Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Removal Help


  • This topic is locked This topic is locked
10 replies to this topic

#1 Orikx

Orikx

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 27 August 2013 - 09:59 AM

My browsers open slowly and multiple browser process start when I open just a single window. This happens with both Chrome and IE though I typically use Chrome. When I open a Single Chrome Browser I show 3-5 Chrome process start up.
 
This all seemed to start around the time I was trying to find a download for UBCD.
 
When I first noticed it I ran a MalwareBytes scan and it found the following infections.
Trojan.FormatC - In a UBCD4Win folder
PUP.Optional.Softonic
PUP.Optional.IBryte.A
 
I've ran multiple Full Scans since then and Malwarebytes finds nothing. All Definitions are up to date.
 
What I have done.
Ran RKill(found nothing) > Malwarebytes Full Scan(found nothing)
ComboFix
AdwCleaner
HiJackThis - Doesn't seem to be anything out of the ordinary. Though admittedly I'm not as familiar with it as I would like to be so I could be missing something.
 
Host File only has one line in it:
127.0.0.1       localhost
 
I've attached the logs from ComboFix and HiJackThis.
 
Any ideas on how to fix this?

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

Attached Files



BC AdBot (Login to Remove)

 


#2 Orikx

Orikx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 27 August 2013 - 12:30 PM

I've tried to run the DDs to attach and I got a blue screen when running it with the following code.

0x000000D1



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:08 PM

Posted 01 September 2013 - 10:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/505792 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Orikx

Orikx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 04 September 2013 - 08:55 AM

I am still unable to run the DDS utility.

 

I get the same Blue screen message.

Driver_IRQL_Not_Less_Or_Equal 

0x000000D1

 

I've tried to research the error code. Tried a Hotfix that is supposed to work for Windows 7 that did not work. I've tried updated drivers for most peripherals.

 

I am Running Windows 7 Home Premium 32 Bit.

 

I am able to run the DDS in safe mode but did not include the log files since I figured they wouldn't have the info you need. i just did it as a troubleshooting step for the blue screen problem. I can include the safe mode DDS log if you want it.



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:08 PM

Posted 04 September 2013 - 10:38 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#6 Orikx

Orikx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 04 September 2013 - 11:23 AM

All programs ran successfully. I appear to be still having the same problem. When I open a single browsers multiple processes start up for that browser. For instance I only have 1 browser open at the moment to reply to this thread but I have 4 Chrome processes running. It does this with IE as well. If I close the single browser all processes stop. If I open 5 browse tabs I will show roughly 8-9 process running. 
 
 
 
RogueKiller V8.6.9 [Sep  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : jollinger [Admin rights]
Mode : Remove -- Date : 09/04/2013 10:51:10
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 3 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 4 ¤¤¤
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3274924581-2292446303-503628653-1001UA.job : C:\Users\jollinger\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> DELETED
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3274924581-2292446303-503628653-1001Core.job : C:\Users\jollinger\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3274924581-2292446303-503628653-1001Core : C:\Users\jollinger\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3274924581-2292446303-503628653-1001UA : C:\Users\jollinger\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> ERROR DELETING TASK
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E1A8CC)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E1A8CC)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E0647C)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E0644E)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E064AA)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E15DB2)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x84E15D7E)
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
127.0.0.1       JKROENIX-MOBL.amr.corp.intel.com # LMS GENERATED LINE
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: WDC WD800BEKT-11F3T0 ATA Device +++++
--- User ---
[MBR] c2183ae5e71a5940850869c08695747b
[BSP] c7cae73296692bf8b0185b5e0c0d28e0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 3836 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 7858176 | Size: 72481 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_09042013_105110.txt >>
RKreport[0]_S_09042013_105004.txt
 
 
 
 
 
# AdwCleaner v3.002 - Report created 04/09/2013 at 10:56:31
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : jollinger - DMDAKSECPC
# Running from : C:\Users\jollinger\Desktop\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Product Deleted : Google Update Helper
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\daksec\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\jollinger\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [866 octets] - [27/08/2013 08:03:05]
AdwCleaner[R1].txt - [925 octets] - [27/08/2013 08:24:29]
AdwCleaner[R2].txt - [1043 octets] - [27/08/2013 08:30:39]
AdwCleaner[R3].txt - [1309 octets] - [04/09/2013 10:52:26]
AdwCleaner[S0].txt - [985 octets] - [27/08/2013 08:25:35]
AdwCleaner[S1].txt - [1236 octets] - [04/09/2013 10:56:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1296 octets] ##########
 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.7 (09.01.2013:1)
OS: Windows 7 Home Premium x86
Ran by jollinger on Wed 09/04/2013 at 11:03:06.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/04/2013 at 11:06:12.83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:08 PM

Posted 04 September 2013 - 01:46 PM


Do your have a Flash driver or Extra hard drive attached to this computer when you start the computer?

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#8 Orikx

Orikx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 05 September 2013 - 08:53 AM

TDSS ran and found nothing. When I run aswMBR I get a blue screen. It's the same blue screen message I get when running

DDS. Driver_IRQL_Not_Less_Or_Equal

0x000000D1

 

I was able to run it in safe mode without blue screen so I did to get you the log. Hopefully the log is still useful when ran in safe mode.

 

My symptoms remain the same. Multiple Chrome processes running when I open a single browser window.

 

TDSS Log

 

15:35:57.0405 4448  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:35:58.0559 4448  ============================================================
15:35:58.0559 4448  Current date / time: 2013/09/04 15:35:58.0559
15:35:58.0559 4448  SystemInfo:
15:35:58.0559 4448  
15:35:58.0559 4448  OS Version: 6.1.7601 ServicePack: 1.0
15:35:58.0559 4448  Product type: Workstation
15:35:58.0559 4448  ComputerName: DMDAKSECPC
15:35:58.0559 4448  UserName: jollinger
15:35:58.0559 4448  Windows directory: C:\Windows
15:35:58.0559 4448  System windows directory: C:\Windows
15:35:58.0559 4448  Processor architecture: Intel x86
15:35:58.0559 4448  Number of processors: 2
15:35:58.0559 4448  Page size: 0x1000
15:35:58.0559 4448  Boot type: Normal boot
15:35:58.0559 4448  ============================================================
15:35:59.0901 4448  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:35:59.0901 4448  ============================================================
15:35:59.0901 4448  \Device\Harddisk0\DR0:
15:35:59.0901 4448  MBR partitions:
15:35:59.0901 4448  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x77E800, BlocksNum 0x8D90800
15:35:59.0901 4448  ============================================================
15:35:59.0932 4448  C: <-> \Device\Harddisk0\DR0\Partition1
15:35:59.0932 4448  ============================================================
15:35:59.0932 4448  Initialize success
15:35:59.0932 4448  ============================================================
15:36:28.0761 4360  ============================================================
15:36:28.0761 4360  Scan started
15:36:28.0761 4360  Mode: Manual; SigCheck; TDLFS; 
15:36:28.0761 4360  ============================================================
15:36:29.0213 4360  ================ Scan system memory ========================
15:36:29.0213 4360  System memory - ok
15:36:29.0213 4360  ================ Scan services =============================
15:36:29.0400 4360  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:36:29.0556 4360  1394ohci - ok
15:36:29.0603 4360  [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer   C:\Windows\system32\drivers\Accelerometer.sys
15:36:29.0619 4360  Accelerometer - ok
15:36:29.0650 4360  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:36:29.0665 4360  ACPI - ok
15:36:29.0681 4360  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:36:29.0775 4360  AcpiPmi - ok
15:36:29.0821 4360  [ FB9ECE3F7B8A03E474E611031AD4CD23 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
15:36:29.0899 4360  ADIHdAudAddService - ok
15:36:29.0977 4360  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:30.0009 4360  AdobeARMservice - ok
15:36:30.0040 4360  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:36:30.0087 4360  adp94xx - ok
15:36:30.0102 4360  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:36:30.0133 4360  adpahci - ok
15:36:30.0165 4360  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:36:30.0180 4360  adpu320 - ok
15:36:30.0196 4360  [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
15:36:30.0227 4360  AEADIFilters - ok
15:36:30.0258 4360  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:36:30.0321 4360  AeLookupSvc - ok
15:36:30.0367 4360  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
15:36:30.0461 4360  AFD - ok
15:36:30.0461 4360  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:36:30.0492 4360  agp440 - ok
15:36:30.0523 4360  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:36:30.0539 4360  aic78xx - ok
15:36:30.0570 4360  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:36:30.0664 4360  ALG - ok
15:36:30.0679 4360  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:36:30.0711 4360  aliide - ok
15:36:30.0726 4360  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:36:30.0757 4360  amdagp - ok
15:36:30.0757 4360  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:36:30.0789 4360  amdide - ok
15:36:30.0804 4360  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:36:30.0835 4360  AmdK8 - ok
15:36:30.0882 4360  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:36:30.0913 4360  AmdPPM - ok
15:36:30.0960 4360  [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:36:30.0976 4360  amdsata - ok
15:36:31.0007 4360  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:36:31.0038 4360  amdsbs - ok
15:36:31.0054 4360  [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:36:31.0069 4360  amdxata - ok
15:36:31.0085 4360  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
15:36:31.0116 4360  AppID - ok
15:36:31.0147 4360  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:36:31.0194 4360  AppIDSvc - ok
15:36:31.0225 4360  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
15:36:31.0319 4360  Appinfo - ok
15:36:31.0350 4360  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
15:36:31.0366 4360  arc - ok
15:36:31.0381 4360  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:36:31.0397 4360  arcsas - ok
15:36:31.0428 4360  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:31.0569 4360  AsyncMac - ok
15:36:31.0584 4360  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
15:36:31.0600 4360  atapi - ok
15:36:31.0693 4360  [ F0BB742487725C342F280D64003D3E79 ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
15:36:31.0740 4360  atchksrv - ok
15:36:31.0849 4360  [ 774028E21ED0E5D889F1382CE7C669D3 ] AtiDCM          C:\SwSetup\SP45697\Bin\atidcmxx.sys
15:36:31.0896 4360  AtiDCM - ok
15:36:32.0021 4360  [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:36:32.0193 4360  atikmdag - ok
15:36:32.0239 4360  [ 1EC637725AEBE586508626BA50AF3324 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
15:36:32.0271 4360  ATSwpWDF - ok
15:36:32.0317 4360  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:32.0411 4360  AudioEndpointBuilder - ok
15:36:32.0427 4360  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:36:32.0458 4360  Audiosrv - ok
15:36:32.0489 4360  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:36:32.0583 4360  AxInstSV - ok
15:36:32.0629 4360  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
15:36:32.0692 4360  b06bdrv - ok
15:36:32.0739 4360  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:36:32.0785 4360  b57nd60x - ok
15:36:32.0832 4360  [ 8777206E69B0557608BDFCAEB91337BC ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
15:36:32.0879 4360  bcbtums - ok
15:36:32.0926 4360  [ 2308C3B2FE30B11AF58C33B056810F5D ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
15:36:33.0004 4360  BcmBtRSupport - ok
15:36:33.0019 4360  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:36:33.0082 4360  BDESVC - ok
15:36:33.0113 4360  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:36:33.0175 4360  Beep - ok
15:36:33.0222 4360  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
15:36:33.0300 4360  BFE - ok
15:36:33.0347 4360  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
15:36:33.0394 4360  BITS - ok
15:36:33.0409 4360  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:36:33.0456 4360  blbdrive - ok
15:36:33.0487 4360  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:36:33.0534 4360  bowser - ok
15:36:33.0550 4360  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:36:33.0597 4360  BrFiltLo - ok
15:36:33.0612 4360  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:36:33.0659 4360  BrFiltUp - ok
15:36:33.0706 4360  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:36:33.0768 4360  BridgeMP - ok
15:36:33.0799 4360  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
15:36:33.0862 4360  Browser - ok
15:36:33.0893 4360  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:36:33.0924 4360  Brserid - ok
15:36:33.0940 4360  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:33.0955 4360  BrSerWdm - ok
15:36:33.0971 4360  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:34.0018 4360  BrUsbMdm - ok
15:36:34.0049 4360  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:34.0080 4360  BrUsbSer - ok
15:36:34.0127 4360  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:36:34.0221 4360  BthEnum - ok
15:36:34.0236 4360  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:36:34.0267 4360  BTHMODEM - ok
15:36:34.0299 4360  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:36:34.0330 4360  BthPan - ok
15:36:34.0361 4360  [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:36:34.0423 4360  BTHPORT - ok
15:36:34.0455 4360  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:36:34.0501 4360  bthserv - ok
15:36:34.0533 4360  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:36:34.0564 4360  BTHUSB - ok
15:36:34.0579 4360  [ 40CC43B70F7B9D386BFA13A3E231A567 ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
15:36:34.0595 4360  btwampfl - ok
15:36:34.0704 4360  catchme - ok
15:36:34.0735 4360  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:36:34.0813 4360  cdfs - ok
15:36:34.0876 4360  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:36:34.0907 4360  cdrom - ok
15:36:34.0923 4360  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:36:34.0969 4360  CertPropSvc - ok
15:36:35.0016 4360  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:36:35.0063 4360  circlass - ok
15:36:35.0079 4360  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:36:35.0110 4360  CLFS - ok
15:36:35.0172 4360  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:35.0203 4360  clr_optimization_v2.0.50727_32 - ok
15:36:35.0297 4360  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:36:35.0313 4360  clr_optimization_v4.0.30319_32 - ok
15:36:35.0328 4360  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:36:35.0375 4360  CmBatt - ok
15:36:35.0391 4360  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:36:35.0422 4360  cmdide - ok
15:36:35.0453 4360  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:36:35.0484 4360  CNG - ok
15:36:35.0562 4360  [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:36:35.0593 4360  Com4QLBEx - ok
15:36:35.0625 4360  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:36:35.0640 4360  Compbatt - ok
15:36:35.0671 4360  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:36:35.0718 4360  CompositeBus - ok
15:36:35.0734 4360  COMSysApp - ok
15:36:35.0765 4360  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:36:35.0781 4360  crcdisk - ok
15:36:35.0827 4360  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:36:35.0905 4360  CryptSvc - ok
15:36:35.0952 4360  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:36:36.0015 4360  DcomLaunch - ok
15:36:36.0046 4360  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:36:36.0108 4360  defragsvc - ok
15:36:36.0139 4360  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:36:36.0186 4360  DfsC - ok
15:36:36.0217 4360  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:36:36.0264 4360  Dhcp - ok
15:36:36.0280 4360  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:36:36.0327 4360  discache - ok
15:36:36.0358 4360  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
15:36:36.0389 4360  Disk - ok
15:36:36.0420 4360  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:36:36.0483 4360  Dnscache - ok
15:36:36.0514 4360  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:36:36.0576 4360  dot3svc - ok
15:36:36.0607 4360  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
15:36:36.0670 4360  DPS - ok
15:36:36.0701 4360  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:36:36.0732 4360  drmkaud - ok
15:36:36.0779 4360  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:36:36.0826 4360  DXGKrnl - ok
15:36:36.0873 4360  [ 0535BFBEDB9378DDD15BDF9957D57D71 ] e1express       C:\Windows\system32\DRIVERS\e1e6232.sys
15:36:36.0904 4360  e1express - ok
15:36:36.0935 4360  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:36:36.0997 4360  EapHost - ok
15:36:37.0091 4360  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
15:36:37.0231 4360  ebdrv - ok
15:36:37.0278 4360  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
15:36:37.0356 4360  EFS - ok
15:36:37.0434 4360  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:36:37.0497 4360  ehRecvr - ok
15:36:37.0512 4360  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:36:37.0559 4360  ehSched - ok
15:36:37.0590 4360  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:36:37.0653 4360  elxstor - ok
15:36:37.0668 4360  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:36:37.0699 4360  ErrDev - ok
15:36:37.0746 4360  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:36:37.0809 4360  EventSystem - ok
15:36:37.0824 4360  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:37.0855 4360  exfat - ok
15:36:37.0887 4360  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:37.0933 4360  fastfat - ok
15:36:37.0980 4360  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
15:36:38.0043 4360  Fax - ok
15:36:38.0058 4360  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
15:36:38.0105 4360  fdc - ok
15:36:38.0121 4360  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:38.0183 4360  fdPHost - ok
15:36:38.0199 4360  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:38.0261 4360  FDResPub - ok
15:36:38.0277 4360  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:38.0308 4360  FileInfo - ok
15:36:38.0323 4360  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:38.0355 4360  Filetrace - ok
15:36:38.0370 4360  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:36:38.0401 4360  flpydisk - ok
15:36:38.0433 4360  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:38.0464 4360  FltMgr - ok
15:36:38.0511 4360  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
15:36:38.0620 4360  FontCache - ok
15:36:38.0682 4360  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:36:38.0713 4360  FontCache3.0.0.0 - ok
15:36:38.0729 4360  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:38.0745 4360  FsDepends - ok
15:36:38.0776 4360  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:38.0823 4360  Fs_Rec - ok
15:36:38.0854 4360  [ D6E3667F5E2BC6AFC50308B480DE2999 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
15:36:38.0869 4360  FTDIBUS - ok
15:36:38.0885 4360  [ E4CF4C1F9E3D57A66850F484C08E9ECF ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
15:36:38.0901 4360  FTSER2K - ok
15:36:38.0947 4360  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:38.0979 4360  fvevol - ok
15:36:39.0010 4360  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:36:39.0025 4360  gagp30kx - ok
15:36:39.0072 4360  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:39.0135 4360  gpsvc - ok
15:36:39.0228 4360  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:36:39.0275 4360  gupdate - ok
15:36:39.0275 4360  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:36:39.0291 4360  gupdatem - ok
15:36:39.0337 4360  [ C172F0D0329E46513B09E1FC60A27B9D ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
15:36:39.0353 4360  HBtnKey - ok
15:36:39.0384 4360  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:36:39.0462 4360  hcw85cir - ok
15:36:39.0493 4360  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:36:39.0540 4360  HdAudAddService - ok
15:36:39.0556 4360  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:36:39.0603 4360  HDAudBus - ok
15:36:39.0634 4360  [ 982DA8EDC8E2680BA8E39DC1AD54A04E ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
15:36:39.0681 4360  HECI - ok
15:36:39.0696 4360  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:36:39.0743 4360  HidBatt - ok
15:36:39.0743 4360  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:36:39.0774 4360  HidBth - ok
15:36:39.0805 4360  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:36:39.0821 4360  HidIr - ok
15:36:39.0837 4360  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
15:36:39.0899 4360  hidserv - ok
15:36:39.0930 4360  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:36:39.0961 4360  HidUsb - ok
15:36:39.0993 4360  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:36:40.0039 4360  hkmsvc - ok
15:36:40.0055 4360  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:40.0102 4360  HomeGroupListener - ok
15:36:40.0117 4360  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:40.0164 4360  HomeGroupProvider - ok
15:36:40.0227 4360  [ 076AC80D7393C2D8EEBAB1DD6AB8E6C0 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:36:40.0242 4360  HPDrvMntSvc.exe - ok
15:36:40.0273 4360  [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt        C:\Windows\system32\drivers\hpdskflt.sys
15:36:40.0289 4360  hpdskflt - ok
15:36:40.0320 4360  [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:36:40.0398 4360  HpqKbFiltr - ok
15:36:40.0445 4360  [ FE8D7EA8CADD4EDD90810E08F5FDACDA ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
15:36:40.0492 4360  hpqwmiex - ok
15:36:40.0507 4360  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:36:40.0539 4360  HpSAMD - ok
15:36:40.0539 4360  [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv           C:\Windows\system32\Hpservice.exe
15:36:40.0554 4360  hpsrv - ok
15:36:40.0585 4360  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:36:40.0648 4360  HTTP - ok
15:36:40.0663 4360  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:36:40.0679 4360  hwpolicy - ok
15:36:40.0726 4360  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:36:40.0757 4360  i8042prt - ok
15:36:40.0788 4360  [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:36:40.0819 4360  iaStorV - ok
15:36:40.0882 4360  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:36:40.0929 4360  idsvc - ok
15:36:40.0944 4360  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:36:40.0960 4360  iirsp - ok
15:36:41.0007 4360  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:36:41.0069 4360  IKEEXT - ok
15:36:41.0131 4360  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:36:41.0163 4360  intelide - ok
15:36:41.0194 4360  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:36:41.0241 4360  intelppm - ok
15:36:41.0272 4360  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:36:41.0303 4360  IPBusEnum - ok
15:36:41.0319 4360  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:41.0365 4360  IpFilterDriver - ok
15:36:41.0412 4360  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:36:41.0521 4360  iphlpsvc - ok
15:36:41.0537 4360  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:36:41.0553 4360  IPMIDRV - ok
15:36:41.0568 4360  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:36:41.0615 4360  IPNAT - ok
15:36:41.0646 4360  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:36:41.0693 4360  IRENUM - ok
15:36:41.0709 4360  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:36:41.0724 4360  isapnp - ok
15:36:41.0755 4360  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:36:41.0771 4360  iScsiPrt - ok
15:36:41.0818 4360  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:41.0833 4360  kbdclass - ok
15:36:41.0849 4360  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:41.0896 4360  kbdhid - ok
15:36:41.0927 4360  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
15:36:41.0943 4360  KeyIso - ok
15:36:41.0989 4360  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:36:42.0005 4360  KSecDD - ok
15:36:42.0021 4360  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:36:42.0036 4360  KSecPkg - ok
15:36:42.0067 4360  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:36:42.0145 4360  KtmRm - ok
15:36:42.0192 4360  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:36:42.0286 4360  LanmanServer - ok
15:36:42.0317 4360  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:42.0348 4360  LanmanWorkstation - ok
15:36:42.0411 4360  [ B716D4D759663BC4174FD0A379DA8E50 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
15:36:42.0426 4360  libusb0 - ok
15:36:42.0457 4360  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:36:42.0504 4360  lltdio - ok
15:36:42.0551 4360  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:36:42.0613 4360  lltdsvc - ok
15:36:42.0645 4360  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:36:42.0691 4360  lmhosts - ok
15:36:42.0723 4360  [ F58F73DE40C85E5B132B4AB275A0F4B0 ] LMS             C:\Program Files\Intel\AMT\LMS.exe
15:36:42.0738 4360  LMS - ok
15:36:42.0785 4360  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:36:42.0801 4360  LSI_FC - ok
15:36:42.0801 4360  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:36:42.0832 4360  LSI_SAS - ok
15:36:42.0847 4360  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:36:42.0863 4360  LSI_SAS2 - ok
15:36:42.0879 4360  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:36:42.0894 4360  LSI_SCSI - ok
15:36:42.0925 4360  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:36:42.0988 4360  luafv - ok
15:36:43.0003 4360  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:36:43.0035 4360  Mcx2Svc - ok
15:36:43.0035 4360  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:36:43.0066 4360  megasas - ok
15:36:43.0081 4360  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:36:43.0113 4360  MegaSR - ok
15:36:43.0144 4360  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:36:43.0206 4360  MMCSS - ok
15:36:43.0222 4360  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:36:43.0284 4360  Modem - ok
15:36:43.0331 4360  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:36:43.0378 4360  monitor - ok
15:36:43.0409 4360  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:36:43.0440 4360  mouclass - ok
15:36:43.0471 4360  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:36:43.0503 4360  mouhid - ok
15:36:43.0534 4360  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:36:43.0549 4360  mountmgr - ok
15:36:43.0612 4360  [ 24406D75B40F0F6B3C1AC7031D734565 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:36:43.0627 4360  MpFilter - ok
15:36:43.0643 4360  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:36:43.0674 4360  mpio - ok
15:36:43.0690 4360  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:36:43.0737 4360  mpsdrv - ok
15:36:43.0768 4360  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:36:43.0830 4360  MpsSvc - ok
15:36:43.0846 4360  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:36:43.0893 4360  MRxDAV - ok
15:36:43.0939 4360  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:44.0002 4360  mrxsmb - ok
15:36:44.0033 4360  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:44.0049 4360  mrxsmb10 - ok
15:36:44.0080 4360  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:44.0127 4360  mrxsmb20 - ok
15:36:44.0142 4360  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
15:36:44.0173 4360  msahci - ok
15:36:44.0173 4360  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:36:44.0205 4360  msdsm - ok
15:36:44.0236 4360  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:36:44.0267 4360  MSDTC - ok
15:36:44.0298 4360  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:36:44.0345 4360  Msfs - ok
15:36:44.0345 4360  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:36:44.0392 4360  mshidkmdf - ok
15:36:44.0407 4360  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:36:44.0423 4360  msisadrv - ok
15:36:44.0454 4360  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:36:44.0501 4360  MSiSCSI - ok
15:36:44.0517 4360  msiserver - ok
15:36:44.0548 4360  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:36:44.0595 4360  MSKSSRV - ok
15:36:44.0641 4360  [ 37F77AEBFF23A99D1BFB4F34CD2D07F2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:36:44.0673 4360  MsMpSvc - ok
15:36:44.0688 4360  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:44.0751 4360  MSPCLOCK - ok
15:36:44.0766 4360  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:36:44.0829 4360  MSPQM - ok
15:36:44.0860 4360  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:36:44.0875 4360  MsRPC - ok
15:36:44.0891 4360  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:36:44.0907 4360  mssmbios - ok
15:36:44.0922 4360  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:36:44.0969 4360  MSTEE - ok
15:36:44.0969 4360  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:36:45.0016 4360  MTConfig - ok
15:36:45.0031 4360  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:36:45.0047 4360  Mup - ok
15:36:45.0094 4360  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
15:36:45.0141 4360  napagent - ok
15:36:45.0172 4360  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:36:45.0203 4360  NativeWifiP - ok
15:36:45.0265 4360  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:36:45.0312 4360  NDIS - ok
15:36:45.0328 4360  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:45.0390 4360  NdisCap - ok
15:36:45.0421 4360  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:45.0468 4360  NdisTapi - ok
15:36:45.0499 4360  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:45.0546 4360  Ndisuio - ok
15:36:45.0577 4360  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:45.0624 4360  NdisWan - ok
15:36:45.0655 4360  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:36:45.0687 4360  NDProxy - ok
15:36:45.0702 4360  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:36:45.0749 4360  NetBIOS - ok
15:36:45.0780 4360  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:36:45.0843 4360  NetBT - ok
15:36:45.0858 4360  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
15:36:45.0874 4360  Netlogon - ok
15:36:45.0921 4360  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:36:45.0967 4360  Netman - ok
15:36:45.0999 4360  [ F476EC40033CDB91EFBE73EB99B8362D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:36:46.0014 4360  NetMsmqActivator - ok
15:36:46.0030 4360  [ F476EC40033CDB91EFBE73EB99B8362D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:36:46.0045 4360  NetPipeActivator - ok
15:36:46.0061 4360  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:36:46.0123 4360  netprofm - ok
15:36:46.0139 4360  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:36:46.0155 4360  NetTcpActivator - ok
15:36:46.0155 4360  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:36:46.0170 4360  NetTcpPortSharing - ok
15:36:46.0295 4360  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
15:36:46.0482 4360  netw5v32 - ok
15:36:46.0513 4360  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:36:46.0529 4360  nfrd960 - ok
15:36:46.0607 4360  [ C58DB40E4C95BE8EE727BE872BE6383F ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:36:46.0623 4360  NisDrv - ok
15:36:46.0669 4360  [ CF6D9AB044DF22FB6ECCC3907DE9FD7A ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:36:46.0716 4360  NisSrv - ok
15:36:46.0810 4360  [ 2B0B1A45A5D6DAFFD961DE5DAA9A7DF9 ] NitroReaderDriverReadSpool3 C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
15:36:46.0841 4360  NitroReaderDriverReadSpool3 - ok
15:36:46.0872 4360  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:36:46.0935 4360  NlaSvc - ok
15:36:46.0966 4360  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:36:47.0028 4360  Npfs - ok
15:36:47.0059 4360  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:36:47.0106 4360  nsi - ok
15:36:47.0137 4360  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:36:47.0200 4360  nsiproxy - ok
15:36:47.0262 4360  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:36:47.0325 4360  Ntfs - ok
15:36:47.0387 4360  [ 28613C245D9F26190DCEE18430A4EBBE ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
15:36:47.0465 4360  NuidFltr - ok
15:36:47.0481 4360  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:36:47.0512 4360  Null - ok
15:36:47.0761 4360  [ 0F96EEF0E62E536B9A683F058FFBDF0C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:48.0120 4360  nvlddmkm - ok
15:36:48.0167 4360  [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:36:48.0198 4360  nvraid - ok
15:36:48.0229 4360  [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:36:48.0261 4360  nvstor - ok
15:36:48.0307 4360  [ 555B3C2B10E301BD46BC9C065698A360 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:36:48.0354 4360  nvsvc - ok
15:36:48.0385 4360  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:36:48.0401 4360  nv_agp - ok
15:36:48.0417 4360  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:36:48.0463 4360  ohci1394 - ok
15:36:48.0557 4360  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:48.0604 4360  ose - ok
15:36:48.0635 4360  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:36:48.0713 4360  p2pimsvc - ok
15:36:48.0729 4360  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:36:48.0775 4360  p2psvc - ok
15:36:48.0807 4360  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
15:36:48.0822 4360  Parport - ok
15:36:48.0853 4360  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:36:48.0885 4360  partmgr - ok
15:36:48.0900 4360  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:36:48.0947 4360  Parvdm - ok
15:36:48.0978 4360  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:36:49.0025 4360  PcaSvc - ok
15:36:49.0041 4360  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
15:36:49.0072 4360  pci - ok
15:36:49.0103 4360  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
15:36:49.0119 4360  pciide - ok
15:36:49.0134 4360  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:36:49.0165 4360  pcmcia - ok
15:36:49.0165 4360  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:36:49.0197 4360  pcw - ok
15:36:49.0228 4360  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:36:49.0290 4360  PEAUTH - ok
15:36:49.0368 4360  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
15:36:49.0509 4360  pla - ok
15:36:49.0571 4360  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:36:49.0665 4360  PlugPlay - ok
15:36:49.0696 4360  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:36:49.0743 4360  PNRPAutoReg - ok
15:36:49.0774 4360  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:36:49.0789 4360  PNRPsvc - ok
15:36:49.0836 4360  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:36:49.0899 4360  PolicyAgent - ok
15:36:49.0945 4360  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
15:36:50.0008 4360  Power - ok
15:36:50.0039 4360  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:36:50.0133 4360  PptpMiniport - ok
15:36:50.0148 4360  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
15:36:50.0195 4360  Processor - ok
15:36:50.0242 4360  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
15:36:50.0320 4360  ProfSvc - ok
15:36:50.0335 4360  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:50.0351 4360  ProtectedStorage - ok
15:36:50.0382 4360  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:36:50.0429 4360  Psched - ok
15:36:50.0476 4360  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:36:50.0538 4360  ql2300 - ok
15:36:50.0569 4360  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:36:50.0585 4360  ql40xx - ok
15:36:50.0616 4360  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:36:50.0663 4360  QWAVE - ok
15:36:50.0694 4360  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:36:50.0710 4360  QWAVEdrv - ok
15:36:50.0725 4360  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:36:50.0788 4360  RasAcd - ok
15:36:50.0819 4360  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:50.0850 4360  RasAgileVpn - ok
15:36:50.0866 4360  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:36:50.0928 4360  RasAuto - ok
15:36:50.0944 4360  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:51.0006 4360  Rasl2tp - ok
15:36:51.0053 4360  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
15:36:51.0115 4360  RasMan - ok
15:36:51.0147 4360  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:51.0178 4360  RasPppoe - ok
15:36:51.0193 4360  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:36:51.0256 4360  RasSstp - ok
15:36:51.0287 4360  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:36:51.0334 4360  rdbss - ok
15:36:51.0365 4360  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:36:51.0396 4360  rdpbus - ok
15:36:51.0412 4360  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:51.0474 4360  RDPCDD - ok
15:36:51.0505 4360  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:36:51.0568 4360  RDPENCDD - ok
15:36:51.0583 4360  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:36:51.0646 4360  RDPREFMP - ok
15:36:51.0693 4360  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:36:51.0739 4360  RdpVideoMiniport - ok
15:36:51.0771 4360  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:36:51.0833 4360  RDPWD - ok
15:36:51.0864 4360  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:36:51.0880 4360  rdyboost - ok
15:36:51.0911 4360  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:36:51.0942 4360  RemoteAccess - ok
15:36:51.0973 4360  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:36:52.0020 4360  RemoteRegistry - ok
15:36:52.0051 4360  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:36:52.0067 4360  RFCOMM - ok
15:36:52.0098 4360  [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk        C:\Windows\system32\drivers\rimmptsk.sys
15:36:52.0161 4360  rimmptsk - ok
15:36:52.0176 4360  [ 470FC46E2989F6606043C1C5365B15FD ] rismc32         C:\Windows\system32\DRIVERS\rismc32.sys
15:36:52.0239 4360  rismc32 - ok
15:36:52.0254 4360  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:36:52.0317 4360  RpcEptMapper - ok
15:36:52.0332 4360  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:36:52.0379 4360  RpcLocator - ok
15:36:52.0410 4360  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
15:36:52.0457 4360  RpcSs - ok
15:36:52.0473 4360  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:36:52.0535 4360  rspndr - ok
15:36:52.0551 4360  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
15:36:52.0582 4360  SamSs - ok
15:36:52.0597 4360  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:36:52.0629 4360  sbp2port - ok
15:36:52.0660 4360  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:36:52.0722 4360  SCardSvr - ok
15:36:52.0753 4360  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:36:52.0800 4360  scfilter - ok
15:36:52.0847 4360  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
15:36:52.0925 4360  Schedule - ok
15:36:52.0956 4360  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:36:52.0987 4360  SCPolicySvc - ok
15:36:53.0003 4360  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:36:53.0050 4360  sdbus - ok
15:36:53.0065 4360  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:36:53.0159 4360  SDRSVC - ok
15:36:53.0206 4360  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:36:53.0284 4360  secdrv - ok
15:36:53.0315 4360  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:36:53.0362 4360  seclogon - ok
15:36:53.0393 4360  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
15:36:53.0440 4360  SENS - ok
15:36:53.0471 4360  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:36:53.0518 4360  SensrSvc - ok
15:36:53.0549 4360  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:36:53.0596 4360  Serenum - ok
15:36:53.0643 4360  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:36:53.0658 4360  Serial - ok
15:36:53.0689 4360  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:36:53.0705 4360  sermouse - ok
15:36:53.0736 4360  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:36:53.0799 4360  SessionEnv - ok
15:36:53.0814 4360  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:36:53.0861 4360  sffdisk - ok
15:36:53.0877 4360  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:36:53.0908 4360  sffp_mmc - ok
15:36:53.0908 4360  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:36:53.0939 4360  sffp_sd - ok
15:36:53.0939 4360  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:36:53.0986 4360  sfloppy - ok
15:36:54.0017 4360  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:36:54.0095 4360  SharedAccess - ok
15:36:54.0126 4360  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:54.0189 4360  ShellHWDetection - ok
15:36:54.0220 4360  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:36:54.0235 4360  sisagp - ok
15:36:54.0267 4360  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:36:54.0282 4360  SiSRaid2 - ok
15:36:54.0298 4360  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:36:54.0313 4360  SiSRaid4 - ok
15:36:54.0345 4360  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:36:54.0376 4360  Smb - ok
15:36:54.0407 4360  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:36:54.0438 4360  SNMPTRAP - ok
15:36:54.0454 4360  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:36:54.0469 4360  spldr - ok
15:36:54.0532 4360  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
15:36:54.0594 4360  Spooler - ok
15:36:54.0672 4360  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:36:54.0828 4360  sppsvc - ok
15:36:54.0844 4360  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:36:54.0906 4360  sppuinotify - ok
15:36:54.0937 4360  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:36:55.0015 4360  srv - ok
15:36:55.0031 4360  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:36:55.0093 4360  srv2 - ok
15:36:55.0125 4360  [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:36:55.0156 4360  SrvHsfHDA - ok
15:36:55.0203 4360  [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:36:55.0249 4360  SrvHsfV92 - ok
15:36:55.0265 4360  [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:36:55.0312 4360  SrvHsfWinac - ok
15:36:55.0343 4360  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:36:55.0390 4360  srvnet - ok
15:36:55.0421 4360  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:36:55.0483 4360  SSDPSRV - ok
15:36:55.0499 4360  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:36:55.0530 4360  SstpSvc - ok
15:36:55.0546 4360  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:36:55.0577 4360  stexstor - ok
15:36:55.0624 4360  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:36:55.0686 4360  StiSvc - ok
15:36:55.0702 4360  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:36:55.0717 4360  swenum - ok
15:36:55.0749 4360  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:36:55.0827 4360  swprv - ok
15:36:55.0905 4360  [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:36:55.0967 4360  SynTP - ok
15:36:55.0998 4360  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
15:36:56.0061 4360  SysMain - ok
15:36:56.0076 4360  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:56.0139 4360  TabletInputService - ok
15:36:56.0170 4360  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:36:56.0217 4360  TapiSrv - ok
15:36:56.0232 4360  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:36:56.0295 4360  TBS - ok
15:36:56.0357 4360  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:36:56.0420 4360  Tcpip - ok
15:36:56.0466 4360  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:36:56.0513 4360  TCPIP6 - ok
15:36:56.0544 4360  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:36:56.0607 4360  tcpipreg - ok
15:36:56.0654 4360  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:36:56.0732 4360  TDPIPE - ok
15:36:56.0763 4360  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:36:56.0794 4360  TDTCP - ok
15:36:56.0810 4360  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:36:56.0872 4360  tdx - ok
15:36:56.0903 4360  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:36:56.0919 4360  TermDD - ok
15:36:56.0950 4360  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
15:36:56.0997 4360  TermService - ok
15:36:57.0012 4360  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:36:57.0059 4360  Themes - ok
15:36:57.0090 4360  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:36:57.0122 4360  THREADORDER - ok
15:36:57.0153 4360  [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:36:57.0200 4360  TPM - ok
15:36:57.0215 4360  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:36:57.0278 4360  TrkWks - ok
15:36:57.0340 4360  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:57.0434 4360  TrustedInstaller - ok
15:36:57.0465 4360  [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:57.0527 4360  tssecsrv - ok
15:36:57.0574 4360  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:36:57.0621 4360  TsUsbFlt - ok
15:36:57.0652 4360  [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:36:57.0699 4360  TsUsbGD - ok
15:36:57.0714 4360  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:36:57.0746 4360  tunnel - ok
15:36:57.0761 4360  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:36:57.0792 4360  uagp35 - ok
15:36:57.0808 4360  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:36:57.0870 4360  udfs - ok
15:36:57.0902 4360  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:36:57.0933 4360  UI0Detect - ok
15:36:57.0964 4360  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:36:57.0980 4360  uliagpkx - ok
15:36:58.0026 4360  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:36:58.0042 4360  umbus - ok
15:36:58.0073 4360  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:36:58.0104 4360  UmPass - ok
15:36:58.0182 4360  [ 74CD456C408A6343A759A57EFD6D1BCE ] UNS             C:\Program Files\Intel\AMT\UNS.exe
15:36:58.0260 4360  UNS - ok
15:36:58.0276 4360  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:36:58.0354 4360  upnphost - ok
15:36:58.0385 4360  [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
15:36:58.0432 4360  usbccgp - ok
15:36:58.0448 4360  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:36:58.0479 4360  usbcir - ok
15:36:58.0494 4360  [ CFBCE999C057D78979A181C9C60F208E ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:36:58.0526 4360  usbehci - ok
15:36:58.0557 4360  [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:36:58.0588 4360  usbhub - ok
15:36:58.0619 4360  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:36:58.0635 4360  usbohci - ok
15:36:58.0666 4360  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:36:58.0682 4360  usbprint - ok
15:36:58.0713 4360  [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
15:36:58.0744 4360  USBSTOR - ok
15:36:58.0760 4360  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:36:58.0806 4360  usbuhci - ok
15:36:58.0838 4360  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:36:58.0869 4360  UxSms - ok
15:36:58.0884 4360  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:36:58.0916 4360  VaultSvc - ok
15:36:58.0931 4360  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:36:58.0947 4360  vdrvroot - ok
15:36:58.0978 4360  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
15:36:59.0072 4360  vds - ok
15:36:59.0087 4360  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:59.0134 4360  vga - ok
15:36:59.0165 4360  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:36:59.0196 4360  VgaSave - ok
15:36:59.0212 4360  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:36:59.0243 4360  vhdmp - ok
15:36:59.0274 4360  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:36:59.0290 4360  viaagp - ok
15:36:59.0306 4360  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:36:59.0352 4360  ViaC7 - ok
15:36:59.0352 4360  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
15:36:59.0368 4360  viaide - ok
15:36:59.0399 4360  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:36:59.0415 4360  volmgr - ok
15:36:59.0446 4360  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:36:59.0477 4360  volmgrx - ok
15:36:59.0524 4360  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:36:59.0571 4360  volsnap - ok
15:36:59.0602 4360  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:36:59.0618 4360  vsmraid - ok
15:36:59.0664 4360  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
15:36:59.0758 4360  VSS - ok
15:36:59.0774 4360  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:36:59.0820 4360  vwifibus - ok
15:36:59.0852 4360  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:36:59.0914 4360  W32Time - ok
15:36:59.0945 4360  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:36:59.0976 4360  WacomPen - ok
15:37:00.0023 4360  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:37:00.0054 4360  WANARP - ok
15:37:00.0070 4360  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:37:00.0101 4360  Wanarpv6 - ok
15:37:00.0164 4360  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:37:00.0242 4360  WatAdminSvc - ok
15:37:00.0273 4360  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
15:37:00.0335 4360  wbengine - ok
15:37:00.0351 4360  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:37:00.0382 4360  WbioSrvc - ok
15:37:00.0413 4360  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:37:00.0444 4360  wcncsvc - ok
15:37:00.0460 4360  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:37:00.0538 4360  WcsPlugInService - ok
15:37:00.0554 4360  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
15:37:00.0569 4360  Wd - ok
15:37:00.0632 4360  [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
15:37:00.0710 4360  WDC_SAM - ok
15:37:00.0756 4360  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:37:00.0819 4360  Wdf01000 - ok
15:37:00.0834 4360  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:37:00.0944 4360  WdiServiceHost - ok
15:37:00.0959 4360  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:37:00.0990 4360  WdiSystemHost - ok
15:37:01.0006 4360  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
15:37:01.0068 4360  WebClient - ok
15:37:01.0084 4360  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:37:01.0131 4360  Wecsvc - ok
15:37:01.0162 4360  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:37:01.0193 4360  wercplsupport - ok
15:37:01.0240 4360  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:37:01.0302 4360  WerSvc - ok
15:37:01.0334 4360  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:37:01.0365 4360  WfpLwf - ok
15:37:01.0380 4360  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:37:01.0412 4360  WIMMount - ok
15:37:01.0474 4360  [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:37:01.0552 4360  WinDefend - ok
15:37:01.0568 4360  WinHttpAutoProxySvc - ok
15:37:01.0614 4360  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:37:01.0646 4360  Winmgmt - ok
15:37:01.0708 4360  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:37:01.0802 4360  WinRM - ok
15:37:01.0864 4360  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:37:01.0942 4360  Wlansvc - ok
15:37:01.0973 4360  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:37:02.0004 4360  WmiAcpi - ok
15:37:02.0051 4360  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:37:02.0098 4360  wmiApSrv - ok
15:37:02.0160 4360  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:37:02.0238 4360  WMPNetworkSvc - ok
15:37:02.0254 4360  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:37:02.0332 4360  WPCSvc - ok
15:37:02.0363 4360  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:37:02.0410 4360  WPDBusEnum - ok
15:37:02.0441 4360  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:37:02.0504 4360  ws2ifsl - ok
15:37:02.0535 4360  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:37:02.0566 4360  wscsvc - ok
15:37:02.0582 4360  WSearch - ok
15:37:02.0660 4360  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:37:02.0753 4360  wuauserv - ok
15:37:02.0784 4360  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:37:02.0816 4360  WudfPf - ok
15:37:02.0847 4360  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:37:02.0878 4360  WUDFRd - ok
15:37:02.0925 4360  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:37:02.0956 4360  wudfsvc - ok
15:37:02.0987 4360  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:37:03.0034 4360  WwanSvc - ok
15:37:03.0065 4360  ================ Scan global ===============================
15:37:03.0096 4360  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:37:03.0128 4360  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:37:03.0143 4360  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:37:03.0174 4360  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:37:03.0221 4360  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:37:03.0237 4360  [Global] - ok
15:37:03.0237 4360  ================ Scan MBR ==================================
15:37:03.0237 4360  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:37:03.0596 4360  \Device\Harddisk0\DR0 - ok
15:37:03.0596 4360  ================ Scan VBR ==================================
15:37:03.0627 4360  [ 1C9E88C6A9DC6BE5E126A7B820BEDC5C ] \Device\Harddisk0\DR0\Partition1
15:37:03.0627 4360  \Device\Harddisk0\DR0\Partition1 - ok
15:37:03.0627 4360  ============================================================
15:37:03.0627 4360  Scan finished
15:37:03.0627 4360  ============================================================
15:37:03.0642 5424  Detected object count: 0
15:37:03.0642 5424  Actual detected object count: 0
15:38:10.0254 5400  Deinitialize success
 
 
aswMBR Log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-04 16:30:28
-----------------------------
16:30:28.678    OS Version: Windows 6.1.7601 Service Pack 1
16:30:28.678    Number of processors: 2 586 0xF0B
16:30:28.678    ComputerName: DMDAKSECPC  UserName: jollinger
16:30:28.912    Initialize success
16:30:51.283    AVAST engine defs: 13090401
16:31:34.089    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
16:31:34.089    Disk 0 Vendor: WDC_WD800BEKT-11F3T0 11.01A11 Size: 76319MB BusType: 3
16:31:34.183    Disk 0 MBR read successfully
16:31:34.183    Disk 0 MBR scan
16:31:34.183    Disk 0 Windows 7 default MBR code
16:31:34.198    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS         3836 MB offset 2048
16:31:34.198    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        72481 MB offset 7858176
16:31:34.214    Disk 0 scanning sectors +156299264
16:31:34.261    Disk 0 scanning C:\Windows\system32\drivers
16:31:41.764    Service scanning
16:31:56.912    Modules scanning
16:32:02.029    Disk 0 trace - called modules:
16:32:02.060    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
16:32:02.060    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84e5fac8]
16:32:02.091    3 CLASSPNP.SYS[8845259e] -> nt!IofCallDriver -> [0x84e5e260]
16:32:02.091    5 hpdskflt.sys[883f7090] -> nt!IofCallDriver -> [0x849c6918]
16:32:02.091    7 ACPI.sys[87cb33d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x849aa908]
16:32:02.590    AVAST engine scan C:\Windows
16:32:04.416    AVAST engine scan C:\Windows\system32
16:33:55.628    AVAST engine scan C:\Windows\system32\drivers
16:34:06.065    AVAST engine scan C:\Users\jollinger
16:39:20.405    AVAST engine scan C:\ProgramData
16:39:43.478    Scan finished successfully
16:40:27.844    Disk 0 MBR has been saved successfully to "C:\Users\jollinger\Desktop\MBR.dat"
16:40:27.844    The log file has been saved successfully to "C:\Users\jollinger\Desktop\aswMBR.txt"


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:08 PM

Posted 05 September 2013 - 10:42 AM

Download OTL to your desktop.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.

OTL_Main_Tutorial.gif
  • Select All Users.
  • Under the Custom Scan box paste this text in bold in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
ataport.SYS
mountmgr.sys
winsock.*
/md5stop
CREATERESTOREPOINT


Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs DO NOT ATTACH THEM.
===

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:08 PM

Posted 11 September 2013 - 08:11 AM

Are you still with me?

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:08 PM

Posted 17 September 2013 - 08:07 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users