Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

how to get rid of searchonme


  • This topic is locked This topic is locked
12 replies to this topic

#1 addiosamigo

addiosamigo

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:46 AM

Posted 07 October 2012 - 03:27 PM

Hi, this is my first post but I hope someone can help!

Searchonme, is this a virus or malware? I was having problems with Google Chrome and Internet explorer whereby when clicking on Chrome or IE it would not load, after trying to load Chrome about 5 or 6 times it will eventually load but nothing works, the page I navigate to just freezes an then I get a dialog saying "page unresponsive". I tried uninstalling Chrome and reinstalling, deleting my profile but it still would not load. searching registry entries for searchonme brings up results and I delete them but it just comes back. I've ran Virus and Malware scans but it finds nothing.

I used system restore to restore to an earlier date and this seems to have worked but searchonme still appears, I really would love to get rid of this, and get it back to normal, without having to reinstall windows.

if you require me to do anything just let me know, I would be very grateful for all the help I can get!

BC AdBot (Login to Remove)

 


#2 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 08 October 2012 - 03:37 AM

Hi addiosamigo

I will be handling your log to help you get cleaned up. Please give me some time to create a fix and I will get back to you as soon as possible.

White Warrior

Edited by White Warrior, 08 October 2012 - 10:22 AM.


#3 addiosamigo

addiosamigo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 08 October 2012 - 08:18 AM

I haven't created any logs, what is it you need me to create? I will gladly do this!

edit: sorry I will create them asap, and thanks for your help

edit 2: log attached

Attached Files


Edited by addiosamigo, 08 October 2012 - 11:44 AM.


#4 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 10 October 2012 - 02:38 AM

Hi addiosamigo.

Please copy and paste your logs into this topic. Do not attach them unless I ask you to.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
Download Security Check by screen317 from here.
  • Save it to your desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Post the TDSSKiller log the AdwCleaner log and the Security Check log back here.

White Warrior.

#5 addiosamigo

addiosamigo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:46 AM

Posted 10 October 2012 - 12:28 PM

ok, TDSSKiller log:

17:32:07.0629 6104 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:32:07.0789 6104 ============================================================
17:32:07.0789 6104 Current date / time: 2012/10/10 17:32:07.0789
17:32:07.0790 6104 SystemInfo:
17:32:07.0790 6104
17:32:07.0790 6104 OS Version: 6.1.7601 ServicePack: 1.0
17:32:07.0790 6104 Product type: Workstation
17:32:07.0790 6104 ComputerName: ADDI-PC
17:32:07.0790 6104 UserName: Addi
17:32:07.0790 6104 Windows directory: C:\windows
17:32:07.0790 6104 System windows directory: C:\windows
17:32:07.0790 6104 Running under WOW64
17:32:07.0790 6104 Processor architecture: Intel x64
17:32:07.0790 6104 Number of processors: 4
17:32:07.0790 6104 Page size: 0x1000
17:32:07.0790 6104 Boot type: Normal boot
17:32:07.0790 6104 ============================================================
17:32:09.0179 6104 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:32:09.0194 6104 Drive \Device\Harddisk1\DR1 - Size: 0x1DD936000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CA5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
17:32:09.0203 6104 ============================================================
17:32:09.0203 6104 \Device\Harddisk0\DR0:
17:32:09.0203 6104 MBR partitions:
17:32:09.0203 6104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:32:09.0203 6104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714A7800
17:32:09.0203 6104 \Device\Harddisk1\DR1:
17:32:09.0204 6104 MBR partitions:
17:32:09.0204 6104 ============================================================
17:32:09.0219 6104 C: <-> \Device\Harddisk0\DR0\Partition2
17:32:09.0219 6104 ============================================================
17:32:09.0220 6104 Initialize success
17:32:09.0220 6104 ============================================================
17:33:14.0606 1588 ============================================================
17:33:14.0606 1588 Scan started
17:33:14.0606 1588 Mode: Manual;
17:33:14.0606 1588 ============================================================
17:33:29.0930 1588 ================ Scan system memory ========================
17:33:29.0930 1588 System memory - ok
17:33:29.0931 1588 ================ Scan services =============================
17:33:32.0553 1588 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:33:32.0566 1588 1394ohci - ok
17:33:32.0647 1588 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:33:32.0656 1588 ACPI - ok
17:33:32.0769 1588 [ 12C5274CD87449A2A37A607CDB321922 ] acpials C:\windows\system32\DRIVERS\acpials.sys
17:33:32.0783 1588 acpials - ok
17:33:32.0852 1588 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:33:32.0863 1588 AcpiPmi - ok
17:33:33.0135 1588 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:33:36.0673 1588 AdobeARMservice - ok
17:33:36.0929 1588 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:33:36.0949 1588 adp94xx - ok
17:33:37.0120 1588 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:33:37.0130 1588 adpahci - ok
17:33:37.0267 1588 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:33:37.0285 1588 adpu320 - ok
17:33:37.0349 1588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:33:37.0361 1588 AeLookupSvc - ok
17:33:37.0539 1588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:33:37.0569 1588 AFD - ok
17:33:37.0711 1588 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:33:37.0731 1588 agp440 - ok
17:33:37.0829 1588 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:33:37.0836 1588 ALG - ok
17:33:37.0915 1588 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:33:37.0930 1588 aliide - ok
17:33:37.0965 1588 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:33:37.0996 1588 amdide - ok
17:33:38.0390 1588 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:33:38.0392 1588 AmdK8 - ok
17:33:38.0426 1588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:33:38.0443 1588 AmdPPM - ok
17:33:38.0584 1588 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:33:38.0597 1588 amdsata - ok
17:33:38.0741 1588 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:33:38.0753 1588 amdsbs - ok
17:33:38.0832 1588 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:33:38.0848 1588 amdxata - ok
17:33:38.0961 1588 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys
17:33:38.0989 1588 AMPPAL - ok
17:33:39.0174 1588 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
17:33:39.0179 1588 AMPPALP - ok
17:33:39.0687 1588 [ 86DC20FF914596983023E9E4544667EE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:33:39.0763 1588 AMPPALR3 - ok
17:33:39.0923 1588 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:33:39.0938 1588 AppID - ok
17:33:40.0188 1588 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:33:40.0282 1588 AppIDSvc - ok
17:33:40.0420 1588 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:33:40.0430 1588 Appinfo - ok
17:33:41.0259 1588 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:33:41.0299 1588 Apple Mobile Device - ok
17:33:41.0708 1588 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:33:41.0722 1588 arc - ok
17:33:41.0846 1588 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:33:41.0861 1588 arcsas - ok
17:33:43.0979 1588 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:33:44.0267 1588 aspnet_state - ok
17:33:44.0438 1588 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:33:44.0455 1588 AsyncMac - ok
17:33:44.0535 1588 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:33:44.0549 1588 atapi - ok
17:33:44.0856 1588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:33:45.0223 1588 AudioEndpointBuilder - ok
17:33:45.0433 1588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:33:45.0440 1588 AudioSrv - ok
17:33:45.0780 1588 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:33:45.0789 1588 AxInstSV - ok
17:33:45.0998 1588 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:33:46.0020 1588 b06bdrv - ok
17:33:46.0259 1588 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:33:46.0276 1588 b57nd60a - ok
17:33:46.0654 1588 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:33:46.0664 1588 BBSvc - ok
17:33:46.0761 1588 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:33:46.0780 1588 BBUpdate - ok
17:33:46.0866 1588 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:33:46.0892 1588 BDESVC - ok
17:33:47.0065 1588 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:33:47.0105 1588 Beep - ok
17:33:47.0759 1588 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:33:47.0769 1588 BFE - ok
17:33:47.0981 1588 BITCOMET_HELPER_SERVICE - ok
17:33:48.0207 1588 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:33:48.0475 1588 BITS - ok
17:33:48.0574 1588 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:33:48.0585 1588 blbdrive - ok
17:33:48.0967 1588 [ A52EA1D8C2900055323C93DDB252A3DA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:33:49.0029 1588 Bluetooth Device Monitor - ok
17:33:49.0371 1588 [ 091210450CA7CED08F360D9D7FEC5D11 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:33:49.0420 1588 Bluetooth Media Service - ok
17:33:49.0845 1588 [ 392450754E17FF778CBC5B9D20583AD1 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:33:49.0888 1588 Bluetooth OBEX Service - ok
17:33:50.0122 1588 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:33:50.0155 1588 Bonjour Service - ok
17:33:50.0184 1588 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:33:50.0199 1588 bowser - ok
17:33:50.0270 1588 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:33:50.0288 1588 BrFiltLo - ok
17:33:50.0355 1588 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:33:50.0372 1588 BrFiltUp - ok
17:33:50.0405 1588 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:33:50.0417 1588 Browser - ok
17:33:50.0497 1588 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:33:50.0529 1588 Brserid - ok
17:33:50.0547 1588 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:33:50.0560 1588 BrSerWdm - ok
17:33:50.0586 1588 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:33:50.0594 1588 BrUsbMdm - ok
17:33:50.0620 1588 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:33:50.0629 1588 BrUsbSer - ok
17:33:50.0726 1588 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
17:33:50.0733 1588 BthEnum - ok
17:33:50.0758 1588 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:33:50.0785 1588 BTHMODEM - ok
17:33:50.0851 1588 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:33:50.0862 1588 BthPan - ok
17:33:50.0955 1588 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
17:33:50.0968 1588 BTHPORT - ok
17:33:51.0034 1588 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:33:51.0053 1588 bthserv - ok
17:33:51.0153 1588 [ 34C60D1F16D8FE67277DBB9D7E59F89D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:33:51.0167 1588 BTHSSecurityMgr - ok
17:33:51.0183 1588 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
17:33:51.0190 1588 BTHUSB - ok
17:33:51.0252 1588 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
17:33:51.0261 1588 btmaux - ok
17:33:51.0358 1588 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
17:33:51.0373 1588 btmhsf - ok
17:33:51.0416 1588 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:33:51.0429 1588 cdfs - ok
17:33:51.0551 1588 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:33:51.0565 1588 cdrom - ok
17:33:51.0658 1588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:33:51.0675 1588 CertPropSvc - ok
17:33:51.0733 1588 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:33:51.0745 1588 circlass - ok
17:33:51.0809 1588 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:33:51.0816 1588 CLFS - ok
17:33:51.0885 1588 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:33:51.0897 1588 clr_optimization_v2.0.50727_32 - ok
17:33:51.0987 1588 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:33:52.0020 1588 clr_optimization_v2.0.50727_64 - ok
17:33:52.0319 1588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:33:52.0463 1588 clr_optimization_v4.0.30319_32 - ok
17:33:52.0505 1588 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:33:52.0615 1588 clr_optimization_v4.0.30319_64 - ok
17:33:52.0687 1588 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
17:33:52.0693 1588 clwvd - ok
17:33:52.0728 1588 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:33:52.0741 1588 CmBatt - ok
17:33:52.0766 1588 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:33:52.0775 1588 cmdide - ok
17:33:52.0873 1588 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:33:52.0892 1588 CNG - ok
17:33:52.0948 1588 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:33:52.0962 1588 Compbatt - ok
17:33:53.0036 1588 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:33:53.0043 1588 CompositeBus - ok
17:33:53.0071 1588 COMSysApp - ok
17:33:54.0279 1588 [ 474425A857CD259222F649922DB45870 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
17:33:54.0291 1588 cphs - ok
17:33:54.0374 1588 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
17:33:54.0432 1588 cpudrv64 - ok
17:33:54.0470 1588 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:33:54.0495 1588 crcdisk - ok
17:33:54.0612 1588 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:33:54.0668 1588 CryptSvc - ok
17:33:54.0789 1588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:33:54.0805 1588 DcomLaunch - ok
17:33:54.0936 1588 [ 6EBCE114DD13E4D9CBFD520D4F4BBDA4 ] DefragFS C:\windows\system32\drivers\DefragFS.sys
17:33:54.0946 1588 DefragFS - ok
17:33:55.0059 1588 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:33:55.0068 1588 defragsvc - ok
17:33:55.0136 1588 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:33:55.0145 1588 DfsC - ok
17:33:55.0241 1588 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:33:55.0315 1588 Dhcp - ok
17:33:55.0334 1588 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:33:55.0343 1588 discache - ok
17:33:55.0530 1588 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:33:55.0540 1588 Disk - ok
17:33:55.0617 1588 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:33:55.0625 1588 Dnscache - ok
17:33:55.0701 1588 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:33:55.0718 1588 dot3svc - ok
17:33:55.0780 1588 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:33:55.0788 1588 DPS - ok
17:33:55.0865 1588 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:33:55.0881 1588 drmkaud - ok
17:33:56.0006 1588 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:33:56.0066 1588 DXGKrnl - ok
17:33:56.0102 1588 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:33:56.0115 1588 EapHost - ok
17:33:57.0097 1588 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:33:57.0177 1588 ebdrv - ok
17:33:57.0230 1588 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:33:57.0245 1588 EFS - ok
17:33:57.0450 1588 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:33:57.0469 1588 ehRecvr - ok
17:33:57.0547 1588 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:33:57.0559 1588 ehSched - ok
17:33:57.0782 1588 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:33:57.0794 1588 elxstor - ok
17:33:57.0814 1588 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:33:57.0825 1588 ErrDev - ok
17:33:58.0014 1588 [ F9B5EFCE2A856BBA9DA2A28252180036 ] ETD C:\windows\system32\DRIVERS\ETD.sys
17:33:58.0045 1588 ETD - ok
17:33:58.0199 1588 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:33:58.0210 1588 EventSystem - ok
17:33:58.0249 1588 [ D2EAA04AF43154B62FA85B08BAD0A7CA ] excfs C:\windows\system32\DRIVERS\excfs.sys
17:33:58.0250 1588 excfs - ok
17:33:58.0297 1588 [ E6082A6C109238A725D83184724C4A36 ] excsd C:\windows\system32\DRIVERS\excsd.sys
17:33:58.0305 1588 excsd - ok
17:33:58.0377 1588 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:33:58.0393 1588 exfat - ok
17:33:58.0461 1588 [ 68030FF4B7669E15916910885E2E6160 ] ExpressCache C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
17:33:58.0482 1588 ExpressCache - ok
17:33:58.0541 1588 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:33:58.0551 1588 fastfat - ok
17:33:58.0652 1588 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:33:58.0942 1588 Fax - ok
17:33:58.0969 1588 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:33:58.0977 1588 fdc - ok
17:33:59.0065 1588 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:33:59.0088 1588 fdPHost - ok
17:33:59.0125 1588 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:33:59.0134 1588 FDResPub - ok
17:33:59.0193 1588 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:33:59.0203 1588 FileInfo - ok
17:33:59.0242 1588 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:33:59.0259 1588 Filetrace - ok
17:33:59.0279 1588 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:33:59.0280 1588 flpydisk - ok
17:33:59.0376 1588 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:33:59.0389 1588 FltMgr - ok
17:33:59.0526 1588 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:33:59.0839 1588 FontCache - ok
17:33:59.0933 1588 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:33:59.0950 1588 FontCache3.0.0.0 - ok
17:34:00.0006 1588 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:34:00.0031 1588 FsDepends - ok
17:34:00.0091 1588 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:34:00.0101 1588 Fs_Rec - ok
17:34:00.0184 1588 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:34:00.0204 1588 fvevol - ok
17:34:00.0273 1588 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:34:00.0284 1588 gagp30kx - ok
17:34:00.0396 1588 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:34:00.0405 1588 GEARAspiWDM - ok
17:34:00.0524 1588 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:34:00.0599 1588 gpsvc - ok
17:34:00.0640 1588 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:34:00.0643 1588 hcw85cir - ok
17:34:00.0731 1588 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:34:00.0751 1588 HdAudAddService - ok
17:34:00.0793 1588 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:34:00.0801 1588 HDAudBus - ok
17:34:00.0838 1588 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:34:00.0840 1588 HidBatt - ok
17:34:00.0877 1588 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:34:00.0880 1588 HidBth - ok
17:34:00.0902 1588 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:34:00.0904 1588 HidIr - ok
17:34:00.0951 1588 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:34:00.0963 1588 hidserv - ok
17:34:01.0081 1588 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:34:01.0126 1588 HidUsb - ok
17:34:01.0170 1588 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:34:01.0173 1588 hkmsvc - ok
17:34:01.0209 1588 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:34:01.0216 1588 HomeGroupListener - ok
17:34:01.0261 1588 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:34:01.0278 1588 HomeGroupProvider - ok
17:34:01.0344 1588 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:34:01.0362 1588 HpSAMD - ok
17:34:01.0441 1588 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:34:01.0457 1588 HTTP - ok
17:34:01.0541 1588 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:34:01.0542 1588 hwpolicy - ok
17:34:01.0627 1588 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:34:01.0630 1588 i8042prt - ok
17:34:01.0700 1588 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:34:01.0708 1588 iaStor - ok
17:34:01.0839 1588 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:34:01.0848 1588 iaStorV - ok
17:34:01.0909 1588 [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] ibtfltcoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
17:34:01.0923 1588 ibtfltcoex - ok
17:34:02.0092 1588 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:02.0105 1588 idsvc - ok
17:34:04.0476 1588 [ 72A89FFAB63239771DEE03C15AE7CAFD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:34:04.0760 1588 igfx - ok
17:34:04.0828 1588 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:34:04.0837 1588 iirsp - ok
17:34:05.0035 1588 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:34:05.0356 1588 IKEEXT - ok
17:34:05.0407 1588 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
17:34:05.0426 1588 intaud_WaveExtensible - ok
17:34:06.0127 1588 [ 8524178B895E4BC04776B319DA3A70EC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:34:06.0214 1588 IntcAzAudAddService - ok
17:34:06.0331 1588 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:34:06.0340 1588 IntcDAud - ok
17:34:06.0481 1588 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:34:06.0545 1588 Intel® Capability Licensing Service Interface - ok
17:34:06.0635 1588 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
17:34:06.0643 1588 Intel® ME Service - ok
17:34:06.0661 1588 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:34:06.0675 1588 intelide - ok
17:34:06.0742 1588 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:34:06.0743 1588 intelppm - ok
17:34:06.0771 1588 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:34:06.0781 1588 IPBusEnum - ok
17:34:06.0806 1588 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:34:06.0817 1588 IpFilterDriver - ok
17:34:06.0866 1588 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:34:06.0880 1588 iphlpsvc - ok
17:34:06.0911 1588 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:34:06.0924 1588 IPMIDRV - ok
17:34:06.0959 1588 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:34:06.0970 1588 IPNAT - ok
17:34:07.0186 1588 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:34:07.0212 1588 iPod Service - ok
17:34:07.0262 1588 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:34:07.0263 1588 IRENUM - ok
17:34:07.0339 1588 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:34:07.0351 1588 isapnp - ok
17:34:07.0423 1588 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:34:07.0440 1588 iScsiPrt - ok
17:34:07.0491 1588 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
17:34:07.0498 1588 iusb3hcs - ok
17:34:07.0559 1588 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
17:34:07.0573 1588 iusb3hub - ok
17:34:07.0613 1588 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
17:34:07.0633 1588 iusb3xhc - ok
17:34:07.0710 1588 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
17:34:07.0733 1588 iwdbus - ok
17:34:07.0841 1588 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:34:07.0859 1588 jhi_service - ok
17:34:07.0906 1588 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:34:07.0947 1588 kbdclass - ok
17:34:08.0052 1588 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:34:08.0054 1588 kbdhid - ok
17:34:08.0079 1588 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:34:08.0082 1588 KeyIso - ok
17:34:08.0116 1588 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:34:08.0127 1588 KSecDD - ok
17:34:08.0165 1588 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:34:08.0182 1588 KSecPkg - ok
17:34:08.0246 1588 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:34:08.0262 1588 ksthunk - ok
17:34:08.0327 1588 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:34:08.0420 1588 KtmRm - ok
17:34:08.0524 1588 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:34:08.0581 1588 LanmanServer - ok
17:34:08.0665 1588 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:34:08.0732 1588 LanmanWorkstation - ok
17:34:08.0814 1588 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:34:08.0821 1588 lltdio - ok
17:34:08.0870 1588 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:34:08.0953 1588 lltdsvc - ok
17:34:08.0971 1588 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:34:09.0061 1588 lmhosts - ok
17:34:09.0151 1588 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
17:34:09.0165 1588 LMIGuardianSvc - ok
17:34:09.0281 1588 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
17:34:09.0283 1588 LMIInfo - ok
17:34:09.0321 1588 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
17:34:09.0337 1588 LMIMaint - ok
17:34:09.0400 1588 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\windows\system32\DRIVERS\lmimirr.sys
17:34:09.0402 1588 lmimirr - ok
17:34:09.0446 1588 LMIRfsClientNP - ok
17:34:09.0518 1588 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\windows\system32\drivers\LMIRfsDriver.sys
17:34:09.0528 1588 LMIRfsDriver - ok
17:34:09.0702 1588 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:34:09.0706 1588 LMS - ok
17:34:09.0807 1588 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
17:34:09.0825 1588 LogMeIn - ok
17:34:09.0868 1588 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:34:09.0883 1588 LSI_FC - ok
17:34:09.0946 1588 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:34:09.0956 1588 LSI_SAS - ok
17:34:10.0013 1588 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:34:10.0030 1588 LSI_SAS2 - ok
17:34:10.0036 1588 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:34:10.0055 1588 LSI_SCSI - ok
17:34:10.0140 1588 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:34:10.0152 1588 luafv - ok
17:34:10.0188 1588 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:34:10.0298 1588 Mcx2Svc - ok
17:34:10.0371 1588 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:34:10.0389 1588 megasas - ok
17:34:10.0500 1588 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:34:10.0512 1588 MegaSR - ok
17:34:10.0598 1588 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:34:10.0600 1588 MEIx64 - ok
17:34:10.0659 1588 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:34:10.0671 1588 MMCSS - ok
17:34:10.0692 1588 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:34:10.0701 1588 Modem - ok
17:34:10.0754 1588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:34:10.0756 1588 monitor - ok
17:34:10.0813 1588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:34:10.0829 1588 mouclass - ok
17:34:10.0913 1588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:34:10.0915 1588 mouhid - ok
17:34:10.0940 1588 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:34:10.0942 1588 mountmgr - ok
17:34:11.0065 1588 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
17:34:11.0078 1588 MpFilter - ok
17:34:11.0161 1588 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:34:11.0179 1588 mpio - ok
17:34:11.0223 1588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:34:11.0229 1588 mpsdrv - ok
17:34:11.0265 1588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
17:34:11.0285 1588 MpsSvc - ok
17:34:11.0333 1588 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:34:11.0352 1588 MRxDAV - ok
17:34:11.0424 1588 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:34:11.0427 1588 mrxsmb - ok
17:34:11.0536 1588 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:34:11.0544 1588 mrxsmb10 - ok
17:34:11.0568 1588 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:34:11.0573 1588 mrxsmb20 - ok
17:34:11.0611 1588 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:34:11.0613 1588 msahci - ok
17:34:11.0636 1588 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:34:11.0653 1588 msdsm - ok
17:34:11.0677 1588 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:34:11.0764 1588 MSDTC - ok
17:34:11.0823 1588 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:34:11.0829 1588 Msfs - ok
17:34:11.0857 1588 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:34:11.0866 1588 mshidkmdf - ok
17:34:11.0884 1588 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:34:11.0885 1588 msisadrv - ok
17:34:11.0960 1588 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:34:12.0046 1588 MSiSCSI - ok
17:34:12.0052 1588 msiserver - ok
17:34:12.0127 1588 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:34:12.0137 1588 MSKSSRV - ok
17:34:12.0305 1588 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:34:12.0316 1588 MsMpSvc - ok
17:34:12.0338 1588 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:34:12.0352 1588 MSPCLOCK - ok
17:34:12.0379 1588 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:34:12.0389 1588 MSPQM - ok
17:34:12.0425 1588 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:34:12.0438 1588 MsRPC - ok
17:34:12.0505 1588 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:34:12.0506 1588 mssmbios - ok
17:34:12.0553 1588 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:34:12.0568 1588 MSTEE - ok
17:34:12.0591 1588 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:34:12.0595 1588 MTConfig - ok
17:34:12.0631 1588 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:34:12.0650 1588 Mup - ok
17:34:12.0773 1588 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:34:12.0789 1588 napagent - ok
17:34:12.0844 1588 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:34:12.0850 1588 NativeWifiP - ok
17:34:13.0063 1588 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:34:13.0087 1588 NDIS - ok
17:34:13.0173 1588 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:34:13.0181 1588 NdisCap - ok
17:34:13.0217 1588 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:34:13.0223 1588 NdisTapi - ok
17:34:13.0265 1588 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:34:13.0281 1588 Ndisuio - ok
17:34:13.0310 1588 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:34:13.0329 1588 NdisWan - ok
17:34:13.0368 1588 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:34:13.0370 1588 NDProxy - ok
17:34:13.0460 1588 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
17:34:13.0477 1588 Netaapl - ok
17:34:13.0557 1588 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:34:13.0559 1588 NetBIOS - ok
17:34:13.0626 1588 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:34:13.0637 1588 NetBT - ok
17:34:13.0659 1588 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:34:13.0661 1588 Netlogon - ok
17:34:13.0781 1588 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:34:13.0798 1588 Netman - ok
17:34:14.0121 1588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:14.0182 1588 NetMsmqActivator - ok
17:34:14.0224 1588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:14.0227 1588 NetPipeActivator - ok
17:34:14.0282 1588 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:34:14.0311 1588 netprofm - ok
17:34:14.0351 1588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:14.0353 1588 NetTcpActivator - ok
17:34:14.0359 1588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:14.0361 1588 NetTcpPortSharing - ok
17:34:15.0957 1588 [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64 C:\windows\system32\DRIVERS\Netwsw00.sys
17:34:16.0231 1588 NETwNs64 - ok
17:34:16.0302 1588 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:34:16.0304 1588 nfrd960 - ok
17:34:16.0405 1588 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
17:34:16.0431 1588 NisDrv - ok
17:34:16.0590 1588 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:34:16.0614 1588 NisSrv - ok
17:34:16.0854 1588 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:34:16.0888 1588 NlaSvc - ok
17:34:16.0918 1588 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:34:16.0938 1588 Npfs - ok
17:34:16.0991 1588 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:34:17.0048 1588 nsi - ok
17:34:17.0091 1588 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:34:17.0093 1588 nsiproxy - ok
17:34:17.0219 1588 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:34:17.0247 1588 Ntfs - ok
17:34:17.0268 1588 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:34:17.0298 1588 Null - ok
17:34:19.0094 1588 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
17:34:19.0393 1588 nvlddmkm - ok
17:34:19.0469 1588 [ 1891184D09E8C16042E57D5373E4268E ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
17:34:19.0482 1588 nvpciflt - ok
17:34:19.0532 1588 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:34:19.0550 1588 nvraid - ok
17:34:19.0591 1588 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:34:19.0596 1588 nvstor - ok
17:34:19.0908 1588 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\windows\system32\nvvsvc.exe
17:34:19.0938 1588 nvsvc - ok
17:34:20.0101 1588 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:34:20.0128 1588 nvUpdatusService - ok
17:34:20.0186 1588 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:34:20.0202 1588 nv_agp - ok
17:34:20.0234 1588 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:34:20.0237 1588 ohci1394 - ok
17:34:20.0307 1588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:34:20.0330 1588 p2pimsvc - ok
17:34:20.0396 1588 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:34:20.0409 1588 p2psvc - ok
17:34:20.0496 1588 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:34:20.0511 1588 Parport - ok
17:34:20.0601 1588 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:34:20.0621 1588 partmgr - ok
17:34:20.0710 1588 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:34:20.0804 1588 PcaSvc - ok
17:34:20.0861 1588 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:34:20.0872 1588 pci - ok
17:34:20.0913 1588 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:34:20.0923 1588 pciide - ok
17:34:21.0026 1588 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:34:21.0044 1588 pcmcia - ok
17:34:21.0071 1588 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:34:21.0080 1588 pcw - ok
17:34:21.0647 1588 [ A0A29546BF116829140F10DBD9BACAD0 ] PDAgent C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
17:34:21.0675 1588 PDAgent - ok
17:34:22.0190 1588 [ F2F7572275D900E90B69E2DE931B1FB8 ] PDEngine C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
17:34:22.0315 1588 PDEngine - ok
17:34:22.0458 1588 [ F530FAB7B9E4443B58B7A7E8E4EC3557 ] PDFSFilter C:\windows\system32\DRIVERS\PDFsFilter.sys
17:34:22.0499 1588 PDFSFilter - ok
17:34:22.0645 1588 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:34:22.0663 1588 PEAUTH - ok
17:34:23.0470 1588 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:34:23.0486 1588 PerfHost - ok
17:34:23.0875 1588 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:34:23.0910 1588 pla - ok
17:34:24.0046 1588 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:34:24.0064 1588 PlugPlay - ok
17:34:24.0131 1588 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:34:24.0139 1588 PNRPAutoReg - ok
17:34:24.0156 1588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:34:24.0162 1588 PNRPsvc - ok
17:34:24.0262 1588 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:34:24.0366 1588 PolicyAgent - ok
17:34:24.0421 1588 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:34:24.0428 1588 Power - ok
17:34:24.0558 1588 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:34:24.0598 1588 PptpMiniport - ok
17:34:24.0651 1588 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:34:24.0668 1588 Processor - ok
17:34:24.0739 1588 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:34:24.0801 1588 ProfSvc - ok
17:34:24.0818 1588 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:34:24.0820 1588 ProtectedStorage - ok
17:34:24.0885 1588 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:34:24.0901 1588 Psched - ok
17:34:25.0065 1588 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:34:25.0099 1588 ql2300 - ok
17:34:25.0129 1588 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:34:25.0148 1588 ql40xx - ok
17:34:25.0194 1588 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:34:25.0211 1588 QWAVE - ok
17:34:25.0221 1588 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:34:25.0224 1588 QWAVEdrv - ok
17:34:25.0266 1588 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:34:25.0268 1588 RasAcd - ok
17:34:25.0351 1588 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:34:25.0362 1588 RasAgileVpn - ok
17:34:25.0386 1588 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:34:25.0395 1588 RasAuto - ok
17:34:25.0419 1588 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:34:25.0426 1588 Rasl2tp - ok
17:34:25.0460 1588 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:34:25.0495 1588 RasMan - ok
17:34:25.0523 1588 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:34:25.0532 1588 RasPppoe - ok
17:34:25.0591 1588 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:34:25.0599 1588 RasSstp - ok
17:34:25.0622 1588 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:34:25.0629 1588 rdbss - ok
17:34:25.0664 1588 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:34:25.0673 1588 rdpbus - ok
17:34:25.0691 1588 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:34:25.0692 1588 RDPCDD - ok
17:34:25.0733 1588 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:34:25.0734 1588 RDPENCDD - ok
17:34:25.0743 1588 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:34:25.0744 1588 RDPREFMP - ok
17:34:25.0828 1588 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:34:25.0859 1588 RDPWD - ok
17:34:25.0918 1588 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:34:25.0933 1588 rdyboost - ok
17:34:26.0008 1588 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:34:26.0031 1588 RemoteAccess - ok
17:34:26.0072 1588 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:34:26.0103 1588 RemoteRegistry - ok
17:34:26.0195 1588 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:34:26.0212 1588 RFCOMM - ok
17:34:26.0295 1588 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:34:26.0364 1588 RpcEptMapper - ok
17:34:26.0398 1588 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:34:26.0405 1588 RpcLocator - ok
17:34:26.0536 1588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:34:26.0543 1588 RpcSs - ok
17:34:26.0639 1588 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:34:26.0648 1588 rspndr - ok
17:34:26.0792 1588 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:34:26.0810 1588 RTL8167 - ok
17:34:26.0842 1588 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
17:34:26.0849 1588 SABI - ok
17:34:26.0870 1588 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:34:26.0873 1588 SamSs - ok
17:34:27.0004 1588 [ 5E66ABD041D76C46CBF55AEF910FCA56 ] SamsungDeviceConfigurationWinService C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
17:34:27.0011 1588 SamsungDeviceConfigurationWinService - ok
17:34:27.0047 1588 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:34:27.0055 1588 sbp2port - ok
17:34:27.0115 1588 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:34:27.0122 1588 SCardSvr - ok
17:34:27.0151 1588 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:34:27.0156 1588 scfilter - ok
17:34:27.0268 1588 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:34:27.0470 1588 Schedule - ok
17:34:27.0541 1588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:34:27.0543 1588 SCPolicySvc - ok
17:34:27.0631 1588 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:34:27.0645 1588 SDRSVC - ok
17:34:27.0713 1588 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:34:27.0726 1588 secdrv - ok
17:34:27.0750 1588 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:34:27.0764 1588 seclogon - ok
17:34:27.0792 1588 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:34:27.0800 1588 SENS - ok
17:34:27.0823 1588 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:34:27.0870 1588 SensrSvc - ok
17:34:27.0899 1588 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:34:27.0911 1588 Serenum - ok
17:34:27.0967 1588 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:34:27.0989 1588 Serial - ok
17:34:28.0042 1588 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:34:28.0054 1588 sermouse - ok
17:34:28.0120 1588 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:34:28.0135 1588 SessionEnv - ok
17:34:28.0159 1588 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:34:28.0171 1588 sffdisk - ok
17:34:28.0196 1588 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:34:28.0204 1588 sffp_mmc - ok
17:34:28.0232 1588 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:34:28.0249 1588 sffp_sd - ok
17:34:28.0275 1588 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:34:28.0276 1588 sfloppy - ok
17:34:28.0384 1588 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:34:28.0409 1588 SharedAccess - ok
17:34:28.0562 1588 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:34:28.0698 1588 ShellHWDetection - ok
17:34:28.0750 1588 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:34:28.0761 1588 SiSRaid2 - ok
17:34:28.0821 1588 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:34:28.0839 1588 SiSRaid4 - ok
17:34:29.0043 1588 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:34:29.0052 1588 SkypeUpdate - ok
17:34:29.0107 1588 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:34:29.0116 1588 Smb - ok
17:34:29.0194 1588 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:34:29.0205 1588 SNMPTRAP - ok
17:34:29.0251 1588 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:34:29.0267 1588 spldr - ok
17:34:29.0373 1588 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:34:29.0392 1588 Spooler - ok
17:34:29.0964 1588 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:34:30.0115 1588 sppsvc - ok
17:34:30.0148 1588 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:34:30.0161 1588 sppuinotify - ok
17:34:30.0254 1588 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:34:30.0272 1588 srv - ok
17:34:30.0381 1588 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:34:30.0409 1588 srv2 - ok
17:34:30.0471 1588 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:34:30.0491 1588 srvnet - ok
17:34:30.0569 1588 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:34:30.0580 1588 SSDPSRV - ok
17:34:30.0601 1588 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:34:30.0617 1588 SstpSvc - ok
17:34:30.0639 1588 Steam Client Service - ok
17:34:30.0669 1588 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:34:30.0681 1588 stexstor - ok
17:34:30.0755 1588 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:34:30.0768 1588 stisvc - ok
17:34:30.0780 1588 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:34:30.0797 1588 swenum - ok
17:34:30.0893 1588 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:34:30.0904 1588 swprv - ok
17:34:31.0022 1588 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:34:31.0051 1588 SysMain - ok
17:34:31.0079 1588 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:34:31.0090 1588 TabletInputService - ok
17:34:31.0173 1588 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:34:31.0187 1588 TapiSrv - ok
17:34:31.0238 1588 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:34:31.0249 1588 TBS - ok
17:34:31.0598 1588 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:34:31.0629 1588 Tcpip - ok
17:34:31.0737 1588 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:34:31.0756 1588 TCPIP6 - ok
17:34:31.0791 1588 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:34:31.0807 1588 tcpipreg - ok
17:34:31.0852 1588 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:34:31.0862 1588 TDPIPE - ok
17:34:31.0897 1588 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:34:31.0919 1588 TDTCP - ok
17:34:31.0941 1588 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:34:31.0953 1588 tdx - ok
17:34:32.0011 1588 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:34:32.0021 1588 TermDD - ok
17:34:32.0072 1588 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:34:32.0086 1588 TermService - ok
17:34:32.0116 1588 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:34:32.0185 1588 Themes - ok
17:34:32.0223 1588 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:34:32.0225 1588 THREADORDER - ok
17:34:32.0283 1588 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
17:34:32.0299 1588 TPM - ok
17:34:32.0340 1588 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:34:32.0418 1588 TrkWks - ok
17:34:32.0474 1588 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:34:32.0493 1588 TrustedInstaller - ok
17:34:32.0520 1588 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:34:32.0528 1588 tssecsrv - ok
17:34:32.0581 1588 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:34:32.0595 1588 TsUsbFlt - ok
17:34:32.0625 1588 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:34:32.0641 1588 TsUsbGD - ok
17:34:32.0701 1588 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:34:32.0710 1588 tunnel - ok
17:34:32.0737 1588 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:34:32.0754 1588 uagp35 - ok
17:34:32.0779 1588 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:34:32.0798 1588 udfs - ok
17:34:32.0835 1588 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:34:32.0851 1588 UI0Detect - ok
17:34:32.0902 1588 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:34:32.0915 1588 uliagpkx - ok
17:34:32.0957 1588 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:34:32.0969 1588 umbus - ok
17:34:33.0002 1588 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:34:33.0015 1588 UmPass - ok
17:34:33.0164 1588 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:34:33.0176 1588 UNS - ok
17:34:33.0249 1588 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:34:33.0268 1588 upnphost - ok
17:34:33.0371 1588 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:34:33.0382 1588 USBAAPL64 - ok
17:34:33.0419 1588 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:34:33.0426 1588 usbccgp - ok
17:34:33.0476 1588 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:34:33.0520 1588 usbcir - ok
17:34:33.0586 1588 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
17:34:33.0599 1588 usbehci - ok
17:34:33.0679 1588 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:34:33.0696 1588 usbhub - ok
17:34:33.0941 1588 [ F9B3054339A71F16430F6585EBC8BE96 ] USBMULCD C:\windows\system32\drivers\CM10664.sys
17:34:33.0967 1588 USBMULCD - ok
17:34:34.0036 1588 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:34:34.0067 1588 usbohci - ok
17:34:34.0097 1588 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:34:34.0112 1588 usbprint - ok
17:34:34.0139 1588 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:34:34.0148 1588 USBSTOR - ok
17:34:34.0169 1588 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:34:34.0181 1588 usbuhci - ok
17:34:34.0246 1588 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:34:34.0261 1588 usbvideo - ok
17:34:34.0287 1588 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:34:34.0359 1588 UxSms - ok
17:34:34.0390 1588 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:34:34.0393 1588 VaultSvc - ok
17:34:34.0456 1588 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:34:34.0469 1588 vdrvroot - ok
17:34:34.0573 1588 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:34:34.0588 1588 vds - ok
17:34:34.0644 1588 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:34:34.0656 1588 vga - ok
17:34:34.0687 1588 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:34:34.0693 1588 VgaSave - ok
17:34:34.0725 1588 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:34:34.0736 1588 vhdmp - ok
17:34:34.0769 1588 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:34:34.0781 1588 viaide - ok
17:34:34.0803 1588 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:34:34.0814 1588 volmgr - ok
17:34:34.0841 1588 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:34:34.0849 1588 volmgrx - ok
17:34:34.0898 1588 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
17:34:34.0908 1588 volsnap - ok
17:34:34.0996 1588 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:34:35.0023 1588 vsmraid - ok
17:34:35.0157 1588 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:34:35.0187 1588 VSS - ok
17:34:35.0208 1588 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:34:35.0223 1588 vwifibus - ok
17:34:35.0300 1588 [ 13A0DECD1794DE60A8427862C8669D27 ] VWiFiFlt C:\windows\system32\DRIVERS\vwififlt.sys
17:34:35.0311 1588 VWiFiFlt - ok
17:34:35.0398 1588 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
17:34:35.0413 1588 vwifimp - ok
17:34:35.0456 1588 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:34:35.0466 1588 W32Time - ok
17:34:35.0554 1588 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:34:35.0568 1588 WacomPen - ok
17:34:35.0649 1588 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:34:35.0652 1588 WANARP - ok
17:34:35.0681 1588 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:34:35.0683 1588 Wanarpv6 - ok
17:34:35.0844 1588 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:34:35.0880 1588 WatAdminSvc - ok
17:34:36.0130 1588 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:34:36.0154 1588 wbengine - ok
17:34:36.0212 1588 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:34:36.0225 1588 WbioSrvc - ok
17:34:36.0276 1588 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:34:36.0295 1588 wcncsvc - ok
17:34:36.0315 1588 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:34:36.0326 1588 WcsPlugInService - ok
17:34:36.0367 1588 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:34:36.0377 1588 Wd - ok
17:34:36.0476 1588 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:34:36.0502 1588 Wdf01000 - ok
17:34:36.0548 1588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:34:36.0559 1588 WdiServiceHost - ok
17:34:36.0572 1588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:34:36.0575 1588 WdiSystemHost - ok
17:34:36.0639 1588 [ 63CE387483E74A0BD79EE4E5EBA1FD2E ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys
17:34:36.0646 1588 wdkmd - ok
17:34:36.0685 1588 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:34:36.0701 1588 WebClient - ok
17:34:36.0740 1588 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:34:36.0761 1588 Wecsvc - ok
17:34:36.0786 1588 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:34:36.0793 1588 wercplsupport - ok
17:34:36.0858 1588 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:34:36.0867 1588 WerSvc - ok
17:34:36.0928 1588 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:34:36.0939 1588 WfpLwf - ok
17:34:36.0964 1588 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:34:36.0982 1588 WIMMount - ok
17:34:37.0020 1588 WinDefend - ok
17:34:37.0029 1588 WinHttpAutoProxySvc - ok
17:34:37.0095 1588 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:34:37.0180 1588 Winmgmt - ok
17:34:37.0401 1588 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:34:37.0435 1588 WinRM - ok
17:34:37.0567 1588 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:34:37.0583 1588 WinUsb - ok
17:34:37.0730 1588 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:34:37.0747 1588 Wlansvc - ok
17:34:37.0835 1588 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:34:37.0851 1588 wlcrasvc - ok
17:34:38.0093 1588 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:34:38.0138 1588 wlidsvc - ok
17:34:38.0189 1588 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:34:38.0190 1588 WmiAcpi - ok
17:34:38.0262 1588 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:34:38.0277 1588 wmiApSrv - ok
17:34:38.0318 1588 WMPNetworkSvc - ok
17:34:38.0356 1588 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:34:38.0368 1588 WPCSvc - ok
17:34:38.0392 1588 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:34:38.0403 1588 WPDBusEnum - ok
17:34:38.0427 1588 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:34:38.0435 1588 ws2ifsl - ok
17:34:38.0469 1588 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
17:34:38.0492 1588 wscsvc - ok
17:34:38.0501 1588 WSearch - ok
17:34:38.0990 1588 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:34:39.0067 1588 wuauserv - ok
17:34:39.0090 1588 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:34:39.0097 1588 WudfPf - ok
17:34:39.0164 1588 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:34:39.0178 1588 WUDFRd - ok
17:34:39.0223 1588 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:34:39.0292 1588 wudfsvc - ok
17:34:39.0366 1588 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:34:39.0381 1588 WwanSvc - ok
17:34:39.0471 1588 ================ Scan global ===============================
17:34:39.0542 1588 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:34:39.0664 1588 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:34:39.0744 1588 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:34:39.0794 1588 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:34:39.0901 1588 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:34:39.0915 1588 [Global] - ok
17:34:39.0916 1588 ================ Scan MBR ==================================
17:34:39.0928 1588 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
17:34:44.0994 1588 \Device\Harddisk0\DR0 - ok
17:34:44.0999 1588 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:34:45.0052 1588 \Device\Harddisk1\DR1 - ok
17:34:45.0053 1588 ================ Scan VBR ==================================
17:34:45.0072 1588 [ A8B2BFF7B1C7AFEA45AD4EE3701937D1 ] \Device\Harddisk0\DR0\Partition1
17:34:45.0095 1588 \Device\Harddisk0\DR0\Partition1 - ok
17:34:45.0119 1588 [ CF98EED6D59D7C7CC7C254DC24E8A5EE ] \Device\Harddisk0\DR0\Partition2
17:34:45.0153 1588 \Device\Harddisk0\DR0\Partition2 - ok
17:34:45.0154 1588 ============================================================
17:34:45.0154 1588 Scan finished
17:34:45.0154 1588 ============================================================
17:34:45.0170 5216 Detected object count: 0
17:34:45.0170 5216 Actual detected object count: 0

adwcleaner log:

# AdwCleaner v2.004 - Logfile created 10/10/2012 at 18:19:19
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Addi - ADDI-PC
# Boot Mode : Normal
# Running from : C:\Users\Addi\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Addi\AppData\Local\Temp\Uninstall.exe
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Addi\AppData\Local\Temp\avg@toolbar

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1807069700-263225110-515172366-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1807069700-263225110-515172366-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

-\\ Google Chrome v22.0.1229.92

File : C:\Users\Addi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2615 octets] - [10/10/2012 18:19:19]

########## EOF - C:\AdwCleaner[R1].txt - [2675 octets] ##########

security check log:

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
Java 7 Update 7
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.4)
Google Chrome 22.0.1229.79
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

attached are the requested logs, thanks for all your help

Edited by addiosamigo, 10 October 2012 - 12:30 PM.


#6 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 11 October 2012 - 07:56 AM

Hi addiosamigo.

That doesn't look too bad.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Flash Player is out of date.
Go here and update it.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Please post the adwcleaner log, the eset log and let me know how the computer's running now.

White Warrior.

#7 addiosamigo

addiosamigo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 11 October 2012 - 01:01 PM

AdwCleaner log

# AdwCleaner v2.004 - Logfile created 10/11/2012 at 18:40:41
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Addi - ADDI-PC
# Boot Mode : Normal
# Running from : C:\Users\Addi\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Addi\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Addi\AppData\Local\Temp\avg@toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

-\\ Google Chrome v22.0.1229.92

File : C:\Users\Addi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2730 octets] - [10/10/2012 18:19:19]
AdwCleaner[S1].txt - [2411 octets] - [11/10/2012 18:40:41]

########## EOF - C:\AdwCleaner[S1].txt - [2471 octets] ##########

thanks again

#8 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 12 October 2012 - 07:20 AM

Hi

Please post the Eset scan log. We need to know if Eset found anything.
Also has your problem been resolved? How is the computer running now?

White Warrior.

#9 addiosamigo

addiosamigo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:46 AM

Posted 13 October 2012 - 08:10 AM

here is the export from eset:

C:\Users\Addi\Dropbox\Hiren\Hiren's.BootCD.11.0.iso Win32/PSWTool.KonBoot.A application deleted - quarantined


I restored this item though as it belongs to my Hiren Boot CD which comes in handy. Was there anything else that the logs show? The system is running perfectly at the moment, (touch wood) but I'm not sure if thats to do with the restore?

I just don't want that searchonme coming back!

thanks for all you help

#10 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 14 October 2012 - 06:05 AM

double posted.

Edited by White Warrior, 14 October 2012 - 06:07 AM.


#11 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests
  • OFFLINE
  •  

Posted 14 October 2012 - 06:07 AM

Hi addiosamigo.

Please note that BC doesn't support the usage of Hirens Boot CD due to legal issues, see also here:
http://www.bleepingcomputer.com/forums/topic382841.html

Now, the good news is your logs look clean.

Now some housekeeping.

Please delete the Security Check folder on the desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with yes

Reset Restore Points.

To Delete All but the Most Recent System Restore Points

Click Start type cleanmgr into the search box and press Enter

Disk Cleanup will open
Select the drive that you want to clean up (usually C) and click OK
NOTE: You will only see this window if you have more than one drive or partition on your computer.
A window will open and calculate how much space you can save.
When it is finished another window will open.
Click the More Options tab.
Click Clean up under the System Restore and Shadow Copies section.
Click Delete to confirm the deletion.
A window will ask for confirmation.
Click Delete Files
The files will be deleted and Disk Cleanup will close.

Now some preventative steps to ensure you don't get infected again:

It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

You can check your system for out of date software manually, or by using automated tools such as Secunia's Personal Software Inspector. This goes doubly for security applications such as antivirus and other antimalware products based on definition lists, where out of date lists mean no detection of newer malware.

Finally, read this tutorial and follow each of the steps:
http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Happy Surfing.

White Warrior.

#12 addiosamigo

addiosamigo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 15 October 2012 - 02:21 AM

ok excellent, all done and working perfectly.

thanks for all your help, if I'm ever in your neck of the woods I'll buy you a beer!

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,107 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:07:46 AM

Posted 18 October 2012 - 03:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users