Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Malware - CSRSS.exe - Please Help


  • Please log in to reply
12 replies to this topic

#1 Rez700

Rez700

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 02 September 2013 - 01:49 PM

Hello,

 

I am a new member here and would greatly appreciate your guidance regarding the issue described below.

 

I have been having issues with the Skype recently which prompted me to call their support earlier this morning. I was unable to share my screen with anyone I am talking on Skype even though I had premium account. The support guy connected to my computer remotely and ran some checks in command prompt. Then he told me that my computer was hacked. There was a Trojan found in csrss.exe. In the command prompt, there were wordings about Trojan and csrss.exe which I could also see.  He said this virus/malware is interfering with Skype’s function. Then he said that he can fix it but for a very high fee. I am not an expert in computer to understand what was going on (as you can tell) but I didn’t want to pay such a high fee without having any knowledge at all. I didn’t even know what csrss.exe refered to and anything about malware in my computer. I have Norton Antivirus and it didn’t detect anything and so, I thought I was ok.

 

So, I did some research about csrss.exe and it seems that some Trojans can indeed disguise as csrss.exe and Norton can’t protect from everything. I saw several threads about csrss on this website too. I ran MBAM after reading about it on Microsoft website and detected 15 issues which were subsequently deleted (none of them said csrss). However, I do not know if that’s sufficient (skype still isn’t functioning accurately).  I probably could have followed instructions from some of these threads on this website, however, I thought it was better to ask for help from experts rather than me running checks without very good knowledge.

 

Also, it has become very hard to write on MS Word or on any website. The cursor keeps going all over the place. Not sure if it has anything to do with the malware.

 

I have windows 8 operating system and internet explorer version 10.

 

Thank you for reading this. I would greatly appreciate your thoughts/help.

 

Rez


Edited by Rez700, 02 September 2013 - 09:41 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:41 AM

Posted 05 September 2013 - 10:04 PM

Hello, lets also run these...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 07:16 PM

Thank you very much for your reply. I will paste the logs in this email and the subsequent emails.

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Rezwanur (administrator) on 06-09-2013 at 15:49:28
Running from "C:\Users\Rezwanur\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : BengalTiger
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1A-67-B0-6A-66-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 18-67-B0-6A-66-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4034:fb49:8cb6:5028%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 4, 2013 12:16:57 AM
   Lease Expires . . . . . . . . . . : Saturday, September 7, 2013 3:32:55 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 353920944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-E7-60-90-18-67-B0-30-0D-14
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 18-67-B0-6A-66-87
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 18-67-B0-30-0D-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:827:315a:b7ba:4daf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::827:315a:b7ba:4daf%18(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:801::1008
   74.125.226.225
   74.125.226.230
   74.125.226.238
   74.125.226.228
   74.125.226.227
   74.125.226.232
   74.125.226.233
   74.125.226.229
   74.125.226.226
   74.125.226.231
   74.125.226.224

Pinging google.com [173.194.43.36] with 32 bytes of data:
Reply from 173.194.43.36: bytes=32 time=9ms TTL=250
Reply from 173.194.43.36: bytes=32 time=14ms TTL=250

Ping statistics for 173.194.43.36:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 14ms, Average = 11ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=51ms TTL=250
Reply from 98.138.253.109: bytes=32 time=56ms TTL=250

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 56ms, Average = 53ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...1a 67 b0 6a 66 86 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...18 67 b0 6a 66 86 ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
 14...18 67 b0 6a 66 87 ......Bluetooth Device (Personal Area Network)
 12...18 67 b0 30 0d 14 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    281
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 18    306 2001::/32                On-link
 18    306 2001:0:9d38:953c:827:315a:b7ba:4daf/128
                                    On-link
 15    281 fe80::/64                On-link
 18    306 fe80::/64                On-link
 18    306 fe80::827:315a:b7ba:4daf/128
                                    On-link
 15    281 fe80::4034:fb49:8cb6:5028/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2013 02:11:32 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988950
Exception code: 0xe06d7363
Fault offset: 0x00014b32
Faulting process id: 0x1a44
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (09/05/2013 08:20:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: CommonAgent.exe, version: 1.1.3.0, time stamp: 0x511b2150
Faulting module name: CommonAgent.exe, version: 1.1.3.0, time stamp: 0x511b2150
Exception code: 0x40000015
Fault offset: 0x00000000001845e5
Faulting process id: 0x5234
Faulting application start time: 0xCommonAgent.exe0
Faulting application path: CommonAgent.exe1
Faulting module path: CommonAgent.exe2
Report Id: CommonAgent.exe3
Faulting package full name: CommonAgent.exe4
Faulting package-relative application ID: CommonAgent.exe5

Error: (09/05/2013 08:20:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: CommonAgent.exe, version: 1.1.3.0, time stamp: 0x511b2150
Faulting module name: CommonAgent.exe, version: 1.1.3.0, time stamp: 0x511b2150
Exception code: 0x40000015
Fault offset: 0x00000000001845e5
Faulting process id: 0x3008
Faulting application start time: 0xCommonAgent.exe0
Faulting application path: CommonAgent.exe1
Faulting module path: CommonAgent.exe2
Report Id: CommonAgent.exe3
Faulting package full name: CommonAgent.exe4
Faulting package-relative application ID: CommonAgent.exe5

Error: (09/04/2013 11:43:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988950
Exception code: 0xe06d7363
Fault offset: 0x00014b32
Faulting process id: 0x1750
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (09/04/2013 11:08:49 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16660 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 647c

Start Time: 01cea9e4f18f4eae

Termination Time: 24

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 79d8786a-15d8-11e3-be98-1867b06a6687

Faulting package full name:

Faulting package-relative application ID:

Error: (09/04/2013 11:06:41 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16660 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 523c

Start Time: 01cea9e4c8a7a7f8

Termination Time: 48

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 2d1a768d-15d8-11e3-be98-1867b06a6687

Faulting package full name:

Faulting package-relative application ID:

Error: (09/04/2013 11:03:11 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16660 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16a4

Start Time: 01cea925d5cfde6d

Termination Time: 44

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: af2dc7cc-15d7-11e3-be98-1867b06a6687

Faulting package full name:

Faulting package-relative application ID:

Error: (09/03/2013 07:44:01 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16660 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 900

Start Time: 01cea8fa750a7580

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: b24e0ef3-14f2-11e3-be96-1867b06a6687

Faulting package full name:

Faulting package-relative application ID:

Error: (09/03/2013 07:05:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: Wpc.dll_unloaded, version: 0.0.0.0, time stamp: 0x50108db3
Exception code: 0xc0000005
Fault offset: 0x6959b9a2
Faulting process id: 0x2044
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (09/03/2013 06:36:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988950
Exception code: 0xe06d7363
Fault offset: 0x00014b32
Faulting process id: 0x1a38
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

System errors:
=============
Error: (09/04/2013 00:19:38 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058

Error: (09/03/2013 11:14:56 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058

Error: (09/03/2013 10:24:24 PM) (Source: DCOM) (User: BENGALTIGER)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (09/03/2013 10:24:24 PM) (Source: DCOM) (User: BENGALTIGER)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (09/03/2013 06:52:37 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2013 06:52:36 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2013 06:52:33 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2013 06:52:33 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2013 06:52:33 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2013 06:52:33 PM) (Source: DCOM) (User: BengalTiger)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Microsoft Office Sessions:
=========================
Error: (09/06/2013 02:11:32 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3KERNELBASE.dll6.2.9200.1645150988950e06d736300014b321a4401ceaa841f70d15eC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SYSTEM32\KERNELBASE.dll2c646863-16bb-11e3-be98-1867b06a6687

Error: (09/05/2013 08:20:27 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.1.3.0511b2150CommonAgent.exe1.1.3.0511b21504000001500000000001845e5523401ceaa96e337878fC:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exe20fe4d8c-168a-11e3-be98-1867b06a6687

Error: (09/05/2013 08:20:20 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.1.3.0511b2150CommonAgent.exe1.1.3.0511b21504000001500000000001845e5300801ceaa9651878ebfC:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exe1c9f1530-168a-11e3-be98-1867b06a6687

Error: (09/04/2013 11:43:48 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3KERNELBASE.dll6.2.9200.1645150988950e06d736300014b32175001cea925dc469312C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SYSTEM32\KERNELBASE.dll5f1c17f1-15dd-11e3-be98-1867b06a6687

Error: (09/04/2013 11:08:49 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.16660647c01cea9e4f18f4eae24C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE79d8786a-15d8-11e3-be98-1867b06a6687

Error: (09/04/2013 11:06:41 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.16660523c01cea9e4c8a7a7f848C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE2d1a768d-15d8-11e3-be98-1867b06a6687

Error: (09/04/2013 11:03:11 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.1666016a401cea925d5cfde6d44C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEaf2dc7cc-15d7-11e3-be98-1867b06a6687

Error: (09/03/2013 07:44:01 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.1666090001cea8fa750a758031C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEb24e0ef3-14f2-11e3-be96-1867b06a6687

Error: (09/03/2013 07:05:40 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3Wpc.dll_unloaded0.0.0.050108db3c00000056959b9a2204401cea815add2e6cfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEWpc.dll59e0d4ae-14ed-11e3-be96-1867b06a6687

Error: (09/03/2013 06:36:34 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3KERNELBASE.dll6.2.9200.1645150988950e06d736300014b321a3801cea8ee4f80ba6eC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SYSTEM32\KERNELBASE.dll4905c946-14e9-11e3-be96-1867b06a6687

=========================== Installed Programs ============================

Adobe Photoshop Elements 11 (Version: 11.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Bitcasa version 0.9.20.4135 (Version: 0.9.20.4135)
Cisco WebEx Meeting Center for Internet Explorer (Version: 8.29.3202)
CyberLink Power2Go 8 (Version: 8.0.0.1912)
CyberLink PowerDVD 10 (Version: 10.0.4421.02)
D3DX10 (Version: 15.4.2368.0902)
Download Navigator (Version: 3.4.0)
Easy File Share (Version: 1.3.6)
Elements 11 Organizer (Version: 11.0)
E-POP (Version: 1.0.1)
Epson Connect
Epson Customer Participation (Version: 1.0.0.0)
Epson Event Manager (Version: 2.50.0000)
EPSON NX430 Series Printer Uninstall
EPSON Scan
Galería de fotos (Version: 16.4.3503.0728)
Galerie de photos (Version: 16.4.3503.0728)
Google Chrome (Version: 29.0.1547.66)
Google Talk Plugin (Version: 4.5.3.14917)
Google Update Helper (Version: 1.3.21.153)
Help Desk (Version: 1.0.9)
Intel AppUp(SM) center (Version: 3.6.1.33070.11)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36702)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2875)
Intel® Rapid Storage Technology (Version: 11.5.2.1001)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Home and Student 2013 - en-us (Version: 15.0.4517.1509)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Norton Internet Security (Version: 20.4.0.40)
Norton Online Backup (Version: 2.2.3.51)
Norton Online Backup ARA (Version: 4.1.0.14)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4517.1509)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1509)
Office 15 Click-to-Run Localization Component (Version: 15.0.4517.1509)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
Plants vs. Zombies
PSE11 STI Installer (Version: 11.0)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.214)
Qualcomm Atheros Client Installation Program (Version: 10.0)
Realtek Ethernet Controller Driver (Version: 8.4.907.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6818)
Recovery (Version: 6.0.9.4)
S Agent (Version: 1.1.30)
Settings (Version: 2.0.1)
SpeedUpMyPC (Version: 5.3.9.1)
SUPERAntiSpyware (Version: 5.6.1032)
Support Center (Version: 2.1.70)
Support Center FAQ (Version: 1.0.8)
SW Update (Version: 2.1.7)
User Guide (Version: 1.2.00)
Windows Live (Version: 16.4.3503.0728)
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 3797.53 MB
Available physical RAM: 1587.46 MB
Total Pagefile: 10965.53 MB
Available Pagefile: 1272.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.79 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:441.99 GB) (Free:385.82 GB) NTFS

========================= Users: ========================================

User accounts for \\BENGALTIGER

Administrator            Guest                    Rez                     
Rezwanur                

**** End of log ****



#4 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 08:01 PM

21:00:51.0749 0x39bc TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29

21:00:51.0749 0x39bc UEFI system

21:00:53.0749 0x39bc ============================================================

21:00:53.0749 0x39bc Current date / time: 2013/09/06 21:00:53.0749

21:00:53.0749 0x39bc SystemInfo:

21:00:53.0749 0x39bc

21:00:53.0749 0x39bc OS Version: 6.2.9200 ServicePack: 0.0

21:00:53.0749 0x39bc Product type: Workstation

21:00:53.0749 0x39bc ComputerName: BENGALTIGER

21:00:53.0749 0x39bc UserName: Rezwanur

21:00:53.0749 0x39bc Windows directory: C:\windows

21:00:53.0749 0x39bc System windows directory: C:\windows

21:00:53.0749 0x39bc Running under WOW64

21:00:53.0749 0x39bc Processor architecture: Intel x64

21:00:53.0749 0x39bc Number of processors: 4

21:00:53.0749 0x39bc Page size: 0x1000

21:00:53.0749 0x39bc Boot type: Normal boot

21:00:53.0749 0x39bc ============================================================

21:00:56.0656 0x39bc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:00:56.0687 0x39bc ============================================================

21:00:56.0687 0x39bc \Device\Harddisk0\DR0:

21:00:56.0703 0x39bc GPT partitions:

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F9D7D9C2-C57B-4D77-8004-C176158BD031}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F4F7049E-BB9B-49DD-82B6-C11466804C70}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x96000

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F697F674-20CA-4DDA-9107-7EC313FFBC32}, Name: Microsoft reserved partition, StartLBA 0x190000, BlocksNum 0x40000

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE9E068D-10D9-4A31-A084-8B23706AE06B}, Name: Basic data partition, StartLBA 0x1D0000, BlocksNum 0x373FC801

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4F5CB26D-8280-4B92-83FE-952380B0E7CA}, Name: Basic data partition, StartLBA 0x375CC801, BlocksNum 0x2BB9800

21:00:56.0734 0x39bc \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9138B5EC-3380-4F77-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000

21:00:56.0734 0x39bc MBR partitions:

21:00:56.0734 0x39bc ============================================================

21:00:56.0828 0x39bc C: <-> \Device\Harddisk0\DR0\Partition4

21:00:56.0828 0x39bc ============================================================

21:00:56.0828 0x39bc Initialize success

21:00:56.0828 0x39bc ============================================================

21:01:07.0846 0x3ab8 ============================================================

21:01:07.0846 0x3ab8 Scan started

21:01:07.0846 0x3ab8 Mode: Manual;

21:01:07.0846 0x3ab8 ============================================================

21:01:11.0608 0x3ab8 ================ Scan system memory ========================

21:01:11.0608 0x3ab8 System memory - ok

21:01:11.0608 0x3ab8 ================ Scan services =============================

21:01:11.0824 0x3ab8 [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

21:01:11.0824 0x3ab8 !SASCORE - ok

21:01:12.0464 0x3ab8 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys

21:01:12.0495 0x3ab8 1394ohci - ok

21:01:12.0511 0x3ab8 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys

21:01:12.0527 0x3ab8 3ware - ok

21:01:12.0636 0x3ab8 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\windows\system32\drivers\ACPI.sys

21:01:12.0636 0x3ab8 ACPI - ok

21:01:12.0667 0x3ab8 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys

21:01:12.0667 0x3ab8 acpiex - ok

21:01:12.0683 0x3ab8 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys

21:01:12.0699 0x3ab8 acpipagr - ok

21:01:12.0730 0x3ab8 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys

21:01:12.0730 0x3ab8 AcpiPmi - ok

21:01:12.0745 0x3ab8 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys

21:01:12.0761 0x3ab8 acpitime - ok

21:01:12.0933 0x3ab8 [ 844B780F7EB43C4FB5D7BE0EAFA52F6A ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

21:01:12.0933 0x3ab8 AdobeActiveFileMonitor11.0 - ok

21:01:13.0058 0x3ab8 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:01:13.0074 0x3ab8 AdobeARMservice - ok

21:01:13.0214 0x3ab8 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys

21:01:13.0230 0x3ab8 adp94xx - ok

21:01:13.0308 0x3ab8 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys

21:01:13.0308 0x3ab8 adpahci - ok

21:01:13.0324 0x3ab8 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys

21:01:13.0339 0x3ab8 adpu320 - ok

21:01:13.0402 0x3ab8 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\windows\System32\aelupsvc.dll

21:01:13.0402 0x3ab8 AeLookupSvc - ok

21:01:13.0495 0x3ab8 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\windows\system32\drivers\afd.sys

21:01:13.0511 0x3ab8 AFD - ok

21:01:13.0527 0x3ab8 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys

21:01:13.0542 0x3ab8 agp440 - ok

21:01:13.0605 0x3ab8 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe

21:01:13.0605 0x3ab8 ALG - ok

21:01:13.0652 0x3ab8 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll

21:01:13.0667 0x3ab8 AllUserInstallAgent - ok

21:01:13.0699 0x3ab8 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\windows\System32\drivers\amdk8.sys

21:01:13.0714 0x3ab8 AmdK8 - ok

21:01:13.0746 0x3ab8 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\windows\System32\drivers\amdppm.sys

21:01:13.0746 0x3ab8 AmdPPM - ok

21:01:13.0758 0x3ab8 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys

21:01:13.0773 0x3ab8 amdsata - ok

21:01:13.0789 0x3ab8 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys

21:01:13.0789 0x3ab8 amdsbs - ok

21:01:13.0789 0x3ab8 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys

21:01:13.0789 0x3ab8 amdxata - ok

21:01:13.0804 0x3ab8 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys

21:01:13.0804 0x3ab8 AppID - ok

21:01:13.0820 0x3ab8 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll

21:01:13.0820 0x3ab8 AppIDSvc - ok

21:01:13.0867 0x3ab8 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\windows\System32\appinfo.dll

21:01:13.0867 0x3ab8 Appinfo - ok

21:01:13.0867 0x3ab8 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys

21:01:13.0867 0x3ab8 arc - ok

21:01:13.0883 0x3ab8 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys

21:01:13.0883 0x3ab8 arcsas - ok

21:01:13.0898 0x3ab8 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

21:01:13.0898 0x3ab8 AsyncMac - ok

21:01:13.0914 0x3ab8 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys

21:01:13.0914 0x3ab8 atapi - ok

21:01:13.0945 0x3ab8 [ 51C6777AD7649F6C3ED389151CFD9DE6 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys

21:01:13.0961 0x3ab8 AthBTPort - ok

21:01:14.0008 0x3ab8 [ 565D8842C642BCF6B4F8B84CD7C282F6 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

21:01:14.0008 0x3ab8 AtherosSvc - ok

21:01:14.0101 0x3ab8 [ 221F28472FB210E2D4A7B4488BC798F9 ] athr C:\windows\system32\DRIVERS\athw8x.sys

21:01:14.0179 0x3ab8 athr - ok

21:01:14.0211 0x3ab8 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll

21:01:14.0226 0x3ab8 AudioEndpointBuilder - ok

21:01:14.0258 0x3ab8 [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv C:\windows\System32\Audiosrv.dll

21:01:14.0273 0x3ab8 Audiosrv - ok

21:01:14.0289 0x3ab8 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll

21:01:14.0289 0x3ab8 AxInstSV - ok

21:01:14.0336 0x3ab8 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

21:01:14.0336 0x3ab8 b06bdrv - ok

21:01:14.0367 0x3ab8 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys

21:01:14.0367 0x3ab8 BasicDisplay - ok

21:01:14.0367 0x3ab8 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys

21:01:14.0367 0x3ab8 BasicRender - ok

21:01:14.0398 0x3ab8 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\windows\System32\bdesvc.dll

21:01:14.0398 0x3ab8 BDESVC - ok

21:01:14.0414 0x3ab8 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys

21:01:14.0414 0x3ab8 Beep - ok

21:01:14.0461 0x3ab8 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\windows\System32\bfe.dll

21:01:14.0461 0x3ab8 BFE - ok

21:01:14.0648 0x3ab8 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys

21:01:14.0679 0x3ab8 BHDrvx64 - ok

21:01:14.0711 0x3ab8 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\System32\qmgr.dll

21:01:14.0804 0x3ab8 BITS - ok

21:01:14.0836 0x3ab8 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys

21:01:14.0836 0x3ab8 bowser - ok

21:01:14.0867 0x3ab8 [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll

21:01:14.0883 0x3ab8 BrokerInfrastructure - ok

21:01:14.0914 0x3ab8 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll

21:01:14.0914 0x3ab8 Browser - ok

21:01:14.0961 0x3ab8 [ B600D86961C6DF87EEB637D4C4ABB663 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys

21:01:14.0961 0x3ab8 BTATH_A2DP - ok

21:01:14.0976 0x3ab8 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys

21:01:14.0992 0x3ab8 btath_avdt - ok

21:01:15.0023 0x3ab8 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys

21:01:15.0023 0x3ab8 BTATH_BUS - ok

21:01:15.0055 0x3ab8 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys

21:01:15.0055 0x3ab8 BTATH_HCRP - ok

21:01:15.0086 0x3ab8 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys

21:01:15.0086 0x3ab8 BTATH_LWFLT - ok

21:01:15.0117 0x3ab8 [ 057DA8351AD21AE485A11A8237DC9263 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys

21:01:15.0117 0x3ab8 BTATH_RCP - ok

21:01:15.0164 0x3ab8 [ F0B7281CE5B52BF847ADCA5846DE3CC8 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys

21:01:15.0164 0x3ab8 BtFilter - ok

21:01:15.0195 0x3ab8 [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys

21:01:15.0195 0x3ab8 BthAvrcpTg - ok

21:01:15.0242 0x3ab8 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\windows\System32\drivers\BthEnum.sys

21:01:15.0242 0x3ab8 BthEnum - ok

21:01:15.0273 0x3ab8 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys

21:01:15.0273 0x3ab8 BthHFEnum - ok

21:01:15.0320 0x3ab8 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys

21:01:15.0320 0x3ab8 bthhfhid - ok

21:01:15.0351 0x3ab8 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys

21:01:15.0351 0x3ab8 BthLEEnum - ok

21:01:15.0367 0x3ab8 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys

21:01:15.0367 0x3ab8 BTHMODEM - ok

21:01:15.0398 0x3ab8 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys

21:01:15.0398 0x3ab8 BthPan - ok

21:01:15.0445 0x3ab8 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys

21:01:15.0461 0x3ab8 BTHPORT - ok

21:01:15.0492 0x3ab8 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll

21:01:15.0492 0x3ab8 bthserv - ok

21:01:15.0508 0x3ab8 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys

21:01:15.0508 0x3ab8 BTHUSB - ok

21:01:15.0539 0x3ab8 [ D2AAC014F1888A58DBDA67FAA15ED6CB ] cbfs3 C:\windows\system32\drivers\cbfs3.sys

21:01:15.0539 0x3ab8 cbfs3 - ok

21:01:15.0586 0x3ab8 [ E41F70406C34F1CB667B4B27D81AD162 ] ccSet_NARA C:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys

21:01:15.0586 0x3ab8 ccSet_NARA - ok

21:01:15.0648 0x3ab8 [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys

21:01:15.0648 0x3ab8 ccSet_NIS - ok

21:01:15.0680 0x3ab8 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

21:01:15.0680 0x3ab8 cdfs - ok

21:01:15.0695 0x3ab8 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys

21:01:15.0695 0x3ab8 cdrom - ok

21:01:15.0726 0x3ab8 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll

21:01:15.0726 0x3ab8 CertPropSvc - ok

21:01:15.0750 0x3ab8 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys

21:01:15.0750 0x3ab8 circlass - ok

21:01:15.0754 0x3ab8 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys

21:01:15.0754 0x3ab8 CLFS - ok

21:01:15.0785 0x3ab8 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys

21:01:15.0785 0x3ab8 CLVirtualDrive - ok

21:01:15.0801 0x3ab8 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys

21:01:15.0801 0x3ab8 CmBatt - ok

21:01:15.0833 0x3ab8 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\windows\system32\Drivers\cng.sys

21:01:15.0833 0x3ab8 CNG - ok

21:01:15.0848 0x3ab8 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys

21:01:15.0848 0x3ab8 CompositeBus - ok

21:01:15.0848 0x3ab8 COMSysApp - ok

21:01:15.0848 0x3ab8 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys

21:01:15.0848 0x3ab8 condrv - ok

21:01:15.0942 0x3ab8 [ 6ABB2F8D27E2D45C4C8524CDBF37B81E ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe

21:01:15.0973 0x3ab8 cphs - ok

21:01:16.0004 0x3ab8 [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc C:\windows\system32\cryptsvc.dll

21:01:16.0004 0x3ab8 CryptSvc - ok

21:01:16.0035 0x3ab8 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\windows\system32\drivers\dam.sys

21:01:16.0051 0x3ab8 dam - ok

21:01:16.0098 0x3ab8 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll

21:01:16.0113 0x3ab8 DcomLaunch - ok

21:01:16.0145 0x3ab8 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll

21:01:16.0145 0x3ab8 defragsvc - ok

21:01:16.0192 0x3ab8 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll

21:01:16.0192 0x3ab8 DeviceAssociationService - ok

21:01:16.0239 0x3ab8 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\windows\system32\umpnpmgr.dll

21:01:16.0254 0x3ab8 DeviceInstall - ok

21:01:16.0285 0x3ab8 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys

21:01:16.0301 0x3ab8 Dfsc - ok

21:01:16.0332 0x3ab8 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\windows\system32\dhcpcore.dll

21:01:16.0348 0x3ab8 Dhcp - ok

21:01:16.0348 0x3ab8 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys

21:01:16.0348 0x3ab8 discache - ok

21:01:16.0363 0x3ab8 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys

21:01:16.0363 0x3ab8 disk - ok

21:01:16.0395 0x3ab8 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys

21:01:16.0395 0x3ab8 dmvsc - ok

21:01:16.0426 0x3ab8 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\windows\System32\dnsrslvr.dll

21:01:16.0426 0x3ab8 Dnscache - ok

21:01:16.0473 0x3ab8 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll

21:01:16.0488 0x3ab8 dot3svc - ok

21:01:16.0504 0x3ab8 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll

21:01:16.0520 0x3ab8 DPS - ok

21:01:16.0551 0x3ab8 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\windows\system32\drivers\drmkaud.sys

21:01:16.0551 0x3ab8 drmkaud - ok

21:01:16.0582 0x3ab8 [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc C:\windows\System32\DeviceSetupManager.dll

21:01:16.0598 0x3ab8 DsmSvc - ok

21:01:16.0645 0x3ab8 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

21:01:16.0676 0x3ab8 DXGKrnl - ok

21:01:16.0707 0x3ab8 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll

21:01:16.0707 0x3ab8 Eaphost - ok

21:01:16.0848 0x3ab8 [ E6649F1F23937411DF9BB02964C2A332 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe

21:01:16.0864 0x3ab8 Easy Launcher - ok

21:01:16.0957 0x3ab8 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\windows\system32\drivers\evbda.sys

21:01:17.0004 0x3ab8 ebdrv - ok

21:01:17.0051 0x3ab8 [ A2DA3D8E0B336E13F7A155B5789B58CF ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

21:01:17.0067 0x3ab8 eeCtrl - ok

21:01:17.0098 0x3ab8 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\windows\System32\lsass.exe

21:01:17.0098 0x3ab8 EFS - ok

21:01:17.0129 0x3ab8 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys

21:01:17.0129 0x3ab8 EhStorClass - ok

21:01:17.0145 0x3ab8 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys

21:01:17.0160 0x3ab8 EhStorTcgDrv - ok

21:01:17.0239 0x3ab8 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

21:01:17.0239 0x3ab8 EpsonCustomerParticipation - ok

21:01:17.0270 0x3ab8 [ 23C3061D2F7F8BCB6140A098447035B4 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:01:17.0270 0x3ab8 EraserUtilRebootDrv - ok

21:01:17.0285 0x3ab8 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys

21:01:17.0285 0x3ab8 ErrDev - ok

21:01:17.0332 0x3ab8 [ B3E0F7A0BC85D5E996B137B8882C4130 ] ETD C:\windows\system32\DRIVERS\ETD.sys

21:01:17.0332 0x3ab8 ETD - ok

21:01:17.0364 0x3ab8 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll

21:01:17.0379 0x3ab8 EventSystem - ok

21:01:17.0395 0x3ab8 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys

21:01:17.0395 0x3ab8 exfat - ok

21:01:17.0426 0x3ab8 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys

21:01:17.0426 0x3ab8 fastfat - ok

21:01:17.0473 0x3ab8 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe

21:01:17.0489 0x3ab8 Fax - ok

21:01:17.0504 0x3ab8 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys

21:01:17.0504 0x3ab8 fdc - ok

21:01:17.0520 0x3ab8 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll

21:01:17.0520 0x3ab8 fdPHost - ok

21:01:17.0520 0x3ab8 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll

21:01:17.0520 0x3ab8 FDResPub - ok

21:01:17.0551 0x3ab8 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\windows\system32\fhsvc.dll

21:01:17.0551 0x3ab8 fhsvc - ok

21:01:17.0551 0x3ab8 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

21:01:17.0551 0x3ab8 FileInfo - ok

21:01:17.0567 0x3ab8 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys

21:01:17.0567 0x3ab8 Filetrace - ok

21:01:17.0582 0x3ab8 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys

21:01:17.0582 0x3ab8 flpydisk - ok

21:01:17.0582 0x3ab8 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys

21:01:17.0598 0x3ab8 FltMgr - ok

21:01:17.0629 0x3ab8 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\windows\system32\FntCache.dll

21:01:17.0645 0x3ab8 FontCache - ok

21:01:17.0743 0x3ab8 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:01:17.0751 0x3ab8 FontCache3.0.0.0 - ok

21:01:17.0797 0x3ab8 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys

21:01:17.0797 0x3ab8 FsDepends - ok

21:01:17.0813 0x3ab8 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

21:01:17.0813 0x3ab8 Fs_Rec - ok

21:01:17.0829 0x3ab8 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

21:01:17.0844 0x3ab8 fvevol - ok

21:01:17.0876 0x3ab8 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\windows\System32\drivers\fxppm.sys

21:01:17.0876 0x3ab8 FxPPM - ok

21:01:17.0891 0x3ab8 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

21:01:17.0907 0x3ab8 gagp30kx - ok

21:01:17.0923 0x3ab8 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys

21:01:17.0938 0x3ab8 gencounter - ok

21:01:17.0969 0x3ab8 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys

21:01:17.0969 0x3ab8 GPIOClx0101 - ok

21:01:18.0032 0x3ab8 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll

21:01:18.0063 0x3ab8 gpsvc - ok

21:01:18.0110 0x3ab8 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:01:18.0126 0x3ab8 gupdate - ok

21:01:18.0126 0x3ab8 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:01:18.0126 0x3ab8 gupdatem - ok

21:01:18.0173 0x3ab8 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

21:01:18.0173 0x3ab8 HdAudAddService - ok

21:01:18.0219 0x3ab8 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys

21:01:18.0219 0x3ab8 HDAudBus - ok

21:01:18.0251 0x3ab8 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys

21:01:18.0251 0x3ab8 HidBatt - ok

21:01:18.0282 0x3ab8 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\windows\System32\drivers\hidbth.sys

21:01:18.0298 0x3ab8 HidBth - ok

21:01:18.0313 0x3ab8 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\windows\System32\drivers\hidi2c.sys

21:01:18.0329 0x3ab8 hidi2c - ok

21:01:18.0344 0x3ab8 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys

21:01:18.0344 0x3ab8 HidIr - ok

21:01:18.0376 0x3ab8 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\system32\hidserv.dll

21:01:18.0376 0x3ab8 hidserv - ok

21:01:18.0407 0x3ab8 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\windows\System32\drivers\hidusb.sys

21:01:18.0407 0x3ab8 HidUsb - ok

21:01:18.0438 0x3ab8 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll

21:01:18.0438 0x3ab8 hkmsvc - ok

21:01:18.0469 0x3ab8 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll

21:01:18.0469 0x3ab8 HomeGroupListener - ok

21:01:18.0501 0x3ab8 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll

21:01:18.0516 0x3ab8 HomeGroupProvider - ok

21:01:18.0516 0x3ab8 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

21:01:18.0516 0x3ab8 HpSAMD - ok

21:01:18.0548 0x3ab8 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\windows\system32\drivers\HTTP.sys

21:01:18.0563 0x3ab8 HTTP - ok

21:01:18.0579 0x3ab8 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

21:01:18.0579 0x3ab8 hwpolicy - ok

21:01:18.0594 0x3ab8 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys

21:01:18.0594 0x3ab8 hyperkbd - ok

21:01:18.0610 0x3ab8 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys

21:01:18.0610 0x3ab8 HyperVideo - ok

21:01:18.0610 0x3ab8 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys

21:01:18.0610 0x3ab8 i8042prt - ok

21:01:18.0657 0x3ab8 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\windows\system32\drivers\iaStorA.sys

21:01:18.0657 0x3ab8 iaStorA - ok

21:01:18.0704 0x3ab8 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

21:01:18.0719 0x3ab8 iaStorV - ok

21:01:18.0891 0x3ab8 [ A1258065E8B16E23E2AFDE72FB5559BC ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130905.001\IDSvia64.sys

21:01:18.0891 0x3ab8 IDSVia64 - ok

21:01:19.0048 0x3ab8 [ FCAA07539A6137EF78AAB39CC455CC5E ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

21:01:19.0157 0x3ab8 igfx - ok

21:01:19.0204 0x3ab8 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys

21:01:19.0204 0x3ab8 iirsp - ok

21:01:19.0266 0x3ab8 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\windows\System32\ikeext.dll

21:01:19.0282 0x3ab8 IKEEXT - ok

21:01:19.0376 0x3ab8 [ 16FC5F9A038D855D9EACC04FFFF83174 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

21:01:19.0407 0x3ab8 IntcAzAudAddService - ok

21:01:19.0423 0x3ab8 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

21:01:19.0438 0x3ab8 IntcDAud - ok

21:01:19.0485 0x3ab8 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

21:01:19.0485 0x3ab8 Intel® Capability Licensing Service Interface - ok

21:01:19.0548 0x3ab8 [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

21:01:19.0563 0x3ab8 Intel® ME Service - ok

21:01:19.0594 0x3ab8 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys

21:01:19.0594 0x3ab8 intelide - ok

21:01:19.0610 0x3ab8 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\windows\System32\drivers\intelppm.sys

21:01:19.0626 0x3ab8 intelppm - ok

21:01:19.0626 0x3ab8 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

21:01:19.0641 0x3ab8 IpFilterDriver - ok

21:01:19.0704 0x3ab8 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\windows\System32\iphlpsvc.dll

21:01:19.0719 0x3ab8 iphlpsvc - ok

21:01:19.0739 0x3ab8 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys

21:01:19.0739 0x3ab8 IPMIDRV - ok

21:01:19.0747 0x3ab8 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys

21:01:19.0747 0x3ab8 IPNAT - ok

21:01:19.0763 0x3ab8 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys

21:01:19.0763 0x3ab8 IRENUM - ok

21:01:19.0778 0x3ab8 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys

21:01:19.0778 0x3ab8 isapnp - ok

21:01:19.0794 0x3ab8 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys

21:01:19.0810 0x3ab8 iScsiPrt - ok

21:01:19.0841 0x3ab8 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

21:01:19.0841 0x3ab8 jhi_service - ok

21:01:19.0856 0x3ab8 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys

21:01:19.0856 0x3ab8 kbdclass - ok

21:01:19.0872 0x3ab8 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys

21:01:19.0872 0x3ab8 kbdhid - ok

21:01:19.0888 0x3ab8 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys

21:01:19.0903 0x3ab8 kdnic - ok

21:01:19.0919 0x3ab8 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\windows\system32\lsass.exe

21:01:19.0919 0x3ab8 KeyIso - ok

21:01:19.0950 0x3ab8 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

21:01:19.0950 0x3ab8 KSecDD - ok

21:01:19.0982 0x3ab8 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

21:01:19.0982 0x3ab8 KSecPkg - ok

21:01:19.0997 0x3ab8 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

21:01:19.0997 0x3ab8 ksthunk - ok

21:01:20.0044 0x3ab8 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll

21:01:20.0044 0x3ab8 KtmRm - ok

21:01:20.0091 0x3ab8 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\system32\srvsvc.dll

21:01:20.0107 0x3ab8 LanmanServer - ok

21:01:20.0138 0x3ab8 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

21:01:20.0153 0x3ab8 LanmanWorkstation - ok

21:01:20.0185 0x3ab8 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

21:01:20.0185 0x3ab8 lltdio - ok

21:01:20.0216 0x3ab8 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll

21:01:20.0232 0x3ab8 lltdsvc - ok

21:01:20.0247 0x3ab8 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll

21:01:20.0247 0x3ab8 lmhosts - ok

21:01:20.0278 0x3ab8 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

21:01:20.0294 0x3ab8 LMS - ok

21:01:20.0325 0x3ab8 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

21:01:20.0341 0x3ab8 LSI_SAS - ok

21:01:20.0341 0x3ab8 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

21:01:20.0341 0x3ab8 LSI_SAS2 - ok

21:01:20.0357 0x3ab8 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

21:01:20.0357 0x3ab8 LSI_SCSI - ok

21:01:20.0372 0x3ab8 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys

21:01:20.0372 0x3ab8 LSI_SSS - ok

21:01:20.0403 0x3ab8 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\windows\System32\lsm.dll

21:01:20.0419 0x3ab8 LSM - ok

21:01:20.0419 0x3ab8 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys

21:01:20.0435 0x3ab8 luafv - ok

21:01:20.0435 0x3ab8 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys

21:01:20.0435 0x3ab8 megasas - ok

21:01:20.0466 0x3ab8 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

21:01:20.0482 0x3ab8 MegaSR - ok

21:01:20.0513 0x3ab8 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys

21:01:20.0513 0x3ab8 MEIx64 - ok

21:01:20.0560 0x3ab8 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\windows\system32\mmcss.dll

21:01:20.0560 0x3ab8 MMCSS - ok

21:01:20.0560 0x3ab8 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys

21:01:20.0575 0x3ab8 Modem - ok

21:01:20.0607 0x3ab8 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\windows\System32\drivers\monitor.sys

21:01:20.0622 0x3ab8 monitor - ok

21:01:20.0638 0x3ab8 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys

21:01:20.0638 0x3ab8 mouclass - ok

21:01:20.0669 0x3ab8 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\windows\System32\drivers\mouhid.sys

21:01:20.0669 0x3ab8 mouhid - ok

21:01:20.0685 0x3ab8 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys

21:01:20.0685 0x3ab8 mountmgr - ok

21:01:20.0732 0x3ab8 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:01:20.0732 0x3ab8 MozillaMaintenance - ok

21:01:20.0763 0x3ab8 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

21:01:20.0763 0x3ab8 mpsdrv - ok

21:01:20.0810 0x3ab8 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\windows\system32\mpssvc.dll

21:01:20.0825 0x3ab8 MpsSvc - ok

21:01:20.0857 0x3ab8 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

21:01:20.0857 0x3ab8 MRxDAV - ok

21:01:20.0903 0x3ab8 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

21:01:20.0903 0x3ab8 mrxsmb - ok

21:01:20.0935 0x3ab8 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

21:01:20.0935 0x3ab8 mrxsmb10 - ok

21:01:20.0966 0x3ab8 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

21:01:20.0966 0x3ab8 mrxsmb20 - ok

21:01:21.0013 0x3ab8 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys

21:01:21.0013 0x3ab8 MsBridge - ok

21:01:21.0028 0x3ab8 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe

21:01:21.0044 0x3ab8 MSDTC - ok

21:01:21.0044 0x3ab8 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys

21:01:21.0044 0x3ab8 Msfs - ok

21:01:21.0075 0x3ab8 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys

21:01:21.0075 0x3ab8 msgpiowin32 - ok

21:01:21.0107 0x3ab8 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

21:01:21.0107 0x3ab8 mshidkmdf - ok

21:01:21.0122 0x3ab8 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys

21:01:21.0122 0x3ab8 mshidumdf - ok

21:01:21.0138 0x3ab8 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys

21:01:21.0138 0x3ab8 msisadrv - ok

21:01:21.0169 0x3ab8 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll

21:01:21.0185 0x3ab8 MSiSCSI - ok

21:01:21.0185 0x3ab8 msiserver - ok

21:01:21.0200 0x3ab8 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

21:01:21.0200 0x3ab8 MSKSSRV - ok

21:01:21.0216 0x3ab8 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys

21:01:21.0216 0x3ab8 MsLldp - ok

21:01:21.0232 0x3ab8 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

21:01:21.0232 0x3ab8 MSPCLOCK - ok

21:01:21.0232 0x3ab8 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

21:01:21.0232 0x3ab8 MSPQM - ok

21:01:21.0263 0x3ab8 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

21:01:21.0263 0x3ab8 MsRPC - ok

21:01:21.0278 0x3ab8 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys

21:01:21.0278 0x3ab8 mssmbios - ok

21:01:21.0294 0x3ab8 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

21:01:21.0294 0x3ab8 MSTEE - ok

21:01:21.0294 0x3ab8 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys

21:01:21.0294 0x3ab8 MTConfig - ok

21:01:21.0310 0x3ab8 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys

21:01:21.0310 0x3ab8 Mup - ok

21:01:21.0325 0x3ab8 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys

21:01:21.0325 0x3ab8 mvumis - ok

21:01:21.0357 0x3ab8 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll

21:01:21.0372 0x3ab8 napagent - ok

21:01:21.0388 0x3ab8 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

21:01:21.0403 0x3ab8 NativeWifiP - ok

21:01:21.0482 0x3ab8 [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130906.001\ENG64.SYS

21:01:21.0482 0x3ab8 NAVENG - ok

21:01:21.0560 0x3ab8 [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130906.001\EX64.SYS

21:01:21.0591 0x3ab8 NAVEX15 - ok

21:01:21.0622 0x3ab8 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll

21:01:21.0622 0x3ab8 NcaSvc - ok

21:01:21.0638 0x3ab8 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll

21:01:21.0638 0x3ab8 NcdAutoSetup - ok

21:01:21.0669 0x3ab8 [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS C:\windows\system32\drivers\ndis.sys

21:01:21.0685 0x3ab8 NDIS - ok

21:01:21.0716 0x3ab8 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

21:01:21.0716 0x3ab8 NdisCap - ok

21:01:21.0716 0x3ab8 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys

21:01:21.0716 0x3ab8 NdisImPlatform - ok

21:01:21.0744 0x3ab8 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

21:01:21.0744 0x3ab8 NdisTapi - ok

21:01:21.0759 0x3ab8 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

21:01:21.0759 0x3ab8 Ndisuio - ok

21:01:21.0759 0x3ab8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

21:01:21.0759 0x3ab8 NdisWan - ok

21:01:21.0775 0x3ab8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys

21:01:21.0775 0x3ab8 NDISWANLEGACY - ok

21:01:21.0822 0x3ab8 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

21:01:21.0837 0x3ab8 NDProxy - ok

21:01:21.0869 0x3ab8 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys

21:01:21.0869 0x3ab8 Ndu - ok

21:01:21.0900 0x3ab8 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

21:01:21.0900 0x3ab8 NetBIOS - ok

21:01:21.0962 0x3ab8 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

21:01:22.0009 0x3ab8 NetBT - ok

21:01:22.0041 0x3ab8 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe

21:01:22.0041 0x3ab8 Netlogon - ok

21:01:22.0103 0x3ab8 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll

21:01:22.0134 0x3ab8 Netman - ok

21:01:22.0197 0x3ab8 [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm C:\windows\System32\netprofmsvc.dll

21:01:22.0212 0x3ab8 netprofm - ok

21:01:22.0369 0x3ab8 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:01:22.0384 0x3ab8 NetTcpPortSharing - ok

21:01:22.0431 0x3ab8 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

21:01:22.0447 0x3ab8 nfrd960 - ok

21:01:22.0509 0x3ab8 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

21:01:22.0509 0x3ab8 NIS - ok

21:01:22.0541 0x3ab8 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll

21:01:22.0556 0x3ab8 NlaSvc - ok

21:01:22.0666 0x3ab8 [ 9B70CE32DD84A674B100BEA37F756016 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

21:01:22.0712 0x3ab8 NOBU - ok

21:01:22.0712 0x3ab8 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys

21:01:22.0712 0x3ab8 Npfs - ok

21:01:22.0728 0x3ab8 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys

21:01:22.0728 0x3ab8 npsvctrig - ok

21:01:22.0759 0x3ab8 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll

21:01:22.0759 0x3ab8 nsi - ok

21:01:22.0759 0x3ab8 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

21:01:22.0775 0x3ab8 nsiproxy - ok

21:01:22.0822 0x3ab8 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

21:01:22.0853 0x3ab8 Ntfs - ok

21:01:22.0869 0x3ab8 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys

21:01:22.0869 0x3ab8 Null - ok

21:01:23.0103 0x3ab8 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys

21:01:23.0337 0x3ab8 nvlddmkm - ok

21:01:23.0337 0x3ab8 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys

21:01:23.0337 0x3ab8 nvraid - ok

21:01:23.0353 0x3ab8 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys

21:01:23.0353 0x3ab8 nvstor - ok

21:01:23.0369 0x3ab8 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

21:01:23.0369 0x3ab8 nv_agp - ok

21:01:23.0462 0x3ab8 [ 5239571EC40C990C6FC4B03685D56777 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

21:01:23.0494 0x3ab8 OfficeSvc - ok

21:01:23.0572 0x3ab8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:01:23.0588 0x3ab8 ose - ok

21:01:23.0681 0x3ab8 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll

21:01:23.0697 0x3ab8 p2pimsvc - ok

21:01:23.0803 0x3ab8 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll

21:01:23.0818 0x3ab8 p2psvc - ok

21:01:23.0850 0x3ab8 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys

21:01:23.0865 0x3ab8 Parport - ok

21:01:23.0896 0x3ab8 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys

21:01:23.0912 0x3ab8 partmgr - ok

21:01:23.0943 0x3ab8 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll

21:01:23.0959 0x3ab8 PcaSvc - ok

21:01:23.0975 0x3ab8 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys

21:01:23.0990 0x3ab8 pci - ok

21:01:24.0006 0x3ab8 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys

21:01:24.0006 0x3ab8 pciide - ok

21:01:24.0022 0x3ab8 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys

21:01:24.0022 0x3ab8 pcmcia - ok

21:01:24.0037 0x3ab8 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys

21:01:24.0037 0x3ab8 pcw - ok

21:01:24.0068 0x3ab8 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\windows\system32\drivers\pdc.sys

21:01:24.0068 0x3ab8 pdc - ok

21:01:24.0115 0x3ab8 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\windows\system32\drivers\peauth.sys

21:01:24.0115 0x3ab8 PEAUTH - ok

21:01:24.0209 0x3ab8 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe

21:01:24.0225 0x3ab8 PerfHost - ok

21:01:24.0271 0x3ab8 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll

21:01:24.0287 0x3ab8 pla - ok

21:01:24.0318 0x3ab8 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll

21:01:24.0318 0x3ab8 PlugPlay - ok

21:01:24.0334 0x3ab8 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

21:01:24.0334 0x3ab8 PNRPAutoReg - ok

21:01:24.0365 0x3ab8 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll

21:01:24.0365 0x3ab8 PNRPsvc - ok

21:01:24.0397 0x3ab8 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

21:01:24.0397 0x3ab8 PolicyAgent - ok

21:01:24.0428 0x3ab8 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll

21:01:24.0428 0x3ab8 Power - ok

21:01:24.0475 0x3ab8 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

21:01:24.0475 0x3ab8 PptpMiniport - ok

21:01:24.0615 0x3ab8 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

21:01:24.0631 0x3ab8 PrintNotify - ok

21:01:24.0662 0x3ab8 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys

21:01:24.0662 0x3ab8 Processor - ok

21:01:24.0709 0x3ab8 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll

21:01:24.0709 0x3ab8 ProfSvc - ok

21:01:24.0740 0x3ab8 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys

21:01:24.0740 0x3ab8 Psched - ok

21:01:24.0772 0x3ab8 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys

21:01:24.0772 0x3ab8 PxHlpa64 - ok

21:01:24.0787 0x3ab8 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll

21:01:24.0787 0x3ab8 QWAVE - ok

21:01:24.0803 0x3ab8 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

21:01:24.0818 0x3ab8 QWAVEdrv - ok

21:01:24.0834 0x3ab8 [ 194ED3C117525613E701FF257882303E ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys

21:01:24.0834 0x3ab8 RadioHIDMini - ok

21:01:24.0834 0x3ab8 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

21:01:24.0850 0x3ab8 RasAcd - ok

21:01:24.0865 0x3ab8 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

21:01:24.0865 0x3ab8 RasAgileVpn - ok

21:01:24.0881 0x3ab8 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll

21:01:24.0881 0x3ab8 RasAuto - ok

21:01:24.0897 0x3ab8 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

21:01:24.0897 0x3ab8 Rasl2tp - ok

21:01:24.0928 0x3ab8 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll

21:01:24.0928 0x3ab8 RasMan - ok

21:01:24.0943 0x3ab8 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

21:01:24.0943 0x3ab8 RasPppoe - ok

21:01:24.0959 0x3ab8 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

21:01:24.0959 0x3ab8 RasSstp - ok

21:01:24.0990 0x3ab8 [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

21:01:24.0990 0x3ab8 rdbss - ok

21:01:25.0022 0x3ab8 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys

21:01:25.0022 0x3ab8 rdpbus - ok

21:01:25.0053 0x3ab8 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys

21:01:25.0053 0x3ab8 RDPDR - ok

21:01:25.0100 0x3ab8 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys

21:01:25.0100 0x3ab8 RdpVideoMiniport - ok

21:01:25.0115 0x3ab8 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

21:01:25.0131 0x3ab8 RDPWD - ok

21:01:25.0147 0x3ab8 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

21:01:25.0162 0x3ab8 rdyboost - ok

21:01:25.0193 0x3ab8 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll

21:01:25.0193 0x3ab8 RemoteAccess - ok

21:01:25.0240 0x3ab8 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll

21:01:25.0256 0x3ab8 RemoteRegistry - ok

21:01:25.0287 0x3ab8 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\windows\System32\drivers\rfcomm.sys

21:01:25.0303 0x3ab8 RFCOMM - ok

21:01:25.0318 0x3ab8 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

21:01:25.0334 0x3ab8 RpcEptMapper - ok

21:01:25.0365 0x3ab8 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe

21:01:25.0365 0x3ab8 RpcLocator - ok

21:01:25.0412 0x3ab8 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll

21:01:25.0428 0x3ab8 RpcSs - ok

21:01:25.0443 0x3ab8 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

21:01:25.0459 0x3ab8 rspndr - ok

21:01:25.0506 0x3ab8 [ 10E5083E288A113782A25BEA3B64B0AC ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys

21:01:25.0506 0x3ab8 RTL8168 - ok

21:01:25.0522 0x3ab8 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys

21:01:25.0522 0x3ab8 s3cap - ok

21:01:25.0553 0x3ab8 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe

21:01:25.0553 0x3ab8 SamSs - ok

21:01:25.0647 0x3ab8 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

21:01:25.0647 0x3ab8 SASDIFSV - ok

21:01:25.0662 0x3ab8 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

21:01:25.0662 0x3ab8 SASKUTIL - ok

21:01:25.0693 0x3ab8 SBIOSIO - ok

21:01:25.0725 0x3ab8 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys

21:01:25.0729 0x3ab8 sbp2port - ok

21:01:25.0752 0x3ab8 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll

21:01:25.0768 0x3ab8 SCardSvr - ok

21:01:25.0784 0x3ab8 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

21:01:25.0784 0x3ab8 scfilter - ok

21:01:25.0831 0x3ab8 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\windows\system32\schedsvc.dll

21:01:25.0846 0x3ab8 Schedule - ok

21:01:25.0877 0x3ab8 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll

21:01:25.0877 0x3ab8 SCPolicySvc - ok

21:01:25.0909 0x3ab8 [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus C:\windows\System32\drivers\sdbus.sys

21:01:25.0909 0x3ab8 sdbus - ok

21:01:25.0940 0x3ab8 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll

21:01:25.0956 0x3ab8 SDRSVC - ok

21:01:25.0987 0x3ab8 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys

21:01:25.0987 0x3ab8 sdstor - ok

21:01:26.0034 0x3ab8 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

21:01:26.0034 0x3ab8 secdrv - ok

21:01:26.0049 0x3ab8 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll

21:01:26.0049 0x3ab8 seclogon - ok

21:01:26.0065 0x3ab8 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll

21:01:26.0081 0x3ab8 SENS - ok

21:01:26.0096 0x3ab8 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll

21:01:26.0096 0x3ab8 SensrSvc - ok

21:01:26.0112 0x3ab8 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys

21:01:26.0112 0x3ab8 SerCx - ok

21:01:26.0127 0x3ab8 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys

21:01:26.0127 0x3ab8 Serenum - ok

21:01:26.0127 0x3ab8 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys

21:01:26.0127 0x3ab8 Serial - ok

21:01:26.0143 0x3ab8 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys

21:01:26.0143 0x3ab8 sermouse - ok

21:01:26.0159 0x3ab8 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll

21:01:26.0159 0x3ab8 SessionEnv - ok

21:01:26.0174 0x3ab8 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys

21:01:26.0174 0x3ab8 sfloppy - ok

21:01:26.0206 0x3ab8 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll

21:01:26.0206 0x3ab8 SharedAccess - ok

21:01:26.0252 0x3ab8 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll

21:01:26.0268 0x3ab8 ShellHWDetection - ok

21:01:26.0284 0x3ab8 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

21:01:26.0284 0x3ab8 SiSRaid2 - ok

21:01:26.0315 0x3ab8 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

21:01:26.0315 0x3ab8 SiSRaid4 - ok

21:01:26.0331 0x3ab8 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe

21:01:26.0331 0x3ab8 SNMPTRAP - ok

21:01:26.0362 0x3ab8 [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport C:\windows\system32\drivers\spaceport.sys

21:01:26.0362 0x3ab8 spaceport - ok

21:01:26.0377 0x3ab8 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys

21:01:26.0377 0x3ab8 SpbCx - ok

21:01:26.0409 0x3ab8 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe

21:01:26.0440 0x3ab8 Spooler - ok

21:01:26.0518 0x3ab8 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe

21:01:26.0643 0x3ab8 sppsvc - ok

21:01:26.0721 0x3ab8 [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS

21:01:26.0737 0x3ab8 SRTSP - ok

21:01:26.0752 0x3ab8 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS

21:01:26.0752 0x3ab8 SRTSPX - ok

21:01:26.0784 0x3ab8 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys

21:01:26.0799 0x3ab8 srv - ok

21:01:26.0846 0x3ab8 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

21:01:26.0846 0x3ab8 srv2 - ok

21:01:26.0877 0x3ab8 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

21:01:26.0877 0x3ab8 srvnet - ok

21:01:26.0909 0x3ab8 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

21:01:26.0909 0x3ab8 SSDPSRV - ok

21:01:26.0924 0x3ab8 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll

21:01:26.0924 0x3ab8 SstpSvc - ok

21:01:26.0940 0x3ab8 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys

21:01:26.0940 0x3ab8 stexstor - ok

21:01:26.0987 0x3ab8 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll

21:01:27.0002 0x3ab8 stisvc - ok

21:01:27.0049 0x3ab8 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\windows\system32\drivers\storahci.sys

21:01:27.0049 0x3ab8 storahci - ok

21:01:27.0096 0x3ab8 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys

21:01:27.0096 0x3ab8 storflt - ok

21:01:27.0112 0x3ab8 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll

21:01:27.0127 0x3ab8 StorSvc - ok

21:01:27.0143 0x3ab8 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys

21:01:27.0143 0x3ab8 storvsc - ok

21:01:27.0159 0x3ab8 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll

21:01:27.0159 0x3ab8 svsvc - ok

21:01:27.0174 0x3ab8 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys

21:01:27.0174 0x3ab8 swenum - ok

21:01:27.0206 0x3ab8 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll

21:01:27.0206 0x3ab8 swprv - ok

21:01:27.0284 0x3ab8 SWUpdateService - ok

21:01:27.0346 0x3ab8 [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS

21:01:27.0346 0x3ab8 SymDS - ok

21:01:27.0393 0x3ab8 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS

21:01:27.0424 0x3ab8 SymEFA - ok

21:01:27.0456 0x3ab8 [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM C:\windows\system32\drivers\NISx64\1404000.028\SymELAM.sys

21:01:27.0456 0x3ab8 SymELAM - ok

21:01:27.0502 0x3ab8 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS

21:01:27.0502 0x3ab8 SymEvent - ok

21:01:27.0549 0x3ab8 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS

21:01:27.0549 0x3ab8 SymIRON - ok

21:01:27.0596 0x3ab8 [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS

21:01:27.0596 0x3ab8 SymNetS - ok

21:01:27.0690 0x3ab8 [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain C:\windows\system32\sysmain.dll

21:01:27.0706 0x3ab8 SysMain - ok

21:01:27.0749 0x3ab8 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll

21:01:27.0749 0x3ab8 SystemEventsBroker - ok

21:01:27.0780 0x3ab8 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll

21:01:27.0796 0x3ab8 TabletInputService - ok

21:01:27.0811 0x3ab8 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll

21:01:27.0811 0x3ab8 TapiSrv - ok

21:01:27.0874 0x3ab8 [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip C:\windows\system32\drivers\tcpip.sys

21:01:27.0890 0x3ab8 Tcpip - ok

21:01:27.0921 0x3ab8 [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

21:01:27.0936 0x3ab8 TCPIP6 - ok

21:01:27.0968 0x3ab8 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

21:01:27.0968 0x3ab8 tcpipreg - ok

21:01:27.0983 0x3ab8 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys

21:01:27.0983 0x3ab8 tdx - ok

21:01:27.0999 0x3ab8 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys

21:01:27.0999 0x3ab8 terminpt - ok

21:01:28.0030 0x3ab8 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll

21:01:28.0046 0x3ab8 TermService - ok

21:01:28.0061 0x3ab8 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll

21:01:28.0061 0x3ab8 Themes - ok

21:01:28.0093 0x3ab8 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll

21:01:28.0093 0x3ab8 THREADORDER - ok

21:01:28.0108 0x3ab8 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll

21:01:28.0124 0x3ab8 TimeBroker - ok

21:01:28.0155 0x3ab8 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\windows\system32\drivers\tpm.sys

21:01:28.0155 0x3ab8 TPM - ok

21:01:28.0186 0x3ab8 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll

21:01:28.0186 0x3ab8 TrkWks - ok

21:01:28.0233 0x3ab8 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

21:01:28.0249 0x3ab8 TrustedInstaller - ok

21:01:28.0280 0x3ab8 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

21:01:28.0296 0x3ab8 TsUsbFlt - ok

21:01:28.0296 0x3ab8 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys

21:01:28.0296 0x3ab8 TsUsbGD - ok

21:01:28.0327 0x3ab8 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

21:01:28.0343 0x3ab8 tunnel - ok

21:01:28.0343 0x3ab8 TVICPORT - ok

21:01:28.0374 0x3ab8 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys

21:01:28.0374 0x3ab8 uagp35 - ok

21:01:28.0374 0x3ab8 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys

21:01:28.0374 0x3ab8 UASPStor - ok

21:01:28.0405 0x3ab8 [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000 C:\windows\System32\drivers\ucx01000.sys

21:01:28.0421 0x3ab8 UCX01000 - ok

21:01:28.0436 0x3ab8 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys

21:01:28.0436 0x3ab8 udfs - ok

21:01:28.0468 0x3ab8 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe

21:01:28.0483 0x3ab8 UI0Detect - ok

21:01:28.0483 0x3ab8 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

21:01:28.0483 0x3ab8 uliagpkx - ok

21:01:28.0499 0x3ab8 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys

21:01:28.0499 0x3ab8 umbus - ok

21:01:28.0499 0x3ab8 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys

21:01:28.0499 0x3ab8 UmPass - ok

21:01:28.0530 0x3ab8 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll

21:01:28.0530 0x3ab8 UmRdpService - ok

21:01:28.0640 0x3ab8 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

21:01:28.0640 0x3ab8 UNS - ok

21:01:28.0671 0x3ab8 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll

21:01:28.0686 0x3ab8 upnphost - ok

21:01:28.0733 0x3ab8 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\windows\system32\drivers\usbaudio.sys

21:01:28.0733 0x3ab8 usbaudio - ok

21:01:28.0749 0x3ab8 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys

21:01:28.0749 0x3ab8 usbccgp - ok

21:01:28.0765 0x3ab8 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys

21:01:28.0780 0x3ab8 usbcir - ok

21:01:28.0811 0x3ab8 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\windows\System32\drivers\usbehci.sys

21:01:28.0811 0x3ab8 usbehci - ok

21:01:28.0858 0x3ab8 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\windows\System32\drivers\usbhub.sys

21:01:28.0874 0x3ab8 usbhub - ok

21:01:28.0905 0x3ab8 [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys

21:01:28.0921 0x3ab8 USBHUB3 - ok

21:01:28.0936 0x3ab8 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys

21:01:28.0936 0x3ab8 usbohci - ok

21:01:28.0968 0x3ab8 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys

21:01:28.0968 0x3ab8 usbprint - ok

21:01:28.0999 0x3ab8 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

21:01:28.0999 0x3ab8 usbscan - ok

21:01:29.0015 0x3ab8 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS

21:01:29.0015 0x3ab8 USBSTOR - ok

21:01:29.0061 0x3ab8 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\windows\System32\drivers\usbuhci.sys

21:01:29.0061 0x3ab8 usbuhci - ok

21:01:29.0077 0x3ab8 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

21:01:29.0093 0x3ab8 usbvideo - ok

21:01:29.0124 0x3ab8 [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS

21:01:29.0124 0x3ab8 USBXHCI - ok

21:01:29.0140 0x3ab8 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe

21:01:29.0155 0x3ab8 VaultSvc - ok

21:01:29.0171 0x3ab8 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

21:01:29.0171 0x3ab8 vdrvroot - ok

21:01:29.0202 0x3ab8 [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds C:\windows\System32\vds.exe

21:01:29.0218 0x3ab8 vds - ok

21:01:29.0218 0x3ab8 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys

21:01:29.0218 0x3ab8 VerifierExt - ok

21:01:29.0249 0x3ab8 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\windows\System32\drivers\vhdmp.sys

21:01:29.0265 0x3ab8 vhdmp - ok

21:01:29.0280 0x3ab8 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys

21:01:29.0280 0x3ab8 viaide - ok

21:01:29.0296 0x3ab8 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys

21:01:29.0296 0x3ab8 vmbus - ok

21:01:29.0311 0x3ab8 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys

21:01:29.0311 0x3ab8 VMBusHID - ok

21:01:29.0343 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll

21:01:29.0343 0x3ab8 vmicheartbeat - ok

21:01:29.0358 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll

21:01:29.0358 0x3ab8 vmickvpexchange - ok

21:01:29.0358 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll

21:01:29.0374 0x3ab8 vmicrdv - ok

21:01:29.0374 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll

21:01:29.0374 0x3ab8 vmicshutdown - ok

21:01:29.0390 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll

21:01:29.0390 0x3ab8 vmictimesync - ok

21:01:29.0390 0x3ab8 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll

21:01:29.0390 0x3ab8 vmicvss - ok

21:01:29.0405 0x3ab8 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys

21:01:29.0405 0x3ab8 volmgr - ok

21:01:29.0421 0x3ab8 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

21:01:29.0436 0x3ab8 volmgrx - ok

21:01:29.0468 0x3ab8 [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap C:\windows\system32\drivers\volsnap.sys

21:01:29.0468 0x3ab8 volsnap - ok

21:01:29.0483 0x3ab8 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys

21:01:29.0483 0x3ab8 vpci - ok

21:01:29.0483 0x3ab8 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

21:01:29.0499 0x3ab8 vsmraid - ok

21:01:29.0546 0x3ab8 [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS C:\windows\system32\vssvc.exe

21:01:29.0577 0x3ab8 VSS - ok

21:01:29.0593 0x3ab8 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys

21:01:29.0593 0x3ab8 VSTXRAID - ok

21:01:29.0608 0x3ab8 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys

21:01:29.0608 0x3ab8 vwifibus - ok

21:01:29.0624 0x3ab8 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

21:01:29.0624 0x3ab8 vwififlt - ok

21:01:29.0640 0x3ab8 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

21:01:29.0640 0x3ab8 vwifimp - ok

21:01:29.0655 0x3ab8 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll

21:01:29.0671 0x3ab8 W32Time - ok

21:01:29.0671 0x3ab8 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys

21:01:29.0671 0x3ab8 WacomPen - ok

21:01:29.0702 0x3ab8 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys

21:01:29.0718 0x3ab8 Wanarp - ok

21:01:29.0722 0x3ab8 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

21:01:29.0722 0x3ab8 Wanarpv6 - ok

21:01:29.0745 0x3ab8 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe

21:01:29.0777 0x3ab8 wbengine - ok

21:01:29.0792 0x3ab8 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

21:01:29.0792 0x3ab8 WbioSrvc - ok

21:01:29.0808 0x3ab8 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll

21:01:29.0808 0x3ab8 Wcmsvc - ok

21:01:29.0839 0x3ab8 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll

21:01:29.0855 0x3ab8 wcncsvc - ok

21:01:29.0870 0x3ab8 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

21:01:29.0870 0x3ab8 WcsPlugInService - ok

21:01:29.0886 0x3ab8 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys

21:01:29.0902 0x3ab8 Wd - ok

21:01:29.0933 0x3ab8 [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot C:\windows\system32\drivers\WdBoot.sys

21:01:29.0933 0x3ab8 WdBoot - ok

21:01:29.0980 0x3ab8 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

21:01:29.0980 0x3ab8 Wdf01000 - ok

21:01:30.0011 0x3ab8 [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter C:\windows\system32\drivers\WdFilter.sys

21:01:30.0011 0x3ab8 WdFilter - ok

21:01:30.0042 0x3ab8 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll

21:01:30.0042 0x3ab8 WdiServiceHost - ok

21:01:30.0058 0x3ab8 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll

21:01:30.0058 0x3ab8 WdiSystemHost - ok

21:01:30.0089 0x3ab8 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll

21:01:30.0089 0x3ab8 WebClient - ok

21:01:30.0105 0x3ab8 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll

21:01:30.0120 0x3ab8 Wecsvc - ok

21:01:30.0120 0x3ab8 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll

21:01:30.0136 0x3ab8 wercplsupport - ok

21:01:30.0167 0x3ab8 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\windows\System32\WerSvc.dll

21:01:30.0167 0x3ab8 WerSvc - ok

21:01:30.0214 0x3ab8 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys

21:01:30.0214 0x3ab8 WFPLWFS - ok

21:01:30.0230 0x3ab8 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll

21:01:30.0230 0x3ab8 WiaRpc - ok

21:01:30.0245 0x3ab8 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys

21:01:30.0245 0x3ab8 WIMMount - ok

21:01:30.0277 0x3ab8 WinDefend - ok

21:01:30.0324 0x3ab8 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll

21:01:30.0355 0x3ab8 WinHttpAutoProxySvc - ok

21:01:30.0402 0x3ab8 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

21:01:30.0402 0x3ab8 Winmgmt - ok

21:01:30.0495 0x3ab8 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll

21:01:30.0527 0x3ab8 WinRM - ok

21:01:30.0558 0x3ab8 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

21:01:30.0558 0x3ab8 WinUsb - ok

21:01:30.0605 0x3ab8 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll

21:01:30.0636 0x3ab8 WlanSvc - ok

21:01:30.0792 0x3ab8 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll

21:01:30.0824 0x3ab8 wlidsvc - ok

21:01:30.0839 0x3ab8 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys

21:01:30.0855 0x3ab8 WmiAcpi - ok

21:01:30.0870 0x3ab8 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

21:01:30.0886 0x3ab8 wmiApSrv - ok

21:01:30.0917 0x3ab8 WMPNetworkSvc - ok

21:01:30.0933 0x3ab8 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys

21:01:30.0933 0x3ab8 wpcfltr - ok

21:01:30.0964 0x3ab8 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll

21:01:30.0980 0x3ab8 WPCSvc - ok

21:01:31.0027 0x3ab8 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

21:01:31.0042 0x3ab8 WPDBusEnum - ok

21:01:31.0058 0x3ab8 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys

21:01:31.0074 0x3ab8 WpdUpFltr - ok

21:01:31.0136 0x3ab8 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

21:01:31.0167 0x3ab8 ws2ifsl - ok

21:01:31.0214 0x3ab8 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\windows\System32\wscsvc.dll

21:01:31.0214 0x3ab8 wscsvc - ok

21:01:31.0230 0x3ab8 WSearch - ok

21:01:31.0495 0x3ab8 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\windows\System32\WSService.dll

21:01:31.0558 0x3ab8 WSService - ok

21:01:31.0945 0x3ab8 [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv C:\windows\system32\wuaueng.dll

21:01:31.0992 0x3ab8 wuauserv - ok

21:01:32.0039 0x3ab8 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

21:01:32.0054 0x3ab8 WudfPf - ok

21:01:32.0101 0x3ab8 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys

21:01:32.0101 0x3ab8 WUDFRd - ok

21:01:32.0179 0x3ab8 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

21:01:32.0179 0x3ab8 wudfsvc - ok

21:01:32.0195 0x3ab8 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys

21:01:32.0211 0x3ab8 WUDFWpdFs - ok

21:01:32.0226 0x3ab8 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys

21:01:32.0226 0x3ab8 WUDFWpdMtp - ok

21:01:32.0304 0x3ab8 [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc C:\windows\System32\wwansvc.dll

21:01:32.0336 0x3ab8 WwanSvc - ok

21:01:32.0445 0x3ab8 [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

21:01:32.0476 0x3ab8 ZAtheros Bt and Wlan Coex Agent - ok

21:01:32.0492 0x3ab8 ================ Scan global ===============================

21:01:32.0523 0x3ab8 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll

21:01:32.0617 0x3ab8 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll

21:01:32.0711 0x3ab8 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll

21:01:32.0930 0x3ab8 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe

21:01:32.0976 0x3ab8 [Global] - ok

21:01:32.0976 0x3ab8 ================ Scan MBR ==================================

21:01:33.0023 0x3ab8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

21:01:33.0055 0x3ab8 \Device\Harddisk0\DR0 - ok

21:01:33.0055 0x3ab8 ================ Scan VBR ==================================

21:01:33.0101 0x3ab8 [ CC2784A4EC035221AC986C81781839BB ] \Device\Harddisk0\DR0\Partition1

21:01:33.0117 0x3ab8 \Device\Harddisk0\DR0\Partition1 - ok

21:01:33.0117 0x3ab8 [ 9F895CF74F80DCA62F5BC4285160E86E ] \Device\Harddisk0\DR0\Partition2

21:01:33.0133 0x3ab8 \Device\Harddisk0\DR0\Partition2 - ok

21:01:33.0133 0x3ab8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3

21:01:33.0133 0x3ab8 \Device\Harddisk0\DR0\Partition3 - ok

21:01:33.0148 0x3ab8 [ C4EAF136F1D098AB9832AE7B3E8EFB59 ] \Device\Harddisk0\DR0\Partition4

21:01:33.0195 0x3ab8 \Device\Harddisk0\DR0\Partition4 - ok

21:01:33.0226 0x3ab8 [ 1EA404DF0DF43BA9AF1CF08B35214939 ] \Device\Harddisk0\DR0\Partition5

21:01:33.0258 0x3ab8 \Device\Harddisk0\DR0\Partition5 - ok

21:01:33.0305 0x3ab8 [ 06A69D92333528D3851ED7D2DC64612B ] \Device\Harddisk0\DR0\Partition6

21:01:33.0305 0x3ab8 \Device\Harddisk0\DR0\Partition6 - ok

21:01:33.0305 0x3ab8 ============================================================

21:01:33.0305 0x3ab8 Scan finished

21:01:33.0305 0x3ab8 ============================================================

21:01:33.0336 0x2494 Detected object count: 0

21:01:33.0336 0x2494 Actual detected object count: 0



#5 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 08:02 PM

# AdwCleaner v3.002 - Report created 06/09/2013 at 18:43:02
# Updated 01/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Rezwanur - BENGALTIGER
# Running from : C:\Users\Rezwanur\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Public\Desktop\speedupmypc.lnk
File Found : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\searchplugins\Conduit.xml
File Found : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\user.js
File Found : C:\windows\System32\Tasks\SpeedUpMyPC
File Found : C:\windows\System32\Tasks\spmonitor
File Found : C:\windows\Tasks\SpeedUpMyPC.job
File Found : C:\windows\Tasks\spmonitor.job
Folder Found : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Found : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\Extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Folder Found C:\Users\Rezwanur\AppData\Local\Conduit
Folder Found C:\Users\Rezwanur\AppData\Local\Temp\AirInstaller
Folder Found C:\Users\Rezwanur\AppData\Local\Temp\CT3289847
Folder Found C:\Users\Rezwanur\AppData\Local\Temp\CT3298580
Folder Found C:\Users\Rezwanur\AppData\LocalLow\Conduit
Folder Found C:\Users\Rezwanur\AppData\LocalLow\PriceGong
Folder Found C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\CT3289847
Folder Found C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\CT3298580
Folder Found C:\Users\Rezwanur\AppData\Roaming\Uniblue\SpeedUpMyPC

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\wecarereminder
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\wecarereminder
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298580
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Uniblue\SpeedUpMyPC

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\prefs.js ]

Line Found : user_pref("CT3289847.FF19Solved", "true");
Line Found : user_pref("CT3289847.UserID", "UN35993268051929624");
Line Found : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3289847.fullUserID", "UN35993268051929624.IN.20130902133501");
Line Found : user_pref("CT3289847.installDate", "02/09/2013 13:35:03");
Line Found : user_pref("CT3289847.installSessionId", "{F04C813C-7788-4B0B-9FB4-B89E404E5F32}");
Line Found : user_pref("CT3289847.installSp", "false");
Line Found : user_pref("CT3289847.installerVersion", "1.6.1.2");
Line Found : user_pref("CT3289847.keyword", "true");
Line Found : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298580&CUI=UN36619822001018219&UM=2&SearchSource=13");
Line Found : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=");
Line Found : user_pref("CT3289847.originalSearchEngine", "MixiDJ V44 Customized Web Search");
Line Found : user_pref("CT3289847.originalSearchEngineName", "MixiDJ V44 Customized Web Search");
Line Found : user_pref("CT3289847.searchRevert", "true");
Line Found : user_pref("CT3289847.searchUserMode", "2");
Line Found : user_pref("CT3289847.smartbar.homepage", "true");
Line Found : user_pref("CT3289847.versionFromInstaller", "10.19.2.5");
Line Found : user_pref("CT3289847.xpeMode", "0");
Line Found : user_pref("CT3298580.FF19Solved", "true");
Line Found : user_pref("CT3298580.UserID", "UN36619822001018219");
Line Found : user_pref("CT3298580.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3298580.fullUserID", "UN36619822001018219.IN.20130830162252");
Line Found : user_pref("CT3298580.installDate", "30/08/2013 16:22:58");
Line Found : user_pref("CT3298580.installSessionId", "{AF21429D-3558-4E02-B4C7-C124D33FDC6E}");
Line Found : user_pref("CT3298580.installSp", "TRUE");
Line Found : user_pref("CT3298580.installerVersion", "1.6.1.2");
Line Found : user_pref("CT3298580.keyword", "true");
Line Found : user_pref("CT3298580.originalHomepage", "about:home");
Line Found : user_pref("CT3298580.originalSearchAddressUrl", "");
Line Found : user_pref("CT3298580.originalSearchEngine", "");
Line Found : user_pref("CT3298580.originalSearchEngineName", "");
Line Found : user_pref("CT3298580.searchRevert", "false");
Line Found : user_pref("CT3298580.searchUserMode", "2");
Line Found : user_pref("CT3298580.smartbar.homepage", "true");
Line Found : user_pref("CT3298580.versionFromInstaller", "10.19.2.5");
Line Found : user_pref("CT3298580.xpeMode", "0");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=");
Line Found : user_pref("browser.search.defaultenginename", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN35993268051929624&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN35993268051929624&UM=2&SearchSource=13");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN35993268051929624&UM=2&q=");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298580&CUI=UN36619822001018219&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN35993268051929624&UM=2[...]
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.machineId", "HPFX7/HGTSXSVXUY3PBS5WNRT4Y5D9FOCUXHKRJE3UVZAV2SMA64OQIXXWVCJ+UCRMRAUCU+2X1PK5PE6YPGMA");

[ File : C:\Users\Rez\AppData\Roaming\Mozilla\Firefox\Profiles\5tl2kkrw.default\prefs.js ]

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Rezwanur\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8539 octets] - [06/09/2013 18:43:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8599 octets] ##########



#6 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 08:04 PM

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sp_move_serial.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Users\Rez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GDRJRRB5\speedupmypc.exe Win32/SpeedUpMyPC.A application cleaned by deleting - quarantined
C:\Users\Rezwanur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05A6M41B\Setup.exe a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined
C:\Users\Rezwanur\AppData\Local\Temp\Optimizer_Pro.exe multiple threats cleaned by deleting - quarantined


Edited by boopme, 06 September 2013 - 08:25 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:41 AM

Posted 06 September 2013 - 08:27 PM

Good lets finish up
Double click on AdwCleaner.exe to run the tool again.thisisujrt.gif

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

 

  • Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

Edited by boopme, 06 September 2013 - 08:27 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 08:42 PM

# AdwCleaner v3.002 - Report created 06/09/2013 at 21:38:58
# Updated 01/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Rezwanur - BENGALTIGER
# Running from : C:\Users\Rezwanur\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Rezwanur\AppData\Local\Conduit
Folder Deleted : C:\Users\Rezwanur\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Rezwanur\AppData\Local\Temp\CT3289847
Folder Deleted : C:\Users\Rezwanur\AppData\Local\Temp\CT3298580
Folder Deleted : C:\Users\Rezwanur\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Rezwanur\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\CT3289847
Folder Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\CT3298580
Folder Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\Extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}
File Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\user.js
File Deleted : C:\windows\Tasks\SpeedUpMyPC.job
File Deleted : C:\windows\System32\Tasks\SpeedUpMyPC
File Deleted : C:\windows\Tasks\spmonitor.job
File Deleted : C:\windows\System32\Tasks\spmonitor

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298580
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\Rezwanur\AppData\Roaming\Mozilla\Firefox\Profiles\3dvps9tp.default\prefs.js ]

Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.UserID", "UN35993268051929624");
Line Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289847.fullUserID", "UN35993268051929624.IN.20130902133501");
Line Deleted : user_pref("CT3289847.installDate", "02/09/2013 13:35:03");
Line Deleted : user_pref("CT3289847.installSessionId", "{F04C813C-7788-4B0B-9FB4-B89E404E5F32}");
Line Deleted : user_pref("CT3289847.installSp", "false");
Line Deleted : user_pref("CT3289847.installerVersion", "1.6.1.2");
Line Deleted : user_pref("CT3289847.keyword", "true");
Line Deleted : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298580&CUI=UN36619822001018219&UM=2&SearchSource=13");
Line Deleted : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=");
Line Deleted : user_pref("CT3289847.originalSearchEngine", "MixiDJ V44 Customized Web Search");
Line Deleted : user_pref("CT3289847.originalSearchEngineName", "MixiDJ V44 Customized Web Search");
Line Deleted : user_pref("CT3289847.searchRevert", "true");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289847.versionFromInstaller", "10.19.2.5");
Line Deleted : user_pref("CT3289847.xpeMode", "0");
Line Deleted : user_pref("CT3298580.FF19Solved", "true");
Line Deleted : user_pref("CT3298580.UserID", "UN36619822001018219");
Line Deleted : user_pref("CT3298580.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3298580.fullUserID", "UN36619822001018219.IN.20130830162252");
Line Deleted : user_pref("CT3298580.installDate", "30/08/2013 16:22:58");
Line Deleted : user_pref("CT3298580.installSessionId", "{AF21429D-3558-4E02-B4C7-C124D33FDC6E}");
Line Deleted : user_pref("CT3298580.installSp", "TRUE");
Line Deleted : user_pref("CT3298580.installerVersion", "1.6.1.2");
Line Deleted : user_pref("CT3298580.keyword", "true");
Line Deleted : user_pref("CT3298580.originalHomepage", "about:home");
Line Deleted : user_pref("CT3298580.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3298580.originalSearchEngine", "");
Line Deleted : user_pref("CT3298580.originalSearchEngineName", "");
Line Deleted : user_pref("CT3298580.searchRevert", "false");
Line Deleted : user_pref("CT3298580.searchUserMode", "2");
Line Deleted : user_pref("CT3298580.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298580.versionFromInstaller", "10.19.2.5");
Line Deleted : user_pref("CT3298580.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=");
Line Deleted : user_pref("browser.search.defaultenginename", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN35993268051929624&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN35993268051929624&UM=2&SearchSource=13");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN35993268051929624&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298580&CUI=UN36619822001018219&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN35993268051929624&UM=2[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&SearchSource=2&CUI=UN36619822001018219&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.machineId", "HPFX7/HGTSXSVXUY3PBS5WNRT4Y5D9FOCUXHKRJE3UVZAV2SMA64OQIXXWVCJ+UCRMRAUCU+2X1PK5PE6YPGMA");

[ File : C:\Users\Rez\AppData\Roaming\Mozilla\Firefox\Profiles\5tl2kkrw.default\prefs.js ]

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Rezwanur\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8691 octets] - [06/09/2013 18:43:02]
AdwCleaner[R1].txt - [8238 octets] - [06/09/2013 21:37:39]
AdwCleaner[S0].txt - [8178 octets] - [06/09/2013 21:38:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8238 octets] ##########



#9 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 06 September 2013 - 08:54 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Windows 8 x64
Ran by Rezwanur on Fri 09/06/2013 at 21:47:35.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsparty
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1F4F5B04-A900-482B-A1B4-51BD8F6112E3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33AE6CAC-5277-4060-A462-C098F0A67A2A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5685A867-4C68-4332-A778-9E5197393280}

 

~~~ Files

 

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"

 

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/06/2013 at 21:53:27.86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:41 AM

Posted 07 September 2013 - 08:47 PM

How is it now..
 
I want to check for a rootkit

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 09 September 2013 - 09:15 PM

It's working great now. Sorry, I was away yesterday. Thank you again for your help. Here is the log. 

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-08 01:56:44
-----------------------------
01:56:44.188    OS Version: Windows x64 6.2.9200
01:56:44.188    Number of processors: 4 586 0x3A09
01:56:44.188    ComputerName: BENGALTIGER  UserName: Rezwanur
01:56:44.188    Initialze error 1
01:56:59.815    The log file has been saved successfully to "C:\Users\Rezwanur\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-09 22:10:26
-----------------------------
22:10:26.560    OS Version: Windows x64 6.2.9200
22:10:26.560    Number of processors: 4 586 0x3A09
22:10:26.560    ComputerName: BENGALTIGER  UserName: Rezwanur
22:10:26.857    Initialze error 1
22:12:02.041    AVAST engine defs: 13090901
22:12:05.035    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003d
22:12:05.035    Disk 0 Vendor: ST500LM012_HN-M500MBB 2AR10002 Size: 476940MB BusType: 11
22:12:05.082    Disk 0 MBR read successfully
22:12:05.082    Disk 0 MBR scan
22:12:05.097    Disk 0 unknown MBR code
22:12:05.097    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
22:12:05.113    Disk 0 scanning C:\windows\system32\drivers
22:12:05.113    Service scanning
22:12:05.722    Modules scanning
22:12:05.722    Disk 0 trace - called modules:
22:12:05.738    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
22:12:05.738    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c0d060]
22:12:05.754    3 CLASSPNP.SYS[fffff88001c01fea] -> nt!IofCallDriver -> \Device\0000003d[0xfffffa800436b060]
22:12:05.769    AVAST engine scan C:\windows
22:12:05.769    AVAST engine scan C:\windows\system32
22:12:05.769    AVAST engine scan C:\windows\system32\drivers
22:12:05.785    AVAST engine scan C:\Users\Rezwanur
22:12:05.785    AVAST engine scan C:\ProgramData
22:12:05.800    Scan finished successfully
22:12:22.860    Disk 0 MBR has been saved successfully to "C:\Users\Rezwanur\Desktop\MBR.dat"
22:12:22.860    The log file has been saved successfully to "C:\Users\Rezwanur\Desktop\aswMBR.txt"

 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:41 AM

Posted 09 September 2013 - 09:29 PM

OK that is clean. You're welcome and have a great day!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Rez700

Rez700
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 10 September 2013 - 10:30 PM

Thank you!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users