Ir ao conteúdo
  • Cadastre-se
jones awoki limas

Fui infectado pelo Trojan Cryptonight

Recommended Posts

@jones awoki limas

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

boa tarde elias,

 

segue primeira etapa:

 

malwarebytes
www.malwarebytes.com

-detalhes de registro-
data da análise: 22/02/18
hora da análise: 11:01
arquivo de registro: eb6b22a2-17d8-11e8-8496-00e04d687d4a.json
administrador: sim

-informação do software-
versão: 3.3.1.2183
versão de componentes: 1.0.262
versão do pacote de definições: 1.0.4050
licença: versão de avaliação

-informação do sistema-
sistema operacional: windows 8.1
cpu: x64
sistema de arquivos: ntfs
usuário: jones\vanessa musso

-resumo da análise-
tipo de análise: análise customizada
resultado: concluído
objetos verificados: 509843
ameaças detectadas: 70
ameaças em quarentena: 67
tempo decorrido: 16 hr, 40 min, 28 seg

-opções da análise-
memória: habilitado
inicialização: habilitado
sistema de arquivos: habilitado
arquivos compactados: habilitado
rootkits: habilitado
heurística: habilitado
pup: detectar
pum: detectar

-detalhes da análise-
processo: 0
(nenhum item malicioso detectado)

módulo: 0
(nenhum item malicioso detectado)

chave de registro: 12
pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\productsetup, quarentena, [2], [481004],1.0.4050
pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\csastats, quarentena, [2], [260986],1.0.4050
adware.elex, hklm\software\wow6432node\qksee, quarentena, [1], [398719],1.0.4050
adware.elex, hklm\software\wow6432node\qkseesvc, quarentena, [1], [348122],1.0.4050
adware.elex, hklm\software\wow6432node\winsabersvc, quarentena, [1], [350440],1.0.4050
pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}, quarentena, [1544], [336082],1.0.4050
pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\plain\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}, quarentena, [1544], [336085],1.0.4050
pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\search provided by bing rotad, quarentena, [1544], [336085],1.0.4050
adware.elex, hklm\system\currentcontrolset\services\eventlog\application\qkseeservice, quarentena, [1], [348119],1.0.4050
adware.elex, hklm\system\currentcontrolset\services\eventlog\application\winzipersvc, quarentena, [1], [385015],1.0.4050
pup.optional.wajam, hklm\system\currentcontrolset\services\nlasvc\parameters\internet\manualproxies, quarentena, [73], [-1],0.0.0
pup.optional.bytefence, hklm\software\wow6432node\microsoft\windows\currentversion\uninstall\bytefence, quarentena, [587], [389016],1.0.4050

valor de registro: 6
pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\productsetup|tb, quarentena, [2], [481004],1.0.4050
pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}|path, quarentena, [1544], [336082],1.0.4050
pup.optional.wajam, hku\s-1-5-18\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0
pup.optional.wajam, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0
pup.optional.wajam, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\microsoft\windows\currentversion\internet settings|proxyoverride, quarentena, [73], [-1],0.0.0
pup.optional.wajam, hku\.default\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0

dados de registro: 0
(nenhum item malicioso detectado)

fluxo de dados: 0
(nenhum item malicioso detectado)

pasta: 6
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update, quarentena, [1446], [331958],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663, quarentena, [1446], [331958],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update, quarentena, [1446], [331958],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser, quarentena, [1446], [331958],1.0.4050
pup.optional.elex, c:\users\vanessa musso\appdata\roaming\winziper\log, quarentena, [7], [335045],1.0.4050
pup.optional.elex, c:\users\vanessa musso\appdata\roaming\winziper, quarentena, [7], [335045],1.0.4050

arquivo: 46
pup.optional.yessearches, c:\adwcleaner\filequarantine\c\program files (x86)\arikoiedrumition\arkconfigurationtsk.exe.vir, quarentena, [262], [124490],1.0.4050
generic.malware/suspicious, c:\adwcleaner\filequarantine\c\program files (x86)\003c293c-1466534344-003d-9ce1-3c00d1df6549\knssf538.tmp.vir, quarentena, [0], [392686],1.0.4050
adware.chinad, c:\adwcleaner\filequarantine\c\program files (x86)\calendartool\2.0.0.11380\calendarserv.exe.vir, quarentena, [501], [455933],1.0.4050
generic.malware/suspicious, c:\adwcleaner\filequarantine\c\programdata\videofetcher\videofetcher.exe.vir, quarentena, [0], [392686],1.0.4050
pup.optional.torrentsearch, c:\adwcleaner\filequarantine\c\users\vanessa musso\appdata\roaming\checkers\draughts\draughts.exe.vir, quarentena, [765], [122954],1.0.4050
pup.optional.radmin, c:\cplus\suporteremoto.exe, quarentena, [6586], [86095],1.0.4050
pup.optional.elex, c:\frst\quarantine\c\program files (x86)\semughdabuck\smgblds.xhtm5.xbad, quarentena, [7], [339258],1.0.4050
pup.optional.bundler, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\fsd90d9.exe.xbad, quarentena, [134], [8918],1.0.4050
pup.optional.wajam, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\ex4.exe.xbad, quarentena, [73], [290961],1.0.4050
pup.optional.bundleinstaller, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\f068.tmp.exe.xbad, quarentena, [18], [304617],1.0.4050
pup.optional.startpage, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\kolsrchlnas.ru_br.exe.xbad, quarentena, [40], [125564],1.0.4050
generic.malware/suspicious, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\ex2.exe.xbad, quarentena, [0], [392686],1.0.4050
pup.optional.bundleinstaller, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\icreinstall_f068.tmp.exe.xbad, quarentena, [18], [304617],1.0.4050
pup.optional.bytefence, c:\program files\bytefence\bytefence.exe, quarentena, [587], [389016],1.0.4050
pup.optional.bytefence, c:\program files\bytefence\uninstall.exe, quarentena, [587], [389016],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\9.3.6494.400.manifest, quarentena, [1446], [331958],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\browserupdate.exe, quarentena, [1446], [331958],1.0.4050
pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\chrome_elf.dll, quarentena, [1446], [331958],1.0.4050
generic.malware/suspicious, c:\users\vanessa musso\appdata\local\nanonet\vhost.exe, quarentena, [0], [392686],1.0.4050
generic.malware/suspicious, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\ativador w 10\raton ativ 10 2015\re-loader raton.exe, excluir ao reiniciar, [0], [392686],1.0.4050
generic.malware/suspicious, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\ativador w 10\raton ativ 10 2015.rar, excluir ao reiniciar, [0], [392686],1.0.4050
pup.optional.bundleinstaller, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\soft\www\utorrent.exe, excluir ao reiniciar, [18], [493232],1.0.4050
pup.optional.driverpack, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\soft\drvupdater.exe, excluir ao reiniciar, [1962], [476946],1.0.4050
pup.optional.driverpack, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\tools\drvupdater.exe, excluir ao reiniciar, [1962], [476946],1.0.4050
riskware.tinype.gen, c:\users\vanessa musso\desktop\flor sa\backup flor s.a 07 02 16\php-7.0.3\ext\standard\tests\file\windows_acls\tiny.exe, quarentena, [13822], [277589],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_bluestacks_vg9w2a.exe, quarentena, [2], [324268],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_daemon-tools-lite.exe, quarentena, [2], [439390],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird (1).exe, quarentena, [2], [486836],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_nepflex-screen-recorder_vxwzzu.exe, quarentena, [2], [430158],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_oxelon-media-converter.exe, quarentena, [2], [324268],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_utorrent.exe, quarentena, [2], [469948],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird.exe, quarentena, [2], [486836],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_winrar_2548970528.exe, quarentena, [2], [406528],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_realplayer.exe, quarentena, [2], [442658],1.0.4050
cracktool.coreldesigner, c:\users\vanessa musso\downloads\[foguinho downs] - k corel x8.exe\[foguinho downs] - keygen corel x8.exe, quarentena, [7508], [113285],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird (2).exe, quarentena, [2], [486836],1.0.4050
pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_zd-soft-screen-recorder_vuvcbo.exe, quarentena, [2], [430158],1.0.4050
adware.elex, c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\inetcache\ie\update_wpm_0707[1].exe, quarentena, [1], [363931],1.0.4050
adware.elex, c:\windows\syswow64\_tspm\qqbrowserframe.dll, quarentena, [1], [355140],1.0.4050
pup.optional.elex, c:\windows\syswow64\_tspm\qks.exe, quarentena, [7], [125558],1.0.4050
adware.elex, c:\windows\syswow64\_tspm\everything.exe, quarentena, [1], [345563],1.0.4050
pup.optional.elex, c:\windows\syswow64\_tspm\winzipper.exe, quarentena, [7], [336348],1.0.4050
adware.elex, c:\windows\syswow64\_tspm\saber.exe, quarentena, [1], [451226],1.0.4050
adware.elex, c:\windows\syswow64\_tspm\wpm.exe, quarentena, [1], [355155],1.0.4050
pup.optional.winbing, c:\windows\tasks\search provided by bing rotad.job, quarentena, [1548], [336088],1.0.4050
generic.malware/suspicious, c:\windows\2cdae02d91692a634545c5b4daa18a38.exe, quarentena, [0], [392686],1.0.4050

setor físico: 0
(nenhum item malicioso detectado)


(end)

 

*segunda etapa:

 

# adwcleaner 7.0.8.0 - logfile created on sat feb 24 15:46:04 2018
# updated on 2018/08/02 by malwarebytes 
# running on windows 8.1 single language (x64)
# mode: clean
# support: https://www.malwarebytes.com/support

***** [ services ] *****

no malicious services deleted.

***** [ folders ] *****

deleted: c:\users\vanessa musso\appdata\roaming\ecyber
deleted: c:\program files (x86)\mpck
deleted: c:\windows\system32\_tspm
deleted: c:\windows\syswow64\_tspm
deleted: c:\program files\bytefence


***** [ files ] *****

no malicious files deleted.

***** [ dll ] *****

no malicious dlls cleaned.

***** [ wmi ] *****

no malicious wmi cleaned.

***** [ shortcuts ] *****

no malicious shortcuts cleaned.

***** [ tasks ] *****

no malicious tasks deleted.

***** [ registry ] *****

deleted: [key] - hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\apn pip
deleted: [key] - hkcu\software\apn pip
deleted: [key] - hklm\software\hdcode
deleted: [key] - hklm\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83}
deleted: [key] - hku\.default\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83}
deleted: [key] - hku\s-1-5-18\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83}
deleted: [key] - hklm\software\winziper
deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextpending
deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextsynced
deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextsyncing
deleted: [key] - hkcu\software\microsoft\internet explorer\domstorage\castplatform.com
deleted: [key] - hkcu\software\microsoft\internet explorer\domstorage\cdn.castplatform.com
deleted: [key] - hklm\software\bytefence
deleted: [key] - hklm\software\classes\winzippers.001
deleted: [key] - hklm\software\classes\winzippers.7z
deleted: [key] - hklm\software\classes\winzippers.arj
deleted: [key] - hklm\software\classes\winzippers.bz2
deleted: [key] - hklm\software\classes\winzippers.bzip2
deleted: [key] - hklm\software\classes\winzippers.cab
deleted: [key] - hklm\software\classes\winzippers.cpio
deleted: [key] - hklm\software\classes\winzippers.deb
deleted: [key] - hklm\software\classes\winzippers.dmg
deleted: [key] - hklm\software\classes\winzippers.fat
deleted: [key] - hklm\software\classes\winzippers.gz
deleted: [key] - hklm\software\classes\winzippers.gzip
deleted: [key] - hklm\software\classes\winzippers.hfs
deleted: [key] - hklm\software\classes\winzippers.iso
deleted: [key] - hklm\software\classes\winzippers.lha
deleted: [key] - hklm\software\classes\winzippers.lzh
deleted: [key] - hklm\software\classes\winzippers.lzma
deleted: [key] - hklm\software\classes\winzippers.ntfs
deleted: [key] - hklm\software\classes\winzippers.rar
deleted: [key] - hklm\software\classes\winzippers.rpm
deleted: [key] - hklm\software\classes\winzippers.squashfs
deleted: [key] - hklm\software\classes\winzippers.swm
deleted: [key] - hklm\software\classes\winzippers.tar
deleted: [key] - hklm\software\classes\winzippers.taz
deleted: [key] - hklm\software\classes\winzippers.tbz
deleted: [key] - hklm\software\classes\winzippers.tbz2
deleted: [key] - hklm\software\classes\winzippers.tgz
deleted: [key] - hklm\software\classes\winzippers.tpz
deleted: [key] - hklm\software\classes\winzippers.txz
deleted: [key] - hklm\software\classes\winzippers.vhd
deleted: [key] - hklm\software\classes\winzippers.wim
deleted: [key] - hklm\software\classes\winzippers.xar
deleted: [key] - hklm\software\classes\winzippers.xz
deleted: [key] - hklm\software\classes\winzippers.z
deleted: [key] - hklm\software\classes\winzippers.zip


***** [ firefox (and derivatives) ] *****

no malicious firefox entries deleted.

***** [ chromium (and derivatives) ] *****

no malicious chromium entries deleted.

*************************

::tracing keys deleted
::winsock settings cleared
::additional actions: 0

*************************

c:/adwcleaner/adwcleaner[c1].txt - [13315 b] - [2015/10/17 21:43:17]
c:/adwcleaner/adwcleaner[c2].txt - [1690 b] - [2016/6/22 22:1:20]
c:/adwcleaner/adwcleaner[s1].txt - [13712 b] - [2015/10/17 21:31:39]
c:/adwcleaner/adwcleaner[s2].txt - [5028 b] - [2016/6/22 21:55:1]


########## eof - c:\adwcleaner\adwcleaner[c2].txt ##########

 

obrigado pela ajuda!!!

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

RogueKiller V12.12.5.0 (x64) [Feb 19 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version
Iniciou : Modo normal
Usuário : Vanessa Musso [Administrador]
Started from : C:\Users\Vanessa Musso\Downloads\RogueKiller_portable64.exe
Modo : Escanear -- Data : 02/26/2018 09:40:07 (Duration : 01:48:34)

¤¤¤ Processos : 1 ¤¤¤
[PUP.HackTool|VT.Detected] AutoKMS.exe(1392) -- C:\Windows\AutoKMS\AutoKMS.exe[-] -> Encontrado

¤¤¤ Registro : 7 ¤¤¤
[PUP.ByteFence|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Encontrado
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} -> Encontrado
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Encontrado
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Encontrado
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Encontrado
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Encontrado
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D} | DhcpNameServer : 10.0.0.253 ([])  -> Encontrado

¤¤¤ Tarefas : 3 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\Norton Product InstallerIdle.job -- C:\Users\VANESS~1\AppData\Local\Temp\SymInstallStub.exe (/partnerid=realnw /productlist=nss /staging=false /affid=RPLR /delay=0 /launchedby=4) -> Encontrado
[PUP.HackTool|VT.Detected] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Encontrado
[Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-7CHUC.tmp\corefixer.exe (/norerun) -> Encontrado

¤¤¤ Arquivos : 1 ¤¤¤
[PUP.HackTool][Pasta] C:\Windows\AutoKMS -> Encontrado

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 904f9079d5743a8461f086d85f1190bd
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 2048 | Size: 300 MB
1 - [MAN-MOUNT] EFI_system_partition | Offset (sectors): 616448 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft_reserved_partition | Offset (sectors): 1148928 | Size: 128 MB
3 - Basic_data_partition | Offset (sectors): 1411072 | Size: 459850 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 943185920 | Size: 450 MB
5 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 944107520 | Size: 15949 MB
User = LL1 ... OK
User = LL2 ... OK

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVE SELECTED
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique no botão OPEN REPORT e depois em EXPORT TXT
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde Elias,

No outro scan eu tinha feito isso tb, ok.

 

Segue:

 

ogueKiller V12.12.5.0 (x64) [Feb 19 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version
Iniciou : Modo normal
Usuário : Vanessa Musso [Administrador]
Started from : C:\Users\Vanessa Musso\Downloads\RogueKiller_portable64.exe
Modo : Deletar -- Data : 02/28/2018 13:39:06 (Duration : 02:42:47)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 7 ¤¤¤
[PUP.ByteFence|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Deletado
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} -> Deletado
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2  -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D} | DhcpNameServer : 10.0.0.253 ([])  -> Substituído ()

¤¤¤ Tarefas : 2 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\Norton Product InstallerIdle.job -- C:\Users\VANESS~1\AppData\Local\Temp\SymInstallStub.exe (/partnerid=realnw /productlist=nss /staging=false /affid=RPLR /delay=0 /launchedby=4) -> Deletado
[Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-7CHUC.tmp\corefixer.exe (/norerun) -> Deletado

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 904f9079d5743a8461f086d85f1190bd
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 2048 | Size: 300 MB
1 - [MAN-MOUNT] EFI_system_partition | Offset (sectors): 616448 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft_reserved_partition | Offset (sectors): 1148928 | Size: 128 MB
3 - Basic_data_partition | Offset (sectors): 1411072 | Size: 459850 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 943185920 | Size: 450 MB
5 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 944107520 | Size: 15949 MB
User = LL1 ... OK
User = LL2 ... OK

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe como Administrador.
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde Elias segue abaixo o log:

 

McAfee Stinger Scan Results

McAfee® Labs Stinger™ Version 12.1.0.2688 built on Mar 1 2018 at 00:59:20 Copyright© 2013-2018, McAfee, LLC. All Rights Reserved. AV Engine version v5900.7806 for Windows. Virus data file v1000.0 created on Mar 1, 2018 Ready to scan for 10349 viruses, trojans and variants. Custom scan initiated on quinta-feira, março 01, 2018 10:24:33 Rootkit scan result : Clean. C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Cache\f_002801 [MD5:1b33320ca2603691dfda4364d1ee93ea] is infected with WASM/Cryptonight C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Cache\f_002801 has been Deleted C:\Users\Vanessa Musso\Downloads\ZA-Scan.exe [MD5:393409e77c1d95b1c35e5e024366ab6b] is infected with Artemis!393409E77C1D C:\Users\Vanessa Musso\Downloads\ZA-Scan.exe has been Deleted Summary Report on C: File(s) TotalFiles:............ 2454245 Clean:................. 430753 Not Scanned:........... 2023490 Possibly Infected:..... 2 Time: 05:18:33 Scan completed on sexta-feira, março 02, 2018 15:43:06

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Baixe o arquivo TDSSKiller.exe e salve na sua área de trabalho (Desktop).

  1. Execute o arquivo TDSSKiller.exe
  2. Clique em auOe0rs.png marque as opções: Verify file digital signature e Detect TDLFS file system, e clique em OK.
  3. Pressione o botão Start Scan para o utilitário iniciar o escaneamento.
    Ele detecta objetos maliciosos e suspeitos.
    • malicioso (o malware foi identificado)
    • suspeito (o malware não pode ser identificado)
  4. Quando o scan terminar, o utilitário gera uma lista de objetos detectados com a descrição.
    O utilitário seleciona automaticamente uma ação (Cure ou Delete) para objetos mal-intencionados.
    O utilitário solicita que o usuário selecione uma ação para aplicar a objetos suspeitos (Skip, por padrão).
  5. Após clicar em Continue, o utilitário aplica as ações selecionadas e gera o relatorio.
  6. Uma reinicialização poderá ser requerida após a desinfecção.
  7. Por padrão, o utilitário gera o log no disco local C:\ (depende de onde o sistema operacional esta instalado).
    Logs têm nomes como: UtilityName.Version_Date_Time_log.txt.
  8. Por exemplo C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
  9. Anexe este log no seu proximo post!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Elias segue log:

 

16:00:53.0675 5776  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:00:53.0675 5776  UEFI system
16:00:55.0358 5776  ============================================================
16:00:55.0358 5776  Current date / time: 2018/03/05 16:00:55.0358
16:00:55.0358 5776  SystemInfo:
16:00:55.0358 5776  
16:00:55.0358 5776  OS Version: 6.2.9200 ServicePack: 0.0
16:00:55.0358 5776  Product type: Workstation
16:00:55.0358 5776  ComputerName: JONES
16:00:55.0359 5776  UserName: Vanessa Musso
16:00:55.0359 5776  Windows directory: C:\WINDOWS
16:00:55.0359 5776  System windows directory: C:\WINDOWS
16:00:55.0359 5776  Running under WOW64
16:00:55.0359 5776  Processor architecture: Intel x64
16:00:55.0359 5776  Number of processors: 2
16:00:55.0359 5776  Page size: 0x1000
16:00:55.0359 5776  Boot type: Normal boot
16:00:55.0359 5776  ============================================================
16:00:55.0947 5776  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:00:55.0961 5776  ============================================================
16:00:55.0961 5776  \Device\Harddisk0\DR0:
16:00:55.0962 5776  GPT partitions:
16:00:55.0962 5776  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {937E15BF-B1C0-4E2E-A3C4-DC65E8207F5D}, Name: Basic_data_partition, StartLBA 0x800, BlocksNum 0x96000
16:00:55.0962 5776  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3A4E2A6-4AB7-440F-B623-E7BF5C5D76CE}, Name: EFI_system_partition, StartLBA 0x96800, BlocksNum 0x82000
16:00:55.0962 5776  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F5FF92BD-E51F-4FC5-B47B-88D4F3A06C6F}, Name: Microsoft_reserved_partition, StartLBA 0x118800, BlocksNum 0x40000
16:00:55.0963 5776  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D0F7967F-4E04-4FFD-9CB7-9E117E4C509B}, Name: Basic_data_partition, StartLBA 0x158800, BlocksNum 0x3822502F
16:00:55.0963 5776  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {08248C0D-935C-46AC-9AC1-ACC261423C39}, Name: , StartLBA 0x3837E000, BlocksNum 0xE1000
16:00:55.0963 5776  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {99C84813-371E-4594-BF5C-B7F43BDB27B0}, Name: Basic_data_partition, StartLBA 0x3845F000, BlocksNum 0x1F26830
16:00:55.0963 5776  MBR partitions:
16:00:55.0963 5776  ============================================================
16:00:55.0980 5776  C: <-> \Device\Harddisk0\DR0\Partition4
16:00:55.0981 5776  ============================================================
16:00:55.0981 5776  Initialize success
16:00:55.0981 5776  ============================================================
16:01:02.0267 5584  ============================================================
16:01:02.0267 5584  Scan started
16:01:02.0267 5584  Mode: Manual; SigCheck; TDLFS; 
16:01:02.0267 5584  ============================================================
16:01:02.0714 5584  ================ Scan system memory ========================
16:01:02.0715 5584  System memory - ok
16:01:02.0716 5584  ================ Scan services =============================
16:01:02.0962 5584  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:01:03.0254 5584  1394ohci - ok
16:01:03.0293 5584  [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:01:03.0414 5584  3ware - ok
16:01:03.0479 5584  [ E796AE43DDD1844281DB4D57294D17C0 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:01:03.0656 5584  ACPI - ok
16:01:03.0708 5584  [ AC8279D229398BCF05C3154ADCA86813 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:01:03.0828 5584  acpiex - ok
16:01:03.0855 5584  [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:01:04.0007 5584  acpipagr - ok
16:01:04.0058 5584  [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:01:04.0215 5584  AcpiPmi - ok
16:01:04.0244 5584  [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:01:04.0392 5584  acpitime - ok
16:01:04.0545 5584  [ CA805DA983594B01F3554464B2E5158F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:01:04.0582 5584  AdobeARMservice - ok
16:01:04.0689 5584  [ 8532B30A054D83614A90D24AD61A29DF ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
16:01:04.0747 5584  AdobeUpdateService - ok
16:01:04.0817 5584  [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:01:04.0974 5584  ADP80XX - ok
16:01:05.0027 5584  [ BCD58DACAA1EAAADC115EDD940478F6D ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
16:01:05.0098 5584  AeLookupSvc - ok
16:01:05.0151 5584  [ 2CD583BC31DBAAF0F180D8B32F6D261F ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:01:05.0344 5584  AFD - ok
16:01:05.0390 5584  [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
16:01:05.0501 5584  agp440 - ok
16:01:05.0639 5584  [ 58A5D48F16E89575C21C0B14A15D4383 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
16:01:05.0787 5584  AGSService - ok
16:01:05.0845 5584  [ FE14D249D39368CA62D8DA6BC94AC694 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:01:06.0028 5584  ahcache - ok
16:01:06.0080 5584  [ 14A45BE6F5678339F0EC5752D9849410 ] ALG             C:\WINDOWS\System32\alg.exe
16:01:06.0139 5584  ALG - ok
16:01:06.0157 5584  [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:01:06.0322 5584  AmdK8 - ok
16:01:06.0370 5584  [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:01:06.0511 5584  AmdPPM - ok
16:01:06.0539 5584  [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:01:06.0645 5584  amdsata - ok
16:01:06.0693 5584  [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:01:06.0831 5584  amdsbs - ok
16:01:06.0856 5584  [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:01:06.0958 5584  amdxata - ok
16:01:07.0007 5584  [ 5A65CED67889CBDBC807791E530C0F1E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:01:07.0181 5584  AppID - ok
16:01:07.0224 5584  [ 942C8297400FCFB13CEE3F3CD89C5CE5 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:01:07.0289 5584  AppIDSvc - ok
16:01:07.0339 5584  [ 54ACF58A59A5FD3AD29EABBECA5B5BA4 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:01:07.0427 5584  Appinfo - ok
16:01:07.0504 5584  [ 35E28923A23ADABAA5A1B43256D0AB58 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:01:07.0601 5584  AppReadiness - ok
16:01:07.0681 5584  [ E0F846ADE7DED88981D0908DE56FF160 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:01:07.0816 5584  AppXSvc - ok
16:01:07.0870 5584  [ 65045784366F7EC5FB4E71BCF923187B ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:01:07.0994 5584  arcsas - ok
16:01:08.0039 5584  [ 99A8C4ADE17B9CF2B5373E5BDE354DC4 ] aswArPot        C:\WINDOWS\system32\drivers\aswArPot.sys
16:01:08.0331 5584  aswArPot - ok
16:01:08.0781 5584  [ A13586710C5CFFD09CDB78C05A9CC0B3 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
16:01:09.0243 5584  aswbIDSAgent - ok
16:01:09.0295 5584  [ 9E3CAA4E0E81BDC0E529BF3B32F9A08F ] aswbidsdriver   C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
16:01:09.0381 5584  aswbidsdriver - ok
16:01:09.0426 5584  [ FD31AC49D034541FF25BD6B158153035 ] aswbidsh        C:\WINDOWS\system32\drivers\aswbidsha.sys
16:01:09.0562 5584  aswbidsh - ok
16:01:09.0599 5584  [ 47DF29AA4FBE5A290B309D7F9109233E ] aswblog         C:\WINDOWS\system32\drivers\aswbloga.sys
16:01:09.0691 5584  aswblog - ok
16:01:09.0729 5584  [ 0C9979B3B4B8472EB4286DFBBE37DEDA ] aswbuniv        C:\WINDOWS\system32\drivers\aswbuniva.sys
16:01:09.0802 5584  aswbuniv - ok
16:01:09.0855 5584  [ A3B07E62979505688581D55182F5E617 ] aswHdsKe        C:\WINDOWS\system32\drivers\aswHdsKe.sys
16:01:09.0899 5584  aswHdsKe - ok
16:01:09.0927 5584  [ E4BCCBD78DB4DEC414DE4F1578328B24 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
16:01:10.0093 5584  aswHwid - ok
16:01:10.0129 5584  [ 5E6FD2CB74138C6AF591779D2619BD6C ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
16:01:10.0235 5584  aswKbd - ok
16:01:10.0277 5584  [ 96A7DBC6B971CBFF8322AEE66EA671F9 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:01:10.0389 5584  aswMonFlt - ok
16:01:10.0429 5584  [ A47527A8E9A5BD0C30703BD90DC5D4FF ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
16:01:10.0534 5584  aswRdr - ok
16:01:10.0576 5584  [ A9D1665A18B3C7B763C1A4CF7AB1DD09 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
16:01:10.0685 5584  aswRvrt - ok
16:01:10.0753 5584  [ B05F534A31CE10355A0F25DAED14CA3E ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
16:01:10.0921 5584  aswSnx - ok
16:01:10.0997 5584  [ 3687CDF17F8BBB6134BC1C289674564D ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
16:01:11.0131 5584  aswSP - ok
16:01:11.0185 5584  [ CFC4326AC78CCAB412D4729DB38946DF ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
16:01:11.0229 5584  aswStm - ok
16:01:11.0278 5584  [ 0B2CB619C6A36A9490C251E2A15E92C4 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
16:01:11.0456 5584  aswVmm - ok
16:01:11.0476 5584  [ 3DB7721F06BC2FEDB25029EA23AB27DA ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:01:11.0673 5584  AsyncMac - ok
16:01:11.0697 5584  [ 74B14192CF79A72F7536B27CB8814FBD ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:01:11.0794 5584  atapi - ok
16:01:11.0833 5584  [ 431FE56F5A2F5937994CB2DA330B47DB ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:01:11.0924 5584  AudioEndpointBuilder - ok
16:01:11.0978 5584  [ 0F03CC00645D7F841879A048787D6AC7 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:01:12.0071 5584  Audiosrv - ok
16:01:12.0118 5584  [ 2C4CED727FAC83B0FFA005421DC55FC7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:01:12.0232 5584  avast! Antivirus - ok
16:01:12.0272 5584  [ 3C6ED74AF41DD1A5585CE5EF3D00915F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:01:12.0343 5584  AxInstSV - ok
16:01:12.0419 5584  [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:01:12.0606 5584  b06bdrv - ok
16:01:12.0676 5584  [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:01:12.0872 5584  BasicDisplay - ok
16:01:12.0925 5584  [ BF002CF6CA41491665F7D3DCA51B7EFB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:01:13.0122 5584  BasicRender - ok
16:01:13.0195 5584  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:01:13.0286 5584  bcmfn2 - ok
16:01:13.0328 5584  [ 174394F4EF93C117BF7BE3878046A1B1 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:01:13.0444 5584  BDESVC - ok
16:01:13.0492 5584  [ EC19013E4CF87609534165DF897274D6 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:01:13.0798 5584  Beep - ok
16:01:13.0859 5584  [ 4BA5C192E77375B62D603B38B9D99128 ] BFE             C:\WINDOWS\System32\bfe.dll
16:01:13.0968 5584  BFE - ok
16:01:14.0041 5584  [ 48554994279BFE17A3D2B00076D0CB1A ] BITS            C:\WINDOWS\System32\qmgr.dll
16:01:14.0158 5584  BITS - ok
16:01:14.0214 5584  [ 4938A9236300A356F97E378491EE4844 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:01:14.0350 5584  bowser - ok
16:01:14.0406 5584  [ FA601515FF2B59F25FDD8EDB1D2A1104 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:01:14.0493 5584  BrokerInfrastructure - ok
16:01:14.0557 5584  [ BC111AADACD0BF59D56547461D13AB6E ] Browser         C:\WINDOWS\System32\browser.dll
16:01:14.0703 5584  Browser - ok
16:01:14.0751 5584  [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:01:14.0923 5584  BthAvrcpTg - ok
16:01:14.0966 5584  [ 272A62B660A48AEF366F8A1836CED19F ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:01:15.0117 5584  BthHFEnum - ok
16:01:15.0148 5584  [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:01:15.0273 5584  bthhfhid - ok
16:01:15.0320 5584  [ 9307A4B743D277C499CDA8E19E5687AC ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
16:01:15.0547 5584  BthHFSrv - ok
16:01:15.0570 5584  [ EF4B9E7C9AD88C00C18A12B0D22D1894 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:01:15.0777 5584  BTHMODEM - ok
16:01:15.0828 5584  [ 043A0F37631BF453F16D478B71320F46 ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:01:15.0911 5584  bthserv - ok
16:01:15.0973 5584  [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:01:16.0133 5584  cdfs - ok
16:01:16.0179 5584  [ D61EDE3D49B04E703AEC3B111C763F42 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:01:16.0456 5584  cdrom - ok
16:01:16.0503 5584  [ ACFDC4EE40EC6E4A0AB91D923B8288C8 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:01:16.0591 5584  CertPropSvc - ok
16:01:16.0638 5584  [ BE9936EDD3267FAAFF94A7835867F00B ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:01:16.0760 5584  circlass - ok
16:01:16.0824 5584  [ CCAB2A390FF4929F86AFA1F02520A981 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:01:16.0973 5584  CLFS - ok
16:01:17.0043 5584  [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:01:17.0191 5584  CmBatt - ok
16:01:17.0274 5584  [ 136D2C32FA5E49AF93D4B37D8055F230 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:01:17.0372 5584  CNG - ok
16:01:17.0412 5584  [ 03AAED827C36F35D70900558B8274905 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
16:01:17.0565 5584  CompositeBus - ok
16:01:17.0575 5584  COMSysApp - ok
16:01:17.0609 5584  [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:01:17.0740 5584  condrv - ok
16:01:17.0874 5584  [ D8724B606616B2B75AF54096119580F5 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:01:17.0931 5584  cphs - ok
16:01:17.0997 5584  [ 6324F0D18FB52833BA64BC828E29054C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:01:18.0066 5584  CryptSvc - ok
16:01:18.0111 5584  [ 315BA4BC19316D72B2E037534E048B93 ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:01:18.0214 5584  dam - ok
16:01:18.0360 5584  [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
16:01:18.0394 5584  dbupdate - ok
16:01:18.0404 5584  [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
16:01:18.0441 5584  dbupdatem - ok
16:01:18.0450 5584  dbx - ok
16:01:18.0484 5584  [ 82398C93E51124E494FFF43C9E39D03D ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
16:01:18.0517 5584  DbxSvc - ok
16:01:18.0592 5584  [ 2928249E4DD39C2ADD3E74F02427AB8B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:01:18.0693 5584  DcomLaunch - ok
16:01:18.0751 5584  [ 95E1ABFB27F8A62ED764805775F0D2F3 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:01:18.0870 5584  defragsvc - ok
16:01:18.0928 5584  [ FF086DEF5995558CCB1B5AAC2110195D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:01:19.0033 5584  DeviceAssociationService - ok
16:01:19.0082 5584  [ 2C02AFF8383D893F8DBEB07A84F6E77C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:01:19.0189 5584  DeviceInstall - ok
16:01:19.0244 5584  [ D1049D4D1311D43F6FCF180CAA5BF78B ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:01:19.0387 5584  Dfsc - ok
16:01:19.0439 5584  [ 85137571AEC8AC757D497B9DD30D544D ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:01:19.0551 5584  dg_ssudbus - ok
16:01:19.0605 5584  [ 3EEAADA3125431980E5804ED7143458A ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:01:19.0684 5584  Dhcp - ok
16:01:19.0788 5584  [ 0AC9F83A5508935DE89C447473085EEA ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
16:01:19.0959 5584  DiagTrack - ok
16:01:20.0012 5584  [ BF6D8575DDF30384939B2D5251F27C1F ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:01:20.0108 5584  disk - ok
16:01:20.0134 5584  [ EB70A894708D1BC176AFD690FF06085F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:01:20.0249 5584  dmvsc - ok
16:01:20.0290 5584  [ D9F407D006C916B7EC167858F88F13EB ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:01:20.0373 5584  Dnscache - ok
16:01:20.0416 5584  [ 811EACBCC7C51A03AE11F13CC27B2AB6 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:01:20.0488 5584  dot3svc - ok
16:01:20.0532 5584  [ B99CB575986789A93A683DCF292A43A1 ] DPS             C:\WINDOWS\system32\dps.dll
16:01:20.0615 5584  DPS - ok
16:01:20.0652 5584  [ 00C594D5A1DBD22AD8B2902B9F6EFF94 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:01:20.0750 5584  drmkaud - ok
16:01:20.0792 5584  [ 263625A4F616538EB867B6306A6590DB ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:01:20.0883 5584  DsmSvc - ok
16:01:20.0997 5584  [ 670E7F15CEEA22C34CED8F4D0EC161BF ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:01:21.0239 5584  DXGKrnl - ok
16:01:21.0280 5584  [ E253530BD5EDE28F1FF6AF93C4D8034D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:01:21.0384 5584  Eaphost - ok
16:01:21.0404 5584  EasyAntiCheat - ok
16:01:21.0546 5584  [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:01:21.0834 5584  ebdrv - ok
16:01:21.0873 5584  [ 382100E75B6F4668AEAEF228C6CEFFAD ] EFS             C:\WINDOWS\System32\lsass.exe
16:01:21.0916 5584  EFS - ok
16:01:21.0966 5584  [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:01:22.0041 5584  EhStorClass - ok
16:01:22.0061 5584  [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:01:22.0162 5584  EhStorTcgDrv - ok
16:01:22.0194 5584  [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:01:22.0325 5584  ErrDev - ok
16:01:22.0384 5584  [ F383EEDE1E06599105E4B2EFEE5AB7B6 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
16:01:22.0503 5584  ETD - ok
16:01:22.0589 5584  [ F00C593994D57C75273F820653440536 ] EventSystem     C:\WINDOWS\system32\es.dll
16:01:22.0679 5584  EventSystem - ok
16:01:22.0731 5584  [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:01:22.0890 5584  exfat - ok
16:01:22.0915 5584  [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:01:23.0030 5584  fastfat - ok
16:01:23.0091 5584  [ 304B6AEC4639A7CCCCF544C6BA6177B2 ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:01:23.0206 5584  Fax - ok
16:01:23.0236 5584  [ 5D8402613E778B3BD45E687A8372710B ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:01:23.0357 5584  fdc - ok
16:01:23.0412 5584  [ 020D2F29009F893ADEFF4405B4B44565 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:01:23.0508 5584  fdPHost - ok
16:01:23.0555 5584  [ E80D2EDD2F88B6E20076A0A4F5A5A245 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:01:23.0620 5584  FDResPub - ok
16:01:23.0670 5584  [ 47AB7D16EDE434B934AA4D661456C2D5 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:01:23.0765 5584  fhsvc - ok
16:01:23.0813 5584  [ BCFD8B149B3ADF92D0DB1E909CAF0265 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:01:23.0898 5584  FileInfo - ok
16:01:23.0930 5584  [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:01:24.0086 5584  Filetrace - ok
16:01:24.0170 5584  FirebirdGuardianDefaultInstance - ok
16:01:24.0176 5584  FirebirdServerDefaultInstance - ok
16:01:24.0225 5584  [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:01:24.0355 5584  flpydisk - ok
16:01:24.0401 5584  [ E8F02B7A595B9E7F0A38BDB1C40C60A5 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:01:24.0491 5584  FltMgr - ok
16:01:24.0561 5584  [ 223CD19D2F84B7B42081F4FB530B658F ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:01:24.0721 5584  FontCache - ok
16:01:24.0908 5584  [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:01:24.0966 5584  FontCache3.0.0.0 - ok
16:01:25.0016 5584  [ A7C31B168F371E8E6796219F23E354DB ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:01:25.0083 5584  FsDepends - ok
16:01:25.0113 5584  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:01:25.0206 5584  Fs_Rec - ok
16:01:25.0265 5584  [ B25A3FD917CB8F77CA5A70861D84671A ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:01:25.0431 5584  fvevol - ok
16:01:25.0474 5584  [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
16:01:25.0677 5584  FxPPM - ok
16:01:25.0725 5584  [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
16:01:25.0829 5584  gagp30kx - ok
16:01:25.0867 5584  [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:01:25.0987 5584  gencounter - ok
16:01:26.0019 5584  [ 8DF1254093B5C354CE725EB6B9B0DE19 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:01:26.0142 5584  GPIOClx0101 - ok
16:01:26.0193 5584  [ 2DAFF4F76A90E3C523C2FE50338537E9 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:01:26.0299 5584  gpsvc - ok
16:01:26.0371 5584  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:26.0405 5584  gupdate - ok
16:01:26.0415 5584  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:26.0447 5584  gupdatem - ok
16:01:26.0472 5584  [ D4B7ED39C7900384D9E5C1283F1E7926 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:01:26.0615 5584  HDAudBus - ok
16:01:26.0653 5584  [ 10A70BC1871CD955D85CD88372724906 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:01:26.0777 5584  HidBatt - ok
16:01:26.0827 5584  [ 42F88B57CAE42FC10059C887B3FCFCEA ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:01:26.0976 5584  HidBth - ok
16:01:27.0026 5584  [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:01:27.0135 5584  hidi2c - ok
16:01:27.0190 5584  [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:01:27.0302 5584  HidIr - ok
16:01:27.0338 5584  [ EA85B5093DF7B5C3E80362B053740AE2 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:01:27.0397 5584  hidserv - ok
16:01:27.0458 5584  [ 49676FEC898AB2A11B157F848269A56E ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:01:27.0629 5584  HidUsb - ok
16:01:27.0680 5584  [ 93C4315F47F8D635C6DB0DF49FCE10EE ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
16:01:27.0771 5584  hkmsvc - ok
16:01:27.0827 5584  [ AC49522ED106BD4B545D6614D71C2445 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:01:27.0945 5584  HomeGroupListener - ok
16:01:28.0026 5584  [ 99932E30CE0283B73BB6E5019E150394 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:01:28.0109 5584  HomeGroupProvider - ok
16:01:28.0156 5584  [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:01:28.0259 5584  HpSAMD - ok
16:01:28.0325 5584  [ E45EB7AE6C890F2C8DE8F160AC641C8A ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:01:28.0509 5584  HTTP - ok
16:01:28.0557 5584  [ 90656C0B3864804B090434EFC582404F ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:01:28.0623 5584  hwpolicy - ok
16:01:28.0665 5584  [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:01:28.0793 5584  hyperkbd - ok
16:01:28.0820 5584  [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:01:28.0975 5584  HyperVideo - ok
16:01:29.0027 5584  [ 49EE0AE9E5B64FFBBD06D55C4984B598 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:01:29.0253 5584  i8042prt - ok
16:01:29.0323 5584  [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:01:29.0437 5584  iaLPSSi_GPIO - ok
16:01:29.0459 5584  [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:01:29.0578 5584  iaLPSSi_I2C - ok
16:01:29.0638 5584  [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
16:01:29.0867 5584  iaStorA - ok
16:01:29.0924 5584  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:01:30.0055 5584  iaStorAV - ok
16:01:30.0100 5584  [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:01:30.0240 5584  iaStorV - ok
16:01:30.0406 5584  [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
16:01:30.0531 5584  IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:01:30.0531 5584  IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:01:30.0531 5584  IEEtwCollectorService - ok
16:01:30.0691 5584  [ 076023219E918D34585B231029A44571 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:01:30.0965 5584  igfx - ok
16:01:31.0011 5584  [ C814D4A0B7B91E936B2DC0828C69ACAB ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:01:31.0058 5584  igfxCUIService1.0.0.0 - ok
16:01:31.0138 5584  [ 3B6E74B3BE0CA74525A37B5C8E510084 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:01:31.0228 5584  IKEEXT - ok
16:01:31.0322 5584  InstallerService - ok
16:01:31.0463 5584  [ 6BDCC85422817FA53CD705ADE312CE6A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:01:31.0728 5584  IntcAzAudAddService - ok
16:01:31.0845 5584  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:01:31.0921 5584  IntcDAud - ok
16:01:32.0027 5584  [ B353F1834FCD36D77BE3F74992C147D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:01:32.0066 5584  Intel(R) Capability Licensing Service Interface - ok
16:01:32.0175 5584  [ 5175C772BCD11C9B0471D30535F15F60 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
16:01:32.0203 5584  Intel(R) ME Service - ok
16:01:32.0321 5584  [ D578C6D8C13E8107394A7CE89A433B6D ] IntelBCAsvc     C:\Program Files\Intel\BCA\pabeSvc64.exe
16:01:32.0500 5584  IntelBCAsvc - ok
16:01:32.0537 5584  [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:01:32.0615 5584  intelide - ok
16:01:32.0672 5584  [ A770340FC02B999EF0DE6C2A6BC8437C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:01:32.0760 5584  intelpep - ok
16:01:32.0791 5584  [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:01:32.0900 5584  intelppm - ok
16:01:32.0947 5584  [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:01:33.0133 5584  IpFilterDriver - ok
16:01:33.0188 5584  [ B452623C1DE60544054E784D94A7AA47 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:01:33.0303 5584  iphlpsvc - ok
16:01:33.0350 5584  [ C800DCD904016B2BF6AB541083770A3A ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:01:33.0506 5584  IPMIDRV - ok
16:01:33.0538 5584  [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:01:33.0701 5584  IPNAT - ok
16:01:33.0721 5584  [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:01:33.0846 5584  IRENUM - ok
16:01:33.0893 5584  [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:01:33.0986 5584  isapnp - ok
16:01:34.0049 5584  [ 25A878547BB010C640BB47680D40AF6B ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:01:34.0154 5584  iScsiPrt - ok
16:01:34.0236 5584  [ 622BF9C46A47CF17608C501320E8EFBD ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
16:01:34.0294 5584  iumsvc - ok
16:01:34.0334 5584  [ A90C843F4FDD7A07129BA73C6BE13976 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
16:01:34.0463 5584  iwdbus - ok
16:01:34.0494 5584  [ B2AAF45E83CAFA49A34EB2F2D6D7609C ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:01:34.0535 5584  jhi_service - ok
16:01:34.0567 5584  [ 5917AFE4A3F695A54B99C1849C8207FE ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:01:34.0647 5584  kbdclass - ok
16:01:34.0679 5584  [ 8CD840A062F6BDF41DDE3ACB96164B72 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:01:34.0804 5584  kbdhid - ok
16:01:34.0835 5584  [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:01:35.0038 5584  kdnic - ok
16:01:35.0069 5584  [ 382100E75B6F4668AEAEF228C6CEFFAD ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:01:35.0116 5584  KeyIso - ok
16:01:35.0169 5584  [ 304DA394D958BC3B62AF6DF514005B01 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:01:35.0232 5584  KSecDD - ok
16:01:35.0309 5584  [ 3D4AE520CD6F6FFE549DD195C1F515BE ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:01:35.0402 5584  KSecPkg - ok
16:01:35.0449 5584  [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:01:35.0559 5584  ksthunk - ok
16:01:35.0590 5584  [ C1591A66028C71147A3E2EAB0B1CCB7E ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:01:35.0675 5584  KtmRm - ok
16:01:35.0726 5584  [ B75ADC97905F43C7C946F1465A8697BD ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:01:35.0909 5584  LanmanServer - ok
16:01:35.0988 5584  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:01:36.0050 5584  LanmanWorkstation - ok
16:01:36.0098 5584  [ 8B9F3796EC1762CF255BDB324E5529C8 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
16:01:36.0207 5584  lfsvc - ok
16:01:36.0257 5584  [ C09010B3680860131631F53E8FE7BAD8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:01:36.0394 5584  lltdio - ok
16:01:36.0435 5584  [ DAE98CC96C5EE308BF4EA7B18F226CB8 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:01:36.0510 5584  lltdsvc - ok
16:01:36.0558 5584  [ 1E2662D847B7D9995C65D90D254A7E0F ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:01:36.0611 5584  lmhosts - ok
16:01:36.0653 5584  [ 9CA9CB0E115418F90FFC67973462280A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:01:36.0693 5584  LMS - ok
16:01:36.0753 5584  [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:01:36.0853 5584  LSI_SAS - ok
16:01:36.0885 5584  [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:01:36.0998 5584  LSI_SAS2 - ok
16:01:37.0044 5584  [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:01:37.0162 5584  LSI_SAS3 - ok
16:01:37.0196 5584  [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:01:37.0262 5584  LSI_SSS - ok
16:01:37.0309 5584  [ 9A7A7E45DAED2E8C2816716D8D28236A ] LSM             C:\WINDOWS\System32\lsm.dll
16:01:37.0402 5584  LSM - ok
16:01:37.0465 5584  [ B0AF753AF28303BB69C67BD85F06FFC9 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:01:37.0636 5584  luafv - ok
16:01:37.0853 5584  [ 734B435E1693386213EEFD4D17A70DEB ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
16:01:38.0174 5584  MBAMService - ok
16:01:38.0207 5584  [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:01:38.0301 5584  megasas - ok
16:01:38.0348 5584  [ F6F13533196DE7A582D422B0241E4363 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:01:38.0504 5584  megasr - ok
16:01:38.0551 5584  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:01:38.0645 5584  MEIx64 - ok
16:01:38.0694 5584  [ 99F7BDC6F6476EE79537FD66C76ADF47 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
16:01:38.0834 5584  mfehidk - ok
16:01:38.0866 5584  [ 11DFAA4C047762AD254CCBF40322A38C ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
16:01:38.0959 5584  mferkdet - ok
16:01:39.0022 5584  [ 2425DF176F07C50363715B9592D305B8 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
16:01:39.0069 5584  mfevtp - ok
16:01:39.0115 5584  [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
16:01:39.0219 5584  MMCSS - ok
16:01:39.0248 5584  [ 8B38C44F69259987C95135C9627E2378 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:01:39.0377 5584  Modem - ok
16:01:39.0414 5584  [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:01:39.0540 5584  monitor - ok
16:01:39.0613 5584  [ 2FA536882DDAB801A9440EB208725770 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
16:01:39.0645 5584  Motorola Device Manager - ok
16:01:39.0676 5584  [ 08374E4E5B8914DE6067CBA99F61E930 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:01:39.0770 5584  mouclass - ok
16:01:39.0785 5584  [ 5FCBAB60598AE119E02B4C27DE6B99EA ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:01:39.0930 5584  mouhid - ok
16:01:39.0984 5584  [ E5E8665272EBCD87A0A632314F0D221D ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:01:40.0095 5584  mountmgr - ok
16:01:40.0132 5584  [ 5928C12E9AEE59F48F17CBD05A544008 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:01:40.0182 5584  MozillaMaintenance - ok
16:01:40.0228 5584  [ 6FC047578785B0435F4E2660946D1ADC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:01:40.0381 5584  mpsdrv - ok
16:01:40.0479 5584  [ 4D33C8B6159B61C7F13984ED10EA2A82 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:01:40.0558 5584  MpsSvc - ok
16:01:40.0616 5584  [ 3F818C1518DA702C8F10259095C9BDE0 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:01:40.0787 5584  MRxDAV - ok
16:01:40.0834 5584  [ 466CC6D831D880426820449EE363686E ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:01:40.0975 5584  mrxsmb - ok
16:01:41.0022 5584  [ AFE6DC2E57E876175BA074AD2CB5594F ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:01:41.0210 5584  mrxsmb10 - ok
16:01:41.0272 5584  [ B37B58F9F80A51098C42663D5FA5F2BA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:01:41.0413 5584  mrxsmb20 - ok
16:01:41.0444 5584  [ F3C060444777A59FC63D920719E43CCD ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
16:01:41.0572 5584  MsBridge - ok
16:01:41.0619 5584  [ 915747E010A9414B069173284A9B93F4 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:01:41.0666 5584  MSDTC - ok
16:01:41.0728 5584  [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:01:41.0837 5584  Msfs - ok
16:01:41.0878 5584  [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:01:41.0972 5584  msgpiowin32 - ok
16:01:41.0987 5584  [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:01:42.0134 5584  mshidkmdf - ok
16:01:42.0177 5584  [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:01:42.0296 5584  mshidumdf - ok
16:01:42.0327 5584  [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:01:42.0406 5584  msisadrv - ok
16:01:42.0452 5584  [ A06142B3850B06972F1C89748FAA2C02 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:01:42.0598 5584  MSiSCSI - ok
16:01:42.0613 5584  msiserver - ok
16:01:42.0663 5584  [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:01:42.0815 5584  MSKSSRV - ok
16:01:42.0841 5584  [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:01:42.0970 5584  MsLldp - ok
16:01:42.0986 5584  [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:01:43.0103 5584  MSPCLOCK - ok
16:01:43.0139 5584  [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:01:43.0264 5584  MSPQM - ok
16:01:43.0310 5584  [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:01:43.0389 5584  MsRPC - ok
16:01:43.0404 5584  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:01:43.0479 5584  mssmbios - ok
16:01:43.0495 5584  [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:01:43.0588 5584  MSTEE - ok
16:01:43.0620 5584  [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:01:43.0734 5584  MTConfig - ok
16:01:43.0781 5584  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:01:43.0890 5584  Mup - ok
16:01:43.0922 5584  [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:01:44.0031 5584  mvumis - ok
16:01:44.0093 5584  MySQL57 - ok
16:01:44.0164 5584  [ 8DF30698BDD9492A9D45A4B94FB4A82A ] napagent        C:\WINDOWS\system32\qagentRT.dll
16:01:44.0227 5584  napagent - ok
16:01:44.0311 5584  [ F3A70F2C79D91B7C95F78E959DEDAD0E ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:01:44.0455 5584  NativeWifiP - ok
16:01:44.0509 5584  [ BFCE1225D10619029E68946929CEB64C ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:01:44.0611 5584  NcaSvc - ok
16:01:44.0655 5584  [ 267C97373110B7AFD3B46DF60B6CBB85 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:01:44.0755 5584  NcbService - ok
16:01:44.0808 5584  [ 0813B71EAF097208DC76CE0605B48AF0 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:01:44.0910 5584  NcdAutoSetup - ok
16:01:44.0989 5584  [ FFAA6C6E798FBA448FA7628A1B277F5C ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:01:45.0173 5584  NDIS - ok
16:01:45.0215 5584  [ 8CECC8DA55F3274181FD1EA28AD76664 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:01:45.0341 5584  NdisCap - ok
16:01:45.0388 5584  [ 269882812E9A68FFF1AFE1283D428322 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:01:45.0569 5584  NdisImPlatform - ok
16:01:45.0612 5584  [ DC1D9F692C2AD84C214584C28501C1F7 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:01:45.0764 5584  NdisTapi - ok
16:01:45.0812 5584  [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:01:45.0948 5584  Ndisuio - ok
16:01:45.0963 5584  [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:01:46.0094 5584  NdisVirtualBus - ok
16:01:46.0139 5584  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:01:46.0310 5584  NdisWan - ok
16:01:46.0325 5584  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:01:46.0388 5584  NdisWanLegacy - ok
16:01:46.0450 5584  [ 4F5178EEF4CC259F0A8CF56C2F16ADDB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:01:46.0575 5584  NDProxy - ok
16:01:46.0638 5584  [ 3083926D1CC5B56EA0786527B557DD1B ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:01:46.0808 5584  Ndu - ok
16:01:46.0838 5584  [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
16:01:46.0894 5584  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:01:46.0894 5584  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:01:46.0917 5584  [ AD6A78E25BBC916354753A500C4E73C8 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:01:46.0995 5584  NetBIOS - ok
16:01:47.0058 5584  [ 0FE750800DEEE91D22399D081371BA79 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:01:47.0242 5584  NetBT - ok
16:01:47.0273 5584  [ 382100E75B6F4668AEAEF228C6CEFFAD ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:01:47.0315 5584  Netlogon - ok
16:01:47.0367 5584  [ 8F074B62E66B6117D9598C62A12069C5 ] Netman          C:\WINDOWS\System32\netman.dll
16:01:47.0449 5584  Netman - ok
16:01:47.0533 5584  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:01:47.0593 5584  netprofm - ok
16:01:47.0691 5584  [ 51CD641EFF20C9FFBA2C0F72C269795E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:01:47.0754 5584  NetTcpPortSharing - ok
16:01:47.0801 5584  [ D4DCE03870314D3354F3501F9DDD4123 ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
16:01:47.0941 5584  netvsc - ok
16:01:47.0988 5584  [ A0D7A655BC61C2421CB33F3A1CD97B8A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:01:48.0067 5584  NlaSvc - ok
16:01:48.0130 5584  [ 24FB67774E25F626396FADC13FD70CEC ] NovaPdfServer   C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
16:01:48.0156 5584  NovaPdfServer - ok
16:01:48.0203 5584  [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:01:48.0330 5584  Npfs - ok
16:01:48.0377 5584  [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:01:48.0570 5584  npsvctrig - ok
16:01:48.0601 5584  [ 0F12A72A753CFD7FB0631EE8D08FE983 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:01:48.0679 5584  nsi - ok
16:01:48.0742 5584  [ 018510D88536798852DAE12F9BA6E138 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:01:48.0851 5584  nsiproxy - ok
16:01:48.0960 5584  [ EE9B628D84DE372953A6D30AAB02DBD6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:01:49.0203 5584  Ntfs - ok
16:01:49.0246 5584  [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:01:49.0401 5584  Null - ok
16:01:49.0453 5584  [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:01:49.0541 5584  nvraid - ok
16:01:49.0562 5584  [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:01:49.0666 5584  nvstor - ok
16:01:49.0712 5584  [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
16:01:49.0814 5584  nv_agp - ok
16:01:49.0935 5584  [ 29873E4EA380254020DD790E02F1E9E5 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:01:49.0980 5584  ose64 - ok
16:01:50.0041 5584  [ B0D4F47A4D74F6E6A3FF6B2D109D6734 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:01:50.0152 5584  p2pimsvc - ok
16:01:50.0188 5584  [ 0B100C336809C1D7DBD108A75DAFFEF5 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:01:50.0292 5584  p2psvc - ok
16:01:50.0340 5584  [ 57DCE4FB0467986AE78E1C6FC5240D32 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:01:50.0582 5584  Parport - ok
16:01:50.0628 5584  [ BAFF6122CFC9F95CA175AD8C348179A4 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:01:50.0738 5584  partmgr - ok
16:01:50.0792 5584  [ 10D35971E29936AE422A9C728014E761 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:01:50.0914 5584  PcaSvc - ok
16:01:50.0969 5584  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4 ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:01:51.0098 5584  pci - ok
16:01:51.0120 5584  [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:01:51.0192 5584  pciide - ok
16:01:51.0249 5584  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:01:51.0348 5584  pcmcia - ok
16:01:51.0382 5584  [ BF28771D1436C88BE1D297D3098B0F7D ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:01:51.0460 5584  pcw - ok
16:01:51.0510 5584  [ E6B3ACBA06BAF48594557FCCBFA66FD2 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:01:51.0606 5584  pdc - ok
16:01:51.0673 5584  [ 0ECEE590F2E2EF969FB74A6FC583A1E6 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:01:51.0788 5584  PEAUTH - ok
16:01:51.0910 5584  [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:01:52.0014 5584  PerfHost - ok
16:01:52.0111 5584  [ 70B39E7241F750A248798CE82C44596D ] pla             C:\WINDOWS\system32\pla.dll
16:01:52.0228 5584  pla - ok
16:01:52.0273 5584  [ 2C02AFF8383D893F8DBEB07A84F6E77C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:01:52.0326 5584  PlugPlay - ok
16:01:52.0380 5584  [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
16:01:52.0418 5584  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:01:52.0418 5584  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:01:52.0460 5584  [ 4570F8A37D221660F3A09D6F4DD4BA94 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:01:52.0547 5584  PNRPAutoReg - ok
16:01:52.0586 5584  [ B0D4F47A4D74F6E6A3FF6B2D109D6734 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:01:52.0644 5584  PNRPsvc - ok
16:01:52.0700 5584  [ 0FF8507A8B901B904E98EB36B9E347EE ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:01:52.0838 5584  PolicyAgent - ok
16:01:52.0893 5584  [ C8DD82C3035E60D671B8CC5DF128D3A9 ] Power           C:\WINDOWS\system32\umpo.dll
16:01:52.0967 5584  Power - ok
16:01:53.0021 5584  [ E075CC071022BD4E9BE7C024717C0E0A ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:01:53.0157 5584  PptpMiniport - ok
16:01:53.0295 5584  [ E3514CE7CB4AF80ECCA383F065BC77C0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:01:53.0539 5584  PrintNotify - ok
16:01:53.0601 5584  [ ECD373F9571C745894367CC2635EA44F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:01:53.0717 5584  Processor - ok
16:01:53.0762 5584  [ 6E409D818C6B342544EAE741B1422B85 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:01:53.0845 5584  ProfSvc - ok
16:01:53.0901 5584  [ DEF4D00D1E55B1E29138A1541D0B82D3 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
16:01:54.0033 5584  Psched - ok
16:01:54.0150 5584  [ 16783D49B6931414BAD1B2368ADD9656 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:01:54.0185 5584  PSI_SVC_2 - ok
16:01:54.0274 5584  [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
16:01:54.0304 5584  PST Service ( UnsignedFile.Multi.Generic ) - warning
16:01:54.0304 5584  PST Service - detected UnsignedFile.Multi.Generic (1)
16:01:54.0353 5584  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:01:54.0446 5584  QWAVE - ok
16:01:54.0496 5584  [ 83868EB2924E6BC21A54337C65D614D1 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:01:54.0616 5584  QWAVEdrv - ok
16:01:54.0675 5584  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\WINDOWS\WindowsMobile\rapimgr.dll
16:01:54.0713 5584  RapiMgr - ok
16:01:54.0764 5584  [ B337B1F1E82A83E20A1743E008E25C0F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:01:54.0905 5584  RasAcd - ok
16:01:54.0999 5584  [ D5ECE7E7F349EB3C4B152AFF3577280D ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
16:01:55.0210 5584  RasAgileVpn - ok
16:01:55.0249 5584  [ 044638489B4A5FE5334F46C5314A0826 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:01:55.0321 5584  RasAuto - ok
16:01:55.0365 5584  [ 235624C147E3CB4C288D5D3D8E8D64A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:01:55.0526 5584  Rasl2tp - ok
16:01:55.0613 5584  [ 0A655DD285E4E1E2975CEAB8FDE75295 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:01:55.0782 5584  RasMan - ok
16:01:55.0810 5584  [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:01:55.0959 5584  RasPppoe - ok
16:01:56.0018 5584  [ 41F631007A158FEBB67F0E2AD1601BBA ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
16:01:56.0171 5584  RasSstp - ok
16:01:56.0219 5584  [ 3560C2D5A5DAC09BF81F5C5CD0029192 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:01:56.0393 5584  rdbss - ok
16:01:56.0466 5584  [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:01:56.0672 5584  rdpbus - ok
16:01:56.0700 5584  [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:01:56.0878 5584  RDPDR - ok
16:01:57.0024 5584  [ BC8A79C625568DDB7DCA49D0C2741A64 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:01:57.0128 5584  RdpVideoMiniport - ok
16:01:57.0178 5584  [ 468F9F3886DD3320357ECDBFF838DBBF ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:01:57.0326 5584  rdyboost - ok
16:01:57.0446 5584  [ B5EF26F146792A6F8543FD3EC2449A81 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
16:01:57.0472 5584  RealPlayerUpdateSvc - ok
16:01:57.0589 5584  [ FA255020D66C09DBDF0B5D69F43C29EF ] RealTimes Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
16:01:57.0660 5584  RealTimes Desktop Service - ok
16:01:57.0724 5584  [ 2D39BCFA4DD1081B8F282B623456B858 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:01:57.0880 5584  ReFS - ok
16:01:57.0928 5584  [ DF78648AC3C8DC9D70E6714AF785382F ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:01:57.0981 5584  RemoteAccess - ok
16:01:58.0046 5584  [ 7594FEFBAD6BA4645CE7AA175C19BAD0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:01:58.0150 5584  RemoteRegistry - ok
16:01:58.0223 5584  [ 65B9FDE300A6DECC03BA44C4616DCAD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:01:58.0298 5584  RpcEptMapper - ok
16:01:58.0353 5584  [ A737B433ABAF3F2DCB2BD7B4CC582B26 ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:01:58.0421 5584  RpcLocator - ok
16:01:58.0516 5584  [ 2928249E4DD39C2ADD3E74F02427AB8B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:01:58.0588 5584  RpcSs - ok
16:01:58.0656 5584  [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:01:58.0798 5584  rspndr - ok
16:01:58.0840 5584  [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:01:58.0957 5584  RSUSBVSTOR - ok
16:01:59.0027 5584  [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:01:59.0189 5584  RTL8168 - ok
16:01:59.0275 5584  [ A307450FE19F99CC8AC750EB13959F94 ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
16:01:59.0577 5584  RTWlanE - ok
16:01:59.0608 5584  [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:01:59.0734 5584  s3cap - ok
16:01:59.0780 5584  [ 382100E75B6F4668AEAEF228C6CEFFAD ] SamSs           C:\WINDOWS\system32\lsass.exe
16:01:59.0827 5584  SamSs - ok
16:01:59.0874 5584  [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:01:59.0984 5584  sbp2port - ok
16:02:00.0030 5584  [ 305B725E3FC1936162FE84A0BB526F22 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:02:00.0093 5584  SCardSvr - ok
16:02:00.0173 5584  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:02:00.0229 5584  ScDeviceEnum - ok
16:02:00.0278 5584  [ DEA731D96816F1F67C32F49E4EF248DD ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:02:00.0387 5584  scfilter - ok
16:02:00.0465 5584  [ F5523FFAFFCE7937D076E4FE6F5BD9AD ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:02:00.0583 5584  Schedule - ok
16:02:00.0617 5584  [ ACFDC4EE40EC6E4A0AB91D923B8288C8 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:02:00.0671 5584  SCPolicySvc - ok
16:02:00.0715 5584  [ C54B6B2170BF628FD42F799A66956D75 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:02:00.0829 5584  sdbus - ok
16:02:00.0876 5584  [ 0B1E929D11A8E358106955603FAC65E8 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:02:01.0010 5584  sdstor - ok
16:02:01.0060 5584  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
16:02:01.0221 5584  secdrv - ok
16:02:01.0271 5584  [ 6627154693B6C2B8A59727F5B38728E8 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:02:01.0384 5584  seclogon - ok
16:02:01.0449 5584  [ 81FE9A81EDF8016816C9E91FBFBF7D35 ] SENS            C:\WINDOWS\System32\sens.dll
16:02:01.0518 5584  SENS - ok
16:02:01.0565 5584  [ 6E4012AE67F09F867EF620C8D5524C0B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:02:01.0632 5584  SensrSvc - ok
16:02:01.0699 5584  [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:02:01.0833 5584  SerCx - ok
16:02:01.0889 5584  [ 0044B31F93946D5D41982314381FE431 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:02:01.0984 5584  SerCx2 - ok
16:02:02.0023 5584  [ 1F0135949A6AD6025F363F80FE268251 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:02:02.0116 5584  Serenum - ok
16:02:02.0154 5584  [ 81633C87B42B63BA484A6177179AC750 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:02:02.0251 5584  Serial - ok
16:02:02.0298 5584  [ 148195AE95D9BC7375A08846439FDAC1 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:02:02.0407 5584  sermouse - ok
16:02:02.0475 5584  [ 624BB76941938B9F5776DEA56004D33E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:02:02.0584 5584  SessionEnv - ok
16:02:02.0622 5584  [ 472B7A5AC181C050888DB454663DD764 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:02:02.0736 5584  sfloppy - ok
16:02:02.0785 5584  [ 8081FF3DAE8159FE8956B09BC29CE983 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:02:02.0863 5584  SharedAccess - ok
16:02:02.0957 5584  [ 7FD9A61A3523A61FC135D61D6E160314 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:02:03.0067 5584  ShellHWDetection - ok
16:02:03.0090 5584  [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:02:03.0192 5584  SiSRaid2 - ok
16:02:03.0239 5584  [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:02:03.0333 5584  SiSRaid4 - ok
16:02:03.0427 5584  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3 ] smphost         C:\WINDOWS\System32\smphost.dll
16:02:03.0553 5584  smphost - ok
16:02:03.0616 5584  [ 961507DB02D7AC0B7A7828D457143B8E ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:02:03.0677 5584  SNMPTRAP - ok
16:02:03.0740 5584  [ F6AF6499C3788105EA7AF1DA27769A77 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:02:03.0860 5584  spaceport - ok
16:02:03.0899 5584  [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:02:03.0975 5584  SpbCx - ok
16:02:04.0037 5584  [ 851F06253BED584E39F5126EB5C2D6DD ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:02:04.0153 5584  Spooler - ok
16:02:04.0362 5584  [ F264662C057A54AA2DE41B3C7551712F ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:02:04.0833 5584  sppsvc - ok
16:02:04.0895 5584  [ CA62440584866C8435AF39E70C8CDDDD ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:02:05.0036 5584  srv - ok
16:02:05.0115 5584  [ 9770D34D1DACA4A9C57D22D64A9E8E09 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:02:05.0314 5584  srv2 - ok
16:02:05.0353 5584  [ B15C5053F127BE389F3980620D475EB0 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:02:05.0516 5584  srvnet - ok
16:02:05.0579 5584  [ CF6C3037839CF78421A94F9060C2886F ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:02:05.0674 5584  SSDPSRV - ok
16:02:05.0721 5584  [ 198A737DBA666F4808D62E9A8277A6B7 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:02:05.0763 5584  SstpSvc - ok
16:02:05.0794 5584  [ 9B74226E10CD57E965F87014841016F9 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:02:05.0843 5584  ssudmdm - ok
16:02:05.0890 5584  [ 76F7D7217FBDAB77798A2A244ACD641F ] ssudserd        C:\WINDOWS\system32\DRIVERS\ssudserd.sys
16:02:05.0921 5584  ssudserd - ok
16:02:05.0968 5584  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:02:06.0015 5584  stexstor - ok
16:02:06.0093 5584  [ 63E9CE568CF1192771A5F0460DE7D2B9 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:02:06.0208 5584  stisvc - ok
16:02:06.0223 5584  [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:02:06.0333 5584  storahci - ok
16:02:06.0364 5584  [ 8B9486B64E5FC17FB9CC04CA10B77A34 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
16:02:06.0489 5584  storflt - ok
16:02:06.0520 5584  [ 1D5A045F59D216448FCDE3A8D69970E2 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:02:06.0612 5584  stornvme - ok
16:02:06.0650 5584  [ A45F5AC9D8069D0EC66E3CA73103073B ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:02:06.0749 5584  StorSvc - ok
16:02:06.0780 5584  [ 548759755BC73DAD663250239D7E0B9F ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:02:06.0874 5584  storvsc - ok
16:02:06.0921 5584  [ E395BE02F80A79A6CF973BA38DBB8135 ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:02:07.0015 5584  svsvc - ok
16:02:07.0061 5584  [ 65454187E0F8B6C0DCECB0287D06EC43 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:02:07.0140 5584  swenum - ok
16:02:07.0213 5584  [ 1C71D72D4997A284128FBEE770726330 ] swprv           C:\WINDOWS\System32\swprv.dll
16:02:07.0307 5584  swprv - ok
16:02:07.0388 5584  [ 0404A539EC3D731EE42632AAFFF0666A ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:02:07.0479 5584  SysMain - ok
16:02:07.0508 5584  [ D73DBBB96CEE90C2856164AAD8543425 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:02:07.0610 5584  SystemEventsBroker - ok
16:02:07.0657 5584  [ 54A1F83B166F1062000A0D816CB3B43A ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:02:07.0753 5584  TabletInputService - ok
16:02:07.0816 5584  [ 5A5BAB1CA9621E73E25EE4744B67CDA6 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:02:07.0916 5584  TapiSrv - ok
16:02:08.0036 5584  [ 12D04D8C02F16D8D7346A494E524507D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:02:08.0331 5584  Tcpip - ok
16:02:08.0408 5584  [ 12D04D8C02F16D8D7346A494E524507D ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:02:08.0643 5584  TCPIP6 - ok
16:02:08.0705 5584  [ 41CF802064F72E55F50CA0A221FD36D4 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:02:08.0861 5584  tcpipreg - ok
16:02:08.0893 5584  [ 576FA545FAB846B06E79B324160DE25C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:02:09.0033 5584  tdx - ok
16:02:09.0307 5584  [ 708C203DF8EA1E4A09E05029803D9771 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:02:09.0703 5584  TeamViewer - ok
16:02:09.0740 5584  [ 232D185D2337F141311D0CF1983E1431 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:02:09.0849 5584  terminpt - ok
16:02:09.0936 5584  [ 76938862B2674EFED79E814CD36E6A08 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:02:10.0045 5584  TermService - ok
16:02:10.0092 5584  [ 2180DBCE75B914E5E5BBFFFAAE97AA21 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:02:10.0160 5584  Themes - ok
16:02:10.0214 5584  [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
16:02:10.0277 5584  THREADORDER - ok
16:02:10.0329 5584  [ B5ED9CC61798C7D44BD535D40B89EFB5 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
16:02:10.0427 5584  TimeBroker - ok
16:02:10.0477 5584  [ 80A2FC1A089A71F2DBE5D8394FFB009F ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
16:02:10.0601 5584  TPM - ok
16:02:10.0628 5584  [ 884113C2BB703FE806C8608B75F34831 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:02:10.0704 5584  TrkWks - ok
16:02:10.0822 5584  [ 807BFBADD4E45F651D577B16AAA7606D ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
16:02:10.0873 5584  TrueKey - ok
16:02:10.0927 5584  [ 433D821973B948BF2940B81ACF2A87DB ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
16:02:10.0946 5584  TrueKeyScheduler - ok
16:02:10.0977 5584  [ 9FB477FB7A25E2A1C38D014E5766B0A4 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
16:02:11.0008 5584  TrueKeyServiceHelper - ok
16:02:11.0105 5584  [ 44A94FB4C76528D2382FFE04B05827C3 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:02:11.0167 5584  TrustedInstaller - ok
16:02:11.0208 5584  [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:02:11.0385 5584  TsUsbFlt - ok
16:02:11.0432 5584  [ 20185BEB7512EDE4EFECDFA148AC9F99 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:02:11.0553 5584  TsUsbGD - ok
16:02:11.0596 5584  [ E85916632CD3B9E9B546968DB950BF42 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:02:11.0821 5584  tunnel - ok
16:02:11.0868 5584  [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
16:02:11.0938 5584  uagp35 - ok
16:02:11.0984 5584  [ FE6067B1FD4E63650C667B33D080565B ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:02:12.0076 5584  UASPStor - ok
16:02:12.0122 5584  [ 807F8CF3E973305FC435C61CBBEE2A49 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
16:02:12.0230 5584  UCX01000 - ok
16:02:12.0283 5584  [ C61EAF8E1E4B2F62BA4FDF457440B2C6 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:02:12.0533 5584  udfs - ok
16:02:12.0579 5584  [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:02:12.0720 5584  UEFI - ok
16:02:12.0792 5584  [ A867F0F978EE64C87FADC3B100869EE4 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:02:13.0007 5584  UI0Detect - ok
16:02:13.0036 5584  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
16:02:13.0142 5584  uliagpkx - ok
16:02:13.0174 5584  [ DA34C39A18E60E7C3FA0630566408034 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:02:13.0254 5584  umbus - ok
16:02:13.0285 5584  [ AE8294875E5446E359B1E8035D40C05E ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:02:13.0399 5584  UmPass - ok
16:02:13.0439 5584  [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:02:13.0525 5584  UmRdpService - ok
16:02:13.0619 5584  [ 6EE394F8BFDC59D51E1C347246867004 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:02:13.0670 5584  UNS - ok
16:02:13.0729 5584  [ C98493DD8E6A50154FAC75C15E1C36BB ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:02:13.0823 5584  upnphost - ok
16:02:13.0875 5584  [ DF355EB0199198728027962DCFCDE5FB ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
16:02:14.0005 5584  usbaudio - ok
16:02:14.0052 5584  [ 621317D14B93CBFBD5694767EFB6B40A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:02:14.0167 5584  usbccgp - ok
16:02:14.0215 5584  [ 0139248F6B95CF0D837B5B46A2722D40 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:02:14.0372 5584  usbcir - ok
16:02:14.0416 5584  [ C996CBEF922B5653A01E3F50DDCE2F86 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:02:14.0509 5584  usbehci - ok
16:02:14.0583 5584  [ E30B159760053C5A1297D2CD08046CD7 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:02:14.0727 5584  usbhub - ok
16:02:14.0788 5584  [ 5C90D5379B53590FBB24BBAD4FA682EE ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:02:14.0933 5584  USBHUB3 - ok
16:02:14.0974 5584  [ A0F0484C97D6441ED6A75D7426ECCC9E ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:02:15.0172 5584  usbohci - ok
16:02:15.0213 5584  [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:02:15.0369 5584  usbprint - ok
16:02:15.0401 5584  [ 0F030491BA4A27BD46F8B8ACEEE83F1A ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:02:15.0543 5584  usbscan - ok
16:02:15.0590 5584  [ 9D168BFA334D47BE404367EB58D4E130 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:02:15.0692 5584  USBSTOR - ok
16:02:15.0724 5584  [ FC974B03C8B87455F44F734C8F31A3C8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:02:15.0833 5584  usbuhci - ok
16:02:15.0887 5584  [ 5C8F604F6DC74177CDD8372D7B1ADFF0 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
16:02:16.0023 5584  usbvideo - ok
16:02:16.0070 5584  [ 44603DA5A87FB491EF59C889EBBB4DDB ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:02:16.0176 5584  USBXHCI - ok
16:02:16.0209 5584  [ 382100E75B6F4668AEAEF228C6CEFFAD ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:02:16.0251 5584  VaultSvc - ok
16:02:16.0294 5584  [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:02:16.0393 5584  vdrvroot - ok
16:02:16.0460 5584  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A ] vds             C:\WINDOWS\System32\vds.exe
16:02:16.0574 5584  vds - ok
16:02:16.0609 5584  [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:02:16.0717 5584  VerifierExt - ok
16:02:16.0779 5584  [ 8ABB4BABF59F092DF0B43778D8FD1884 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:02:16.0936 5584  vhdmp - ok
16:02:16.0983 5584  [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
16:02:17.0079 5584  viaide - ok
16:02:17.0122 5584  [ 511AD3FF957A0127E6BD336FF6F89C38 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:02:17.0177 5584  vmbus - ok
16:02:17.0230 5584  [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:02:17.0340 5584  VMBusHID - ok
16:02:17.0386 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:02:17.0457 5584  vmicguestinterface - ok
16:02:17.0475 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
16:02:17.0522 5584  vmicheartbeat - ok
16:02:17.0553 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:02:17.0600 5584  vmickvpexchange - ok
16:02:17.0631 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
16:02:17.0694 5584  vmicrdv - ok
16:02:17.0725 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
16:02:17.0787 5584  vmicshutdown - ok
16:02:17.0819 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
16:02:17.0878 5584  vmictimesync - ok
16:02:17.0893 5584  [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
16:02:17.0956 5584  vmicvss - ok
16:02:18.0003 5584  [ 436E1A724E7E683F6B612D3D58F04241 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:02:18.0104 5584  volmgr - ok
16:02:18.0153 5584  [ 7DD4EAE2E680948D9AFF3E1B5234C1D3 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:02:18.0387 5584  volmgrx - ok
16:02:18.0444 5584  [ 17F7B0F2298D97F4B6C7A69511033D3D ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:02:18.0558 5584  volsnap - ok
16:02:18.0615 5584  [ DAC438FB5FF85A9E72806E2341D5D732 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:02:18.0731 5584  vpci - ok
16:02:18.0774 5584  [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:02:18.0853 5584  vsmraid - ok
16:02:18.0937 5584  [ D0CBA7B3531CCF2ADB985856D5F92434 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:02:19.0083 5584  VSS - ok
16:02:19.0114 5584  [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:02:19.0213 5584  VSTXRAID - ok
16:02:19.0260 5584  [ 71066FF95C487327E44C8AF1B72EBE8B ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:02:19.0448 5584  vwifibus - ok
16:02:19.0495 5584  [ 29AB43937FFDA0B0FB56984226E698C6 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:02:19.0604 5584  vwififlt - ok
16:02:19.0639 5584  [ 8B8624A93E3F88CB923AEB05B6313227 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:02:19.0772 5584  vwifimp - ok
16:02:19.0820 5584  [ DC821E811EFBB65CDD77FBB8B6ECA385 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:02:19.0933 5584  W32Time - ok
16:02:19.0965 5584  [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:02:20.0107 5584  WacomPen - ok
16:02:20.0148 5584  [ FCAFB80B6BB215E908EA1E9F598FEBCB ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:02:20.0272 5584  Wanarp - ok
16:02:20.0283 5584  [ FCAFB80B6BB215E908EA1E9F598FEBCB ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:02:20.0344 5584  Wanarpv6 - ok
16:02:20.0422 5584  [ DC34F51CED7CC444F27E2B8D837CD0FF ] Warsaw Technology C:\Program Files\Diebold\Warsaw\core.exe
16:02:20.0500 5584  Warsaw Technology - ok
16:02:20.0578 5584  [ 841345442390953CBC8801B95D3D0540 ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:02:20.0759 5584  wbengine - ok
16:02:20.0812 5584  [ 0F1DFA2FED73FA78B8C3CDE332A870F6 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:02:20.0926 5584  WbioSrvc - ok
16:02:21.0020 5584  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\WINDOWS\WindowsMobile\wcescomm.dll
16:02:21.0067 5584  WcesComm - ok
16:02:21.0142 5584  [ 0EAEC313B24837613621B4A2536ED382 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:02:21.0229 5584  Wcmsvc - ok
16:02:21.0276 5584  [ A7F2B008F038EFFED5A847029852BC27 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:02:21.0354 5584  wcncsvc - ok
16:02:21.0401 5584  [ B7BF1D783F5B2484E8CE1C0C78257F16 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:02:21.0489 5584  WcsPlugInService - ok
16:02:21.0536 5584  [ F2E08D1C067FEFC3A42D21FD4810F1D3 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:02:21.0677 5584  WdBoot - ok
16:02:21.0724 5584  [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:02:21.0865 5584  Wdf01000 - ok
16:02:21.0912 5584  [ E234820E6B84ABA5E84E00227F505AE8 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:02:22.0052 5584  WdFilter - ok
16:02:22.0101 5584  [ F581F9C9D6953FABFA24E67105F0B614 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:02:22.0166 5584  WdiServiceHost - ok
16:02:22.0191 5584  [ F581F9C9D6953FABFA24E67105F0B614 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:02:22.0245 5584  WdiSystemHost - ok
16:02:22.0278 5584  [ 9955F303C20C4F58DB6645C6248DE1C8 ] wdm_usb         C:\WINDOWS\system32\DRIVERS\usb2ser.sys
16:02:22.0393 5584  wdm_usb - ok
16:02:22.0440 5584  [ A74AD6D80AC26E1B5DD276FC927F2BAC ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:02:22.0551 5584  WdNisDrv - ok
16:02:22.0591 5584  WdNisSvc - ok
16:02:22.0638 5584  [ A70CAF5EA36CBA5FCA24244306D4D5C6 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:02:22.0747 5584  WebClient - ok
16:02:22.0794 5584  [ 384E1D04FE20845B2559D292F17A9FA1 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:02:22.0856 5584  Wecsvc - ok
16:02:22.0903 5584  [ 455014F4E48B67EBE0F032E2B0E06BF2 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:02:22.0950 5584  WEPHOSTSVC - ok
16:02:23.0013 5584  [ F13DBA57CEA9B7074B95EDCA6AD2635E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:02:23.0105 5584  wercplsupport - ok
16:02:23.0159 5584  [ FD7E58B6AA3EABF2D12B9762A20E11E4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:02:23.0215 5584  WerSvc - ok
16:02:23.0262 5584  [ B3E08E32BD082100928C6BA18AE5E526 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:02:23.0363 5584  WFPLWFS - ok
16:02:23.0421 5584  [ 8C840E1FD7584E74BD0CC1EA581EC187 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:02:23.0486 5584  WiaRpc - ok
16:02:23.0528 5584  [ 5F66B7BB330AA80067FC66149A692620 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:02:23.0606 5584  WIMMount - ok
16:02:23.0622 5584  WinDefend - ok
16:02:23.0710 5584  [ A083D80E73C2186C63A973971BD6E76D ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:02:23.0772 5584  WinHttpAutoProxySvc - ok
16:02:23.0913 5584  [ FC8BD690321216C32BB58B035B6D5674 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:02:24.0022 5584  Winmgmt - ok
16:02:24.0184 5584  [ F2F8EA11CF2464476E2CBE9BDF2C9776 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:02:24.0386 5584  WinRM - ok
16:02:24.0448 5584  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
16:02:24.0599 5584  WinUsb - ok
16:02:24.0668 5584  [ 2A4A54CB5198AEF84DF56560C679EDD9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:02:24.0753 5584  WlanSvc - ok
16:02:24.0847 5584  [ 06BF5897949A8F24893F792E876B71F5 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:02:24.0972 5584  wlidsvc - ok
16:02:25.0019 5584  [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:02:25.0211 5584  WmiAcpi - ok
16:02:25.0249 5584  [ B96F7A1236C3F21212DE2C40A3DDB005 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:02:25.0296 5584  wmiApSrv - ok
16:02:25.0327 5584  WMPNetworkSvc - ok
16:02:25.0387 5584  [ 7FC5667DF73D4B04AA457CC3A4180E09 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
16:02:25.0456 5584  Wof - ok
16:02:25.0554 5584  [ EDFA5CEDBE174FAAA4A09A6B297AEA42 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:02:25.0689 5584  workfolderssvc - ok
16:02:25.0747 5584  [ A2468CC3509394A33C4C32F99563D845 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:02:25.0836 5584  wpcfltr - ok
16:02:25.0878 5584  [ 19F4DF69876DA7E9C4965351560FE6B7 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
16:02:25.0940 5584  WPCSvc - ok
16:02:25.0987 5584  [ 25BE82B325AC22FE563A58A1AC29F4C1 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:02:26.0112 5584  WPDBusEnum - ok
16:02:26.0164 5584  [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:02:26.0258 5584  WpdUpFltr - ok
16:02:26.0285 5584  [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:02:26.0413 5584  ws2ifsl - ok
16:02:26.0460 5584  [ 501D5EFAB9711039479AE48401386D2B ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:02:26.0542 5584  wscsvc - ok
16:02:26.0582 5584  [ 02553BF9B625B0C2FC2715B42BBD1C74 ] wsddfac         C:\WINDOWS\system32\drivers\wsddfac.sys
16:02:26.0644 5584  wsddfac - ok
16:02:26.0660 5584  [ B33905C5B3921DFA654BCEC4D7E00465 ] wsddntf         C:\WINDOWS\system32\DRIVERS\wsddntf.sys
16:02:26.0735 5584  wsddntf - ok
16:02:26.0763 5584  [ 7382D22F0B3B1DE91B30B0798547A637 ] wsddpp          C:\WINDOWS\system32\drivers\wsddpp.sys
16:02:26.0825 5584  wsddpp - ok
16:02:26.0872 5584  [ FE176D71EB5E7D650EA6CD74E1893553 ] wsddprm         C:\WINDOWS\system32\drivers\wsddprm.sys
16:02:26.0966 5584  wsddprm - ok
16:02:26.0981 5584  [ F586F3F1BF962FE9AE4316E0D896B22F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
16:02:27.0103 5584  WSDPrintDevice - ok
16:02:27.0151 5584  [ 58035FD3369879E02D65989C44D27450 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
16:02:27.0245 5584  WSDScan - ok
16:02:27.0260 5584  WSearch - ok
16:02:27.0401 5584  [ 6B2D71124C1EA86B74412F414C42431D ] WSService       C:\WINDOWS\System32\WSService.dll
16:02:27.0680 5584  WSService - ok
16:02:27.0816 5584  [ 4B93BC39257006A7330D71907C74E319 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:02:28.0092 5584  wuauserv - ok
16:02:28.0139 5584  [ 481286719402E4BAEFEA0604AB1B5113 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:02:28.0301 5584  WudfPf - ok
16:02:28.0333 5584  [ D7B4859227B02BCC1055B279A63C937F ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:02:28.0491 5584  WUDFRd - ok
16:02:28.0504 5584  [ D7B4859227B02BCC1055B279A63C937F ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
16:02:28.0571 5584  WUDFSensorLP - ok
16:02:28.0621 5584  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:02:28.0669 5584  wudfsvc - ok
16:02:28.0700 5584  [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
16:02:28.0759 5584  WUDFWpdFs - ok
16:02:28.0775 5584  [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
16:02:28.0837 5584  WUDFWpdMtp - ok
16:02:28.0900 5584  [ A0900F8F628B5AF6841414EB3CF11E50 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:02:28.0990 5584  WwanSvc - ok
16:02:29.0037 5584  ================ Scan global ===============================
16:02:29.0104 5584  [ 3500AF0BA2EF095BF313EEB75D2366C6 ] C:\WINDOWS\system32\basesrv.dll
16:02:29.0148 5584  [ EAB311B0A7A8EA0346F14F08D4BC8F46 ] C:\WINDOWS\system32\winsrv.dll
16:02:29.0214 5584  [ 3600ED7EA8AED849E20700551C0BD63B ] C:\WINDOWS\system32\sxssrv.dll
16:02:29.0300 5584  [ E0C7813A97CA7947FF5C18A8F3B61A45 ] C:\WINDOWS\system32\services.exe
16:02:29.0313 5584  [Global] - ok
16:02:29.0313 5584  ================ Scan MBR ==================================
16:02:29.0329 5584  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:02:29.0410 5584  \Device\Harddisk0\DR0 - ok
16:02:29.0412 5584  ================ Scan VBR ==================================
16:02:29.0417 5584  [ 1648377F6B1FD9FBD1C266C702158C94 ] \Device\Harddisk0\DR0\Partition1
16:02:29.0420 5584  \Device\Harddisk0\DR0\Partition1 - ok
16:02:29.0443 5584  [ 550F5D9E23F7088036F32631AA3D804E ] \Device\Harddisk0\DR0\Partition2
16:02:29.0443 5584  \Device\Harddisk0\DR0\Partition2 - ok
16:02:29.0474 5584  [ 370A38D0475E6D6A7CB3B334F771AD76 ] \Device\Harddisk0\DR0\Partition3
16:02:29.0474 5584  \Device\Harddisk0\DR0\Partition3 - ok
16:02:29.0489 5584  [ F07F2EAA8E2BDABF9A1882E65850744E ] \Device\Harddisk0\DR0\Partition4
16:02:29.0489 5584  \Device\Harddisk0\DR0\Partition4 - ok
16:02:29.0525 5584  [ F5F6ADA30AD9C0FB57FB9593EDB98B00 ] \Device\Harddisk0\DR0\Partition5
16:02:29.0525 5584  \Device\Harddisk0\DR0\Partition5 - ok
16:02:29.0541 5584  [ CD84CBA67691A9B6B26997968147AE20 ] \Device\Harddisk0\DR0\Partition6
16:02:29.0541 5584  \Device\Harddisk0\DR0\Partition6 - ok
16:02:29.0556 5584  ============================================================
16:02:29.0556 5584  Scan finished
16:02:29.0556 5584  ============================================================
16:02:29.0572 3344  Detected object count: 4
16:02:29.0572 3344  Actual detected object count: 4
16:02:46.0276 3344  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:46.0276 3344  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:46.0277 3344  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:46.0277 3344  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:46.0281 3344  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:46.0281 3344  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:46.0285 3344  PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:46.0285 3344  PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:03:29.0480 7992  Deinitialize success
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia Elias,

 

Fiz conforme você orientou. Reiniciei o Pc. Passei o Scan e não acusou mais nenhum trojan ou virus. 

Obrigado por toda ajuda neste processo.

 

valeu.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@jones awoki limas

 

Em relação a malwares, não temos mais problemas.

Ultimas instruções.

Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
http://www.bleepingcomputer.com/download/delfix/dl/281/

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

*** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

ipb9zl.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Att.
Elias Pereira

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×