Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my Laptop running normal after "ZeroConfig...." Removal Tutorial


  • This topic is locked This topic is locked
22 replies to this topic

#1 slap2442

slap2442

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 07 December 2013 - 05:53 AM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/27/2013 8:51:47 PM
System Uptime: 12/7/2013 2:24:09 AM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0GKGJG
Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz | SOCKET 0 | 1801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 438 GiB total, 243.37 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP43: 12/7/2013 1:38:31 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)  MUI
BitTorrent
Consumer In-Home Service Agreement
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Resource CD
Dell Touchpad
DSC/AA Factory Installer
IDT Audio
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Start Technology
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor 2.6
Intel® Update Manager
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® WiDi
Intel® Wireless Music device driver
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
K-Lite Codec Pack 10.1.5 Full
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
My Dell
Norton Security Suite
Photo Common
Photo Gallery
Quickset64
Realtek USB 2.0 Card Reader
Shared C Run-time for x64
System Requirements Lab for Intel
Total War ROME II
Warcraft III
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:17 PM

Posted 11 December 2013 - 09:52 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
  • ==============

    Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.

  • IMPORTANT

  • If you click the Clean button all items listed in the report will be removed.

  • If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
  • ===

    thisisujrt.gif Please download
    Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
  • ===

    HijackThis doesn't handle your version of the operating well. In your case I need to see a DDS Log.
    You should remove HijackThis using the Add/Remove Programs list. Use the DDS tool from now on.

    Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

    Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

    1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
    2: DDS.pif
    3: DDS.COM

    Double click on the DDS icon, allow it to run.
    A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    Notepad will open with the results.
    Follow the instructions that pop up for posting the results.[/list]Please note: You may have to disable any script protection running if the scan fails to run.

    dds_scr.gif

    Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.


    Please paste the logs in your next reply, DO NOT ATTACH THEM
    Let me know what problem persists.


#3 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 11 December 2013 - 08:46 PM

RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tyrone [Admin rights]
Mode : Remove -- Date : 12/11/2013 17:07:03
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) 0WDVBR10 +++++
--- User ---
[MBR] 3c8b01e94a9fb80738b62477ecf1df4a
[BSP] c648a5f4b4cf48f4f0182b392fab66f3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 28330 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 58101760 | Size: 448566 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) FFS +++++
--- User ---
[MBR] 6c38ce292d0c31ed7c069c073fa899a9
[BSP] 747a3824a56818e94f4ff267b367383f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 2048 | Size: 8190 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

Finished : << RKreport[0]_D_12112013_170703.txt >>
RKreport[0]_D_12112013_080759.txt;RKreport[0]_D_12112013_152533.txt;RKreport[0]_S_12112013_073852.txt
RKreport[0]_S_12112013_080644.txt;RKreport[0]_S_12112013_080724.txt;RKreport[0]_S_12112013_152520.txt
RKreport[0]_S_12112013_155632.txt

 

# AdwCleaner v3.015 - Report created 11/12/2013 at 17:07:52
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tyrone - TYRONE-PC
# Running from : C:\Users\Tyrone\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Tyrone\AppData\Roaming\Mozilla\Firefox\Profiles\q0x74584.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1150 octets] - [07/12/2013 00:54:02]
AdwCleaner[R1].txt - [899 octets] - [07/12/2013 00:57:05]
AdwCleaner[R2].txt - [1017 octets] - [07/12/2013 02:21:55]
AdwCleaner[R3].txt - [1138 octets] - [11/12/2013 00:48:35]
AdwCleaner[R4].txt - [1258 octets] - [11/12/2013 07:36:55]
AdwCleaner[R5].txt - [1376 octets] - [11/12/2013 08:27:19]
AdwCleaner[R6].txt - [1494 octets] - [11/12/2013 15:25:55]
AdwCleaner[R7].txt - [1615 octets] - [11/12/2013 17:07:24]
AdwCleaner[S0].txt - [1221 octets] - [07/12/2013 00:55:19]
AdwCleaner[S1].txt - [959 octets] - [07/12/2013 00:58:29]
AdwCleaner[S2].txt - [1078 octets] - [07/12/2013 02:23:40]
AdwCleaner[S3].txt - [1200 octets] - [11/12/2013 00:49:37]
AdwCleaner[S4].txt - [1320 octets] - [11/12/2013 07:37:28]
AdwCleaner[S5].txt - [1438 octets] - [11/12/2013 08:28:18]
AdwCleaner[S6].txt - [1556 octets] - [11/12/2013 15:26:48]
AdwCleaner[S7].txt - [1536 octets] - [11/12/2013 17:07:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1596 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tyrone on Wed 12/11/2013 at 17:12:18.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/11/2013 at 17:18:01.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Tyrone at 17:38:46 on 2013-12-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6010.4060 [GMT -8:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\SysWOW64\irstrtsv.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\NOTEPAD.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Windows\explorer.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coieplg.dll
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: dell.com
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{49FEA516-FFBD-41E3-BB5B-3A854B91E336} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{49FEA516-FFBD-41E3-BB5B-3A854B91E336}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{89A47D28-C597-4CF7-BE77-505795641CDA} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tyrone\AppData\Roaming\Mozilla\Firefox\Profiles\q0x74584.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-11-28 20:04; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF - ExtSQL: 2013-11-28 20:04; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-9-21 19224]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-28 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-28 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-28 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131210.001\IDSviA64.sys [2013-12-10 521816]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-28 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-28 590936]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-6 1120192]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-11-6 1361856]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-6 1140672]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-9-21 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 irstrtsv;Intel® Rapid Start Technology Service;C:\WINDOWS\SysWOW64\irstrtsv.exe [2013-9-21 193536]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [2013-11-28 264360]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2013-9-21 1695040]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-9-21 362840]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-6-25 3325232]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-28 137648]
R3 hswpan;WPAN Driver;C:\Windows\System32\drivers\hswpan.sys [2012-1-27 109056]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-10-28 449496]
R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2013-9-21 26504]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-9-21 356632]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-9-21 789272]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-9-10 25528]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-9-21 104048]
R3 SmbDrvIntel;SmbDrvIntel;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-9-21 27408]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-20 206744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-10-30 131968]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-11-6 1345920]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-9-21 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-8-6 68136]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-11-28 169752]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-10 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-9-10 35256]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-6-25 272688]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2013-9-21 314472]
S3 SmbDrvAMDASF;SmbDrvAMDASF;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-9-21 26384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-28 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
.
=============== Created Last 30 ================
.
2013-12-11 15:45:08    117464    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2013-12-11 14:04:39    --------    dc----w-    C:\Users\Tyrone\AppData\Local\MigWiz
2013-12-11 08:49:19    --------    d-----w-    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-12-11 04:57:30    9272200    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-12-11 04:28:29    --------    d-----w-    C:\Program Files\Speccy
2013-12-11 04:06:11    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-12-10 10:29:02    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\The Creative Assembly
2013-12-09 11:05:00    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-09 11:04:48    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2013-12-09 11:04:48    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2013-12-09 11:04:47    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2013-12-09 11:04:47    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2013-12-09 11:04:46    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2013-12-09 11:04:46    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2013-12-09 11:04:46    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2013-12-07 09:57:33    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-12-07 09:38:29    98816    ----a-w-    C:\Windows\sed.exe
2013-12-07 09:38:29    256000    ----a-w-    C:\Windows\PEV.exe
2013-12-07 09:38:29    208896    ----a-w-    C:\Windows\MBR.exe
2013-12-07 09:18:51    --------    d-----w-    C:\Windows\ERUNT
2013-12-07 08:53:46    --------    d-----w-    C:\AdwCleaner
2013-12-06 18:42:00    --------    d-----w-    C:\Users\Tyrone\AppData\Local\CrashDumps
2013-12-06 18:31:21    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\MPC-HC
2013-12-05 23:05:01    45056    ----a-r-    C:\Users\Tyrone\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2013-12-05 23:05:00    --------    d-----w-    C:\Windows\SysWow64\vmm32
2013-12-05 23:05:00    --------    d-----w-    C:\Program Files (x86)\Dell
2013-12-05 04:04:51    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\IDT
2013-12-02 07:23:39    --------    d-----w-    C:\Users\Tyrone\Samsung Link
2013-12-02 07:21:21    --------    d-----w-    C:\Upload
2013-12-02 07:21:13    --------    d-----w-    C:\Users\Tyrone\.swt
2013-12-02 07:21:12    --------    d-----w-    C:\Users\Tyrone\AppData\Local\SAMSUNG
2013-12-02 07:21:11    --------    d-----w-    C:\ProgramData\SAMSUNG
2013-12-02 07:21:01    --------    d-----w-    C:\Program Files\Samsung
2013-12-02 06:55:51    256088    ----a-w-    C:\Windows\System32\unrar64.dll
2013-12-02 06:55:51    217176    ----a-w-    C:\Windows\SysWow64\unrar.dll
2013-12-02 06:55:49    --------    d-----w-    C:\Program Files (x86)\K-Lite Codec Pack
2013-12-02 05:12:44    --------    d-----w-    C:\Windows\pss
2013-12-02 05:02:26    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-02 05:01:37    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-02 04:49:15    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\Malwarebytes
2013-12-02 04:48:57    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-12-02 04:48:56    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-12-02 04:48:56    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 07:15:44    --------    d-----w-    C:\ProgramData\Steam
2013-11-30 02:54:02    --------    d-----w-    C:\Program Files (x86)\Total War ROME II
2013-11-30 01:31:52    --------    d-----w-    C:\Users\Tyrone\AppData\Local\NPE
2013-11-29 18:41:11    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Diagnostics
2013-11-29 15:47:40    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Windows Live
2013-11-29 12:59:40    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Intel_Corporation
2013-11-29 12:06:34    2829    ----a-w-    C:\Windows\War3Unin.pif
2013-11-29 12:06:34    126976    ----a-w-    C:\Windows\War3Unin.exe
2013-11-29 06:43:18    --------    d-----w-    C:\Program Files (x86)\VideoLAN
2013-11-29 06:42:39    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Programs
2013-11-29 06:38:28    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\BitTorrent
2013-11-29 05:20:58    --------    d-----w-    C:\N360_BACKUP
2013-11-29 04:55:57    78936    ----a-r-    C:\Windows\System32\drivers\SymIMV.sys
2013-11-29 04:27:54    --------    d-----w-    C:\Program Files (x86)\Common Files\Symantec Shared
2013-11-29 03:57:22    --------    d-----w-    C:\ProgramData\Norton
2013-11-29 03:51:17    --------    d-----w-    C:\Users\Tyrone\AppData\Local\ID Vault
2013-11-29 03:51:17    --------    d-----w-    C:\ProgramData\IsolatedStorage
2013-11-29 03:51:06    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\ID Vault
2013-11-29 03:28:08    8199504    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-29 03:28:05    10285968    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2435E8E1-BF72-4A60-ACD6-ABD6B2B1D64F}\mpengine.dll
2013-11-28 23:51:41    --------    d-----w-    C:\ProgramData\Intel® Update Manager
2013-11-28 23:51:05    --------    d-----w-    C:\Program Files\Intel Corporation
2013-11-28 22:18:40    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Western_Digital_Technolog
2013-11-28 15:15:45    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Deployment
2013-11-28 15:15:45    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Apps
2013-11-28 15:06:54    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\PCDr
2013-11-28 13:13:30    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2013-11-28 13:13:30    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2013-11-28 13:13:30    52736    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2013-11-28 13:13:30    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2013-11-28 13:13:30    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2013-11-28 13:13:30    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2013-11-28 13:13:29    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2013-11-28 12:20:06    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Macromedia
2013-11-28 12:19:27    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Adobe
2013-11-28 12:10:34    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Mozilla
2013-11-28 12:10:33    --------    d-----w-    C:\ProgramData\Oracle
2013-11-28 12:10:24    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-28 12:08:41    --------    d-----w-    C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-28 12:04:13    --------    d-----w-    C:\Users\Tyrone\My Backup Files
2013-11-28 11:44:37    --------    d-----w-    C:\Windows\Migration
2013-11-28 11:37:27    81920    ----a-w-    C:\Windows\SysWow64\davclnt.dll
2013-11-28 11:37:27    259584    ----a-w-    C:\Windows\System32\WebClnt.dll
2013-11-28 11:37:27    205824    ----a-w-    C:\Windows\SysWow64\WebClnt.dll
2013-11-28 11:37:27    102400    ----a-w-    C:\Windows\System32\davclnt.dll
2013-11-28 11:37:26    140800    ----a-w-    C:\Windows\System32\drivers\mrxdav.sys
2013-11-28 11:37:21    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-11-28 11:37:20    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-11-28 11:37:18    197120    ----a-w-    C:\Windows\System32\credui.dll
2013-11-28 11:37:18    190464    ----a-w-    C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-28 11:37:18    168960    ----a-w-    C:\Windows\SysWow64\credui.dll
2013-11-28 11:37:18    152576    ----a-w-    C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-28 11:36:57    461312    ----a-w-    C:\Windows\System32\scavengeui.dll
2013-11-28 11:36:54    155584    ----a-w-    C:\Windows\System32\drivers\ataport.sys
2013-11-28 11:36:52    209920    ----a-w-    C:\Windows\System32\profsvc.dll
2013-11-28 11:16:47    878080    ----a-w-    C:\Windows\System32\advapi32.dll
2013-11-28 11:15:35    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2013-11-28 11:15:35    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2013-11-28 11:15:13    1474048    ----a-w-    C:\Windows\System32\crypt32.dll
2013-11-28 11:15:13    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-11-28 11:15:13    1168384    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-11-28 11:15:12    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-11-28 11:15:12    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-11-28 11:15:12    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-11-28 11:15:01    633856    ----a-w-    C:\Windows\System32\comctl32.dll
2013-11-28 11:15:01    530432    ----a-w-    C:\Windows\SysWow64\comctl32.dll
2013-11-28 11:07:39    --------    d-----w-    C:\Windows\SysWow64\Wat
2013-11-28 11:07:39    --------    d-----w-    C:\Windows\System32\Wat
2013-11-28 10:36:28    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Western_Digital
2013-11-28 10:31:59    --------    d-----w-    C:\ProgramData\Western Digital
2013-11-28 10:16:33    --------    d-----w-    C:\Windows\System32\MRT
2013-11-28 10:13:42    886784    ----a-w-    C:\Program Files\Common Files\System\wab32.dll
2013-11-28 10:13:42    708608    ----a-w-    C:\Program Files (x86)\Common Files\System\wab32.dll
2013-11-28 10:12:03    142336    ----a-w-    C:\Windows\System32\poqexec.exe
2013-11-28 10:12:03    123904    ----a-w-    C:\Windows\SysWow64\poqexec.exe
2013-11-28 10:09:24    --------    d-----w-    C:\Users\Tyrone\AppData\Local\ElevatedDiagnostics
2013-11-28 10:08:32    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2013-11-28 10:06:25    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2013-11-28 10:06:25    785624    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2013-11-28 10:06:25    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2013-11-28 10:04:57    39936    ----a-w-    C:\Windows\System32\drivers\tssecsrv.sys
2013-11-28 10:01:40    --------    d-----w-    C:\Users\Tyrone\AppData\Local\Western Digital
2013-11-28 09:04:46    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2013-11-28 09:04:35    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2013-11-28 09:04:31    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2013-11-28 09:04:30    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2013-11-28 04:58:34    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\Dell
2013-11-28 04:56:46    --------    d-----w-    C:\Users\Tyrone\AppData\Roaming\Intel Corporation
2013-11-28 04:55:20    --------    d-----w-    C:\Users\Tyrone\AppData\Local\VirtualStore
2013-11-28 04:00:08    --------    d-----w-    C:\Windows\SMINST
2013-11-15 21:49:58    279024    ----a-w-    C:\Windows\SysWow64\IntelCpHeciSvc.exe
2013-11-15 21:49:56    906224    ----a-w-    C:\Windows\System32\igfxstarter.exe
2013-11-15 21:49:56    844784    ----a-w-    C:\Windows\System32\igfxsrvc.exe
2013-11-15 21:49:56    391152    ----a-w-    C:\Windows\System32\igfxtray.exe
2013-11-15 21:49:54    771056    ----a-w-    C:\Windows\System32\hkcmd.exe
2013-11-15 21:49:54    770032    ----a-w-    C:\Windows\System32\igfxpers.exe
2013-11-15 21:49:54    393712    ----a-w-    C:\Windows\System32\igfxext.exe
2013-11-15 21:49:52    7588336    ----a-w-    C:\Windows\System32\GfxUIEx.exe
2013-11-15 21:49:52    754672    ----a-w-    C:\Windows\System32\GfxUIHotKeyMenu.exe
2013-11-15 21:49:52    530928    ----a-w-    C:\Windows\System32\DPTopologyApp.exe
2013-11-15 21:49:50    396784    ----a-w-    C:\Windows\System32\CustomModeApp.exe
2013-11-15 21:49:50    153072    ----a-w-    C:\Windows\System32\difx64.exe
.
==================== Find3M  ====================
.
2013-12-11 04:57:38    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 04:57:38    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-29 04:03:49    177752    ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-11-28 11:16:47    859648    ----a-w-    C:\Windows\System32\tdh.dll
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-11 13:50:16    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-28 22:13:24    449496    ----a-w-    C:\Windows\System32\drivers\IntcDAud.sys
2013-10-28 22:13:24    182784    ----a-w-    C:\Windows\System32\igfxCoIn_v3345.dll
2013-10-28 22:02:06    6141440    ----a-w-    C:\Windows\SysWow64\ig7icd32.dll
2013-10-28 22:02:00    317440    ----a-w-    C:\Windows\SysWow64\igdmd32.dll
2013-10-28 22:01:52    11434496    ----a-w-    C:\Windows\SysWow64\igdumdim32.dll
2013-10-28 22:01:42    13207552    ----a-w-    C:\Windows\SysWow64\igd10iumd32.dll
2013-10-28 22:01:40    182272    ----a-w-    C:\Windows\SysWow64\igdde32.dll
2013-10-28 22:01:34    142848    ----a-w-    C:\Windows\SysWow64\igdail32.dll
2013-10-28 22:01:26    492032    ----a-w-    C:\Windows\SysWow64\igfxdv32.dll
2013-10-28 22:01:22    25088    ----a-w-    C:\Windows\SysWow64\igfxexps32.dll
2013-10-28 21:58:54    2977792    ----a-w-    C:\Windows\SysWow64\igdrcl32.dll
2013-10-28 21:58:54    290816    ----a-w-    C:\Windows\SysWow64\igdbcl32.dll
2013-10-28 21:58:54    253440    ----a-w-    C:\Windows\SysWow64\IntelOpenCL32.dll
2013-10-28 21:58:52    20919808    ----a-w-    C:\Windows\SysWow64\igdfcl32.dll
2013-10-28 21:57:30    3304960    ----a-w-    C:\Windows\System32\igdrcl64.dll
2013-10-28 21:57:30    304640    ----a-w-    C:\Windows\System32\IntelOpenCL64.dll
2013-10-28 21:57:28    329216    ----a-w-    C:\Windows\System32\igdbcl64.dll
2013-10-28 21:57:26    25947136    ----a-w-    C:\Windows\System32\igdfcl64.dll
2013-10-28 21:50:20    2065920    ----a-w-    C:\Windows\System32\igfxcmjit64.dll
2013-10-28 21:50:20    1815040    ----a-w-    C:\Windows\SysWow64\igfxcmjit32.dll
2013-10-28 21:50:20    159232    ----a-w-    C:\Windows\System32\igfxcmrt64.dll
2013-10-28 21:50:20    150016    ----a-w-    C:\Windows\System32\igfx11cmrt64.dll
2013-10-28 21:50:20    133120    ----a-w-    C:\Windows\SysWow64\igfxcmrt32.dll
2013-10-28 21:50:20    128512    ----a-w-    C:\Windows\SysWow64\igfx11cmrt32.dll
2013-10-28 21:49:24    4439040    ----a-w-    C:\Windows\System32\igdusc64.dll
2013-10-28 21:49:10    3528704    ----a-w-    C:\Windows\SysWow64\igdusc32.dll
2013-10-19 02:18:57    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39    156160    ----a-w-    C:\Windows\System32\cscript.exe
2013-10-12 01:33:26    168960    ----a-w-    C:\Windows\System32\wscript.exe
2013-10-12 01:15:48    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
2013-10-07 22:52:30    64000    ----a-w-    C:\Windows\System32\OpenCL.dll
2013-10-07 22:52:30    64000    ----a-w-    C:\Windows\System32\Intel_OpenCL_ICD64.dll
2013-10-07 22:52:30    60416    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2013-10-07 22:52:30    60416    ----a-w-    C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
2013-10-07 22:52:28    214528    ----a-w-    C:\Windows\System32\iglhcp64.dll
2013-10-07 22:52:28    179712    ----a-w-    C:\Windows\SysWow64\iglhcp32.dll
2013-10-07 22:52:28    1127424    ----a-w-    C:\Windows\System32\iglhsip64.dll
2013-10-07 22:52:28    1123328    ----a-w-    C:\Windows\SysWow64\iglhsip32.dll
2013-10-04 02:16:30    116736    ----a-w-    C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:36:04    230400    ----a-w-    C:\Windows\System32\drivers\portcls.sys
2013-10-03 02:23:48    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-09-27 03:18:30    1147480    ----a-r-    C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
2013-09-27 02:45:56    264280    ----a-r-    C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
2013-09-27 02:26:03    858200    ----a-r-    C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-09-26 03:28:00    590936    ----a-r-    C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-09-26 02:50:25    162392    ----a-r-    C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
2013-09-25 02:26:40    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40    154560    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33    28672    ----a-w-    C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33    135680    ----a-w-    C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01    28160    ----a-w-    C:\Windows\System32\secur32.dll
2013-09-25 02:22:59    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-09-25 02:21:50    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07    1447936    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24    30720    ----a-w-    C:\Windows\System32\lsass.exe
2013-09-21 21:16:32    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
.
============= FINISH: 17:38:57.50 =========

 

firefox browser seems to be hijacked... search results are weird and not sure what to trust...


 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:17 PM

Posted 12 December 2013 - 09:07 AM




Remove Firefox using the Add/Remove Programs.
Restart the computer normally
Reinstall the browser.

I suggest you save your bookmarks before remove Firefox.
Restore bookmarks from backup or move them to another computer
https://support.mozilla.org/en-US/kb/restore-bookmarks-from-backup-or-move-them
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Keep me posted.

#5 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 12 December 2013 - 11:32 AM

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Security Suite   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

 

 

Internet is running great now! Thank you very much... I am still worried about norton and the utilities / driviers funtioning properly after the factory restore



#6 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 12 December 2013 - 12:22 PM

Also... After running startup manager with norton, I noticed wscript.exe was on the list. I disabled it from running at start up when I noticed things were acting funny...



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:17 PM

Posted 12 December 2013 - 01:41 PM

You are looking good.

Any remaining issues?

#8 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 13 December 2013 - 05:43 AM

its all back! :(

 

ComboFix 13-12-13.01 - Tyrone 12/13/2013   2:35.6.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6010.3799 [GMT -8:00]
Running from: c:\users\Tyrone\Desktop\CPU Tools\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6422\AddOnDownloaded\02d6010d-b288-4157-bbcc-a3d510d3fba5.dll
c:\programdata\PCDr\6422\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
c:\programdata\PCDr\6422\AddOnDownloaded\0d06f79c-d0e6-4610-9a2b-d8f1a48f4252.dll
c:\programdata\PCDr\6422\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6422\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6422\AddOnDownloaded\143c46ba-b979-4e38-9815-2373de9333aa.dll
c:\programdata\PCDr\6422\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6422\AddOnDownloaded\1aff7cd0-71c5-4682-8a81-f3488d648a52.dll
c:\programdata\PCDr\6422\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6422\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6422\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6422\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6422\AddOnDownloaded\2c784c13-702f-431e-a492-e9dddd757b25.dll
c:\programdata\PCDr\6422\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6422\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6422\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6422\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6422\AddOnDownloaded\3cb2cbfc-72a8-4ae7-9061-1a58b1505327.dll
c:\programdata\PCDr\6422\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll
c:\programdata\PCDr\6422\AddOnDownloaded\409161a3-28c9-4482-9613-e7ca2e306fef.dll
c:\programdata\PCDr\6422\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6422\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6422\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6422\AddOnDownloaded\4c09e0ec-d531-4d04-a038-3dd30a795474.dll
c:\programdata\PCDr\6422\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6422\AddOnDownloaded\5c103ca5-8249-401b-a699-41d0a39023f4.dll
c:\programdata\PCDr\6422\AddOnDownloaded\5eb0ad41-431b-4bf8-b498-110b0b5cd0ab.dll
c:\programdata\PCDr\6422\AddOnDownloaded\61c13bfc-28f4-44bc-beec-efa429fa40f0.dll
c:\programdata\PCDr\6422\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6422\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6422\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6422\AddOnDownloaded\6edf11af-92e6-490d-af58-febeeb0cdb04.dll
c:\programdata\PCDr\6422\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6422\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll
c:\programdata\PCDr\6422\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6422\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6422\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6422\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6422\AddOnDownloaded\8d529c31-eeb1-4b4d-ab7e-98a38b1abf60.dll
c:\programdata\PCDr\6422\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll
c:\programdata\PCDr\6422\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6422\AddOnDownloaded\9d97f346-8efc-4e33-9c3b-3eef6c324e61.dll
c:\programdata\PCDr\6422\AddOnDownloaded\9e7391aa-d9c2-4547-bdb7-737a833083a2.dll
c:\programdata\PCDr\6422\AddOnDownloaded\9ed1246c-39a1-403b-9134-f313ebd75cb8.dll
c:\programdata\PCDr\6422\AddOnDownloaded\a42876a0-cd50-444f-b999-c31d0b73f57c.dll
c:\programdata\PCDr\6422\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6422\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6422\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6422\AddOnDownloaded\b347630c-35c1-4199-a3e2-2eea8f11e228.dll
c:\programdata\PCDr\6422\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6422\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
c:\programdata\PCDr\6422\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
c:\programdata\PCDr\6422\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6422\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6422\AddOnDownloaded\c4f346c1-09ef-4c0a-846d-8ca41f94690b.dll
c:\programdata\PCDr\6422\AddOnDownloaded\c6ca3141-c4ef-404d-b1c2-840d38395e80.dll
c:\programdata\PCDr\6422\AddOnDownloaded\cadaa395-f50b-45c6-81f6-b5aaa3c5efba.dll
c:\programdata\PCDr\6422\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6422\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6422\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6422\AddOnDownloaded\dde43788-ba3c-4b88-bc8a-de8a0eb22c79.dll
c:\programdata\PCDr\6422\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6422\AddOnDownloaded\e13c218f-cd37-454b-a187-3381a9945752.dll
c:\programdata\PCDr\6422\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6422\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ec1edaed-f34f-4e3a-96eb-bbdad2af9a8a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f586fa98-17b8-498c-9c59-24de5750efab.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f63e05a5-1f40-4c42-b80a-d0995b6e38a7.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f73e8868-a1f5-4756-9eae-b4ffc305f35a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f80f957a-a781-4825-977a-a4ab79468916.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\programdata\PCDr\6422\AddOnDownloaded\fc470dbb-846d-42d3-bb0a-6363a559f3fb.dll
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-13 to 2013-12-13  )))))))))))))))))))))))))))))))
.
.
2013-12-13 10:39 . 2013-12-13 10:39    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-12-12 23:38 . 2013-12-12 23:38    --------    d-----w-    c:\programdata\Intel® Update Manager
2013-12-12 23:38 . 2013-12-12 23:38    --------    d-----w-    c:\program files\Intel Corporation
2013-12-12 23:36 . 2013-12-12 23:36    --------    d-----w-    c:\windows\LastGood
2013-12-12 23:28 . 2013-12-12 23:28    --------    d-----w-    c:\program files (x86)\SystemRequirementsLab
2013-12-12 23:05 . 2013-12-12 23:05    --------    d-----w-    c:\program files (x86)\Common Files\Western Digital
2013-12-12 23:05 . 2013-12-12 23:05    --------    d-----w-    c:\program files (x86)\Western Digital
2013-12-12 23:05 . 2013-12-12 23:05    --------    d-----w-    c:\program files\Common Files\Western Digital
2013-12-12 23:04 . 2013-12-13 00:06    --------    d-----w-    c:\programdata\Package Cache
2013-12-12 22:51 . 2012-01-05 20:28    2603864    ------w-    c:\windows\system32\WavesGUILib64.dll
2013-12-12 22:51 . 2012-01-05 20:28    1468760    ------w-    c:\windows\system32\MaxxAudioIDT64.dll
2013-12-12 22:51 . 2013-12-12 22:51    --------    d-----w-    c:\program files\IDT
2013-12-12 22:08 . 2013-12-12 22:08    --------    d-----w-    c:\program files\WDCSAM
2013-12-12 22:06 . 2013-12-12 22:06    --------    d-----w-    c:\program files\Western Digital
2013-12-12 22:02 . 2012-03-28 03:21    193536    ----a-w-    c:\windows\SysWow64\irstrtsv.exe
2013-12-12 22:00 . 2013-12-12 22:00    --------    d-----w-    c:\program files (x86)\Realtek
2013-12-12 22:00 . 2012-03-20 01:43    9888872    ----a-w-    c:\windows\SysWow64\RtsUVStoricon.dll
2013-12-12 16:52 . 2013-12-12 16:52    --------    d-----w-    c:\program files\HitmanPro
2013-12-12 16:50 . 2013-12-12 16:54    --------    d-----w-    c:\programdata\HitmanPro
2013-12-12 14:44 . 2013-12-12 14:44    --------    d-----w-    c:\program files (x86)\Mozilla Maintenance Service
2013-12-11 04:57 . 2013-12-11 04:57    9272200    ----a-w-    c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-11 04:28 . 2013-12-11 04:32    --------    d-----w-    c:\program files\Speccy
2013-12-11 04:06 . 2013-10-30 02:32    335360    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-09 11:05 . 2012-07-26 04:47    2560    ----a-w-    c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-09 11:04 . 2012-07-26 02:26    87040    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2013-12-09 11:04 . 2012-07-26 02:26    198656    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2013-12-09 11:04 . 2012-07-26 03:08    84992    ----a-w-    c:\windows\system32\WUDFSvc.dll
2013-12-09 11:04 . 2012-07-26 03:08    194048    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2013-12-09 11:04 . 2012-07-26 03:08    229888    ----a-w-    c:\windows\system32\WUDFHost.exe
2013-12-09 11:04 . 2012-07-26 03:08    744448    ----a-w-    c:\windows\system32\WUDFx.dll
2013-12-09 11:04 . 2012-07-26 03:08    45056    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2013-12-07 09:18 . 2013-12-07 09:18    --------    d-----w-    c:\windows\ERUNT
2013-12-07 08:53 . 2013-12-12 20:24    --------    d-----w-    C:\AdwCleaner
2013-12-05 23:05 . 2013-12-05 23:05    --------    d-----w-    c:\windows\SysWow64\vmm32
2013-12-05 23:05 . 2013-12-05 23:05    --------    d-----w-    c:\program files (x86)\Dell
2013-12-02 07:21 . 2013-12-02 07:21    --------    d-----w-    C:\Upload
2013-12-02 07:21 . 2013-12-02 07:21    --------    d-----w-    c:\programdata\SAMSUNG
2013-12-02 07:21 . 2013-12-06 17:14    --------    d-----w-    c:\program files\Samsung
2013-12-02 06:55 . 2013-08-22 18:09    256088    ----a-w-    c:\windows\system32\unrar64.dll
2013-12-02 06:55 . 2013-08-22 18:09    217176    ----a-w-    c:\windows\SysWow64\unrar.dll
2013-12-02 06:55 . 2013-12-02 06:55    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
2013-12-02 05:02 . 2013-12-12 20:04    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-12-02 05:01 . 2013-12-12 19:36    89304    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-12-02 04:48 . 2013-12-02 04:48    --------    d-----w-    c:\programdata\Malwarebytes
2013-12-02 04:48 . 2013-12-02 04:48    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-02 04:48 . 2013-04-04 22:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-12-01 07:15 . 2013-12-01 07:15    --------    d-----w-    c:\programdata\Steam
2013-11-30 02:54 . 2013-12-01 03:38    --------    d-----w-    c:\program files (x86)\Total War ROME II
2013-11-29 12:06 . 2013-11-29 12:06    2829    ----a-w-    c:\windows\War3Unin.pif
2013-11-29 12:06 . 2013-11-29 12:06    126976    ----a-w-    c:\windows\War3Unin.exe
2013-11-29 12:02 . 2013-12-11 14:51    --------    d-----w-    c:\program files (x86)\Warcraft III
2013-11-29 06:43 . 2013-12-02 06:47    --------    d-----w-    c:\program files (x86)\VideoLAN
2013-11-29 05:20 . 2013-11-29 05:20    --------    d-----w-    C:\N360_BACKUP
2013-11-29 04:55 . 2013-09-10 02:47    78936    ----a-r-    c:\windows\system32\drivers\SymIMV.sys
2013-11-29 04:27 . 2013-11-29 04:27    --------    d-----w-    c:\program files (x86)\Common Files\Symantec Shared
2013-11-29 04:03 . 2013-11-29 04:03    177752    ----a-w-    c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-11-29 04:03 . 2013-11-29 04:03    --------    d-----w-    c:\program files\Common Files\Symantec Shared
2013-11-29 04:03 . 2013-11-29 04:03    --------    d-----w-    c:\windows\system32\drivers\N360x64
2013-11-29 04:03 . 2013-11-29 04:03    --------    d-----w-    c:\program files (x86)\Norton Security Suite
2013-11-29 04:03 . 2013-11-29 04:03    --------    d-----w-    c:\program files (x86)\NortonInstaller
2013-11-29 03:57 . 2013-11-30 01:37    --------    d-----w-    c:\programdata\Norton
2013-11-29 03:51 . 2013-11-29 03:51    --------    d-----w-    c:\programdata\IsolatedStorage
2013-11-29 03:28 . 2013-11-18 09:28    10285968    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{2435E8E1-BF72-4A60-ACD6-ABD6B2B1D64F}\mpengine.dll
2013-11-28 13:13 . 2013-09-04 01:37    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-28 13:13 . 2013-09-04 01:37    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-28 13:13 . 2013-09-04 01:37    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-28 13:13 . 2013-09-04 01:37    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-28 13:13 . 2013-09-04 01:37    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-28 13:13 . 2013-09-04 01:37    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-28 13:13 . 2013-09-04 01:37    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-11-28 12:10 . 2013-11-28 12:10    --------    d-----w-    c:\programdata\Oracle
2013-11-28 12:10 . 2013-11-28 12:10    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-11-28 12:10 . 2013-11-28 12:10    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-28 12:10 . 2013-11-28 12:10    --------    d-----w-    c:\program files (x86)\Java
2013-11-28 11:44 . 2013-11-28 11:44    --------    d-----w-    c:\windows\Migration
2013-11-28 11:37 . 2013-07-04 12:57    259584    ----a-w-    c:\windows\system32\WebClnt.dll
2013-11-28 11:37 . 2013-07-04 12:50    102400    ----a-w-    c:\windows\system32\davclnt.dll
2013-11-28 11:37 . 2013-07-04 11:57    205824    ----a-w-    c:\windows\SysWow64\WebClnt.dll
2013-11-28 11:37 . 2013-07-04 11:51    81920    ----a-w-    c:\windows\SysWow64\davclnt.dll
2013-11-28 11:37 . 2013-07-04 10:11    140800    ----a-w-    c:\windows\system32\drivers\mrxdav.sys
2013-11-28 11:37 . 2013-10-04 02:24    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-11-28 11:37 . 2013-10-04 01:56    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-11-28 11:37 . 2013-10-04 02:28    190464    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-28 11:37 . 2013-10-04 02:25    197120    ----a-w-    c:\windows\system32\credui.dll
2013-11-28 11:37 . 2013-10-04 01:58    152576    ----a-w-    c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-28 11:37 . 2013-10-04 01:56    168960    ----a-w-    c:\windows\SysWow64\credui.dll
2013-11-28 11:36 . 2013-08-28 01:12    461312    ----a-w-    c:\windows\system32\scavengeui.dll
2013-11-28 11:36 . 2013-08-05 02:25    155584    ----a-w-    c:\windows\system32\drivers\ataport.sys
2013-11-28 11:36 . 2012-05-01 05:40    209920    ----a-w-    c:\windows\system32\profsvc.dll
2013-11-28 11:18 . 2013-10-15 02:00    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
2013-11-28 11:16 . 2013-11-28 11:16    878080    ----a-w-    c:\windows\system32\advapi32.dll
2013-11-28 11:15 . 2013-07-09 05:52    224256    ----a-w-    c:\windows\system32\wintrust.dll
2013-11-28 11:15 . 2013-07-09 04:52    175104    ----a-w-    c:\windows\SysWow64\wintrust.dll
2013-11-28 11:15 . 2013-10-05 20:25    1474048    ----a-w-    c:\windows\system32\crypt32.dll
2013-11-28 11:15 . 2013-10-05 19:57    1168384    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-11-28 11:15 . 2013-07-09 04:46    140288    ----a-w-    c:\windows\SysWow64\cryptsvc.dll
2013-11-28 11:15 . 2013-07-09 05:46    184320    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-11-28 11:15 . 2013-07-09 05:46    139776    ----a-w-    c:\windows\system32\cryptnet.dll
2013-11-28 11:15 . 2013-07-09 04:46    103936    ----a-w-    c:\windows\SysWow64\cryptnet.dll
2013-11-28 11:15 . 2013-07-04 12:50    633856    ----a-w-    c:\windows\system32\comctl32.dll
2013-11-28 11:15 . 2013-07-04 11:50    530432    ----a-w-    c:\windows\SysWow64\comctl32.dll
2013-11-28 11:07 . 2013-11-28 11:07    --------    d-----w-    c:\windows\SysWow64\Wat
2013-11-28 11:07 . 2013-11-28 11:07    --------    d-----w-    c:\windows\system32\Wat
2013-11-28 10:31 . 2013-12-12 23:05    --------    d-----w-    c:\programdata\Western Digital
2013-11-28 10:29 . 2013-11-28 10:29    --------    d-----w-    c:\program files\DIFX
2013-11-28 10:16 . 2013-12-11 04:16    --------    d-----w-    c:\windows\system32\MRT
2013-11-28 10:13 . 2011-10-01 05:45    886784    ----a-w-    c:\program files\Common Files\System\wab32.dll
2013-11-28 10:13 . 2011-10-01 04:37    708608    ----a-w-    c:\program files (x86)\Common Files\System\wab32.dll
2013-11-28 10:12 . 2011-04-09 06:58    142336    ----a-w-    c:\windows\system32\poqexec.exe
2013-11-28 10:12 . 2011-04-09 05:56    123904    ----a-w-    c:\windows\SysWow64\poqexec.exe
2013-11-28 10:08 . 2013-09-28 01:09    497152    ----a-w-    c:\windows\system32\drivers\afd.sys
2013-11-28 10:06 . 2013-06-25 22:55    785624    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2013-11-28 10:06 . 2012-11-28 22:56    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2013-11-28 10:06 . 2012-11-28 22:56    54376    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2013-11-28 10:04 . 2013-06-15 04:32    39936    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2013-11-28 09:04 . 2012-06-02 22:19    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2013-11-28 09:04 . 2012-06-02 22:19    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2013-11-28 09:04 . 2012-06-02 22:19    44056    ----a-w-    c:\windows\system32\wups2.dll
2013-11-28 09:04 . 2012-06-02 22:15    2622464    ----a-w-    c:\windows\system32\wucltux.dll
2013-11-28 09:04 . 2012-06-02 22:19    38424    ----a-w-    c:\windows\system32\wups.dll
2013-11-28 09:04 . 2012-06-02 22:19    701976    ----a-w-    c:\windows\system32\wuapi.dll
2013-11-28 09:04 . 2012-06-02 22:15    99840    ----a-w-    c:\windows\system32\wudriver.dll
2013-11-28 09:04 . 2012-06-02 23:19    186752    ----a-w-    c:\windows\system32\wuwebv.dll
2013-11-28 09:04 . 2012-06-02 23:15    36864    ----a-w-    c:\windows\system32\wuapp.exe
2013-11-28 04:51 . 2013-12-02 07:23    --------    d-----w-    c:\users\Tyrone
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 04:57 . 2013-09-21 19:44    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 04:57 . 2013-09-21 19:44    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-28 11:16 . 2013-11-28 11:16    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2013-11-28 11:09 . 2012-07-17 19:37    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-11 13:50 . 2010-11-21 03:27    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-28 22:13 . 2013-10-28 22:13    449496    ----a-w-    c:\windows\system32\drivers\IntcDAud.sys
2013-10-28 22:13 . 2013-10-28 22:13    182784    ----a-w-    c:\windows\system32\igfxCoIn_v3345.dll
2013-10-28 22:06 . 2013-10-28 22:06    7781888    ----a-w-    c:\windows\system32\ig7icd64.dll
2013-10-28 22:06 . 2013-10-28 22:06    372224    ----a-w-    c:\windows\system32\igdmd64.dll
2013-10-28 22:06 . 2013-10-28 22:06    12151296    ----a-w-    c:\windows\system32\igdumdim64.dll
2013-10-28 22:06 . 2013-10-28 22:06    4195840    ----a-w-    c:\windows\system32\drivers\igdkmd64.sys
2013-10-28 22:06 . 2013-10-28 22:06    222208    ----a-w-    c:\windows\system32\igdde64.dll
2013-10-28 22:06 . 2013-10-28 22:06    13832704    ----a-w-    c:\windows\system32\igd10iumd64.dll
2013-10-28 22:06 . 2013-10-28 22:06    160256    ----a-w-    c:\windows\system32\igdail64.dll
2013-10-28 22:06 . 2013-09-21 21:21    66560    ----a-w-    c:\windows\system32\igfxsrvc.dll
2013-10-28 22:06 . 2013-10-28 22:06    527360    ----a-w-    c:\windows\system32\igfxrplk.lrc
2013-10-28 22:06 . 2013-10-28 22:06    526848    ----a-w-    c:\windows\system32\igfxrrus.lrc
2013-10-28 22:06 . 2013-10-28 22:06    526336    ----a-w-    c:\windows\system32\igfxrrom.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525824    ----a-w-    c:\windows\system32\igfxrsky.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525824    ----a-w-    c:\windows\system32\igfxrptg.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525312    ----a-w-    c:\windows\system32\igfxrsve.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525312    ----a-w-    c:\windows\system32\igfxrslv.lrc
2013-10-28 22:06 . 2013-10-28 22:06    524800    ----a-w-    c:\windows\system32\igfxrtrk.lrc
2013-10-28 22:06 . 2013-10-28 22:06    524800    ----a-w-    c:\windows\system32\igfxrptb.lrc
2013-10-28 22:06 . 2013-10-28 22:06    523776    ----a-w-    c:\windows\system32\igfxrtha.lrc
2013-10-28 22:06 . 2013-09-21 21:21    9081856    ----a-w-    c:\windows\system32\igfxress.dll
2013-10-28 22:06 . 2013-10-28 22:06    527872    ----a-w-    c:\windows\system32\igfxrell.lrc
2013-10-28 22:06 . 2013-10-28 22:06    527360    ----a-w-    c:\windows\system32\igfxrfra.lrc
2013-10-28 22:06 . 2013-10-28 22:06    527360    ----a-w-    c:\windows\system32\igfxresn.lrc
2013-10-28 22:06 . 2013-10-28 22:06    526848    ----a-w-    c:\windows\system32\igfxrdeu.lrc
2013-10-28 22:06 . 2013-10-28 22:06    526336    ----a-w-    c:\windows\system32\igfxrnld.lrc
2013-10-28 22:06 . 2013-10-28 22:06    526336    ----a-w-    c:\windows\system32\igfxrita.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525824    ----a-w-    c:\windows\system32\igfxrhun.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525824    ----a-w-    c:\windows\system32\igfxrhrv.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525824    ----a-w-    c:\windows\system32\igfxrcsy.lrc
2013-10-28 22:06 . 2013-10-28 22:06    525312    ----a-w-    c:\windows\system32\igfxrfin.lrc
2013-10-28 22:06 . 2013-10-28 22:06    524288    ----a-w-    c:\windows\system32\igfxrnor.lrc
2013-10-28 22:06 . 2013-10-28 22:06    524288    ----a-w-    c:\windows\system32\igfxrdan.lrc
2013-10-28 22:06 . 2013-10-28 22:06    522240    ----a-w-    c:\windows\system32\igfxrheb.lrc
2013-10-28 22:06 . 2013-10-28 22:06    521728    ----a-w-    c:\windows\system32\igfxrara.lrc
2013-10-28 22:06 . 2013-10-28 22:06    517632    ----a-w-    c:\windows\system32\igfxrjpn.lrc
2013-10-28 22:06 . 2013-10-28 22:06    516096    ----a-w-    c:\windows\system32\igfxrkor.lrc
2013-10-28 22:06 . 2013-10-28 22:06    514048    ----a-w-    c:\windows\system32\igfxrcht.lrc
2013-10-28 22:06 . 2013-10-28 22:06    513536    ----a-w-    c:\windows\system32\igfxrchs.lrc
2013-10-28 22:06 . 2013-10-28 22:06    371200    ----a-w-    c:\windows\system32\igfxrenu.lrc
2013-10-28 22:06 . 2013-09-21 21:21    548864    ----a-w-    c:\windows\system32\igfxpph.dll
2013-10-28 22:06 . 2013-10-28 22:06    243712    ----a-w-    c:\windows\system32\igfxdo.dll
2013-10-28 22:06 . 2013-10-28 22:06    4067328    ----a-w-    c:\windows\system32\MetroIntelGenericUIFramework.dll
2013-10-28 22:06 . 2013-10-28 22:06    279040    ----a-w-    c:\windows\system32\igfxcpl.cpl
2013-10-28 22:06 . 2013-10-28 22:06    194048    ----a-w-    c:\windows\system32\gfxSrvc.dll
2013-10-28 22:06 . 2013-09-21 21:21    623616    ----a-w-    c:\windows\system32\igfxdev.dll
2013-10-28 22:06 . 2013-09-21 21:21    224256    ----a-w-    c:\windows\system32\hccutils.dll
2013-10-28 22:06 . 2013-10-28 22:06    345600    ----a-w-    c:\windows\system32\igfxTMM.dll
2013-10-28 22:06 . 2013-10-28 22:06    12288    ----a-w-    c:\windows\system32\IGFXDEVLib.dll
2013-10-28 22:06 . 2013-10-28 22:06    29184    ----a-w-    c:\windows\system32\igfxexps.dll
2013-10-28 22:06 . 2013-10-28 22:06    2384896    ----a-w-    c:\windows\system32\GfxRes.dll
2013-10-28 22:02 . 2013-10-28 22:02    6141440    ----a-w-    c:\windows\SysWow64\ig7icd32.dll
2013-10-28 22:02 . 2013-10-28 22:02    317440    ----a-w-    c:\windows\SysWow64\igdmd32.dll
2013-10-28 22:01 . 2013-10-28 22:01    11434496    ----a-w-    c:\windows\SysWow64\igdumdim32.dll
2013-10-28 22:01 . 2013-10-28 22:01    13207552    ----a-w-    c:\windows\SysWow64\igd10iumd32.dll
2013-10-28 22:01 . 2013-10-28 22:01    182272    ----a-w-    c:\windows\SysWow64\igdde32.dll
2013-10-28 22:01 . 2013-10-28 22:01    142848    ----a-w-    c:\windows\SysWow64\igdail32.dll
2013-10-28 22:01 . 2013-10-28 22:01    492032    ----a-w-    c:\windows\SysWow64\igfxdv32.dll
2013-10-28 22:01 . 2013-10-28 22:01    25088    ----a-w-    c:\windows\SysWow64\igfxexps32.dll
2013-10-28 21:58 . 2013-10-28 21:58    2977792    ----a-w-    c:\windows\SysWow64\igdrcl32.dll
2013-10-28 21:58 . 2013-10-28 21:58    290816    ----a-w-    c:\windows\SysWow64\igdbcl32.dll
2013-10-28 21:58 . 2013-10-28 21:58    253440    ----a-w-    c:\windows\SysWow64\IntelOpenCL32.dll
2013-10-28 21:58 . 2013-10-28 21:58    20919808    ----a-w-    c:\windows\SysWow64\igdfcl32.dll
2013-10-28 21:57 . 2013-10-28 21:57    3304960    ----a-w-    c:\windows\system32\igdrcl64.dll
2013-10-28 21:57 . 2013-10-28 21:57    304640    ----a-w-    c:\windows\system32\IntelOpenCL64.dll
2013-10-28 21:57 . 2013-10-28 21:57    329216    ----a-w-    c:\windows\system32\igdbcl64.dll
2013-10-28 21:57 . 2013-10-28 21:57    25947136    ----a-w-    c:\windows\system32\igdfcl64.dll
2013-10-28 21:50 . 2013-10-28 21:50    2065920    ----a-w-    c:\windows\system32\igfxcmjit64.dll
2013-10-28 21:50 . 2013-10-28 21:50    1815040    ----a-w-    c:\windows\SysWow64\igfxcmjit32.dll
2013-10-28 21:50 . 2013-10-28 21:50    159232    ----a-w-    c:\windows\system32\igfxcmrt64.dll
2013-10-28 21:50 . 2013-10-28 21:50    150016    ----a-w-    c:\windows\system32\igfx11cmrt64.dll
2013-10-28 21:50 . 2013-10-28 21:50    133120    ----a-w-    c:\windows\SysWow64\igfxcmrt32.dll
2013-10-28 21:50 . 2013-10-28 21:50    128512    ----a-w-    c:\windows\SysWow64\igfx11cmrt32.dll
2013-10-28 21:49 . 2013-10-28 21:49    4439040    ----a-w-    c:\windows\system32\igdusc64.dll
2013-10-28 21:49 . 2013-10-28 21:49    3528704    ----a-w-    c:\windows\SysWow64\igdusc32.dll
2013-10-17 23:32 . 2013-10-18 04:50    11527408    ----a-w-    c:\windows\system32\drivers\NETwsw00.sys
2013-10-07 22:52 . 2013-10-07 22:52    64000    ----a-w-    c:\windows\system32\Intel_OpenCL_ICD64.dll
2013-10-07 22:52 . 2013-10-07 22:52    60416    ----a-w-    c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2013-10-07 22:52 . 2013-09-21 21:21    64000    ----a-w-    c:\windows\system32\OpenCL.dll
2013-10-07 22:52 . 2013-09-21 21:21    60416    ----a-w-    c:\windows\SysWow64\OpenCL.dll
2013-10-07 22:52 . 2013-10-07 22:52    214528    ----a-w-    c:\windows\system32\iglhcp64.dll
2013-10-07 22:52 . 2013-10-07 22:52    179712    ----a-w-    c:\windows\SysWow64\iglhcp32.dll
2013-10-07 22:52 . 2013-10-07 22:52    1127424    ----a-w-    c:\windows\system32\iglhsip64.dll
2013-10-07 22:52 . 2013-10-07 22:52    1123328    ----a-w-    c:\windows\SysWow64\iglhsip32.dll
2013-09-21 21:34 . 2013-09-21 21:34    31232    ----a-w-    c:\windows\SysWow64\prevhost.exe
2013-09-21 21:34 . 2013-09-21 21:34    31232    ----a-w-    c:\windows\system32\prevhost.exe
2013-09-21 21:34 . 2013-09-21 21:34    86528    ----a-w-    c:\windows\SysWow64\SearchFilterHost.exe
2013-09-21 21:34 . 2013-09-21 21:34    59392    ----a-w-    c:\windows\SysWow64\msscntrs.dll
2013-09-21 21:34 . 2013-09-21 21:34    427520    ----a-w-    c:\windows\SysWow64\SearchIndexer.exe
2013-09-21 21:34 . 2013-09-21 21:34    337408    ----a-w-    c:\windows\SysWow64\mssph.dll
2013-09-21 21:34 . 2013-09-21 21:34    197120    ----a-w-    c:\windows\SysWow64\mssphtb.dll
2013-09-21 21:34 . 2013-09-21 21:34    164352    ----a-w-    c:\windows\SysWow64\SearchProtocolHost.exe
2013-09-21 21:34 . 2013-09-21 21:34    1549312    ----a-w-    c:\windows\SysWow64\tquery.dll
2013-09-21 21:34 . 2013-09-21 21:34    1401344    ----a-w-    c:\windows\SysWow64\mssrch.dll
2013-09-21 21:34 . 2013-09-21 21:34    778752    ----a-w-    c:\windows\system32\mssvp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-11-02 5537136]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 cpuz136;cpuz136;c:\users\Tyrone\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Tyrone\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SmbDrvAMDASF;SmbDrvAMDASF;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\system32\DRIVERS\XHCIPort.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIPort.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys;c:\program files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131212.001\IDSvia64.sys;c:\program files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131212.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\SYMNETS.SYS [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 irstrtsv;Intel® Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe;c:\program files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel® Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 usb3Hub;UoIP Hub;c:\windows\system32\DRIVERS\usb3Hub.sys;c:\windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 04:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-15 770032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-15 391152]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-11-16 11585408]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-06 1664000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Tyrone\AppData\Roaming\Mozilla\Firefox\Profiles\z5bllrhl.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\system32\drivers\N360x64\1501000.012\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Security Suite\Engine\21.1.0.18;c:\program files (x86)\Norton Security Suite\Engine64\21.1.0.18"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-13  02:40:34
ComboFix-quarantined-files.txt  2013-12-13 10:40
ComboFix2.txt  2013-12-12 20:17
ComboFix3.txt  2013-12-07 09:57
ComboFix4.txt  2013-12-07 09:43
.
Pre-Run: 240,532,684,800 bytes free
Post-Run: 240,333,889,536 bytes free
.
- - End Of File - - DF1879B0D25434349E89C225ECF6B74C
 



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:17 PM

Posted 13 December 2013 - 09:48 AM

The folder <b>\programdata\PCDr\</b> is created by PC - Doctor. http://www.pc-doctor.com/

Do you have or have you ever had this program.

What is the problems with this computer?

#10 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 16 December 2013 - 03:59 PM

That program comes pre instelled on my Dell Inspiron Laptop... I thought the computer was clean so i went ahead and did a factory restore... I ran RougeKiller on completion of the restore and stuff still pops up

 

 

RogueKiller V8.7.12 [Dec 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tyrone [Admin rights]
Mode : Scan -- Date : 12/15/2013 15:36:52
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] McInst.exe -- C:\ProgramData\McAfee\msc\Updates\Installs\1\msc\McInst.exe [7] -> ERROR [5]
[Microsoft][HIDDEN] conhost.exe -- \Device\HarddiskVolume3\WINDOWS\System32\conhost.exe [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) 0WDVBR10 +++++
--- User ---
[MBR] 3c8b01e94a9fb80738b62477ecf1df4a
[BSP] c648a5f4b4cf48f4f0182b392fab66f3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 28330 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 58101760 | Size: 448566 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) FFS +++++
--- User ---
[MBR] 6c38ce292d0c31ed7c069c073fa899a9
[BSP] 747a3824a56818e94f4ff267b367383f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 2048 | Size: 8190 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

Finished : << RKreport[0]_S_12152013_153652.txt >>
RKreport[0]_S_12152013_140226.txt



I also would like to know why it says,

 

Error reading LL2 MBR! ([0x57] The parameter is incorrect. ) on both drives... I think my browser has been hacked already because I can find any information that helps with this problem....



#11 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 16 December 2013 - 04:01 PM

this is also a windows 7 machine and the report also says this...

 

BSP] c648a5f4b4cf48f4f0182b392fab66f3 : Windows Vista MBR Code



#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:17 PM

Posted 17 December 2013 - 09:19 AM

If not already done, please run the RogueKiller tool and Delete all the items found.
===

Was the Windows 7 installed to replace the Vista operating system?
===

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#13 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 18 December 2013 - 08:09 PM

I recently purchased this Dell 15z non-touch Inspiron and received it at the beggining of october... From my understanding it came preloaded with Windows 7 home premium x64 bit

 

 

Here are my Logs... After the last scan, there was no MBR.dat file on the desktop... Im sending everything else

 

 

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tyrone [Admin rights]
Mode : Remove -- Date : 12/18/2013 16:32:14
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : DellSystemDetect (C:\Users\Tyrone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [x][x][x]) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) 0WDVBR10 +++++
--- User ---
[MBR] 3c8b01e94a9fb80738b62477ecf1df4a
[BSP] c648a5f4b4cf48f4f0182b392fab66f3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 28330 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 58101760 | Size: 448566 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) FFS +++++
--- User ---
[MBR] 6c38ce292d0c31ed7c069c073fa899a9
[BSP] 747a3824a56818e94f4ff267b367383f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 2048 | Size: 8190 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x57] The parameter is incorrect. )

Finished : << RKreport[0]_D_12182013_163214.txt >>
RKreport[0]_S_12182013_162852.txt;RKreport[0]_S_12182013_163138.txt


 

16:46:15.0169 0x147c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:46:18.0960 0x147c  ============================================================
16:46:18.0960 0x147c  Current date / time: 2013/12/18 16:46:18.0960
16:46:18.0960 0x147c  SystemInfo:
16:46:18.0960 0x147c  
16:46:18.0960 0x147c  OS Version: 6.1.7601 ServicePack: 1.0
16:46:18.0960 0x147c  Product type: Workstation
16:46:18.0960 0x147c  ComputerName: TYRONE-PC
16:46:18.0960 0x147c  UserName: Tyrone
16:46:18.0960 0x147c  Windows directory: C:\Windows
16:46:18.0960 0x147c  System windows directory: C:\Windows
16:46:18.0960 0x147c  Running under WOW64
16:46:18.0960 0x147c  Processor architecture: Intel x64
16:46:18.0960 0x147c  Number of processors: 4
16:46:18.0960 0x147c  Page size: 0x1000
16:46:18.0960 0x147c  Boot type: Normal boot
16:46:18.0960 0x147c  ============================================================
16:46:19.0116 0x147c  KLMD registered as C:\Windows\system32\drivers\47838482.sys
16:46:19.0288 0x147c  System UUID: {9D739343-9912-42E2-3C16-C8763BC7BB15}
16:46:19.0865 0x147c  Drive \Device\Harddisk0\DR0 - Size: 0x74709D0E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:46:19.0865 0x147c  Drive \Device\Harddisk1\DR1 - Size: 0x200000000 (8.00 Gb), SectorSize: 0x200, Cylinders: 0x414, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:46:19.0881 0x147c  ============================================================
16:46:19.0881 0x147c  \Device\Harddisk0\DR0:
16:46:19.0881 0x147c  MBR partitions:
16:46:19.0881 0x147c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x3755000
16:46:19.0881 0x147c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3769000, BlocksNum 0x36C1B000
16:46:19.0881 0x147c  \Device\Harddisk1\DR1:
16:46:19.0881 0x147c  MBR partitions:
16:46:19.0881 0x147c  ============================================================
16:46:19.0881 0x147c  C: <-> \Device\Harddisk0\DR0\Partition2
16:46:19.0881 0x147c  ============================================================
16:46:19.0881 0x147c  Initialize success
16:46:19.0881 0x147c  ============================================================
16:46:37.0556 0x0940  ============================================================
16:46:37.0556 0x0940  Scan started
16:46:37.0556 0x0940  Mode: Manual; SigCheck; TDLFS;
16:46:37.0556 0x0940  ============================================================
16:46:37.0556 0x0940  KSN ping started
16:46:40.0566 0x0940  KSN ping finished: true
16:46:40.0691 0x0940  ================ Scan system memory ========================
16:46:40.0691 0x0940  System memory - ok
16:46:40.0691 0x0940  ================ Scan services =============================
16:46:41.0050 0x0940  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:46:41.0097 0x0940  1394ohci - ok
16:46:41.0097 0x0940  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:46:41.0112 0x0940  ACPI - ok
16:46:41.0128 0x0940  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:46:41.0128 0x0940  AcpiPmi - ok
16:46:41.0144 0x0940  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:46:41.0159 0x0940  AdobeARMservice - ok
16:46:41.0206 0x0940  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:46:41.0222 0x0940  AdobeFlashPlayerUpdateSvc - ok
16:46:41.0237 0x0940  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:46:41.0253 0x0940  adp94xx - ok
16:46:41.0268 0x0940  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:46:41.0284 0x0940  adpahci - ok
16:46:41.0284 0x0940  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:46:41.0300 0x0940  adpu320 - ok
16:46:41.0300 0x0940  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:46:41.0331 0x0940  AeLookupSvc - ok
16:46:41.0346 0x0940  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
16:46:41.0362 0x0940  AFD - ok
16:46:41.0378 0x0940  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:46:41.0378 0x0940  agp440 - ok
16:46:41.0393 0x0940  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:46:41.0393 0x0940  ALG - ok
16:46:41.0409 0x0940  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:46:41.0409 0x0940  aliide - ok
16:46:41.0409 0x0940  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:46:41.0424 0x0940  amdide - ok
16:46:41.0487 0x0940  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:46:41.0502 0x0940  AmdK8 - ok
16:46:41.0502 0x0940  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:46:41.0518 0x0940  AmdPPM - ok
16:46:41.0518 0x0940  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:46:41.0534 0x0940  amdsata - ok
16:46:41.0534 0x0940  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:46:41.0549 0x0940  amdsbs - ok
16:46:41.0549 0x0940  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:46:41.0565 0x0940  amdxata - ok
16:46:41.0565 0x0940  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
16:46:41.0580 0x0940  AMPPAL - ok
16:46:41.0596 0x0940  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
16:46:41.0612 0x0940  AMPPALP - ok
16:46:41.0627 0x0940  [ EDFB061F7D553B84731B8263077FD520, 6A678358AAAB411C2A4911E1DA9E668F801831B8EE95E77977F72A0A5A3F90D9 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:46:41.0658 0x0940  AMPPALR3 - ok
16:46:41.0658 0x0940  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:46:41.0690 0x0940  AppID - ok
16:46:41.0690 0x0940  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:46:41.0721 0x0940  AppIDSvc - ok
16:46:41.0721 0x0940  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:46:41.0736 0x0940  Appinfo - ok
16:46:41.0736 0x0940  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:46:41.0752 0x0940  arc - ok
16:46:41.0752 0x0940  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:46:41.0768 0x0940  arcsas - ok
16:46:41.0783 0x0940  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:46:41.0799 0x0940  aspnet_state - ok
16:46:41.0799 0x0940  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:46:41.0830 0x0940  AsyncMac - ok
16:46:41.0830 0x0940  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:46:41.0846 0x0940  atapi - ok
16:46:41.0861 0x0940  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:46:41.0892 0x0940  AudioEndpointBuilder - ok
16:46:41.0908 0x0940  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:46:41.0955 0x0940  AudioSrv - ok
16:46:41.0955 0x0940  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:46:41.0970 0x0940  AxInstSV - ok
16:46:41.0986 0x0940  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:46:42.0017 0x0940  b06bdrv - ok
16:46:42.0017 0x0940  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:46:42.0033 0x0940  b57nd60a - ok
16:46:42.0048 0x0940  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:46:42.0048 0x0940  BDESVC - ok
16:46:42.0064 0x0940  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:46:42.0080 0x0940  Beep - ok
16:46:42.0111 0x0940  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:46:42.0126 0x0940  BFE - ok
16:46:42.0173 0x0940  [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
16:46:42.0204 0x0940  BHDrvx64 - ok
16:46:42.0236 0x0940  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:46:42.0282 0x0940  BITS - ok
16:46:42.0282 0x0940  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:46:42.0298 0x0940  blbdrive - ok
16:46:42.0314 0x0940  [ 883D931697B804EBA802BE0061E7A902, 63852915215C3C7CAB87FA5EDC9EF6FF9158B6EF225259B4C0BCABF18BAA4179 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:46:42.0345 0x0940  Bluetooth Device Monitor - ok
16:46:42.0376 0x0940  [ C7A590C6B249B3CB4724F9863ED6D18A, 341A7A20B1DC1AD66847D83AFF9C7C8942977633F8F729593C9AFCA299EDE9DB ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:46:42.0407 0x0940  Bluetooth Media Service - ok
16:46:42.0438 0x0940  [ CC1C3137DE8A2C858E450D286A87C6BC, 6DF6AD2F882A1F9E6408425B06EC1E77B1DC4344BDD18D88BBA322F0B1FC7609 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:46:42.0470 0x0940  Bluetooth OBEX Service - ok
16:46:42.0470 0x0940  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:46:42.0485 0x0940  bowser - ok
16:46:42.0485 0x0940  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:46:42.0501 0x0940  BrFiltLo - ok
16:46:42.0501 0x0940  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:46:42.0516 0x0940  BrFiltUp - ok
16:46:42.0516 0x0940  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:46:42.0532 0x0940  Browser - ok
16:46:42.0548 0x0940  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:46:42.0563 0x0940  Brserid - ok
16:46:42.0563 0x0940  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:46:42.0579 0x0940  BrSerWdm - ok
16:46:42.0579 0x0940  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:46:42.0594 0x0940  BrUsbMdm - ok
16:46:42.0594 0x0940  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:46:42.0610 0x0940  BrUsbSer - ok
16:46:42.0610 0x0940  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:46:42.0626 0x0940  BthEnum - ok
16:46:42.0626 0x0940  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:46:42.0641 0x0940  BTHMODEM - ok
16:46:42.0641 0x0940  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:46:42.0657 0x0940  BthPan - ok
16:46:42.0672 0x0940  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:46:42.0688 0x0940  BTHPORT - ok
16:46:42.0704 0x0940  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:46:42.0735 0x0940  bthserv - ok
16:46:42.0735 0x0940  [ A3BC030FC526643DFDCA27299F75544B, A5BB94DBE52746D16CB35EE5311F1660232F6BA840F70420549360A19B7D6F7E ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:46:42.0750 0x0940  BTHSSecurityMgr - ok
16:46:42.0750 0x0940  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:46:42.0766 0x0940  BTHUSB - ok
16:46:42.0766 0x0940  [ 49E91B6E57D0BD0CC590471C276757BC, B4CAEFAD684BABC269C7AE93FCD0CC3B837747FDC9C987A051DF64ACCADA2DB3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
16:46:42.0782 0x0940  btmaux - ok
16:46:42.0813 0x0940  [ AC249CEB05F96B927FABDF22B6ABEE40, 36264710F18EB476A4E860C951D150F81C0E32A474C025B667BCA04B6853D217 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
16:46:42.0844 0x0940  btmhsf - ok
16:46:42.0860 0x0940  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys
16:46:42.0860 0x0940  ccSet_N360 - ok
16:46:42.0875 0x0940  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:46:42.0891 0x0940  cdfs - ok
16:46:42.0906 0x0940  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:46:42.0922 0x0940  cdrom - ok
16:46:42.0922 0x0940  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:46:42.0953 0x0940  CertPropSvc - ok
16:46:42.0953 0x0940  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:46:42.0969 0x0940  circlass - ok
16:46:42.0984 0x0940  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:46:43.0000 0x0940  CLFS - ok
16:46:43.0000 0x0940  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:46:43.0016 0x0940  clr_optimization_v2.0.50727_32 - ok
16:46:43.0016 0x0940  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:46:43.0031 0x0940  clr_optimization_v2.0.50727_64 - ok
16:46:43.0047 0x0940  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:46:43.0062 0x0940  clr_optimization_v4.0.30319_32 - ok
16:46:43.0062 0x0940  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:46:43.0078 0x0940  clr_optimization_v4.0.30319_64 - ok
16:46:43.0078 0x0940  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:46:43.0094 0x0940  CmBatt - ok
16:46:43.0094 0x0940  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:46:43.0109 0x0940  cmdide - ok
16:46:43.0109 0x0940  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:46:43.0140 0x0940  CNG - ok
16:46:43.0140 0x0940  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:46:43.0156 0x0940  Compbatt - ok
16:46:43.0156 0x0940  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:46:43.0172 0x0940  CompositeBus - ok
16:46:43.0172 0x0940  COMSysApp - ok
16:46:43.0218 0x0940  [ 236172C3A418B9A0F26B416A72F5A556, 315D8C8A002BE607A7AC011DA17C6CE305C49C6AF458669C3D2B649A06DBCDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:46:43.0234 0x0940  cphs - ok
16:46:43.0234 0x0940  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:46:43.0234 0x0940  crcdisk - ok
16:46:43.0250 0x0940  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:46:43.0265 0x0940  CryptSvc - ok
16:46:43.0281 0x0940  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:46:43.0312 0x0940  DcomLaunch - ok
16:46:43.0328 0x0940  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:46:43.0359 0x0940  defragsvc - ok
16:46:43.0374 0x0940  [ 4C0419368943D1CF20A9FCEEC50D9846, B088FC4B53D9FCAE2110114EB58AD15FF8E83E6117C54B79DC1605B606A2D2A6 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
16:46:43.0374 0x0940  DellDigitalDelivery - ok
16:46:43.0390 0x0940  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:46:43.0406 0x0940  DfsC - ok
16:46:43.0421 0x0940  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:46:43.0437 0x0940  Dhcp - ok
16:46:43.0437 0x0940  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:46:43.0468 0x0940  discache - ok
16:46:43.0468 0x0940  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:46:43.0484 0x0940  Disk - ok
16:46:43.0484 0x0940  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:46:43.0499 0x0940  Dnscache - ok
16:46:43.0515 0x0940  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:46:43.0546 0x0940  dot3svc - ok
16:46:43.0546 0x0940  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:46:43.0577 0x0940  DPS - ok
16:46:43.0577 0x0940  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:46:43.0593 0x0940  drmkaud - ok
16:46:43.0624 0x0940  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:46:43.0640 0x0940  DXGKrnl - ok
16:46:43.0655 0x0940  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:46:43.0686 0x0940  EapHost - ok
16:46:43.0749 0x0940  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:46:43.0842 0x0940  ebdrv - ok
16:46:43.0842 0x0940  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:46:43.0858 0x0940  eeCtrl - ok
16:46:43.0874 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
16:46:43.0874 0x0940  EFS - ok
16:46:43.0905 0x0940  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:46:43.0920 0x0940  ehRecvr - ok
16:46:43.0936 0x0940  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:46:43.0952 0x0940  ehSched - ok
16:46:43.0967 0x0940  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:46:43.0983 0x0940  elxstor - ok
16:46:43.0983 0x0940  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:46:43.0998 0x0940  EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )
16:46:44.0061 0x0940  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - warning
16:46:46.0650 0x0940  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:46:46.0666 0x0940  ErrDev - ok
16:46:46.0682 0x0940  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:46:46.0713 0x0940  EventSystem - ok
16:46:46.0744 0x0940  [ 6EB16C7286FBCD3AB206743BA813EC48, DF0BEDEF0205C940A4F14E196CDF4626DDCA6C8BEDF2C414CF7BB89303272C0E ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:46:46.0760 0x0940  EvtEng - ok
16:46:46.0760 0x0940  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:46:46.0791 0x0940  exfat - ok
16:46:46.0806 0x0940  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:46:46.0838 0x0940  fastfat - ok
16:46:46.0853 0x0940  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:46:46.0869 0x0940  Fax - ok
16:46:46.0884 0x0940  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:46:46.0884 0x0940  fdc - ok
16:46:46.0900 0x0940  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:46:46.0931 0x0940  fdPHost - ok
16:46:46.0931 0x0940  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:46:46.0962 0x0940  FDResPub - ok
16:46:46.0962 0x0940  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:46:46.0978 0x0940  FileInfo - ok
16:46:46.0978 0x0940  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:46:47.0009 0x0940  Filetrace - ok
16:46:47.0009 0x0940  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:46:47.0025 0x0940  flpydisk - ok
16:46:47.0025 0x0940  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:46:47.0040 0x0940  FltMgr - ok
16:46:47.0072 0x0940  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:46:47.0103 0x0940  FontCache - ok
16:46:47.0118 0x0940  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:46:47.0118 0x0940  FontCache3.0.0.0 - ok
16:46:47.0134 0x0940  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:46:47.0134 0x0940  FsDepends - ok
16:46:47.0150 0x0940  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:46:47.0150 0x0940  Fs_Rec - ok
16:46:47.0165 0x0940  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:46:47.0181 0x0940  fvevol - ok
16:46:47.0181 0x0940  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:46:47.0196 0x0940  gagp30kx - ok
16:46:47.0212 0x0940  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:46:47.0259 0x0940  gpsvc - ok
16:46:47.0259 0x0940  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:46:47.0274 0x0940  hcw85cir - ok
16:46:47.0274 0x0940  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:46:47.0306 0x0940  HdAudAddService - ok
16:46:47.0306 0x0940  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:46:47.0321 0x0940  HDAudBus - ok
16:46:47.0321 0x0940  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:46:47.0337 0x0940  HidBatt - ok
16:46:47.0337 0x0940  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:46:47.0352 0x0940  HidBth - ok
16:46:47.0352 0x0940  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:46:47.0368 0x0940  HidIr - ok
16:46:47.0368 0x0940  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:46:47.0399 0x0940  hidserv - ok
16:46:47.0415 0x0940  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:46:47.0415 0x0940  HidUsb - ok
16:46:47.0430 0x0940  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:46:47.0446 0x0940  hkmsvc - ok
16:46:47.0462 0x0940  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:46:47.0477 0x0940  HomeGroupListener - ok
16:46:47.0477 0x0940  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:46:47.0493 0x0940  HomeGroupProvider - ok
16:46:47.0508 0x0940  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:46:47.0508 0x0940  HpSAMD - ok
16:46:47.0524 0x0940  [ 436819F9B8B0032791400BD5B4934FAB, B5BEF99DA8F352BED7041052B220EE2AA421FFF8BE9053DAAE20B47D274DE323 ] hswpan          C:\Windows\system32\DRIVERS\hswpan.sys
16:46:47.0524 0x0940  hswpan - ok
16:46:47.0540 0x0940  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:46:47.0586 0x0940  HTTP - ok
16:46:47.0586 0x0940  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:46:47.0602 0x0940  hwpolicy - ok
16:46:47.0602 0x0940  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:46:47.0618 0x0940  i8042prt - ok
16:46:47.0633 0x0940  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:46:47.0664 0x0940  iaStor - ok
16:46:47.0664 0x0940  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:46:47.0664 0x0940  IAStorDataMgrSvc - ok
16:46:47.0680 0x0940  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:46:47.0696 0x0940  iaStorV - ok
16:46:47.0711 0x0940  [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:46:47.0711 0x0940  ibtfltcoex - ok
16:46:47.0742 0x0940  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:46:47.0758 0x0940  idsvc - ok
16:46:47.0774 0x0940  [ D7CB14B41DA52DF2EC143768E02F0E97, 97D6A49CA10508454F487F87F14249AE11646E365E89E3A2854AE05834DE9575 ] IDSVia64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131218.001\IDSvia64.sys
16:46:47.0789 0x0940  IDSVia64 - ok
16:46:47.0789 0x0940  IEEtwCollectorService - ok
16:46:48.0117 0x0940  [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:46:48.0476 0x0940  igfx - ok
16:46:48.0491 0x0940  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:46:48.0491 0x0940  iirsp - ok
16:46:48.0522 0x0940  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:46:48.0554 0x0940  IKEEXT - ok
16:46:48.0554 0x0940  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:46:48.0569 0x0940  intaud_WaveExtensible - ok
16:46:48.0569 0x0940  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:46:48.0585 0x0940  IntcDAud - ok
16:46:48.0600 0x0940  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
16:46:48.0632 0x0940  Intel® Capability Licensing Service Interface - ok
16:46:48.0632 0x0940  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:46:48.0632 0x0940  intelide - ok
16:46:48.0647 0x0940  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:46:48.0647 0x0940  intelppm - ok
16:46:48.0663 0x0940  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:46:48.0678 0x0940  IPBusEnum - ok
16:46:48.0694 0x0940  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:48.0725 0x0940  IpFilterDriver - ok
16:46:48.0741 0x0940  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:46:48.0756 0x0940  iphlpsvc - ok
16:46:48.0756 0x0940  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:46:48.0772 0x0940  IPMIDRV - ok
16:46:48.0772 0x0940  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:46:48.0803 0x0940  IPNAT - ok
16:46:48.0819 0x0940  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:46:48.0834 0x0940  IRENUM - ok
16:46:48.0834 0x0940  [ 6DC22BDAA595BE00F19696E72F2F3312, B46B50395100D3A23663C56CC395A874130B72E314997AAD6C52F0C5C23364C4 ] irstrtdv        C:\Windows\system32\DRIVERS\irstrtdv.sys
16:46:48.0834 0x0940  irstrtdv - ok
16:46:48.0850 0x0940  [ 205FD80EF4B9832F9763B9A187957260, 560410A01B4C2395F7129413C2460F6A0776DF52D08758E3AE68EC41FC79A2D3 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
16:46:48.0866 0x0940  irstrtsv - ok
16:46:48.0866 0x0940  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:46:48.0866 0x0940  isapnp - ok
16:46:48.0881 0x0940  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:46:48.0897 0x0940  iScsiPrt - ok
16:46:48.0897 0x0940  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
16:46:48.0912 0x0940  iusb3hcs - ok
16:46:48.0912 0x0940  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
16:46:48.0928 0x0940  iusb3hub - ok
16:46:48.0944 0x0940  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:46:48.0975 0x0940  iusb3xhc - ok
16:46:48.0975 0x0940  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
16:46:48.0990 0x0940  iwdbus - ok
16:46:48.0990 0x0940  [ 13E838EA8652F8451F29301D3B56B17B, 2FE65DDBB0ACFD34227001616D0B66B8748132DB7C0FA9342D3AB404B92732CC ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
16:46:49.0006 0x0940  jhi_service - ok
16:46:49.0006 0x0940  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:49.0022 0x0940  kbdclass - ok
16:46:49.0022 0x0940  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:46:49.0037 0x0940  kbdhid - ok
16:46:49.0037 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
16:46:49.0037 0x0940  KeyIso - ok
16:46:49.0053 0x0940  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:46:49.0053 0x0940  KSecDD - ok
16:46:49.0068 0x0940  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:46:49.0084 0x0940  KSecPkg - ok
16:46:49.0084 0x0940  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:46:49.0115 0x0940  ksthunk - ok
16:46:49.0115 0x0940  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:46:49.0162 0x0940  KtmRm - ok
16:46:49.0162 0x0940  [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:46:49.0162 0x0940  L1C - ok
16:46:49.0178 0x0940  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:46:49.0209 0x0940  LanmanServer - ok
16:46:49.0209 0x0940  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:46:49.0240 0x0940  LanmanWorkstation - ok
16:46:49.0256 0x0940  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:46:49.0287 0x0940  lltdio - ok
16:46:49.0287 0x0940  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:46:49.0318 0x0940  lltdsvc - ok
16:46:49.0334 0x0940  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:46:49.0349 0x0940  lmhosts - ok
16:46:49.0365 0x0940  [ BD9457699AC9C1A0FE43398043617279, 7955D2F5B9CB4FAD53F8D2CCC163FD575714175623F03DA1C3C2495CE3C0F342 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:46:49.0380 0x0940  LMS - ok
16:46:49.0380 0x0940  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:46:49.0396 0x0940  LSI_FC - ok
16:46:49.0396 0x0940  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:46:49.0412 0x0940  LSI_SAS - ok
16:46:49.0412 0x0940  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:46:49.0427 0x0940  LSI_SAS2 - ok
16:46:49.0427 0x0940  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:46:49.0443 0x0940  LSI_SCSI - ok
16:46:49.0443 0x0940  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:46:49.0474 0x0940  luafv - ok
16:46:49.0474 0x0940  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:46:49.0490 0x0940  MBAMProtector - ok
16:46:49.0505 0x0940  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:46:49.0521 0x0940  MBAMScheduler - ok
16:46:49.0536 0x0940  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:46:49.0552 0x0940  MBAMService - ok
16:46:49.0552 0x0940  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:46:49.0568 0x0940  Mcx2Svc - ok
16:46:49.0568 0x0940  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:46:49.0583 0x0940  megasas - ok
16:46:49.0599 0x0940  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:46:49.0614 0x0940  MegaSR - ok
16:46:49.0614 0x0940  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:46:49.0614 0x0940  MEIx64 - ok
16:46:49.0630 0x0940  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:46:49.0661 0x0940  MMCSS - ok
16:46:49.0661 0x0940  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:46:49.0692 0x0940  Modem - ok
16:46:49.0692 0x0940  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:46:49.0708 0x0940  monitor - ok
16:46:49.0708 0x0940  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:46:49.0724 0x0940  mouclass - ok
16:46:49.0724 0x0940  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
16:46:49.0739 0x0940  mouhid - ok
16:46:49.0739 0x0940  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:46:49.0755 0x0940  mountmgr - ok
16:46:49.0755 0x0940  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:46:49.0770 0x0940  MozillaMaintenance - ok
16:46:49.0770 0x0940  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:46:49.0786 0x0940  mpio - ok
16:46:49.0786 0x0940  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:46:49.0817 0x0940  mpsdrv - ok
16:46:49.0833 0x0940  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:46:49.0880 0x0940  MpsSvc - ok
16:46:49.0895 0x0940  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:46:49.0895 0x0940  MRxDAV - ok
16:46:49.0911 0x0940  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:49.0926 0x0940  mrxsmb - ok
16:46:49.0926 0x0940  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:49.0942 0x0940  mrxsmb10 - ok
16:46:49.0958 0x0940  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:49.0958 0x0940  mrxsmb20 - ok
16:46:49.0973 0x0940  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:46:49.0973 0x0940  msahci - ok
16:46:49.0989 0x0940  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:46:49.0989 0x0940  msdsm - ok
16:46:50.0004 0x0940  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:46:50.0020 0x0940  MSDTC - ok
16:46:50.0020 0x0940  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:46:50.0051 0x0940  Msfs - ok
16:46:50.0051 0x0940  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:46:50.0082 0x0940  mshidkmdf - ok
16:46:50.0082 0x0940  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:46:50.0098 0x0940  msisadrv - ok
16:46:50.0098 0x0940  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:46:50.0129 0x0940  MSiSCSI - ok
16:46:50.0129 0x0940  msiserver - ok
16:46:50.0145 0x0940  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:46:50.0160 0x0940  MSKSSRV - ok
16:46:50.0176 0x0940  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:50.0207 0x0940  MSPCLOCK - ok
16:46:50.0207 0x0940  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:46:50.0238 0x0940  MSPQM - ok
16:46:50.0238 0x0940  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:46:50.0254 0x0940  MsRPC - ok
16:46:50.0270 0x0940  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:46:50.0270 0x0940  mssmbios - ok
16:46:50.0270 0x0940  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:46:50.0301 0x0940  MSTEE - ok
16:46:50.0301 0x0940  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:46:50.0316 0x0940  MTConfig - ok
16:46:50.0316 0x0940  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:46:50.0332 0x0940  Mup - ok
16:46:50.0332 0x0940  [ 7E11D1788F5B531D49EF0AF97202437B, 8BF4A65466D235F0AB8E8855B04920BEF81A7EAC29C066FFC258BE816EBED2F4 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:46:50.0348 0x0940  MyWiFiDHCPDNS - ok
16:46:50.0363 0x0940  [ D57EC83468C328E2C3029A0BAA722072, 71714FCCDF625A0959FDB4E70FCCBCF184345537BE9509987F798837B392653E ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
16:46:50.0379 0x0940  N360 - ok
16:46:50.0394 0x0940  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:46:50.0426 0x0940  napagent - ok
16:46:50.0441 0x0940  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:46:50.0457 0x0940  NativeWifiP - ok
16:46:50.0457 0x0940  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131218.002\ENG64.SYS
16:46:50.0472 0x0940  NAVENG - ok
16:46:50.0519 0x0940  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131218.002\EX64.SYS
16:46:50.0566 0x0940  NAVEX15 - ok
16:46:50.0597 0x0940  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:46:50.0613 0x0940  NDIS - ok
16:46:50.0628 0x0940  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:50.0644 0x0940  NdisCap - ok
16:46:50.0660 0x0940  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:50.0691 0x0940  NdisTapi - ok
16:46:50.0691 0x0940  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:50.0722 0x0940  Ndisuio - ok
16:46:50.0722 0x0940  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:50.0753 0x0940  NdisWan - ok
16:46:50.0753 0x0940  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:46:50.0784 0x0940  NDProxy - ok
16:46:50.0784 0x0940  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:46:50.0816 0x0940  NetBIOS - ok
16:46:50.0831 0x0940  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:46:50.0862 0x0940  NetBT - ok
16:46:50.0862 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
16:46:50.0878 0x0940  Netlogon - ok
16:46:50.0878 0x0940  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:46:50.0925 0x0940  Netman - ok
16:46:50.0940 0x0940  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:46:50.0940 0x0940  NetMsmqActivator - ok
16:46:50.0956 0x0940  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:46:50.0972 0x0940  NetPipeActivator - ok
16:46:50.0972 0x0940  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:46:51.0018 0x0940  netprofm - ok
16:46:51.0018 0x0940  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:46:51.0034 0x0940  NetTcpActivator - ok
16:46:51.0034 0x0940  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:46:51.0050 0x0940  NetTcpPortSharing - ok
16:46:51.0299 0x0940  [ 219A40EEEA50D638BA9D08680C354A0C, F4DD0B9A75C29BBB510D19719ABA283AC2FF3D47EE099A3197BBBD7658741BBD ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
16:46:51.0549 0x0940  NETwNs64 - ok
16:46:51.0564 0x0940  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:46:51.0580 0x0940  nfrd960 - ok
16:46:51.0580 0x0940  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:46:51.0596 0x0940  NlaSvc - ok
16:46:51.0596 0x0940  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:46:51.0627 0x0940  Npfs - ok
16:46:51.0642 0x0940  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:46:51.0658 0x0940  nsi - ok
16:46:51.0674 0x0940  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:46:51.0689 0x0940  nsiproxy - ok
16:46:51.0736 0x0940  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:46:51.0767 0x0940  Ntfs - ok
16:46:51.0783 0x0940  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:46:51.0814 0x0940  Null - ok
16:46:51.0814 0x0940  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:46:51.0830 0x0940  nvraid - ok
16:46:51.0830 0x0940  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:46:51.0845 0x0940  nvstor - ok
16:46:51.0845 0x0940  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:46:51.0861 0x0940  nv_agp - ok
16:46:51.0861 0x0940  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:46:51.0876 0x0940  ohci1394 - ok
16:46:51.0892 0x0940  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:46:51.0908 0x0940  p2pimsvc - ok
16:46:51.0923 0x0940  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:46:51.0939 0x0940  p2psvc - ok
16:46:51.0939 0x0940  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:46:51.0954 0x0940  Parport - ok
16:46:51.0954 0x0940  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:46:51.0970 0x0940  partmgr - ok
16:46:51.0970 0x0940  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:46:52.0001 0x0940  PcaSvc - ok
16:46:52.0001 0x0940  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:46:52.0017 0x0940  pci - ok
16:46:52.0017 0x0940  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:46:52.0032 0x0940  pciide - ok
16:46:52.0032 0x0940  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:46:52.0048 0x0940  pcmcia - ok
16:46:52.0048 0x0940  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:46:52.0064 0x0940  pcw - ok
16:46:52.0079 0x0940  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:46:52.0126 0x0940  PEAUTH - ok
16:46:52.0157 0x0940  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:46:52.0173 0x0940  PerfHost - ok
16:46:52.0204 0x0940  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:46:52.0266 0x0940  pla - ok
16:46:52.0282 0x0940  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:46:52.0298 0x0940  PlugPlay - ok
16:46:52.0313 0x0940  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:46:52.0313 0x0940  PNRPAutoReg - ok
16:46:52.0329 0x0940  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:46:52.0344 0x0940  PNRPsvc - ok
16:46:52.0360 0x0940  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:46:52.0391 0x0940  PolicyAgent - ok
16:46:52.0407 0x0940  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
16:46:52.0422 0x0940  Power - ok
16:46:52.0422 0x0940  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:46:52.0454 0x0940  PptpMiniport - ok
16:46:52.0454 0x0940  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:46:52.0469 0x0940  Processor - ok
16:46:52.0469 0x0940  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:46:52.0485 0x0940  ProfSvc - ok
16:46:52.0500 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:52.0500 0x0940  ProtectedStorage - ok
16:46:52.0516 0x0940  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:46:52.0547 0x0940  Psched - ok
16:46:52.0578 0x0940  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:46:52.0625 0x0940  ql2300 - ok
16:46:52.0625 0x0940  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:46:52.0641 0x0940  ql40xx - ok
16:46:52.0641 0x0940  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:46:52.0672 0x0940  QWAVE - ok
16:46:52.0672 0x0940  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:46:52.0688 0x0940  QWAVEdrv - ok
16:46:52.0688 0x0940  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:46:52.0719 0x0940  RasAcd - ok
16:46:52.0719 0x0940  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:52.0750 0x0940  RasAgileVpn - ok
16:46:52.0750 0x0940  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:46:52.0781 0x0940  RasAuto - ok
16:46:52.0797 0x0940  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:52.0828 0x0940  Rasl2tp - ok
16:46:52.0828 0x0940  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:46:52.0859 0x0940  RasMan - ok
16:46:52.0875 0x0940  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:52.0906 0x0940  RasPppoe - ok
16:46:52.0906 0x0940  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:46:52.0937 0x0940  RasSstp - ok
16:46:52.0937 0x0940  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:46:52.0984 0x0940  rdbss - ok
16:46:52.0984 0x0940  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:46:53.0000 0x0940  rdpbus - ok
16:46:53.0000 0x0940  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:53.0031 0x0940  RDPCDD - ok
16:46:53.0031 0x0940  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:46:53.0062 0x0940  RDPENCDD - ok
16:46:53.0062 0x0940  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:46:53.0093 0x0940  RDPREFMP - ok
16:46:53.0093 0x0940  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:46:53.0109 0x0940  RDPWD - ok
16:46:53.0124 0x0940  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:46:53.0140 0x0940  rdyboost - ok
16:46:53.0140 0x0940  [ F09087C51C6AE42AE7DABE1EB3E44C17, DAE1CB123EA830DFCB68FD34A95FC427755FBBAD7AD16EE3F0D4941A25AD49F4 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:46:53.0156 0x0940  RegSrvc - ok
16:46:53.0156 0x0940  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:46:53.0187 0x0940  RemoteAccess - ok
16:46:53.0187 0x0940  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:46:53.0218 0x0940  RemoteRegistry - ok
16:46:53.0234 0x0940  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:46:53.0249 0x0940  RFCOMM - ok
16:46:53.0249 0x0940  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:46:53.0280 0x0940  RpcEptMapper - ok
16:46:53.0280 0x0940  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:46:53.0296 0x0940  RpcLocator - ok
16:46:53.0312 0x0940  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:46:53.0343 0x0940  RpcSs - ok
16:46:53.0358 0x0940  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:46:53.0390 0x0940  rspndr - ok
16:46:53.0390 0x0940  [ D4A7B5BE29413AFE27DFA2054DCEF957, D1F6FFADB70603D0C3D71D7E74A4F6D26F123DC4D944B22FAFDCF89B4D86CC8D ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
16:46:53.0405 0x0940  RSUSBVSTOR - ok
16:46:53.0405 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
16:46:53.0421 0x0940  SamSs - ok
16:46:53.0421 0x0940  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:46:53.0436 0x0940  sbp2port - ok
16:46:53.0452 0x0940  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:46:53.0483 0x0940  SCardSvr - ok
16:46:53.0483 0x0940  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:46:53.0514 0x0940  scfilter - ok
16:46:53.0546 0x0940  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:46:53.0592 0x0940  Schedule - ok
16:46:53.0592 0x0940  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:46:53.0624 0x0940  SCPolicySvc - ok
16:46:53.0624 0x0940  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:46:53.0639 0x0940  SDRSVC - ok
16:46:53.0655 0x0940  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:46:53.0686 0x0940  secdrv - ok
16:46:53.0686 0x0940  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:46:53.0717 0x0940  seclogon - ok
16:46:53.0717 0x0940  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:46:53.0748 0x0940  SENS - ok
16:46:53.0748 0x0940  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:46:53.0764 0x0940  SensrSvc - ok
16:46:53.0780 0x0940  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:46:53.0780 0x0940  Serenum - ok
16:46:53.0795 0x0940  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:46:53.0811 0x0940  Serial - ok
16:46:53.0811 0x0940  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:46:53.0826 0x0940  sermouse - ok
16:46:53.0842 0x0940  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:46:53.0873 0x0940  SessionEnv - ok
16:46:53.0873 0x0940  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:46:53.0889 0x0940  sffdisk - ok
16:46:53.0904 0x0940  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:46:53.0920 0x0940  sffp_mmc - ok
16:46:53.0920 0x0940  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:46:53.0936 0x0940  sffp_sd - ok
16:46:53.0936 0x0940  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:46:53.0951 0x0940  sfloppy - ok
16:46:53.0998 0x0940  [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:46:54.0045 0x0940  SftService - ok
16:46:54.0045 0x0940  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:46:54.0092 0x0940  SharedAccess - ok
16:46:54.0107 0x0940  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:54.0154 0x0940  ShellHWDetection - ok
16:46:54.0170 0x0940  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:46:54.0185 0x0940  SiSRaid2 - ok
16:46:54.0185 0x0940  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:46:54.0201 0x0940  SiSRaid4 - ok
16:46:54.0201 0x0940  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:46:54.0248 0x0940  Smb - ok
16:46:54.0248 0x0940  [ 51885FD1B882F0C934A089140B0F51EB, 4C8246CC66FBC0DF378C359D5AB7F513C098A3BE9BD8625C7D47AE184FE9A36A ] SmbDrvAMDASF    C:\Windows\system32\drivers\Smb_driver_AMDASF.sys
16:46:54.0263 0x0940  SmbDrvAMDASF - ok
16:46:54.0263 0x0940  [ FA877A22C8C18FCE5F92826D430D893A, EF93257BEAC0250B801A2DB5AA1964AA998B0CE0BF994A197E8CF872F15BF450 ] SmbDrvIntel     C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
16:46:54.0279 0x0940  SmbDrvIntel - ok
16:46:54.0279 0x0940  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:46:54.0294 0x0940  SNMPTRAP - ok
16:46:54.0294 0x0940  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:46:54.0310 0x0940  spldr - ok
16:46:54.0326 0x0940  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:46:54.0357 0x0940  Spooler - ok
16:46:54.0762 0x0940  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:46:54.0856 0x0940  sppsvc - ok
16:46:54.0856 0x0940  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:46:54.0887 0x0940  sppuinotify - ok
16:46:54.0918 0x0940  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS
16:46:54.0934 0x0940  SRTSP - ok
16:46:54.0950 0x0940  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS
16:46:54.0950 0x0940  SRTSPX - ok
16:46:54.0965 0x0940  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:46:54.0981 0x0940  srv - ok
16:46:54.0996 0x0940  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:46:55.0012 0x0940  srv2 - ok
16:46:55.0012 0x0940  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:46:55.0028 0x0940  srvnet - ok
16:46:55.0043 0x0940  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:46:55.0074 0x0940  SSDPSRV - ok
16:46:55.0074 0x0940  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:46:55.0106 0x0940  SstpSvc - ok
16:46:55.0121 0x0940  [ B6CCE8FE8E7E1B05F6D5EB52A3A70EAB, 0A44ABB277D4F599662C6B80260925CF497C850D3E46E960242A7B066B81F1E5 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
16:46:55.0137 0x0940  STacSV - ok
16:46:55.0137 0x0940  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:46:55.0152 0x0940  stexstor - ok
16:46:55.0168 0x0940  [ 70FC67F49972EA0EFC60F65EA9A4B716, 6ABA13B625F4344E2AE302F24E840F58E385F62CED65B76BEEC9E07B91CC5F1A ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:46:55.0184 0x0940  STHDA - ok
16:46:55.0199 0x0940  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:46:55.0230 0x0940  stisvc - ok
16:46:55.0230 0x0940  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:46:55.0246 0x0940  swenum - ok
16:46:55.0262 0x0940  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:46:55.0308 0x0940  swprv - ok
16:46:55.0308 0x0940  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS
16:46:55.0340 0x0940  SymDS - ok
16:46:55.0355 0x0940  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS
16:46:55.0386 0x0940  SymEFA - ok
16:46:55.0402 0x0940  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:46:55.0402 0x0940  SymEvent - ok
16:46:55.0418 0x0940  [ 6DE89F4CDF0B31A5BAF2855F9D80F8BA, 53064C246732594127E7D927C179FEB8134701D7D8C4A85CB1FE29B82F37A16A ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
16:46:55.0418 0x0940  SymIM - ok
16:46:55.0433 0x0940  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS
16:46:55.0449 0x0940  SymIRON - ok
16:46:55.0464 0x0940  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS
16:46:55.0480 0x0940  SymNetS - ok
16:46:55.0496 0x0940  [ 883D2880144FD3ED9F1C04B5B5B9B562, 17C582DE9E614F3AFF76ED808358E1006A5AAFEDAE155F6FB527A1AEE3AFF3EF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:46:55.0511 0x0940  SynTP - ok
16:46:55.0542 0x0940  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:46:55.0605 0x0940  SysMain - ok
16:46:55.0605 0x0940  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:55.0620 0x0940  TabletInputService - ok
16:46:55.0636 0x0940  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:46:55.0667 0x0940  TapiSrv - ok
16:46:55.0683 0x0940  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:46:55.0714 0x0940  TBS - ok
16:46:55.0745 0x0940  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:46:55.0792 0x0940  Tcpip - ok
16:46:55.0839 0x0940  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:46:55.0886 0x0940  TCPIP6 - ok
16:46:55.0886 0x0940  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:46:55.0901 0x0940  tcpipreg - ok
16:46:55.0901 0x0940  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:46:55.0917 0x0940  TDPIPE - ok
16:46:55.0917 0x0940  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:46:55.0932 0x0940  TDTCP - ok
16:46:55.0932 0x0940  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:46:55.0964 0x0940  tdx - ok
16:46:55.0964 0x0940  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:46:55.0979 0x0940  TermDD - ok
16:46:55.0995 0x0940  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:46:56.0042 0x0940  TermService - ok
16:46:56.0042 0x0940  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:46:56.0057 0x0940  Themes - ok
16:46:56.0073 0x0940  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:46:56.0088 0x0940  THREADORDER - ok
16:46:56.0104 0x0940  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:46:56.0135 0x0940  TrkWks - ok
16:46:56.0135 0x0940  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:56.0166 0x0940  TrustedInstaller - ok
16:46:56.0182 0x0940  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:56.0182 0x0940  tssecsrv - ok
16:46:56.0198 0x0940  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:46:56.0198 0x0940  TsUsbFlt - ok
16:46:56.0213 0x0940  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:46:56.0213 0x0940  TsUsbGD - ok
16:46:56.0229 0x0940  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:46:56.0260 0x0940  tunnel - ok
16:46:56.0260 0x0940  [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:46:56.0260 0x0940  TurboB - ok
16:46:56.0276 0x0940  [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:46:56.0276 0x0940  TurboBoost - ok
16:46:56.0291 0x0940  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:46:56.0291 0x0940  uagp35 - ok
16:46:56.0307 0x0940  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:46:56.0338 0x0940  udfs - ok
16:46:56.0354 0x0940  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:46:56.0354 0x0940  UI0Detect - ok
16:46:56.0369 0x0940  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:46:56.0369 0x0940  uliagpkx - ok
16:46:56.0385 0x0940  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:46:56.0385 0x0940  umbus - ok
16:46:56.0385 0x0940  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:46:56.0400 0x0940  UmPass - ok
16:46:56.0416 0x0940  [ F76057596EF65049869098677AB72C30, 4EE9353243CB64D0A3AFE060924D93225FB2EB085212F3AEC7A862FFF449C82A ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:46:56.0432 0x0940  UNS - ok
16:46:56.0432 0x0940  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:46:56.0478 0x0940  upnphost - ok
16:46:56.0478 0x0940  [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub         C:\Windows\system32\DRIVERS\usb3Hub.sys
16:46:56.0494 0x0940  usb3Hub - ok
16:46:56.0494 0x0940  [ 30353DDFC28C4F1EF4464DCEF994D678, FB17DF4013675061AEC0A0E7ADD0B4D07CF509B842095FAFDD7BC8C9BABDA1A5 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:56.0510 0x0940  usbccgp - ok
16:46:56.0510 0x0940  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:46:56.0525 0x0940  usbcir - ok
16:46:56.0525 0x0940  [ 7B01F9E957AA6D7F8520BB9E229DF0E2, 309295AEF0C8B6AA39503F495297169D5E4B231DD9758D9F40F29B6987C9D212 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:46:56.0541 0x0940  usbehci - ok
16:46:56.0541 0x0940  [ 90C0E5CF8FD5C25B41E7C10473EDB6BD, CDE080D158B2DD689927B2AE752EA3369C39E7764F5592DC34F3C6D9DA51C5D4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:46:56.0572 0x0940  usbhub - ok
16:46:56.0572 0x0940  [ F4A4255E930B6D007A3501C35A3DACC4, E0D0EF801100BE57A199A483330A80FB6C6FF29AEBF3380BEE16BB364A8D7FC7 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:46:56.0572 0x0940  usbohci - ok
16:46:56.0588 0x0940  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:46:56.0603 0x0940  usbprint - ok
16:46:56.0603 0x0940  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:56.0619 0x0940  USBSTOR - ok
16:46:56.0619 0x0940  [ 9462E6B70615C1703D4A95FA61FC54A1, A66E75A42E58E126F575F1AFC3BE47E119CF53431CED511776D878A78F597015 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:46:56.0634 0x0940  usbuhci - ok
16:46:56.0634 0x0940  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:46:56.0650 0x0940  usbvideo - ok
16:46:56.0650 0x0940  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:46:56.0681 0x0940  UxSms - ok
16:46:56.0681 0x0940  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
16:46:56.0697 0x0940  VaultSvc - ok
16:46:56.0697 0x0940  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:46:56.0712 0x0940  vdrvroot - ok
16:46:56.0728 0x0940  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:46:56.0759 0x0940  vds - ok
16:46:56.0775 0x0940  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:56.0790 0x0940  vga - ok
16:46:56.0790 0x0940  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:46:56.0822 0x0940  VgaSave - ok
16:46:56.0822 0x0940  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:46:56.0837 0x0940  vhdmp - ok
16:46:56.0837 0x0940  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:46:56.0853 0x0940  viaide - ok
16:46:56.0853 0x0940  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:46:56.0868 0x0940  volmgr - ok
16:46:56.0868 0x0940  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:46:56.0884 0x0940  volmgrx - ok
16:46:56.0900 0x0940  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:46:56.0915 0x0940  volsnap - ok
16:46:56.0915 0x0940  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:46:56.0931 0x0940  vsmraid - ok
16:46:56.0962 0x0940  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:46:57.0024 0x0940  VSS - ok
16:46:57.0040 0x0940  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:57.0040 0x0940  vwifibus - ok
16:46:57.0056 0x0940  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:57.0071 0x0940  vwififlt - ok
16:46:57.0071 0x0940  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:57.0087 0x0940  vwifimp - ok
16:46:57.0102 0x0940  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:46:57.0134 0x0940  W32Time - ok
16:46:57.0134 0x0940  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:46:57.0149 0x0940  WacomPen - ok
16:46:57.0149 0x0940  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:46:57.0180 0x0940  WANARP - ok
16:46:57.0180 0x0940  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:46:57.0212 0x0940  Wanarpv6 - ok
16:46:57.0243 0x0940  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:57.0274 0x0940  WatAdminSvc - ok
16:46:57.0305 0x0940  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:46:57.0352 0x0940  wbengine - ok
16:46:57.0368 0x0940  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:46:57.0383 0x0940  WbioSrvc - ok
16:46:57.0399 0x0940  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:46:57.0414 0x0940  wcncsvc - ok
16:46:57.0414 0x0940  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:57.0430 0x0940  WcsPlugInService - ok
16:46:57.0430 0x0940  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:46:57.0446 0x0940  Wd - ok
16:46:57.0477 0x0940  [ 3A164E4C3F453230B6F6C3BD319D83C1, 11A5A5646A113F2BA2A9E355E579F3E516A5860E2E0AC479491663FCEF226CFF ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
16:46:57.0508 0x0940  WDBackup - ok
16:46:57.0508 0x0940  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
16:46:57.0508 0x0940  WDC_SAM - ok
16:46:57.0524 0x0940  [ AFA293DAE84019BB65E17F926E9F5185, EE056291483376D7944CD2AB4EDE34B1031915EAB1C168B9777A4C8E840033AD ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
16:46:57.0539 0x0940  WDDriveService - ok
16:46:57.0555 0x0940  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:46:57.0586 0x0940  Wdf01000 - ok
16:46:57.0586 0x0940  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:46:57.0602 0x0940  WdiServiceHost - ok
16:46:57.0602 0x0940  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:46:57.0617 0x0940  WdiSystemHost - ok
16:46:57.0633 0x0940  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:46:57.0648 0x0940  WebClient - ok
16:46:57.0664 0x0940  [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:46:57.0680 0x0940  Wecsvc - ok
16:46:57.0680 0x0940  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:46:57.0711 0x0940  wercplsupport - ok
16:46:57.0711 0x0940  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:46:57.0742 0x0940  WerSvc - ok
16:46:57.0742 0x0940  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:57.0773 0x0940  WfpLwf - ok
16:46:57.0773 0x0940  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:46:57.0789 0x0940  WimFltr - ok
16:46:57.0789 0x0940  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:46:57.0804 0x0940  WIMMount - ok
16:46:57.0804 0x0940  WinDefend - ok
16:46:57.0820 0x0940  WinHttpAutoProxySvc - ok
16:46:57.0836 0x0940  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:46:57.0867 0x0940  Winmgmt - ok
16:46:57.0976 0x0940  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:46:58.0038 0x0940  WinRM - ok
16:46:58.0070 0x0940  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:46:58.0101 0x0940  Wlansvc - ok
16:46:58.0179 0x0940  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:46:58.0226 0x0940  wlidsvc - ok
16:46:58.0226 0x0940  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:46:58.0241 0x0940  WmiAcpi - ok
16:46:58.0257 0x0940  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:46:58.0272 0x0940  wmiApSrv - ok
16:46:58.0272 0x0940  WMPNetworkSvc - ok
16:46:58.0272 0x0940  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:46:58.0288 0x0940  WPCSvc - ok
16:46:58.0288 0x0940  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:46:58.0304 0x0940  WPDBusEnum - ok
16:46:58.0304 0x0940  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:46:58.0335 0x0940  ws2ifsl - ok
16:46:58.0335 0x0940  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:46:58.0366 0x0940  wscsvc - ok
16:46:58.0366 0x0940  WSearch - ok
16:46:58.0428 0x0940  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:46:58.0475 0x0940  wuauserv - ok
16:46:58.0475 0x0940  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:46:58.0491 0x0940  WudfPf - ok
16:46:58.0491 0x0940  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:46:58.0506 0x0940  wudfsvc - ok
16:46:58.0522 0x0940  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:46:58.0538 0x0940  WwanSvc - ok
16:46:58.0538 0x0940  [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort        C:\Windows\system32\DRIVERS\XHCIPort.sys
16:46:58.0553 0x0940  XHCIPort - ok
16:46:58.0631 0x0940  [ 5BCB1F6CB749B6826BE1C0F16FF2F600, EF36100ACC0591EB4E04D52E57423E43E331B5D5BA8DFF5854285198931CD3EE ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:46:58.0694 0x0940  ZeroConfigService - ok
16:46:58.0709 0x0940  ================ Scan global ===============================
16:46:58.0709 0x0940  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:46:58.0725 0x0940  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:46:58.0725 0x0940  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:46:58.0740 0x0940  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:46:58.0740 0x0940  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:46:58.0756 0x0940  [ Global ] - ok
16:46:58.0756 0x0940  ================ Scan MBR ==================================
16:46:58.0756 0x0940  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:46:59.0068 0x0940  \Device\Harddisk0\DR0 - ok
16:46:59.0068 0x0940  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:46:59.0084 0x0940  \Device\Harddisk1\DR1 - ok
16:46:59.0084 0x0940  ================ Scan VBR ==================================
16:46:59.0084 0x0940  [ 8896DC154834E50E2899FE8B49B4451C ] \Device\Harddisk0\DR0\Partition1
16:46:59.0084 0x0940  \Device\Harddisk0\DR0\Partition1 - ok
16:46:59.0084 0x0940  [ F068396E10131E0E64A2156514EB2CEF ] \Device\Harddisk0\DR0\Partition2
16:46:59.0084 0x0940  \Device\Harddisk0\DR0\Partition2 - ok
16:46:59.0099 0x0940  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
16:46:59.0099 0x0940  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
16:47:01.0704 0x0940  ============================================================
16:47:01.0704 0x0940  Scan finished
16:47:01.0704 0x0940  ============================================================
16:47:01.0704 0x19d4  Detected object count: 1
16:47:01.0704 0x19d4  Actual detected object count: 1
16:47:08.0428 0x19d4  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:47:08.0428 0x19d4  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:47:19.0114 0x0cbc  Deinitialize success
 

 

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-18 16:48:07
-----------------------------
16:48:07.765    OS Version: Windows x64 6.1.7601 Service Pack 1
16:48:07.765    Number of processors: 4 586 0x3A09
16:48:07.765    ComputerName: TYRONE-PC  UserName: Tyrone
16:48:08.998    Initialize success
16:49:39.719    AVAST engine defs: 13121802
16:56:21.319    The log file has been saved successfully to "C:\Users\Tyrone\Desktop\aswMBR.txt"

 

Thank you again for all of your help...
 



#14 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 18 December 2013 - 09:07 PM

I realized I didnt save the aswmbr.exe directly to the desktop... So I tried it again and got a blue screen after i noticed it highlighting what seemed to be norton files or folders in yellow... haha It never ends

 

Problem signature:
  Problem Event Name:    BlueScreen
  OS Version:    6.1.7601.2.1.0.768.3
  Locale ID:    1033

Additional information about the problem:
  BCCode:    a
  BCP1:    0000000000000000
  BCP2:    0000000000000002
  BCP3:    0000000000000000
  BCP4:    FFFFF80002CECBD4
  OS Version:    6_1_7601
  Service Pack:    1_0
  Product:    768_1

Files that help describe the problem:
  C:\WINDOWS\Minidump\121813-15522-01.dmp
  C:\Users\Tyrone\AppData\Local\Temp\WER-30638-0.sysdata.xml

Read our privacy statement online:
  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt
 



#15 slap2442

slap2442
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 19 December 2013 - 04:12 AM

Just ran a scan and found these as well... It never stops :(

 

 

 

 

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.19.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Tyrone :: TYRONE-PC [administrator]

Protection: Enabled

12/18/2013 6:17:53 PM
mbam-log-2013-12-18 (18-17-53).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316750
Time elapsed: 20 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\apps\934rv\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\apps\934rv\WinWDF\x86\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Drivers\input\17TCY\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Program Files\Synaptics\SynTP\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_e0ad85ffcba3399c\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.

(end)
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users