdrv - ok

20:08:20.0903 10220 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:08:20.0903 10220 RasAcd - ok

20:08:20.0918 10220 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:08:20.0934 10220 RasAgileVpn - ok

20:08:20.0950 10220 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:08:20.0950 10220 RasAuto - ok

20:08:20.0965 10220 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:08:20.0965 10220 Rasl2tp - ok

20:08:20.0981 10220 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:08:20.0981 10220 RasMan - ok

20:08:20.0996 10220 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:08:20.0996 10220 RasPppoe - ok

20:08:20.0996 10220 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:08:21.0012 10220 RasSstp - ok

20:08:21.0043 10220 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:08:21.0043 10220 rdbss - ok

20:08:21.0059 10220 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

20:08:21.0059 10220 rdpbus - ok

20:08:21.0090 10220 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:08:21.0090 10220 RDPCDD - ok

20:08:21.0106 10220 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:08:21.0106 10220 RDPENCDD - ok

20:08:21.0121 10220 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:08:21.0121 10220 RDPREFMP - ok

20:08:21.0152 10220 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:08:21.0152 10220 RDPWD - ok

20:08:21.0184 10220 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:08:21.0201 10220 rdyboost - ok

20:08:21.0230 10220 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:08:21.0233 10220 RemoteAccess - ok

20:08:21.0255 10220 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:08:21.0255 10220 RemoteRegistry - ok

20:08:21.0271 10220 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

20:08:21.0286 10220 RFCOMM - ok

20:08:21.0302 10220 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:08:21.0302 10220 RpcEptMapper - ok

20:08:21.0333 10220 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:08:21.0333 10220 RpcLocator - ok

20:08:21.0364 10220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:08:21.0364 10220 RpcSs - ok

20:08:21.0396 10220 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:08:21.0396 10220 rspndr - ok

20:08:21.0583 10220 [ C736749AC756503C0F94D94F5BC39B0E ] rtsuvc C:\Windows\system32\DRIVERS\rtsuvc.sys

20:08:21.0739 10220 rtsuvc - ok

20:08:21.0752 10220 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:08:21.0753 10220 SamSs - ok

20:08:21.0767 10220 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:08:21.0769 10220 sbp2port - ok

20:08:21.0786 10220 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:08:21.0789 10220 SCardSvr - ok

20:08:21.0796 10220 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:08:21.0796 10220 scfilter - ok

20:08:21.0827 10220 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:08:21.0827 10220 Schedule - ok

20:08:21.0874 10220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:08:21.0874 10220 SCPolicySvc - ok

20:08:21.0905 10220 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

20:08:21.0905 10220 sdbus - ok

20:08:21.0921 10220 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:08:21.0921 10220 SDRSVC - ok

20:08:21.0968 10220 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:08:21.0968 10220 secdrv - ok

20:08:21.0983 10220 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:08:21.0983 10220 seclogon - ok

20:08:22.0015 10220 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

20:08:22.0015 10220 SENS - ok

20:08:22.0046 10220 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:08:22.0046 10220 SensrSvc - ok

20:08:22.0077 10220 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

20:08:22.0077 10220 Serenum - ok

20:08:22.0077 10220 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

20:08:22.0093 10220 Serial - ok

20:08:22.0093 10220 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

20:08:22.0108 10220 sermouse - ok

20:08:22.0124 10220 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:08:22.0139 10220 SessionEnv - ok

20:08:22.0139 10220 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:08:22.0139 10220 sffdisk - ok

20:08:22.0139 10220 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:08:22.0139 10220 sffp_mmc - ok

20:08:22.0139 10220 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:08:22.0139 10220 sffp_sd - ok

20:08:22.0155 10220 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

20:08:22.0155 10220 sfloppy - ok

20:08:22.0186 10220 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

20:08:22.0202 10220 Sftfs - ok

20:08:22.0279 10220 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

20:08:22.0284 10220 sftlist - ok

20:08:22.0291 10220 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

20:08:22.0291 10220 Sftplay - ok

20:08:22.0307 10220 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

20:08:22.0307 10220 Sftredir - ok

20:08:22.0322 10220 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

20:08:22.0322 10220 Sftvol - ok

20:08:22.0338 10220 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

20:08:22.0338 10220 sftvsa - ok

20:08:22.0369 10220 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:08:22.0385 10220 SharedAccess - ok

20:08:22.0416 10220 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:08:22.0416 10220 ShellHWDetection - ok

20:08:22.0447 10220 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

20:08:22.0447 10220 SiSRaid2 - ok

20:08:22.0463 10220 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

20:08:22.0478 10220 SiSRaid4 - ok

20:08:22.0478 10220 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:08:22.0494 10220 Smb - ok

20:08:22.0509 10220 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:08:22.0509 10220 SNMPTRAP - ok

20:08:22.0541 10220 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:08:22.0541 10220 spldr - ok

20:08:22.0572 10220 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:08:22.0587 10220 Spooler - ok

20:08:22.0650 10220 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:08:22.0712 10220 sppsvc - ok

20:08:22.0728 10220 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:08:22.0728 10220 sppuinotify - ok

20:08:22.0799 10220 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys

20:08:22.0799 10220 sptd - ok

20:08:22.0846 10220 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:08:22.0862 10220 srv - ok

20:08:22.0893 10220 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:08:22.0893 10220 srv2 - ok

20:08:22.0909 10220 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:08:22.0909 10220 srvnet - ok

20:08:22.0955 10220 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:08:22.0955 10220 SSDPSRV - ok

20:08:22.0971 10220 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:08:22.0971 10220 SstpSvc - ok

20:08:23.0018 10220 Steam Client Service - ok

20:08:23.0049 10220 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

20:08:23.0049 10220 stexstor - ok

20:08:23.0096 10220 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:08:23.0111 10220 stisvc - ok

20:08:23.0127 10220 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

20:08:23.0127 10220 swenum - ok

20:08:23.0158 10220 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:08:23.0174 10220 swprv - ok

20:08:23.0236 10220 [ E6A9BD45EF10EFA2EB2D380A32FBA7B6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

20:08:23.0252 10220 SynTP - ok

20:08:23.0297 10220 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:08:23.0333 10220 SysMain - ok

20:08:23.0341 10220 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:08:23.0341 10220 TabletInputService - ok

20:08:23.0357 10220 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:08:23.0357 10220 TapiSrv - ok

20:08:23.0373 10220 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:08:23.0373 10220 TBS - ok

20:08:23.0451 10220 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:08:23.0497 10220 Tcpip - ok

20:08:23.0544 10220 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:08:23.0560 10220 TCPIP6 - ok

20:08:23.0591 10220 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:08:23.0607 10220 tcpipreg - ok

20:08:23.0638 10220 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:08:23.0638 10220 TDPIPE - ok

20:08:23.0669 10220 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:08:23.0669 10220 TDTCP - ok

20:08:23.0685 10220 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:08:23.0700 10220 tdx - ok

20:08:23.0731 10220 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

20:08:23.0731 10220 TermDD - ok

20:08:23.0763 10220 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:08:23.0763 10220 TermService - ok

20:08:23.0791 10220 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:08:23.0794 10220 Themes - ok

20:08:23.0821 10220 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:08:23.0823 10220 THREADORDER - ok

20:08:23.0836 10220 [ 4C4554287AB3E0F84AE5101117B0C18E ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys

20:08:23.0836 10220 tmactmon - ok

20:08:23.0868 10220 [ E3485981980692756B6D4A561D718368 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys

20:08:23.0868 10220 tmcomm - ok

20:08:23.0883 10220 [ 1161F882B3CFA8076870A09924E0ADC2 ] tmeevw C:\Windows\system32\DRIVERS\tmeevw.sys

20:08:23.0883 10220 tmeevw - ok

20:08:23.0899 10220 [ 384C4A844E3DE65E26ED0639375C0D3B ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys

20:08:23.0899 10220 tmevtmgr - ok

20:08:23.0914 10220 [ F0AE672EE91E7F1EF24644621B57CA7F ] tmnciesc C:\Windows\system32\DRIVERS\tmnciesc.sys

20:08:23.0914 10220 tmnciesc - ok

20:08:23.0961 10220 [ 065CB7D9278D778FB9EF62CEAD01433F ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys

20:08:23.0961 10220 tmtdi - ok

20:08:23.0977 10220 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys

20:08:23.0977 10220 TPM - ok

20:08:24.0008 10220 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:08:24.0008 10220 TrkWks - ok

20:08:24.0055 10220 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:08:24.0055 10220 TrustedInstaller - ok

20:08:24.0086 10220 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:08:24.0086 10220 tssecsrv - ok

20:08:24.0102 10220 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:08:24.0102 10220 TsUsbFlt - ok

20:08:24.0102 10220 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

20:08:24.0117 10220 TsUsbGD - ok

20:08:24.0133 10220 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:08:24.0133 10220 tunnel - ok

20:08:24.0148 10220 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

20:08:24.0148 10220 uagp35 - ok

20:08:24.0180 10220 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:08:24.0180 10220 udfs - ok

20:08:24.0211 10220 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:08:24.0226 10220 UI0Detect - ok

20:08:24.0242 10220 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:08:24.0242 10220 uliagpkx - ok

20:08:24.0273 10220 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

20:08:24.0273 10220 umbus - ok

20:08:24.0296 10220 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

20:08:24.0298 10220 UmPass - ok

20:08:24.0352 10220 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

20:08:24.0367 10220 UNS - ok

20:08:24.0383 10220 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:08:24.0383 10220 upnphost - ok

20:08:24.0430 10220 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

20:08:24.0430 10220 usbccgp - ok

20:08:24.0461 10220 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:08:24.0461 10220 usbcir - ok

20:08:24.0477 10220 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

20:08:24.0477 10220 usbehci - ok

20:08:24.0508 10220 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:08:24.0523 10220 usbhub - ok

20:08:24.0523 10220 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

20:08:24.0523 10220 usbohci - ok

20:08:24.0555 10220 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:08:24.0570 10220 usbprint - ok

20:08:24.0586 10220 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:08:24.0586 10220 USBSTOR - ok

20:08:24.0601 10220 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

20:08:24.0617 10220 usbuhci - ok

20:08:24.0633 10220 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

20:08:24.0633 10220 usbvideo - ok

20:08:24.0664 10220 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:08:24.0664 10220 UxSms - ok

20:08:24.0695 10220 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:08:24.0695 10220 VaultSvc - ok

20:08:24.0711 10220 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:08:24.0726 10220 vdrvroot - ok

20:08:24.0742 10220 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:08:24.0757 10220 vds - ok

20:08:24.0757 10220 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:08:24.0757 10220 vga - ok

20:08:24.0773 10220 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:08:24.0773 10220 VgaSave - ok

20:08:24.0789 10220 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:08:24.0807 10220 vhdmp - ok

20:08:24.0822 10220 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:08:24.0824 10220 viaide - ok

20:08:24.0846 10220 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:08:24.0848 10220 volmgr - ok

20:08:24.0866 10220 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:08:24.0866 10220 volmgrx - ok

20:08:24.0882 10220 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:08:24.0882 10220 volsnap - ok

20:08:24.0913 10220 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

20:08:24.0913 10220 vsmraid - ok

20:08:24.0960 10220 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:08:25.0007 10220 VSS - ok

20:08:25.0022 10220 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

20:08:25.0022 10220 vwifibus - ok

20:08:25.0038 10220 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

20:08:25.0053 10220 vwififlt - ok

20:08:25.0085 10220 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:08:25.0100 10220 W32Time - ok

20:08:25.0116 10220 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

20:08:25.0116 10220 WacomPen - ok

20:08:25.0147 10220 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:08:25.0147 10220 WANARP - ok

20:08:25.0163 10220 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:08:25.0163 10220 Wanarpv6 - ok

20:08:25.0241 10220 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:08:25.0272 10220 WatAdminSvc - ok

20:08:25.0338 10220 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:08:25.0373 10220 wbengine - ok

20:08:25.0382 10220 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:08:25.0397 10220 WbioSrvc - ok

20:08:25.0397 10220 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:08:25.0413 10220 wcncsvc - ok

20:08:25.0428 10220 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:08:25.0428 10220 WcsPlugInService - ok

20:08:25.0460 10220 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

20:08:25.0460 10220 Wd - ok

20:08:25.0491 10220 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

20:08:25.0491 10220 WDC_SAM - ok

20:08:25.0538 10220 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:08:25.0553 10220 Wdf01000 - ok

20:08:25.0569 10220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:08:25.0584 10220 WdiServiceHost - ok

20:08:25.0584 10220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:08:25.0584 10220 WdiSystemHost - ok

20:08:25.0600 10220 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:08:25.0616 10220 WebClient - ok

20:08:25.0631 10220 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:08:25.0631 10220 Wecsvc - ok

20:08:25.0647 10220 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:08:25.0647 10220 wercplsupport - ok

20:08:25.0678 10220 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:08:25.0694 10220 WerSvc - ok

20:08:25.0709 10220 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:08:25.0725 10220 WfpLwf - ok

20:08:25.0740 10220 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:08:25.0740 10220 WIMMount - ok

20:08:25.0772 10220 WinDefend - ok

20:08:25.0787 10220 WinHttpAutoProxySvc - ok

20:08:25.0849 10220 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:08:25.0854 10220 Winmgmt - ok

20:08:25.0912 10220 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:08:25.0958 10220 WinRM - ok

20:08:26.0021 10220 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

20:08:26.0036 10220 WinUsb - ok

20:08:26.0068 10220 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:08:26.0083 10220 Wlansvc - ok

20:08:26.0146 10220 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

20:08:26.0146 10220 wlcrasvc - ok

20:08:26.0208 10220 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:08:26.0224 10220 wlidsvc - ok

20:08:26.0255 10220 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:08:26.0255 10220 WmiAcpi - ok

20:08:26.0286 10220 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:08:26.0286 10220 wmiApSrv - ok

20:08:26.0286 10220 WMPNetworkSvc - ok

20:08:26.0317 10220 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:08:26.0317 10220 WPCSvc - ok

20:08:26.0333 10220 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:08:26.0333 10220 WPDBusEnum - ok

20:08:26.0369 10220 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:08:26.0372 10220 ws2ifsl - ok

20:08:26.0390 10220 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

20:08:26.0394 10220 wscsvc - ok

20:08:26.0403 10220 WSearch - ok

20:08:26.0426 10220 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys

20:08:26.0442 10220 wsvd - ok

20:08:26.0504 10220 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:08:26.0566 10220 wuauserv - ok

20:08:26.0582 10220 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:08:26.0582 10220 WudfPf - ok

20:08:26.0613 10220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:08:26.0613 10220 WUDFRd - ok

20:08:26.0644 10220 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:08:26.0644 10220 wudfsvc - ok

20:08:26.0676 10220 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

20:08:26.0691 10220 WwanSvc - ok

20:08:26.0707 10220 ================ Scan global ===============================

20:08:26.0738 10220 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:08:26.0785 10220 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

20:08:26.0800 10220 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

20:08:26.0832 10220 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:08:26.0871 10220 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:08:26.0876 10220 [Global] - ok

20:08:26.0877 10220 ================ Scan MBR ==================================

20:08:26.0887 10220 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:08:27.0160 10220 \Device\Harddisk0\DR0 - ok

20:08:27.0160 10220 ================ Scan VBR ==================================

20:08:27.0160 10220 [ 9A716BF46BD5170724216C8B0C1DAA85 ] \Device\Harddisk0\DR0\Partition1

20:08:27.0160 10220 \Device\Harddisk0\DR0\Partition1 - ok

20:08:27.0191 10220 [ 5C59C2CA7C9A5F09B296B48D0D9BA47E ] \Device\Harddisk0\DR0\Partition2

20:08:27.0191 10220 \Device\Harddisk0\DR0\Partition2 - ok

20:08:27.0222 10220 [ 5545B92525EC7FD8E11326F21339B3B8 ] \Device\Harddisk0\DR0\Partition3

20:08:27.0222 10220 \Device\Harddisk0\DR0\Partition3 - ok

20:08:27.0222 10220 ============================================================

20:08:27.0222 10220 Scan finished

20:08:27.0222 10220 ============================================================

20:08:27.0238 6016 Detected object count: 0

20:08:27.0238 6016 Actual detected object count: 0

20:08:43.0586 9868 ============================================================

20:08:43.0586 9868 Scan started

20:08:43.0586 9868 Mode: Manual;

20:08:43.0586 9868 ============================================================

Link to post
Share on other sites

20:08:43.0908 9868 ================ Scan system memory ========================

20:08:43.0908 9868 System memory - ok

20:08:43.0909 9868 ================ Scan services =============================

20:08:44.0148 9868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:08:44.0151 9868 1394ohci - ok

20:08:44.0176 9868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:08:44.0180 9868 ACPI - ok

20:08:44.0188 9868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:08:44.0188 9868 AcpiPmi - ok

20:08:44.0218 9868 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys

20:08:44.0219 9868 ACPIVPC - ok

20:08:44.0311 9868 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:08:44.0312 9868 AdobeARMservice - ok

20:08:44.0345 9868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

20:08:44.0350 9868 adp94xx - ok

20:08:44.0361 9868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

20:08:44.0365 9868 adpahci - ok

20:08:44.0376 9868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

20:08:44.0379 9868 adpu320 - ok

20:08:44.0408 9868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:08:44.0409 9868 AeLookupSvc - ok

20:08:44.0451 9868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:08:44.0456 9868 AFD - ok

20:08:44.0472 9868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:08:44.0474 9868 agp440 - ok

20:08:44.0495 9868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:08:44.0496 9868 ALG - ok

20:08:44.0504 9868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:08:44.0505 9868 aliide - ok

20:08:44.0512 9868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:08:44.0513 9868 amdide - ok

20:08:44.0522 9868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

20:08:44.0523 9868 AmdK8 - ok

20:08:44.0532 9868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

20:08:44.0534 9868 AmdPPM - ok

20:08:44.0541 9868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:08:44.0542 9868 amdsata - ok

20:08:44.0549 9868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

20:08:44.0551 9868 amdsbs - ok

20:08:44.0583 9868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:08:44.0584 9868 amdxata - ok

20:08:44.0660 9868 [ 1B7D1F0A0DFADBC797C16364792A7AA5 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

20:08:44.0663 9868 Amsp - ok

20:08:44.0669 9868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:08:44.0670 9868 AppID - ok

20:08:44.0685 9868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:08:44.0686 9868 AppIDSvc - ok

20:08:44.0699 9868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

20:08:44.0700 9868 Appinfo - ok

20:08:44.0729 9868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

20:08:44.0730 9868 arc - ok

20:08:44.0737 9868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

20:08:44.0738 9868 arcsas - ok

20:08:44.0816 9868 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:08:44.0817 9868 aspnet_state - ok

20:08:44.0844 9868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:08:44.0846 9868 AsyncMac - ok

20:08:44.0863 9868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:08:44.0864 9868 atapi - ok

20:08:44.0938 9868 [ 16567AB05CD34F46D0DCBB129CA143C2 ] athr C:\Windows\system32\DRIVERS\athrx.sys

20:08:44.0960 9868 athr - ok

20:08:45.0017 9868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:08:45.0024 9868 AudioEndpointBuilder - ok

20:08:45.0051 9868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:08:45.0056 9868 AudioSrv - ok

20:08:45.0101 9868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:08:45.0102 9868 AxInstSV - ok

20:08:45.0131 9868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

20:08:45.0134 9868 b06bdrv - ok

20:08:45.0152 9868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:08:45.0155 9868 b57nd60a - ok

20:08:45.0186 9868 [ 638AC077E7EF7D27D03062E486E8BF01 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys

20:08:45.0187 9868 bcbtums - ok

20:08:45.0215 9868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:08:45.0216 9868 BDESVC - ok

20:08:45.0250 9868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:08:45.0250 9868 Beep - ok

20:08:45.0279 9868 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:08:45.0284 9868 BFE - ok

20:08:45.0315 9868 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

20:08:45.0323 9868 BITS - ok

20:08:45.0333 9868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:08:45.0334 9868 blbdrive - ok

20:08:45.0355 9868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:08:45.0357 9868 bowser - ok

20:08:45.0388 9868 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys

20:08:45.0389 9868 BPntDrv - ok

20:08:45.0409 9868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

20:08:45.0409 9868 BrFiltLo - ok

20:08:45.0415 9868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

20:08:45.0416 9868 BrFiltUp - ok

20:08:45.0439 9868 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:08:45.0441 9868 Browser - ok

20:08:45.0450 9868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:08:45.0453 9868 Brserid - ok

20:08:45.0458 9868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:08:45.0459 9868 BrSerWdm - ok

20:08:45.0464 9868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:08:45.0465 9868 BrUsbMdm - ok

20:08:45.0470 9868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:08:45.0471 9868 BrUsbSer - ok

20:08:45.0518 9868 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

20:08:45.0519 9868 BthEnum - ok

20:08:45.0525 9868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

20:08:45.0526 9868 BTHMODEM - ok

20:08:45.0556 9868 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

20:08:45.0558 9868 BthPan - ok

20:08:45.0592 9868 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

20:08:45.0598 9868 BTHPORT - ok

20:08:45.0622 9868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:08:45.0624 9868 bthserv - ok

20:08:45.0651 9868 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

20:08:45.0653 9868 BTHUSB - ok

20:08:45.0681 9868 [ 52700700E776E0F78D5199883CA87037 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

20:08:45.0686 9868 btwampfl - ok

20:08:45.0714 9868 [ 404063E7ECE29E38816D3E152966EA36 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

20:08:45.0716 9868 btwaudio - ok

20:08:45.0730 9868 [ 8CA7CABD13316ABACE386D9F380B4CF3 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

20:08:45.0732 9868 btwavdt - ok

20:08:45.0797 9868 [ CB12D3CCCACC9F0F7C87A9F416AF8929 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

20:08:45.0806 9868 btwdins - ok

20:08:45.0839 9868 [ 41933521A618475644B6E8D8487AF326 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys

20:08:45.0841 9868 BTWDPAN - ok

20:08:45.0859 9868 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

20:08:45.0860 9868 btwl2cap - ok

20:08:45.0876 9868 [ 71A04F2D9DEB21B162561EB574D7D629 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

20:08:45.0877 9868 btwrchid - ok

20:08:45.0902 9868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:08:45.0903 9868 cdfs - ok

20:08:45.0917 9868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:08:45.0919 9868 cdrom - ok

20:08:45.0951 9868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:08:45.0952 9868 CertPropSvc - ok

20:08:45.0967 9868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

20:08:45.0968 9868 circlass - ok

20:08:45.0993 9868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:08:45.0997 9868 CLFS - ok

20:08:46.0044 9868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:08:46.0046 9868 clr_optimization_v2.0.50727_32 - ok

20:08:46.0088 9868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:08:46.0090 9868 clr_optimization_v2.0.50727_64 - ok

20:08:46.0138 9868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:08:46.0140 9868 clr_optimization_v4.0.30319_32 - ok

20:08:46.0170 9868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:08:46.0173 9868 clr_optimization_v4.0.30319_64 - ok

20:08:46.0196 9868 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys

20:08:46.0198 9868 clwvd - ok

20:08:46.0213 9868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:08:46.0214 9868 CmBatt - ok

20:08:46.0235 9868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:08:46.0236 9868 cmdide - ok

20:08:46.0268 9868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

20:08:46.0273 9868 CNG - ok

20:08:46.0284 9868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

20:08:46.0285 9868 Compbatt - ok

20:08:46.0298 9868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

20:08:46.0300 9868 CompositeBus - ok

20:08:46.0305 9868 COMSysApp - ok

20:08:46.0466 9868 [ EA551EFC7CE28FA3D1DC188F12E488AD ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

20:08:46.0470 9868 cphs - ok

20:08:46.0491 9868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

20:08:46.0492 9868 crcdisk - ok

20:08:46.0517 9868 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:08:46.0520 9868 CryptSvc - ok

20:08:46.0641 9868 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

20:08:46.0649 9868 cvhsvc - ok

20:08:46.0702 9868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:08:46.0709 9868 DcomLaunch - ok

20:08:46.0740 9868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:08:46.0744 9868 defragsvc - ok

20:08:46.0774 9868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:08:46.0776 9868 DfsC - ok

20:08:46.0794 9868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:08:46.0798 9868 Dhcp - ok

20:08:46.0809 9868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:08:46.0810 9868 discache - ok

20:08:46.0823 9868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

20:08:46.0824 9868 Disk - ok

20:08:46.0838 9868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:08:46.0840 9868 Dnscache - ok

20:08:46.0853 9868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:08:46.0855 9868 dot3svc - ok

20:08:46.0873 9868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:08:46.0874 9868 DPS - ok

20:08:46.0887 9868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:08:46.0887 9868 drmkaud - ok

20:08:46.0922 9868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:08:46.0928 9868 DXGKrnl - ok

20:08:46.0947 9868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:08:46.0948 9868 EapHost - ok

20:08:47.0011 9868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

20:08:47.0030 9868 ebdrv - ok

20:08:47.0095 9868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:08:47.0098 9868 EFS - ok

20:08:47.0162 9868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:08:47.0169 9868 ehRecvr - ok

20:08:47.0180 9868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:08:47.0182 9868 ehSched - ok

20:08:47.0227 9868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

20:08:47.0232 9868 elxstor - ok

20:08:47.0239 9868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:08:47.0240 9868 ErrDev - ok

20:08:47.0300 9868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:08:47.0305 9868 EventSystem - ok

20:08:47.0320 9868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:08:47.0323 9868 exfat - ok

20:08:47.0343 9868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:08:47.0346 9868 fastfat - ok

20:08:47.0374 9868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:08:47.0381 9868 Fax - ok

20:08:47.0406 9868 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB ] fbfmon C:\Windows\system32\drivers\fbfmon.sys

20:08:47.0407 9868 fbfmon - ok

20:08:47.0426 9868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

20:08:47.0427 9868 fdc - ok

20:08:47.0443 9868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:08:47.0444 9868 fdPHost - ok

20:08:47.0463 9868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:08:47.0465 9868 FDResPub - ok

20:08:47.0482 9868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:08:47.0483 9868 FileInfo - ok

20:08:47.0502 9868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:08:47.0503 9868 Filetrace - ok

20:08:47.0509 9868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

20:08:47.0510 9868 flpydisk - ok

20:08:47.0526 9868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:08:47.0529 9868 FltMgr - ok

20:08:47.0566 9868 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

20:08:47.0576 9868 FontCache - ok

20:08:47.0659 9868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:08:47.0660 9868 FontCache3.0.0.0 - ok

20:08:47.0675 9868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:08:47.0676 9868 FsDepends - ok

20:08:47.0697 9868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:08:47.0699 9868 Fs_Rec - ok

20:08:47.0733 9868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:08:47.0736 9868 fvevol - ok

20:08:47.0752 9868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

20:08:47.0753 9868 gagp30kx - ok

20:08:47.0793 9868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:08:47.0801 9868 gpsvc - ok

20:08:47.0846 9868 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:08:47.0848 9868 gupdate - ok

20:08:47.0856 9868 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:08:47.0858 9868 gupdatem - ok

20:08:47.0886 9868 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

20:08:47.0888 9868 gusvc - ok

20:08:47.0928 9868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:08:47.0929 9868 hcw85cir - ok

20:08:47.0940 9868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:08:47.0944 9868 HdAudAddService - ok

20:08:47.0963 9868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

20:08:47.0965 9868 HDAudBus - ok

20:08:47.0972 9868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

20:08:47.0973 9868 HidBatt - ok

20:08:47.0981 9868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

20:08:47.0983 9868 HidBth - ok

20:08:47.0990 9868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

20:08:47.0991 9868 HidIr - ok

20:08:48.0043 9868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

20:08:48.0044 9868 hidserv - ok

20:08:48.0058 9868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

20:08:48.0060 9868 HidUsb - ok

20:08:48.0092 9868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:08:48.0094 9868 hkmsvc - ok

20:08:48.0110 9868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:08:48.0113 9868 HomeGroupListener - ok

20:08:48.0140 9868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:08:48.0144 9868 HomeGroupProvider - ok

20:08:48.0156 9868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:08:48.0157 9868 HpSAMD - ok

20:08:48.0188 9868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:08:48.0194 9868 HTTP - ok

20:08:48.0206 9868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:08:48.0207 9868 hwpolicy - ok

20:08:48.0224 9868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

20:08:48.0226 9868 i8042prt - ok

20:08:48.0271 9868 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

20:08:48.0276 9868 iaStor - ok

20:08:48.0315 9868 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

20:08:48.0317 9868 IAStorDataMgrSvc - ok

20:08:48.0342 9868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:08:48.0347 9868 iaStorV - ok

20:08:48.0403 9868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:08:48.0411 9868 idsvc - ok

20:08:48.0693 9868 [ 0638D16029B1C800908D965AC78970C7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

20:08:48.0747 9868 igfx - ok

20:08:48.0754 9868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

20:08:48.0755 9868 iirsp - ok

20:08:48.0787 9868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:08:48.0791 9868 IKEEXT - ok

20:08:48.0879 9868 [ D830262519DDCDFC8BE34EB7047C22DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:08:48.0901 9868 IntcAzAudAddService - ok

20:08:48.0920 9868 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

20:08:48.0922 9868 IntcDAud - ok

20:08:48.0983 9868 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

20:08:48.0990 9868 Intel® Capability Licensing Service Interface - ok

20:08:49.0017 9868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:08:49.0019 9868 intelide - ok

20:08:49.0033 9868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:08:49.0035 9868 intelppm - ok

20:08:49.0064 9868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:08:49.0067 9868 IPBusEnum - ok

20:08:49.0073 9868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:08:49.0074 9868 IpFilterDriver - ok

20:08:49.0119 9868 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:08:49.0124 9868 iphlpsvc - ok

20:08:49.0130 9868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:08:49.0131 9868 IPMIDRV - ok

20:08:49.0137 9868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:08:49.0139 9868 IPNAT - ok

20:08:49.0152 9868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:08:49.0153 9868 IRENUM - ok

20:08:49.0158 9868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:08:49.0159 9868 isapnp - ok

20:08:49.0181 9868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:08:49.0184 9868 iScsiPrt - ok

20:08:49.0213 9868 [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys

20:08:49.0214 9868 iusb3hcs - ok

20:08:49.0239 9868 [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys

20:08:49.0243 9868 iusb3hub - ok

20:08:49.0272 9868 [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys

20:08:49.0278 9868 iusb3xhc - ok

20:08:49.0320 9868 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

20:08:49.0322 9868 jhi_service - ok

20:08:49.0357 9868 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys

20:08:49.0359 9868 JMCR - ok

20:08:49.0387 9868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:08:49.0389 9868 kbdclass - ok

20:08:49.0404 9868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

20:08:49.0406 9868 kbdhid - ok

20:08:49.0417 9868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:08:49.0420 9868 KeyIso - ok

20:08:49.0447 9868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:08:49.0449 9868 KSecDD - ok

20:08:49.0460 9868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:08:49.0462 9868 KSecPkg - ok

20:08:49.0477 9868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:08:49.0478 9868 ksthunk - ok

20:08:49.0510 9868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:08:49.0514 9868 KtmRm - ok

20:08:49.0544 9868 [ E84DA1A93978B3700EA63414357B9BA3 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

20:08:49.0546 9868 L1C - ok

20:08:49.0564 9868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

20:08:49.0568 9868 LanmanServer - ok

20:08:49.0595 9868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:08:49.0598 9868 LanmanWorkstation - ok

20:08:49.0631 9868 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys

20:08:49.0632 9868 LHDmgr - ok

20:08:49.0647 9868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:08:49.0649 9868 lltdio - ok

20:08:49.0687 9868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:08:49.0691 9868 lltdsvc - ok

20:08:49.0704 9868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:08:49.0706 9868 lmhosts - ok

20:08:49.0738 9868 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

20:08:49.0741 9868 LMS - ok

20:08:49.0773 9868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

20:08:49.0774 9868 LSI_FC - ok

20:08:49.0780 9868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

20:08:49.0782 9868 LSI_SAS - ok

20:08:49.0788 9868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

20:08:49.0789 9868 LSI_SAS2 - ok

20:08:49.0795 9868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

20:08:49.0796 9868 LSI_SCSI - ok

20:08:49.0835 9868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:08:49.0837 9868 luafv - ok

20:08:49.0879 9868 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

20:08:49.0880 9868 MBAMProtector - ok

20:08:49.0949 9868 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:08:49.0954 9868 MBAMScheduler - ok

20:08:49.0991 9868 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:08:49.0998 9868 MBAMService - ok

20:08:50.0031 9868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:08:50.0034 9868 Mcx2Svc - ok

20:08:50.0041 9868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

20:08:50.0042 9868 megasas - ok

20:08:50.0052 9868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

20:08:50.0056 9868 MegaSR - ok

20:08:50.0083 9868 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

20:08:50.0083 9868 MEIx64 - ok

20:08:50.0109 9868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:08:50.0110 9868 MMCSS - ok

20:08:50.0113 9868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:08:50.0114 9868 Modem - ok

20:08:50.0121 9868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:08:50.0121 9868 monitor - ok

20:08:50.0132 9868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

20:08:50.0133 9868 mouclass - ok

20:08:50.0147 9868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:08:50.0148 9868 mouhid - ok

20:08:50.0160 9868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:08:50.0160 9868 mountmgr - ok

20:08:50.0199 9868 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:08:50.0200 9868 MozillaMaintenance - ok

20:08:50.0217 9868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:08:50.0218 9868 mpio - ok

20:08:50.0235 9868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:08:50.0236 9868 mpsdrv - ok

20:08:50.0268 9868 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:08:50.0272 9868 MpsSvc - ok

20:08:50.0277 9868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:08:50.0278 9868 MRxDAV - ok

20:08:50.0297 9868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:08:50.0298 9868 mrxsmb - ok

20:08:50.0315 9868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:08:50.0317 9868 mrxsmb10 - ok

20:08:50.0334 9868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:08:50.0336 9868 mrxsmb20 - ok

20:08:50.0352 9868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:08:50.0353 9868 msahci - ok

20:08:50.0374 9868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:08:50.0376 9868 msdsm - ok

20:08:50.0394 9868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:08:50.0395 9868 MSDTC - ok

20:08:50.0410 9868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:08:50.0411 9868 Msfs - ok

20:08:50.0423 9868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:08:50.0424 9868 mshidkmdf - ok

20:08:50.0428 9868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:08:50.0429 9868 msisadrv - ok

20:08:50.0451 9868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:08:50.0452 9868 MSiSCSI - ok

20:08:50.0455 9868 msiserver - ok

20:08:50.0458 9868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:08:50.0459 9868 MSKSSRV - ok

20:08:50.0469 9868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:08:50.0470 9868 MSPCLOCK - ok

20:08:50.0483 9868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:08:50.0484 9868 MSPQM - ok

20:08:50.0502 9868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:08:50.0504 9868 MsRPC - ok

20:08:50.0516 9868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

20:08:50.0516 9868 mssmbios - ok

20:08:50.0532 9868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:08:50.0533 9868 MSTEE - ok

20:08:50.0535 9868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

20:08:50.0536 9868 MTConfig - ok

20:08:50.0547 9868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:08:50.0547 9868 Mup - ok

20:08:50.0584 9868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:08:50.0591 9868 napagent - ok

20:08:50.0613 9868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:08:50.0616 9868 NativeWifiP - ok

20:08:50.0658 9868 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:08:50.0663 9868 NDIS - ok

20:08:50.0673 9868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:08:50.0674 9868 NdisCap - ok

Link to post
Share on other sites

20:08:50.0687 9868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:08:50.0688 9868 NdisTapi - ok

20:08:50.0699 9868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:08:50.0700 9868 Ndisuio - ok

20:08:50.0717 9868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:08:50.0718 9868 NdisWan - ok

20:08:50.0738 9868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:08:50.0739 9868 NDProxy - ok

20:08:50.0754 9868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:08:50.0755 9868 NetBIOS - ok

20:08:50.0767 9868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:08:50.0769 9868 NetBT - ok

20:08:50.0784 9868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:08:50.0785 9868 Netlogon - ok

20:08:50.0812 9868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:08:50.0815 9868 Netman - ok

20:08:50.0862 9868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:50.0864 9868 NetMsmqActivator - ok

20:08:50.0868 9868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:50.0869 9868 NetPipeActivator - ok

20:08:50.0888 9868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:08:50.0892 9868 netprofm - ok

20:08:50.0896 9868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:50.0897 9868 NetTcpActivator - ok

20:08:50.0901 9868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:08:50.0903 9868 NetTcpPortSharing - ok

20:08:50.0937 9868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

20:08:50.0938 9868 nfrd960 - ok

20:08:50.0967 9868 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:08:50.0970 9868 NlaSvc - ok

20:08:50.0984 9868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:08:50.0985 9868 Npfs - ok

20:08:51.0004 9868 [ 686398C3A52EE6588948EAC0C01B126C ] NSD C:\Windows\system32\drivers\nsd.sys

20:08:51.0005 9868 NSD - ok

20:08:51.0014 9868 [ 2152DC8E58391562C9F07998C6FCCF8C ] Nsdfltr C:\Windows\system32\drivers\Nsdfltr.sys

20:08:51.0015 9868 Nsdfltr - ok

20:08:51.0031 9868 [ 486EC2BDC09FBAC5814032D38215010A ] NSDSvc C:\Windows\System32\NSDSvc.exe

20:08:51.0033 9868 NSDSvc - ok

20:08:51.0064 9868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:08:51.0067 9868 nsi - ok

20:08:51.0085 9868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:08:51.0087 9868 nsiproxy - ok

20:08:51.0154 9868 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:08:51.0170 9868 Ntfs - ok

20:08:51.0202 9868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:08:51.0203 9868 Null - ok

20:08:51.0450 9868 [ 9B635F8CC717E51F4780DF61B1BD74C0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:08:51.0501 9868 nvlddmkm - ok

20:08:51.0512 9868 [ 6077B62EADE7B4B692AFB92ACEA3A154 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

20:08:51.0513 9868 nvpciflt - ok

20:08:51.0529 9868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:08:51.0530 9868 nvraid - ok

20:08:51.0534 9868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:08:51.0535 9868 nvstor - ok

20:08:51.0563 9868 [ DE6940FB71C4CAE080A7F5D824A68EBE ] nvsvc C:\Windows\system32\nvvsvc.exe

20:08:51.0567 9868 nvsvc - ok

20:08:51.0621 9868 [ 0AEC60D3DB51C327E501FDEFE42EC4C1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:08:51.0630 9868 nvUpdatusService - ok

20:08:51.0634 9868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:08:51.0635 9868 nv_agp - ok

20:08:51.0640 9868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

20:08:51.0640 9868 ohci1394 - ok

20:08:51.0667 9868 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:08:51.0668 9868 ose - ok

20:08:51.0792 9868 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

20:08:51.0814 9868 osppsvc - ok

20:08:51.0839 9868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:08:51.0842 9868 p2pimsvc - ok

20:08:51.0863 9868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:08:51.0866 9868 p2psvc - ok

20:08:51.0876 9868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

20:08:51.0877 9868 Parport - ok

20:08:51.0906 9868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:08:51.0907 9868 partmgr - ok

20:08:51.0917 9868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:08:51.0919 9868 PcaSvc - ok

20:08:51.0937 9868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:08:51.0938 9868 pci - ok

20:08:51.0941 9868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:08:51.0942 9868 pciide - ok

20:08:51.0964 9868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

20:08:51.0966 9868 pcmcia - ok

20:08:51.0981 9868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:08:51.0981 9868 pcw - ok

20:08:52.0000 9868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:08:52.0003 9868 PEAUTH - ok

20:08:52.0096 9868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:08:52.0098 9868 PerfHost - ok

20:08:52.0161 9868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:08:52.0170 9868 pla - ok

20:08:52.0193 9868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:08:52.0197 9868 PlugPlay - ok

20:08:52.0209 9868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:08:52.0211 9868 PNRPAutoReg - ok

20:08:52.0218 9868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:08:52.0221 9868 PNRPsvc - ok

20:08:52.0250 9868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:08:52.0253 9868 PolicyAgent - ok

20:08:52.0275 9868 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:08:52.0278 9868 Power - ok

20:08:52.0304 9868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:08:52.0305 9868 PptpMiniport - ok

20:08:52.0332 9868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

20:08:52.0333 9868 Processor - ok

20:08:52.0360 9868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:08:52.0362 9868 ProfSvc - ok

20:08:52.0372 9868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:08:52.0374 9868 ProtectedStorage - ok

20:08:52.0383 9868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:08:52.0385 9868 Psched - ok

20:08:52.0422 9868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

20:08:52.0431 9868 ql2300 - ok

20:08:52.0436 9868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

20:08:52.0437 9868 ql40xx - ok

20:08:52.0461 9868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:08:52.0464 9868 QWAVE - ok

20:08:52.0480 9868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:08:52.0481 9868 QWAVEdrv - ok

20:08:52.0485 9868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:08:52.0486 9868 RasAcd - ok

20:08:52.0508 9868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:08:52.0509 9868 RasAgileVpn - ok

20:08:52.0518 9868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:08:52.0520 9868 RasAuto - ok

20:08:52.0529 9868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:08:52.0530 9868 Rasl2tp - ok

20:08:52.0544 9868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:08:52.0547 9868 RasMan - ok

20:08:52.0560 9868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:08:52.0561 9868 RasPppoe - ok

20:08:52.0575 9868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:08:52.0576 9868 RasSstp - ok

20:08:52.0612 9868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:08:52.0615 9868 rdbss - ok

20:08:52.0632 9868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

20:08:52.0633 9868 rdpbus - ok

20:08:52.0655 9868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:08:52.0656 9868 RDPCDD - ok

20:08:52.0675 9868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:08:52.0676 9868 RDPENCDD - ok

20:08:52.0689 9868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:08:52.0690 9868 RDPREFMP - ok

20:08:52.0722 9868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:08:52.0724 9868 RDPWD - ok

20:08:52.0739 9868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:08:52.0740 9868 rdyboost - ok

20:08:52.0773 9868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:08:52.0774 9868 RemoteAccess - ok

20:08:52.0791 9868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:08:52.0793 9868 RemoteRegistry - ok

20:08:52.0815 9868 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

20:08:52.0816 9868 RFCOMM - ok

20:08:52.0828 9868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:08:52.0829 9868 RpcEptMapper - ok

20:08:52.0862 9868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:08:52.0863 9868 RpcLocator - ok

20:08:52.0877 9868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:08:52.0882 9868 RpcSs - ok

20:08:52.0903 9868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:08:52.0904 9868 rspndr - ok

20:08:53.0066 9868 [ C736749AC756503C0F94D94F5BC39B0E ] rtsuvc C:\Windows\system32\DRIVERS\rtsuvc.sys

20:08:53.0097 9868 rtsuvc - ok

20:08:53.0106 9868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:08:53.0107 9868 SamSs - ok

20:08:53.0121 9868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:08:53.0122 9868 sbp2port - ok

20:08:53.0140 9868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:08:53.0142 9868 SCardSvr - ok

20:08:53.0151 9868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:08:53.0152 9868 scfilter - ok

20:08:53.0182 9868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:08:53.0187 9868 Schedule - ok

20:08:53.0217 9868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:08:53.0218 9868 SCPolicySvc - ok

20:08:53.0236 9868 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

20:08:53.0237 9868 sdbus - ok

20:08:53.0258 9868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:08:53.0259 9868 SDRSVC - ok

20:08:53.0286 9868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:08:53.0288 9868 secdrv - ok

20:08:53.0303 9868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:08:53.0306 9868 seclogon - ok

20:08:53.0319 9868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

20:08:53.0323 9868 SENS - ok

20:08:53.0333 9868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:08:53.0335 9868 SensrSvc - ok

20:08:53.0347 9868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

20:08:53.0347 9868 Serenum - ok

20:08:53.0351 9868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

20:08:53.0352 9868 Serial - ok

20:08:53.0355 9868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

20:08:53.0356 9868 sermouse - ok

20:08:53.0378 9868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:08:53.0380 9868 SessionEnv - ok

20:08:53.0382 9868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:08:53.0383 9868 sffdisk - ok

20:08:53.0386 9868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:08:53.0387 9868 sffp_mmc - ok

20:08:53.0389 9868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:08:53.0390 9868 sffp_sd - ok

20:08:53.0393 9868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

20:08:53.0394 9868 sfloppy - ok

20:08:53.0441 9868 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

20:08:53.0445 9868 Sftfs - ok

20:08:53.0511 9868 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

20:08:53.0516 9868 sftlist - ok

20:08:53.0532 9868 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

20:08:53.0535 9868 Sftplay - ok

20:08:53.0547 9868 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

20:08:53.0548 9868 Sftredir - ok

20:08:53.0558 9868 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

20:08:53.0559 9868 Sftvol - ok

20:08:53.0579 9868 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

20:08:53.0581 9868 sftvsa - ok

20:08:53.0611 9868 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:08:53.0614 9868 SharedAccess - ok

20:08:53.0652 9868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:08:53.0655 9868 ShellHWDetection - ok

20:08:53.0675 9868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

20:08:53.0676 9868 SiSRaid2 - ok

20:08:53.0685 9868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

20:08:53.0686 9868 SiSRaid4 - ok

20:08:53.0691 9868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:08:53.0692 9868 Smb - ok

20:08:53.0706 9868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:08:53.0708 9868 SNMPTRAP - ok

20:08:53.0724 9868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:08:53.0724 9868 spldr - ok

20:08:53.0758 9868 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:08:53.0765 9868 Spooler - ok

20:08:53.0843 9868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:08:53.0857 9868 sppsvc - ok

20:08:53.0869 9868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:08:53.0870 9868 sppuinotify - ok

20:08:53.0900 9868 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys

20:08:53.0903 9868 sptd - ok

20:08:53.0935 9868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:08:53.0940 9868 srv - ok

20:08:53.0958 9868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:08:53.0962 9868 srv2 - ok

20:08:53.0979 9868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:08:53.0981 9868 srvnet - ok

20:08:53.0998 9868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:08:54.0001 9868 SSDPSRV - ok

20:08:54.0011 9868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:08:54.0013 9868 SstpSvc - ok

20:08:54.0031 9868 Steam Client Service - ok

20:08:54.0053 9868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

20:08:54.0054 9868 stexstor - ok

20:08:54.0090 9868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:08:54.0098 9868 stisvc - ok

20:08:54.0117 9868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

20:08:54.0118 9868 swenum - ok

20:08:54.0144 9868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:08:54.0152 9868 swprv - ok

20:08:54.0182 9868 [ E6A9BD45EF10EFA2EB2D380A32FBA7B6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

20:08:54.0187 9868 SynTP - ok

20:08:54.0233 9868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:08:54.0251 9868 SysMain - ok

20:08:54.0268 9868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:08:54.0269 9868 TabletInputService - ok

20:08:54.0275 9868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:08:54.0277 9868 TapiSrv - ok

20:08:54.0288 9868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:08:54.0289 9868 TBS - ok

20:08:54.0357 9868 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:08:54.0371 9868 Tcpip - ok

20:08:54.0406 9868 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:08:54.0414 9868 TCPIP6 - ok

20:08:54.0447 9868 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:08:54.0448 9868 tcpipreg - ok

20:08:54.0470 9868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:08:54.0471 9868 TDPIPE - ok

20:08:54.0493 9868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:08:54.0493 9868 TDTCP - ok

20:08:54.0507 9868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:08:54.0508 9868 tdx - ok

20:08:54.0520 9868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

20:08:54.0521 9868 TermDD - ok

20:08:54.0549 9868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:08:54.0552 9868 TermService - ok

20:08:54.0568 9868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:08:54.0569 9868 Themes - ok

20:08:54.0597 9868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:08:54.0598 9868 THREADORDER - ok

20:08:54.0610 9868 [ 4C4554287AB3E0F84AE5101117B0C18E ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys

20:08:54.0611 9868 tmactmon - ok

20:08:54.0638 9868 [ E3485981980692756B6D4A561D718368 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys

20:08:54.0639 9868 tmcomm - ok

20:08:54.0648 9868 [ 1161F882B3CFA8076870A09924E0ADC2 ] tmeevw C:\Windows\system32\DRIVERS\tmeevw.sys

20:08:54.0649 9868 tmeevw - ok

20:08:54.0661 9868 [ 384C4A844E3DE65E26ED0639375C0D3B ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys

20:08:54.0662 9868 tmevtmgr - ok

20:08:54.0678 9868 [ F0AE672EE91E7F1EF24644621B57CA7F ] tmnciesc C:\Windows\system32\DRIVERS\tmnciesc.sys

20:08:54.0679 9868 tmnciesc - ok

20:08:54.0692 9868 [ 065CB7D9278D778FB9EF62CEAD01433F ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys

20:08:54.0693 9868 tmtdi - ok

20:08:54.0708 9868 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys

20:08:54.0708 9868 TPM - ok

20:08:54.0731 9868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:08:54.0733 9868 TrkWks - ok

20:08:54.0781 9868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:08:54.0784 9868 TrustedInstaller - ok

20:08:54.0817 9868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:08:54.0818 9868 tssecsrv - ok

20:08:54.0825 9868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:08:54.0827 9868 TsUsbFlt - ok

20:08:54.0833 9868 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

20:08:54.0834 9868 TsUsbGD - ok

20:08:54.0853 9868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:08:54.0855 9868 tunnel - ok

20:08:54.0862 9868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

20:08:54.0863 9868 uagp35 - ok

20:08:54.0882 9868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:08:54.0886 9868 udfs - ok

20:08:54.0911 9868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:08:54.0914 9868 UI0Detect - ok

20:08:54.0932 9868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:08:54.0933 9868 uliagpkx - ok

20:08:54.0954 9868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

20:08:54.0955 9868 umbus - ok

20:08:54.0960 9868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

20:08:54.0961 9868 UmPass - ok

20:08:55.0050 9868 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

20:08:55.0054 9868 UNS - ok

20:08:55.0072 9868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:08:55.0077 9868 upnphost - ok

20:08:55.0088 9868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

20:08:55.0090 9868 usbccgp - ok

20:08:55.0116 9868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:08:55.0117 9868 usbcir - ok

20:08:55.0134 9868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

20:08:55.0135 9868 usbehci - ok

20:08:55.0150 9868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:08:55.0152 9868 usbhub - ok

20:08:55.0170 9868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

20:08:55.0171 9868 usbohci - ok

20:08:55.0189 9868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:08:55.0190 9868 usbprint - ok

20:08:55.0212 9868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:08:55.0213 9868 USBSTOR - ok

20:08:55.0217 9868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

20:08:55.0217 9868 usbuhci - ok

20:08:55.0239 9868 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

20:08:55.0241 9868 usbvideo - ok

20:08:55.0267 9868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:08:55.0269 9868 UxSms - ok

20:08:55.0283 9868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:08:55.0284 9868 VaultSvc - ok

20:08:55.0301 9868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:08:55.0302 9868 vdrvroot - ok

20:08:55.0321 9868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:08:55.0325 9868 vds - ok

20:08:55.0329 9868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:08:55.0330 9868 vga - ok

20:08:55.0346 9868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:08:55.0347 9868 VgaSave - ok

20:08:55.0353 9868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:08:55.0355 9868 vhdmp - ok

20:08:55.0359 9868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:08:55.0360 9868 viaide - ok

20:08:55.0378 9868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:08:55.0379 9868 volmgr - ok

20:08:55.0399 9868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:08:55.0401 9868 volmgrx - ok

20:08:55.0418 9868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:08:55.0420 9868 volsnap - ok

20:08:55.0436 9868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

20:08:55.0437 9868 vsmraid - ok

20:08:55.0489 9868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:08:55.0503 9868 VSS - ok

20:08:55.0520 9868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

20:08:55.0522 9868 vwifibus - ok

20:08:55.0539 9868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

20:08:55.0540 9868 vwififlt - ok

20:08:55.0559 9868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:08:55.0564 9868 W32Time - ok

20:08:55.0571 9868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

20:08:55.0572 9868 WacomPen - ok

20:08:55.0590 9868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:08:55.0591 9868 WANARP - ok

20:08:55.0596 9868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:08:55.0598 9868 Wanarpv6 - ok

20:08:55.0654 9868 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:08:55.0666 9868 WatAdminSvc - ok

20:08:55.0713 9868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:08:55.0729 9868 wbengine - ok

20:08:55.0744 9868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:08:55.0746 9868 WbioSrvc - ok

20:08:55.0752 9868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:08:55.0755 9868 wcncsvc - ok

20:08:55.0773 9868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:08:55.0774 9868 WcsPlugInService - ok

20:08:55.0785 9868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

20:08:55.0786 9868 Wd - ok

20:08:55.0810 9868 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

20:08:55.0810 9868 WDC_SAM - ok

20:08:55.0839 9868 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:08:55.0842 9868 Wdf01000 - ok

20:08:55.0858 9868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:08:55.0860 9868 WdiServiceHost - ok

20:08:55.0863 9868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:08:55.0864 9868 WdiSystemHost - ok

20:08:55.0877 9868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:08:55.0879 9868 WebClient - ok

20:08:55.0891 9868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:08:55.0893 9868 Wecsvc - ok

20:08:55.0910 9868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:08:55.0912 9868 wercplsupport - ok

20:08:55.0920 9868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:08:55.0922 9868 WerSvc - ok

20:08:55.0932 9868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:08:55.0933 9868 WfpLwf - ok

20:08:55.0948 9868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:08:55.0948 9868 WIMMount - ok

20:08:55.0962 9868 WinDefend - ok

20:08:55.0967 9868 WinHttpAutoProxySvc - ok

20:08:56.0024 9868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:08:56.0028 9868 Winmgmt - ok

20:08:56.0096 9868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:08:56.0108 9868 WinRM - ok

20:08:56.0155 9868 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

20:08:56.0156 9868 WinUsb - ok

20:08:56.0194 9868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:08:56.0205 9868 Wlansvc - ok

20:08:56.0267 9868 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

20:08:56.0269 9868 wlcrasvc - ok

20:08:56.0344 9868 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:08:56.0363 9868 wlidsvc - ok

20:08:56.0381 9868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:08:56.0382 9868 WmiAcpi - ok

20:08:56.0409 9868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:08:56.0410 9868 wmiApSrv - ok

20:08:56.0420 9868 WMPNetworkSvc - ok

20:08:56.0429 9868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:08:56.0430 9868 WPCSvc - ok

20:08:56.0445 9868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:08:56.0447 9868 WPDBusEnum - ok

20:08:56.0479 9868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:08:56.0480 9868 ws2ifsl - ok

20:08:56.0500 9868 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

20:08:56.0504 9868 wscsvc - ok

20:08:56.0509 9868 WSearch - ok

20:08:56.0549 9868 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys

20:08:56.0551 9868 wsvd - ok

20:08:56.0629 9868 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:08:56.0643 9868 wuauserv - ok

20:08:56.0662 9868 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:08:56.0663 9868 WudfPf - ok

20:08:56.0679 9868 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:08:56.0680 9868 WUDFRd - ok

20:08:56.0716 9868 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:08:56.0718 9868 wudfsvc - ok

20:08:56.0743 9868 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

20:08:56.0748 9868 WwanSvc - ok

20:08:56.0766 9868 ================ Scan global ===============================

20:08:56.0794 9868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:08:56.0826 9868 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

20:08:56.0836 9868 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

20:08:56.0871 9868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:08:56.0903 9868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:08:56.0908 9868 [Global] - ok

20:08:56.0909 9868 ================ Scan MBR ==================================

20:08:56.0919 9868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:08:57.0142 9868 \Device\Harddisk0\DR0 - ok

20:08:57.0143 9868 ================ Scan VBR ==================================

20:08:57.0149 9868 [ 9A716BF46BD5170724216C8B0C1DAA85 ] \Device\Harddisk0\DR0\Partition1

20:08:57.0151 9868 \Device\Harddisk0\DR0\Partition1 - ok

20:08:57.0193 9868 [ 5C59C2CA7C9A5F09B296B48D0D9BA47E ] \Device\Harddisk0\DR0\Partition2

20:08:57.0195 9868 \Device\Harddisk0\DR0\Partition2 - ok

20:08:57.0229 9868 [ 5545B92525EC7FD8E11326F21339B3B8 ] \Device\Harddisk0\DR0\Partition3

20:08:57.0232 9868 \Device\Harddisk0\DR0\Partition3 - ok

20:08:57.0233 9868 ============================================================

20:08:57.0233 9868 Scan finished

20:08:57.0233 9868 ============================================================

20:08:57.0246 7084 Detected object count: 0

20:08:57.0246 7084 Actual detected object count: 0

Link to post
Share on other sites

Rougekiller Report Log

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Joon Kiat [Admin rights]

Mode : Scan -- Date : 01/02/2013 20:09:59

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD7500BPVT-24HXZT3 +++++

--- User ---

[MBR] 9ef84db3c6c42eba054153b38fe9851c

[bSP] c0fe9069e78d8bf455490306684b0a80 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 669122 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1370773504 | Size: 26080 Mo

3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1424185344 | Size: 20001 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01022013_02d2009.txt >>

RKreport[1]_S_01022013_02d2009.txt

Link to post
Share on other sites

Dear Maurice,

I have already finished running the scans and the reports are as follows below. Btw, there was another ip block today and it seems to be coming from svchost.exe.

IP-BLOCK 60.173.8.172 (Type: incoming, Port: 6666, Process: svchost.exe) 'this seems dubious to me' and the IP seems to be a foreign IP.

A few pointers: That is an "incoming" block. It's any frequent "Outgoing" blocks that one 'might' be concerned about.

More than that, svchost is a Windows component process and that won't be the culprit.

Keep in mind that the bad guys are "pinging" looking for vulnerabilities. So an MBAM block of an incoming item is a sign that MBAM is doing it's job.

BTW, you should tell me if you typically have an instant messenger program running.

Step 1

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Full Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

Step 2

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/us/online-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log

Step 3

Get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm

Steps to follow for the MVP Hosts file:

1) Download and SAVE the zip file to a temporary folder

2) Unzip (extract the contents) in the same folder

3) Temporarily disable your antivirus program. Some antivirus apps will block changes to the Hosts file; so turn it off.

4) After extract is complete, run mvps.bat batch file. This copies your pre-existing Hosts file to Hosts.mvp in the folder where Windows' Hosts resides

typically, C:\WINDOWS\system32\drivers\etc

and after that copy is saved, it replaces the old Hosts with the new one.

And you should see (in the blue background command window) the following:

_________________________________________________

¦ +---+¦

¦ THE MVPS HOSTS FILE IS NOW UPDATED ¦ v ¦¦

¦ +---+¦

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Previous version saved and renamed to HOSTS.MVP

Press any key to continue . . .

Find the folder where you saved the original download. Delete hosts.zip and a file folder there named hosts

The latter is the same folder that had mvps.bat

5) Re-enable your antivirus app.

The MVP Hosts file is updated from time to time. See http://msmvps.com/blogs/hostsnews

for information. And you can also sign-up for email notice when Mike publishes updates.

Link to post
Share on other sites

Dear Maurice,

Thank you for your prompt reply. Again I might take a while before I post the next few logs and no, I am not using any IM at the moment. Just a few questions. How are the logs looking so far? And does that mean I do not have to worry about incoming blocks? Also what does the MVP custom host files do.

Link to post
Share on other sites

So far, nothing major or fatal noticed.

Generally speaking, imho, I do not overly concern myself on incoming ip blocks ----not at least, unless it is the very same IP happening multiple times the same day.

The mvp hosts file adds another layer of protection to block outgoing connections to known bad sites, and will also reduce the number of ads when sebsurfing.

I believe if you read the F.a.q. section on that site, it will give you a better explanation.

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.02.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Joon Kiat :: JOONKIAT-PC [administrator]

Protection: Enabled

3/1/2013 4:58:08 PM

mbam-log-2013-01-03 (16-58-08).txt

Scan type: Full scan (C:\|D:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 412181

Time elapsed: 1 hour(s), 13 minute(s), 54 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

ESET Log - No threats found

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

Link to post
Share on other sites

Hi Maurice,

I have finished the 2 scans but I have yet to run MVP custom hosts file as I would like to know if this process is reversible or not. As in after the old Hosts files have been replaced, is it possible to reverse the process? Thanks. So if there is nothing major or fatal from the scans, what could cause the outgoing IP blocks?

Link to post
Share on other sites

Yes, it is reversible. The old copy will be saved and renamed to HOSTS.MVP in folder %windir%\SYSTEM32\DRIVERS\ETC\

I have no idea why the ip blocks occur.

Have you run the ESET Online scan ??

At the next opportunity, do the following:

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member silent_orchestra91 only. If you are a casual viewer, do NOT try this on your system!

If you are not silent_orchestra91 and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.