Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 PUP, Hijacked, 24x7 Help etc


  • This topic is locked This topic is locked
5 replies to this topic

#1 RohanShah

RohanShah

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 19 December 2013 - 07:53 PM

I have too many viruses on this computer and I ran Malwarebytes once but it was not enough and everytime I try to install a program it gives me an error. It will not even let me access Windows Folder.

 

This is the DDS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.17.2
Run by Diana at 19:44:53 on 2013-12-19
.
============== Running Processes ================
.
C:\Windows\SysWOW64\atashost.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RivalGaming Games: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - 
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
uRun: [Google Update] "C:\Users\Diana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Mobilink3] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {61BB6943-A0FF-4637-AA85-47290BDE178E} - hxxps://www.trueformsonline.com/Downloads/TFLauncher_2/tflauncher.dll
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://rein.mlxchange.com/5.4.04.22493/Control/IRCSharc.cab
TCP: NameServer = 68.105.28.12 8.8.8.8
TCP: Interfaces\{4DE35BD7-6A46-420E-9952-4AC83080DFD0} : DHCPNameServer = 68.105.28.12 8.8.8.8
TCP: Interfaces\{4DE35BD7-6A46-420E-9952-4AC83080DFD0}\2425C40275962756C6563737 : DHCPNameServer = 208.67.220.220 208.67.222.222
TCP: Interfaces\{4DE35BD7-6A46-420E-9952-4AC83080DFD0}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4DE35BD7-6A46-420E-9952-4AC83080DFD0}\6596277696E6D4F62696C65602D4966496232303030283632402355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4DE35BD7-6A46-420E-9952-4AC83080DFD0}\94753435D2849676863507565646 : DHCPNameServer = 10.1.1.8
TCP: Interfaces\{78A5731E-CCD4-4FDC-A0D6-4B3ED5216D2C} : NameServer = 10.177.0.34 10.166.208.148
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [lxdnmon.exe] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\bjbsd3o5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com/?cid={4E73F4CB-1D02-4215-83D9-5A47518024B4}&mid=0e68ec44a36747d3be1ec15632ff7b7e-1ca506ab404f56284609eb01e2fe45574ed1be8c&lang=en&ds=AVG&pr=pr&d=2013-02-02 12:26:43&v=15.3.0.11&pid=safeguard&sg=0&sap=hp
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&SearchSource=2&CUI=UN13841179771925920&UM=2&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Diana\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R? AESTFilters;Andrea ST Filters Service
R? AVGIDSAgent;AVGIDSAgent
R? AVGIDSDriver;AVGIDSDriver
R? Avgldx64;AVG AVI Loader Driver
R? avgwd;AVG WatchDog
R? BBSvc;BingBar Service
R? BBUpdate;BBUpdate
R? BHDrvx64;BHDrvx64
R? BroadCamService;BroadCam Video Streaming Server
R? CLKMSVC10_38F51D56;CyberLink Product - 2012/05/13 14:16:26
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? clwvd;CyberLink WebCam Virtual Driver
R? EraserUtilRebootDrv;EraserUtilRebootDrv
R? ew_hwusbdev;Huawei MobileBroadband USB PNP Device
R? ew_usbenumfilter;huawei_CompositeFilter
R? ewusbmbb;HUAWEI USB-WWAN miniport
R? EyelineService;Eyeline Video System
R? ezSharedSvc;Easybits Services for Windows
R? FPLService;TrueSuiteService
R? GamesAppService;GamesAppService
R? HP Support Assistant Service;HP Support Assistant Service
R? HPClientSvc;HP Client Services
R? hpCMSrv;HP Connection Manager 4.0 Service
R? hpsrv;HP Service
R? HPWMISVC;HPWMISVC
R? HWDeviceService64.exe;HWDeviceService64.exe
R? IAStorDataMgrSvc;Intel® Rapid Storage Technology
R? IconMan_R;IconMan_R
R? IDSVia64;IDSVia64
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? IntcDAud;Intel® Display Audio
R? lxdn_device;lxdn_device
R? lxdnCATSCustConnectService;lxdnCATSCustConnectService
R? MBAMProtector;MBAMProtector
R? MBAMScheduler;MBAMScheduler
R? MBAMService;MBAMService
R? NIS;Norton Internet Security
R? NvtlService;NovaCore SDK Service
R? NWVMModem;Virgin Mobile USB Modem Driver
R? NWVMPort;Virgin Mobile USB Status Port Driver
R? NWVMPort2;Virgin Mobile USB Status2 Port Driver
R? RoxioNow Service;RoxioNow Service
R? RSPCIESTOR;Realtek PCIE CardReader Driver
R? SkypeUpdate;Skype Updater
R? SrvHsfHDA;SrvHsfHDA
R? SrvHsfV92;SrvHsfV92
R? SrvHsfWinac;SrvHsfWinac
R? SSPORT;SSPORT
R? SymIRON;Symantec Iron Driver
R? SymNetS;Symantec Network Security WFP Driver
R? T-Mobile Connection Manager. RunOuc;T-Mobile Connection Manager. OUC
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? UNS;Intel® Management and Security Application User Notification Service
R? USBAAPL64;Apple Mobile USB Driver
R? vToolbarUpdater17.2.0;vToolbarUpdater17.2.0
R? WatAdminSvc;Windows Activation Technologies Service
R? wlcrasvc;Windows Live Mesh remote connections service
S? atashost;WebEx Service Host for Support Center
S? AVGIDSHA;AVGIDSHA
S? Avgloga;AVG Logging Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgtp;avgtp
S? huawei_enumerator;huawei_enumerator
S? nusb3hub;Renesas Electronics USB 3.0 Hub Driver
S? nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver
S? RTL8167;Realtek 8167 NT Driver
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
.
=============== Created Last 30 ================
.
2013-12-19 23:09:33 -------- d-----w- C:\Users\Diana\AppData\Roaming\Malwarebytes
2013-12-19 23:09:26 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-19 23:09:25 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-19 23:09:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-19 23:09:09 -------- d-----w- C:\Users\Diana\AppData\Local\Programs
2013-12-14 20:23:33 -------- d-----w- C:\Users\Diana\AppData\Local\{DDE4AB7A-5B88-4B7F-9823-480D64A71938}
2013-12-08 17:54:12 -------- d-----w- C:\Users\Diana\AppData\Local\{24EF5E6E-86A8-4AC9-A3D4-A68D91EC9F9F}
2013-11-25 06:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-25 02:21:25 -------- d-----w- C:\Users\Diana\AppData\Local\Macromedia
2013-11-25 02:15:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M  ====================
.
2013-12-11 22:58:26 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 23:47:33 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-11-14 00:06:06 137232 ----a-w- C:\Windows\SysWow64\atashost.exe
2013-11-14 00:06:04 227344 ----a-w- C:\Windows\SysWow64\atsckernel.exe
2013-11-03 23:21:07 204 ----a-w- C:\Windows\SysWow64\lsprst7.dll
2013-11-03 19:21:07 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll
2013-10-23 06:05:08 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 19:46:08.72 ===============
 

Attached Files


Edited by RohanShah, 19 December 2013 - 08:02 PM.


BC AdBot (Login to Remove)

 


#2 RohanShah

RohanShah
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 23 December 2013 - 06:04 PM

Bump 4 days over.



#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:01 PM

Posted 24 December 2013 - 10:43 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Lets start with these scans.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#4 RohanShah

RohanShah
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 27 December 2013 - 06:57 PM

TDDSKILLER:

18:15:52.0636 0x1f00  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
18:15:55.0989 0x1f00  ============================================================
18:15:55.0989 0x1f00  Current date / time: 2013/12/27 18:15:55.0989
18:15:55.0989 0x1f00  SystemInfo:
18:15:55.0989 0x1f00  
18:15:55.0989 0x1f00  OS Version: 6.1.7601 ServicePack: 1.0
18:15:55.0989 0x1f00  Product type: Workstation
18:15:55.0989 0x1f00  ComputerName: DIANATOPTRAINER
18:15:55.0989 0x1f00  UserName: Diana
18:15:55.0989 0x1f00  Windows directory: C:\Windows
18:15:55.0989 0x1f00  System windows directory: C:\Windows
18:15:55.0989 0x1f00  Running under WOW64
18:15:55.0989 0x1f00  Processor architecture: Intel x64
18:15:55.0989 0x1f00  Number of processors: 8
18:15:55.0989 0x1f00  Page size: 0x1000
18:15:55.0989 0x1f00  Boot type: Normal boot
18:15:55.0989 0x1f00  ============================================================
18:15:57.0723 0x1f00  KLMD registered as C:\Windows\system32\drivers\26815726.sys
18:15:58.0089 0x1f00  System UUID: {CD8073EE-74B1-F314-9B8F-7AC48A8ED74B}
18:15:58.0596 0x1f00  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:15:58.0600 0x1f00  ============================================================
18:15:58.0600 0x1f00  \Device\Harddisk0\DR0:
18:15:58.0600 0x1f00  MBR partitions:
18:15:58.0600 0x1f00  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:15:58.0600 0x1f00  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55840800
18:15:58.0600 0x1f00  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x558A4800, BlocksNum 0x1C6E000
18:15:58.0600 0x1f00  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
18:15:58.0600 0x1f00  ============================================================
18:15:58.0645 0x1f00  C: <-> \Device\Harddisk0\DR0\Partition2
18:15:58.0695 0x1f00  D: <-> \Device\Harddisk0\DR0\Partition3
18:15:58.0695 0x1f00  ============================================================
18:15:58.0695 0x1f00  Initialize success
18:15:58.0695 0x1f00  ============================================================
18:16:08.0208 0x0be8  ============================================================
18:16:08.0208 0x0be8  Scan started
18:16:08.0208 0x0be8  Mode: Manual; SigCheck; TDLFS; 
18:16:08.0208 0x0be8  ============================================================
18:16:08.0208 0x0be8  KSN ping started
18:16:11.0473 0x0be8  KSN ping finished: true
18:16:11.0830 0x0be8  ================ Scan system memory ========================
18:16:11.0830 0x0be8  System memory - ok
18:16:11.0831 0x0be8  ================ Scan services =============================
18:16:12.0117 0x0be8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:16:12.0286 0x0be8  1394ohci - ok
18:16:12.0329 0x0be8  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
18:16:12.0373 0x0be8  Accelerometer - ok
18:16:12.0420 0x0be8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:16:12.0436 0x0be8  ACPI - ok
18:16:12.0455 0x0be8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:16:12.0541 0x0be8  AcpiPmi - ok
18:16:12.0719 0x0be8  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:16:12.0729 0x0be8  AdobeARMservice - ok
18:16:12.0900 0x0be8  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:12.0914 0x0be8  AdobeFlashPlayerUpdateSvc - ok
18:16:12.0963 0x0be8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:16:12.0985 0x0be8  adp94xx - ok
18:16:13.0034 0x0be8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:16:13.0052 0x0be8  adpahci - ok
18:16:13.0100 0x0be8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:16:13.0114 0x0be8  adpu320 - ok
18:16:13.0150 0x0be8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:16:13.0308 0x0be8  AeLookupSvc - ok
18:16:13.0389 0x0be8  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
18:16:13.0461 0x0be8  AESTFilters - ok
18:16:13.0530 0x0be8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
18:16:13.0616 0x0be8  AFD - ok
18:16:13.0664 0x0be8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:16:13.0675 0x0be8  agp440 - ok
18:16:13.0715 0x0be8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:16:13.0796 0x0be8  ALG - ok
18:16:13.0853 0x0be8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:16:13.0863 0x0be8  aliide - ok
18:16:13.0894 0x0be8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:16:13.0905 0x0be8  amdide - ok
18:16:13.0957 0x0be8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:16:14.0000 0x0be8  AmdK8 - ok
18:16:14.0016 0x0be8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:16:14.0045 0x0be8  AmdPPM - ok
18:16:14.0077 0x0be8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:16:14.0090 0x0be8  amdsata - ok
18:16:14.0129 0x0be8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:16:14.0143 0x0be8  amdsbs - ok
18:16:14.0161 0x0be8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:16:14.0171 0x0be8  amdxata - ok
18:16:14.0211 0x0be8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:16:14.0335 0x0be8  AppID - ok
18:16:14.0364 0x0be8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:16:14.0429 0x0be8  AppIDSvc - ok
18:16:14.0480 0x0be8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:16:14.0524 0x0be8  Appinfo - ok
18:16:14.0600 0x0be8  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:16:14.0609 0x0be8  Apple Mobile Device - ok
18:16:14.0650 0x0be8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:16:14.0662 0x0be8  arc - ok
18:16:14.0679 0x0be8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:16:14.0690 0x0be8  arcsas - ok
18:16:14.0710 0x0be8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:16:14.0772 0x0be8  AsyncMac - ok
18:16:14.0822 0x0be8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:16:14.0832 0x0be8  atapi - ok
18:16:14.0882 0x0be8  [ BA66F6D1FC0974134BD13EC3BF61A732, E14FB08F11EF088B163263FFAC0900DE489E0D346FD8E33D36CD5061D4668CF2 ] atashost        C:\Windows\SysWOW64\atashost.exe
18:16:14.0898 0x0be8  atashost - ok
18:16:14.0947 0x0be8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:16:15.0012 0x0be8  AudioEndpointBuilder - ok
18:16:15.0028 0x0be8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:16:15.0072 0x0be8  AudioSrv - ok
18:16:15.0384 0x0be8  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:16:15.0491 0x0be8  AVGIDSAgent - ok
18:16:15.0532 0x0be8  [ 92B7689FBC131E143421A19C18320E34, D3A323015790355070A380731CA56547F518F8AF800BC71670481A646C8FEEB3 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:16:15.0546 0x0be8  AVGIDSDriver - ok
18:16:15.0570 0x0be8  [ C8D9EEACF266512C1FA52E2ECF5AD944, 01972886F4324C55BE4450F2E18F263FBF0BE7525A9390714216E6C7A1827B1D ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
18:16:15.0581 0x0be8  AVGIDSHA - ok
18:16:15.0612 0x0be8  [ FACD18A89FDEBC35C85CAF762B294BE2, FD6EBE87ACA6CC017AB7ED886B2BC13CA05BDA38E4B7E8A63F33EF7E5C755BB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
18:16:15.0625 0x0be8  Avgldx64 - ok
18:16:15.0671 0x0be8  [ 29FCDEAC6086FB7E55344B51E35D99CE, 06408D79DF92B8A31DE0CA518BD93CA211D3192496CA3783762F289549F8F615 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
18:16:15.0688 0x0be8  Avgloga - ok
18:16:15.0719 0x0be8  [ 85053293DCDE19829E8691A9E9E8A6FF, 1F115376DCF888C0ED928D5E7150CC4602510FDA785DE76912D415366D8D7393 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
18:16:15.0731 0x0be8  Avgmfx64 - ok
18:16:15.0760 0x0be8  [ E191E443B0F7B05E784279A1C29B9D2A, 24B2B048C2CE5520A6B0E6702F55B5B65411E3E3D0857301E430EF2F9D7ECAFE ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
18:16:15.0770 0x0be8  Avgrkx64 - ok
18:16:15.0796 0x0be8  [ 69BD90E337625F96C718CACE7A9C9E29, 586948D6715ACB845D58BB5A73B8E5DA96A5415BC67D0508054F03D9A5C21768 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
18:16:15.0810 0x0be8  Avgtdia - ok
18:16:15.0836 0x0be8  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
18:16:15.0847 0x0be8  avgtp - ok
18:16:15.0871 0x0be8  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:16:15.0886 0x0be8  avgwd - ok
18:16:15.0924 0x0be8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:16:16.0009 0x0be8  AxInstSV - ok
18:16:16.0053 0x0be8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:16:16.0113 0x0be8  b06bdrv - ok
18:16:16.0140 0x0be8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:16:16.0195 0x0be8  b57nd60a - ok
18:16:16.0281 0x0be8  [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
18:16:16.0295 0x0be8  BBSvc - ok
18:16:16.0344 0x0be8  [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
18:16:16.0360 0x0be8  BBUpdate - ok
18:16:16.0534 0x0be8  [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:16:16.0605 0x0be8  BCM43XX - ok
18:16:16.0632 0x0be8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:16:16.0683 0x0be8  BDESVC - ok
18:16:16.0723 0x0be8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:16:16.0783 0x0be8  Beep - ok
18:16:16.0837 0x0be8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:16:16.0888 0x0be8  BFE - ok
18:16:17.0131 0x0be8  [ 1D757A7E020C577C4259A755F21B7152, E3D9E3C4CA5A01F69615A5860226C24D3FD7B5992A413840C50B9A31FB287FD6 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
18:16:17.0163 0x0be8  BHDrvx64 - ok
18:16:17.0207 0x0be8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:16:17.0285 0x0be8  BITS - ok
18:16:17.0324 0x0be8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:16:17.0353 0x0be8  blbdrive - ok
18:16:17.0427 0x0be8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:16:17.0443 0x0be8  Bonjour Service - ok
18:16:17.0492 0x0be8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:16:17.0536 0x0be8  bowser - ok
18:16:17.0569 0x0be8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:16:17.0603 0x0be8  BrFiltLo - ok
18:16:17.0634 0x0be8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:16:17.0652 0x0be8  BrFiltUp - ok
18:16:17.0806 0x0be8  [ 71CD65A161267EC8959BF4423E761742, 39B990414F7886D51C7987C74CA18C922094FBEB8AD8ED24814356E9B8296B92 ] BroadCamService C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
18:16:17.0866 0x0be8  BroadCamService - ok
18:16:17.0917 0x0be8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:16:17.0967 0x0be8  Browser - ok
18:16:17.0997 0x0be8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:16:18.0065 0x0be8  Brserid - ok
18:16:18.0089 0x0be8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:16:18.0120 0x0be8  BrSerWdm - ok
18:16:18.0147 0x0be8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:16:18.0186 0x0be8  BrUsbMdm - ok
18:16:18.0206 0x0be8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:16:18.0236 0x0be8  BrUsbSer - ok
18:16:18.0256 0x0be8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:16:18.0288 0x0be8  BTHMODEM - ok
18:16:18.0326 0x0be8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:16:18.0380 0x0be8  bthserv - ok
18:16:18.0442 0x0be8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:16:18.0500 0x0be8  cdfs - ok
18:16:18.0551 0x0be8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:16:18.0590 0x0be8  cdrom - ok
18:16:18.0621 0x0be8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:16:18.0669 0x0be8  CertPropSvc - ok
18:16:18.0702 0x0be8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:16:18.0740 0x0be8  circlass - ok
18:16:18.0782 0x0be8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:16:18.0798 0x0be8  CLFS - ok
18:16:18.0902 0x0be8  [ 524DC3807CB1746225F9D26ADD19C319, DC23392E8C542B02860BA1F57F03AD08A58B256D155CC6B81A48691A79D3A3F6 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
18:16:18.0916 0x0be8  CLKMSVC10_38F51D56 - ok
18:16:19.0000 0x0be8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:19.0010 0x0be8  clr_optimization_v2.0.50727_32 - ok
18:16:19.0087 0x0be8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:16:19.0099 0x0be8  clr_optimization_v2.0.50727_64 - ok
18:16:19.0167 0x0be8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:19.0182 0x0be8  clr_optimization_v4.0.30319_32 - ok
18:16:19.0221 0x0be8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:16:19.0232 0x0be8  clr_optimization_v4.0.30319_64 - ok
18:16:19.0280 0x0be8  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
18:16:19.0289 0x0be8  clwvd - ok
18:16:19.0305 0x0be8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:16:19.0342 0x0be8  CmBatt - ok
18:16:19.0373 0x0be8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:16:19.0383 0x0be8  cmdide - ok
18:16:19.0437 0x0be8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:16:19.0462 0x0be8  CNG - ok
18:16:19.0507 0x0be8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:16:19.0516 0x0be8  Compbatt - ok
18:16:19.0573 0x0be8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:16:19.0615 0x0be8  CompositeBus - ok
18:16:19.0629 0x0be8  COMSysApp - ok
18:16:19.0645 0x0be8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:16:19.0654 0x0be8  crcdisk - ok
18:16:19.0702 0x0be8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:16:19.0759 0x0be8  CryptSvc - ok
18:16:19.0819 0x0be8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:16:19.0875 0x0be8  DcomLaunch - ok
18:16:19.0917 0x0be8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:16:19.0975 0x0be8  defragsvc - ok
18:16:20.0009 0x0be8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:16:20.0057 0x0be8  DfsC - ok
18:16:20.0097 0x0be8  DgiVecp - ok
18:16:20.0120 0x0be8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:16:20.0171 0x0be8  Dhcp - ok
18:16:20.0199 0x0be8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:16:20.0252 0x0be8  discache - ok
18:16:20.0294 0x0be8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:16:20.0305 0x0be8  Disk - ok
18:16:20.0344 0x0be8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:16:20.0406 0x0be8  Dnscache - ok
18:16:20.0436 0x0be8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:16:20.0495 0x0be8  dot3svc - ok
18:16:20.0525 0x0be8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:16:20.0570 0x0be8  DPS - ok
18:16:20.0609 0x0be8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:16:20.0652 0x0be8  drmkaud - ok
18:16:20.0701 0x0be8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:16:20.0729 0x0be8  DXGKrnl - ok
18:16:20.0753 0x0be8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:16:20.0798 0x0be8  EapHost - ok
18:16:20.0992 0x0be8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:16:21.0157 0x0be8  ebdrv - ok
18:16:21.0261 0x0be8  [ 0C3F9EFF8DDD9F9EB56D754B4620155F, D81F2DF707E9A3852BB0CE30883B86D722EA1E7585E7A7D1BC3E081E0A4FDFDB ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:16:21.0279 0x0be8  eeCtrl - ok
18:16:21.0321 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
18:16:21.0367 0x0be8  EFS - ok
18:16:21.0460 0x0be8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:16:21.0523 0x0be8  ehRecvr - ok
18:16:21.0547 0x0be8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:16:21.0567 0x0be8  ehSched - ok
18:16:21.0603 0x0be8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:16:21.0625 0x0be8  elxstor - ok
18:16:21.0673 0x0be8  [ 8C0F9B877BC0B7FFD327EF55F9EFB642, 238FB9A33DE89BC2D0F38734A44E16B6FE0E8806CDF9C09C0F238239DC9DA74B ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:16:21.0692 0x0be8  EraserUtilRebootDrv - ok
18:16:21.0712 0x0be8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:16:21.0757 0x0be8  ErrDev - ok
18:16:21.0792 0x0be8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:16:21.0858 0x0be8  EventSystem - ok
18:16:21.0910 0x0be8  [ 7F938A48B0584E1F35524602D5C5ACF8, 1871954654DD39CB8A61225FE540B545E335C74C09105751927E2F412F676B4C ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
18:16:21.0973 0x0be8  ewusbmbb - ok
18:16:22.0014 0x0be8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
18:16:22.0054 0x0be8  ew_hwusbdev - ok
18:16:22.0090 0x0be8  [ FF82FE59664304F75FC56EC0E92796F0, 943DF1D66BAC8EDDF45E77E2E17136ADBD2A5378BBFA93D2C78C16FEC5A7F14F ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
18:16:22.0133 0x0be8  ew_usbenumfilter - ok
18:16:22.0172 0x0be8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:16:22.0214 0x0be8  exfat - ok
18:16:22.0337 0x0be8  [ B2163CB068F48F4DA224CDD254731B4B, F2268E52816737E98FDF96E047A80583171115AB61FDE64F007579F69BB5BDE9 ] EyelineService  C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe
18:16:22.0379 0x0be8  EyelineService - ok
18:16:22.0395 0x0be8  ezSharedSvc - ok
18:16:22.0409 0x0be8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:16:22.0462 0x0be8  fastfat - ok
18:16:22.0519 0x0be8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:16:22.0586 0x0be8  Fax - ok
18:16:22.0629 0x0be8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:16:22.0661 0x0be8  fdc - ok
18:16:22.0702 0x0be8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:16:22.0735 0x0be8  fdPHost - ok
18:16:22.0750 0x0be8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:16:22.0783 0x0be8  FDResPub - ok
18:16:22.0826 0x0be8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:16:22.0836 0x0be8  FileInfo - ok
18:16:22.0844 0x0be8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:16:22.0900 0x0be8  Filetrace - ok
18:16:22.0931 0x0be8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:16:22.0948 0x0be8  flpydisk - ok
18:16:22.0971 0x0be8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:16:22.0986 0x0be8  FltMgr - ok
18:16:23.0044 0x0be8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:16:23.0111 0x0be8  FontCache - ok
18:16:23.0152 0x0be8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:16:23.0162 0x0be8  FontCache3.0.0.0 - ok
18:16:23.0267 0x0be8  [ 6AA4E6B4EA50620AB622A048394C4AA2, 3148E2399DAABE660067BA8F8A0941442389C5159444E92FB669AE98BC274617 ] FPLService      C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
18:16:23.0280 0x0be8  FPLService - ok
18:16:23.0303 0x0be8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:16:23.0313 0x0be8  FsDepends - ok
18:16:23.0347 0x0be8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:16:23.0357 0x0be8  Fs_Rec - ok
18:16:23.0399 0x0be8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:16:23.0416 0x0be8  fvevol - ok
18:16:23.0451 0x0be8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:16:23.0463 0x0be8  gagp30kx - ok
18:16:23.0524 0x0be8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:16:23.0552 0x0be8  GamesAppService - ok
18:16:23.0577 0x0be8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:16:23.0585 0x0be8  GEARAspiWDM - ok
18:16:23.0644 0x0be8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:16:23.0694 0x0be8  gpsvc - ok
18:16:23.0714 0x0be8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:16:23.0763 0x0be8  hcw85cir - ok
18:16:23.0797 0x0be8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:16:23.0838 0x0be8  HdAudAddService - ok
18:16:23.0874 0x0be8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:16:23.0916 0x0be8  HDAudBus - ok
18:16:23.0945 0x0be8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:16:23.0978 0x0be8  HidBatt - ok
18:16:23.0995 0x0be8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:16:24.0035 0x0be8  HidBth - ok
18:16:24.0066 0x0be8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:16:24.0086 0x0be8  HidIr - ok
18:16:24.0106 0x0be8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:16:24.0156 0x0be8  hidserv - ok
18:16:24.0209 0x0be8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:16:24.0240 0x0be8  HidUsb - ok
18:16:24.0270 0x0be8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:16:24.0327 0x0be8  hkmsvc - ok
18:16:24.0344 0x0be8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:16:24.0388 0x0be8  HomeGroupListener - ok
18:16:24.0413 0x0be8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:16:24.0447 0x0be8  HomeGroupProvider - ok
18:16:24.0547 0x0be8  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:16:24.0685 0x0be8  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
18:16:27.0820 0x0be8  Detect skipped due to KSN trusted
18:16:27.0820 0x0be8  HP Support Assistant Service - ok
18:16:27.0890 0x0be8  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:16:27.0915 0x0be8  HPClientSvc - ok
18:16:28.0002 0x0be8  [ E040F0064D39F73BB4995D494F3DCBB8, F13369719673DC7E533931EDD07464E03146D9C226E8399A062CF9A70F5942A7 ] hpCMSrv         C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
18:16:28.0035 0x0be8  hpCMSrv - ok
18:16:28.0072 0x0be8  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
18:16:28.0082 0x0be8  hpdskflt - ok
18:16:28.0173 0x0be8  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:16:28.0207 0x0be8  hpqwmiex - ok
18:16:28.0235 0x0be8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:16:28.0246 0x0be8  HpSAMD - ok
18:16:28.0277 0x0be8  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
18:16:28.0287 0x0be8  hpsrv - ok
18:16:28.0350 0x0be8  [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:16:28.0358 0x0be8  HPWMISVC - ok
18:16:28.0404 0x0be8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:16:28.0467 0x0be8  HTTP - ok
18:16:28.0511 0x0be8  [ F6C1661C55EAAD2DD9FBB37D5DF1A011, 8511A28F6FAECCBB86342B9490158C2E1031B6161DAD702D0DC2991366DB28DA ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
18:16:28.0562 0x0be8  huawei_enumerator - ok
18:16:28.0594 0x0be8  [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:16:28.0654 0x0be8  hwdatacard - ok
18:16:28.0707 0x0be8  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
18:16:28.0721 0x0be8  HWDeviceService64.exe - ok
18:16:28.0743 0x0be8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:16:28.0752 0x0be8  hwpolicy - ok
18:16:28.0789 0x0be8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:16:28.0809 0x0be8  i8042prt - ok
18:16:28.0868 0x0be8  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:16:28.0888 0x0be8  iaStor - ok
18:16:28.0956 0x0be8  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:16:28.0965 0x0be8  IAStorDataMgrSvc - ok
18:16:29.0015 0x0be8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:16:29.0034 0x0be8  iaStorV - ok
18:16:29.0158 0x0be8  [ D72BF0AE484F88399E8343E821C10D6A, E8D78E61EEC80934396F233565DB5682B2475867C98F09C3CE3F906373A5C1A2 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:16:29.0266 0x0be8  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
18:16:31.0943 0x0be8  Detect skipped due to KSN trusted
18:16:31.0944 0x0be8  IconMan_R - ok
18:16:32.0041 0x0be8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:16:32.0070 0x0be8  idsvc - ok
18:16:32.0149 0x0be8  [ 18C40C3F368323B203ACE403CB430DB1, 068B4487EEE698DD4A6A99C4C26D5331566EE2AB263C86ADA0E5D878AA4BDB59 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120215.002\IDSvia64.sys
18:16:32.0167 0x0be8  IDSVia64 - ok
18:16:32.0181 0x0be8  IEEtwCollectorService - ok
18:16:32.0522 0x0be8  [ 6383899C5F964D71B0F96B81FBE59BB8, 780B2B5945CF266CD0807B6F91177A558EC1E568F9D7D850C172A137414394E6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:16:33.0034 0x0be8  igfx - ok
18:16:33.0074 0x0be8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:16:33.0085 0x0be8  iirsp - ok
18:16:33.0142 0x0be8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:16:33.0189 0x0be8  IKEEXT - ok
18:16:33.0244 0x0be8  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:16:33.0286 0x0be8  IntcDAud - ok
18:16:33.0314 0x0be8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:16:33.0325 0x0be8  intelide - ok
18:16:33.0348 0x0be8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:16:33.0379 0x0be8  intelppm - ok
18:16:33.0413 0x0be8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:16:33.0468 0x0be8  IPBusEnum - ok
18:16:33.0497 0x0be8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:16:33.0534 0x0be8  IpFilterDriver - ok
18:16:33.0594 0x0be8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:16:33.0654 0x0be8  iphlpsvc - ok
18:16:33.0683 0x0be8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:16:33.0719 0x0be8  IPMIDRV - ok
18:16:33.0747 0x0be8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:16:33.0801 0x0be8  IPNAT - ok
18:16:33.0866 0x0be8  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:16:33.0889 0x0be8  iPod Service - ok
18:16:33.0923 0x0be8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:16:33.0944 0x0be8  IRENUM - ok
18:16:33.0986 0x0be8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:16:33.0996 0x0be8  isapnp - ok
18:16:34.0033 0x0be8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:16:34.0048 0x0be8  iScsiPrt - ok
18:16:34.0066 0x0be8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:16:34.0076 0x0be8  kbdclass - ok
18:16:34.0114 0x0be8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:16:34.0141 0x0be8  kbdhid - ok
18:16:34.0167 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
18:16:34.0179 0x0be8  KeyIso - ok
18:16:34.0216 0x0be8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:16:34.0227 0x0be8  KSecDD - ok
18:16:34.0245 0x0be8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:16:34.0258 0x0be8  KSecPkg - ok
18:16:34.0276 0x0be8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:16:34.0328 0x0be8  ksthunk - ok
18:16:34.0365 0x0be8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:16:34.0430 0x0be8  KtmRm - ok
18:16:34.0470 0x0be8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:16:34.0528 0x0be8  LanmanServer - ok
18:16:34.0578 0x0be8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:16:34.0624 0x0be8  LanmanWorkstation - ok
18:16:34.0664 0x0be8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:16:34.0710 0x0be8  lltdio - ok
18:16:34.0751 0x0be8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:16:34.0806 0x0be8  lltdsvc - ok
18:16:34.0837 0x0be8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:16:34.0870 0x0be8  lmhosts - ok
18:16:34.0948 0x0be8  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:16:34.0964 0x0be8  LMS - ok
18:16:35.0002 0x0be8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:16:35.0014 0x0be8  LSI_FC - ok
18:16:35.0033 0x0be8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:16:35.0045 0x0be8  LSI_SAS - ok
18:16:35.0063 0x0be8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:16:35.0074 0x0be8  LSI_SAS2 - ok
18:16:35.0095 0x0be8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:16:35.0108 0x0be8  LSI_SCSI - ok
18:16:35.0138 0x0be8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:16:35.0187 0x0be8  luafv - ok
18:16:35.0249 0x0be8  [ 4208B958E35F0E596AA241EFB664636B, 16848BA9052A58D03B420E2E803605CDE59D99E01691CA0FEA92EFE43CB8F318 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
18:16:35.0293 0x0be8  lxdnCATSCustConnectService - ok
18:16:35.0303 0x0be8  lxdn_device - ok
18:16:35.0326 0x0be8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:16:35.0345 0x0be8  Mcx2Svc - ok
18:16:35.0370 0x0be8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:16:35.0381 0x0be8  megasas - ok
18:16:35.0415 0x0be8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:16:35.0431 0x0be8  MegaSR - ok
18:16:35.0462 0x0be8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:16:35.0472 0x0be8  MEIx64 - ok
18:16:35.0546 0x0be8  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:16:35.0556 0x0be8  Microsoft Office Groove Audit Service - ok
18:16:35.0590 0x0be8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:16:35.0641 0x0be8  MMCSS - ok
18:16:35.0667 0x0be8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:16:35.0711 0x0be8  Modem - ok
18:16:35.0737 0x0be8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:16:35.0774 0x0be8  monitor - ok
18:16:35.0804 0x0be8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:16:35.0814 0x0be8  mouclass - ok
18:16:35.0829 0x0be8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
18:16:35.0859 0x0be8  mouhid - ok
18:16:35.0894 0x0be8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:16:35.0905 0x0be8  mountmgr - ok
18:16:35.0988 0x0be8  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:16:35.0999 0x0be8  MozillaMaintenance - ok
18:16:36.0047 0x0be8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:16:36.0061 0x0be8  mpio - ok
18:16:36.0086 0x0be8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:16:36.0123 0x0be8  mpsdrv - ok
18:16:36.0172 0x0be8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:16:36.0243 0x0be8  MpsSvc - ok
18:16:36.0274 0x0be8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:16:36.0297 0x0be8  MRxDAV - ok
18:16:36.0315 0x0be8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:16:36.0367 0x0be8  mrxsmb - ok
18:16:36.0388 0x0be8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:16:36.0412 0x0be8  mrxsmb10 - ok
18:16:36.0443 0x0be8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:16:36.0463 0x0be8  mrxsmb20 - ok
18:16:36.0489 0x0be8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:16:36.0499 0x0be8  msahci - ok
18:16:36.0527 0x0be8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:16:36.0540 0x0be8  msdsm - ok
18:16:36.0564 0x0be8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:16:36.0597 0x0be8  MSDTC - ok
18:16:36.0638 0x0be8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:16:36.0672 0x0be8  Msfs - ok
18:16:36.0693 0x0be8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:16:36.0745 0x0be8  mshidkmdf - ok
18:16:36.0756 0x0be8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:16:36.0766 0x0be8  msisadrv - ok
18:16:36.0790 0x0be8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:16:36.0842 0x0be8  MSiSCSI - ok
18:16:36.0844 0x0be8  msiserver - ok
18:16:36.0877 0x0be8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:16:36.0923 0x0be8  MSKSSRV - ok
18:16:36.0935 0x0be8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:16:36.0970 0x0be8  MSPCLOCK - ok
18:16:36.0979 0x0be8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:16:37.0029 0x0be8  MSPQM - ok
18:16:37.0057 0x0be8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:16:37.0075 0x0be8  MsRPC - ok
18:16:37.0100 0x0be8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:16:37.0110 0x0be8  mssmbios - ok
18:16:37.0136 0x0be8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:16:37.0180 0x0be8  MSTEE - ok
18:16:37.0203 0x0be8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:16:37.0222 0x0be8  MTConfig - ok
18:16:37.0239 0x0be8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:16:37.0249 0x0be8  Mup - ok
18:16:37.0291 0x0be8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:16:37.0343 0x0be8  napagent - ok
18:16:37.0403 0x0be8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:16:37.0447 0x0be8  NativeWifiP - ok
18:16:37.0516 0x0be8  [ 2DBE90210DE76BE6E1653BB20EC70EC2, E5AB955082084EB2261C801E74C1EEBEC26472DB3EE803C65C5ADF5A92527F07 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120216.004\ENG64.SYS
18:16:37.0529 0x0be8  NAVENG - ok
18:16:37.0615 0x0be8  [ 346DA70E203B8E2C850277713DE8F71B, 3F9359A3E2CC9B6158A9549E6786C6622BDA6E8851EDE0EF73F9AC8145F86D35 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120216.004\EX64.SYS
18:16:37.0673 0x0be8  NAVEX15 - ok
18:16:37.0746 0x0be8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:16:37.0778 0x0be8  NDIS - ok
18:16:37.0809 0x0be8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:16:37.0864 0x0be8  NdisCap - ok
18:16:37.0892 0x0be8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:16:37.0930 0x0be8  NdisTapi - ok
18:16:37.0946 0x0be8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:16:37.0995 0x0be8  Ndisuio - ok
18:16:38.0018 0x0be8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:16:38.0076 0x0be8  NdisWan - ok
18:16:38.0095 0x0be8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:16:38.0131 0x0be8  NDProxy - ok
18:16:38.0155 0x0be8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:16:38.0207 0x0be8  NetBIOS - ok
18:16:38.0233 0x0be8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:16:38.0277 0x0be8  NetBT - ok
18:16:38.0301 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
18:16:38.0313 0x0be8  Netlogon - ok
18:16:38.0350 0x0be8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:16:38.0402 0x0be8  Netman - ok
18:16:38.0428 0x0be8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:16:38.0484 0x0be8  netprofm - ok
18:16:38.0518 0x0be8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:38.0529 0x0be8  NetTcpPortSharing - ok
18:16:38.0564 0x0be8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:16:38.0575 0x0be8  nfrd960 - ok
18:16:38.0649 0x0be8  [ E78A365CC3E0FBFC018A33DCE01909F8, 0A414BDD8F8FB4BA493B8FBE9EB63377D9BB0A6800C55B2E3500913CF0F96AC6 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
18:16:38.0661 0x0be8  NIS - ok
18:16:38.0699 0x0be8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:16:38.0730 0x0be8  NlaSvc - ok
18:16:38.0761 0x0be8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:16:38.0797 0x0be8  Npfs - ok
18:16:38.0821 0x0be8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:16:38.0865 0x0be8  nsi - ok
18:16:38.0881 0x0be8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:16:38.0931 0x0be8  nsiproxy - ok
18:16:38.0993 0x0be8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:16:39.0042 0x0be8  Ntfs - ok
18:16:39.0067 0x0be8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:16:39.0100 0x0be8  Null - ok
18:16:39.0123 0x0be8  [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:16:39.0180 0x0be8  nusb3hub - ok
18:16:39.0221 0x0be8  [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:16:39.0274 0x0be8  nusb3xhc - ok
18:16:39.0328 0x0be8  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
18:16:39.0370 0x0be8  NVENETFD - ok
18:16:39.0412 0x0be8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:16:39.0425 0x0be8  nvraid - ok
18:16:39.0441 0x0be8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:16:39.0454 0x0be8  nvstor - ok
18:16:39.0503 0x0be8  [ CBD0A7B9CF99DC597BD4774B14F10956, 0589726E10916BDA03C7F15A92DDB0A3E0DD227553E0EED24A957E58BF2C6F2E ] NvtlService     C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
18:16:39.0512 0x0be8  NvtlService - ok
18:16:39.0544 0x0be8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:16:39.0557 0x0be8  nv_agp - ok
18:16:39.0582 0x0be8  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWVMModem       C:\Windows\system32\DRIVERS\nwvmmdm.sys
18:16:39.0636 0x0be8  NWVMModem - ok
18:16:39.0675 0x0be8  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWVMPort        C:\Windows\system32\DRIVERS\nwvmser.sys
18:16:39.0698 0x0be8  NWVMPort - ok
18:16:39.0725 0x0be8  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWVMPort2       C:\Windows\system32\DRIVERS\nwvmser2.sys
18:16:39.0749 0x0be8  NWVMPort2 - ok
18:16:39.0822 0x0be8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:16:39.0841 0x0be8  odserv - ok
18:16:39.0871 0x0be8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:16:39.0891 0x0be8  ohci1394 - ok
18:16:39.0959 0x0be8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:16:39.0971 0x0be8  ose - ok
18:16:40.0010 0x0be8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:16:40.0065 0x0be8  p2pimsvc - ok
18:16:40.0089 0x0be8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:16:40.0122 0x0be8  p2psvc - ok
18:16:40.0147 0x0be8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:16:40.0169 0x0be8  Parport - ok
18:16:40.0204 0x0be8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:16:40.0253 0x0be8  partmgr - ok
18:16:40.0287 0x0be8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:16:40.0357 0x0be8  PcaSvc - ok
18:16:40.0369 0x0be8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:16:40.0393 0x0be8  pci - ok
18:16:40.0428 0x0be8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:16:40.0476 0x0be8  pciide - ok
18:16:40.0511 0x0be8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:16:40.0526 0x0be8  pcmcia - ok
18:16:40.0551 0x0be8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:16:40.0561 0x0be8  pcw - ok
18:16:40.0606 0x0be8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:16:40.0668 0x0be8  PEAUTH - ok
18:16:40.0762 0x0be8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:16:40.0793 0x0be8  PerfHost - ok
18:16:40.0867 0x0be8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:16:40.0961 0x0be8  pla - ok
18:16:41.0024 0x0be8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:16:41.0096 0x0be8  PlugPlay - ok
18:16:41.0124 0x0be8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:16:41.0154 0x0be8  PNRPAutoReg - ok
18:16:41.0187 0x0be8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:16:41.0205 0x0be8  PNRPsvc - ok
18:16:41.0235 0x0be8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:16:41.0302 0x0be8  PolicyAgent - ok
18:16:41.0330 0x0be8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:16:41.0378 0x0be8  Power - ok
18:16:41.0406 0x0be8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:16:41.0461 0x0be8  PptpMiniport - ok
18:16:41.0492 0x0be8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:16:41.0521 0x0be8  Processor - ok
18:16:41.0547 0x0be8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:16:41.0604 0x0be8  ProfSvc - ok
18:16:41.0613 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:16:41.0624 0x0be8  ProtectedStorage - ok
18:16:41.0665 0x0be8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:16:41.0720 0x0be8  Psched - ok
18:16:41.0787 0x0be8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:16:41.0833 0x0be8  ql2300 - ok
18:16:41.0853 0x0be8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:16:41.0865 0x0be8  ql40xx - ok
18:16:41.0897 0x0be8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:16:41.0927 0x0be8  QWAVE - ok
18:16:41.0948 0x0be8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:16:41.0985 0x0be8  QWAVEdrv - ok
18:16:42.0005 0x0be8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:16:42.0057 0x0be8  RasAcd - ok
18:16:42.0105 0x0be8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:16:42.0143 0x0be8  RasAgileVpn - ok
18:16:42.0173 0x0be8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:16:42.0228 0x0be8  RasAuto - ok
18:16:42.0251 0x0be8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:16:42.0308 0x0be8  Rasl2tp - ok
18:16:42.0350 0x0be8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:16:42.0396 0x0be8  RasMan - ok
18:16:42.0408 0x0be8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:16:42.0455 0x0be8  RasPppoe - ok
18:16:42.0490 0x0be8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:16:42.0545 0x0be8  RasSstp - ok
18:16:42.0568 0x0be8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:16:42.0629 0x0be8  rdbss - ok
18:16:42.0642 0x0be8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:16:42.0670 0x0be8  rdpbus - ok
18:16:42.0712 0x0be8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:16:42.0766 0x0be8  RDPCDD - ok
18:16:42.0787 0x0be8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:16:42.0835 0x0be8  RDPENCDD - ok
18:16:42.0839 0x0be8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:16:42.0878 0x0be8  RDPREFMP - ok
18:16:42.0909 0x0be8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:16:42.0956 0x0be8  RDPWD - ok
18:16:42.0993 0x0be8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:16:43.0008 0x0be8  rdyboost - ok
18:16:43.0033 0x0be8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:16:43.0087 0x0be8  RemoteAccess - ok
18:16:43.0127 0x0be8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:16:43.0170 0x0be8  RemoteRegistry - ok
18:16:43.0221 0x0be8  [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
18:16:43.0239 0x0be8  RoxioNow Service - ok
18:16:43.0254 0x0be8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:16:43.0298 0x0be8  RpcEptMapper - ok
18:16:43.0330 0x0be8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:16:43.0361 0x0be8  RpcLocator - ok
18:16:43.0401 0x0be8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:16:43.0443 0x0be8  RpcSs - ok
18:16:43.0494 0x0be8  [ 1F5E7AF59B390261A85F5BEDB1BB88B3, 8A0B23EED74475E6790EF03E54B53BB964A0EC08ADF28BD6AAFA9CF6BE6F20DA ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
18:16:43.0526 0x0be8  RSPCIESTOR - ok
18:16:43.0549 0x0be8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:16:43.0589 0x0be8  rspndr - ok
18:16:43.0613 0x0be8  [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:16:43.0631 0x0be8  RTL8167 - ok
18:16:43.0646 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
18:16:43.0658 0x0be8  SamSs - ok
18:16:43.0679 0x0be8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:16:43.0690 0x0be8  sbp2port - ok
18:16:43.0717 0x0be8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:16:43.0756 0x0be8  SCardSvr - ok
18:16:43.0783 0x0be8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:16:43.0828 0x0be8  scfilter - ok
18:16:43.0875 0x0be8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:16:43.0947 0x0be8  Schedule - ok
18:16:43.0968 0x0be8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:16:43.0998 0x0be8  SCPolicySvc - ok
18:16:44.0033 0x0be8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:16:44.0066 0x0be8  sdbus - ok
18:16:44.0096 0x0be8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:16:44.0152 0x0be8  SDRSVC - ok
18:16:44.0199 0x0be8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:16:44.0245 0x0be8  secdrv - ok
18:16:44.0269 0x0be8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:16:44.0304 0x0be8  seclogon - ok
18:16:44.0323 0x0be8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:16:44.0367 0x0be8  SENS - ok
18:16:44.0387 0x0be8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:16:44.0427 0x0be8  SensrSvc - ok
18:16:44.0455 0x0be8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:16:44.0488 0x0be8  Serenum - ok
18:16:44.0526 0x0be8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:16:44.0561 0x0be8  Serial - ok
18:16:44.0585 0x0be8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:16:44.0615 0x0be8  sermouse - ok
18:16:44.0655 0x0be8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:16:44.0704 0x0be8  SessionEnv - ok
18:16:44.0733 0x0be8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:16:44.0752 0x0be8  sffdisk - ok
18:16:44.0763 0x0be8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:16:44.0800 0x0be8  sffp_mmc - ok
18:16:44.0811 0x0be8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:16:44.0850 0x0be8  sffp_sd - ok
18:16:44.0884 0x0be8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:16:44.0913 0x0be8  sfloppy - ok
18:16:44.0947 0x0be8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:16:45.0004 0x0be8  SharedAccess - ok
18:16:45.0037 0x0be8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:16:45.0095 0x0be8  ShellHWDetection - ok
18:16:45.0144 0x0be8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:16:45.0154 0x0be8  SiSRaid2 - ok
18:16:45.0182 0x0be8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:16:45.0194 0x0be8  SiSRaid4 - ok
18:16:45.0267 0x0be8  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:16:45.0280 0x0be8  SkypeUpdate - ok
18:16:45.0321 0x0be8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:16:45.0371 0x0be8  Smb - ok
18:16:45.0411 0x0be8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:16:45.0444 0x0be8  SNMPTRAP - ok
18:16:45.0478 0x0be8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:16:45.0488 0x0be8  spldr - ok
18:16:45.0527 0x0be8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:16:45.0569 0x0be8  Spooler - ok
18:16:45.0678 0x0be8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:16:45.0805 0x0be8  sppsvc - ok
18:16:45.0842 0x0be8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:16:45.0879 0x0be8  sppuinotify - ok
18:16:45.0972 0x0be8  [ 90EF30C3867BCDE4579C01A6D6E75A7A, 60A02EA23164561E09E783F5AED6016B5E2997667141EB4C7AD0ED64A66C4ADC ] SRTSP           C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
18:16:45.0998 0x0be8  SRTSP - ok
18:16:46.0012 0x0be8  [ C513E8A5E7978DA49077F5484344EE1B, EC173DB62B7BADEA5CCB7C13CB46067427A514EA431DFCD124D0833D9E13E094 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
18:16:46.0021 0x0be8  SRTSPX - ok
18:16:46.0062 0x0be8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:16:46.0111 0x0be8  srv - ok
18:16:46.0132 0x0be8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:16:46.0176 0x0be8  srv2 - ok
18:16:46.0212 0x0be8  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:16:46.0240 0x0be8  SrvHsfHDA - ok
18:16:46.0287 0x0be8  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:16:46.0356 0x0be8  SrvHsfV92 - ok
18:16:46.0389 0x0be8  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:16:46.0427 0x0be8  SrvHsfWinac - ok
18:16:46.0448 0x0be8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:16:46.0471 0x0be8  srvnet - ok
18:16:46.0492 0x0be8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:16:46.0541 0x0be8  SSDPSRV - ok
18:16:46.0544 0x0be8  SSPORT - ok
18:16:46.0557 0x0be8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:16:46.0593 0x0be8  SstpSvc - ok
18:16:46.0672 0x0be8  [ 20E27AA5BCC01C2149830C05FE22F675, F4A8154229B5EB07B379064047EEDDA54A9396421E1FEEFA2FF3077091D3870F ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:16:46.0735 0x0be8  STacSV - ok
18:16:46.0756 0x0be8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:16:46.0767 0x0be8  stexstor - ok
18:16:46.0825 0x0be8  [ BEB37CE4E7456F5EFA52D783D1E06D8C, A6E202412FB904CCA86A1D9EDD600EC247460B1A31243325FC8747D39A456B79 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:16:46.0878 0x0be8  STHDA - ok
18:16:46.0938 0x0be8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:16:46.0977 0x0be8  stisvc - ok
18:16:46.0995 0x0be8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:16:47.0005 0x0be8  swenum - ok
18:16:47.0036 0x0be8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:16:47.0094 0x0be8  swprv - ok
18:16:47.0132 0x0be8  [ 6160145C7A87FC7672E8E3B886888176, 16B79AD77C53D5CA3125BE45120BD62097975FEF144DBC681FF3C5D76CF3D7D8 ] SymDS           C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
18:16:47.0150 0x0be8  SymDS - ok
18:16:47.0187 0x0be8  [ 96AEED40D4D3521568B42027687E69E0, 0BF6E20349EBE7AA9F98D3DEB5C86C77C74CA2FEA5F15FF9A278556C09BFC639 ] SymEFA          C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
18:16:47.0214 0x0be8  SymEFA - ok
18:16:47.0240 0x0be8  [ 21A1C2D694C3CF962D31F5E873AB3D6F, 4EB997BFF485A708BAD11C0CC53F750B40F968E69B532B5631840D105EC4344C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:16:47.0257 0x0be8  SymEvent - ok
18:16:47.0296 0x0be8  [ BD0D711D8CBFCAA19CA123306EAF53A5, 89E76A0BA4C3EF43FE8BF7AD075E4311CF08CEA460B2352C06497BBEC7198849 ] SymIRON         C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
18:16:47.0307 0x0be8  SymIRON - ok
18:16:47.0328 0x0be8  [ A6ADB3D83023F8DAA0F7B6FDA785D83B, 036A355654D2779FF930F863760D9877298D11CFA7DDCFEEFBF44D9466E28598 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
18:16:47.0345 0x0be8  SymNetS - ok
18:16:47.0377 0x0be8  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:16:47.0394 0x0be8  SynTP - ok
18:16:47.0461 0x0be8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:16:47.0544 0x0be8  SysMain - ok
18:16:47.0663 0x0be8  [ 0191F314838056CF1A5A7BDE4346812F, BCECC6944FF3CE2793107443259F242FAE894A814688685E3056709CFE1B7AA7 ] T-Mobile Connection Manager. RunOuc C:\Program Files (x86)\T-Mobile\T-Mobile Connection Manager\UpdateDog\ouc.exe
18:16:47.0699 0x0be8  T-Mobile Connection Manager. RunOuc - ok
18:16:47.0729 0x0be8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:16:47.0770 0x0be8  TabletInputService - ok
18:16:47.0799 0x0be8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:16:47.0878 0x0be8  TapiSrv - ok
18:16:47.0899 0x0be8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:16:47.0934 0x0be8  TBS - ok
18:16:48.0018 0x0be8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:16:48.0075 0x0be8  Tcpip - ok
18:16:48.0124 0x0be8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:16:48.0172 0x0be8  TCPIP6 - ok
18:16:48.0211 0x0be8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:16:48.0252 0x0be8  tcpipreg - ok
18:16:48.0270 0x0be8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:16:48.0298 0x0be8  TDPIPE - ok
18:16:48.0333 0x0be8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:16:48.0363 0x0be8  TDTCP - ok
18:16:48.0381 0x0be8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:16:48.0418 0x0be8  tdx - ok
18:16:48.0449 0x0be8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:16:48.0459 0x0be8  TermDD - ok
18:16:48.0502 0x0be8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
18:16:48.0575 0x0be8  TermService - ok
18:16:48.0591 0x0be8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:16:48.0613 0x0be8  Themes - ok
18:16:48.0636 0x0be8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:16:48.0669 0x0be8  THREADORDER - ok
18:16:48.0679 0x0be8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:16:48.0731 0x0be8  TrkWks - ok
18:16:48.0784 0x0be8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:16:48.0825 0x0be8  TrustedInstaller - ok
18:16:48.0841 0x0be8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:16:48.0871 0x0be8  tssecsrv - ok
18:16:48.0911 0x0be8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:16:48.0938 0x0be8  TsUsbFlt - ok
18:16:48.0949 0x0be8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:16:48.0985 0x0be8  TsUsbGD - ok
18:16:49.0022 0x0be8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:16:49.0076 0x0be8  tunnel - ok
18:16:49.0104 0x0be8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:16:49.0116 0x0be8  uagp35 - ok
18:16:49.0134 0x0be8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:16:49.0203 0x0be8  udfs - ok
18:16:49.0232 0x0be8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:16:49.0252 0x0be8  UI0Detect - ok
18:16:49.0274 0x0be8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:16:49.0286 0x0be8  uliagpkx - ok
18:16:49.0311 0x0be8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:16:49.0371 0x0be8  umbus - ok
18:16:49.0412 0x0be8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:16:49.0441 0x0be8  UmPass - ok
18:16:49.0576 0x0be8  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:16:49.0647 0x0be8  UNS - ok
18:16:49.0681 0x0be8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:16:49.0742 0x0be8  upnphost - ok
18:16:49.0777 0x0be8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:16:49.0819 0x0be8  USBAAPL64 - ok
18:16:49.0831 0x0be8  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:16:49.0866 0x0be8  usbccgp - ok
18:16:49.0909 0x0be8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:16:49.0981 0x0be8  usbcir - ok
18:16:50.0023 0x0be8  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:16:50.0050 0x0be8  usbehci - ok
18:16:50.0092 0x0be8  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:16:50.0138 0x0be8  usbhub - ok
18:16:50.0164 0x0be8  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:16:50.0181 0x0be8  usbohci - ok
18:16:50.0207 0x0be8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:16:50.0241 0x0be8  usbprint - ok
18:16:50.0288 0x0be8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:16:50.0336 0x0be8  usbscan - ok
18:16:50.0363 0x0be8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:16:50.0417 0x0be8  USBSTOR - ok
18:16:50.0442 0x0be8  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:16:50.0474 0x0be8  usbuhci - ok
18:16:50.0524 0x0be8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:16:50.0580 0x0be8  usbvideo - ok
18:16:50.0604 0x0be8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:16:50.0651 0x0be8  UxSms - ok
18:16:50.0669 0x0be8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
18:16:50.0680 0x0be8  VaultSvc - ok
18:16:50.0712 0x0be8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:16:50.0722 0x0be8  vdrvroot - ok
18:16:50.0749 0x0be8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:16:50.0807 0x0be8  vds - ok
18:16:50.0856 0x0be8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:16:50.0875 0x0be8  vga - ok
18:16:50.0888 0x0be8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:16:50.0923 0x0be8  VgaSave - ok
18:16:50.0958 0x0be8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:16:50.0973 0x0be8  vhdmp - ok
18:16:51.0000 0x0be8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:16:51.0010 0x0be8  viaide - ok
18:16:51.0035 0x0be8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:16:51.0046 0x0be8  volmgr - ok
18:16:51.0063 0x0be8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:16:51.0079 0x0be8  volmgrx - ok
18:16:51.0115 0x0be8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:16:51.0132 0x0be8  volsnap - ok
18:16:51.0167 0x0be8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:16:51.0180 0x0be8  vsmraid - ok
18:16:51.0265 0x0be8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:16:51.0366 0x0be8  VSS - ok
18:16:51.0511 0x0be8  [ 18B00BCF217A1D3306E17202AFD1E051, 237AC66CBA887A33A320B6A1DCD3587DD579886DAC043BE00AB736080BCAD330 ] vToolbarUpdater17.1.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
18:16:51.0591 0x0be8  vToolbarUpdater17.1.2 - ok
18:16:51.0613 0x0be8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:16:51.0646 0x0be8  vwifibus - ok
18:16:51.0682 0x0be8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:16:51.0722 0x0be8  vwififlt - ok
18:16:51.0762 0x0be8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:16:51.0812 0x0be8  W32Time - ok
18:16:51.0829 0x0be8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:16:51.0858 0x0be8  WacomPen - ok
18:16:51.0903 0x0be8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:16:51.0948 0x0be8  WANARP - ok
18:16:51.0952 0x0be8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:16:51.0981 0x0be8  Wanarpv6 - ok
18:16:52.0046 0x0be8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:16:52.0104 0x0be8  WatAdminSvc - ok
18:16:52.0167 0x0be8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:16:52.0249 0x0be8  wbengine - ok
18:16:52.0265 0x0be8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:16:52.0289 0x0be8  WbioSrvc - ok
18:16:52.0316 0x0be8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:16:52.0355 0x0be8  wcncsvc - ok
18:16:52.0389 0x0be8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:16:52.0412 0x0be8  WcsPlugInService - ok
18:16:52.0434 0x0be8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:16:52.0444 0x0be8  Wd - ok
18:16:52.0486 0x0be8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:16:52.0522 0x0be8  Wdf01000 - ok
18:16:52.0557 0x0be8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:16:52.0646 0x0be8  WdiServiceHost - ok
18:16:52.0649 0x0be8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:16:52.0666 0x0be8  WdiSystemHost - ok
18:16:52.0707 0x0be8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:16:52.0726 0x0be8  WebClient - ok
18:16:52.0763 0x0be8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:16:52.0820 0x0be8  Wecsvc - ok
18:16:52.0839 0x0be8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:16:52.0870 0x0be8  wercplsupport - ok
18:16:52.0896 0x0be8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:16:52.0949 0x0be8  WerSvc - ok
18:16:52.0977 0x0be8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:16:53.0012 0x0be8  WfpLwf - ok
18:16:53.0022 0x0be8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:16:53.0032 0x0be8  WIMMount - ok
18:16:53.0057 0x0be8  WinDefend - ok
18:16:53.0069 0x0be8  WinHttpAutoProxySvc - ok
18:16:53.0129 0x0be8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:16:53.0205 0x0be8  Winmgmt - ok
18:16:53.0288 0x0be8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:16:53.0382 0x0be8  WinRM - ok
18:16:53.0430 0x0be8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:16:53.0451 0x0be8  WinUsb - ok
18:16:53.0498 0x0be8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:16:53.0558 0x0be8  Wlansvc - ok
18:16:53.0597 0x0be8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:16:53.0633 0x0be8  wlcrasvc - ok
18:16:53.0788 0x0be8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:16:53.0851 0x0be8  wlidsvc - ok
18:16:53.0893 0x0be8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:16:53.0919 0x0be8  WmiAcpi - ok
18:16:53.0943 0x0be8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:16:53.0977 0x0be8  wmiApSrv - ok
18:16:54.0007 0x0be8  WMPNetworkSvc - ok
18:16:54.0081 0x0be8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:16:54.0108 0x0be8  WPCSvc - ok
18:16:54.0125 0x0be8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:16:54.0144 0x0be8  WPDBusEnum - ok
18:16:54.0163 0x0be8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:16:54.0236 0x0be8  ws2ifsl - ok
18:16:54.0280 0x0be8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:16:54.0319 0x0be8  wscsvc - ok
18:16:54.0321 0x0be8  WSearch - ok
18:16:54.0402 0x0be8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:16:54.0477 0x0be8  wuauserv - ok
18:16:54.0503 0x0be8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:16:54.0546 0x0be8  WudfPf - ok
18:16:54.0558 0x0be8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:16:54.0607 0x0be8  WUDFRd - ok
18:16:54.0654 0x0be8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:16:54.0696 0x0be8  wudfsvc - ok
18:16:54.0734 0x0be8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:16:54.0777 0x0be8  WwanSvc - ok
18:16:54.0810 0x0be8  ================ Scan global ===============================
18:16:54.0830 0x0be8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:16:54.0865 0x0be8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:16:54.0883 0x0be8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:16:54.0930 0x0be8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:16:54.0980 0x0be8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:16:54.0991 0x0be8  [ Global ] - ok
18:16:54.0991 0x0be8  ================ Scan MBR ==================================
18:16:55.0001 0x0be8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:16:55.0346 0x0be8  \Device\Harddisk0\DR0 - ok
18:16:55.0346 0x0be8  ================ Scan VBR ==================================
18:16:55.0355 0x0be8  [ F4D3474B419AE088AEE25E3BD8413232 ] \Device\Harddisk0\DR0\Partition1
18:16:55.0356 0x0be8  \Device\Harddisk0\DR0\Partition1 - ok
18:16:55.0373 0x0be8  [ 82A069933D0D1048A8329F59749FF3A7 ] \Device\Harddisk0\DR0\Partition2
18:16:55.0375 0x0be8  \Device\Harddisk0\DR0\Partition2 - ok
18:16:55.0406 0x0be8  [ C8D5C65889B37AD5BBE8C8FA4D583387 ] \Device\Harddisk0\DR0\Partition3
18:16:55.0407 0x0be8  \Device\Harddisk0\DR0\Partition3 - ok
18:16:55.0421 0x0be8  [ 2B7569CFB92420C95165F213FEF8CBF9 ] \Device\Harddisk0\DR0\Partition4
18:16:55.0421 0x0be8  \Device\Harddisk0\DR0\Partition4 - ok
18:16:55.0422 0x0be8  Waiting for KSN requests completion. In queue: 93
18:16:56.0422 0x0be8  Waiting for KSN requests completion. In queue: 93
18:16:57.0423 0x0be8  Waiting for KSN requests completion. In queue: 93
18:16:58.0507 0x0be8  AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )
18:16:58.0521 0x0be8  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\WSCStub.exe ( 18.7.0.0 ), 0x50010 ( disabled : outofdate )
18:16:58.0522 0x0be8  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\WSCStub.exe ( 18.7.0.0 ), 0x50010 ( disabled )
18:16:58.0525 0x0be8  Win FW state via NFP2: enabled
18:17:01.0267 0x0be8  ============================================================
18:17:01.0267 0x0be8  Scan finished
18:17:01.0267 0x0be8  ============================================================
18:17:01.0272 0x1b94  Detected object count: 0
18:17:01.0272 0x1b94  Actual detected object count: 0
18:17:33.0524 0x0d6c  Deinitialize success
 
 
ASWMBR:
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-27 18:19:38
-----------------------------
18:19:38.746    OS Version: Windows x64 6.1.7601 Service Pack 1
18:19:38.746    Number of processors: 8 586 0x2A07
18:19:38.746    ComputerName: DIANATOPTRAINER  UserName: Diana
18:19:40.218    Initialize success
18:22:10.920    AVAST engine defs: 13111900
18:22:15.336    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:22:15.338    Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
18:22:15.535    Disk 0 MBR read successfully
18:22:15.537    Disk 0 MBR scan
18:22:15.540    Disk 0 Windows 7 default MBR code
18:22:15.543    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
18:22:15.573    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       700545 MB offset 409600
18:22:15.606    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        14556 MB offset 1435125760
18:22:15.665    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      102 MB offset 1464936448
18:22:15.808    Disk 0 scanning C:\Windows\system32\drivers
18:22:25.986    Service scanning
18:23:04.325    Modules scanning
18:23:04.331    Disk 0 trace - called modules:
18:23:04.394    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
18:23:04.398    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a38d790]
18:23:04.401    3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8007f91b10]
18:23:04.404    5 hpdskflt.sys[fffff88001bf2189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a54050]
18:23:05.883    AVAST engine scan C:\Windows
18:23:08.372    AVAST engine scan C:\Windows\system32
18:27:08.940    AVAST engine scan C:\Windows\system32\drivers
18:27:24.662    AVAST engine scan C:\Users\Diana
18:32:16.339    AVAST engine scan C:\ProgramData
18:36:13.209    Scan finished successfully
18:53:45.256    Disk 0 MBR has been saved successfully to "C:\Users\Diana\Desktop\MBR.dat"
18:53:45.259    The log file has been saved successfully to "C:\Users\Diana\Desktop\aswMBR.txt"
 
 
 
 

Attached Files

  • Attached File  MBR.zip   580bytes   0 downloads

Edited by RohanShah, 27 December 2013 - 06:58 PM.


#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:01 PM

Posted 28 December 2013 - 08:34 AM


Your Master Boot Record is fine.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:01 PM

Posted 03 January 2014 - 09:49 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users