Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help cleaning removing PWS:Win32/Zbot.gen!AP repeated occurances


  • Please log in to reply
6 replies to this topic

#1 Han2013

Han2013

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:40 PM

Posted 01 January 2014 - 07:14 PM

Hello,

 

I'm new to the Forum and came across BC when looking for a solution to a malware alert I received a few days ago that I've not been able to remove. Hopefully I've posted in the correct area.

 

One of them is:

PWS:Win32/Zbot

 

 

The following error occurred: Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this computer.

 

 

The other is:

 

PWS:Win32/Zbot.gen!AP

 

 

Items:

 

process:pid: 1504, 460 and 7148

 

This is the post that lead me to BC and I've followed the instructions provided in the link below hoping it would work for my similar issues and have the logs but it's not fully resolved the issues:

 

http://www.bleepingcomputer.com/forums/t/515309/mse-says-it-removed-win64rovnixgena-but/

 

 

I thought I had it done an hour ago only to see it again after running TDSSKILLER and rebooting. MSE keeps finding the items upon reboot cleaning them and requesting a restart so the cycle has continued and I'm not sure what to do after several attempts.

 

I'm running MSE automatically each day and when I ran MS Safety Scanner this is the log I received:

PWS:Win32/Zbot – partially removed, manual steps required

PWS:Win32/Zbot.gen!AP – Detected, not removed

 

 

Any assistance that you can offer would be appreciated.

 

Thanks in advance!


Edited by Queen-Evie, 01 January 2014 - 07:54 PM.
moved from Anti-Virus and Anti-Malware Software to the appropriate forum for malware removal


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:40 PM

Posted 01 January 2014 - 07:23 PM

Can you post the TDSS Killer logs?

#3 Han2013

Han2013
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:40 PM

Posted 01 January 2014 - 07:56 PM

Hi there,

 

Thank you for the quick reply. Here's the log:

 

17:15:33.0786 0x1344  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:15:40.0480 0x1344  ============================================================
17:15:40.0480 0x1344  Current date / time: 2014/01/01 17:15:40.0480
17:15:40.0480 0x1344  SystemInfo:
17:15:40.0480 0x1344 
17:15:40.0480 0x1344  OS Version: 6.1.7601 ServicePack: 1.0
17:15:40.0481 0x1344  Product type: Workstation
17:15:40.0481 0x1344  ComputerName: LAMARAL-PC
17:15:40.0481 0x1344  UserName: lamaral
17:15:40.0481 0x1344  Windows directory: C:\Windows
17:15:40.0481 0x1344  System windows directory: C:\Windows
17:15:40.0481 0x1344  Running under WOW64
17:15:40.0481 0x1344  Processor architecture: Intel x64
17:15:40.0481 0x1344  Number of processors: 4
17:15:40.0481 0x1344  Page size: 0x1000
17:15:40.0481 0x1344  Boot type: Normal boot
17:15:40.0481 0x1344  ============================================================
17:15:43.0289 0x1344  KLMD registered as C:\Windows\system32\drivers\04325060.sys
17:15:44.0073 0x1344  System UUID: {B04C2B5D-FDB2-C55B-3A65-E826E86D88C2}
17:15:45.0517 0x1344  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:45.0641 0x1344  ============================================================
17:15:45.0641 0x1344  \Device\Harddisk0\DR0:
17:15:45.0672 0x1344  MBR partitions:
17:15:45.0672 0x1344  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:15:45.0673 0x1344  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37433000
17:15:45.0673 0x1344  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37497000, BlocksNum 0x2EBB000
17:15:45.0673 0x1344  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
17:15:45.0673 0x1344  ============================================================
17:15:46.0039 0x1344  C: <-> \Device\Harddisk0\DR0\Partition2
17:15:46.0126 0x1344  D: <-> \Device\Harddisk0\DR0\Partition3
17:15:46.0157 0x1344  E: <-> \Device\Harddisk0\DR0\Partition4
17:15:46.0158 0x1344  ============================================================
17:15:46.0158 0x1344  Initialize success
17:15:46.0158 0x1344  ============================================================
17:15:49.0195 0x15d0  ============================================================
17:15:49.0195 0x15d0  Scan started
17:15:49.0195 0x15d0  Mode: Manual;
17:15:49.0195 0x15d0  ============================================================
17:15:49.0195 0x15d0  KSN ping started
17:15:51.0988 0x15d0  KSN ping finished: true
17:15:55.0133 0x15d0  ================ Scan system memory ========================
17:15:55.0133 0x15d0  System memory - ok
17:15:55.0134 0x15d0  ================ Scan services =============================
17:15:55.0951 0x15d0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:15:55.0962 0x15d0  1394ohci - ok
17:15:56.0122 0x15d0  [ 733CA4DF8BE48A1009B86FA442551CA4, 73CC3F08D5B3CAC0BDF43B286E0A17C6BF81A70B0D502680CE7EDFE0BB1CFA1A ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
17:15:56.0124 0x15d0  Accelerometer - ok
17:15:56.0224 0x15d0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:15:56.0240 0x15d0  ACPI - ok
17:15:56.0372 0x15d0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:15:56.0373 0x15d0  AcpiPmi - ok
17:15:56.0858 0x15d0  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:15:56.0861 0x15d0  AdobeARMservice - ok
17:15:57.0259 0x15d0  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:57.0272 0x15d0  AdobeFlashPlayerUpdateSvc - ok
17:15:57.0615 0x15d0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:15:57.0640 0x15d0  adp94xx - ok
17:15:57.0738 0x15d0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:15:57.0755 0x15d0  adpahci - ok
17:15:57.0813 0x15d0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:15:57.0824 0x15d0  adpu320 - ok
17:15:57.0889 0x15d0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:15:57.0892 0x15d0  AeLookupSvc - ok
17:15:58.0122 0x15d0  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
17:15:58.0127 0x15d0  AESTFilters - ok
17:15:58.0438 0x15d0  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
17:15:58.0461 0x15d0  AFD - ok
17:15:58.0670 0x15d0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:15:58.0674 0x15d0  agp440 - ok
17:15:58.0865 0x15d0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:15:58.0870 0x15d0  ALG - ok
17:15:59.0437 0x15d0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:15:59.0440 0x15d0  aliide - ok
17:15:59.0952 0x15d0  [ 48619A29F9C9C3CFEB66718DD03D8057, 64F2CD082253E664698868AEE544184E096EFF091E3CB97FB99C599B41A785BF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:15:59.0964 0x15d0  AMD External Events Utility - ok
17:16:00.0103 0x15d0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:16:00.0105 0x15d0  amdide - ok
17:16:00.0277 0x15d0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:16:00.0280 0x15d0  AmdK8 - ok
17:16:01.0800 0x15d0  [ 06BF0785DE714637EBA9BB1084B28626, 34AA395DA7F68000C72861C65C4571FCCAEBFB6D95383E3CEBB3B156B2E8AB8C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:16:02.0239 0x15d0  amdkmdag - ok
17:16:02.0318 0x15d0  [ 2DEC3274589FF6889AB05ADCEEB0F642, 575505F49834318CA7C49F4AE9E5AFA339D351EA7753A8D9D27152E88AC03ADD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:16:02.0330 0x15d0  amdkmdap - ok
17:16:02.0455 0x15d0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:16:02.0460 0x15d0  AmdPPM - ok
17:16:02.0556 0x15d0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:16:02.0562 0x15d0  amdsata - ok
17:16:02.0653 0x15d0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:16:02.0665 0x15d0  amdsbs - ok
17:16:02.0779 0x15d0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:16:02.0780 0x15d0  amdxata - ok
17:16:02.0952 0x15d0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:16:02.0956 0x15d0  AppID - ok
17:16:03.0073 0x15d0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:16:03.0076 0x15d0  AppIDSvc - ok
17:16:03.0210 0x15d0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:16:03.0215 0x15d0  Appinfo - ok
17:16:03.0511 0x15d0  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:16:03.0573 0x15d0  Apple Mobile Device - ok
17:16:04.0195 0x15d0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:16:04.0199 0x15d0  arc - ok
17:16:04.0286 0x15d0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:16:04.0291 0x15d0  arcsas - ok
17:16:05.0006 0x15d0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:16:05.0300 0x15d0  aspnet_state - ok
17:16:05.0435 0x15d0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:16:05.0438 0x15d0  AsyncMac - ok
17:16:06.0138 0x15d0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:16:06.0139 0x15d0  atapi - ok
17:16:06.0414 0x15d0  [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:16:06.0420 0x15d0  AtiHdmiService - ok
17:16:06.0791 0x15d0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:16:06.0826 0x15d0  AudioEndpointBuilder - ok
17:16:06.0880 0x15d0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:16:06.0940 0x15d0  AudioSrv - ok
17:16:07.0086 0x15d0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:16:07.0092 0x15d0  AxInstSV - ok
17:16:07.0220 0x15d0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:16:07.0244 0x15d0  b06bdrv - ok
17:16:07.0341 0x15d0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:16:07.0355 0x15d0  b57nd60a - ok
17:16:07.0692 0x15d0  [ 825F81A6F7DD073509DB101F0BA6DC59, 25555D1DDB223DD10C328E4FC4A55698607004A9FA6C55DA3317AC2400897E94 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:16:07.0702 0x15d0  BBSvc - ok
17:16:08.0403 0x15d0  [ 810BE94A9E42309B3F74217AC28BC6AC, 98959361B715911553434FF5AFAC2C4C71BE2AF032B935A2B84EBC56E81ED32E ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
17:16:08.0578 0x15d0  BCM43XX - ok
17:16:08.0655 0x15d0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:16:08.0661 0x15d0  BDESVC - ok
17:16:08.0752 0x15d0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:16:08.0754 0x15d0  Beep - ok
17:16:09.0087 0x15d0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:16:09.0120 0x15d0  BFE - ok
17:16:11.0538 0x15d0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:16:11.0610 0x15d0  BITS - ok
17:16:11.0649 0x15d0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:16:11.0652 0x15d0  blbdrive - ok
17:16:11.0736 0x15d0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:16:11.0759 0x15d0  Bonjour Service - ok
17:16:11.0864 0x15d0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:16:11.0869 0x15d0  bowser - ok
17:16:11.0939 0x15d0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:16:11.0944 0x15d0  BrFiltLo - ok
17:16:12.0040 0x15d0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:16:12.0041 0x15d0  BrFiltUp - ok
17:16:12.0115 0x15d0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:16:12.0122 0x15d0  Browser - ok
17:16:12.0168 0x15d0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:16:12.0183 0x15d0  Brserid - ok
17:16:12.0277 0x15d0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:16:12.0281 0x15d0  BrSerWdm - ok
17:16:12.0315 0x15d0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:16:12.0317 0x15d0  BrUsbMdm - ok
17:16:12.0360 0x15d0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:16:12.0362 0x15d0  BrUsbSer - ok
17:16:12.0440 0x15d0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:16:12.0443 0x15d0  BthEnum - ok
17:16:12.0579 0x15d0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:16:12.0583 0x15d0  BTHMODEM - ok
17:16:12.0640 0x15d0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:16:12.0646 0x15d0  BthPan - ok
17:16:12.0754 0x15d0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:16:12.0781 0x15d0  BTHPORT - ok
17:16:12.0917 0x15d0  [ FBEBE2A6469EFB281EA143530A553F38, F651F8A3BACEDE42BFE8AEDC25C9C8DE69D3405D963D52109A021907808A3AFE ] BTHprint        C:\Windows\system32\DRIVERS\bthprint.sys
17:16:12.0947 0x15d0  BTHprint - ok
17:16:13.0185 0x15d0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:16:13.0191 0x15d0  bthserv - ok
17:16:13.0269 0x15d0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:16:13.0274 0x15d0  BTHUSB - ok
17:16:13.0438 0x15d0  [ AF838D8029AE7C27470862D63FA54D24, 96247094D2446CEE594AD765B98DE8583762A96FE83223CB18B4CDB3A4958376 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
17:16:13.0444 0x15d0  btwaudio - ok
17:16:13.0775 0x15d0  [ 5C849BD7C78791C5CEE9F4651D7FE38D, BC93A1B911FB4A44EC4DB64AF9AFC6F2013CD76BFB6FA9E4834CFDAAAF4BCD9F ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
17:16:13.0782 0x15d0  btwavdt - ok
17:16:14.0046 0x15d0  [ 10FFB5FA51D5713D872B41A59DFC2213, E0C0EA99C862E3FCE4D121BB34DEC00E74A371DF4093A44055E70E9F4CFA3DC6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:16:14.0090 0x15d0  btwdins - ok
17:16:14.0143 0x15d0  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
17:16:14.0146 0x15d0  btwl2cap - ok
17:16:14.0160 0x15d0  [ 3E1991AFA851A36DC978B0A1B0535C8B, F55F7FDDD2A71532F163E4F14B26A09DCDB7C970E806D803418D4CE0DFF09FB6 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
17:16:14.0163 0x15d0  btwrchid - ok
17:16:14.0346 0x15d0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:16:14.0351 0x15d0  cdfs - ok
17:16:14.0449 0x15d0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:16:14.0457 0x15d0  cdrom - ok
17:16:14.0566 0x15d0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:16:14.0571 0x15d0  CertPropSvc - ok
17:16:14.0770 0x15d0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:16:14.0774 0x15d0  circlass - ok
17:16:14.0822 0x15d0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:16:14.0841 0x15d0  CLFS - ok
17:16:15.0203 0x15d0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:16:15.0209 0x15d0  clr_optimization_v2.0.50727_32 - ok
17:16:15.0407 0x15d0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:16:15.0414 0x15d0  clr_optimization_v2.0.50727_64 - ok
17:16:15.0617 0x15d0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:16:16.0008 0x15d0  clr_optimization_v4.0.30319_32 - ok
17:16:16.0078 0x15d0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:16:16.0123 0x15d0  clr_optimization_v4.0.30319_64 - ok
17:16:16.0185 0x15d0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:16:16.0187 0x15d0  CmBatt - ok
17:16:16.0312 0x15d0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:16:16.0314 0x15d0  cmdide - ok
17:16:16.0428 0x15d0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:16:16.0451 0x15d0  CNG - ok
17:16:16.0494 0x15d0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:16:16.0495 0x15d0  Compbatt - ok
17:16:16.0674 0x15d0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:16:16.0677 0x15d0  CompositeBus - ok
17:16:16.0692 0x15d0  COMSysApp - ok
17:16:16.0712 0x15d0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:16:16.0714 0x15d0  crcdisk - ok
17:16:16.0807 0x15d0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:16:16.0817 0x15d0  CryptSvc - ok
17:16:16.0933 0x15d0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:16:16.0994 0x15d0  DcomLaunch - ok
17:16:17.0159 0x15d0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:16:17.0176 0x15d0  defragsvc - ok
17:16:17.0292 0x15d0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:16:17.0298 0x15d0  DfsC - ok
17:16:17.0345 0x15d0  dgxetlmy - ok
17:16:17.0506 0x15d0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:16:17.0544 0x15d0  Dhcp - ok
17:16:17.0755 0x15d0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:16:17.0757 0x15d0  discache - ok
17:16:17.0788 0x15d0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:16:17.0793 0x15d0  Disk - ok
17:16:18.0035 0x15d0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:16:18.0159 0x15d0  Dnscache - ok
17:16:18.0226 0x15d0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:16:18.0240 0x15d0  dot3svc - ok
17:16:18.0384 0x15d0  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:16:18.0392 0x15d0  Dot4 - ok
17:16:18.0430 0x15d0  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:16:18.0432 0x15d0  Dot4Print - ok
17:16:18.0508 0x15d0  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:16:18.0512 0x15d0  dot4usb - ok
17:16:18.0691 0x15d0  [ 8CBE9EB5088E36DB88013D9D5858B87F, CCE31E3B6F9786E885C3EB8AC3F34406CD20E1D510683DABAEA202C88A3EBE3F ] DpHost          C:\Program Files\DigitalPersona\Bin\DpHostW.exe
17:16:18.0744 0x15d0  DpHost - ok
17:16:18.0961 0x15d0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:16:18.0970 0x15d0  DPS - ok
17:16:19.0198 0x15d0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:16:19.0199 0x15d0  drmkaud - ok
17:16:19.0336 0x15d0  [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO           C:\Windows\system32\DRIVERS\dvmio.sys
17:16:19.0337 0x15d0  DVMIO - ok
17:16:19.0631 0x15d0  [ 291A3DEE24999EE4618ED0C7A9A8DB7A, CD287E6913B20B20E6D4FC5036462AAD6A248DDF16028B4ECC9BDEFDB3A9FF1D ] DvmMDES         C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
17:16:19.0647 0x15d0  DvmMDES - ok
17:16:19.0784 0x15d0  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:16:19.0831 0x15d0  DXGKrnl - ok
17:16:19.0921 0x15d0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:16:19.0928 0x15d0  EapHost - ok
17:16:20.0429 0x15d0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:16:20.0673 0x15d0  ebdrv - ok
17:16:20.0769 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
17:16:20.0773 0x15d0  EFS - ok
17:16:20.0965 0x15d0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:16:20.0999 0x15d0  ehRecvr - ok
17:16:21.0041 0x15d0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:16:21.0048 0x15d0  ehSched - ok
17:16:21.0111 0x15d0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:16:21.0166 0x15d0  elxstor - ok
17:16:21.0226 0x15d0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:16:21.0227 0x15d0  ErrDev - ok
17:16:21.0349 0x15d0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:16:21.0370 0x15d0  EventSystem - ok
17:16:21.0503 0x15d0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:16:21.0513 0x15d0  exfat - ok
17:16:21.0550 0x15d0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:16:21.0567 0x15d0  fastfat - ok
17:16:21.0729 0x15d0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:16:21.0765 0x15d0  Fax - ok
17:16:21.0806 0x15d0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:16:21.0809 0x15d0  fdc - ok
17:16:21.0838 0x15d0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:16:21.0841 0x15d0  fdPHost - ok
17:16:21.0954 0x15d0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:16:21.0978 0x15d0  FDResPub - ok
17:16:22.0038 0x15d0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:16:22.0042 0x15d0  FileInfo - ok
17:16:22.0103 0x15d0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:16:22.0105 0x15d0  Filetrace - ok
17:16:22.0275 0x15d0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:16:22.0277 0x15d0  flpydisk - ok
17:16:22.0361 0x15d0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:16:22.0375 0x15d0  FltMgr - ok
17:16:22.0568 0x15d0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:16:22.0622 0x15d0  FontCache - ok
17:16:22.0774 0x15d0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:16:22.0777 0x15d0  FontCache3.0.0.0 - ok
17:16:22.0811 0x15d0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:16:22.0814 0x15d0  FsDepends - ok
17:16:22.0949 0x15d0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:16:22.0951 0x15d0  Fs_Rec - ok
17:16:23.0070 0x15d0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:16:23.0081 0x15d0  fvevol - ok
17:16:23.0097 0x15d0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:16:23.0101 0x15d0  gagp30kx - ok
17:16:23.0145 0x15d0  [ E53EE18A21C025DEABCFE0F72FC481BB, 4725BEA1AACDCEA8E2EF45DB6385BBD0261DD89D5582647355D8762DB1447743 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:16:23.0157 0x15d0  GameConsoleService - ok
17:16:23.0214 0x15d0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:16:23.0216 0x15d0  GEARAspiWDM - ok
17:16:23.0496 0x15d0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:16:23.0534 0x15d0  gpsvc - ok
17:16:23.0833 0x15d0  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:16:23.0841 0x15d0  gupdate - ok
17:16:23.0998 0x15d0  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:16:24.0005 0x15d0  gupdatem - ok
17:16:24.0157 0x15d0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:16:24.0167 0x15d0  gusvc - ok
17:16:24.0269 0x15d0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:16:24.0273 0x15d0  hcw85cir - ok
17:16:24.0365 0x15d0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:16:24.0428 0x15d0  HdAudAddService - ok
17:16:24.0447 0x15d0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:16:24.0453 0x15d0  HDAudBus - ok
17:16:24.0504 0x15d0  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
17:16:24.0509 0x15d0  HECIx64 - ok
17:16:24.0558 0x15d0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:16:24.0561 0x15d0  HidBatt - ok
17:16:24.0617 0x15d0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:16:24.0625 0x15d0  HidBth - ok
17:16:24.0639 0x15d0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:16:24.0643 0x15d0  HidIr - ok
17:16:24.0667 0x15d0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:16:24.0672 0x15d0  hidserv - ok
17:16:24.0741 0x15d0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:16:24.0743 0x15d0  HidUsb - ok
17:16:24.0806 0x15d0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:16:24.0813 0x15d0  hkmsvc - ok
17:16:24.0898 0x15d0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:16:24.0913 0x15d0  HomeGroupListener - ok
17:16:25.0032 0x15d0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:16:25.0045 0x15d0  HomeGroupProvider - ok
17:16:25.0376 0x15d0  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:16:25.0380 0x15d0  HP Support Assistant Service - ok
17:16:25.0879 0x15d0  [ A2DE0A67C77EBC6DFAD3D55232790ADD, 12374AD692CE8FA2462DA590D31BF847B61EBC3EFBC0690C1A746AFFA6C13C3A ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
17:16:25.0885 0x15d0  HP Wireless Assistant Service - ok
17:16:25.0915 0x15d0  [ BDFE112FA2F3422842E83DA631065B37, BEF155A9D957A7932FC2A7689583AC6AAA7EF713B82D934D93EBF2975F22964C ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
17:16:25.0918 0x15d0  hpdskflt - ok
17:16:26.0273 0x15d0  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:16:26.0285 0x15d0  hpqcxs08 - ok
17:16:26.0397 0x15d0  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:16:26.0405 0x15d0  hpqddsvc - ok
17:16:26.0654 0x15d0  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:16:26.0702 0x15d0  hpqwmiex - ok
17:16:26.0771 0x15d0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:16:26.0775 0x15d0  HpSAMD - ok
17:16:27.0866 0x15d0  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Users\lamaral\AppData\Local\Temp\7zS689F\hpslpsvc64.dll
17:16:27.0920 0x15d0  HPSLPSVC - ok
17:16:28.0172 0x15d0  [ A92D6DE158BC0671D9336580F6414044, 9FD30FF4D70D277532BA5BF65CB8747265E26FE7DD91F06002EAAFA0F62F6D31 ] hpsrv           C:\Windows\system32\Hpservice.exe
17:16:28.0175 0x15d0  hpsrv - ok
17:16:28.0484 0x15d0  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:16:28.0486 0x15d0  HPWMISVC - ok
17:16:28.0633 0x15d0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:16:28.0672 0x15d0  HTTP - ok
17:16:28.0743 0x15d0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:16:28.0744 0x15d0  hwpolicy - ok
17:16:28.0825 0x15d0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:16:28.0832 0x15d0  i8042prt - ok
17:16:28.0959 0x15d0  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:16:28.0984 0x15d0  iaStor - ok
17:16:29.0080 0x15d0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:16:29.0101 0x15d0  iaStorV - ok
17:16:29.0234 0x15d0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:16:29.0241 0x15d0  IDriverT - ok
17:16:29.0447 0x15d0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:16:29.0492 0x15d0  idsvc - ok
17:16:29.0862 0x15d0  IEEtwCollectorService - ok
17:16:30.0628 0x15d0  [ 6CBFC48E5C663EA8493AE3E75A6BF511, 9BA5977A7272AEAB4B68FEAC1F5DC638F45A3EBE5CFC660DC0ACBEB06132BAD1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:16:31.0168 0x15d0  igfx - ok
17:16:31.0222 0x15d0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:16:31.0226 0x15d0  iirsp - ok
17:16:31.0359 0x15d0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:16:31.0405 0x15d0  IKEEXT - ok
17:16:31.0612 0x15d0  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
17:16:31.0621 0x15d0  Impcd - ok
17:16:31.0679 0x15d0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:16:31.0681 0x15d0  intelide - ok
17:16:32.0494 0x15d0  [ 6CBFC48E5C663EA8493AE3E75A6BF511, 9BA5977A7272AEAB4B68FEAC1F5DC638F45A3EBE5CFC660DC0ACBEB06132BAD1 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
17:16:33.0014 0x15d0  intelkmd - ok
17:16:33.0382 0x15d0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:16:33.0385 0x15d0  intelppm - ok
17:16:33.0462 0x15d0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:16:33.0469 0x15d0  IPBusEnum - ok
17:16:33.0543 0x15d0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:16:33.0549 0x15d0  IpFilterDriver - ok
17:16:33.0643 0x15d0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:16:33.0674 0x15d0  iphlpsvc - ok
17:16:33.0750 0x15d0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:16:33.0755 0x15d0  IPMIDRV - ok
17:16:33.0839 0x15d0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:16:33.0846 0x15d0  IPNAT - ok
17:16:34.0188 0x15d0  [ 78486992AC657AE5065C4A2135838570, E958E2977843A15A73F06A2D2F24130C7F62305A9AA0488F419E2D729BA6939A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:16:34.0219 0x15d0  iPod Service - ok
17:16:34.0305 0x15d0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:16:34.0307 0x15d0  IRENUM - ok
17:16:34.0400 0x15d0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:16:34.0402 0x15d0  isapnp - ok
17:16:34.0471 0x15d0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:16:34.0601 0x15d0  iScsiPrt - ok
17:16:34.0752 0x15d0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:16:34.0755 0x15d0  kbdclass - ok
17:16:34.0844 0x15d0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:16:34.0846 0x15d0  kbdhid - ok
17:16:34.0921 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
17:16:34.0924 0x15d0  KeyIso - ok
17:16:35.0109 0x15d0  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:16:35.0114 0x15d0  KSecDD - ok
17:16:35.0143 0x15d0  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:16:35.0152 0x15d0  KSecPkg - ok
17:16:35.0175 0x15d0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:16:35.0177 0x15d0  ksthunk - ok
17:16:35.0217 0x15d0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:16:35.0241 0x15d0  KtmRm - ok
17:16:35.0341 0x15d0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:16:35.0358 0x15d0  LanmanServer - ok
17:16:35.0427 0x15d0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:16:35.0437 0x15d0  LanmanWorkstation - ok
17:16:35.0780 0x15d0  [ 3503F257B3203F824B1567238EBE17E2, A6F7B0D3C213DC17B266199FAC7F242529A1C030244A819BDBDB892BF2969FD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:16:35.0786 0x15d0  LightScribeService - ok
17:16:35.0868 0x15d0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:16:35.0871 0x15d0  lltdio - ok
17:16:35.0933 0x15d0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:16:35.0949 0x15d0  lltdsvc - ok
17:16:36.0013 0x15d0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:16:36.0017 0x15d0  lmhosts - ok
17:16:36.0168 0x15d0  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:16:36.0182 0x15d0  LMS - ok
17:16:36.0241 0x15d0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:16:36.0247 0x15d0  LSI_FC - ok
17:16:36.0310 0x15d0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:16:36.0316 0x15d0  LSI_SAS - ok
17:16:36.0350 0x15d0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:16:36.0354 0x15d0  LSI_SAS2 - ok
17:16:36.0425 0x15d0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:16:36.0431 0x15d0  LSI_SCSI - ok
17:16:36.0490 0x15d0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:16:36.0496 0x15d0  luafv - ok
17:16:36.0592 0x15d0  [ 90AA9E273410AD7A41D2D06E0FB46022, DE8D57149D503F9D5B3B6D4133482C9A19F8BB1FF0FCCADBB0F5B4E64121F92C ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
17:16:36.0597 0x15d0  mbamchameleon - ok
17:16:36.0688 0x15d0  [ 0C6125E43F42C4DA6E74D9AF2B75E40C, 61250E8CF42B0AF7CED7275A71D0FDE1CD1C825F83AE94CAB7BC9852F036EB90 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:16:36.0696 0x15d0  MBAMSwissArmy - ok
17:16:36.0774 0x15d0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:16:36.0781 0x15d0  Mcx2Svc - ok
17:16:36.0823 0x15d0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:16:36.0827 0x15d0  megasas - ok
17:16:36.0933 0x15d0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:16:36.0949 0x15d0  MegaSR - ok
17:16:37.0096 0x15d0  Microsoft SharePoint Workspace Audit Service - ok
17:16:37.0145 0x15d0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:16:37.0151 0x15d0  MMCSS - ok
17:16:37.0179 0x15d0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:16:37.0182 0x15d0  Modem - ok
17:16:37.0201 0x15d0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:16:37.0204 0x15d0  monitor - ok
17:16:37.0274 0x15d0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:16:37.0277 0x15d0  mouclass - ok
17:16:37.0309 0x15d0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:16:37.0312 0x15d0  mouhid - ok
17:16:37.0723 0x15d0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:16:37.0728 0x15d0  mountmgr - ok
17:16:37.0847 0x15d0  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:16:37.0861 0x15d0  MpFilter - ok
17:16:37.0935 0x15d0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:16:37.0943 0x15d0  mpio - ok
17:16:38.0032 0x15d0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:16:38.0036 0x15d0  mpsdrv - ok
17:16:38.0160 0x15d0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:16:38.0206 0x15d0  MpsSvc - ok
17:16:38.0339 0x15d0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:16:38.0347 0x15d0  MRxDAV - ok
17:16:38.0432 0x15d0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:16:38.0442 0x15d0  mrxsmb - ok
17:16:38.0515 0x15d0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:16:38.0530 0x15d0  mrxsmb10 - ok
17:16:38.0558 0x15d0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:16:38.0568 0x15d0  mrxsmb20 - ok
17:16:38.0631 0x15d0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:16:38.0633 0x15d0  msahci - ok
17:16:38.0719 0x15d0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:16:38.0725 0x15d0  msdsm - ok
17:16:38.0756 0x15d0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:16:38.0765 0x15d0  MSDTC - ok
17:16:38.0826 0x15d0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:16:38.0828 0x15d0  Msfs - ok
17:16:38.0894 0x15d0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:16:38.0896 0x15d0  mshidkmdf - ok
17:16:38.0965 0x15d0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:16:38.0967 0x15d0  msisadrv - ok
17:16:39.0046 0x15d0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:16:39.0056 0x15d0  MSiSCSI - ok
17:16:39.0062 0x15d0  msiserver - ok
17:16:39.0156 0x15d0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:16:39.0159 0x15d0  MSKSSRV - ok
17:16:39.0345 0x15d0  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:16:39.0347 0x15d0  MsMpSvc - ok
17:16:39.0405 0x15d0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:16:39.0407 0x15d0  MSPCLOCK - ok
17:16:39.0464 0x15d0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:16:39.0467 0x15d0  MSPQM - ok
17:16:39.0546 0x15d0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:16:39.0564 0x15d0  MsRPC - ok
17:16:39.0675 0x15d0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:16:39.0678 0x15d0  mssmbios - ok
17:16:39.0742 0x15d0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:16:39.0744 0x15d0  MSTEE - ok
17:16:39.0794 0x15d0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:16:39.0796 0x15d0  MTConfig - ok
17:16:39.0833 0x15d0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:16:39.0837 0x15d0  Mup - ok
17:16:39.0909 0x15d0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:16:39.0935 0x15d0  napagent - ok
17:16:40.0138 0x15d0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:16:40.0153 0x15d0  NativeWifiP - ok
17:16:40.0669 0x15d0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:16:40.0739 0x15d0  NDIS - ok
17:16:40.0765 0x15d0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:16:40.0768 0x15d0  NdisCap - ok
17:16:40.0857 0x15d0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:16:40.0859 0x15d0  NdisTapi - ok
17:16:41.0001 0x15d0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:16:41.0004 0x15d0  Ndisuio - ok
17:16:41.0079 0x15d0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:16:41.0087 0x15d0  NdisWan - ok
17:16:41.0147 0x15d0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:16:41.0151 0x15d0  NDProxy - ok
17:16:41.0373 0x15d0  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:16:41.0378 0x15d0  Net Driver HPZ12 - ok
17:16:41.0520 0x15d0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:16:41.0524 0x15d0  NetBIOS - ok
17:16:41.0608 0x15d0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:16:41.0622 0x15d0  NetBT - ok
17:16:41.0689 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
17:16:41.0692 0x15d0  Netlogon - ok
17:16:41.0772 0x15d0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:16:41.0791 0x15d0  Netman - ok
17:16:42.0001 0x15d0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:42.0028 0x15d0  NetMsmqActivator - ok
17:16:42.0046 0x15d0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:42.0052 0x15d0  NetPipeActivator - ok
17:16:42.0188 0x15d0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:16:42.0213 0x15d0  netprofm - ok
17:16:42.0228 0x15d0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:42.0235 0x15d0  NetTcpActivator - ok
17:16:42.0249 0x15d0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:42.0256 0x15d0  NetTcpPortSharing - ok
17:16:42.0951 0x15d0  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
17:16:43.0332 0x15d0  netw5v64 - ok
17:16:43.0389 0x15d0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:16:43.0392 0x15d0  nfrd960 - ok
17:16:43.0508 0x15d0  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:16:43.0516 0x15d0  NisDrv - ok
17:16:43.0633 0x15d0  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:16:43.0652 0x15d0  NisSrv - ok
17:16:43.0863 0x15d0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:16:43.0882 0x15d0  NlaSvc - ok
17:16:43.0978 0x15d0  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
17:16:43.0980 0x15d0  nmwcd - ok
17:16:44.0174 0x15d0  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
17:16:44.0177 0x15d0  nmwcdc - ok
17:16:44.0454 0x15d0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:16:44.0457 0x15d0  Npfs - ok
17:16:44.0572 0x15d0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:16:44.0577 0x15d0  nsi - ok
17:16:44.0650 0x15d0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:16:44.0652 0x15d0  nsiproxy - ok
17:16:44.0894 0x15d0  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:16:44.0991 0x15d0  Ntfs - ok
17:16:45.0045 0x15d0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:16:45.0047 0x15d0  Null - ok
17:16:45.0122 0x15d0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:16:45.0130 0x15d0  nvraid - ok
17:16:45.0180 0x15d0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:16:45.0189 0x15d0  nvstor - ok
17:16:45.0295 0x15d0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:16:45.0303 0x15d0  nv_agp - ok
17:16:45.0334 0x15d0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:16:45.0339 0x15d0  ohci1394 - ok
17:16:45.0399 0x15d0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:16:45.0407 0x15d0  ose - ok
17:16:46.0423 0x15d0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:16:46.0740 0x15d0  osppsvc - ok
17:16:47.0071 0x15d0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:16:47.0090 0x15d0  p2pimsvc - ok
17:16:47.0185 0x15d0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:16:47.0209 0x15d0  p2psvc - ok
17:16:47.0316 0x15d0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:16:47.0322 0x15d0  Parport - ok
17:16:47.0379 0x15d0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:16:47.0383 0x15d0  partmgr - ok
17:16:47.0406 0x15d0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:16:47.0420 0x15d0  PcaSvc - ok
17:16:47.0487 0x15d0  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:16:47.0491 0x15d0  pccsmcfd - ok
17:16:47.0578 0x15d0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:16:47.0588 0x15d0  pci - ok
17:16:47.0741 0x15d0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:16:47.0742 0x15d0  pciide - ok
17:16:47.0853 0x15d0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:16:47.0865 0x15d0  pcmcia - ok
17:16:47.0916 0x15d0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:16:47.0919 0x15d0  pcw - ok
17:16:48.0106 0x15d0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:16:48.0141 0x15d0  PEAUTH - ok
17:16:48.0261 0x15d0  [ EDFFBC067C9321D2076B3D6F33E0D4C6, BB1ED48E5D0C06A774CFC7D891E46E419D83BDDFD6DEEEE8C19CC0AB0F51BACB ] PenCommService  C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe
17:16:48.0285 0x15d0  PenCommService - ok
17:16:48.0350 0x15d0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:16:48.0353 0x15d0  PerfHost - ok
17:16:48.0645 0x15d0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:16:48.0730 0x15d0  pla - ok
17:16:48.0970 0x15d0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:16:48.0993 0x15d0  PlugPlay - ok
17:16:49.0021 0x15d0  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:16:49.0028 0x15d0  Pml Driver HPZ12 - ok
17:16:49.0039 0x15d0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:16:49.0044 0x15d0  PNRPAutoReg - ok
17:16:49.0080 0x15d0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:16:49.0105 0x15d0  PNRPsvc - ok
17:16:49.0190 0x15d0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:16:49.0219 0x15d0  PolicyAgent - ok
17:16:49.0249 0x15d0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:16:49.0261 0x15d0  Power - ok
17:16:49.0340 0x15d0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:16:49.0347 0x15d0  PptpMiniport - ok
17:16:49.0389 0x15d0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:16:49.0394 0x15d0  Processor - ok
17:16:49.0459 0x15d0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:16:49.0472 0x15d0  ProfSvc - ok
17:16:49.0491 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:16:49.0495 0x15d0  ProtectedStorage - ok
17:16:49.0572 0x15d0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:16:49.0579 0x15d0  Psched - ok
17:16:49.0692 0x15d0  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
17:16:49.0693 0x15d0  PSI - ok
17:16:49.0748 0x15d0  [ EDC3CC1D029601C8DA3FF8BCFB08881F, 0CB471D5338329BC70ECADCB7067F90BC04DCAA770CCF06523836EC6717E5D11 ] PulseUsb        C:\Windows\system32\DRIVERS\PulseUsb.sys
17:16:49.0751 0x15d0  PulseUsb - ok
17:16:49.0891 0x15d0  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:16:49.0895 0x15d0  PxHlpa64 - ok
17:16:50.0028 0x15d0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:16:50.0129 0x15d0  ql2300 - ok
17:16:50.0264 0x15d0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:16:50.0271 0x15d0  ql40xx - ok
17:16:50.0342 0x15d0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:16:50.0357 0x15d0  QWAVE - ok
17:16:50.0520 0x15d0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:16:50.0523 0x15d0  QWAVEdrv - ok
17:16:50.0557 0x15d0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:16:50.0559 0x15d0  RasAcd - ok
17:16:50.0616 0x15d0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:16:50.0619 0x15d0  RasAgileVpn - ok
17:16:50.0645 0x15d0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:16:50.0654 0x15d0  RasAuto - ok
17:16:50.0705 0x15d0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:16:50.0712 0x15d0  Rasl2tp - ok
17:16:50.0796 0x15d0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:16:50.0817 0x15d0  RasMan - ok
17:16:50.0993 0x15d0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:16:50.0998 0x15d0  RasPppoe - ok
17:16:51.0053 0x15d0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:16:51.0059 0x15d0  RasSstp - ok
17:16:51.0261 0x15d0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:16:51.0278 0x15d0  rdbss - ok
17:16:51.0294 0x15d0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:16:51.0297 0x15d0  rdpbus - ok
17:16:51.0325 0x15d0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:16:51.0326 0x15d0  RDPCDD - ok
17:16:51.0339 0x15d0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:16:51.0340 0x15d0  RDPENCDD - ok
17:16:51.0356 0x15d0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:16:51.0357 0x15d0  RDPREFMP - ok
17:16:51.0433 0x15d0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:16:51.0480 0x15d0  RDPWD - ok
17:16:51.0644 0x15d0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:16:51.0656 0x15d0  rdyboost - ok
17:16:51.0740 0x15d0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:16:51.0747 0x15d0  RemoteAccess - ok
17:16:51.0812 0x15d0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:16:51.0823 0x15d0  RemoteRegistry - ok
17:16:51.0931 0x15d0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:16:51.0940 0x15d0  RFCOMM - ok
17:16:51.0978 0x15d0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:16:51.0985 0x15d0  RpcEptMapper - ok
17:16:52.0030 0x15d0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:16:52.0033 0x15d0  RpcLocator - ok
17:16:52.0147 0x15d0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:16:52.0174 0x15d0  RpcSs - ok
17:16:52.0428 0x15d0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:16:52.0434 0x15d0  rspndr - ok
17:16:52.0578 0x15d0  [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:16:52.0591 0x15d0  RSUSBSTOR - ok
17:16:52.0638 0x15d0  [ 20A466B9EA2BD828C0EC723F99B8CFE7, E05AD3C273EC1D3EB2257E565775AB2FE5C797777FCF90FDB714979F8D78C514 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:16:52.0654 0x15d0  RTL8167 - ok
17:16:52.0699 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
17:16:52.0703 0x15d0  SamSs - ok
17:16:52.0767 0x15d0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:16:52.0773 0x15d0  sbp2port - ok
17:16:52.0899 0x15d0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:16:52.0928 0x15d0  SCardSvr - ok
17:16:53.0066 0x15d0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:16:53.0069 0x15d0  scfilter - ok
17:16:53.0230 0x15d0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:16:53.0324 0x15d0  Schedule - ok
17:16:53.0439 0x15d0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:16:53.0444 0x15d0  SCPolicySvc - ok
17:16:53.0691 0x15d0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
17:16:53.0698 0x15d0  sdbus - ok
17:16:53.0761 0x15d0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:16:53.0780 0x15d0  SDRSVC - ok
17:16:54.0058 0x15d0  [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:16:54.0071 0x15d0  SeaPort - ok
17:16:54.0112 0x15d0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:16:54.0114 0x15d0  secdrv - ok
17:16:54.0167 0x15d0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:16:54.0173 0x15d0  seclogon - ok
17:16:54.0549 0x15d0  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:16:54.0609 0x15d0  Secunia PSI Agent - ok
17:16:54.0909 0x15d0  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:16:54.0947 0x15d0  Secunia Update Agent - ok
17:16:54.0971 0x15d0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:16:54.0977 0x15d0  SENS - ok
17:16:55.0001 0x15d0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:16:55.0006 0x15d0  SensrSvc - ok
17:16:55.0050 0x15d0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:16:55.0052 0x15d0  Serenum - ok
17:16:55.0063 0x15d0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:16:55.0068 0x15d0  Serial - ok
17:16:55.0128 0x15d0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:16:55.0130 0x15d0  sermouse - ok
17:16:55.0296 0x15d0  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:16:55.0332 0x15d0  ServiceLayer - ok
17:16:55.0398 0x15d0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:16:55.0407 0x15d0  SessionEnv - ok
17:16:55.0465 0x15d0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:16:55.0467 0x15d0  sffdisk - ok
17:16:55.0510 0x15d0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:16:55.0512 0x15d0  sffp_mmc - ok
17:16:55.0556 0x15d0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:16:55.0559 0x15d0  sffp_sd - ok
17:16:55.0602 0x15d0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:16:55.0605 0x15d0  sfloppy - ok
17:16:55.0748 0x15d0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:16:55.0766 0x15d0  SharedAccess - ok
17:16:55.0859 0x15d0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:16:55.0881 0x15d0  ShellHWDetection - ok
17:16:55.0914 0x15d0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:16:55.0918 0x15d0  SiSRaid2 - ok
17:16:56.0008 0x15d0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:16:56.0013 0x15d0  SiSRaid4 - ok
17:16:56.0264 0x15d0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:16:56.0270 0x15d0  Smb - ok
17:16:56.0379 0x15d0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:16:56.0382 0x15d0  SNMPTRAP - ok
17:16:56.0396 0x15d0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:16:56.0398 0x15d0  spldr - ok
17:16:56.0511 0x15d0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:16:56.0542 0x15d0  Spooler - ok
17:16:56.0803 0x15d0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:16:57.0340 0x15d0  sppsvc - ok
17:16:57.0659 0x15d0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:16:57.0667 0x15d0  sppuinotify - ok
17:16:57.0771 0x15d0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:16:57.0796 0x15d0  srv - ok
17:16:57.0861 0x15d0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:16:57.0882 0x15d0  srv2 - ok
17:16:58.0119 0x15d0  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:16:58.0133 0x15d0  SrvHsfHDA - ok
17:16:58.0230 0x15d0  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:16:58.0330 0x15d0  SrvHsfV92 - ok
17:16:58.0392 0x15d0  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:16:58.0429 0x15d0  SrvHsfWinac - ok
17:16:58.0458 0x15d0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:16:58.0466 0x15d0  srvnet - ok
17:16:58.0496 0x15d0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:16:58.0508 0x15d0  SSDPSRV - ok
17:16:58.0522 0x15d0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:16:58.0529 0x15d0  SstpSvc - ok
17:16:58.0597 0x15d0  [ B00068BA94F5F306911B14B425AAEB56, E340DFD70776D70C12FC93CBE5E9D594A8C7C80A8E5FD06541558E27260B6D8F ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:16:58.0611 0x15d0  STacSV - ok
17:16:58.0642 0x15d0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:16:58.0645 0x15d0  stexstor - ok
17:16:58.0698 0x15d0  [ DA40D9C9CCB9836D6ABD1706935A2277, 743BC896974BA79EDE353F0AF2272591EAAAAFB27D6F498F58AFC7A0BADD9AEA ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
17:16:58.0723 0x15d0  STHDA - ok
17:16:58.0791 0x15d0  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:16:58.0793 0x15d0  StillCam - ok
17:16:58.0883 0x15d0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:16:58.0914 0x15d0  stisvc - ok
17:16:58.0968 0x15d0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:16:58.0969 0x15d0  swenum - ok
17:16:59.0092 0x15d0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:16:59.0118 0x15d0  SwitchBoard - ok
17:16:59.0236 0x15d0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:16:59.0265 0x15d0  swprv - ok
17:16:59.0421 0x15d0  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:16:59.0439 0x15d0  SynTP - ok
17:16:59.0584 0x15d0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:16:59.0670 0x15d0  SysMain - ok
17:16:59.0754 0x15d0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:16:59.0761 0x15d0  TabletInputService - ok
17:16:59.0795 0x15d0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:16:59.0814 0x15d0  TapiSrv - ok
17:16:59.0854 0x15d0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:16:59.0859 0x15d0  TBS - ok
17:17:00.0054 0x15d0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:17:00.0178 0x15d0  Tcpip - ok
17:17:00.0439 0x15d0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:17:00.0549 0x15d0  TCPIP6 - ok
17:17:00.0615 0x15d0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:17:00.0618 0x15d0  tcpipreg - ok
17:17:00.0650 0x15d0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:17:00.0676 0x15d0  TDPIPE - ok
17:17:00.0723 0x15d0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:17:00.0726 0x15d0  TDTCP - ok
17:17:00.0925 0x15d0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:17:00.0932 0x15d0  tdx - ok
17:17:01.0004 0x15d0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:17:01.0007 0x15d0  TermDD - ok
17:17:01.0060 0x15d0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
17:17:01.0095 0x15d0  TermService - ok
17:17:01.0220 0x15d0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:17:01.0226 0x15d0  Themes - ok
17:17:01.0282 0x15d0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:17:01.0287 0x15d0  THREADORDER - ok
17:17:01.0325 0x15d0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:17:01.0334 0x15d0  TrkWks - ok
17:17:01.0448 0x15d0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:17:01.0519 0x15d0  TrustedInstaller - ok
17:17:01.0584 0x15d0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:01.0587 0x15d0  tssecsrv - ok
17:17:01.0654 0x15d0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:17:01.0658 0x15d0  TsUsbFlt - ok
17:17:01.0799 0x15d0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:17:01.0806 0x15d0  tunnel - ok
17:17:01.0881 0x15d0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:17:01.0885 0x15d0  uagp35 - ok
17:17:01.0965 0x15d0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:17:01.0984 0x15d0  udfs - ok
17:17:02.0028 0x15d0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:17:02.0033 0x15d0  UI0Detect - ok
17:17:02.0254 0x15d0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:17:02.0258 0x15d0  uliagpkx - ok
17:17:02.0432 0x15d0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:17:02.0435 0x15d0  umbus - ok
17:17:02.0465 0x15d0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:17:02.0467 0x15d0  UmPass - ok
17:17:02.0715 0x15d0  [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:17:02.0856 0x15d0  UNS - ok
17:17:02.0915 0x15d0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:17:02.0983 0x15d0  upnphost - ok
17:17:03.0072 0x15d0  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:17:03.0074 0x15d0  upperdev - ok
17:17:03.0327 0x15d0  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:17:03.0331 0x15d0  USBAAPL64 - ok
17:17:03.0490 0x15d0  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:17:03.0496 0x15d0  usbccgp - ok
17:17:03.0613 0x15d0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:17:03.0619 0x15d0  usbcir - ok
17:17:03.0644 0x15d0  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:17:03.0649 0x15d0  usbehci - ok
17:17:03.0693 0x15d0  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:17:03.0732 0x15d0  usbhub - ok
17:17:03.0771 0x15d0  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:17:03.0774 0x15d0  usbohci - ok
17:17:03.0865 0x15d0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:17:03.0869 0x15d0  usbprint - ok
17:17:03.0995 0x15d0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:17:03.0999 0x15d0  usbscan - ok
17:17:04.0110 0x15d0  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
17:17:04.0113 0x15d0  usbser - ok
17:17:04.0938 0x15d0  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:17:04.0939 0x15d0  UsbserFilt - ok
17:17:05.0122 0x15d0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:05.0128 0x15d0  USBSTOR - ok
17:17:05.0183 0x15d0  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:17:05.0235 0x15d0  usbuhci - ok
17:17:05.0286 0x15d0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:17:05.0295 0x15d0  usbvideo - ok
17:17:05.0432 0x15d0  [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] UtilityChest_49Service C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
17:17:05.0435 0x15d0  UtilityChest_49Service - ok
17:17:05.0468 0x15d0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:17:05.0474 0x15d0  UxSms - ok
17:17:05.0493 0x15d0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
17:17:05.0498 0x15d0  VaultSvc - ok
17:17:05.0708 0x15d0  [ 8159F83408230045F731C6C7799A7D44, 0800E3E467FF1F9337BBEB6B4ECB1567EFBE31FE0C2A08E1849F26A7A063724D ] vcsFPService    C:\Windows\system32\vcsFPService.exe
17:17:05.0929 0x15d0  vcsFPService - ok
17:17:06.0005 0x15d0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:17:06.0008 0x15d0  vdrvroot - ok
17:17:06.0247 0x15d0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:17:06.0280 0x15d0  vds - ok
17:17:06.0504 0x15d0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:06.0507 0x15d0  vga - ok
17:17:06.0563 0x15d0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:17:06.0566 0x15d0  VgaSave - ok
17:17:06.0646 0x15d0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:17:06.0887 0x15d0  vhdmp - ok
17:17:06.0951 0x15d0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:17:06.0953 0x15d0  viaide - ok
17:17:07.0015 0x15d0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:17:07.0020 0x15d0  volmgr - ok
17:17:07.0135 0x15d0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:17:07.0155 0x15d0  volmgrx - ok
17:17:07.0250 0x15d0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:17:07.0266 0x15d0  volsnap - ok
17:17:07.0410 0x15d0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:17:07.0420 0x15d0  vsmraid - ok
17:17:07.0724 0x15d0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:17:07.0813 0x15d0  VSS - ok
17:17:07.0859 0x15d0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:17:07.0861 0x15d0  vwifibus - ok
17:17:07.0962 0x15d0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:17:07.0965 0x15d0  vwififlt - ok
17:17:08.0047 0x15d0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:17:08.0049 0x15d0  vwifimp - ok
17:17:08.0160 0x15d0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:17:08.0182 0x15d0  W32Time - ok
17:17:08.0231 0x15d0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:17:08.0234 0x15d0  WacomPen - ok
17:17:08.0310 0x15d0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:17:08.0315 0x15d0  WANARP - ok
17:17:08.0327 0x15d0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:17:08.0333 0x15d0  Wanarpv6 - ok
17:17:08.0473 0x15d0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:17:08.0540 0x15d0  WatAdminSvc - ok
17:17:08.0727 0x15d0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:17:08.0814 0x15d0  wbengine - ok
17:17:08.0876 0x15d0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:17:08.0890 0x15d0  WbioSrvc - ok
17:17:09.0061 0x15d0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:17:09.0083 0x15d0  wcncsvc - ok
17:17:09.0232 0x15d0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:17:09.0238 0x15d0  WcsPlugInService - ok
17:17:09.0281 0x15d0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:17:09.0283 0x15d0  Wd - ok
17:17:09.0328 0x15d0  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
17:17:09.0330 0x15d0  WDC_SAM - ok
17:17:09.0421 0x15d0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:17:09.0463 0x15d0  Wdf01000 - ok
17:17:09.0531 0x15d0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:17:09.0538 0x15d0  WdiServiceHost - ok
17:17:09.0548 0x15d0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:17:09.0555 0x15d0  WdiSystemHost - ok
17:17:09.0646 0x15d0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:17:09.0661 0x15d0  WebClient - ok
17:17:09.0706 0x15d0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:17:09.0722 0x15d0  Wecsvc - ok
17:17:09.0896 0x15d0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:17:09.0904 0x15d0  wercplsupport - ok
17:17:09.0958 0x15d0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:17:09.0965 0x15d0  WerSvc - ok
17:17:09.0997 0x15d0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:17:09.0999 0x15d0  WfpLwf - ok
17:17:10.0023 0x15d0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:17:10.0025 0x15d0  WIMMount - ok
17:17:10.0261 0x15d0  WinDefend - ok
17:17:10.0272 0x15d0  WinHttpAutoProxySvc - ok
17:17:10.0348 0x15d0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:17:10.0362 0x15d0  Winmgmt - ok
17:17:10.0556 0x15d0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:17:10.0664 0x15d0  WinRM - ok
17:17:10.0976 0x15d0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
17:17:10.0979 0x15d0  WinUSB - ok
17:17:11.0073 0x15d0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:17:11.0121 0x15d0  Wlansvc - ok
17:17:11.0148 0x15d0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:17:11.0150 0x15d0  WmiAcpi - ok
17:17:11.0184 0x15d0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:17:11.0197 0x15d0  wmiApSrv - ok
17:17:11.0222 0x15d0  WMPNetworkSvc - ok
17:17:11.0501 0x15d0  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
17:17:11.0517 0x15d0  WMZuneComm - ok
17:17:11.0696 0x15d0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:17:11.0701 0x15d0  WPCSvc - ok
17:17:11.0837 0x15d0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:17:11.0846 0x15d0  WPDBusEnum - ok
17:17:11.0925 0x15d0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:17:11.0927 0x15d0  ws2ifsl - ok
17:17:11.0972 0x15d0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:17:11.0981 0x15d0  wscsvc - ok
17:17:12.0097 0x15d0  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:17:12.0100 0x15d0  WSDPrintDevice - ok
17:17:12.0105 0x15d0  WSearch - ok
17:17:12.0606 0x15d0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:17:12.0738 0x15d0  wuauserv - ok
17:17:12.0833 0x15d0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:17:12.0838 0x15d0  WudfPf - ok
17:17:13.0113 0x15d0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:13.0125 0x15d0  WUDFRd - ok
17:17:13.0310 0x15d0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:17:13.0318 0x15d0  wudfsvc - ok
17:17:13.0436 0x15d0  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:17:13.0478 0x15d0  WwanSvc - ok
17:17:13.0568 0x15d0  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:17:13.0590 0x15d0  yukonw7 - ok
17:17:14.0594 0x15d0  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
17:17:15.0319 0x15d0  ZuneNetworkSvc - ok
17:17:15.0699 0x15d0  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:17:15.0725 0x15d0  ZuneWlanCfgSvc - ok
17:17:15.0922 0x15d0  ================ Scan global ===============================
17:17:15.0953 0x15d0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:17:16.0038 0x15d0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:17:16.0093 0x15d0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:17:16.0155 0x15d0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:17:16.0288 0x15d0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:17:16.0305 0x15d0  [ Global ] - ok
17:17:16.0314 0x15d0  ================ Scan MBR ==================================
17:17:16.0400 0x15d0  [ 0DBBFDB9955C421FAA78F786B52F75EF ] \Device\Harddisk0\DR0
17:17:16.0698 0x15d0  \Device\Harddisk0\DR0 - ok
17:17:16.0701 0x15d0  ================ Scan VBR ==================================
17:17:16.0705 0x15d0  [ 4787FDB0BB8DA4FC4082AED2C4993DE6 ] \Device\Harddisk0\DR0\Partition1
17:17:16.0710 0x15d0  \Device\Harddisk0\DR0\Partition1 - ok
17:17:16.0733 0x15d0  [ D4C6381CF6CB554671656B67214B1227 ] \Device\Harddisk0\DR0\Partition2
17:17:16.0735 0x15d0  \Device\Harddisk0\DR0\Partition2 - ok
17:17:16.0771 0x15d0  [ 28B5BC99AF711062360DDC54F083410B ] \Device\Harddisk0\DR0\Partition3
17:17:16.0773 0x15d0  \Device\Harddisk0\DR0\Partition3 - ok
17:17:16.0873 0x15d0  [ 9391FCA6A2773806C3DE3324EFE8C822 ] \Device\Harddisk0\DR0\Partition4
17:17:16.0874 0x15d0  \Device\Harddisk0\DR0\Partition4 - ok
17:17:16.0875 0x15d0  Waiting for KSN requests completion. In queue: 130
17:17:17.0875 0x15d0  Waiting for KSN requests completion. In queue: 130
17:17:18.0875 0x15d0  Waiting for KSN requests completion. In queue: 130
17:17:19.0875 0x15d0  Waiting for KSN requests completion. In queue: 130
17:17:20.0905 0x15d0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
17:17:20.0910 0x15d0  Win FW state via NFP2: enabled
17:17:24.0476 0x15d0  ============================================================
17:17:24.0476 0x15d0  Scan finished
17:17:24.0476 0x15d0  ============================================================
17:17:24.0578 0x1bb4  Detected object count: 0
17:17:24.0578 0x1bb4  Actual detected object count: 0
17:17:38.0448 0x096c  Deinitialize success

 



#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:40 PM

Posted 01 January 2014 - 08:49 PM

Malwarebytes Anti-Malware
 

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware
and save it to your desktop.MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
    On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    Back at the main Scanner screen:
    • Click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
    • Exit MBAM when done.
    Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    gmer_zip.gif
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.[/quote]


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Edited by cryptodan, 01 January 2014 - 08:50 PM.


#5 Han2013

Han2013
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:40 PM

Posted 01 January 2014 - 10:01 PM

Hi cryptodan,

 

I'm still running mbab after an hour so I will likely not get past that tonight. I'm in EST and work tomorrow but I will continue with the process as you outlined it once I'm home. Fingers crossed it will work. I keep getting various prompts to download/run/save files such as: dpx.js from i.simpli.fi which I assume is the malware (all files are different and I've cancelled all requests) I will post the logs as soon as I've completed all the steps.

 

One question I do have before I get to the next step with GMER is how do I disable my Windows Firewall and MSE? It's the only security program I run but it's always running in the background so do I have to uninstall it or just make sure it's not running? Sorry, sounds like a silly question but I'm not a techie. 

 

Thanks!



#6 Han2013

Han2013
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:40 PM

Posted 02 January 2014 - 08:45 PM

Hi cryptodan,

 

Here's the log file from the process:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
lamaral :: LAMARAL-PC [administrator]

Protection: Enabled

1/01/14 9:06:18 PM
mbam-log-2014-01-01 (21-06-18).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 839487
Time elapsed: 3 hour(s), 33 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\lamaral\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Program Files (x86)\DivX_Browser_Bar\DivX_Browser_BarToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DivX_Browser_Bar\hk64tbDivX.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DivX_Browser_Bar\hktbDivX.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DivX_Browser_Bar\ldrtbDivX.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DivX_Browser_Bar\tbDivX.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\lamaral\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZZDHDF9\FreeVideoConverterSetup-r156-n-bi[1].exe (PUP.Optional.Koyote.A) -> Quarantined and deleted successfully.
C:\Users\lamaral\AppData\LocalLow\DivX_Browser_Bar\hk64tbDivX.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

(end)

 

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2014-01-02 19:22:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.LH00 465.76GB
Running: xilxhp5p.exe; Driver: C:\Users\lamaral\AppData\Local\Temp\pwliafod.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                         fffff800031ad000 19 bytes [00, 00, 0C, 02, 46, 4D, 66, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 548                                                         fffff800031ad014 43 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                 0000000075c81eee 6 bytes [68, 0C, 00, B5, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegCloseKey                      0000000075c8203f 6 bytes [68, 0C, 00, A9, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegCloseKey + 621                0000000075c822ac 7 bytes JMP 0000000102af0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegEnumKeyExW                    0000000075c82e3a 6 bytes [68, 0C, 00, AB, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!HeapCompact + 19                 0000000075c846ca 7 bytes JMP 0000000102ae0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegQueryValueExA                 0000000075c84a27 6 bytes [68, 0C, 00, B4, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegEnumValueW                    0000000075c87de0 6 bytes [68, 0C, 00, AD, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegQueryInfoKeyW                 0000000075c88165 6 bytes [68, 0C, 00, B3, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!BaseFormatObjectAttributes + 69  0000000075c9125d 7 bytes JMP 0000000102b00005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegQueryInfoKeyA                 0000000075c91f1f 6 bytes [68, 0C, 00, B2, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegEnumKeyExA + 1                0000000075c9f93f 5 bytes [0F, 00, AA, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\kernel32.dll!RegEnumValueA                    0000000075c9ff26 6 bytes [68, 0C, 00, AC, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!DispatchMessageW + 98              00000000767378dd 7 bytes JMP 0000000102bd0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!DispatchMessageA + 19              0000000076737bce 7 bytes JMP 0000000102bc0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!OpenWindowStationA + 347           00000000767405b5 7 bytes JMP 0000000102bf0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!PtInRect + 42                      0000000076741213 7 bytes JMP 0000000102ba0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!GetMessagePos                      0000000076742a8d 6 bytes [68, 0C, 00, B9, 02, C3]
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!EnumDesktopWindows + 28            0000000076745f6f 7 bytes JMP 0000000102be0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!RegisterSystemThread + 25          0000000076779cf8 7 bytes JMP 0000000102bb0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxTimeoutA + 164           000000007678fbcc 7 bytes JMP 0000000102b60005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA + 199          000000007678fc98 7 bytes JMP 0000000102b70005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW + 52           000000007678fcd1 7 bytes JMP 0000000102460005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxExA + 31                 000000007678fcf5 7 bytes JMP 0000000102530005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxExW + 31                 000000007678fd19 7 bytes JMP 00000001007d0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!MessageBoxA + 28                   000000007678fd3a 7 bytes JMP 00000001007e0005
.text     C:\Users\lamaral\AppData\Roaming\Onamwa\caozpy.exe[4536] C:\Windows\syswow64\USER32.dll!GetCursorInfo                      000000007679812f 6 bytes [68, 0F, 00, B8, 02, C3]

---- Threads - GMER 2.1 ----

Thread    C:\Windows\Explorer.EXE [2004:4532]                                                                                        000000001e343868

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f3957bd32f                                               
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f3957bd32f@00bd3a0953bf                                   0x05 0xF6 0x28 0x73 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f3957bd32f (not active ControlSet)                           
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f3957bd32f@00bd3a0953bf                                       0x05 0xF6 0x28 0x73 ...

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                      unknown MBR code

---- EOF - GMER 2.1 ----

 

 

# AdwCleaner v3.016 - Report created 02/01/2014 at 20:02:37
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : lamaral - LAMARAL-PC
# Running from : C:\Users\lamaral\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : UtilityChest_49Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\UtilityChest_49
Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\lamaral\AppData\Local\Conduit
Folder Deleted : C:\Users\lamaral\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\lamaral\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\lamaral\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\lamaral\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\lamaral\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\lamaral\AppData\LocalLow\DivX_Browser_Bar
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23699B0B-C14D-4054-A545-FC0927BB0879}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25151605-D156-49DD-A659-20E69C1EE15F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2BB3E614-F616-42DD-A99A-69C1FC268741}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35274ADF-B8DE-4909-80D1-A26269216903}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F2F1B3C-EDA7-46EC-A1CA-12A67CD00A82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BBF357E-EA8C-48BF-83CA-DE279FB83BBA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AAFD84D-5F7F-42E5-9FB4-157925C3ED2F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83CE5D73-E3DE-4DC5-82C2-3B65DFD0A849}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{929825DF-A1B4-40C9-8F3C-6DA06BADC150}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A72B8EA8-5B63-4C90-9FE8-D9C76C99DE32}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C86BFADB-406F-47C7-A8D8-FAA37B39089F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D92EDE9A-70A4-469F-AF8F-38C3F278B0A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8E1BDAB-F48F-46F9-8693-4EECB83D1AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103E3C9A-E8AE-4B19-A339-01FE9439763E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{24486CE9-7BC2-4516-B743-39FFDD4F861B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{326C4F48-FE3B-4E54-9118-9B6C3B6C9B1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39D884BB-2881-4F3A-B9B9-2D3AF4C2C191}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{59E5BDB9-126F-4575-901E-D32132A19B94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5CF866F0-10A3-4ED4-9BE3-668F2F148E2F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{618B2F0C-A1AF-4D1D-9354-CF0C42AF5BCB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8EFEE482-37BC-4F3D-83E6-CB5BBE077E43}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CE1482C8-E8FD-4277-9A4F-094D712F6B60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEFDBFA7-0F18-4216-8F90-6B6F71D6AB83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F12BA68C-976E-4567-BA3B-629DFCEBC5FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F66F6A81-E727-4774-B461-8A5CB7F7DE07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25151605-D156-49DD-A659-20E69C1EE15F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{992177A5-DF3C-4EC2-B779-6A5F94704CCC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFBAF9B2-2093-4D16-9D1F-348AE68408E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F2C2051-82CA-42FF-9B2C-3FEF04F305C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819EB622-4CA1-4A14-BA92-F909E5CE2AFA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CF67755F-9265-449C-87CF-B945519E073B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7A55CBB2-2B2E-4A41-9DE1-6AC5D2C2BE0A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\UtilityChest_49
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\UtilityChest_49
Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\UtilityChest_49
Key Deleted : HKLM\Software\DivX_Browser_Bar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\lamaral\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

*************************

AdwCleaner[R0].txt - [16495 octets] - [02/01/2014 20:01:24]
AdwCleaner[S0].txt - [16313 octets] - [02/01/2014 20:02:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16374 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by lamaral on 01/02/14 at 20:11:53.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BCA31594-3949-4E3D-8B3B-0907429FBD98}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFB56592-9B08-4E6D-BBFD-57BDBA5031CB}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\lamaral\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/02/14 at 20:21:31.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Farbar Service Scanner Version: 05-12-2013
Ran by lamaral (administrator) on 02-01-2014 at 20:28:44
Running from "C:\Users\lamaral\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

 

 

Please advise next steps.

 

Thanks!



#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:40 PM

Posted 03 January 2014 - 07:07 PM

Try performing an online scan using ESET Online Scanner to see if there is still zbot on your machine. Post the detection log when finished.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users