Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

this program cannot display this page [Solved]


  • This topic is locked This topic is locked

#16
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

How your machine is performing now, also do you have Malwarebytes' Anti-Malware installed or not ?

Scan with TDSSKiller:

Please download TDSSKiller.zip and extract (unzip) it to your Desktop.

  • Right-click on TDSSKiller.exe to launch it.
  • When the window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C:
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!

Scan with FSS:

Please download Farbar Service Scanner and save to your Desktop.

  • Right-click FSS.exe and select Run as Administrator to start the program.
  • Select all available options
  • Then click on the Scan tab.
  • When the scan is complete, it will produce a log named FSS.txt.
  • Post the contents in your next reply.

  • 0

Advertisements


#17
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
I do have malware bytes, haven't run it though. My comp seems to be doing ok.

here is one log:
Farbar Service Scanner Version: 07-11-2012
Ran by Maria (administrator) on 06-11-2012 at 16:27:02
Running from "C:\Users\Maria\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Other log:

16:23:24.0565 2560 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:23:25.0095 2560 ============================================================
16:23:25.0095 2560 Current date / time: 2012/11/06 16:23:25.0095
16:23:25.0095 2560 SystemInfo:
16:23:25.0095 2560
16:23:25.0095 2560 OS Version: 6.1.7601 ServicePack: 1.0
16:23:25.0095 2560 Product type: Workstation
16:23:25.0096 2560 ComputerName: MARIA-PC
16:23:25.0096 2560 UserName: Maria
16:23:25.0096 2560 Windows directory: C:\Windows
16:23:25.0096 2560 System windows directory: C:\Windows
16:23:25.0096 2560 Running under WOW64
16:23:25.0096 2560 Processor architecture: Intel x64
16:23:25.0096 2560 Number of processors: 2
16:23:25.0096 2560 Page size: 0x1000
16:23:25.0096 2560 Boot type: Normal boot
16:23:25.0096 2560 ============================================================
16:23:25.0772 2560 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:23:25.0777 2560 ============================================================
16:23:25.0777 2560 \Device\Harddisk0\DR0:
16:23:25.0777 2560 MBR partitions:
16:23:25.0777 2560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2710040, BlocksNum 0xE8E1C28
16:23:25.0779 2560 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF2468, BlocksNum 0x29393BC8
16:23:25.0779 2560 ============================================================
16:23:25.0789 2560 C: <-> \Device\Harddisk0\DR0\Partition1
16:23:25.0796 2560 D: <-> \Device\Harddisk0\DR0\Partition2
16:23:25.0796 2560 ============================================================
16:23:25.0797 2560 Initialize success
16:23:25.0797 2560 ============================================================
16:24:12.0593 5316 ============================================================
16:24:12.0593 5316 Scan started
16:24:12.0593 5316 Mode: Manual; SigCheck; TDLFS;
16:24:12.0593 5316 ============================================================
16:24:13.0228 5316 ================ Scan system memory ========================
16:24:13.0228 5316 System memory - ok
16:24:13.0229 5316 ================ Scan services =============================
16:24:13.0270 5316 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:24:13.0365 5316 !SASCORE - ok
16:24:13.0432 5316 0124791352234265mcinstcleanup - ok
16:24:13.0510 5316 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:24:13.0635 5316 1394ohci - ok
16:24:13.0672 5316 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:24:13.0695 5316 ACPI - ok
16:24:13.0719 5316 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:24:13.0823 5316 AcpiPmi - ok
16:24:13.0844 5316 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:24:13.0860 5316 AdobeARMservice - ok
16:24:13.0970 5316 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:24:13.0998 5316 AdobeFlashPlayerUpdateSvc - ok
16:24:14.0025 5316 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:24:14.0059 5316 adp94xx - ok
16:24:14.0079 5316 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:24:14.0117 5316 adpahci - ok
16:24:14.0141 5316 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:24:14.0166 5316 adpu320 - ok
16:24:14.0195 5316 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
16:24:14.0219 5316 ADSMService ( UnsignedFile.Multi.Generic ) - warning
16:24:14.0219 5316 ADSMService - detected UnsignedFile.Multi.Generic (1)
16:24:14.0226 5316 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:24:14.0343 5316 AeLookupSvc - ok
16:24:14.0380 5316 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe
16:24:14.0479 5316 AFBAgent - ok
16:24:14.0516 5316 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:24:14.0616 5316 AFD - ok
16:24:14.0624 5316 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:24:14.0644 5316 agp440 - ok
16:24:14.0651 5316 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:24:14.0685 5316 ALG - ok
16:24:14.0698 5316 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:24:14.0717 5316 aliide - ok
16:24:14.0724 5316 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:24:14.0742 5316 amdide - ok
16:24:14.0748 5316 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:24:14.0800 5316 AmdK8 - ok
16:24:14.0806 5316 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:24:14.0850 5316 AmdPPM - ok
16:24:14.0868 5316 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:24:14.0939 5316 amdsata - ok
16:24:14.0948 5316 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:24:14.0973 5316 amdsbs - ok
16:24:14.0979 5316 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:24:15.0083 5316 amdxata - ok
16:24:15.0092 5316 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:24:15.0332 5316 AppID - ok
16:24:15.0350 5316 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:24:15.0410 5316 AppIDSvc - ok
16:24:15.0416 5316 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:24:15.0470 5316 Appinfo - ok
16:24:15.0500 5316 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:24:15.0520 5316 arc - ok
16:24:15.0527 5316 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:24:15.0550 5316 arcsas - ok
16:24:15.0573 5316 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
16:24:15.0639 5316 AsDsm - ok
16:24:15.0670 5316 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:24:15.0684 5316 ASLDRService - ok
16:24:15.0691 5316 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:24:15.0765 5316 ASMMAP64 - ok
16:24:15.0775 5316 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:24:15.0827 5316 AsyncMac - ok
16:24:15.0834 5316 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:24:15.0852 5316 atapi - ok
16:24:15.0891 5316 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:24:16.0012 5316 athr - ok
16:24:16.0018 5316 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:24:16.0032 5316 ATKGFNEXSrv - ok
16:24:16.0059 5316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:24:16.0177 5316 AudioEndpointBuilder - ok
16:24:16.0191 5316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:24:16.0244 5316 AudioSrv - ok
16:24:16.0271 5316 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:24:16.0385 5316 AxInstSV - ok
16:24:16.0407 5316 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:24:16.0457 5316 b06bdrv - ok
16:24:16.0493 5316 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:24:16.0532 5316 b57nd60a - ok
16:24:16.0549 5316 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:24:16.0603 5316 BBSvc - ok
16:24:16.0632 5316 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:24:16.0654 5316 BBUpdate - ok
16:24:16.0681 5316 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:24:16.0744 5316 BDESVC - ok
16:24:16.0759 5316 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:24:16.0821 5316 Beep - ok
16:24:16.0837 5316 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:24:16.0868 5316 blbdrive - ok
16:24:16.0879 5316 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:24:16.0969 5316 bowser - ok
16:24:16.0974 5316 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:24:17.0039 5316 BrFiltLo - ok
16:24:17.0044 5316 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:24:17.0071 5316 BrFiltUp - ok
16:24:17.0111 5316 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:24:17.0172 5316 BridgeMP - ok
16:24:17.0182 5316 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:24:17.0274 5316 Browser - ok
16:24:17.0294 5316 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:24:17.0348 5316 Brserid - ok
16:24:17.0354 5316 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:24:17.0387 5316 BrSerWdm - ok
16:24:17.0393 5316 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:24:17.0432 5316 BrUsbMdm - ok
16:24:17.0437 5316 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:24:17.0459 5316 BrUsbSer - ok
16:24:17.0465 5316 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:24:17.0489 5316 BTHMODEM - ok
16:24:17.0499 5316 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:24:17.0558 5316 bthserv - ok
16:24:17.0595 5316 catchme - ok
16:24:17.0604 5316 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:24:17.0657 5316 cdfs - ok
16:24:17.0674 5316 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:24:17.0774 5316 cdrom - ok
16:24:17.0800 5316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:24:17.0939 5316 CertPropSvc - ok
16:24:17.0946 5316 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:24:18.0026 5316 cfwids - ok
16:24:18.0033 5316 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:24:18.0057 5316 circlass - ok
16:24:18.0073 5316 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:24:18.0104 5316 CLFS - ok
16:24:18.0132 5316 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:24:18.0159 5316 clr_optimization_v2.0.50727_32 - ok
16:24:18.0188 5316 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:24:18.0221 5316 clr_optimization_v2.0.50727_64 - ok
16:24:18.0238 5316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:24:18.0319 5316 clr_optimization_v4.0.30319_32 - ok
16:24:18.0343 5316 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:24:18.0384 5316 clr_optimization_v4.0.30319_64 - ok
16:24:18.0392 5316 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:24:18.0425 5316 CmBatt - ok
16:24:18.0432 5316 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:24:18.0450 5316 cmdide - ok
16:24:18.0491 5316 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:24:18.0573 5316 CNG - ok
16:24:18.0597 5316 [ 7247A4D0875F5F28919E0787E11B7B57 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
16:24:18.0693 5316 CnxtHdAudService - ok
16:24:18.0699 5316 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:24:18.0719 5316 Compbatt - ok
16:24:18.0726 5316 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:24:18.0827 5316 CompositeBus - ok
16:24:18.0831 5316 COMSysApp - ok
16:24:18.0868 5316 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:24:18.0886 5316 crcdisk - ok
16:24:18.0900 5316 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:24:18.0966 5316 CryptSvc - ok
16:24:18.0991 5316 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:24:19.0026 5316 cvhsvc - ok
16:24:19.0054 5316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:24:19.0120 5316 DcomLaunch - ok
16:24:19.0151 5316 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:24:19.0230 5316 defragsvc - ok
16:24:19.0237 5316 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:24:19.0391 5316 DfsC - ok
16:24:19.0413 5316 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:24:19.0509 5316 Dhcp - ok
16:24:19.0538 5316 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:24:19.0598 5316 discache - ok
16:24:19.0620 5316 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:24:19.0638 5316 Disk - ok
16:24:19.0648 5316 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:24:19.0737 5316 Dnscache - ok
16:24:19.0748 5316 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:24:19.0846 5316 dot3svc - ok
16:24:19.0854 5316 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:24:19.0908 5316 DPS - ok
16:24:19.0918 5316 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:24:19.0948 5316 drmkaud - ok
16:24:19.0980 5316 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:24:20.0093 5316 DXGKrnl - ok
16:24:20.0101 5316 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:24:20.0162 5316 EapHost - ok
16:24:20.0232 5316 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:24:20.0366 5316 ebdrv - ok
16:24:20.0380 5316 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:24:20.0419 5316 EFS - ok
16:24:20.0455 5316 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:24:20.0517 5316 ehRecvr - ok
16:24:20.0523 5316 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:24:20.0564 5316 ehSched - ok
16:24:20.0601 5316 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:24:20.0634 5316 elxstor - ok
16:24:20.0660 5316 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:24:20.0700 5316 ErrDev - ok
16:24:20.0709 5316 [ E59037B5A671A67C579CBEF0439A5DD1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:24:20.0827 5316 ETD - ok
16:24:20.0873 5316 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:24:20.0993 5316 EventSystem - ok
16:24:21.0001 5316 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:24:21.0056 5316 exfat - ok
16:24:21.0066 5316 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:24:21.0121 5316 fastfat - ok
16:24:21.0150 5316 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:24:21.0196 5316 Fax - ok
16:24:21.0202 5316 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:24:21.0228 5316 fdc - ok
16:24:21.0235 5316 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:24:21.0291 5316 fdPHost - ok
16:24:21.0297 5316 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:24:21.0346 5316 FDResPub - ok
16:24:21.0360 5316 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:24:21.0379 5316 FileInfo - ok
16:24:21.0386 5316 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:24:21.0445 5316 Filetrace - ok
16:24:21.0450 5316 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:24:21.0472 5316 flpydisk - ok
16:24:21.0492 5316 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:24:21.0563 5316 FltMgr - ok
16:24:21.0609 5316 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:24:21.0705 5316 FontCache - ok
16:24:21.0711 5316 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:21.0725 5316 FontCache3.0.0.0 - ok
16:24:21.0731 5316 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:24:21.0751 5316 FsDepends - ok
16:24:21.0758 5316 [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:24:21.0833 5316 fssfltr - ok
16:24:21.0868 5316 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:24:21.0894 5316 fsssvc - ok
16:24:21.0899 5316 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:24:21.0977 5316 Fs_Rec - ok
16:24:22.0004 5316 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:24:22.0095 5316 fvevol - ok
16:24:22.0101 5316 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:24:22.0123 5316 gagp30kx - ok
16:24:22.0152 5316 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:24:22.0228 5316 gpsvc - ok
16:24:22.0244 5316 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:24:22.0288 5316 hcw85cir - ok
16:24:22.0327 5316 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:24:22.0406 5316 HdAudAddService - ok
16:24:22.0414 5316 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:24:22.0444 5316 HDAudBus - ok
16:24:22.0457 5316 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:24:22.0525 5316 HECIx64 - ok
16:24:22.0532 5316 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:24:22.0557 5316 HidBatt - ok
16:24:22.0563 5316 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:24:22.0598 5316 HidBth - ok
16:24:22.0603 5316 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:24:22.0634 5316 HidIr - ok
16:24:22.0653 5316 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:24:22.0708 5316 hidserv - ok
16:24:22.0720 5316 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:24:22.0790 5316 HidUsb - ok
16:24:22.0801 5316 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
16:24:22.0869 5316 HipShieldK - ok
16:24:22.0877 5316 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:24:22.0969 5316 hkmsvc - ok
16:24:22.0986 5316 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:24:23.0071 5316 HomeGroupListener - ok
16:24:23.0081 5316 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:24:23.0104 5316 HomeGroupProvider - ok
16:24:23.0113 5316 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:24:23.0199 5316 HpSAMD - ok
16:24:23.0229 5316 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:24:23.0355 5316 HTTP - ok
16:24:23.0373 5316 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:24:23.0437 5316 hwpolicy - ok
16:24:23.0448 5316 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:24:23.0473 5316 i8042prt - ok
16:24:23.0507 5316 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:24:23.0526 5316 iaStor - ok
16:24:23.0548 5316 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:24:23.0642 5316 iaStorV - ok
16:24:23.0678 5316 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:24:23.0711 5316 idsvc - ok
16:24:23.0926 5316 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:24:24.0332 5316 igfx - ok
16:24:24.0363 5316 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:24:24.0384 5316 iirsp - ok
16:24:24.0431 5316 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:24:24.0546 5316 IKEEXT - ok
16:24:24.0556 5316 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:24:24.0659 5316 Impcd - ok
16:24:24.0696 5316 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:24:24.0817 5316 IntcDAud - ok
16:24:24.0822 5316 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:24:24.0840 5316 intelide - ok
16:24:24.0847 5316 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:24:24.0874 5316 intelppm - ok
16:24:24.0902 5316 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:24:24.0969 5316 IPBusEnum - ok
16:24:24.0999 5316 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:24:25.0109 5316 IpFilterDriver - ok
16:24:25.0134 5316 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:24:25.0223 5316 IPMIDRV - ok
16:24:25.0230 5316 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:24:25.0291 5316 IPNAT - ok
16:24:25.0320 5316 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:24:25.0367 5316 IRENUM - ok
16:24:25.0375 5316 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:24:25.0393 5316 isapnp - ok
16:24:25.0438 5316 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:24:25.0524 5316 iScsiPrt - ok
16:24:25.0556 5316 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:24:25.0625 5316 JMCR - ok
16:24:25.0632 5316 [ DE4B2249D95C7815D06A39EA5FF4EE53 ] JME C:\Windows\system32\DRIVERS\JME.sys
16:24:25.0699 5316 JME - ok
16:24:25.0705 5316 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:24:25.0726 5316 kbdclass - ok
16:24:25.0738 5316 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:24:25.0829 5316 kbdhid - ok
16:24:25.0834 5316 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
16:24:25.0900 5316 kbfiltr - ok
16:24:25.0906 5316 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:24:25.0926 5316 KeyIso - ok
16:24:25.0939 5316 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:24:25.0996 5316 KSecDD - ok
16:24:26.0008 5316 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:24:26.0105 5316 KSecPkg - ok
16:24:26.0110 5316 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:24:26.0172 5316 ksthunk - ok
16:24:26.0203 5316 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:24:26.0279 5316 KtmRm - ok
16:24:26.0290 5316 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:24:26.0387 5316 LanmanServer - ok
16:24:26.0410 5316 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:24:26.0513 5316 LanmanWorkstation - ok
16:24:26.0531 5316 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:24:26.0595 5316 lltdio - ok
16:24:26.0619 5316 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:24:26.0678 5316 lltdsvc - ok
16:24:26.0683 5316 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:24:26.0737 5316 lmhosts - ok
16:24:26.0755 5316 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:24:26.0774 5316 LMS ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0775 5316 LMS - detected UnsignedFile.Multi.Generic (1)
16:24:26.0783 5316 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:24:26.0804 5316 LSI_FC - ok
16:24:26.0809 5316 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:24:26.0830 5316 LSI_SAS - ok
16:24:26.0835 5316 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:24:26.0854 5316 LSI_SAS2 - ok
16:24:26.0861 5316 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:24:26.0883 5316 LSI_SCSI - ok
16:24:26.0890 5316 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:24:26.0952 5316 luafv - ok
16:24:26.0958 5316 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
16:24:27.0026 5316 lullaby - ok
16:24:27.0054 5316 [ 23A854450DAB5C9B7A42AB9BE6F2E4BD ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:24:27.0121 5316 MBAMProtector - ok
16:24:27.0151 5316 [ 94E920BE59B9AB65D95E582DBAA136AC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:24:27.0174 5316 MBAMService - ok
16:24:27.0200 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0270 5316 McAfee SiteAdvisor Service - ok
16:24:27.0276 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0299 5316 McMPFSvc - ok
16:24:27.0329 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0346 5316 mcmscsvc - ok
16:24:27.0351 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0368 5316 McNaiAnn - ok
16:24:27.0374 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0391 5316 McNASvc - ok
16:24:27.0442 5316 [ 9EF2FF066F067C140EB2CB776104C602 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
16:24:27.0466 5316 McODS - ok
16:24:27.0472 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:27.0489 5316 McProxy - ok
16:24:27.0510 5316 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:24:27.0529 5316 McShield - ok
16:24:27.0548 5316 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:24:27.0636 5316 Mcx2Svc - ok
16:24:27.0641 5316 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:24:27.0663 5316 megasas - ok
16:24:27.0672 5316 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:24:27.0700 5316 MegaSR - ok
16:24:27.0726 5316 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:24:27.0796 5316 mfeapfk - ok
16:24:27.0814 5316 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:24:27.0891 5316 mfeavfk - ok
16:24:27.0895 5316 mfeavfk01 - ok
16:24:27.0917 5316 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:24:27.0934 5316 mfefire - ok
16:24:27.0954 5316 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:24:28.0041 5316 mfefirek - ok
16:24:28.0070 5316 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:24:28.0158 5316 mfehidk - ok
16:24:28.0166 5316 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:24:28.0235 5316 mferkdet - ok
16:24:28.0250 5316 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
16:24:28.0269 5316 mfevtp - ok
16:24:28.0292 5316 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:24:28.0367 5316 mfewfpk - ok
16:24:28.0374 5316 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:24:28.0430 5316 MMCSS - ok
16:24:28.0443 5316 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
16:24:28.0465 5316 MOBKbackup - ok
16:24:28.0473 5316 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
16:24:28.0542 5316 MOBKFilter - ok
16:24:28.0547 5316 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:24:28.0615 5316 Modem - ok
16:24:28.0620 5316 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:24:28.0655 5316 monitor - ok
16:24:28.0661 5316 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:24:28.0683 5316 mouclass - ok
16:24:28.0692 5316 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:24:28.0771 5316 mouhid - ok
16:24:28.0782 5316 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:24:28.0855 5316 mountmgr - ok
16:24:28.0893 5316 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:24:28.0911 5316 MozillaMaintenance - ok
16:24:28.0943 5316 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:24:29.0029 5316 mpio - ok
16:24:29.0060 5316 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:24:29.0112 5316 mpsdrv - ok
16:24:29.0121 5316 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:24:29.0215 5316 MRxDAV - ok
16:24:29.0229 5316 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:24:29.0351 5316 mrxsmb - ok
16:24:29.0385 5316 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:24:29.0478 5316 mrxsmb10 - ok
16:24:29.0499 5316 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:24:29.0572 5316 mrxsmb20 - ok
16:24:29.0581 5316 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:24:29.0660 5316 msahci - ok
16:24:29.0668 5316 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:24:29.0748 5316 msdsm - ok
16:24:29.0757 5316 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:24:29.0795 5316 MSDTC - ok
16:24:29.0822 5316 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:24:29.0872 5316 Msfs - ok
16:24:29.0885 5316 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:24:29.0937 5316 mshidkmdf - ok
16:24:29.0943 5316 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:24:29.0964 5316 msisadrv - ok
16:24:29.0985 5316 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:24:30.0042 5316 MSiSCSI - ok
16:24:30.0046 5316 msiserver - ok
16:24:30.0070 5316 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:24:30.0087 5316 MSK80Service - ok
16:24:30.0092 5316 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:30.0152 5316 MSKSSRV - ok
16:24:30.0173 5316 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:30.0232 5316 MSPCLOCK - ok
16:24:30.0240 5316 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:30.0300 5316 MSPQM - ok
16:24:30.0336 5316 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:30.0401 5316 MsRPC - ok
16:24:30.0425 5316 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:24:30.0442 5316 mssmbios - ok
16:24:30.0448 5316 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:30.0498 5316 MSTEE - ok
16:24:30.0503 5316 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:24:30.0524 5316 MTConfig - ok
16:24:30.0531 5316 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:24:30.0609 5316 MTsensor - ok
16:24:30.0616 5316 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:30.0638 5316 Mup - ok
16:24:30.0654 5316 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:24:30.0763 5316 napagent - ok
16:24:30.0777 5316 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:30.0826 5316 NativeWifiP - ok
16:24:30.0859 5316 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:30.0900 5316 NDIS - ok
16:24:30.0905 5316 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:24:30.0967 5316 NdisCap - ok
16:24:30.0992 5316 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:31.0043 5316 NdisTapi - ok
16:24:31.0049 5316 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:31.0171 5316 Ndisuio - ok
16:24:31.0181 5316 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:31.0293 5316 NdisWan - ok
16:24:31.0301 5316 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:31.0396 5316 NDProxy - ok
16:24:31.0419 5316 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:24:31.0468 5316 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:24:31.0468 5316 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:24:31.0474 5316 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:31.0532 5316 NetBIOS - ok
16:24:31.0547 5316 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:24:31.0665 5316 NetBT - ok
16:24:31.0671 5316 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:24:31.0691 5316 Netlogon - ok
16:24:31.0704 5316 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:24:31.0765 5316 Netman - ok
16:24:31.0785 5316 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:24:31.0843 5316 netprofm - ok
16:24:31.0849 5316 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:24:31.0865 5316 NetTcpPortSharing - ok
16:24:31.0873 5316 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:24:31.0893 5316 nfrd960 - ok
16:24:31.0905 5316 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:32.0001 5316 NlaSvc - ok
16:24:32.0021 5316 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:32.0070 5316 Npfs - ok
16:24:32.0076 5316 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:24:32.0130 5316 nsi - ok
16:24:32.0136 5316 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:32.0201 5316 nsiproxy - ok
16:24:32.0245 5316 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:32.0355 5316 Ntfs - ok
16:24:32.0361 5316 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:24:32.0413 5316 Null - ok
16:24:32.0422 5316 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:24:32.0496 5316 nvraid - ok
16:24:32.0505 5316 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:24:32.0601 5316 nvstor - ok
16:24:32.0642 5316 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:24:32.0666 5316 nv_agp - ok
16:24:32.0672 5316 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:24:32.0699 5316 ohci1394 - ok
16:24:32.0706 5316 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:24:32.0723 5316 ose - ok
16:24:32.0839 5316 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:24:33.0011 5316 osppsvc - ok
16:24:33.0027 5316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:24:33.0085 5316 p2pimsvc - ok
16:24:33.0115 5316 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:24:33.0149 5316 p2psvc - ok
16:24:33.0179 5316 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:24:33.0203 5316 Parport - ok
16:24:33.0223 5316 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:24:33.0316 5316 partmgr - ok
16:24:33.0338 5316 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:24:33.0382 5316 PcaSvc - ok
16:24:33.0392 5316 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:24:33.0469 5316 pci - ok
16:24:33.0475 5316 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:24:33.0495 5316 pciide - ok
16:24:33.0502 5316 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:24:33.0526 5316 pcmcia - ok
16:24:33.0551 5316 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:24:33.0571 5316 pcw - ok
16:24:33.0622 5316 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:24:33.0723 5316 PEAUTH - ok
16:24:33.0793 5316 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:24:33.0836 5316 PerfHost - ok
16:24:33.0895 5316 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:24:34.0014 5316 pla - ok
16:24:34.0041 5316 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:24:34.0130 5316 PlugPlay - ok
16:24:34.0137 5316 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:24:34.0208 5316 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:24:34.0208 5316 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:24:34.0220 5316 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:24:34.0259 5316 PNRPAutoReg - ok
16:24:34.0276 5316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:24:34.0300 5316 PNRPsvc - ok
16:24:34.0344 5316 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:24:34.0440 5316 PolicyAgent - ok
16:24:34.0451 5316 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:24:34.0509 5316 Power - ok
16:24:34.0517 5316 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:24:34.0622 5316 PptpMiniport - ok
16:24:34.0656 5316 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:24:34.0691 5316 Processor - ok
16:24:34.0734 5316 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:24:34.0812 5316 ProfSvc - ok
16:24:34.0818 5316 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:24:34.0842 5316 ProtectedStorage - ok
16:24:34.0850 5316 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:24:34.0913 5316 Psched - ok
16:24:34.0975 5316 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:24:35.0053 5316 ql2300 - ok
16:24:35.0069 5316 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:24:35.0089 5316 ql40xx - ok
16:24:35.0113 5316 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:24:35.0147 5316 QWAVE - ok
16:24:35.0152 5316 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:24:35.0187 5316 QWAVEdrv - ok
16:24:35.0194 5316 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:24:35.0245 5316 RasAcd - ok
16:24:35.0251 5316 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:24:35.0301 5316 RasAgileVpn - ok
16:24:35.0307 5316 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:24:35.0365 5316 RasAuto - ok
16:24:35.0374 5316 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:24:35.0483 5316 Rasl2tp - ok
16:24:35.0502 5316 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:24:35.0597 5316 RasMan - ok
16:24:35.0624 5316 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:24:35.0677 5316 RasPppoe - ok
16:24:35.0701 5316 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:24:35.0751 5316 RasSstp - ok
16:24:35.0785 5316 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:24:35.0902 5316 rdbss - ok
16:24:35.0907 5316 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:24:35.0948 5316 rdpbus - ok
16:24:35.0969 5316 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:24:36.0018 5316 RDPCDD - ok
16:24:36.0043 5316 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:24:36.0100 5316 RDPENCDD - ok
16:24:36.0108 5316 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:24:36.0157 5316 RDPREFMP - ok
16:24:36.0168 5316 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:24:36.0272 5316 RDPWD - ok
16:24:36.0283 5316 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:24:36.0368 5316 rdyboost - ok
16:24:36.0390 5316 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:24:36.0451 5316 RemoteAccess - ok
16:24:36.0467 5316 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:24:36.0530 5316 RemoteRegistry - ok
16:24:36.0537 5316 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:24:36.0604 5316 RpcEptMapper - ok
16:24:36.0609 5316 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:24:36.0633 5316 RpcLocator - ok
16:24:36.0659 5316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
16:24:36.0716 5316 RpcSs - ok
16:24:36.0751 5316 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:24:36.0802 5316 rspndr - ok
16:24:36.0809 5316 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:24:36.0828 5316 SamSs - ok
16:24:36.0858 5316 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:24:36.0871 5316 SASDIFSV - ok
16:24:36.0875 5316 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:24:36.0940 5316 SASKUTIL - ok
16:24:36.0967 5316 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:24:37.0041 5316 sbp2port - ok
16:24:37.0064 5316 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:24:37.0122 5316 SCardSvr - ok
16:24:37.0128 5316 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:24:37.0258 5316 scfilter - ok
16:24:37.0289 5316 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:24:37.0417 5316 Schedule - ok
16:24:37.0425 5316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:24:37.0473 5316 SCPolicySvc - ok
16:24:37.0481 5316 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:24:37.0589 5316 sdbus - ok
16:24:37.0617 5316 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:24:37.0718 5316 SDRSVC - ok
16:24:37.0723 5316 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:24:37.0774 5316 secdrv - ok
16:24:37.0802 5316 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:24:37.0893 5316 seclogon - ok
16:24:37.0899 5316 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
16:24:37.0953 5316 SENS - ok
16:24:37.0972 5316 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:24:38.0006 5316 SensrSvc - ok
16:24:38.0028 5316 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:24:38.0048 5316 Serenum - ok
16:24:38.0053 5316 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:24:38.0074 5316 Serial - ok
16:24:38.0100 5316 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:24:38.0121 5316 sermouse - ok
16:24:38.0135 5316 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:24:38.0259 5316 SessionEnv - ok
16:24:38.0286 5316 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:24:38.0330 5316 sffdisk - ok
16:24:38.0357 5316 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:24:38.0392 5316 sffp_mmc - ok
16:24:38.0397 5316 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:24:38.0479 5316 sffp_sd - ok
16:24:38.0483 5316 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:24:38.0506 5316 sfloppy - ok
16:24:38.0537 5316 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:24:38.0624 5316 Sftfs - ok
16:24:38.0646 5316 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:24:38.0677 5316 sftlist - ok
16:24:38.0695 5316 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:24:38.0778 5316 Sftplay - ok
16:24:38.0784 5316 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:24:38.0930 5316 Sftredir - ok
16:24:38.0936 5316 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:24:39.0019 5316 Sftvol - ok
16:24:39.0045 5316 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:24:39.0063 5316 sftvsa - ok
16:24:39.0102 5316 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:24:39.0157 5316 ShellHWDetection - ok
16:24:39.0174 5316 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
16:24:39.0202 5316 SiSGbeLH - ok
16:24:39.0209 5316 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:24:39.0230 5316 SiSRaid2 - ok
16:24:39.0235 5316 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:24:39.0258 5316 SiSRaid4 - ok
16:24:39.0269 5316 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:24:39.0286 5316 SkypeUpdate - ok
16:24:39.0294 5316 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:24:39.0355 5316 Smb - ok
16:24:39.0380 5316 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:24:39.0403 5316 SNMPTRAP - ok
16:24:39.0440 5316 [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:24:39.0543 5316 SNP2UVC - ok
16:24:39.0564 5316 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:24:39.0584 5316 spldr - ok
16:24:39.0609 5316 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:24:39.0658 5316 Spooler - ok
16:24:39.0737 5316 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:24:39.0896 5316 sppsvc - ok
16:24:39.0936 5316 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:24:39.0994 5316 sppuinotify - ok
16:24:40.0012 5316 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:24:40.0124 5316 srv - ok
16:24:40.0155 5316 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:24:40.0231 5316 srv2 - ok
16:24:40.0240 5316 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:24:40.0312 5316 srvnet - ok
16:24:40.0331 5316 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:24:40.0391 5316 SSDPSRV - ok
16:24:40.0412 5316 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:24:40.0469 5316 SstpSvc - ok
16:24:40.0498 5316 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:24:40.0517 5316 stexstor - ok
16:24:40.0548 5316 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:24:40.0682 5316 stisvc - ok
16:24:40.0688 5316 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:24:40.0712 5316 swenum - ok
16:24:40.0744 5316 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:24:40.0817 5316 swprv - ok
16:24:40.0874 5316 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:24:40.0990 5316 SysMain - ok
16:24:41.0019 5316 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:24:41.0086 5316 TabletInputService - ok
16:24:41.0103 5316 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:24:41.0212 5316 TapiSrv - ok
16:24:41.0219 5316 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:24:41.0272 5316 TBS - ok
16:24:41.0312 5316 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:24:41.0445 5316 Tcpip - ok
16:24:41.0494 5316 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:24:41.0544 5316 TCPIP6 - ok
16:24:41.0555 5316 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:24:41.0666 5316 tcpipreg - ok
16:24:41.0673 5316 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:24:41.0710 5316 TDPIPE - ok
16:24:41.0716 5316 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:24:41.0806 5316 TDTCP - ok
16:24:41.0814 5316 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:24:41.0920 5316 tdx - ok
16:24:41.0939 5316 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:24:42.0014 5316 TermDD - ok
16:24:42.0042 5316 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:24:42.0160 5316 TermService - ok
16:24:42.0165 5316 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:24:42.0212 5316 Themes - ok
16:24:42.0218 5316 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:24:42.0272 5316 THREADORDER - ok
16:24:42.0300 5316 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:24:42.0358 5316 TrkWks - ok
16:24:42.0368 5316 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:24:42.0457 5316 TrustedInstaller - ok
16:24:42.0467 5316 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:24:42.0588 5316 tssecsrv - ok
16:24:42.0610 5316 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:24:42.0712 5316 TsUsbFlt - ok
16:24:42.0720 5316 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:24:42.0833 5316 tunnel - ok
16:24:42.0857 5316 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:24:42.0878 5316 uagp35 - ok
16:24:42.0898 5316 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:24:43.0019 5316 udfs - ok
16:24:43.0040 5316 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:24:43.0073 5316 UI0Detect - ok
16:24:43.0112 5316 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:24:43.0134 5316 uliagpkx - ok
16:24:43.0148 5316 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:24:43.0270 5316 umbus - ok
16:24:43.0278 5316 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:24:43.0310 5316 UmPass - ok
16:24:43.0388 5316 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:24:43.0449 5316 UNS ( UnsignedFile.Multi.Generic ) - warning
16:24:43.0449 5316 UNS - detected UnsignedFile.Multi.Generic (1)
16:24:43.0466 5316 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:24:43.0534 5316 upnphost - ok
16:24:43.0558 5316 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:24:43.0642 5316 usbccgp - ok
16:24:43.0666 5316 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:24:43.0693 5316 usbcir - ok
16:24:43.0699 5316 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:24:43.0804 5316 usbehci - ok
16:24:43.0836 5316 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:24:43.0950 5316 usbhub - ok
16:24:43.0961 5316 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:24:44.0030 5316 usbohci - ok
16:24:44.0035 5316 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:24:44.0068 5316 usbprint - ok
16:24:44.0075 5316 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
16:24:44.0159 5316 USBSTOR - ok
16:24:44.0165 5316 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:24:44.0284 5316 usbuhci - ok
16:24:44.0314 5316 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:24:44.0388 5316 usbvideo - ok
16:24:44.0395 5316 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:24:44.0465 5316 UxSms - ok
16:24:44.0470 5316 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:24:44.0497 5316 VaultSvc - ok
16:24:44.0505 5316 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:24:44.0526 5316 vdrvroot - ok
16:24:44.0551 5316 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:24:44.0611 5316 vds - ok
16:24:44.0616 5316 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:24:44.0640 5316 vga - ok
16:24:44.0646 5316 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:24:44.0707 5316 VgaSave - ok
16:24:44.0717 5316 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:24:44.0814 5316 vhdmp - ok
16:24:44.0841 5316 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:24:44.0861 5316 viaide - ok
16:24:44.0867 5316 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:24:44.0938 5316 volmgr - ok
16:24:44.0967 5316 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:24:45.0048 5316 volmgrx - ok
16:24:45.0060 5316 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:24:45.0141 5316 volsnap - ok
16:24:45.0162 5316 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:24:45.0186 5316 vsmraid - ok
16:24:45.0233 5316 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:24:45.0326 5316 VSS - ok
16:24:45.0333 5316 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:24:45.0363 5316 vwifibus - ok
16:24:45.0385 5316 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:24:45.0425 5316 vwififlt - ok
16:24:45.0470 5316 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:24:45.0534 5316 W32Time - ok
16:24:45.0542 5316 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:24:45.0567 5316 WacomPen - ok
16:24:45.0575 5316 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:24:45.0698 5316 WANARP - ok
16:24:45.0706 5316 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:24:45.0752 5316 Wanarpv6 - ok
16:24:45.0808 5316 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:24:45.0856 5316 WatAdminSvc - ok
16:24:45.0900 5316 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:24:45.0966 5316 wbengine - ok
16:24:45.0998 5316 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:24:46.0034 5316 WbioSrvc - ok
16:24:46.0048 5316 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:24:46.0084 5316 wcncsvc - ok
16:24:46.0106 5316 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:24:46.0153 5316 WcsPlugInService - ok
16:24:46.0159 5316 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:24:46.0179 5316 Wd - ok
16:24:46.0209 5316 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:24:46.0247 5316 Wdf01000 - ok
16:24:46.0254 5316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:24:46.0323 5316 WdiServiceHost - ok
16:24:46.0327 5316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:24:46.0357 5316 WdiSystemHost - ok
16:24:46.0399 5316 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:24:46.0496 5316 WebClient - ok
16:24:46.0507 5316 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:24:46.0586 5316 Wecsvc - ok
16:24:46.0616 5316 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:24:46.0678 5316 wercplsupport - ok
16:24:46.0685 5316 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:24:46.0741 5316 WerSvc - ok
16:24:46.0747 5316 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:24:46.0800 5316 WfpLwf - ok
16:24:46.0812 5316 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:24:46.0899 5316 WimFltr - ok
16:24:46.0905 5316 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:24:46.0923 5316 WIMMount - ok
16:24:46.0930 5316 WinHttpAutoProxySvc - ok
16:24:46.0973 5316 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:24:47.0029 5316 Winmgmt - ok
16:24:47.0076 5316 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:24:47.0220 5316 WinRM - ok
16:24:47.0249 5316 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:24:47.0313 5316 Wlansvc - ok
16:24:47.0319 5316 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:24:47.0356 5316 WmiAcpi - ok
16:24:47.0372 5316 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:24:47.0405 5316 wmiApSrv - ok
16:24:47.0433 5316 WMPNetworkSvc - ok
16:24:47.0448 5316 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:24:47.0486 5316 WPCSvc - ok
16:24:47.0495 5316 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:24:47.0583 5316 WPDBusEnum - ok
16:24:47.0589 5316 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:24:47.0638 5316 ws2ifsl - ok
16:24:47.0643 5316 WSearch - ok
16:24:47.0656 5316 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:24:47.0754 5316 WudfPf - ok
16:24:47.0777 5316 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:24:47.0895 5316 WUDFRd - ok
16:24:47.0903 5316 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:24:47.0998 5316 wudfsvc - ok
16:24:48.0029 5316 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:24:48.0072 5316 WwanSvc - ok
16:24:48.0128 5316 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:24:48.0151 5316 YahooAUService - ok
16:24:48.0156 5316 ================ Scan global ===============================
16:24:48.0180 5316 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:24:48.0194 5316 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:24:48.0247 5316 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:24:48.0260 5316 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:24:48.0293 5316 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:24:48.0301 5316 [Global] - ok
16:24:48.0302 5316 ================ Scan MBR ==================================
16:24:48.0305 5316 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:24:48.0568 5316 \Device\Harddisk0\DR0 - ok
16:24:48.0568 5316 ================ Scan VBR ==================================
16:24:48.0575 5316 [ 24E2F4FCE3EFD141A3EF2D697CF75A40 ] \Device\Harddisk0\DR0\Partition1
16:24:48.0577 5316 \Device\Harddisk0\DR0\Partition1 - ok
16:24:48.0583 5316 [ 4F1E1FAC70EFDF20CEEAE3D632EFC0FF ] \Device\Harddisk0\DR0\Partition2
16:24:48.0589 5316 \Device\Harddisk0\DR0\Partition2 - ok
16:24:48.0590 5316 ============================================================
16:24:48.0590 5316 Scan finished
16:24:48.0590 5316 ============================================================
16:24:48.0611 2764 Detected object count: 5
16:24:48.0611 2764 Actual detected object count: 5
16:25:39.0289 2764 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:39.0289 2764 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:39.0290 2764 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:39.0290 2764 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:39.0292 2764 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:39.0292 2764 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:39.0300 2764 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:39.0300 2764 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:39.0302 2764 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:39.0302 2764 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:46.0026 4672 Deinitialize success
  • 0

#18
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I do have malware bytes, haven't run it though

Good, do not use it yet though.

My comp seems to be doing ok.

OK, there is a fair bit of registry corruption which we can address in due course. For now just carry out the below and post back to let myself know when completed, thank you.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Right-click on erunt-setup.exe and select Run as Administrator to Install ERUNT by following the prompts.
  • Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe
  • 0

#19
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
you said choose No when it asks to place this in the start up menu folder. I don't have a choice No, it says Back, Next, or Cancel. If I choose Cancel, it won't let me continue download. And the place right before this it says it will be saved in C:/ProgramFiles....etc.
Is this ok so far? I backed out and didn't continue install. Sorry for sounding so dumb :(
  • 0

#20
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Not a problem in the least I assure you...

Just double checked the installation procedure and it will prompt at the very end about creating a Start-up entry in the actual Start-Up folder, so just click on NO to that.

So try it again, if any problems and or unsure just proceed and in the event a entry is created in the Start-Up folder, we can remove that latter on.

Though be aware if it is created with every re-boot until it is removed Erunt will have a error denoting a registry backup cannot be created as it has to be ran in admin mode with Windows 7. This is not a cause for concern and we will remove it soon, as I mentioned prior.
  • 0

#21
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Ok, so that is done.
  • 0

#22
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Ok, so that is done

Good, lets proceed as follows shall we...

Download the attached MultiFix.zip(see below) to your desktop.

Once it is on the desktop >> right click on MultiFix.Zip and select Extract All... >> use the Browse... button to select the Desktop as the extraction location then click on Extract.

There will now be a a new folder on your desktop called MultiFix, double click on this to open it...

Now right click on Multifix.Reg and select Merge >> click on Yes at the UAC prompt >> Yes >> OK

Custom Batch File:

  • Open Notepad.
  • Copy and Paste everything from the Quote-Box below(do not copy the word quote) into Notepad:

@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
sc start bfe
sc config "bfe" start= auto
sc start BITS
sc config "BITS" start= auto
sc start mpsdrv
sc config "mpsdrv" start= auto
sc start MpsSvc
sc config "MpsSvc" start= auto
sc start wscsvc
sc config "wscsvc" start= auto
sc start wuauserv
sc config "wuauserv" start= auto
shutdown -r -t 1
del %0

  • Go to File >> Save As
  • Save File name as Dakeyras.bat
  • Change Save as Type to All Files and save the file to your Desktop.
  • It should look similiar to this: Posted Image
Now right-click on the desktop Dakeyras.bat and select Run as Administrator to run the batch file. It will self-delete when completed.

Note: Your machine should automatically reboot. If it does not reboot your machine manually.

Re-scan with FSS:

Delete FSS.txt from the desktop if still present...

  • Right-click FSS.exe and select Run as Administrator to start the program.
  • Select all availble options
  • Then click on the Scan tab.
  • When the scan is complete, it will produce a log named FSS.txt.
  • Post the contents in your next reply.

  • 0

#23
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
my winzip trial has expired, I can't open this.
  • 0

#24
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

my winzip trial has expired, I can't open this.

Not a problem and no need to use a third party zip file application as Windows 7 has the feature in-built(though somewhat limited). So if WinZip is still installed, merely uninstall via Programs and Features in the Control Panel.

Then the inbuilt Windows 7 version will be enabled again >> follow my prior instructions as posted etc.
  • 0

#25
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Farbar Service Scanner Version: 07-11-2012
Ran by Maria (administrator) on 13-11-2012 at 13:43:13
Running from "C:\Users\Maria\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

Advertisements


#26
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

A improvement but still some registry related corruption and services not running. So we will take a slightly different approach as follows.

Download the following to your desktop:-

wscsvc.reg

WinDefend.reg

Now right click on wscsvc.reg and select Merge >> click on Yes at the UAC prompt >> Yes >> OK.

Then right click on WinDefend.reg and select Merge >> click on Yes at the UAC prompt >> Yes >> OK.

Next:

  • Click on Start(Windows 7 Orb) >> Run...(or launch the Run Box via depressing both the Windows key and R together).
    Cut and paste in the following:-
services.msc

  • Click on OK >> the Services window should now appear.
  • Locate then right-click on the Base Filtering Engine and select Properties.
  • On the General tab, next to Startup type:, ensure that Automatic is selected(if it is not) >> click on Apply then OK.
Still in the Services window, set the following to Automatic also:-

Microsoft Protection Service

Security Center

WinDefend Service <-- This one actually set to manual since you have McAfee installed.

Close the Services window. Then reboot(restart) the machine.

Re-scan with FSS:

Delete FSS.txt from the desktop if still present...

  • Right-click FSS.exe and select Run as Administrator to start the program.
  • Select all available options
  • Then click on the Scan tab.
  • When the scan is complete, it will produce a log named FSS.txt.
  • Post the contents in your next reply.

  • 0

#27
love2teach956

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Farbar Service Scanner Version: 07-11-2012
Ran by Maria (administrator) on 14-11-2012 at 17:39:40
Running from "C:\Users\Maria\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-13 19:43] - [2012-10-03 09:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


When I was doing that Services and changing some to Automatic, etc. I didn't find a Microsoft Protection Service, or Security Center or even WinDefend Service? I only saw the Base Filtering?
  • 0

#28
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

When I was doing that Services and changing some to Automatic, etc. I didn't find a Microsoft Protection Service, or Security Center or even WinDefend Service? I only saw the Base Filtering?

Not a problem for now and most that should be running as should is. Just carry out the below scans for myself please and we will go from there and provide the requested logs/update etc, thank you.

Next:

Reboot(restart) your machine first before proceeding to the below...

Security Application Check:

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1
Link 2

  • Right-click SecurityCheck.exe and select Run as Administrator then follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document in your next reply.
Scan with OTL:

Please download OTL and save it to your Desktop.

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • SecurityCheck Log.
  • Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#29
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#30
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Topic re-opend at OP's request...

Follow my prior instructions in post # 28

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP