Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple Browers Add-ons, Comodo-Dragon folders, Chrome SxS


  • Please log in to reply
54 replies to this topic

#1 andersonrua

andersonrua

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 May 2016 - 05:13 PM

Hello, I've been directed here after going through a lot of scans over in "I'm I infected? What do I do?" sub (http://www.bleepingcomputer.com/forums/t/614061/not-sure-if-my-dads-computer-is-infected-blank-task-bar-items/page-2). After cleaning up a bit with the tools over there, CCleaner, MBAM, Adwcleaner, JRT, and ESET I am still having issues with the computer. I noticed there are multiple Chrome icons in the task bar without any Chrome windows open. Bing bar was removed and somehow was installed again. When installing applications, Chrome will open at the completions to random websites. Also, "Svchost.exe" is using up 50% of my computer processes.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-05-2016
Ran by Todd (administrator) on TODD-HPLAPTOP (18-05-2016 17:40:39)
Running from C:\Users\Todd\Desktop
Loaded Profiles: Todd (Available Profiles: Todd)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2010-12-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Run: [GoogleChromeAutoLaunch_074FE521E48D2FD943354AD99FDC5BFB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-08-29] (Google Inc.)
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\RunOnce: [UpdateTask] => [X]
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\MountPoints2: {272ccd42-1a1d-11e6-bc62-2c27d7aa1c9b} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-05-17]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-10-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-05-17]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-05-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{CBA2A6CD-6D3F-43F1-A9BE-5BD6D7080657}: [DhcpNameServer] 209.18.47.61 209.18.47.62
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {FD64CC8E-D6A0-4B17-9119-0DC435843223} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL =
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default
FF DefaultSearchEngine: Search Provided by Bing
FF SelectedSearchEngine: Search Provided by Bing
FF Homepage: hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-79f4e1c8
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @talk.google.com/O1DPlugin -> C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Todd\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Todd\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF SearchPlugin: C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\searchplugins\Search Provided by Bing.xml [2016-05-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-02-16] [not signed]
FF Extension: Add to Amazon Wish List Button - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\extensions\amznUWL2@amazon.com.xpi [2016-05-17]
FF Extension: Quick Dictionary Lookup - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\extensions\lexilook@lexiology.com.xpi [2016-05-17]
FF Extension: Garmin Communicator - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-05-17]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-05-17]
FF Extension: Adblock Plus - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\8h0lc8lx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-30] [not signed]
FF HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2016-05-17]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-17]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-04]
CHR Extension: (YouTube) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-05-15]
CHR Extension: (Google Search) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-04]
CHR Extension: (Google+) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-05-15]
CHR Extension: (Google Calendar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-05-15]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-05-17]
CHR Extension: (Google Play Music) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-05-15]
CHR Extension: (HelloSign: Online signatures made easy) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2016-05-15]
CHR Extension: (Google Maps) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-05-15]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
CHR Extension: (Gmail) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15]
CHR HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Todd\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-10-14]
CHR HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-02-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-06-14] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-06-14] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R4 RapportCerberus_1609040; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609040.sys [1157160 2016-05-16] (IBM Corp.)
R4 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [X]
R4 RapportKE64; System32\Drivers\RapportKE64.sys [X]
R4 RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-18 17:38 - 2016-05-18 17:39 - 00043514 _____ C:\Users\Todd\Desktop\Addition.txt
2016-05-18 17:36 - 2016-05-18 17:40 - 00027394 _____ C:\Users\Todd\Desktop\FRST.txt
2016-05-18 17:36 - 2016-05-18 17:40 - 00000000 ____D C:\FRST
2016-05-18 17:33 - 2016-05-18 17:39 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-05-18 17:33 - 2016-05-18 17:33 - 00001046 _____ C:\Users\Public\Desktop\System Explorer.lnk
2016-05-18 17:33 - 2016-05-18 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2016-05-18 17:33 - 2016-05-18 17:33 - 00000000 ____D C:\Program Files (x86)\System Explorer
2016-05-18 17:32 - 2016-05-18 21:36 - 02382336 _____ (Farbar) C:\Users\Todd\Desktop\FRST64.exe
2016-05-18 17:32 - 2016-05-18 21:29 - 02124128 _____ (Mister Group ) C:\Users\Todd\Desktop\SystemExplorerSetup.exe
2016-05-17 18:05 - 2016-05-17 18:26 - 00000000 ____D C:\Users\Todd\Desktop\spsetup129
2016-05-17 18:01 - 2016-05-17 18:01 - 00003524 _____ C:\Windows\System32\Tasks\WinZipBackGroundToolsTask
2016-05-17 18:01 - 2016-05-17 18:01 - 00000000 ____D C:\ProgramData\UniqueId
2016-05-17 18:00 - 2016-05-17 20:17 - 00000000 ____D C:\Users\Todd\AppData\Local\WinZip
2016-05-17 18:00 - 2016-05-17 18:01 - 00000000 ____D C:\ProgramData\WinZip
2016-05-17 18:00 - 2016-05-17 18:00 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2016-05-17 18:00 - 2016-05-17 18:00 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
2016-05-17 18:00 - 2016-05-17 18:00 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-05-17 18:00 - 2016-05-17 18:00 - 00002277 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-05-17 18:00 - 2016-05-17 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-05-17 17:59 - 2016-05-17 18:00 - 00000000 ____D C:\Program Files\WinZip
2016-05-17 17:59 - 2016-05-17 17:59 - 00000000 ____D C:\Users\Todd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-05-17 17:54 - 2016-05-17 17:55 - 01085728 _____ (WinZip) C:\Users\Todd\Downloads\winzip20-wz.exe
2016-05-16 18:19 - 2016-05-16 18:19 - 00000020 _____ C:\Windows\Ìô˜
2016-05-16 16:32 - 2016-05-16 16:32 - 00002246 _____ C:\Users\Todd\Desktop\startupSchedule.txt
2016-05-15 19:51 - 2016-05-15 19:52 - 00000000 ____D C:\Users\Todd\Desktop\PDFs
2016-05-15 19:49 - 2016-05-16 20:04 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-15 12:12 - 2016-05-15 15:59 - 01610816 _____ (Malwarebytes) C:\Users\Todd\Desktop\JRT.exe
2016-05-15 11:18 - 2016-05-15 11:49 - 00000000 ____D C:\AdwCleaner
2016-05-15 11:02 - 2016-05-15 11:08 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP
2016-05-15 10:48 - 2016-05-16 20:11 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForTodd.job
2016-05-15 10:48 - 2016-05-16 20:05 - 00003182 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTodd
2016-05-15 09:02 - 2016-05-15 19:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-15 08:59 - 2016-05-15 08:59 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-15 08:59 - 2016-05-15 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-15 08:57 - 2016-05-15 08:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-15 08:57 - 2016-05-15 08:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 08:57 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-15 08:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-15 08:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-15 08:39 - 2016-05-15 08:39 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-15 08:39 - 2016-05-15 08:39 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-15 08:39 - 2016-05-15 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-15 08:38 - 2016-05-15 08:39 - 00000000 ____D C:\Program Files\CCleaner
2016-05-15 08:34 - 2016-05-15 08:22 - 02870984 _____ (ESET) C:\Users\Todd\Desktop\esetsmartinstaller_enu.exe
2016-05-15 08:34 - 2016-05-15 08:20 - 22851472 _____ (Malwarebytes ) C:\Users\Todd\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-15 08:34 - 2016-05-15 08:20 - 06882192 _____ (Piriform Ltd) C:\Users\Todd\Desktop\ccsetup517.exe
2016-05-15 08:34 - 2016-05-15 08:20 - 03640384 _____ C:\Users\Todd\Desktop\AdwCleaner.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-18 17:33 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-18 17:33 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-18 17:31 - 2009-07-14 01:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-18 17:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-05-18 17:28 - 2012-03-31 06:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-17 20:17 - 2011-06-22 14:17 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{45CB4F28-0D2C-4193-A617-1E3963F2E370}
2016-05-17 18:17 - 2013-02-16 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-17 18:03 - 2014-10-04 16:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-05-17 17:01 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-16 20:21 - 2011-11-25 06:14 - 00000000 ____D C:\Users\Todd\AppData\Local\CrashDumps
2016-05-16 20:11 - 2012-11-24 17:59 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1797946247-3411863054-430228662-1001UA.job
2016-05-16 20:11 - 2012-11-24 17:59 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1797946247-3411863054-430228662-1001Core.job
2016-05-16 20:11 - 2011-09-09 10:01 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-16 20:11 - 2011-09-09 10:01 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-16 20:05 - 2012-11-24 17:59 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1797946247-3411863054-430228662-1001UA
2016-05-16 20:05 - 2012-11-24 17:59 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1797946247-3411863054-430228662-1001Core
2016-05-16 20:05 - 2011-06-22 15:39 - 00002880 _____ C:\Windows\System32\Tasks\{33943D3D-F0EC-4EF1-B7C2-A0FC7F93CFE0}
2016-05-16 20:04 - 2011-09-09 10:01 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-16 20:04 - 2011-09-09 10:01 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-16 18:21 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-05-16 18:09 - 2011-06-22 15:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-16 17:14 - 2011-10-30 19:00 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-16 17:14 - 2011-04-08 19:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-16 17:10 - 2013-02-27 20:37 - 00000000 ____D C:\Users\Todd\AppData\Roaming\SanDisk
2016-05-16 16:54 - 2011-04-08 19:58 - 00000000 ____D C:\Program Files (x86)\HP Games
2016-05-16 16:54 - 2011-04-08 19:57 - 00000000 ____D C:\ProgramData\WildTangent
2016-05-16 16:54 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-15 20:29 - 2012-03-31 06:14 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-15 20:29 - 2012-03-31 06:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-15 20:29 - 2011-06-23 05:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-15 11:42 - 2011-06-27 16:42 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-05-15 11:42 - 2011-04-08 20:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-05-15 11:01 - 2011-06-22 14:25 - 00000000 ____D C:\Windows\Sun
2016-05-15 10:48 - 2011-06-22 18:15 - 00000000 ____D C:\Users\Todd
2016-05-15 09:16 - 2011-11-17 21:25 - 00000000 ____D C:\Users\Todd\AppData\Local\Akamai
2016-05-15 08:54 - 2011-06-22 15:39 - 00000000 ____D C:\Users\Todd\AppData\Roaming\Skype
2016-05-15 08:47 - 2007-01-01 21:25 - 00000000 ____D C:\Windows\Panther
2016-05-14 17:49 - 2014-10-04 16:42 - 00000000 ___HD C:\Users\Public\Temp

==================== Files in the root of some directories =======

2011-08-02 20:15 - 2011-08-20 07:53 - 0000117 _____ () C:\Users\Todd\AppData\Roaming\Camdata.ini
2011-08-02 20:15 - 2011-08-20 07:53 - 0000408 _____ () C:\Users\Todd\AppData\Roaming\CamLayout.ini
2011-08-02 20:15 - 2011-08-20 07:53 - 0000408 _____ () C:\Users\Todd\AppData\Roaming\CamShapes.ini
2011-08-02 20:15 - 2011-08-20 07:53 - 0004416 _____ () C:\Users\Todd\AppData\Roaming\CamStudio.cfg
2013-08-29 14:55 - 2014-10-14 22:25 - 0000248 _____ () C:\Users\Todd\AppData\Roaming\WB.CFG
2013-08-29 14:55 - 2014-01-25 20:57 - 0000005 _____ () C:\Users\Todd\AppData\Roaming\WBPU-TTL.DAT
2011-10-30 19:16 - 2016-05-16 17:15 - 0003345 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Todd\AppData\Local\Temp\~tmp1463433029410.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 21:16

==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 19 May 2016 - 09:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\RunOnce: [UpdateTask] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-02-16] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-16] [not signed]
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2016-05-17]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R4 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [X]
R4 RapportKE64; System32\Drivers\RapportKE64.sys [X]
R4 RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [X]
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {290BFA6E-9E38-4443-8EE3-7B011414B72D} - \IC Running Procedure -> No File <==== ATTENTION
C:\Users\Todd\AppData\Local\Temp\~tmp1463433029410.exe
C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi
C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the logs and let me know what problem persists.

#3 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 20 May 2016 - 04:01 PM

There are still multiple instances of chrome.exe*32 running on the machine at start up. The fan is still running at high speeds and "svchost.exe" is taking up 50% of memory usage. Here is the log:

 

start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\...\RunOnce: [UpdateTask] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-1797946247-3411863054-430228662-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-79f4e1c8&q={searchTerms}
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-1797946247-3411863054-430228662-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1797946247-3411863054-430228662-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-02-16] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-16] [not signed]
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Todd\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2016-05-17]
CHR Extension: (CutePDF Editor Toolbar) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R4 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [X]
R4 RapportKE64; System32\Drivers\RapportKE64.sys [X]
R4 RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [X]
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1797946247-3411863054-430228662-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Todd\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {290BFA6E-9E38-4443-8EE3-7B011414B72D} - \IC Running Procedure -> No File <==== ATTENTION
C:\Users\Todd\AppData\Local\Temp\~tmp1463433029410.exe
C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi
C:\Users\Todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd

End



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 21 May 2016 - 08:52 AM

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart Chrome.

====

If the problem persists,


There are still multiple instances of chrome.exe*32 running on the machine at start up


Each instance of a Chrome windows and all the Extensions installed and running will use it's own Chrome.exe space.

Disable all Extension and with just one Chrome windows open how is the computer running?

If the performance improves the enable a few Extensions and test the system.
By trial and error you may be able to find the culprit if it's the cause.
===

Keep me posted.

#5 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 24 May 2016 - 04:57 PM

Resetting browser settings and clearing data helped a lot. I also disabled each extension and this has cut down on the instances of chrome.exe*32. I'm currently trying to update chrome to the latest version but downloading seems to be way behind. The computer seems to be bogged down by svchost.exe but searching that issue, it appears to be related to something else. Because of svchost.exe the fan is constantly running at full speed.



#6 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 24 May 2016 - 05:22 PM

Can't get chrome to update but with all the extension disable and one tab open in chrome, there are 4 instances of chrome.exe*32 in the task manager.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 25 May 2016 - 06:37 AM

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 3 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

rkill.exe
rkill.com
rkill.scr

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested on another computer and then transfer them to the desktop of the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

When completed it will create a log. Please post the content on your next reply.
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

#8 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 25 May 2016 - 03:39 PM

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/25/2016 03:53:59 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 1752) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/25/2016 03:58:06 PM
Execution time: 0 hours(s), 4 minute(s), and 6 seconds(s)



#9 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 25 May 2016 - 03:43 PM

RogueKiller V12.3.0.0 [May 22 2016] (Free) by Adlice Software
 
 
 
 
 
 
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
 
Started in : Normal mode
 
User : Todd [Administrator]
 
Started from : C:\Users\Todd\Desktop\RogueKiller.exe
 
Mode : Scan -- Date : 05/25/2016 16:24:07
 
 
 
¤¤¤ Processes : 0 ¤¤¤
 
 
 
¤¤¤ Registry : 7 ¤¤¤
 
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Found
 
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Found
 
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Found
 
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8 -> Found
 
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8 -> Found
 
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1797946247-3411863054-430228662-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8 -> Found
 
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1797946247-3411863054-430228662-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-79f4e1c8 -> Found
 
 
 
¤¤¤ Tasks : 0 ¤¤¤
 
 
 
¤¤¤ Files : 0 ¤¤¤
 
 
 
¤¤¤ Hosts File : 0 ¤¤¤
 
 
 
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
 
 
 
¤¤¤ Web browsers : 1 ¤¤¤
 
[PUP][CHROME:Addon] Default : Shortcuts for Google? [baohinapilmkigilbbbcccncoljkdpnd] -> Found
 
 
 
¤¤¤ MBR Check : ¤¤¤
 
+++++ PhysicalDrive0: WDC WD32 00BEKT-60PVMT0 SATA Disk Device +++++
 
--- User ---
 
[MBR] 39215edf06b6dd51ec8d8c1c46359943
 
[BSP] 7577fcf1bd2899fa2e9a07e3eb8dabec : Windows Vista/7/8 MBR Code
 
Partition table:
 
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
 
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 286869 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
 
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 587917312 | Size: 14112 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
 
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 616818688 | Size: 4063 MB
 
User = LL1 ... OK
 
User = LL2 ... OK


#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 26 May 2016 - 07:05 AM

Run the RogueKiller and fix everything that was found.

This will reset the default values.

Let me know if the problem persists.

#11 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 26 May 2016 - 05:02 PM

I've run RogueKiller again and fixed all issues. I was able to update Chrome to latest version. I've restarted the computer and the only issue I see right now is svchost.exe eating up 50% of my CPU. After restarting the computer, the fan is running fairly quiet, but once svchost.exe gets going the fan seems to be running on high.

#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 27 May 2016 - 06:45 AM

url=http://download.bleepingcomputer.com/grinler/rkill.com]rkill.com[/url]
rkill.scr

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested on another computer and then transfer them to the desktop of the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

When completed it will create a log. Please post the content on your next reply.
===

#13 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 30 May 2016 - 03:11 PM

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 05/30/2016 03:40:33 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 2016) [WD-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 05/30/2016 03:46:32 PM
Execution time: 0 hours(s), 6 minute(s), and 20 seconds(s)


#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:10 PM

Posted 31 May 2016 - 07:24 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
aswMBRScan.gif
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===

    Wait for further instructions.


#15 andersonrua

andersonrua
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 31 May 2016 - 04:01 PM

16:52:19.0338 0x167c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:52:32.0224 0x167c  ============================================================
16:52:32.0224 0x167c  Current date / time: 2016/05/31 16:52:32.0224
16:52:32.0224 0x167c  SystemInfo:
16:52:32.0224 0x167c  
16:52:32.0224 0x167c  OS Version: 6.1.7601 ServicePack: 1.0
16:52:32.0224 0x167c  Product type: Workstation
16:52:32.0224 0x167c  ComputerName: TODD-HPLAPTOP
16:52:32.0224 0x167c  UserName: Todd
16:52:32.0224 0x167c  Windows directory: C:\Windows
16:52:32.0224 0x167c  System windows directory: C:\Windows
16:52:32.0224 0x167c  Running under WOW64
16:52:32.0224 0x167c  Processor architecture: Intel x64
16:52:32.0224 0x167c  Number of processors: 2
16:52:32.0224 0x167c  Page size: 0x1000
16:52:32.0224 0x167c  Boot type: Normal boot
16:52:32.0224 0x167c  ============================================================
16:52:33.0082 0x167c  KLMD registered as C:\Windows\system32\drivers\35248186.sys
16:52:37.0372 0x167c  System UUID: {7D14E978-278C-997E-D264-4E811FC55983}
16:52:39.0961 0x167c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:39.0961 0x167c  ============================================================
16:52:39.0977 0x167c  \Device\Harddisk0\DR0:
16:52:39.0977 0x167c  MBR partitions:
16:52:39.0977 0x167c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:52:39.0977 0x167c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2304A800
16:52:39.0977 0x167c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x230AE800, BlocksNum 0x1B90000
16:52:39.0977 0x167c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24C3E800, BlocksNum 0x7EFAB0
16:52:39.0977 0x167c  ============================================================
16:52:40.0008 0x167c  C: <-> \Device\Harddisk0\DR0\Partition2
16:52:40.0102 0x167c  D: <-> \Device\Harddisk0\DR0\Partition3
16:52:40.0102 0x167c  E: <-> \Device\Harddisk0\DR0\Partition4
16:52:40.0102 0x167c  ============================================================
16:52:40.0102 0x167c  Initialize success
16:52:40.0102 0x167c  ============================================================
16:52:47.0980 0x0f28  ============================================================
16:52:47.0980 0x0f28  Scan started
16:52:47.0980 0x0f28  Mode: Manual; 
16:52:47.0980 0x0f28  ============================================================
16:52:47.0980 0x0f28  KSN ping started
16:53:02.0020 0x0f28  KSN ping finished: true
16:53:03.0392 0x0f28  ================ Scan system memory ========================
16:53:03.0392 0x0f28  System memory - ok
16:53:03.0392 0x0f28  ================ Scan services =============================
16:53:04.0157 0x0f28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:53:04.0235 0x0f28  1394ohci - ok
16:53:04.0313 0x0f28  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
16:53:04.0313 0x0f28  Accelerometer - ok
16:53:04.0375 0x0f28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:53:04.0391 0x0f28  ACPI - ok
16:53:04.0422 0x0f28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:53:04.0422 0x0f28  AcpiPmi - ok
16:53:04.0594 0x0f28  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:53:04.0594 0x0f28  AdobeARMservice - ok
16:53:05.0202 0x0f28  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:53:05.0218 0x0f28  AdobeFlashPlayerUpdateSvc - ok
16:53:05.0311 0x0f28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:53:05.0342 0x0f28  adp94xx - ok
16:53:05.0436 0x0f28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:53:05.0452 0x0f28  adpahci - ok
16:53:05.0530 0x0f28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:53:05.0530 0x0f28  adpu320 - ok
16:53:05.0592 0x0f28  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:53:05.0592 0x0f28  AeLookupSvc - ok
16:53:05.0670 0x0f28  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
16:53:05.0686 0x0f28  AESTFilters - ok
16:53:05.0810 0x0f28  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:53:05.0842 0x0f28  AFD - ok
16:53:05.0935 0x0f28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:53:05.0951 0x0f28  agp440 - ok
16:53:06.0029 0x0f28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:53:06.0060 0x0f28  ALG - ok
16:53:06.0107 0x0f28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:53:06.0107 0x0f28  aliide - ok
16:53:06.0216 0x0f28  [ E4919C6C2DF3069D6E387069E0CCC189, B34BE1E2E3C185B2E00C1E67D5376211D0CAC7A2D711BC777BA905E101F01FDD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:53:06.0232 0x0f28  AMD External Events Utility - ok
16:53:06.0263 0x0f28  AMD FUEL Service - ok
16:53:06.0356 0x0f28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:53:06.0356 0x0f28  amdide - ok
16:53:06.0419 0x0f28  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:53:06.0419 0x0f28  amdiox64 - ok
16:53:06.0544 0x0f28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:53:06.0559 0x0f28  AmdK8 - ok
16:53:07.0433 0x0f28  [ 376730EA9BECD1DF1A5A064A376904B3, 48058D30284ADE9FAF90B6E4AD69FEA954D6395257DD7A033FDC91B9A455B309 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:53:07.0932 0x0f28  amdkmdag - ok
16:53:08.0322 0x0f28  [ 72CDE1991D9277272D192DF9A9231F54, 6AC4DF5058F514E71D49F3D0F197FE2E4324DBCF9F1553887059B082C7F886DC ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:53:08.0338 0x0f28  amdkmdap - ok
16:53:08.0587 0x0f28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:53:08.0587 0x0f28  AmdPPM - ok
16:53:08.0728 0x0f28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:53:08.0728 0x0f28  amdsata - ok
16:53:08.0868 0x0f28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:53:08.0868 0x0f28  amdsbs - ok
16:53:08.0962 0x0f28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:53:08.0962 0x0f28  amdxata - ok
16:53:09.0055 0x0f28  [ 80A508D0C7A21BC13C01D4C671541203, EC9B465B92C87522ED216CECB099AD91833C224E55969E1B3A033EE8A4A4F68D ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
16:53:09.0071 0x0f28  amd_sata - ok
16:53:09.0274 0x0f28  [ 2BE940F3A632A1A301B22B096BF221F1, 6D828467CE0D76223C29BDB77E62422014A5842A1FE90E79C179DFDCA8AFDF71 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
16:53:09.0289 0x0f28  amd_xata - ok
16:53:09.0476 0x0f28  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:53:09.0476 0x0f28  AppID - ok
16:53:09.0554 0x0f28  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:53:09.0554 0x0f28  AppIDSvc - ok
16:53:09.0742 0x0f28  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:53:09.0757 0x0f28  Appinfo - ok
16:53:09.0866 0x0f28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:53:09.0882 0x0f28  arc - ok
16:53:10.0163 0x0f28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:53:10.0163 0x0f28  arcsas - ok
16:53:11.0504 0x0f28  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:53:11.0520 0x0f28  aspnet_state - ok
16:53:11.0692 0x0f28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:53:11.0707 0x0f28  AsyncMac - ok
16:53:11.0894 0x0f28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:53:11.0894 0x0f28  atapi - ok
16:53:12.0253 0x0f28  [ DBB487D09F56C674430AC454FD8BCAB9, CF6413DD5D4876CE1F65E40115994423804AA5EA5CBDEB433DB751B445C17BB8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:53:12.0253 0x0f28  AtiHDAudioService - ok
16:53:12.0503 0x0f28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:53:12.0534 0x0f28  AudioEndpointBuilder - ok
16:53:12.0596 0x0f28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:53:12.0628 0x0f28  AudioSrv - ok
16:53:13.0142 0x0f28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:53:13.0158 0x0f28  AxInstSV - ok
16:53:13.0314 0x0f28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:53:13.0330 0x0f28  b06bdrv - ok
16:53:13.0532 0x0f28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:53:13.0548 0x0f28  b57nd60a - ok
16:53:13.0860 0x0f28  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
16:53:13.0969 0x0f28  BCM43XX - ok
16:53:14.0032 0x0f28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:53:14.0032 0x0f28  BDESVC - ok
16:53:14.0188 0x0f28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:53:14.0188 0x0f28  Beep - ok
16:53:14.0437 0x0f28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:53:14.0484 0x0f28  BFE - ok
16:53:14.0593 0x0f28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:53:14.0656 0x0f28  BITS - ok
16:53:14.0734 0x0f28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:53:14.0749 0x0f28  blbdrive - ok
16:53:15.0326 0x0f28  [ 94A6341079918DB7BF799EE897BD2563, F44ABACDAC53FD0EEAE9A52BCA0AE2DC627FE299096B217B11778BBF49BADC09 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
16:53:15.0997 0x0f28  Bluetooth Device Manager - ok
16:53:16.0216 0x0f28  [ 7E76BF0972822A9B63FD55A73DF3EED6, C8596DF0657214A598B1D04645C4074033FE6CD82C6E86000E1FFA5F335CBCC7 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
16:53:16.0278 0x0f28  Bluetooth Media Service - ok
16:53:16.0403 0x0f28  [ F7D36E135BF9274BB3435F95E7FAD339, 15233829376F69952D2061682BEAA68473E9648F667EB11E45F28792E87401DE ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
16:53:16.0465 0x0f28  Bluetooth OBEX Service - ok
16:53:16.0637 0x0f28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:53:16.0652 0x0f28  bowser - ok
16:53:16.0746 0x0f28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:53:16.0746 0x0f28  BrFiltLo - ok
16:53:16.0777 0x0f28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:53:16.0777 0x0f28  BrFiltUp - ok
16:53:16.0824 0x0f28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:53:16.0840 0x0f28  Browser - ok
16:53:16.0886 0x0f28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:53:16.0918 0x0f28  Brserid - ok
16:53:16.0933 0x0f28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:53:16.0949 0x0f28  BrSerWdm - ok
16:53:16.0996 0x0f28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:53:17.0011 0x0f28  BrUsbMdm - ok
16:53:17.0042 0x0f28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:53:17.0042 0x0f28  BrUsbSer - ok
16:53:17.0323 0x0f28  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:53:17.0432 0x0f28  BthEnum - ok
16:53:17.0542 0x0f28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:53:17.0542 0x0f28  BTHMODEM - ok
16:53:17.0776 0x0f28  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:53:17.0776 0x0f28  BthPan - ok
16:53:17.0900 0x0f28  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:53:17.0932 0x0f28  BTHPORT - ok
16:53:17.0994 0x0f28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:53:18.0010 0x0f28  bthserv - ok
16:53:18.0103 0x0f28  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:53:18.0103 0x0f28  BTHUSB - ok
16:53:18.0228 0x0f28  [ 6D3FF2B480F7AB8DA103CBC7FBEACD48, 549EAF2A6362DD7FE3B9B3A6644CF89D6BEEC9C4D71296580799B5399C4304D1 ] BTMCOM          C:\Windows\system32\Drivers\btmcom.sys
16:53:18.0228 0x0f28  BTMCOM - ok
16:53:18.0337 0x0f28  [ B64CFABE65E241C784BB9F301795449B, 1AFE1B73CEC5EF481C3CC84B5644301D3066FA2A7C34CDCC49D6AA3EC04C9BF9 ] BTMUSB          C:\Windows\system32\Drivers\btmusb.sys
16:53:18.0368 0x0f28  BTMUSB - ok
16:53:18.0462 0x0f28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:53:18.0478 0x0f28  cdfs - ok
16:53:18.0571 0x0f28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:53:18.0743 0x0f28  cdrom - ok
16:53:18.0836 0x0f28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:53:18.0852 0x0f28  CertPropSvc - ok
16:53:18.0946 0x0f28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:53:18.0946 0x0f28  circlass - ok
16:53:19.0008 0x0f28  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:53:19.0024 0x0f28  CLFS - ok
16:53:19.0180 0x0f28  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:19.0195 0x0f28  clr_optimization_v2.0.50727_32 - ok
16:53:19.0258 0x0f28  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:53:19.0273 0x0f28  clr_optimization_v2.0.50727_64 - ok
16:53:19.0523 0x0f28  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:53:19.0538 0x0f28  clr_optimization_v4.0.30319_32 - ok
16:53:19.0616 0x0f28  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:53:19.0632 0x0f28  clr_optimization_v4.0.30319_64 - ok
16:53:19.0726 0x0f28  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
16:53:19.0726 0x0f28  clwvd - ok
16:53:19.0819 0x0f28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:53:19.0819 0x0f28  CmBatt - ok
16:53:19.0882 0x0f28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:53:19.0882 0x0f28  cmdide - ok
16:53:19.0944 0x0f28  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:53:19.0975 0x0f28  CNG - ok
16:53:20.0069 0x0f28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:53:20.0069 0x0f28  Compbatt - ok
16:53:20.0116 0x0f28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:53:20.0131 0x0f28  CompositeBus - ok
16:53:20.0162 0x0f28  COMSysApp - ok
16:53:20.0209 0x0f28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:53:20.0209 0x0f28  crcdisk - ok
16:53:20.0272 0x0f28  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:53:20.0287 0x0f28  CryptSvc - ok
16:53:20.0537 0x0f28  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:53:20.0568 0x0f28  cvhsvc - ok
16:53:20.0693 0x0f28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:53:20.0708 0x0f28  DcomLaunch - ok
16:53:20.0818 0x0f28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:53:20.0833 0x0f28  defragsvc - ok
16:53:20.0942 0x0f28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:53:20.0942 0x0f28  DfsC - ok
16:53:21.0036 0x0f28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:53:21.0052 0x0f28  Dhcp - ok
16:53:21.0083 0x0f28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:53:21.0083 0x0f28  discache - ok
16:53:21.0176 0x0f28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:53:21.0176 0x0f28  Disk - ok
16:53:21.0239 0x0f28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:53:21.0239 0x0f28  Dnscache - ok
16:53:21.0301 0x0f28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:53:21.0317 0x0f28  dot3svc - ok
16:53:21.0364 0x0f28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:53:21.0364 0x0f28  DPS - ok
16:53:21.0426 0x0f28  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:53:21.0426 0x0f28  drmkaud - ok
16:53:21.0535 0x0f28  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:53:21.0644 0x0f28  DXGKrnl - ok
16:53:21.0769 0x0f28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:53:21.0816 0x0f28  EapHost - ok
16:53:22.0050 0x0f28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:53:22.0315 0x0f28  ebdrv - ok
16:53:22.0362 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:53:22.0378 0x0f28  EFS - ok
16:53:22.0487 0x0f28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:53:22.0518 0x0f28  ehRecvr - ok
16:53:22.0580 0x0f28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:53:22.0596 0x0f28  ehSched - ok
16:53:22.0674 0x0f28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:53:22.0705 0x0f28  elxstor - ok
16:53:22.0783 0x0f28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:53:22.0783 0x0f28  ErrDev - ok
16:53:22.0846 0x0f28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:53:22.0861 0x0f28  EventSystem - ok
16:53:22.0955 0x0f28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:53:22.0970 0x0f28  exfat - ok
16:53:23.0033 0x0f28  ezSharedSvc - ok
16:53:23.0111 0x0f28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:53:23.0126 0x0f28  fastfat - ok
16:53:23.0204 0x0f28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:53:23.0236 0x0f28  Fax - ok
16:53:23.0267 0x0f28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:53:23.0267 0x0f28  fdc - ok
16:53:23.0298 0x0f28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:53:23.0298 0x0f28  fdPHost - ok
16:53:23.0345 0x0f28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:53:23.0345 0x0f28  FDResPub - ok
16:53:23.0407 0x0f28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:53:23.0454 0x0f28  FileInfo - ok
16:53:23.0470 0x0f28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:53:23.0501 0x0f28  Filetrace - ok
16:53:23.0626 0x0f28  [ 3D9B36631032FDE0FFEA0DC0260E4E35, 48B574A67D3FA015EBD078715CEC3E2B63B939D379CD4B40BFBB80397A2C58B3 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:53:23.0657 0x0f28  FLEXnet Licensing Service - ok
16:53:23.0797 0x0f28  [ 52C0312AB35EB7187015FB6A99136BB5, 54A45B0BF8108D018C86FD0542DA92E7A6F58CDB92C9E3674E115CD770031732 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:53:24.0156 0x0f28  FLEXnet Licensing Service 64 - ok
16:53:24.0265 0x0f28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:53:24.0343 0x0f28  flpydisk - ok
16:53:24.0390 0x0f28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:53:24.0421 0x0f28  FltMgr - ok
16:53:24.0593 0x0f28  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:53:24.0671 0x0f28  FontCache - ok
16:53:24.0718 0x0f28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:53:24.0827 0x0f28  FontCache3.0.0.0 - ok
16:53:24.0858 0x0f28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:53:24.0874 0x0f28  FsDepends - ok
16:53:24.0936 0x0f28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:53:24.0936 0x0f28  Fs_Rec - ok
16:53:24.0998 0x0f28  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:53:24.0998 0x0f28  fvevol - ok
16:53:25.0045 0x0f28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:53:25.0045 0x0f28  gagp30kx - ok
16:53:25.0108 0x0f28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:53:25.0201 0x0f28  gpsvc - ok
16:53:25.0264 0x0f28  [ 2ED7FF3E1ADA4092632393781518B3A7, FDB82CF74BE31806A6BFFC9724E54A74F822DFB4E137EEA38209418BDBCDAAB6 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
16:53:25.0264 0x0f28  grmnusb - ok
16:53:25.0373 0x0f28  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:25.0435 0x0f28  gupdate - ok
16:53:25.0482 0x0f28  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:25.0482 0x0f28  gupdatem - ok
16:53:25.0544 0x0f28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:53:25.0560 0x0f28  hcw85cir - ok
16:53:25.0607 0x0f28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:53:25.0622 0x0f28  HdAudAddService - ok
16:53:25.0685 0x0f28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:53:25.0685 0x0f28  HDAudBus - ok
16:53:25.0732 0x0f28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:53:25.0732 0x0f28  HidBatt - ok
16:53:25.0778 0x0f28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:53:25.0825 0x0f28  HidBth - ok
16:53:25.0856 0x0f28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:53:25.0872 0x0f28  HidIr - ok
16:53:25.0903 0x0f28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:53:25.0934 0x0f28  hidserv - ok
16:53:25.0966 0x0f28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:53:25.0981 0x0f28  HidUsb - ok
16:53:26.0012 0x0f28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:53:26.0012 0x0f28  hkmsvc - ok
16:53:26.0090 0x0f28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:53:26.0137 0x0f28  HomeGroupListener - ok
16:53:26.0184 0x0f28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:53:26.0200 0x0f28  HomeGroupProvider - ok
16:53:26.0465 0x0f28  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:53:27.0011 0x0f28  HP Support Assistant Service - ok
16:53:27.0089 0x0f28  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:53:27.0338 0x0f28  HPClientSvc - ok
16:53:27.0479 0x0f28  [ C5D2F308E1C12A5C328EF549696DBC05, 4BBDA3E0707854CC80FF8699A478D0D2AF18094B9F7EFB629B0CE4F890C44464 ] hpCMSrv         C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:53:28.0181 0x0f28  hpCMSrv - ok
16:53:28.0306 0x0f28  [ 33761EBD9A26DE33BC83DD2DAFEC4513, F1A397D6B72F998A64B8BBAA292C13E8354D2C1BE14B7C46840A512AA3BE1770 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:53:28.0321 0x0f28  HPDrvMntSvc.exe - ok
16:53:28.0368 0x0f28  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
16:53:28.0368 0x0f28  hpdskflt - ok
16:53:28.0711 0x0f28  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:53:28.0774 0x0f28  hpqcxs08 - ok
16:53:28.0836 0x0f28  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:53:28.0836 0x0f28  hpqddsvc - ok
16:53:28.0930 0x0f28  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:53:28.0992 0x0f28  hpqwmiex - ok
16:53:29.0054 0x0f28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:53:29.0054 0x0f28  HpSAMD - ok
16:53:29.0164 0x0f28  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:53:29.0210 0x0f28  HPSLPSVC - ok
16:53:29.0288 0x0f28  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
16:53:29.0320 0x0f28  hpsrv - ok
16:53:29.0413 0x0f28  [ 974A1F783ED34588B45FAD6375077BA6, 03AA0664E3C5A6CE0CA9BCE4EDB0FC11F70A6E3DD15124BDA5E2E659879230FF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
16:53:29.0460 0x0f28  HPSupportSolutionsFrameworkService - ok
16:53:29.0569 0x0f28  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:53:29.0585 0x0f28  HPWMISVC - ok
16:53:29.0647 0x0f28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:53:29.0710 0x0f28  HTTP - ok
16:53:29.0772 0x0f28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:53:29.0772 0x0f28  hwpolicy - ok
16:53:29.0803 0x0f28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:53:29.0866 0x0f28  i8042prt - ok
16:53:29.0912 0x0f28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:53:29.0944 0x0f28  iaStorV - ok
16:53:30.0037 0x0f28  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:53:30.0115 0x0f28  idsvc - ok
16:53:30.0162 0x0f28  IEEtwCollectorService - ok
16:53:30.0193 0x0f28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:53:30.0224 0x0f28  iirsp - ok
16:53:30.0302 0x0f28  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:53:30.0380 0x0f28  IKEEXT - ok
16:53:30.0427 0x0f28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:53:30.0427 0x0f28  intelide - ok
16:53:30.0490 0x0f28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:53:30.0505 0x0f28  intelppm - ok
16:53:30.0536 0x0f28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:53:30.0536 0x0f28  IPBusEnum - ok
16:53:30.0599 0x0f28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:53:30.0599 0x0f28  IpFilterDriver - ok
16:53:30.0692 0x0f28  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:53:30.0724 0x0f28  iphlpsvc - ok
16:53:30.0755 0x0f28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:53:30.0770 0x0f28  IPMIDRV - ok
16:53:30.0786 0x0f28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:53:30.0786 0x0f28  IPNAT - ok
16:53:30.0833 0x0f28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:53:30.0833 0x0f28  IRENUM - ok
16:53:30.0848 0x0f28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:53:30.0848 0x0f28  isapnp - ok
16:53:30.0911 0x0f28  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:53:30.0926 0x0f28  iScsiPrt - ok
16:53:30.0989 0x0f28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:53:30.0989 0x0f28  kbdclass - ok
16:53:31.0020 0x0f28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:53:31.0020 0x0f28  kbdhid - ok
16:53:31.0067 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:53:31.0067 0x0f28  KeyIso - ok
16:53:31.0114 0x0f28  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:53:31.0129 0x0f28  KSecDD - ok
16:53:31.0176 0x0f28  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:53:31.0192 0x0f28  KSecPkg - ok
16:53:31.0270 0x0f28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:53:31.0270 0x0f28  ksthunk - ok
16:53:31.0316 0x0f28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:53:31.0348 0x0f28  KtmRm - ok
16:53:31.0394 0x0f28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:53:31.0410 0x0f28  LanmanServer - ok
16:53:31.0441 0x0f28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:53:31.0457 0x0f28  LanmanWorkstation - ok
16:53:31.0504 0x0f28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:53:31.0519 0x0f28  lltdio - ok
16:53:31.0550 0x0f28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:53:31.0566 0x0f28  lltdsvc - ok
16:53:31.0644 0x0f28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:53:31.0644 0x0f28  lmhosts - ok
16:53:31.0691 0x0f28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:53:31.0691 0x0f28  LSI_FC - ok
16:53:31.0738 0x0f28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:53:31.0738 0x0f28  LSI_SAS - ok
16:53:31.0784 0x0f28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:53:31.0784 0x0f28  LSI_SAS2 - ok
16:53:31.0816 0x0f28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:53:31.0816 0x0f28  LSI_SCSI - ok
16:53:31.0862 0x0f28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:53:31.0878 0x0f28  luafv - ok
16:53:31.0987 0x0f28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:53:32.0003 0x0f28  Mcx2Svc - ok
16:53:32.0081 0x0f28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:53:32.0081 0x0f28  megasas - ok
16:53:32.0143 0x0f28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:53:32.0159 0x0f28  MegaSR - ok
16:53:32.0221 0x0f28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:53:32.0221 0x0f28  MMCSS - ok
16:53:32.0330 0x0f28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:53:32.0393 0x0f28  Modem - ok
16:53:32.0424 0x0f28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:53:32.0440 0x0f28  monitor - ok
16:53:32.0486 0x0f28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:53:32.0502 0x0f28  mouclass - ok
16:53:32.0564 0x0f28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:53:32.0564 0x0f28  mouhid - ok
16:53:32.0596 0x0f28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:53:32.0596 0x0f28  mountmgr - ok
16:53:32.0642 0x0f28  [ 5D494509432897338AFC19DB78A76DCB, 873F61F45D4A96096E17F9E266B1A20CCD65E4678DDB21DDE3DB98E831E524D3 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:53:32.0658 0x0f28  MozillaMaintenance - ok
16:53:32.0752 0x0f28  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:53:32.0767 0x0f28  MpFilter - ok
16:53:32.0876 0x0f28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:53:32.0892 0x0f28  mpio - ok
16:53:32.0908 0x0f28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:53:32.0923 0x0f28  mpsdrv - ok
16:53:33.0001 0x0f28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:53:33.0079 0x0f28  MpsSvc - ok
16:53:33.0251 0x0f28  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:53:33.0266 0x0f28  MRxDAV - ok
16:53:33.0313 0x0f28  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:53:33.0360 0x0f28  mrxsmb - ok
16:53:33.0438 0x0f28  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:53:33.0500 0x0f28  mrxsmb10 - ok
16:53:33.0578 0x0f28  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:53:33.0578 0x0f28  mrxsmb20 - ok
16:53:33.0641 0x0f28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:53:33.0641 0x0f28  msahci - ok
16:53:33.0781 0x0f28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:53:33.0797 0x0f28  msdsm - ok
16:53:33.0859 0x0f28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:53:33.0890 0x0f28  MSDTC - ok
16:53:33.0922 0x0f28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:53:33.0953 0x0f28  Msfs - ok
16:53:33.0984 0x0f28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:53:34.0000 0x0f28  mshidkmdf - ok
16:53:34.0046 0x0f28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:53:34.0078 0x0f28  msisadrv - ok
16:53:34.0124 0x0f28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:53:34.0140 0x0f28  MSiSCSI - ok
16:53:34.0140 0x0f28  msiserver - ok
16:53:34.0218 0x0f28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:53:34.0234 0x0f28  MSKSSRV - ok
16:53:34.0296 0x0f28  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:53:34.0296 0x0f28  MsMpSvc - ok
16:53:34.0312 0x0f28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:53:34.0312 0x0f28  MSPCLOCK - ok
16:53:34.0327 0x0f28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:53:34.0327 0x0f28  MSPQM - ok
16:53:34.0374 0x0f28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:53:34.0390 0x0f28  MsRPC - ok
16:53:34.0514 0x0f28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:53:34.0530 0x0f28  mssmbios - ok
16:53:34.0561 0x0f28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:53:34.0561 0x0f28  MSTEE - ok
16:53:34.0624 0x0f28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:53:34.0655 0x0f28  MTConfig - ok
16:53:34.0702 0x0f28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:53:34.0702 0x0f28  Mup - ok
16:53:34.0842 0x0f28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:53:34.0873 0x0f28  napagent - ok
16:53:34.0936 0x0f28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:53:34.0967 0x0f28  NativeWifiP - ok
16:53:35.0060 0x0f28  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:53:35.0123 0x0f28  NDIS - ok
16:53:35.0185 0x0f28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:53:35.0185 0x0f28  NdisCap - ok
16:53:35.0248 0x0f28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:53:35.0248 0x0f28  NdisTapi - ok
16:53:35.0294 0x0f28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:53:35.0294 0x0f28  Ndisuio - ok
16:53:35.0326 0x0f28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:53:35.0326 0x0f28  NdisWan - ok
16:53:35.0357 0x0f28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:53:35.0357 0x0f28  NDProxy - ok
16:53:35.0419 0x0f28  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:53:35.0419 0x0f28  Net Driver HPZ12 - ok
16:53:35.0450 0x0f28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:53:35.0450 0x0f28  NetBIOS - ok
16:53:35.0482 0x0f28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:53:35.0497 0x0f28  NetBT - ok
16:53:35.0513 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:53:35.0528 0x0f28  Netlogon - ok
16:53:35.0622 0x0f28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:53:35.0638 0x0f28  Netman - ok
16:53:35.0747 0x0f28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0762 0x0f28  NetMsmqActivator - ok
16:53:35.0778 0x0f28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0778 0x0f28  NetPipeActivator - ok
16:53:35.0825 0x0f28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:53:35.0856 0x0f28  netprofm - ok
16:53:36.0168 0x0f28  [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
16:53:36.0277 0x0f28  netr28x - ok
16:53:36.0340 0x0f28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:36.0355 0x0f28  NetTcpActivator - ok
16:53:36.0371 0x0f28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:36.0371 0x0f28  NetTcpPortSharing - ok
16:53:36.0433 0x0f28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:53:36.0433 0x0f28  nfrd960 - ok
16:53:36.0589 0x0f28  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:53:36.0605 0x0f28  NisDrv - ok
16:53:36.0698 0x0f28  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:53:36.0714 0x0f28  NisSrv - ok
16:53:36.0745 0x0f28  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:53:36.0761 0x0f28  NlaSvc - ok
16:53:36.0808 0x0f28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:53:36.0823 0x0f28  Npfs - ok
16:53:36.0886 0x0f28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:53:36.0886 0x0f28  nsi - ok
16:53:36.0917 0x0f28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:53:36.0932 0x0f28  nsiproxy - ok
16:53:37.0104 0x0f28  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:53:37.0198 0x0f28  Ntfs - ok
16:53:37.0260 0x0f28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:53:37.0260 0x0f28  Null - ok
16:53:37.0338 0x0f28  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
16:53:37.0354 0x0f28  NVENETFD - ok
16:53:37.0432 0x0f28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:53:37.0447 0x0f28  nvraid - ok
16:53:37.0494 0x0f28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:53:37.0510 0x0f28  nvstor - ok
16:53:37.0572 0x0f28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:53:37.0572 0x0f28  nv_agp - ok
16:53:37.0634 0x0f28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:53:37.0634 0x0f28  ohci1394 - ok
16:53:37.0728 0x0f28  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:53:37.0744 0x0f28  ose - ok
16:53:38.0258 0x0f28  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:53:38.0617 0x0f28  osppsvc - ok
16:53:38.0680 0x0f28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:53:38.0711 0x0f28  p2pimsvc - ok
16:53:38.0789 0x0f28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:53:38.0820 0x0f28  p2psvc - ok
16:53:38.0836 0x0f28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:53:38.0851 0x0f28  Parport - ok
16:53:38.0898 0x0f28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:53:38.0914 0x0f28  partmgr - ok
16:53:38.0960 0x0f28  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:53:38.0976 0x0f28  PcaSvc - ok
16:53:39.0007 0x0f28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:53:39.0023 0x0f28  pci - ok
16:53:39.0054 0x0f28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:53:39.0070 0x0f28  pciide - ok
16:53:39.0101 0x0f28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:53:39.0116 0x0f28  pcmcia - ok
16:53:39.0163 0x0f28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:53:39.0163 0x0f28  pcw - ok
16:53:39.0241 0x0f28  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:53:39.0272 0x0f28  PEAUTH - ok
16:53:39.0584 0x0f28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:53:39.0584 0x0f28  PerfHost - ok
16:53:39.0725 0x0f28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:53:39.0818 0x0f28  pla - ok
16:53:39.0943 0x0f28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:53:39.0974 0x0f28  PlugPlay - ok
16:53:40.0099 0x0f28  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:53:40.0099 0x0f28  Pml Driver HPZ12 - ok
16:53:40.0130 0x0f28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:53:40.0146 0x0f28  PNRPAutoReg - ok
16:53:40.0177 0x0f28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:53:40.0193 0x0f28  PNRPsvc - ok
16:53:40.0255 0x0f28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:53:40.0286 0x0f28  PolicyAgent - ok
16:53:40.0333 0x0f28  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
16:53:40.0349 0x0f28  Power - ok
16:53:40.0427 0x0f28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:53:40.0442 0x0f28  PptpMiniport - ok
16:53:40.0505 0x0f28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:53:40.0505 0x0f28  Processor - ok
16:53:40.0583 0x0f28  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:53:40.0614 0x0f28  ProfSvc - ok
16:53:40.0630 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:53:40.0645 0x0f28  ProtectedStorage - ok
16:53:40.0754 0x0f28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:53:40.0770 0x0f28  Psched - ok
16:53:40.0942 0x0f28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:53:41.0020 0x0f28  ql2300 - ok
16:53:41.0066 0x0f28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:53:41.0082 0x0f28  ql40xx - ok
16:53:41.0144 0x0f28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:53:41.0160 0x0f28  QWAVE - ok
16:53:41.0222 0x0f28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:53:41.0222 0x0f28  QWAVEdrv - ok
16:53:41.0254 0x0f28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:53:41.0254 0x0f28  RasAcd - ok
16:53:41.0332 0x0f28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:53:41.0332 0x0f28  RasAgileVpn - ok
16:53:41.0378 0x0f28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:53:41.0394 0x0f28  RasAuto - ok
16:53:41.0472 0x0f28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:53:41.0472 0x0f28  Rasl2tp - ok
16:53:41.0519 0x0f28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:53:41.0534 0x0f28  RasMan - ok
16:53:41.0612 0x0f28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:53:41.0628 0x0f28  RasPppoe - ok
16:53:41.0675 0x0f28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:53:41.0690 0x0f28  RasSstp - ok
16:53:41.0722 0x0f28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:53:41.0737 0x0f28  rdbss - ok
16:53:41.0768 0x0f28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:53:41.0784 0x0f28  rdpbus - ok
16:53:41.0815 0x0f28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:53:41.0815 0x0f28  RDPCDD - ok
16:53:41.0909 0x0f28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:53:41.0909 0x0f28  RDPENCDD - ok
16:53:41.0924 0x0f28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:53:41.0924 0x0f28  RDPREFMP - ok
16:53:42.0018 0x0f28  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:53:42.0158 0x0f28  RdpVideoMiniport - ok
16:53:42.0236 0x0f28  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:53:42.0767 0x0f28  RDPWD - ok
16:53:42.0829 0x0f28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:53:42.0845 0x0f28  rdyboost - ok
16:53:42.0892 0x0f28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:53:42.0907 0x0f28  RemoteAccess - ok
16:53:42.0985 0x0f28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:53:42.0985 0x0f28  RemoteRegistry - ok
16:53:43.0048 0x0f28  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:53:43.0048 0x0f28  RFCOMM - ok
16:53:43.0094 0x0f28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:53:43.0094 0x0f28  RpcEptMapper - ok
16:53:43.0157 0x0f28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:53:43.0157 0x0f28  RpcLocator - ok
16:53:43.0204 0x0f28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:53:43.0235 0x0f28  RpcSs - ok
16:53:43.0344 0x0f28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:53:43.0360 0x0f28  rspndr - ok
16:53:43.0484 0x0f28  [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
16:53:43.0516 0x0f28  RSUSBSTOR - ok
16:53:43.0703 0x0f28  [ 47032C855DDCB5AD7236286689EDE288, DEF7D22EE98FEB792342E54C9232A373763F7CD0033C79967C8914C06977B45C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:53:43.0718 0x0f28  RTL8167 - ok
16:53:43.0750 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:53:43.0750 0x0f28  SamSs - ok
16:53:43.0812 0x0f28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:53:43.0812 0x0f28  sbp2port - ok
16:53:43.0906 0x0f28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:53:43.0937 0x0f28  SCardSvr - ok
16:53:43.0984 0x0f28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:53:43.0984 0x0f28  scfilter - ok
16:53:44.0108 0x0f28  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:53:44.0171 0x0f28  Schedule - ok
16:53:44.0218 0x0f28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:53:44.0218 0x0f28  SCPolicySvc - ok
16:53:44.0280 0x0f28  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:53:44.0296 0x0f28  sdbus - ok
16:53:44.0342 0x0f28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:53:44.0358 0x0f28  SDRSVC - ok
16:53:44.0405 0x0f28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:53:44.0405 0x0f28  secdrv - ok
16:53:44.0436 0x0f28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:53:44.0452 0x0f28  seclogon - ok
16:53:44.0467 0x0f28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:53:44.0483 0x0f28  SENS - ok
16:53:44.0530 0x0f28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:53:44.0545 0x0f28  SensrSvc - ok
16:53:44.0623 0x0f28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:53:44.0623 0x0f28  Serenum - ok
16:53:44.0686 0x0f28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:53:44.0701 0x0f28  Serial - ok
16:53:44.0795 0x0f28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:53:44.0795 0x0f28  sermouse - ok
16:53:44.0857 0x0f28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:53:44.0873 0x0f28  SessionEnv - ok
16:53:44.0920 0x0f28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:53:44.0935 0x0f28  sffdisk - ok
16:53:44.0982 0x0f28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:53:44.0982 0x0f28  sffp_mmc - ok
16:53:45.0029 0x0f28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:53:45.0044 0x0f28  sffp_sd - ok
16:53:45.0091 0x0f28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:53:45.0091 0x0f28  sfloppy - ok
16:53:45.0294 0x0f28  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:53:45.0341 0x0f28  Sftfs - ok
16:53:45.0481 0x0f28  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:53:45.0497 0x0f28  sftlist - ok
16:53:45.0544 0x0f28  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:53:45.0575 0x0f28  Sftplay - ok
16:53:45.0606 0x0f28  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:53:45.0622 0x0f28  Sftredir - ok
16:53:45.0653 0x0f28  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:53:45.0668 0x0f28  Sftvol - ok
16:53:45.0715 0x0f28  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:53:45.0715 0x0f28  sftvsa - ok
16:53:45.0840 0x0f28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:53:45.0856 0x0f28  SharedAccess - ok
16:53:45.0918 0x0f28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:53:45.0934 0x0f28  ShellHWDetection - ok
16:53:45.0980 0x0f28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:53:45.0996 0x0f28  SiSRaid2 - ok
16:53:46.0058 0x0f28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:53:46.0074 0x0f28  SiSRaid4 - ok
16:53:46.0152 0x0f28  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:53:46.0168 0x0f28  SkypeUpdate - ok
16:53:46.0246 0x0f28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:53:46.0261 0x0f28  Smb - ok
16:53:46.0370 0x0f28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:53:46.0370 0x0f28  SNMPTRAP - ok
16:53:46.0448 0x0f28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:53:46.0464 0x0f28  spldr - ok
16:53:46.0558 0x0f28  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:53:46.0589 0x0f28  Spooler - ok
16:53:46.0823 0x0f28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:53:47.0026 0x0f28  sppsvc - ok
16:53:47.0057 0x0f28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:53:47.0072 0x0f28  sppuinotify - ok
16:53:47.0150 0x0f28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:53:47.0182 0x0f28  srv - ok
16:53:47.0213 0x0f28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:53:47.0244 0x0f28  srv2 - ok
16:53:47.0322 0x0f28  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:53:47.0338 0x0f28  SrvHsfHDA - ok
16:53:47.0447 0x0f28  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:53:47.0525 0x0f28  SrvHsfV92 - ok
16:53:47.0587 0x0f28  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:53:47.0618 0x0f28  SrvHsfWinac - ok
16:53:47.0712 0x0f28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:53:47.0728 0x0f28  srvnet - ok
16:53:47.0806 0x0f28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:53:47.0821 0x0f28  SSDPSRV - ok
16:53:47.0868 0x0f28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:53:47.0884 0x0f28  SstpSvc - ok
16:53:48.0086 0x0f28  [ 293A556E04F815477AE93E07B35065E6, 9B5114F80532FD3FAF65E2FE0B801693A9E417BF414CE59D262C65C1AFF1204A ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
16:53:48.0086 0x0f28  STacSV - ok
16:53:48.0118 0x0f28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:53:48.0118 0x0f28  stexstor - ok
16:53:48.0242 0x0f28  [ AA3C0336514C239A171F00A6902B59B8, 6D6D96AFC42CBB3ABAD6F822E8773B92B470A08EE9046632CBE6F172ED41E591 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:53:48.0274 0x0f28  STHDA - ok
16:53:48.0383 0x0f28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:53:48.0414 0x0f28  stisvc - ok
16:53:48.0461 0x0f28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:53:48.0461 0x0f28  swenum - ok
16:53:48.0570 0x0f28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:53:48.0601 0x0f28  swprv - ok
16:53:48.0679 0x0f28  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:53:48.0695 0x0f28  SynTP - ok
16:53:48.0835 0x0f28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:53:48.0944 0x0f28  SysMain - ok
16:53:49.0225 0x0f28  [ 00068CD7BD0A2BFA6ACC1F75671394FF, BE2235923006B300910404020D8FA3E4B6F4798778E03D1AFD3A04D995411C72 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
16:53:49.0272 0x0f28  SystemExplorerHelpService - ok
16:53:49.0319 0x0f28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:53:49.0334 0x0f28  TabletInputService - ok
16:53:49.0366 0x0f28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:53:49.0381 0x0f28  TapiSrv - ok
16:53:49.0412 0x0f28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:53:49.0428 0x0f28  TBS - ok
16:53:49.0584 0x0f28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:53:49.0724 0x0f28  Tcpip - ok
16:53:49.0865 0x0f28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:53:49.0958 0x0f28  TCPIP6 - ok
16:53:50.0005 0x0f28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:53:50.0005 0x0f28  tcpipreg - ok
16:53:50.0083 0x0f28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:53:50.0083 0x0f28  TDPIPE - ok
16:53:50.0114 0x0f28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:53:50.0114 0x0f28  TDTCP - ok
16:53:50.0161 0x0f28  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:53:50.0161 0x0f28  tdx - ok
16:53:50.0208 0x0f28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:53:50.0224 0x0f28  TermDD - ok
16:53:50.0302 0x0f28  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
16:53:50.0863 0x0f28  TermService - ok
16:53:50.0910 0x0f28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:53:50.0926 0x0f28  Themes - ok
16:53:50.0988 0x0f28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:53:50.0988 0x0f28  THREADORDER - ok
16:53:51.0035 0x0f28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:53:51.0050 0x0f28  TrkWks - ok
16:53:51.0222 0x0f28  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
16:53:51.0659 0x0f28  TrueSight - ok
16:53:51.0784 0x0f28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:53:51.0799 0x0f28  TrustedInstaller - ok
16:53:51.0846 0x0f28  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:51.0893 0x0f28  tssecsrv - ok
16:53:51.0971 0x0f28  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:53:51.0986 0x0f28  TsUsbFlt - ok
16:53:52.0018 0x0f28  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:53:52.0018 0x0f28  TsUsbGD - ok
16:53:52.0096 0x0f28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:53:52.0111 0x0f28  tunnel - ok
16:53:52.0174 0x0f28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:53:52.0189 0x0f28  uagp35 - ok
16:53:52.0236 0x0f28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:53:52.0267 0x0f28  udfs - ok
16:53:52.0314 0x0f28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:53:52.0330 0x0f28  UI0Detect - ok
16:53:52.0345 0x0f28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:53:52.0345 0x0f28  uliagpkx - ok
16:53:52.0439 0x0f28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:53:52.0439 0x0f28  umbus - ok
16:53:52.0486 0x0f28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:53:52.0486 0x0f28  UmPass - ok
16:53:52.0564 0x0f28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:53:52.0610 0x0f28  upnphost - ok
16:53:52.0657 0x0f28  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:52.0673 0x0f28  usbccgp - ok
16:53:52.0766 0x0f28  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:53:52.0766 0x0f28  usbcir - ok
16:53:52.0844 0x0f28  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:53:52.0844 0x0f28  usbehci - ok
16:53:52.0938 0x0f28  [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
16:53:52.0938 0x0f28  usbfilter - ok
16:53:53.0016 0x0f28  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:53:53.0047 0x0f28  usbhub - ok
16:53:53.0078 0x0f28  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:53:53.0078 0x0f28  usbohci - ok
16:53:53.0156 0x0f28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:53:53.0156 0x0f28  usbprint - ok
16:53:53.0250 0x0f28  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:53:53.0250 0x0f28  usbscan - ok
16:53:53.0297 0x0f28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:53.0500 0x0f28  USBSTOR - ok
16:53:53.0562 0x0f28  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:53:53.0578 0x0f28  usbuhci - ok
16:53:53.0671 0x0f28  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:53:53.0687 0x0f28  usbvideo - ok
16:53:53.0734 0x0f28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:53:53.0734 0x0f28  UxSms - ok
16:53:53.0765 0x0f28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:53:53.0765 0x0f28  VaultSvc - ok
16:53:53.0796 0x0f28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:53:53.0827 0x0f28  vdrvroot - ok
16:53:53.0905 0x0f28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:53:53.0936 0x0f28  vds - ok
16:53:53.0999 0x0f28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:53.0999 0x0f28  vga - ok
16:53:54.0030 0x0f28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:53:54.0046 0x0f28  VgaSave - ok
16:53:54.0108 0x0f28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:53:54.0124 0x0f28  vhdmp - ok
16:53:54.0186 0x0f28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:53:54.0186 0x0f28  viaide - ok
16:53:54.0217 0x0f28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:53:54.0248 0x0f28  volmgr - ok
16:53:54.0295 0x0f28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:53:54.0311 0x0f28  volmgrx - ok
16:53:54.0373 0x0f28  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:53:54.0389 0x0f28  volsnap - ok
16:53:54.0467 0x0f28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:53:54.0482 0x0f28  vsmraid - ok
16:53:54.0670 0x0f28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:53:54.0748 0x0f28  VSS - ok
16:53:54.0810 0x0f28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:54.0810 0x0f28  vwifibus - ok
16:53:54.0872 0x0f28  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:54.0872 0x0f28  vwififlt - ok
16:53:54.0982 0x0f28  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:53:54.0982 0x0f28  vwifimp - ok
16:53:55.0028 0x0f28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:53:55.0060 0x0f28  W32Time - ok
16:53:55.0106 0x0f28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:53:55.0106 0x0f28  WacomPen - ok
16:53:55.0231 0x0f28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:53:55.0247 0x0f28  WANARP - ok
16:53:55.0294 0x0f28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:53:55.0294 0x0f28  Wanarpv6 - ok
16:53:55.0528 0x0f28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:53:55.0590 0x0f28  WatAdminSvc - ok
16:53:55.0730 0x0f28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:53:55.0855 0x0f28  wbengine - ok
16:53:55.0918 0x0f28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:53:55.0949 0x0f28  WbioSrvc - ok
16:53:55.0996 0x0f28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:53:56.0027 0x0f28  wcncsvc - ok
16:53:56.0074 0x0f28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:53:56.0089 0x0f28  WcsPlugInService - ok
16:53:56.0105 0x0f28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:53:56.0120 0x0f28  Wd - ok
16:53:56.0183 0x0f28  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:53:56.0230 0x0f28  Wdf01000 - ok
16:53:56.0276 0x0f28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:53:56.0292 0x0f28  WdiServiceHost - ok
16:53:56.0292 0x0f28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:53:56.0308 0x0f28  WdiSystemHost - ok
16:53:56.0354 0x0f28  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:53:56.0370 0x0f28  WebClient - ok
16:53:56.0448 0x0f28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:53:56.0464 0x0f28  Wecsvc - ok
16:53:56.0510 0x0f28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:53:56.0526 0x0f28  wercplsupport - ok
16:53:56.0604 0x0f28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:53:56.0620 0x0f28  WerSvc - ok
16:53:56.0698 0x0f28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:56.0713 0x0f28  WfpLwf - ok
16:53:56.0729 0x0f28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:53:56.0729 0x0f28  WIMMount - ok
16:53:56.0776 0x0f28  WinDefend - ok
16:53:56.0807 0x0f28  WinHttpAutoProxySvc - ok
16:53:56.0916 0x0f28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:53:56.0932 0x0f28  Winmgmt - ok
16:53:57.0150 0x0f28  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:53:57.0244 0x0f28  WinRM - ok
16:53:57.0368 0x0f28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:57.0368 0x0f28  WinUsb - ok
16:53:57.0493 0x0f28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:53:57.0540 0x0f28  Wlansvc - ok
16:53:57.0571 0x0f28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:53:57.0571 0x0f28  WmiAcpi - ok
16:53:57.0618 0x0f28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:53:57.0634 0x0f28  wmiApSrv - ok
16:53:57.0696 0x0f28  WMPNetworkSvc - ok
16:53:57.0774 0x0f28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:53:57.0790 0x0f28  WPCSvc - ok
16:53:57.0836 0x0f28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:53:57.0836 0x0f28  WPDBusEnum - ok
16:53:57.0914 0x0f28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:53:57.0914 0x0f28  ws2ifsl - ok
16:53:57.0946 0x0f28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:53:57.0946 0x0f28  wscsvc - ok
16:53:57.0961 0x0f28  WSearch - ok
16:53:58.0148 0x0f28  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:53:58.0304 0x0f28  wuauserv - ok
16:53:58.0367 0x0f28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:53:58.0382 0x0f28  WudfPf - ok
16:53:58.0460 0x0f28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:58.0460 0x0f28  WUDFRd - ok
16:53:58.0507 0x0f28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:53:58.0507 0x0f28  wudfsvc - ok
16:53:58.0554 0x0f28  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:53:58.0570 0x0f28  WwanSvc - ok
16:53:58.0648 0x0f28  ================ Scan global ===============================
16:53:58.0694 0x0f28  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:53:58.0788 0x0f28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:58.0835 0x0f28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:58.0913 0x0f28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:53:58.0991 0x0f28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:53:59.0006 0x0f28  [ Global ] - ok
16:53:59.0006 0x0f28  ================ Scan MBR ==================================
16:53:59.0038 0x0f28  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:54:00.0348 0x0f28  \Device\Harddisk0\DR0 - ok
16:54:00.0348 0x0f28  ================ Scan VBR ==================================
16:54:00.0379 0x0f28  [ 94239510969E10E94E72ACCABE027CFD ] \Device\Harddisk0\DR0\Partition1
16:54:00.0395 0x0f28  \Device\Harddisk0\DR0\Partition1 - ok
16:54:00.0410 0x0f28  [ EB11ABE7143EF891F0EE2205DBE14069 ] \Device\Harddisk0\DR0\Partition2
16:54:00.0426 0x0f28  \Device\Harddisk0\DR0\Partition2 - ok
16:54:00.0457 0x0f28  [ 37F65648D27D2B5BF2200CCE2A3AF7EE ] \Device\Harddisk0\DR0\Partition3
16:54:00.0457 0x0f28  \Device\Harddisk0\DR0\Partition3 - ok
16:54:00.0504 0x0f28  [ A947E91820BEAD74F038FD748145865D ] \Device\Harddisk0\DR0\Partition4
16:54:00.0520 0x0f28  \Device\Harddisk0\DR0\Partition4 - ok
16:54:00.0520 0x0f28  ================ Scan generic autorun ======================
16:54:00.0598 0x0f28  [ DAD6EA55687A2605BF85CC9924E498B9, 1DA5DA265D648E7EB62AE13FDB0AB131E4500ED8118526A2069EA4960795E252 ] C:\Program Files\IDT\WDM\sttray64.exe
16:54:00.0629 0x0f28  SysTrayApp - ok
16:54:00.0629 0x0f28  SynTPEnh - ok
16:54:00.0644 0x0f28  BTMTrayAgent - ok
16:54:00.0769 0x0f28  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
16:54:00.0847 0x0f28  MSC - ok
16:54:01.0050 0x0f28  [ 1ADD5F46CFAE2C05EA3C6E2D9918F9AC, DA7C486130777B73EB75003B7F2AC5824BA89CACF92D0C47FFAC2D3AD5A22547 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:54:01.0190 0x0f28  StartCCC - ok
16:54:01.0300 0x0f28  [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
16:54:01.0315 0x0f28  hpqSRMon - ok
16:54:01.0393 0x0f28  [ D6CBDEA24FE913664FA65EAF92EE1222, 882A745BF50AAFB6126AEA00DFD0869EC3EC7E20C70164114C49D2E57600F740 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
16:54:01.0924 0x0f28  HPConnectionManager - ok
16:54:01.0986 0x0f28  [ 8A3B69683E63808719D24E1C68C21CC7, C27B2F3996B55619B45BDB332B0F3262A68CE7EEC78730C6D96B752D086C8B1D ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
16:54:02.0766 0x0f28  HPOSD - ok
16:54:03.0016 0x0f28  [ 583B34B8D0608947101596BE0C5A2909, 93C3696C3842A5B39F329EDE19C0893511C4584F0D8CF1C88500C869CB397ABD ] C:\Program Files (x86)\System Explorer\SystemExplorer.exe
16:54:03.0234 0x0f28  SystemExplorerAutoStart - ok
16:54:03.0390 0x0f28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:54:03.0437 0x0f28  Sidebar - ok
16:54:03.0468 0x0f28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:54:03.0484 0x0f28  mctadmin - ok
16:54:03.0562 0x0f28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:54:03.0608 0x0f28  Sidebar - ok
16:54:03.0640 0x0f28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:54:03.0655 0x0f28  mctadmin - ok
16:54:03.0905 0x0f28  GoogleDriveSync - ok
16:54:05.0028 0x0f28  [ 79B65FCC2AC6169B0B898F2894C61221, 5D4801D5D3C8E60F02D93E07B0068471C37B7E25359786A868DBC391D9E4E9DD ] C:\Program Files\CCleaner\CCleaner64.exe
16:54:05.0574 0x0f28  CCleaner Monitoring - ok
16:54:05.0652 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:06.0666 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:07.0680 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:08.0694 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:09.0708 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:10.0722 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:11.0736 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:12.0750 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:13.0764 0x0f28  Waiting for KSN requests completion. In queue: 118
16:54:14.0996 0x0f28  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
16:54:15.0121 0x0f28  Win FW state via NFP2: enabled ( trusted )
16:54:19.0474 0x0f28  ============================================================
16:54:19.0474 0x0f28  Scan finished
16:54:19.0474 0x0f28  ============================================================
16:54:19.0552 0x0644  Detected object count: 0
16:54:19.0552 0x0644  Actual detected object count: 0





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users