Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.BundleInstaller.Somoto


  • Please log in to reply
28 replies to this topic

#1 marija_peg

marija_peg

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 14 November 2012 - 01:56 PM

Mod Edit:Moved from WIN7 to Am I Infected ~boopme

Hello to all. My problem began 2 days ago when I tried to turn on my laptop (ASUS K53E)and it didn't move past the windows logo (I have Windows 7 Ultimate 32-bit). I tried to go to Windows Repair, but it just got stuck and it never completed the process even after a couple of hours. After that I tried to do everything there is - all the system restore points - nothing, memory diagnostics - the process could not be finished. After that I turned on my computer in Safe mode, luckily I was able to do that. Then I tried to go to my Antivirus program (Avast) but it was completely blocked. It was not protecting me neither could I perform a scan or anything. What I did next was to download Malwarebytes and it detected the following:
C:\Users\*******\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto)
I immediately deleted it but again, when I turned on my computer, the same thing happened. When I got past the Windows logo, all I could see was a black screen. Again, I entered the Safe mode, tried to run Hijack this, but I was unable to run it in Safe mode. Then I installed SuperAntiSpyware which besides the Somoto PUP detected also Heur Agent/Gen-Whitebox. I deleted all the files, and now I tried to turn my computer back on, and it works. I am now installing HiJackThis to check for any remaining threats. However, the installation does not seem to go through, it is stuck at the very beginning. Also my computer is now extremely slow, and it never was like that. It seems that I have not gotten rid of the virus?
I could do a fresh Windows installation, I have Windows 7 32-bit, and I could upgrade to 64-bit. Do you think I could/should safely install it now or should I completely be sure that all the viruses/adwares are gone? Thank you for your help!

EDIT: Sorry I posted on the wrong forum. My computer is very slow now and I could not install HijackThis. I didn't connect to the Internet ever since this happened as not to make any more damage. Please help!

Edited by marija_peg, 14 November 2012 - 04:36 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,344 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:19 PM

Posted 14 November 2012 - 04:57 PM

Hello..
For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.


Now check if the internet is working again.

OR

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.


If needed : type these one line at a time, press enter after each line. See if it works after each.

netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns


WIN7.. Please Download this file, Click Me
Right-click on winsockfix.bat and click on Run as Administrator

Now run these and see how it is....

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.



Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.





Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 dev00790

dev00790

    Bleeping chocoholic


  • Members
  • 4,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:19 AM

Posted 14 November 2012 - 04:57 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the box next to Loaded modules
  • If you are asked to reboot, then click Yes.

Next

  • Check the boxes next to Loaded modules, Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#4 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 08:11 AM

Hello, thank you for your help! I am just confused, should I first do the stuff from the first reply or just the last one?
A new update - when I turned on my computer there was a long pause with a black screen, then when I come to the login screen there was no small picture over the password box (don't know if this is relevant, but anyways...). So when I got to my desktop, Avast antivirus was disabled, but when I just opened it, it was enabled.
I tried running SuperAntiSpyware and after a long pause I got a flash of the blue screen with the message: a problem has been detected and windows has been shutdown to prevent damage to your computer..
Now I am turning it on again, the Welcome screen is running for 5 minutes already. I am going to follow the instructions from the second post.
This is stressful.

#5 dev00790

dev00790

    Bleeping chocoholic


  • Members
  • 4,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:19 AM

Posted 15 November 2012 - 08:20 AM

Hi

Apologies, it seems myself and boopme posted at the same time :).

Please follow boopme's instructions for now.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 08:34 AM

Actually I haven't tried to connect to the internet, as I thought I might do more damage that way if my Avast is behaving weirdly and I have a virus. Is that normal reasoning? It is possible that I could normally establish a connection, but is it safe to do that? Also, can I do this stuff in safe mode or does it have to be normal mode? Sometimes my laptop turns on, sometimes it doesn't - then I only get a hanging black screen.. As the last time I turned it on I got just the black screen after a hanging welcome screen, I shut it down by force and now it is checking my disk on its own.. I still haven't started with the instructions, either yours or boopme's as I still didn't get a chance. I have a second computer on me I am writing from at the moment, and I will be downloading all the programs on it and using a stick to get it to my broken laptop.
The check disk log says:
deleting index entry monitor0000.mdnd in index $I30 of file ...
deleting index entry Monito~1.mdn in index $I30 of file ...
deleting index entry 2012_11_09_10_23_10 in index $I30 of file
repairing usn journal data...
This is as much as I could write down while it checked the disk. Now I am still waiting for the welcome screen..

#7 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 08:46 AM

Boopme, in your instructions the step to download Rkill is repeated, is that a mistake?

#8 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 10:03 AM

OK, so following boopme's instructions I did the following:
I skipped enabling Internet connection, since I downloaded all the programs from another computer.

1. winsockfix.bat
LOG:
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Restart the computer to complete this action.

You now have to reboot your PC!
Press any key to continue . . .
END OF LOG

2. Rkill by Grinler
It worked with the first link, there was a DOS box, however it was not a flash, rather it was on for 2 minutes.

LOG:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/15/2012 03:47:30 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:
* No malware services found to stop.

Checking for processes to terminate:
* No malware processes found to kill.

Checking Registry for malware related settings:
* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
* No issues found.

Checking Windows Service Integrity:
* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\user32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811.520 : 07/14/2009 00:16 AM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811.520 : 11/20/2010 01:21 PM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

Checking HOSTS File:
* No issues found.

Program finished at: 11/15/2012 03:49:45 PM
Execution time: 0 hours(s), 2 minute(s), and 14 seconds(s)
END OF LOG

Actually, as I run the RKill at the beginning and in the end (following the instructions), the log was modified to the later scan, but I think the logs were the same.

I will continue in another post since the TDSSKiller log is rather long.

#9 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 10:16 AM

15:23:26.0577 5056 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:23:26.0640 5056 ============================================================
15:23:26.0640 5056 Current date / time: 2012/11/15 15:23:26.0640
15:23:26.0640 5056 SystemInfo:
15:23:26.0640 5056
15:23:26.0640 5056 OS Version: 6.1.7601 ServicePack: 1.0
15:23:26.0640 5056 Product type: Workstation
15:23:26.0640 5056 ComputerName: **
15:23:26.0640 5056 UserName: **
15:23:26.0640 5056 Windows directory: C:\Windows
15:23:26.0640 5056 System windows directory: C:\Windows
15:23:26.0640 5056 Processor architecture: Intel x86
15:23:26.0640 5056 Number of processors: 2
15:23:26.0640 5056 Page size: 0x1000
15:23:26.0640 5056 Boot type: Normal boot
15:23:26.0640 5056 ============================================================
15:23:27.0264 5056 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:23:27.0264 5056 Drive \Device\Harddisk1\DR1 - Size: 0x1DEC00000 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:23:27.0264 5056 ============================================================
15:23:27.0264 5056 \Device\Harddisk0\DR0:
15:23:27.0264 5056 MBR partitions:
15:23:27.0264 5056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:23:27.0264 5056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x18FFF2C9
15:23:27.0279 5056 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19031B08, BlocksNum 0x318253B9
15:23:27.0279 5056 \Device\Harddisk1\DR1:
15:23:27.0279 5056 MBR partitions:
15:23:27.0279 5056 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xEF4000
15:23:27.0279 5056 ============================================================
15:23:27.0310 5056 C: <-> \Device\Harddisk0\DR0\Partition2
15:23:27.0326 5056 D: <-> \Device\Harddisk0\DR0\Partition3
15:23:27.0326 5056 ============================================================
15:23:27.0326 5056 Initialize success
15:23:27.0326 5056 ============================================================
15:23:52.0895 2736 ============================================================
15:23:52.0895 2736 Scan started
15:23:52.0895 2736 Mode: Manual; TDLFS;
15:23:52.0895 2736 ============================================================
15:23:53.0285 2736 ================ Scan system memory ========================
15:23:53.0285 2736 System memory - ok
15:23:53.0285 2736 ================ Scan services =============================
15:23:53.0378 2736 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:23:53.0378 2736 !SASCORE - ok
15:23:53.0597 2736 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:23:53.0597 2736 1394ohci - ok
15:23:53.0628 2736 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:23:53.0643 2736 ACPI - ok
15:23:53.0675 2736 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:23:53.0675 2736 AcpiPmi - ok
15:23:53.0784 2736 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:23:53.0784 2736 AdobeARMservice - ok
15:23:53.0815 2736 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:23:53.0815 2736 adp94xx - ok
15:23:53.0831 2736 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:23:53.0831 2736 adpahci - ok
15:23:53.0846 2736 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:23:53.0846 2736 adpu320 - ok
15:23:53.0862 2736 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:23:53.0862 2736 AeLookupSvc - ok
15:23:53.0909 2736 [ 94FBD1ED8AE2074ACD7BFA0E755FB792 ] AFBAgent C:\Windows\system32\FBAgent.exe
15:23:53.0909 2736 AFBAgent - ok
15:23:53.0940 2736 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:23:53.0955 2736 AFD - ok
15:23:53.0971 2736 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:23:53.0971 2736 agp440 - ok
15:23:54.0002 2736 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:23:54.0002 2736 aic78xx - ok
15:23:54.0033 2736 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:23:54.0033 2736 ALG - ok
15:23:54.0049 2736 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:23:54.0049 2736 aliide - ok
15:23:54.0065 2736 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:23:54.0065 2736 amdagp - ok
15:23:54.0080 2736 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:23:54.0080 2736 amdide - ok
15:23:54.0111 2736 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:23:54.0111 2736 AmdK8 - ok
15:23:54.0127 2736 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:23:54.0127 2736 AmdPPM - ok
15:23:54.0143 2736 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:23:54.0143 2736 amdsata - ok
15:23:54.0158 2736 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:23:54.0174 2736 amdsbs - ok
15:23:54.0189 2736 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:23:54.0189 2736 amdxata - ok
15:23:54.0221 2736 [ CB3344B1952130183841977198E9A296 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:23:54.0221 2736 AMPPAL - ok
15:23:54.0236 2736 [ CB3344B1952130183841977198E9A296 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:23:54.0236 2736 AMPPALP - ok
15:23:54.0283 2736 [ 0C3DB36FB2894BF371B60A3E3C660D60 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:23:54.0330 2736 AMPPALR3 - ok
15:23:54.0361 2736 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:23:54.0361 2736 AppID - ok
15:23:54.0392 2736 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:23:54.0392 2736 AppIDSvc - ok
15:23:54.0423 2736 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:23:54.0423 2736 Appinfo - ok
15:23:54.0439 2736 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:23:54.0439 2736 AppMgmt - ok
15:23:54.0470 2736 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:23:54.0470 2736 arc - ok
15:23:54.0486 2736 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:23:54.0486 2736 arcsas - ok
15:23:54.0564 2736 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:23:54.0564 2736 ASLDRService - ok
15:23:54.0579 2736 [ B9FDFA552EBA5B4BF377F7CCEC9B8BC7 ] ASMMAP C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys
15:23:54.0579 2736 ASMMAP - ok
15:23:54.0642 2736 [ A3938D491EAEE2B83D3A3631C3273182 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
15:23:54.0642 2736 asmthub3 - ok
15:23:54.0657 2736 [ FE5FFED1DBA8DA0C9064202207301BA4 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
15:23:54.0673 2736 asmtxhci - ok
15:23:54.0782 2736 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:23:54.0782 2736 aspnet_state - ok
15:23:54.0829 2736 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:23:54.0829 2736 aswFsBlk - ok
15:23:54.0891 2736 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:23:54.0907 2736 aswMonFlt - ok
15:23:54.0923 2736 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:23:54.0923 2736 aswRdr - ok
15:23:54.0969 2736 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:23:55.0016 2736 aswSnx - ok
15:23:55.0032 2736 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:23:55.0047 2736 aswSP - ok
15:23:55.0079 2736 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:23:55.0079 2736 aswTdi - ok
15:23:55.0094 2736 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:23:55.0110 2736 AsyncMac - ok
15:23:55.0125 2736 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:23:55.0125 2736 atapi - ok
15:23:55.0157 2736 [ 988E54F204136709E2CF1185E54BFA65 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
15:23:55.0157 2736 AthBTPort - ok
15:23:55.0203 2736 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
15:23:55.0203 2736 Atheros Bt&Wlan Coex Agent - ok
15:23:55.0219 2736 [ 95A7A938518F7D86B0D03FA06B034F0B ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
15:23:55.0219 2736 AtherosSvc - ok
15:23:55.0250 2736 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:23:55.0250 2736 ATKGFNEXSrv - ok
15:23:55.0281 2736 [ 6C12AD7F62FD34775C097D8FD1727EC9 ] ATKWMIACPIIO C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys
15:23:55.0281 2736 ATKWMIACPIIO - ok
15:23:55.0328 2736 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:23:55.0328 2736 AudioEndpointBuilder - ok
15:23:55.0344 2736 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:23:55.0344 2736 Audiosrv - ok
15:23:55.0453 2736 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:23:55.0453 2736 avast! Antivirus - ok
15:23:55.0469 2736 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:23:55.0469 2736 AxInstSV - ok
15:23:55.0515 2736 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:23:55.0531 2736 b06bdrv - ok
15:23:55.0578 2736 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:23:55.0578 2736 b57nd60x - ok
15:23:55.0625 2736 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:23:55.0625 2736 BDESVC - ok
15:23:55.0640 2736 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:23:55.0640 2736 Beep - ok
15:23:55.0718 2736 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:23:55.0718 2736 BFE - ok
15:23:55.0765 2736 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:23:55.0781 2736 BITS - ok
15:23:55.0781 2736 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:23:55.0796 2736 blbdrive - ok
15:23:55.0859 2736 [ FEE8EEE4B33E4CB560BD0F5EE26EA3E5 ] Bluetooth Device Monitor C:\Program Files\Intel\Bluetooth\devmonsrv.exe
15:23:55.0874 2736 Bluetooth Device Monitor - ok
15:23:55.0905 2736 [ 5AE7F6E810853AEBCB60C4ACDCD87103 ] Bluetooth Media Service C:\Program Files\Intel\Bluetooth\mediasrv.exe
15:23:55.0921 2736 Bluetooth Media Service - ok
15:23:55.0952 2736 [ 6030437C07D554090D63826E9F608DE1 ] Bluetooth OBEX Service C:\Program Files\Intel\Bluetooth\obexsrv.exe
15:23:55.0968 2736 Bluetooth OBEX Service - ok
15:23:55.0999 2736 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:23:55.0999 2736 bowser - ok
15:23:56.0030 2736 [ 6EE9500D2B72FDB513B785140020718B ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
15:23:56.0030 2736 bpenum - ok
15:23:56.0046 2736 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:23:56.0046 2736 BrFiltLo - ok
15:23:56.0061 2736 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:23:56.0061 2736 BrFiltUp - ok
15:23:56.0093 2736 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
15:23:56.0093 2736 Browser - ok
15:23:56.0108 2736 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:23:56.0108 2736 Brserid - ok
15:23:56.0139 2736 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:23:56.0139 2736 BrSerWdm - ok
15:23:56.0155 2736 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:23:56.0171 2736 BrUsbMdm - ok
15:23:56.0186 2736 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:23:56.0186 2736 BrUsbSer - ok
15:23:56.0217 2736 [ CBD9F479F1023D479DF61C0753C7EEC9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
15:23:56.0217 2736 BTATH_A2DP - ok
15:23:56.0264 2736 [ 2429BE4D0BC548C98FAB18244E701FD7 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
15:23:56.0264 2736 btath_avdt - ok
15:23:56.0280 2736 [ A270CA996F3B265D936D4114D11D36E8 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
15:23:56.0280 2736 BTATH_BUS - ok
15:23:56.0295 2736 [ F093C20121DEB3885658CE9E2BBE0ED2 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
15:23:56.0311 2736 BTATH_HCRP - ok
15:23:56.0327 2736 [ DE74F771A80886C51BE8108AA76829C1 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:23:56.0327 2736 BTATH_LWFLT - ok
15:23:56.0342 2736 [ 7F58F896225B0D35A0BFABA05AE88B0A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
15:23:56.0358 2736 BTATH_RCP - ok
15:23:56.0373 2736 [ 301B5A5A7D2CA91724B8E299310E5F98 ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
15:23:56.0389 2736 BTATH_VDP - ok
15:23:56.0436 2736 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:23:56.0436 2736 BthEnum - ok
15:23:56.0467 2736 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:23:56.0467 2736 BTHMODEM - ok
15:23:56.0498 2736 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:23:56.0498 2736 BthPan - ok
15:23:56.0529 2736 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:23:56.0545 2736 BTHPORT - ok
15:23:56.0576 2736 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:23:56.0576 2736 bthserv - ok
15:23:56.0592 2736 [ 04F3C555369B85E53C858CE743F977DD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:23:56.0592 2736 BTHSSecurityMgr - ok
15:23:56.0607 2736 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:23:56.0607 2736 BTHUSB - ok
15:23:56.0623 2736 [ ECF4C3BB58C701D73FCE05F25C8B323B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:23:56.0623 2736 btmaux - ok
15:23:56.0654 2736 [ 58351A9ED9A5AD3C8A22EC5BEBF4DA2A ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
15:23:56.0670 2736 btmhsf - ok
15:23:56.0685 2736 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:23:56.0685 2736 cdfs - ok
15:23:56.0701 2736 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:23:56.0701 2736 cdrom - ok
15:23:56.0732 2736 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:23:56.0732 2736 CertPropSvc - ok
15:23:56.0763 2736 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:23:56.0763 2736 circlass - ok
15:23:56.0779 2736 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:23:56.0779 2736 CLFS - ok
15:23:56.0826 2736 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:23:56.0826 2736 clr_optimization_v2.0.50727_32 - ok
15:23:56.0857 2736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:23:56.0857 2736 clr_optimization_v4.0.30319_32 - ok
15:23:56.0873 2736 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:23:56.0873 2736 CmBatt - ok
15:23:56.0888 2736 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:23:56.0888 2736 cmdide - ok
15:23:56.0919 2736 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
15:23:56.0919 2736 CNG - ok
15:23:56.0935 2736 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:23:56.0935 2736 Compbatt - ok
15:23:56.0966 2736 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:23:56.0966 2736 CompositeBus - ok
15:23:56.0982 2736 COMSysApp - ok
15:23:56.0997 2736 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:23:56.0997 2736 crcdisk - ok
15:23:57.0044 2736 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:23:57.0044 2736 CryptSvc - ok
15:23:57.0107 2736 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:23:57.0107 2736 CSC - ok
15:23:57.0153 2736 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:23:57.0169 2736 CscService - ok
15:23:57.0200 2736 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:23:57.0216 2736 DcomLaunch - ok
15:23:57.0247 2736 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:23:57.0247 2736 defragsvc - ok
15:23:57.0278 2736 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:23:57.0294 2736 DfsC - ok
15:23:57.0309 2736 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:23:57.0325 2736 Dhcp - ok
15:23:57.0356 2736 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:23:57.0356 2736 discache - ok
15:23:57.0372 2736 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:23:57.0372 2736 Disk - ok
15:23:57.0419 2736 [ 6FCDDA7F7BFE4F6C274B0EB9319D3FEC ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
15:23:57.0434 2736 DMAgent - ok
15:23:57.0465 2736 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:23:57.0481 2736 Dnscache - ok
15:23:57.0543 2736 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:23:57.0559 2736 dot3svc - ok
15:23:57.0590 2736 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:23:57.0590 2736 DPS - ok
15:23:57.0621 2736 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:23:57.0621 2736 drmkaud - ok
15:23:57.0684 2736 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:23:57.0684 2736 DXGKrnl - ok
15:23:57.0715 2736 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:23:57.0715 2736 EapHost - ok
15:23:57.0824 2736 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:23:57.0918 2736 ebdrv - ok
15:23:57.0980 2736 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:23:57.0980 2736 EFS - ok
15:23:58.0074 2736 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:23:58.0074 2736 ehRecvr - ok
15:23:58.0136 2736 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:23:58.0136 2736 ehSched - ok
15:23:58.0183 2736 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:23:58.0199 2736 elxstor - ok
15:23:58.0230 2736 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:23:58.0230 2736 ErrDev - ok
15:23:58.0277 2736 [ 6F857AA66D3E4CC215376B1C265E06F8 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:23:58.0277 2736 ETD - ok
15:23:58.0339 2736 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:23:58.0355 2736 EventSystem - ok
15:23:58.0464 2736 [ 00FA69825F68032B601AA1C60E75F06A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:23:58.0479 2736 EvtEng - ok
15:23:58.0495 2736 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:23:58.0495 2736 exfat - ok
15:23:58.0542 2736 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:23:58.0557 2736 fastfat - ok
15:23:58.0620 2736 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:23:58.0620 2736 Fax - ok
15:23:58.0651 2736 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:23:58.0651 2736 fdc - ok
15:23:58.0682 2736 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:23:58.0682 2736 fdPHost - ok
15:23:58.0698 2736 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:23:58.0698 2736 FDResPub - ok
15:23:58.0729 2736 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:23:58.0729 2736 FileInfo - ok
15:23:58.0745 2736 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:23:58.0745 2736 Filetrace - ok
15:23:58.0760 2736 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:23:58.0760 2736 flpydisk - ok
15:23:58.0776 2736 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:23:58.0776 2736 FltMgr - ok
15:23:58.0807 2736 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:23:58.0823 2736 FontCache - ok
15:23:58.0869 2736 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:23:58.0869 2736 FontCache3.0.0.0 - ok
15:23:58.0885 2736 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:23:58.0901 2736 FsDepends - ok
15:23:58.0916 2736 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:23:58.0932 2736 Fs_Rec - ok
15:23:58.0963 2736 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:23:58.0979 2736 fvevol - ok
15:23:59.0010 2736 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:23:59.0010 2736 gagp30kx - ok
15:23:59.0057 2736 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:23:59.0072 2736 gpsvc - ok
15:23:59.0150 2736 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:23:59.0150 2736 gupdate - ok
15:23:59.0181 2736 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:23:59.0181 2736 gupdatem - ok
15:23:59.0197 2736 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:23:59.0197 2736 hcw85cir - ok
15:23:59.0259 2736 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:23:59.0259 2736 HdAudAddService - ok
15:23:59.0275 2736 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:23:59.0291 2736 HDAudBus - ok
15:23:59.0306 2736 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:23:59.0306 2736 HidBatt - ok
15:23:59.0337 2736 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:23:59.0353 2736 HidBth - ok
15:23:59.0353 2736 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:23:59.0369 2736 HidIr - ok
15:23:59.0384 2736 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:23:59.0400 2736 hidserv - ok
15:23:59.0431 2736 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:23:59.0431 2736 HidUsb - ok
15:23:59.0462 2736 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:23:59.0462 2736 hkmsvc - ok
15:23:59.0509 2736 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:23:59.0509 2736 HomeGroupListener - ok
15:23:59.0525 2736 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:23:59.0540 2736 HomeGroupProvider - ok
15:23:59.0556 2736 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:23:59.0556 2736 HpSAMD - ok
15:23:59.0587 2736 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:23:59.0587 2736 HTTP - ok
15:23:59.0618 2736 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:23:59.0634 2736 hwpolicy - ok
15:23:59.0665 2736 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:23:59.0665 2736 i8042prt - ok
15:23:59.0712 2736 [ DB81F413FA4E3F328CAD7B5D59EF3F21 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:23:59.0712 2736 iaStor - ok
15:23:59.0759 2736 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:23:59.0759 2736 iaStorV - ok
15:23:59.0805 2736 [ AE2DC615F928AC6A18CF25A58630809E ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:23:59.0805 2736 iBtFltCoex - ok
15:23:59.0868 2736 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:23:59.0883 2736 idsvc - ok
15:24:00.0149 2736 [ 24CCEC128BEBB148E50C6093523AD686 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:24:00.0383 2736 igfx - ok
15:24:00.0429 2736 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:24:00.0429 2736 iirsp - ok
15:24:00.0445 2736 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:24:00.0445 2736 IKEEXT - ok
15:24:00.0476 2736 [ 67720DC1D18770D5D07C3F6245208D70 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:24:00.0476 2736 intaud_WaveExtensible - ok
15:24:00.0554 2736 [ EDEE2DA9E9DB2A9601221B903451BB7C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:24:00.0648 2736 IntcAzAudAddService - ok
15:24:00.0663 2736 [ C4FA261B9B5C9822D26020949605AC43 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:24:00.0679 2736 IntcDAud - ok
15:24:00.0695 2736 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:24:00.0695 2736 intelide - ok
15:24:00.0710 2736 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:24:00.0710 2736 intelppm - ok
15:24:00.0726 2736 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:24:00.0741 2736 IPBusEnum - ok
15:24:00.0757 2736 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:00.0757 2736 IpFilterDriver - ok
15:24:00.0804 2736 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:24:00.0819 2736 iphlpsvc - ok
15:24:00.0835 2736 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:24:00.0835 2736 IPMIDRV - ok
15:24:00.0866 2736 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:24:00.0866 2736 IPNAT - ok
15:24:00.0882 2736 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:24:00.0882 2736 IRENUM - ok
15:24:00.0913 2736 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:24:00.0913 2736 isapnp - ok
15:24:00.0929 2736 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:24:00.0929 2736 iScsiPrt - ok
15:24:00.0960 2736 [ 6F31D9A9BF84596024F7E659E6A26F05 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:24:00.0960 2736 iwdbus - ok
15:24:00.0975 2736 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:24:00.0975 2736 kbdclass - ok
15:24:00.0991 2736 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:24:00.0991 2736 kbdhid - ok
15:24:01.0022 2736 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
15:24:01.0022 2736 kbfiltr - ok
15:24:01.0038 2736 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:24:01.0053 2736 KeyIso - ok
15:24:01.0053 2736 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:24:01.0053 2736 KSecDD - ok
15:24:01.0100 2736 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:24:01.0100 2736 KSecPkg - ok
15:24:01.0131 2736 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:24:01.0147 2736 KtmRm - ok
15:24:01.0163 2736 [ 25046613DFA30A7361996F15901CA0DE ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
15:24:01.0163 2736 L1C - ok
15:24:01.0209 2736 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:24:01.0209 2736 LanmanServer - ok
15:24:01.0241 2736 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:24:01.0256 2736 LanmanWorkstation - ok
15:24:01.0287 2736 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:24:01.0287 2736 lltdio - ok
15:24:01.0319 2736 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:24:01.0319 2736 lltdsvc - ok
15:24:01.0350 2736 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:24:01.0350 2736 lmhosts - ok
15:24:01.0381 2736 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:24:01.0381 2736 LMS - ok
15:24:01.0397 2736 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:01.0412 2736 LSI_FC - ok
15:24:01.0428 2736 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:01.0428 2736 LSI_SAS - ok
15:24:01.0443 2736 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:01.0443 2736 LSI_SAS2 - ok
15:24:01.0459 2736 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:01.0459 2736 LSI_SCSI - ok
15:24:01.0490 2736 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:24:01.0490 2736 luafv - ok
15:24:01.0553 2736 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:24:01.0553 2736 MBAMProtector - ok
15:24:01.0646 2736 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:24:01.0662 2736 MBAMScheduler - ok
15:24:01.0693 2736 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:24:01.0709 2736 MBAMService - ok
15:24:01.0740 2736 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:24:01.0755 2736 Mcx2Svc - ok
15:24:01.0787 2736 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:24:01.0787 2736 megasas - ok
15:24:01.0818 2736 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:01.0818 2736 MegaSR - ok
15:24:01.0849 2736 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
15:24:01.0849 2736 MEI - ok
15:24:01.0911 2736 Microsoft SharePoint Workspace Audit Service - ok
15:24:01.0943 2736 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:24:01.0943 2736 MMCSS - ok
15:24:01.0974 2736 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:24:01.0974 2736 Modem - ok
15:24:01.0989 2736 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:24:01.0989 2736 monitor - ok
15:24:02.0005 2736 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:24:02.0005 2736 mouclass - ok
15:24:02.0021 2736 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:24:02.0021 2736 mouhid - ok
15:24:02.0067 2736 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:24:02.0067 2736 mountmgr - ok
15:24:02.0099 2736 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:24:02.0099 2736 mpio - ok
15:24:02.0130 2736 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:24:02.0130 2736 mpsdrv - ok
15:24:02.0161 2736 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:24:02.0177 2736 MpsSvc - ok
15:24:02.0208 2736 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:24:02.0208 2736 MRxDAV - ok
15:24:02.0239 2736 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:02.0239 2736 mrxsmb - ok
15:24:02.0255 2736 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:02.0255 2736 mrxsmb10 - ok
15:24:02.0301 2736 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:02.0301 2736 mrxsmb20 - ok
15:24:02.0348 2736 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:24:02.0348 2736 msahci - ok
15:24:02.0379 2736 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:24:02.0379 2736 msdsm - ok
15:24:02.0411 2736 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:24:02.0411 2736 MSDTC - ok
15:24:02.0442 2736 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:24:02.0442 2736 Msfs - ok
15:24:02.0457 2736 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:24:02.0457 2736 mshidkmdf - ok
15:24:02.0473 2736 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:24:02.0473 2736 msisadrv - ok
15:24:02.0504 2736 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:24:02.0520 2736 MSiSCSI - ok
15:24:02.0520 2736 msiserver - ok
15:24:02.0535 2736 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:24:02.0535 2736 MSKSSRV - ok
15:24:02.0551 2736 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:02.0551 2736 MSPCLOCK - ok
15:24:02.0567 2736 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:24:02.0567 2736 MSPQM - ok
15:24:02.0582 2736 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:24:02.0582 2736 MsRPC - ok
15:24:02.0598 2736 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:24:02.0598 2736 mssmbios - ok
15:24:02.0613 2736 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:24:02.0613 2736 MSTEE - ok
15:24:02.0629 2736 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:02.0629 2736 MTConfig - ok
15:24:02.0645 2736 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:24:02.0645 2736 Mup - ok
15:24:02.0707 2736 [ E14ACF696EA9F7A9C2F4938E23B78854 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:24:02.0707 2736 MyWiFiDHCPDNS - ok
15:24:02.0754 2736 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:24:02.0769 2736 napagent - ok
15:24:02.0816 2736 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:24:02.0832 2736 NativeWifiP - ok
15:24:02.0894 2736 [ 3723262737D90F58059CEDA7373B0387 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:24:02.0910 2736 NDIS - ok
15:24:02.0941 2736 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:02.0941 2736 NdisCap - ok
15:24:02.0957 2736 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:02.0957 2736 NdisTapi - ok
15:24:02.0988 2736 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:02.0988 2736 Ndisuio - ok
15:24:03.0019 2736 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:03.0019 2736 NdisWan - ok
15:24:03.0050 2736 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:24:03.0050 2736 NDProxy - ok
15:24:03.0066 2736 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:24:03.0066 2736 NetBIOS - ok
15:24:03.0081 2736 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:24:03.0081 2736 NetBT - ok
15:24:03.0097 2736 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:24:03.0097 2736 Netlogon - ok
15:24:03.0159 2736 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:24:03.0175 2736 Netman - ok
15:24:03.0222 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:24:03.0222 2736 NetMsmqActivator - ok
15:24:03.0237 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:24:03.0237 2736 NetPipeActivator - ok
15:24:03.0269 2736 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:24:03.0269 2736 netprofm - ok
15:24:03.0269 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:24:03.0269 2736 NetTcpActivator - ok
15:24:03.0284 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:24:03.0284 2736 NetTcpPortSharing - ok
15:24:03.0471 2736 [ 9C23121705590D54DB8A8C6033C782D9 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
15:24:03.0627 2736 NETwNs32 - ok
15:24:03.0643 2736 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:24:03.0643 2736 nfrd960 - ok
15:24:03.0674 2736 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:24:03.0690 2736 NlaSvc - ok
15:24:03.0721 2736 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
15:24:03.0721 2736 nmwcd - ok
15:24:03.0768 2736 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
15:24:03.0768 2736 nmwcdc - ok
15:24:03.0783 2736 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:24:03.0783 2736 Npfs - ok
15:24:03.0815 2736 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:24:03.0830 2736 nsi - ok
15:24:03.0846 2736 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:24:03.0846 2736 nsiproxy - ok
15:24:03.0893 2736 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:24:03.0908 2736 Ntfs - ok
15:24:03.0924 2736 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:24:03.0924 2736 Null - ok
15:24:03.0955 2736 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:24:03.0955 2736 nvraid - ok
15:24:03.0986 2736 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:24:03.0986 2736 nvstor - ok
15:24:04.0017 2736 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:24:04.0017 2736 nv_agp - ok
15:24:04.0049 2736 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:24:04.0064 2736 ohci1394 - ok
15:24:04.0111 2736 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:24:04.0127 2736 ose - ok
15:24:04.0314 2736 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:24:04.0345 2736 osppsvc - ok
15:24:04.0376 2736 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:24:04.0392 2736 p2pimsvc - ok
15:24:04.0423 2736 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:24:04.0423 2736 p2psvc - ok
15:24:04.0454 2736 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:24:04.0454 2736 Parport - ok
15:24:04.0485 2736 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:24:04.0485 2736 partmgr - ok
15:24:04.0501 2736 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:24:04.0501 2736 Parvdm - ok
15:24:04.0517 2736 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:24:04.0532 2736 PcaSvc - ok
15:24:04.0610 2736 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:24:04.0610 2736 pccsmcfd - ok
15:24:04.0657 2736 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:24:04.0657 2736 pci - ok
15:24:04.0688 2736 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:24:04.0688 2736 pciide - ok
15:24:04.0751 2736 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:24:04.0751 2736 pcmcia - ok
15:24:04.0782 2736 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:24:04.0782 2736 pcw - ok
15:24:04.0813 2736 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:24:04.0813 2736 PEAUTH - ok
15:24:04.0860 2736 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:24:04.0875 2736 PeerDistSvc - ok
15:24:04.0953 2736 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:24:05.0016 2736 pla - ok
15:24:05.0063 2736 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:24:05.0078 2736 PlugPlay - ok
15:24:05.0094 2736 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:24:05.0109 2736 PNRPAutoReg - ok
15:24:05.0125 2736 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:24:05.0141 2736 PNRPsvc - ok
15:24:05.0172 2736 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
15:24:05.0172 2736 Point32 - ok
15:24:05.0219 2736 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:24:05.0219 2736 PolicyAgent - ok
15:24:05.0250 2736 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:24:05.0265 2736 Power - ok
15:24:05.0281 2736 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:24:05.0281 2736 PptpMiniport - ok
15:24:05.0297 2736 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:24:05.0297 2736 Processor - ok
15:24:05.0328 2736 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
15:24:05.0343 2736 ProfSvc - ok
15:24:05.0359 2736 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:24:05.0359 2736 ProtectedStorage - ok
15:24:05.0375 2736 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:24:05.0390 2736 Psched - ok
15:24:05.0421 2736 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:24:05.0453 2736 ql2300 - ok
15:24:05.0484 2736 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:24:05.0484 2736 ql40xx - ok
15:24:05.0499 2736 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:24:05.0515 2736 QWAVE - ok
15:24:05.0515 2736 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:24:05.0515 2736 QWAVEdrv - ok
15:24:05.0531 2736 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:24:05.0531 2736 RasAcd - ok
15:24:05.0562 2736 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:24:05.0562 2736 RasAgileVpn - ok
15:24:05.0577 2736 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:24:05.0593 2736 RasAuto - ok
15:24:05.0609 2736 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:05.0609 2736 Rasl2tp - ok
15:24:05.0655 2736 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:24:05.0671 2736 RasMan - ok
15:24:05.0687 2736 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:05.0687 2736 RasPppoe - ok
15:24:05.0718 2736 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:24:05.0718 2736 RasSstp - ok
15:24:05.0733 2736 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:24:05.0733 2736 rdbss - ok
15:24:05.0749 2736 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:24:05.0765 2736 rdpbus - ok
15:24:05.0796 2736 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:05.0796 2736 RDPCDD - ok
15:24:05.0827 2736 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:24:05.0827 2736 RDPDR - ok
15:24:05.0858 2736 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:24:05.0858 2736 RDPENCDD - ok
15:24:05.0889 2736 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:24:05.0905 2736 RDPREFMP - ok
15:24:05.0983 2736 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:24:05.0983 2736 RdpVideoMiniport - ok
15:24:06.0014 2736 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:24:06.0014 2736 RDPWD - ok
15:24:06.0061 2736 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:24:06.0061 2736 rdyboost - ok
15:24:06.0170 2736 [ 7031A7D5C3B773BFA14EA5956A18942A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:24:06.0186 2736 RegSrvc - ok
15:24:06.0233 2736 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:24:06.0248 2736 RemoteAccess - ok
15:24:06.0295 2736 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:24:06.0295 2736 RemoteRegistry - ok
15:24:06.0311 2736 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:24:06.0311 2736 RFCOMM - ok
15:24:06.0326 2736 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:24:06.0342 2736 RpcEptMapper - ok
15:24:06.0357 2736 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:24:06.0373 2736 RpcLocator - ok
15:24:06.0389 2736 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:24:06.0389 2736 RpcSs - ok
15:24:06.0420 2736 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:24:06.0420 2736 rspndr - ok
15:24:06.0467 2736 [ 87FBE0AA5B7DFD003D4BC6B625A2B180 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
15:24:06.0482 2736 RTL2832UBDA - ok
15:24:06.0607 2736 [ 1E4462CEA673A4F58A2ADABB19344B93 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
15:24:06.0607 2736 RTL2832UUSB - ok
15:24:06.0669 2736 [ 636F046EFD77B22F7C95716895D172E2 ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
15:24:06.0669 2736 RTL2832U_IRHID - ok
15:24:06.0747 2736 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:24:06.0763 2736 s3cap - ok
15:24:06.0779 2736 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:24:06.0779 2736 SamSs - ok
15:24:06.0872 2736 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:24:06.0872 2736 SASDIFSV - ok
15:24:06.0919 2736 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:24:06.0919 2736 SASKUTIL - ok
15:24:06.0950 2736 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:24:06.0966 2736 sbp2port - ok
15:24:06.0997 2736 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:24:07.0013 2736 SCardSvr - ok
15:24:07.0044 2736 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
15:24:07.0059 2736 SCDEmu - ok
15:24:07.0075 2736 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:24:07.0075 2736 scfilter - ok
15:24:07.0137 2736 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:24:07.0153 2736 Schedule - ok
15:24:07.0169 2736 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:24:07.0169 2736 SCPolicySvc - ok
15:24:07.0215 2736 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:24:07.0215 2736 SDRSVC - ok
15:24:07.0247 2736 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:24:07.0262 2736 secdrv - ok
15:24:07.0278 2736 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:24:07.0278 2736 seclogon - ok
15:24:07.0309 2736 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:24:07.0309 2736 SENS - ok
15:24:07.0325 2736 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:24:07.0325 2736 SensrSvc - ok
15:24:07.0340 2736 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:24:07.0340 2736 Serenum - ok
15:24:07.0371 2736 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:24:07.0371 2736 Serial - ok
15:24:07.0387 2736 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:24:07.0387 2736 sermouse - ok
15:24:07.0449 2736 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:24:07.0481 2736 ServiceLayer - ok
15:24:07.0543 2736 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:24:07.0543 2736 SessionEnv - ok
15:24:07.0559 2736 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:24:07.0559 2736 sffdisk - ok
15:24:07.0574 2736 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:24:07.0590 2736 sffp_mmc - ok
15:24:07.0605 2736 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:24:07.0605 2736 sffp_sd - ok
15:24:07.0621 2736 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:07.0637 2736 sfloppy - ok
15:24:07.0683 2736 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:24:07.0683 2736 SharedAccess - ok
15:24:07.0746 2736 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:24:07.0761 2736 ShellHWDetection - ok
15:24:07.0777 2736 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:24:07.0777 2736 sisagp - ok
15:24:07.0808 2736 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:07.0808 2736 SiSRaid2 - ok
15:24:07.0824 2736 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:07.0824 2736 SiSRaid4 - ok
15:24:07.0855 2736 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:24:07.0855 2736 Smb - ok
15:24:07.0917 2736 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:24:07.0933 2736 SNMPTRAP - ok
15:24:07.0949 2736 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:24:07.0964 2736 spldr - ok
15:24:07.0995 2736 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
15:24:08.0011 2736 Spooler - ok
15:24:08.0120 2736 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:24:08.0151 2736 sppsvc - ok
15:24:08.0183 2736 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:24:08.0183 2736 sppuinotify - ok
15:24:08.0229 2736 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:24:08.0229 2736 srv - ok
15:24:08.0245 2736 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:24:08.0245 2736 srv2 - ok
15:24:08.0292 2736 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:24:08.0292 2736 srvnet - ok
15:24:08.0339 2736 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:24:08.0339 2736 SSDPSRV - ok
15:24:08.0370 2736 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:24:08.0370 2736 SstpSvc - ok
15:24:08.0385 2736 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:24:08.0401 2736 stexstor - ok
15:24:08.0448 2736 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:24:08.0463 2736 StiSvc - ok
15:24:08.0495 2736 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:24:08.0495 2736 storflt - ok
15:24:08.0526 2736 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:24:08.0526 2736 storvsc - ok
15:24:08.0573 2736 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:24:08.0573 2736 swenum - ok
15:24:08.0697 2736 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:24:08.0713 2736 SwitchBoard - ok
15:24:08.0744 2736 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:24:08.0775 2736 swprv - ok
15:24:08.0791 2736 Synth3dVsc - ok
15:24:08.0869 2736 [ 4DB524DCD5CECE0349D9F8C3738DA0B2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:24:08.0916 2736 SynTP - ok
15:24:08.0994 2736 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:24:09.0025 2736 SysMain - ok
15:24:09.0041 2736 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:24:09.0056 2736 TabletInputService - ok
15:24:09.0087 2736 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:24:09.0103 2736 TapiSrv - ok
15:24:09.0134 2736 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:24:09.0134 2736 TBS - ok
15:24:09.0165 2736 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:24:09.0181 2736 Tcpip - ok
15:24:09.0212 2736 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:24:09.0228 2736 TCPIP6 - ok
15:24:09.0275 2736 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:24:09.0275 2736 tcpipreg - ok
15:24:09.0306 2736 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:24:09.0306 2736 TDPIPE - ok
15:24:09.0321 2736 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:24:09.0321 2736 TDTCP - ok
15:24:09.0353 2736 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:24:09.0353 2736 tdx - ok
15:24:09.0368 2736 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:24:09.0368 2736 TermDD - ok
15:24:09.0415 2736 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:24:09.0431 2736 TermService - ok
15:24:09.0462 2736 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:24:09.0462 2736 Themes - ok
15:24:09.0493 2736 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:24:09.0493 2736 THREADORDER - ok
15:24:09.0509 2736 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:24:09.0524 2736 TrkWks - ok
15:24:09.0587 2736 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:09.0587 2736 TrustedInstaller - ok
15:24:09.0618 2736 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:09.0633 2736 tssecsrv - ok
15:24:09.0649 2736 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:24:09.0649 2736 TsUsbFlt - ok
15:24:09.0665 2736 tsusbhub - ok
15:24:09.0696 2736 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:24:09.0696 2736 tunnel - ok
15:24:09.0727 2736 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:24:09.0727 2736 uagp35 - ok
15:24:09.0758 2736 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:24:09.0758 2736 udfs - ok
15:24:09.0805 2736 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:24:09.0805 2736 UI0Detect - ok
15:24:09.0852 2736 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:24:09.0867 2736 uliagpkx - ok
15:24:09.0914 2736 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:24:09.0914 2736 umbus - ok
15:24:09.0945 2736 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:24:09.0945 2736 UmPass - ok
15:24:09.0977 2736 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:24:09.0992 2736 UmRdpService - ok
15:24:10.0086 2736 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:24:10.0101 2736 UNS - ok
15:24:10.0164 2736 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:24:10.0179 2736 upnphost - ok
15:24:10.0242 2736 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
15:24:10.0242 2736 upperdev - ok
15:24:10.0273 2736 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:10.0273 2736 usbccgp - ok
15:24:10.0320 2736 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:24:10.0320 2736 usbcir - ok
15:24:10.0367 2736 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:24:10.0367 2736 usbehci - ok
15:24:10.0382 2736 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:24:10.0382 2736 usbhub - ok
15:24:10.0413 2736 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:24:10.0413 2736 usbohci - ok
15:24:10.0460 2736 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:24:10.0460 2736 usbprint - ok
15:24:10.0523 2736 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
15:24:10.0523 2736 usbser - ok
15:24:10.0554 2736 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
15:24:10.0554 2736 UsbserFilt - ok
15:24:10.0601 2736 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:10.0601 2736 USBSTOR - ok
15:24:10.0616 2736 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:24:10.0632 2736 usbuhci - ok
15:24:10.0679 2736 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:24:10.0679 2736 usbvideo - ok
15:24:10.0710 2736 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:24:10.0725 2736 UxSms - ok
15:24:10.0741 2736 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:24:10.0741 2736 VaultSvc - ok
15:24:10.0772 2736 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:24:10.0772 2736 vdrvroot - ok
15:24:10.0819 2736 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:24:10.0835 2736 vds - ok
15:24:10.0866 2736 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:10.0881 2736 vga - ok
15:24:10.0897 2736 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:24:10.0897 2736 VgaSave - ok
15:24:10.0913 2736 VGPU - ok
15:24:10.0959 2736 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:24:10.0959 2736 vhdmp - ok
15:24:10.0975 2736 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:24:10.0991 2736 viaagp - ok
15:24:11.0006 2736 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:24:11.0006 2736 ViaC7 - ok
15:24:11.0022 2736 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:24:11.0022 2736 viaide - ok
15:24:11.0053 2736 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:24:11.0053 2736 vmbus - ok
15:24:11.0069 2736 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:24:11.0069 2736 VMBusHID - ok
15:24:11.0115 2736 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:24:11.0115 2736 volmgr - ok
15:24:11.0147 2736 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:24:11.0162 2736 volmgrx - ok
15:24:11.0193 2736 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:24:11.0193 2736 volsnap - ok
15:24:11.0256 2736 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:11.0256 2736 vsmraid - ok
15:24:11.0334 2736 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:24:11.0365 2736 VSS - ok
15:24:11.0381 2736 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:11.0381 2736 vwifibus - ok
15:24:11.0396 2736 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:11.0396 2736 vwififlt - ok
15:24:11.0443 2736 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:24:11.0443 2736 vwifimp - ok
15:24:11.0474 2736 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:24:11.0474 2736 W32Time - ok
15:24:11.0505 2736 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:24:11.0505 2736 WacomPen - ok
15:24:11.0537 2736 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:24:11.0537 2736 WANARP - ok
15:24:11.0552 2736 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:24:11.0552 2736 Wanarpv6 - ok
15:24:11.0630 2736 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:11.0677 2736 WatAdminSvc - ok
15:24:11.0739 2736 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:24:11.0786 2736 wbengine - ok
15:24:11.0817 2736 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:24:11.0833 2736 WbioSrvc - ok
15:24:11.0880 2736 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:24:11.0895 2736 wcncsvc - ok
15:24:11.0942 2736 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:11.0942 2736 WcsPlugInService - ok
15:24:11.0973 2736 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:24:11.0989 2736 Wd - ok
15:24:12.0005 2736 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:24:12.0020 2736 Wdf01000 - ok
15:24:12.0036 2736 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:24:12.0036 2736 WdiServiceHost - ok
15:24:12.0051 2736 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:24:12.0051 2736 WdiSystemHost - ok
15:24:12.0098 2736 [ 934226690E2DD78944EA8BAA926E2CDB ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
15:24:12.0098 2736 wdkmd - ok
15:24:12.0114 2736 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:24:12.0129 2736 WebClient - ok
15:24:12.0145 2736 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:24:12.0161 2736 Wecsvc - ok
15:24:12.0176 2736 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:24:12.0176 2736 wercplsupport - ok
15:24:12.0207 2736 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:24:12.0207 2736 WerSvc - ok
15:24:12.0223 2736 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:12.0223 2736 WfpLwf - ok
15:24:12.0301 2736 [ 48DA5C20C761725938BAC8E6A7723F67 ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
15:24:12.0317 2736 WiMAXAppSrv - ok
15:24:12.0348 2736 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:24:12.0363 2736 WimFltr - ok
15:24:12.0363 2736 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:24:12.0379 2736 WIMMount - ok
15:24:12.0426 2736 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:24:12.0426 2736 WinDefend - ok
15:24:12.0457 2736 WinHttpAutoProxySvc - ok
15:24:12.0535 2736 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:24:12.0535 2736 Winmgmt - ok
15:24:12.0629 2736 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:24:12.0644 2736 WinRM - ok
15:24:12.0722 2736 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:24:12.0722 2736 WinUsb - ok
15:24:12.0769 2736 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:24:12.0800 2736 Wlansvc - ok
15:24:12.0831 2736 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:24:12.0831 2736 WmiAcpi - ok
15:24:12.0863 2736 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:24:12.0863 2736 wmiApSrv - ok
15:24:12.0956 2736 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:24:12.0987 2736 WMPNetworkSvc - ok
15:24:13.0081 2736 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
15:24:13.0097 2736 WMZuneComm - ok
15:24:13.0128 2736 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:24:13.0128 2736 WPCSvc - ok
15:24:13.0159 2736 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:24:13.0159 2736 WPDBusEnum - ok
15:24:13.0190 2736 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:24:13.0190 2736 ws2ifsl - ok
15:24:13.0206 2736 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:24:13.0221 2736 wscsvc - ok
15:24:13.0221 2736 WSearch - ok
15:24:13.0315 2736 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
15:24:13.0331 2736 wuauserv - ok
15:24:13.0377 2736 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:24:13.0377 2736 WudfPf - ok
15:24:13.0393 2736 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:13.0393 2736 WUDFRd - ok
15:24:13.0409 2736 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:24:13.0424 2736 wudfsvc - ok
15:24:13.0440 2736 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:24:13.0455 2736 WwanSvc - ok
15:24:13.0643 2736 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
15:24:13.0783 2736 ZuneNetworkSvc - ok
15:24:13.0845 2736 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
15:24:13.0861 2736 ZuneWlanCfgSvc - ok
15:24:13.0908 2736 ================ Scan global ===============================
15:24:13.0970 2736 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:24:14.0001 2736 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:24:14.0017 2736 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:24:14.0048 2736 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:24:14.0079 2736 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:24:14.0095 2736 [Global] - ok
15:24:14.0095 2736 ================ Scan MBR ==================================
15:24:14.0111 2736 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:24:14.0563 2736 \Device\Harddisk0\DR0 - ok
15:24:14.0563 2736 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
15:24:14.0719 2736 \Device\Harddisk1\DR1 - ok
15:24:14.0719 2736 ================ Scan VBR ==================================
15:24:14.0735 2736 [ B135076B2B6E442406C5DE9EF96387BA ] \Device\Harddisk0\DR0\Partition1
15:24:14.0735 2736 \Device\Harddisk0\DR0\Partition1 - ok
15:24:14.0750 2736 [ F6837807A4EC3387C86AE23AA78BAFD6 ] \Device\Harddisk0\DR0\Partition2
15:24:14.0750 2736 \Device\Harddisk0\DR0\Partition2 - ok
15:24:14.0750 2736 [ 7988B2CABEA0B2736A1F9F5D1D32FD6A ] \Device\Harddisk0\DR0\Partition3
15:24:14.0750 2736 \Device\Harddisk0\DR0\Partition3 - ok
15:24:14.0766 2736 [ 597621DBBF8382AE44FF48396DD7046F ] \Device\Harddisk1\DR1\Partition1
15:24:14.0766 2736 \Device\Harddisk1\DR1\Partition1 - ok
15:24:14.0766 2736 ============================================================
15:24:14.0766 2736 Scan finished
15:24:14.0766 2736 ============================================================
15:24:14.0781 4576 Detected object count: 0
15:24:14.0781 4576 Actual detected object count: 0
15:24:32.0378 2108 Deinitialize success

#10 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 10:41 AM

ADWCleaneer
LOG:
# AdwCleaner v2.007 - Logfile created 11/15/2012 at 15:26:33
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : ***
# Boot Mode : Normal
# Running from : C:\Users\***\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\***\AppData\Local\APN
Folder Deleted : C:\Users\***\AppData\Local\Conduit
Folder Deleted : C:\Users\***\AppData\Local\TempDir
Folder Deleted : C:\Users\***\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\***\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\***\AppData\Roaming\Babylon
Folder Deleted : C:\Users\***\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

-\\ Google Chrome v17.0.963.56

File : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.13] : homepage = "hxxp://search.babylon.com/?affID=112555&tt=010712_6&babsrc=HP_ss&mntrId=20852e32000000000000ac72891e15bd",
Deleted [l.2005] : homepage = "hxxp://search.babylon.com/?affID=112555&tt=010712_6&babsrc=HP_ss&mntrId=20852e32000000000000ac72891e15bd",

*************************

AdwCleaner[S1].txt - [2212 octets] - [15/11/2012 15:26:33]

########## EOF - C:\AdwCleaner[S1].txt - [2272 octets] ##########
END OF LOG

Then I ran RKill again and the log is two posts above.

Now I started the computer once again, and the Windows logo is still hanging rather long. After that I get a black screen, and then log in screen - still no administrator picture. It again takes a rather a long time fot it to move past the welcome screen, approx. 2 minutes. Then I get a hanging black screen, approx. 4 minutes. Now for the first time, instead of the warning that my Windows is not genuine (edit me if I should not post that. I get that problably due to the restore points that I returned to while trying to deal with this, I guess.) I get a Malwarebytes Anti_Malware warning box
shell_notification Failed to perform desired action. Error code: 0
I clicked OK, then again there was just black screen. After that I tried pressing CTRL+ALT+DEL, but I got a warning:
Failure to Display Security & Shut Down Options
The logon process was unable to display security and logon options when Ctrl-Alt-Delete was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch.

When I clicked OK I got to my regular desktop, but again extremely slow.
What next? :(

#11 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 10:49 AM

OK, another update. It is getting worse. I got a blue screen again. This time it said something like if you are installing new hardware... Then there was a whole page of data and in the end it said:
collecting data for crash dump
initializing disk for crash dump
I didn't have time to get it more, since my laptop instantly shut down and again booted giving me F8 options, safe mode, normal mode...

#12 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 01:11 PM

UPDATE:

When I turned on my computer, it was again slow and I followed the instructions given by dev00790 as I did not know what else to do.
I ran TDSSKiller again and checked the loaded modules, and did a reboot, as I was asked to do so.
After the computer booted, a flash of system command appeared, and then the box with initialization process of TDSSKiller appeared, it finished. Then I clicked to close a Malware reminder that it is 45 days outdated, and then everything freezed, I shouldn't have done that. Then I pressed CTRL+ALT+DEL to close the window for notifications and again I got:
Failure to Display Security & Shut Down Options
The logon process was unable to display security and logon options when Ctrl-Alt-Delete was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch.
I clicked OK and waited for the Blue Screen. It appeared and I started Windows again. However, there was again a black screen and a Malwarebytes Anti_Malware warning box shell_notification Failed to perform desired action. Error code: 0 and a hanging black screen. I switched off the computer forcefully. I am going in circles.
After another boot up, the TDSSKiller appeared and I was finally able to check Loaded modules, Verify file digital signatures, Detect TDLFS file system and start the scan.
The scan detected 4 threats:
Unsigned file: DMAgent, Suspicious object, medium risk
Unsigned file: SCDEmu, Suspicious object, medium risk
Unsigned file: SwitchBoard, Suspicious object, medium risk
Unsigned file: WiMAXAppSrv, Suspicious object, medium risk

There is no Cure option, so I chose Skip.
I will post all the logs later.

#13 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 15 November 2012 - 01:48 PM

During the Security check I got the message that the Disk Defragmenter Module has stopped working. A problem caused the application to stop working correctly. Windows will notify you if a solution is available. Than it said in the command prompt that the results have been copied to checkup.txt and the .txt opened. As I will probably not be able to have access to another computer anymore, I will post the logs tomorrow.

#14 dev00790

dev00790

    Bleeping chocoholic


  • Members
  • 4,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:19 AM

Posted 15 November 2012 - 03:12 PM

Hi I'll be working on this topic with you.

Please hold fire on posting anymore logs unless requested -> there's a lot of infomation and it takes time to review & decide on the next steps to give you.

:step1:

We need to run the SFC /SCANNOW Command

The sfc /scannow command (System File Checker) scans the integrity of all protected Windows system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible.

Note: Be aware that if you have modified your system files as in theming explorer/system files, running sfc /scannow will revert the system files such as explorer.exe back to it's default state.

Note: Make the appropriate backups of your system files that you have modified for theming if you wish to save them before running sfc /scannow.

  • Click the Windows "Orb" button.
  • Type cmd.
  • Right click on the search result cmd.exe and click Run as Administrator.
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    sfc /scannow
  • Press Enter to run the command.
    Note: This may take a while to finish.
  • If SFC could not fix something, then run the command again to see if it may be able to the next time. Sometimes it may take running the sfc /scannow command 3 or more times to completely fix everything that it's able to.

Retrieving SFC /scannow log

  • Click the Windows "Orb" button.
  • Type cmd.
  • Right click on the search result cmd.exe and click Run as Administrator.
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Press Enter to run the command.
  • A text file sfcdetails.txt should appear on your desktop. Post the content of the file in your next reply.


:step2:

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the <ENTER> key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.


:step3:

How is the computer running now?
Do you still experience any of the earlier mentioned problems? - If yes which ones?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 marija_peg

marija_peg
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:19 AM

Posted 16 November 2012 - 07:08 AM

I connected to the internet as to do the Farbar Service scanner properly (this was before your post), however my connection was extremely slow, I didn't manage to get past the homepage. Also Windows Explorer constantly chrashes and I get a hanging black screen. I disconnected the Internet. Also, my Antivirus reported later that it is turned off. I had to forcefully shut the computer down, tried it in safe mode, I got a hanging black screen after the Windows logo, I shut it down again, turned it on again and launched startup repair. As the repair was running, there was a flash of x. command.exe, which appeared in the bottom left corner as if minimized and it quickly disappeared. Repair did nothing, I started Windows again, got a completely black screen as the laptop was turned off (there was no light whatsoever). Finally it got to the log on screen, the welcome screen hanging for 7 and more minutes, then black screen. My computer kept getting slower, until it stopped responding. Later I got a notification that Avast is disabled, but after a while ago it was again enabled. Then I started the SFC SCAN, it got to Verification 29% and it said: Windows Resource Protection could not perform the requested operation. Then it stopped, I did it all over again, and it again got to 29% with the same message.
What I also noticed was that my whole desktop flashed a few times, as if it was refreshed or something.

When I turned it on again today, it was again very slow and as I only wanted to type cmd in the search box, that took forever and eventually I got again the blue screen, i managed to read more, it said: driver irql not less or equal and it shut down.

Again, the same thing, I turned it on normally and after trying to get to cmd I just got a black screen. I pressed CTRL+ALT+DEL and again the notification: Failure to Display Security & Shut Down Options.
(Also, in my processes list the process dwm.exe takes 38.964 K, after it goes explorer.exe with 13000K and then iFrmewrk.exe with 10000K.)
I will do the SFC command once more.

Edited by marija_peg, 16 November 2012 - 07:09 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users