Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constantly losing hard drive space


  • Please log in to reply
12 replies to this topic

#1 agentwd40

agentwd40

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 30 December 2013 - 08:19 PM

I have a Dell Studio XPS with a 450 GB hard drive and 4 GB RAM. My operating system is Windows 7 64 bit. My antivirus program is Norton Security Suite, and I also have Malwarebytes Anti-Malware. I've run both but have not been able to find anything. However, recently I have rapidly been losing hard drive space when connected to the internet down to the point it's getting critical, although I have not been downloading anything.

 

For example, until recently I had close to 90-100 GB still free. I got a low memory warning the other day and was surprised to find that my free space was down to about 100 megabytes, so I quickly removed 10 GB's of programs, etc. It then showed that I had a little over 10 or 11 GB's free. Today when I turned on my computer I checked and found that I had about 8 GB's. I've been connected to the Internet for about two or three hours and now and down to 212 megabytes again.

 

I've also had Norton Security Suite inform me from time to time of high browser use. The box that comes up indicates something downloaded and/or actions not related to anything I'm doing, although Norton says "no suspicious actions have been performed". One recently had to do with elementsorganizersyncagent. Again, no matter how much I delete from my hard drive, it keeps filling up. I suspect malware, a virus, or rootkit, but have been unable to detect it with my security programs.

 

I would appreciate any help I can get from this forum.

 

Thanks in advance!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 31 December 2013 - 12:12 AM

Hello agentwd40

This may be a slippery rootkit

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 31 December 2013 - 12:33 AM

Hi boopme,

 

Here's the log from TDSSKiller:

 

21:27:00.0088 0x3100  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
21:27:11.0684 0x3100  ============================================================
21:27:11.0684 0x3100  Current date / time: 2013/12/30 21:27:11.0684
21:27:11.0684 0x3100  SystemInfo:
21:27:11.0684 0x3100  
21:27:11.0684 0x3100  OS Version: 6.1.7601 ServicePack: 1.0
21:27:11.0684 0x3100  Product type: Workstation
21:27:11.0684 0x3100  ComputerName: VINCE-PC
21:27:11.0684 0x3100  UserName: Vince
21:27:11.0684 0x3100  Windows directory: C:\Windows
21:27:11.0684 0x3100  System windows directory: C:\Windows
21:27:11.0684 0x3100  Running under WOW64
21:27:11.0684 0x3100  Processor architecture: Intel x64
21:27:11.0684 0x3100  Number of processors: 2
21:27:11.0684 0x3100  Page size: 0x1000
21:27:11.0684 0x3100  Boot type: Normal boot
21:27:11.0684 0x3100  ============================================================
21:27:14.0170 0x3100  KLMD registered as C:\Windows\system32\drivers\91775757.sys
21:27:14.0388 0x3100  System UUID: {49C66100-2DFD-340E-DBC3-8D76D2BDE12B}
21:27:15.0154 0x3100  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:27:15.0164 0x3100  ============================================================
21:27:15.0164 0x3100  \Device\Harddisk0\DR0:
21:27:15.0164 0x3100  MBR partitions:
21:27:15.0164 0x3100  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
21:27:15.0164 0x3100  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
21:27:15.0164 0x3100  ============================================================
21:27:15.0204 0x3100  C: <-> \Device\Harddisk0\DR0\Partition2
21:27:15.0204 0x3100  ============================================================
21:27:15.0204 0x3100  Initialize success
21:27:15.0204 0x3100  ============================================================
21:27:49.0472 0x2b3c  ============================================================
21:27:49.0472 0x2b3c  Scan started
21:27:49.0472 0x2b3c  Mode: Manual;
21:27:49.0472 0x2b3c  ============================================================
21:27:49.0472 0x2b3c  KSN ping started
21:27:54.0738 0x2b3c  KSN ping finished: true
21:27:55.0272 0x2b3c  ================ Scan system memory ========================
21:27:55.0272 0x2b3c  System memory - ok
21:27:55.0272 0x2b3c  ================ Scan services =============================
21:27:55.0562 0x2b3c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:27:55.0572 0x2b3c  1394ohci - ok
21:27:55.0652 0x2b3c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:27:55.0662 0x2b3c  ACPI - ok
21:27:55.0702 0x2b3c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:27:55.0712 0x2b3c  AcpiPmi - ok
21:27:55.0932 0x2b3c  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
21:27:55.0932 0x2b3c  AdobeActiveFileMonitor9.0 - ok
21:27:56.0092 0x2b3c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:27:56.0092 0x2b3c  AdobeARMservice - ok
21:27:56.0302 0x2b3c  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:27:56.0312 0x2b3c  AdobeFlashPlayerUpdateSvc - ok
21:27:56.0402 0x2b3c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:27:56.0422 0x2b3c  adp94xx - ok
21:27:56.0462 0x2b3c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:27:56.0472 0x2b3c  adpahci - ok
21:27:56.0482 0x2b3c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:27:56.0482 0x2b3c  adpu320 - ok
21:27:56.0532 0x2b3c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:27:56.0542 0x2b3c  AeLookupSvc - ok
21:27:56.0734 0x2b3c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
21:27:56.0734 0x2b3c  AESTFilters - ok
21:27:56.0856 0x2b3c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
21:27:56.0876 0x2b3c  AFD - ok
21:27:56.0996 0x2b3c  [ 48008D4EA73C1058F36D323A644410D4, D0219AE0197BBD4C7BD75CD7564013B11497562F71C97918856B176942D86F65 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
21:27:56.0996 0x2b3c  AgereModemAudio - ok
21:27:57.0056 0x2b3c  [ D7CF6568AA20A5B5CDBFECD097B615DB, 3562A62BAC2DFF2A8766BE129109BFEDF54AE09C63D65C93E9FE4ACDEA82B6AC ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:27:57.0096 0x2b3c  AgereSoftModem - ok
21:27:57.0148 0x2b3c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:27:57.0148 0x2b3c  agp440 - ok
21:27:57.0454 0x2b3c  [ BBE9054FDADC8D49D29C5DA4FB84A803, 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
21:27:57.0454 0x2b3c  Suspicious file ( Hidden ): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803, sha256: 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF
21:27:57.0462 0x2b3c  Akamai - detected HiddenFile.Multi.Generic ( 1 )
21:28:04.0670 0x2b3c  Detect skipped due to KSN trusted
21:28:04.0670 0x2b3c  Akamai - ok
21:28:04.0730 0x2b3c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:28:04.0730 0x2b3c  ALG - ok
21:28:04.0780 0x2b3c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:28:04.0800 0x2b3c  aliide - ok
21:28:04.0882 0x2b3c  [ F238BE4FA4E55EB67F17281FADF69851, 99BABE626502E431A0BBD7C57606E9FF2A0559355BE14B25870AF2889E773DDE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:28:04.0892 0x2b3c  AMD External Events Utility - ok
21:28:04.0902 0x2b3c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:28:04.0912 0x2b3c  amdide - ok
21:28:04.0972 0x2b3c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:28:04.0972 0x2b3c  AmdK8 - ok
21:28:04.0992 0x2b3c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:28:04.0992 0x2b3c  AmdPPM - ok
21:28:05.0062 0x2b3c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:28:05.0072 0x2b3c  amdsata - ok
21:28:05.0102 0x2b3c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:28:05.0112 0x2b3c  amdsbs - ok
21:28:05.0162 0x2b3c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:28:05.0162 0x2b3c  amdxata - ok
21:28:05.0182 0x2b3c  AntiLog32 - ok
21:28:05.0302 0x2b3c  [ F9DAC844B1D370DA4C984D4C22F5E696, 753B08E4D4CC09C91C16394F6A420E6DA033D41FDE510A41F900C1CED0E6B946 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
21:28:05.0322 0x2b3c  AntiSpywareService - ok
21:28:05.0452 0x2b3c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:28:05.0482 0x2b3c  AppID - ok
21:28:05.0582 0x2b3c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:28:05.0662 0x2b3c  AppIDSvc - ok
21:28:05.0712 0x2b3c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:28:05.0712 0x2b3c  Appinfo - ok
21:28:05.0818 0x2b3c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:28:05.0823 0x2b3c  Apple Mobile Device - ok
21:28:05.0904 0x2b3c  [ 1B1A533F3BE2A540C8F58F14B2886A97, D748230648B2C2E95E659709330E99425BC66DE7220360E9A4700B48F9D047BB ] appliand        C:\Windows\system32\DRIVERS\appliand.sys
21:28:05.0914 0x2b3c  appliand - ok
21:28:05.0944 0x2b3c  [ 1B1A533F3BE2A540C8F58F14B2886A97, D748230648B2C2E95E659709330E99425BC66DE7220360E9A4700B48F9D047BB ] appliandMP      C:\Windows\system32\DRIVERS\appliand.sys
21:28:05.0944 0x2b3c  appliandMP - ok
21:28:06.0004 0x2b3c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:28:06.0004 0x2b3c  arc - ok
21:28:06.0024 0x2b3c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:28:06.0024 0x2b3c  arcsas - ok
21:28:06.0244 0x2b3c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:28:06.0254 0x2b3c  aspnet_state - ok
21:28:06.0274 0x2b3c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:28:06.0284 0x2b3c  AsyncMac - ok
21:28:06.0334 0x2b3c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:28:06.0334 0x2b3c  atapi - ok
21:28:06.0404 0x2b3c  [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
21:28:06.0414 0x2b3c  AtiHdmiService - ok
21:28:06.0643 0x2b3c  [ 2DB9047AAC9D981F59CE06D04D70C4D8, 693BF867B01B3C0864B5228A2FB50DA779578E8359E98B139F703CF3538CF976 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:28:06.0822 0x2b3c  atikmdag - ok
21:28:06.0918 0x2b3c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:28:06.0948 0x2b3c  AudioEndpointBuilder - ok
21:28:06.0984 0x2b3c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:28:06.0996 0x2b3c  AudioSrv - ok
21:28:07.0070 0x2b3c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:28:07.0070 0x2b3c  AxInstSV - ok
21:28:07.0120 0x2b3c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:28:07.0150 0x2b3c  b06bdrv - ok
21:28:07.0180 0x2b3c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:28:07.0190 0x2b3c  b57nd60a - ok
21:28:07.0250 0x2b3c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:28:07.0260 0x2b3c  BDESVC - ok
21:28:07.0260 0x2b3c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:28:07.0260 0x2b3c  Beep - ok
21:28:07.0360 0x2b3c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:28:07.0380 0x2b3c  BFE - ok
21:28:07.0680 0x2b3c  [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
21:28:07.0760 0x2b3c  BHDrvx64 - ok
21:28:07.0802 0x2b3c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:28:07.0842 0x2b3c  BITS - ok
21:28:07.0874 0x2b3c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:28:07.0877 0x2b3c  blbdrive - ok
21:28:08.0004 0x2b3c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:28:08.0034 0x2b3c  Bonjour Service - ok
21:28:08.0094 0x2b3c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:28:08.0094 0x2b3c  bowser - ok
21:28:08.0144 0x2b3c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:28:08.0144 0x2b3c  BrFiltLo - ok
21:28:08.0164 0x2b3c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:28:08.0164 0x2b3c  BrFiltUp - ok
21:28:08.0234 0x2b3c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:28:08.0234 0x2b3c  Browser - ok
21:28:08.0264 0x2b3c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:28:08.0274 0x2b3c  Brserid - ok
21:28:08.0284 0x2b3c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:28:08.0294 0x2b3c  BrSerWdm - ok
21:28:08.0304 0x2b3c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:28:08.0314 0x2b3c  BrUsbMdm - ok
21:28:08.0314 0x2b3c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:28:08.0314 0x2b3c  BrUsbSer - ok
21:28:08.0384 0x2b3c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:28:08.0384 0x2b3c  BthEnum - ok
21:28:08.0404 0x2b3c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:28:08.0404 0x2b3c  BTHMODEM - ok
21:28:08.0484 0x2b3c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:28:08.0484 0x2b3c  BthPan - ok
21:28:08.0554 0x2b3c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:28:08.0574 0x2b3c  BTHPORT - ok
21:28:08.0634 0x2b3c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:28:08.0634 0x2b3c  bthserv - ok
21:28:08.0654 0x2b3c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:28:08.0664 0x2b3c  BTHUSB - ok
21:28:08.0744 0x2b3c  [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
21:28:08.0744 0x2b3c  btusbflt - ok
21:28:08.0801 0x2b3c  [ 319C67F7D157EAAC519DCC5F29E929D0, 881819F2A9E2E58A97C86FA081C4207388092E3B99A98957772219FD1FBDE9B1 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:28:08.0805 0x2b3c  btwaudio - ok
21:28:08.0820 0x2b3c  [ 0B79273C8C2846D28AAB936E7A2DBAAD, 6BFA115E526C882297C230DA157AC7FC5056D1F039E9A832A435F8F2D2C2EB38 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
21:28:08.0825 0x2b3c  btwavdt - ok
21:28:08.0976 0x2b3c  [ 6C32A638EE80FD832418CE78E516FFA1, 5E15CC7F613437AD25F433F53053D087EA535F9CE5820D516A09A0EC44B12DDA ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
21:28:09.0006 0x2b3c  btwdins - ok
21:28:09.0056 0x2b3c  [ FDA1B5124E07003C3D0D279E5050485E, 36ED21BC3D902DFC6374821134D7D5615C25F1D6EBA49984374E902C80F05811 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:28:09.0056 0x2b3c  btwl2cap - ok
21:28:09.0076 0x2b3c  [ 47216D8B5F4042E6D0736BFA2E57B5DF, AC93D8A7552E7E74A158CDF019349E53A24BF364CF8EC36D4C4EB618A18DED73 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:28:09.0076 0x2b3c  btwrchid - ok
21:28:09.0208 0x2b3c  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys
21:28:09.0218 0x2b3c  ccSet_N360 - ok
21:28:09.0288 0x2b3c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:28:09.0298 0x2b3c  cdfs - ok
21:28:09.0358 0x2b3c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:28:09.0368 0x2b3c  cdrom - ok
21:28:09.0508 0x2b3c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:28:09.0538 0x2b3c  CertPropSvc - ok
21:28:09.0638 0x2b3c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:28:09.0648 0x2b3c  circlass - ok
21:28:09.0708 0x2b3c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:28:09.0718 0x2b3c  CLFS - ok
21:28:09.0878 0x2b3c  [ DE48552360FA8BDF569D83F07CB1B566, 2929DD6B2FB17108D2D0DAB851EB97BAC9C4D5DFB1ACCFBE1041132881F0DD8E ] CLKMSVC10_1628BCEA C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe
21:28:09.0996 0x2b3c  CLKMSVC10_1628BCEA - ok
21:28:10.0100 0x2b3c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:28:10.0130 0x2b3c  clr_optimization_v2.0.50727_32 - ok
21:28:10.0210 0x2b3c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:28:10.0220 0x2b3c  clr_optimization_v2.0.50727_64 - ok
21:28:10.0350 0x2b3c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:28:10.0370 0x2b3c  clr_optimization_v4.0.30319_32 - ok
21:28:10.0390 0x2b3c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:28:10.0400 0x2b3c  clr_optimization_v4.0.30319_64 - ok
21:28:10.0440 0x2b3c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:28:10.0440 0x2b3c  CmBatt - ok
21:28:10.0490 0x2b3c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:28:10.0490 0x2b3c  cmdide - ok
21:28:10.0550 0x2b3c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:28:10.0570 0x2b3c  CNG - ok
21:28:10.0630 0x2b3c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:28:10.0640 0x2b3c  Compbatt - ok
21:28:10.0730 0x2b3c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:28:10.0730 0x2b3c  CompositeBus - ok
21:28:10.0740 0x2b3c  COMSysApp - ok
21:28:10.0760 0x2b3c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:28:10.0760 0x2b3c  crcdisk - ok
21:28:10.0820 0x2b3c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:28:10.0830 0x2b3c  CryptSvc - ok
21:28:10.0900 0x2b3c  [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:28:10.0910 0x2b3c  CtClsFlt - ok
21:28:10.0970 0x2b3c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:28:11.0000 0x2b3c  DcomLaunch - ok
21:28:11.0060 0x2b3c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:28:11.0070 0x2b3c  defragsvc - ok
21:28:11.0130 0x2b3c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:28:11.0130 0x2b3c  DfsC - ok
21:28:11.0211 0x2b3c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:28:11.0222 0x2b3c  Dhcp - ok
21:28:11.0242 0x2b3c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:28:11.0242 0x2b3c  discache - ok
21:28:11.0252 0x2b3c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:28:11.0262 0x2b3c  Disk - ok
21:28:11.0322 0x2b3c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:28:11.0332 0x2b3c  Dnscache - ok
21:28:11.0434 0x2b3c  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:28:11.0434 0x2b3c  DockLoginService - ok
21:28:11.0514 0x2b3c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:28:11.0514 0x2b3c  dot3svc - ok
21:28:11.0624 0x2b3c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:28:11.0634 0x2b3c  Dot4 - ok
21:28:11.0694 0x2b3c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
21:28:11.0704 0x2b3c  Dot4Print - ok
21:28:11.0764 0x2b3c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:28:11.0764 0x2b3c  dot4usb - ok
21:28:11.0856 0x2b3c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:28:11.0856 0x2b3c  DPS - ok
21:28:11.0936 0x2b3c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:28:11.0936 0x2b3c  drmkaud - ok
21:28:12.0016 0x2b3c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:28:12.0046 0x2b3c  DXGKrnl - ok
21:28:12.0106 0x2b3c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:28:12.0116 0x2b3c  EapHost - ok
21:28:12.0267 0x2b3c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:28:12.0385 0x2b3c  ebdrv - ok
21:28:12.0570 0x2b3c  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:28:12.0610 0x2b3c  eeCtrl - ok
21:28:12.0660 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
21:28:12.0670 0x2b3c  EFS - ok
21:28:12.0790 0x2b3c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:28:12.0820 0x2b3c  ehRecvr - ok
21:28:12.0880 0x2b3c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:28:12.0880 0x2b3c  ehSched - ok
21:28:12.0950 0x2b3c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:28:12.0980 0x2b3c  elxstor - ok
21:28:13.0070 0x2b3c  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:28:13.0080 0x2b3c  EraserUtilRebootDrv - ok
21:28:13.0140 0x2b3c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:28:13.0140 0x2b3c  ErrDev - ok
21:28:13.0241 0x2b3c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:28:13.0258 0x2b3c  EventSystem - ok
21:28:13.0278 0x2b3c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:28:13.0284 0x2b3c  exfat - ok
21:28:13.0342 0x2b3c  [ BA53322B71B66CED30F5232A68A57DD2, 944CD88E90910240C2740ACB112C9484C585FFCB1C41C1886288C72ABA44AF84 ] FACAP           C:\Windows\system32\DRIVERS\facap.sys
21:28:13.0342 0x2b3c  FACAP - ok
21:28:13.0566 0x2b3c  [ FC7CE548E7E4F5A1F0EF3888FCB49106, D6F400CDA25F12A71C416E712FDB3C0192D948981500194BA0C0F03D90120677 ] FAService       C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
21:28:13.0667 0x2b3c  FAService - ok
21:28:13.0696 0x2b3c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:28:13.0696 0x2b3c  fastfat - ok
21:28:13.0796 0x2b3c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:28:13.0826 0x2b3c  Fax - ok
21:28:13.0876 0x2b3c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:28:13.0906 0x2b3c  fdc - ok
21:28:13.0926 0x2b3c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:28:13.0926 0x2b3c  fdPHost - ok
21:28:13.0946 0x2b3c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:28:13.0956 0x2b3c  FDResPub - ok
21:28:13.0966 0x2b3c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:28:13.0966 0x2b3c  FileInfo - ok
21:28:13.0986 0x2b3c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:28:13.0986 0x2b3c  Filetrace - ok
21:28:14.0016 0x2b3c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:28:14.0016 0x2b3c  flpydisk - ok
21:28:14.0086 0x2b3c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:28:14.0096 0x2b3c  FltMgr - ok
21:28:14.0196 0x2b3c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:28:14.0236 0x2b3c  FontCache - ok
21:28:14.0338 0x2b3c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:28:14.0348 0x2b3c  FontCache3.0.0.0 - ok
21:28:14.0548 0x2b3c  [ 37C2FF67A2565286F1C1C1072BE74678, 788C427E4A0751D7F5F0FF3FB6422AD2FDA0E98C1248C0D74621704BFD7F3A34 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
21:28:14.0548 0x2b3c  Freemake Improver - ok
21:28:14.0668 0x2b3c  [ 93B5CD0AC126BE95F65B28AF3D9542DC, BFDAFE9B7A150056C1E6C683197CA7F9E86FF6EBD27178A70BE1FC9BF381D8AA ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
21:28:14.0668 0x2b3c  FreemakeVideoCapture - ok
21:28:14.0728 0x2b3c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:28:14.0728 0x2b3c  FsDepends - ok
21:28:14.0809 0x2b3c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:28:14.0811 0x2b3c  Fs_Rec - ok
21:28:14.0880 0x2b3c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:28:14.0880 0x2b3c  fvevol - ok
21:28:14.0900 0x2b3c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:28:14.0900 0x2b3c  gagp30kx - ok
21:28:15.0002 0x2b3c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:28:15.0072 0x2b3c  GEARAspiWDM - ok
21:28:15.0192 0x2b3c  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
21:28:15.0202 0x2b3c  GoToAssist - ok
21:28:15.0404 0x2b3c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:28:15.0424 0x2b3c  gpsvc - ok
21:28:15.0914 0x2b3c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:15.0954 0x2b3c  gupdate - ok
21:28:16.0134 0x2b3c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:16.0134 0x2b3c  gupdatem - ok
21:28:16.0284 0x2b3c  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:28:16.0284 0x2b3c  gusvc - ok
21:28:16.0334 0x2b3c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:28:16.0334 0x2b3c  hcw85cir - ok
21:28:16.0434 0x2b3c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:28:16.0484 0x2b3c  HDAudBus - ok
21:28:16.0514 0x2b3c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:28:16.0524 0x2b3c  HidBatt - ok
21:28:16.0644 0x2b3c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:28:16.0644 0x2b3c  HidBth - ok
21:28:16.0734 0x2b3c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:28:16.0744 0x2b3c  HidIr - ok
21:28:16.0794 0x2b3c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:28:17.0124 0x2b3c  hidserv - ok
21:28:17.0244 0x2b3c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:28:17.0274 0x2b3c  HidUsb - ok
21:28:17.0304 0x2b3c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:28:17.0304 0x2b3c  hkmsvc - ok
21:28:17.0358 0x2b3c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:28:17.0366 0x2b3c  HomeGroupListener - ok
21:28:17.0578 0x2b3c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:28:17.0588 0x2b3c  HomeGroupProvider - ok
21:28:18.0060 0x2b3c  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:28:18.0070 0x2b3c  hpqcxs08 - ok
21:28:18.0120 0x2b3c  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:28:18.0120 0x2b3c  hpqddsvc - ok
21:28:18.0180 0x2b3c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:28:18.0190 0x2b3c  HpSAMD - ok
21:28:18.0270 0x2b3c  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:28:18.0310 0x2b3c  HPSLPSVC - ok
21:28:18.0560 0x2b3c  [ 2E27D3CC5ABED98B85F81CE526083911, 2E8E976BB3E513516576382AC86E0F28B32BA8C02F62DC95EDC2C1B3C648F63A ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
21:28:18.0600 0x2b3c  hshld - ok
21:28:18.0682 0x2b3c  [ A60C877E1CD3AA2E4E5CCD8AF305C0F1, F7A673D88ED00CFE31DB18D4F57D1C451FAC12E86A95594D16A0D3D32BC410E0 ] HssDrv          C:\Windows\system32\DRIVERS\HssDrv.sys
21:28:18.0702 0x2b3c  HssDrv - ok
21:28:18.0742 0x2b3c  [ 88C43BDA9CF964600F6DF07F7C52452C, BBCA3204A6CAA095AE5FB2D07019632DE45B201532077B7BE5AAA2884D9056DD ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
21:28:18.0742 0x2b3c  HssDRV6 - ok
21:28:18.0852 0x2b3c  [ C814923312630B27E7983364B8C2131F, 1E25B8CC75ACDE871112BAC74363B087C4273C9B2F13C0F51232A76A2A7C4F51 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
21:28:18.0882 0x2b3c  HssTrayService - ok
21:28:19.0022 0x2b3c  [ A882434544B4B33BF945558AF0D9B1F2, 483C5391DFA68967FB814CD063FA47E609B29B1F7CADACAA8011BCB61D194DCE ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
21:28:19.0042 0x2b3c  HssWd - ok
21:28:19.0132 0x2b3c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:28:19.0162 0x2b3c  HTTP - ok
21:28:19.0212 0x2b3c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:28:19.0222 0x2b3c  hwpolicy - ok
21:28:19.0282 0x2b3c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:28:19.0292 0x2b3c  i8042prt - ok
21:28:19.0362 0x2b3c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:28:19.0382 0x2b3c  iaStorV - ok
21:28:19.0502 0x2b3c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:28:19.0502 0x2b3c  IDriverT - ok
21:28:19.0584 0x2b3c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:28:19.0614 0x2b3c  idsvc - ok
21:28:19.0906 0x2b3c  [ D7CB14B41DA52DF2EC143768E02F0E97, 97D6A49CA10508454F487F87F14249AE11646E365E89E3A2854AE05834DE9575 ] IDSVia64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131227.001\IDSvia64.sys
21:28:19.0926 0x2b3c  IDSVia64 - ok
21:28:19.0976 0x2b3c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:28:19.0986 0x2b3c  iirsp - ok
21:28:20.0076 0x2b3c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:28:20.0116 0x2b3c  IKEEXT - ok
21:28:20.0178 0x2b3c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:28:20.0188 0x2b3c  intelide - ok
21:28:20.0218 0x2b3c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:28:20.0228 0x2b3c  intelppm - ok
21:28:20.0278 0x2b3c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:28:20.0278 0x2b3c  IPBusEnum - ok
21:28:20.0338 0x2b3c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:28:20.0338 0x2b3c  IpFilterDriver - ok
21:28:20.0408 0x2b3c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:28:20.0438 0x2b3c  iphlpsvc - ok
21:28:20.0498 0x2b3c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:28:20.0508 0x2b3c  IPMIDRV - ok
21:28:20.0528 0x2b3c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:28:20.0528 0x2b3c  IPNAT - ok
21:28:20.0638 0x2b3c  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:28:20.0668 0x2b3c  iPod Service - ok
21:28:20.0698 0x2b3c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:28:20.0698 0x2b3c  IRENUM - ok
21:28:20.0748 0x2b3c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:28:20.0748 0x2b3c  isapnp - ok
21:28:20.0813 0x2b3c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:28:20.0870 0x2b3c  iScsiPrt - ok
21:28:20.0940 0x2b3c  [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
21:28:20.0940 0x2b3c  itecir - ok
21:28:21.0010 0x2b3c  [ 7DBAFE10C1B777305C80BEA42FBDA710, 768638FAD1FF94F2C15E2F1558F9A03730195B041CCBBC82241EC1F92CD7D46F ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
21:28:21.0010 0x2b3c  k57nd60a - ok
21:28:21.0040 0x2b3c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:28:21.0050 0x2b3c  kbdclass - ok
21:28:21.0070 0x2b3c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:28:21.0080 0x2b3c  kbdhid - ok
21:28:21.0090 0x2b3c  keycrypt - ok
21:28:21.0110 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
21:28:21.0110 0x2b3c  KeyIso - ok
21:28:21.0170 0x2b3c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:28:21.0180 0x2b3c  KSecDD - ok
21:28:21.0210 0x2b3c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:28:21.0210 0x2b3c  KSecPkg - ok
21:28:21.0260 0x2b3c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:28:21.0260 0x2b3c  ksthunk - ok
21:28:21.0320 0x2b3c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:28:21.0340 0x2b3c  KtmRm - ok
21:28:21.0400 0x2b3c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:28:21.0410 0x2b3c  LanmanServer - ok
21:28:21.0460 0x2b3c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:28:21.0460 0x2b3c  LanmanWorkstation - ok
21:28:21.0590 0x2b3c  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
21:28:21.0590 0x2b3c  LBTServ - ok
21:28:21.0679 0x2b3c  [ BECBD7CD46776B8739EE18061F45A581, 5379671AB2C04F9F9F4E5197255A9562B4E5EA2463355F996066E6FAB4F25EC9 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
21:28:21.0682 0x2b3c  LEqdUsb - ok
21:28:21.0742 0x2b3c  [ 21D6BD7D62C270059EB8E2B1D4095880, 93DD175A37C8BAE95BD922965D75E4D479375F009BF531E47A5853B00E17FC45 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
21:28:21.0742 0x2b3c  LHidEqd - ok
21:28:21.0812 0x2b3c  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:28:21.0812 0x2b3c  LHidFilt - ok
21:28:21.0832 0x2b3c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:28:21.0832 0x2b3c  lltdio - ok
21:28:21.0922 0x2b3c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:28:21.0962 0x2b3c  lltdsvc - ok
21:28:22.0002 0x2b3c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:28:22.0002 0x2b3c  lmhosts - ok
21:28:22.0022 0x2b3c  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:28:22.0022 0x2b3c  LMouFilt - ok
21:28:22.0062 0x2b3c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:28:22.0062 0x2b3c  LSI_FC - ok
21:28:22.0122 0x2b3c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:28:22.0132 0x2b3c  LSI_SAS - ok
21:28:22.0152 0x2b3c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:28:22.0152 0x2b3c  LSI_SAS2 - ok
21:28:22.0162 0x2b3c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:28:22.0172 0x2b3c  LSI_SCSI - ok
21:28:22.0202 0x2b3c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:28:22.0212 0x2b3c  luafv - ok
21:28:22.0292 0x2b3c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:28:22.0292 0x2b3c  MBAMProtector - ok
21:28:22.0432 0x2b3c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:28:22.0452 0x2b3c  MBAMScheduler - ok
21:28:22.0532 0x2b3c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:28:22.0552 0x2b3c  MBAMService - ok
21:28:22.0612 0x2b3c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:28:22.0622 0x2b3c  Mcx2Svc - ok
21:28:22.0632 0x2b3c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:28:22.0632 0x2b3c  megasas - ok
21:28:22.0662 0x2b3c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:28:22.0672 0x2b3c  MegaSR - ok
21:28:22.0734 0x2b3c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:28:22.0744 0x2b3c  MMCSS - ok
21:28:22.0754 0x2b3c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:28:22.0754 0x2b3c  Modem - ok
21:28:22.0784 0x2b3c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:28:22.0784 0x2b3c  monitor - ok
21:28:22.0814 0x2b3c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:28:22.0814 0x2b3c  mouclass - ok
21:28:22.0864 0x2b3c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:28:22.0874 0x2b3c  mouhid - ok
21:28:22.0924 0x2b3c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:28:22.0934 0x2b3c  mountmgr - ok
21:28:23.0044 0x2b3c  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:28:23.0044 0x2b3c  MozillaMaintenance - ok
21:28:23.0104 0x2b3c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:28:23.0124 0x2b3c  mpio - ok
21:28:23.0154 0x2b3c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:28:23.0154 0x2b3c  mpsdrv - ok
21:28:23.0224 0x2b3c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:28:23.0264 0x2b3c  MpsSvc - ok
21:28:23.0344 0x2b3c  MREMP50 - ok
21:28:23.0404 0x2b3c  MREMP50a64 - ok
21:28:23.0414 0x2b3c  MREMPR5 - ok
21:28:23.0434 0x2b3c  MRENDIS5 - ok
21:28:23.0454 0x2b3c  MRESP50 - ok
21:28:23.0454 0x2b3c  MRESP50a64 - ok
21:28:23.0514 0x2b3c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:28:23.0514 0x2b3c  MRxDAV - ok
21:28:23.0584 0x2b3c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:28:23.0584 0x2b3c  mrxsmb - ok
21:28:23.0644 0x2b3c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:28:23.0654 0x2b3c  mrxsmb10 - ok
21:28:23.0704 0x2b3c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:28:23.0714 0x2b3c  mrxsmb20 - ok
21:28:23.0788 0x2b3c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:28:23.0793 0x2b3c  msahci - ok
21:28:23.0856 0x2b3c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:28:23.0866 0x2b3c  msdsm - ok
21:28:23.0886 0x2b3c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:28:23.0896 0x2b3c  MSDTC - ok
21:28:23.0956 0x2b3c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:28:23.0956 0x2b3c  Msfs - ok
21:28:23.0986 0x2b3c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:28:23.0986 0x2b3c  mshidkmdf - ok
21:28:23.0996 0x2b3c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:28:23.0996 0x2b3c  msisadrv - ok
21:28:24.0046 0x2b3c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:28:24.0056 0x2b3c  MSiSCSI - ok
21:28:24.0056 0x2b3c  msiserver - ok
21:28:24.0086 0x2b3c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:28:24.0096 0x2b3c  MSKSSRV - ok
21:28:24.0116 0x2b3c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:28:24.0116 0x2b3c  MSPCLOCK - ok
21:28:24.0136 0x2b3c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:28:24.0136 0x2b3c  MSPQM - ok
21:28:24.0196 0x2b3c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:28:24.0216 0x2b3c  MsRPC - ok
21:28:24.0236 0x2b3c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:28:24.0236 0x2b3c  mssmbios - ok
21:28:24.0256 0x2b3c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:28:24.0256 0x2b3c  MSTEE - ok
21:28:24.0266 0x2b3c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:28:24.0276 0x2b3c  MTConfig - ok
21:28:24.0296 0x2b3c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:28:24.0296 0x2b3c  Mup - ok
21:28:24.0527 0x2b3c  [ D57EC83468C328E2C3029A0BAA722072, 71714FCCDF625A0959FDB4E70FCCBCF184345537BE9509987F798837B392653E ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
21:28:24.0537 0x2b3c  N360 - ok
21:28:24.0637 0x2b3c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:28:24.0667 0x2b3c  napagent - ok
21:28:24.0737 0x2b3c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:28:24.0747 0x2b3c  NativeWifiP - ok
21:28:24.0847 0x2b3c  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131229.021\ENG64.SYS
21:28:24.0847 0x2b3c  NAVENG - ok
21:28:24.0947 0x2b3c  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131229.021\EX64.SYS
21:28:25.0029 0x2b3c  NAVEX15 - ok
21:28:25.0121 0x2b3c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:28:25.0161 0x2b3c  NDIS - ok
21:28:25.0221 0x2b3c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:28:25.0221 0x2b3c  NdisCap - ok
21:28:25.0251 0x2b3c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:28:25.0261 0x2b3c  NdisTapi - ok
21:28:25.0311 0x2b3c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:28:25.0311 0x2b3c  Ndisuio - ok
21:28:25.0371 0x2b3c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:28:25.0381 0x2b3c  NdisWan - ok
21:28:25.0431 0x2b3c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:28:25.0441 0x2b3c  NDProxy - ok
21:28:25.0511 0x2b3c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:28:25.0511 0x2b3c  Net Driver HPZ12 - ok
21:28:25.0541 0x2b3c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:28:25.0541 0x2b3c  NetBIOS - ok
21:28:25.0601 0x2b3c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:28:25.0611 0x2b3c  NetBT - ok
21:28:25.0631 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
21:28:25.0631 0x2b3c  Netlogon - ok
21:28:25.0701 0x2b3c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:28:25.0721 0x2b3c  Netman - ok
21:28:25.0854 0x2b3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:28:25.0861 0x2b3c  NetMsmqActivator - ok
21:28:25.0903 0x2b3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:28:25.0903 0x2b3c  NetPipeActivator - ok
21:28:25.0933 0x2b3c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:28:25.0963 0x2b3c  netprofm - ok
21:28:25.0989 0x2b3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:28:25.0992 0x2b3c  NetTcpActivator - ok
21:28:25.0995 0x2b3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:28:26.0005 0x2b3c  NetTcpPortSharing - ok
21:28:26.0224 0x2b3c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
21:28:26.0398 0x2b3c  netw5v64 - ok
21:28:26.0529 0x2b3c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:28:26.0529 0x2b3c  nfrd960 - ok
21:28:26.0669 0x2b3c  [ 7200C884A77D76552D4E65FF53E35154, 317BAD02BE006034F6529ABA6B89A664517FA7D41FBFDA9467C491DCF4D7D7DF ] NitroReaderDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
21:28:26.0689 0x2b3c  NitroReaderDriverReadSpool - ok
21:28:26.0739 0x2b3c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:28:26.0749 0x2b3c  NlaSvc - ok
21:28:26.0818 0x2b3c  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
21:28:26.0831 0x2b3c  npf - ok
21:28:26.0851 0x2b3c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:28:26.0853 0x2b3c  Npfs - ok
21:28:26.0891 0x2b3c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:28:26.0891 0x2b3c  nsi - ok
21:28:26.0911 0x2b3c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:28:26.0911 0x2b3c  nsiproxy - ok
21:28:27.0011 0x2b3c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:28:27.0064 0x2b3c  Ntfs - ok
21:28:27.0083 0x2b3c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:28:27.0085 0x2b3c  Null - ok
21:28:27.0133 0x2b3c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:28:27.0143 0x2b3c  nvraid - ok
21:28:27.0213 0x2b3c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:28:27.0223 0x2b3c  nvstor - ok
21:28:27.0283 0x2b3c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:28:27.0283 0x2b3c  nv_agp - ok
21:28:27.0403 0x2b3c  [ 404B0121AE1A75D9A63B6934EB07C258, 86C423955252DDD519407F22C9A28B3AA952C088494470D622ECDC1C6569FC7E ] OA001Ufd        C:\Windows\system32\DRIVERS\OA001Ufd.sys
21:28:27.0413 0x2b3c  OA001Ufd - ok
21:28:27.0433 0x2b3c  [ 4B69D156DB42B26425AB3B172FA50D92, 8509249144328ACB4A5000FF9DAA6F3139EFBF1414BE26EA719F04443D3BF154 ] OA001Vid        C:\Windows\system32\DRIVERS\OA001Vid.sys
21:28:27.0453 0x2b3c  OA001Vid - ok
21:28:27.0503 0x2b3c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:28:27.0503 0x2b3c  ohci1394 - ok
21:28:27.0573 0x2b3c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:28:27.0593 0x2b3c  p2pimsvc - ok
21:28:27.0623 0x2b3c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:28:27.0643 0x2b3c  p2psvc - ok
21:28:27.0693 0x2b3c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:28:27.0703 0x2b3c  Parport - ok
21:28:27.0753 0x2b3c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:28:27.0763 0x2b3c  partmgr - ok
21:28:27.0773 0x2b3c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:28:27.0783 0x2b3c  PcaSvc - ok
21:28:27.0843 0x2b3c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:28:27.0853 0x2b3c  pci - ok
21:28:27.0905 0x2b3c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:28:27.0928 0x2b3c  pciide - ok
21:28:27.0965 0x2b3c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:28:27.0985 0x2b3c  pcmcia - ok
21:28:28.0005 0x2b3c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:28:28.0015 0x2b3c  pcw - ok
21:28:28.0055 0x2b3c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:28:28.0075 0x2b3c  PEAUTH - ok
21:28:28.0217 0x2b3c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:28:28.0227 0x2b3c  PerfHost - ok
21:28:28.0327 0x2b3c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:28:28.0377 0x2b3c  pla - ok
21:28:28.0449 0x2b3c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:28:28.0469 0x2b3c  PlugPlay - ok
21:28:28.0569 0x2b3c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:28:28.0569 0x2b3c  Pml Driver HPZ12 - ok
21:28:28.0589 0x2b3c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:28:28.0589 0x2b3c  PNRPAutoReg - ok
21:28:28.0619 0x2b3c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:28:28.0619 0x2b3c  PNRPsvc - ok
21:28:28.0649 0x2b3c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:28:28.0669 0x2b3c  PolicyAgent - ok
21:28:28.0729 0x2b3c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:28:28.0739 0x2b3c  Power - ok
21:28:28.0799 0x2b3c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:28:28.0799 0x2b3c  PptpMiniport - ok
21:28:28.0859 0x2b3c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:28:28.0859 0x2b3c  Processor - ok
21:28:28.0931 0x2b3c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:28:28.0941 0x2b3c  ProfSvc - ok
21:28:28.0961 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:28:28.0961 0x2b3c  ProtectedStorage - ok
21:28:29.0021 0x2b3c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:28:29.0031 0x2b3c  Psched - ok
21:28:29.0081 0x2b3c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
21:28:29.0081 0x2b3c  PxHlpa64 - ok
21:28:29.0131 0x2b3c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:28:29.0223 0x2b3c  ql2300 - ok
21:28:29.0295 0x2b3c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:28:29.0305 0x2b3c  ql40xx - ok
21:28:29.0375 0x2b3c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:28:29.0375 0x2b3c  QWAVE - ok
21:28:29.0395 0x2b3c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:28:29.0405 0x2b3c  QWAVEdrv - ok
21:28:29.0415 0x2b3c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:28:29.0425 0x2b3c  RasAcd - ok
21:28:29.0485 0x2b3c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:28:29.0485 0x2b3c  RasAgileVpn - ok
21:28:29.0515 0x2b3c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:28:29.0525 0x2b3c  RasAuto - ok
21:28:29.0565 0x2b3c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:28:29.0575 0x2b3c  Rasl2tp - ok
21:28:29.0635 0x2b3c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:28:29.0655 0x2b3c  RasMan - ok
21:28:29.0665 0x2b3c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:28:29.0675 0x2b3c  RasPppoe - ok
21:28:29.0685 0x2b3c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:28:29.0695 0x2b3c  RasSstp - ok
21:28:29.0745 0x2b3c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:28:29.0765 0x2b3c  rdbss - ok
21:28:29.0785 0x2b3c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:28:29.0785 0x2b3c  rdpbus - ok
21:28:29.0805 0x2b3c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:28:29.0807 0x2b3c  RDPCDD - ok
21:28:29.0819 0x2b3c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:28:29.0821 0x2b3c  RDPENCDD - ok
21:28:29.0829 0x2b3c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:28:29.0831 0x2b3c  RDPREFMP - ok
21:28:29.0884 0x2b3c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:28:29.0891 0x2b3c  RDPWD - ok
21:28:29.0947 0x2b3c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:28:29.0957 0x2b3c  rdyboost - ok
21:28:30.0008 0x2b3c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:28:30.0013 0x2b3c  RemoteAccess - ok
21:28:30.0029 0x2b3c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:28:30.0039 0x2b3c  RemoteRegistry - ok
21:28:30.0109 0x2b3c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:28:30.0119 0x2b3c  RFCOMM - ok
21:28:30.0139 0x2b3c  [ D13D70FAC45FC1DF69F88559B1F72F0A, E940D912DAE83A592116027F6CBBC08E38437A186D15BE805E3CC5461A4E7B71 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
21:28:30.0149 0x2b3c  rimmptsk - ok
21:28:30.0199 0x2b3c  [ 67F50C31713106FD1B0F286F86AA2B2E, 8E1CAAA442C749396DBCE63F2A9D1C44AE84C48B8DD7EE400E24AA4AE041495E ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
21:28:30.0209 0x2b3c  rimsptsk - ok
21:28:30.0319 0x2b3c  [ AD42432D22940B4215177BE113E4919C, BF04E1F942846B928E523727EB03BBFA83FCE535CF7C0A4E787A5CBA46D5BF8D ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:28:30.0319 0x2b3c  RimUsb - ok
21:28:30.0379 0x2b3c  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:28:30.0379 0x2b3c  RimVSerPort - ok
21:28:30.0429 0x2b3c  [ 481C3FDEACAAE04B74C58288DBC91DF9, D7F2AB5E97C0293A5CAC977695EC1D0DBB354D0EA3662D37803098D9477DE03F ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
21:28:30.0429 0x2b3c  rismxdp - ok
21:28:30.0501 0x2b3c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
21:28:30.0511 0x2b3c  ROOTMODEM - ok
21:28:30.0511 0x2b3c  rpcapd - ok
21:28:30.0541 0x2b3c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:28:30.0551 0x2b3c  RpcEptMapper - ok
21:28:30.0601 0x2b3c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:28:30.0601 0x2b3c  RpcLocator - ok
21:28:30.0671 0x2b3c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:28:30.0681 0x2b3c  RpcSs - ok
21:28:30.0691 0x2b3c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:28:30.0701 0x2b3c  rspndr - ok
21:28:30.0711 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
21:28:30.0721 0x2b3c  SamSs - ok
21:28:30.0771 0x2b3c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:28:30.0771 0x2b3c  sbp2port - ok
21:28:30.0791 0x2b3c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:28:30.0801 0x2b3c  SCardSvr - ok
21:28:30.0851 0x2b3c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:28:30.0851 0x2b3c  scfilter - ok
21:28:30.0941 0x2b3c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:28:30.0993 0x2b3c  Schedule - ok
21:28:31.0043 0x2b3c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:28:31.0043 0x2b3c  SCPolicySvc - ok
21:28:31.0103 0x2b3c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:28:31.0113 0x2b3c  sdbus - ok
21:28:31.0163 0x2b3c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:28:31.0173 0x2b3c  SDRSVC - ok
21:28:31.0233 0x2b3c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:28:31.0233 0x2b3c  secdrv - ok
21:28:31.0283 0x2b3c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:28:31.0283 0x2b3c  seclogon - ok
21:28:31.0353 0x2b3c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:28:31.0353 0x2b3c  SENS - ok
21:28:31.0383 0x2b3c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:28:31.0383 0x2b3c  SensrSvc - ok
21:28:31.0403 0x2b3c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:28:31.0403 0x2b3c  Serenum - ok
21:28:31.0413 0x2b3c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:28:31.0413 0x2b3c  Serial - ok
21:28:31.0493 0x2b3c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:28:31.0503 0x2b3c  sermouse - ok
21:28:31.0573 0x2b3c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:28:31.0583 0x2b3c  SessionEnv - ok
21:28:31.0633 0x2b3c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:28:31.0633 0x2b3c  sffdisk - ok
21:28:31.0683 0x2b3c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:28:31.0693 0x2b3c  sffp_mmc - ok
21:28:31.0703 0x2b3c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:28:31.0703 0x2b3c  sffp_sd - ok
21:28:31.0723 0x2b3c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:28:31.0723 0x2b3c  sfloppy - ok
21:28:31.0783 0x2b3c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:28:31.0803 0x2b3c  SharedAccess - ok
21:28:31.0863 0x2b3c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:28:31.0883 0x2b3c  ShellHWDetection - ok
21:28:31.0903 0x2b3c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:28:31.0903 0x2b3c  SiSRaid2 - ok
21:28:31.0926 0x2b3c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:28:31.0929 0x2b3c  SiSRaid4 - ok
21:28:32.0005 0x2b3c  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:28:32.0015 0x2b3c  SkypeUpdate - ok
21:28:32.0045 0x2b3c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:28:32.0045 0x2b3c  Smb - ok
21:28:32.0104 0x2b3c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:28:32.0107 0x2b3c  SNMPTRAP - ok
21:28:32.0137 0x2b3c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:28:32.0137 0x2b3c  spldr - ok
21:28:32.0197 0x2b3c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:28:32.0227 0x2b3c  Spooler - ok
21:28:32.0403 0x2b3c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:28:32.0512 0x2b3c  sppsvc - ok
21:28:32.0529 0x2b3c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:28:32.0533 0x2b3c  sppuinotify - ok
21:28:32.0741 0x2b3c  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS
21:28:32.0811 0x2b3c  SRTSP - ok
21:28:32.0883 0x2b3c  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS
21:28:32.0883 0x2b3c  SRTSPX - ok
21:28:32.0963 0x2b3c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:28:32.0973 0x2b3c  srv - ok
21:28:33.0031 0x2b3c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:28:33.0045 0x2b3c  srv2 - ok
21:28:33.0055 0x2b3c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:28:33.0065 0x2b3c  srvnet - ok
21:28:33.0125 0x2b3c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:28:33.0135 0x2b3c  SSDPSRV - ok
21:28:33.0155 0x2b3c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:28:33.0155 0x2b3c  SstpSvc - ok
21:28:33.0315 0x2b3c  [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
21:28:33.0325 0x2b3c  STacSV - ok
21:28:33.0375 0x2b3c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:28:33.0375 0x2b3c  stexstor - ok
21:28:33.0415 0x2b3c  [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
21:28:33.0445 0x2b3c  STHDA - ok
21:28:33.0505 0x2b3c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:28:33.0505 0x2b3c  StillCam - ok
21:28:33.0585 0x2b3c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:28:33.0615 0x2b3c  stisvc - ok
21:28:33.0810 0x2b3c  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:28:33.0814 0x2b3c  stllssvr - ok
21:28:33.0877 0x2b3c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:28:33.0877 0x2b3c  swenum - ok
21:28:33.0957 0x2b3c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:28:33.0977 0x2b3c  swprv - ok
21:28:34.0067 0x2b3c  [ 267C914667C94E5F47D342311C1C577F, E4FE7A8E41680E6845AD4D0FEEF4EDA6DACAE7728D2401520175AAD8ED16ABAD ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
21:28:34.0077 0x2b3c  Symantec RemoteAssist - ok
21:28:34.0189 0x2b3c  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS
21:28:34.0219 0x2b3c  SymDS - ok
21:28:34.0339 0x2b3c  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS
21:28:34.0429 0x2b3c  SymEFA - ok
21:28:34.0521 0x2b3c  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:28:34.0551 0x2b3c  SymEvent - ok
21:28:34.0621 0x2b3c  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS
21:28:34.0631 0x2b3c  SymIRON - ok
21:28:34.0711 0x2b3c  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS
21:28:34.0731 0x2b3c  SymNetS - ok
21:28:34.0851 0x2b3c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:28:34.0913 0x2b3c  SysMain - ok
21:28:34.0965 0x2b3c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:28:34.0975 0x2b3c  TabletInputService - ok
21:28:35.0035 0x2b3c  [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
21:28:35.0035 0x2b3c  taphss - ok
21:28:35.0105 0x2b3c  [ 79C551E5775AF8F63D4B61F51E18D693, 99D63C1CC06C1BF2F2125579EF822F4D632DDD58367477DB4173487835777B2C ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
21:28:35.0105 0x2b3c  taphss6 - ok
21:28:35.0125 0x2b3c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:28:35.0135 0x2b3c  TapiSrv - ok
21:28:35.0185 0x2b3c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:28:35.0195 0x2b3c  TBS - ok
21:28:35.0305 0x2b3c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:28:35.0357 0x2b3c  Tcpip - ok
21:28:35.0729 0x2b3c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:28:35.0790 0x2b3c  TCPIP6 - ok
21:28:35.0981 0x2b3c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:28:35.0981 0x2b3c  tcpipreg - ok
21:28:36.0061 0x2b3c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:28:36.0061 0x2b3c  TDPIPE - ok
21:28:36.0111 0x2b3c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:28:36.0121 0x2b3c  TDTCP - ok
21:28:36.0181 0x2b3c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:28:36.0191 0x2b3c  tdx - ok
21:28:36.0242 0x2b3c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:28:36.0246 0x2b3c  TermDD - ok
21:28:36.0303 0x2b3c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:28:36.0333 0x2b3c  TermService - ok
21:28:36.0343 0x2b3c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:28:36.0353 0x2b3c  Themes - ok
21:28:36.0393 0x2b3c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:28:36.0393 0x2b3c  THREADORDER - ok
21:28:36.0413 0x2b3c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:28:36.0423 0x2b3c  TrkWks - ok
21:28:36.0533 0x2b3c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:28:36.0543 0x2b3c  TrustedInstaller - ok
21:28:36.0593 0x2b3c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:28:36.0603 0x2b3c  tssecsrv - ok
21:28:36.0683 0x2b3c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:28:36.0713 0x2b3c  TsUsbFlt - ok
21:28:36.0813 0x2b3c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:28:36.0813 0x2b3c  tunnel - ok
21:28:36.0863 0x2b3c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:28:36.0873 0x2b3c  uagp35 - ok
21:28:36.0933 0x2b3c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:28:36.0943 0x2b3c  udfs - ok
21:28:36.0963 0x2b3c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:28:36.0963 0x2b3c  UI0Detect - ok
21:28:36.0990 0x2b3c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:28:36.0993 0x2b3c  uliagpkx - ok
21:28:37.0035 0x2b3c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:28:37.0045 0x2b3c  umbus - ok
21:28:37.0055 0x2b3c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:28:37.0055 0x2b3c  UmPass - ok
21:28:37.0085 0x2b3c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:28:37.0095 0x2b3c  upnphost - ok
21:28:37.0165 0x2b3c  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:28:37.0165 0x2b3c  usbccgp - ok
21:28:37.0205 0x2b3c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
21:28:37.0215 0x2b3c  usbcir - ok
21:28:37.0235 0x2b3c  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:28:37.0245 0x2b3c  usbehci - ok
21:28:37.0265 0x2b3c  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:28:37.0275 0x2b3c  usbhub - ok
21:28:37.0305 0x2b3c  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:28:37.0315 0x2b3c  usbohci - ok
21:28:37.0345 0x2b3c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:28:37.0345 0x2b3c  usbprint - ok
21:28:37.0405 0x2b3c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
21:28:37.0415 0x2b3c  usbscan - ok
21:28:37.0475 0x2b3c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:28:37.0475 0x2b3c  USBSTOR - ok
21:28:37.0495 0x2b3c  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:28:37.0495 0x2b3c  usbuhci - ok
21:28:37.0515 0x2b3c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:28:37.0515 0x2b3c  UxSms - ok
21:28:37.0535 0x2b3c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
21:28:37.0545 0x2b3c  VaultSvc - ok
21:28:37.0565 0x2b3c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:28:37.0565 0x2b3c  vdrvroot - ok
21:28:37.0635 0x2b3c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:28:37.0665 0x2b3c  vds - ok
21:28:37.0675 0x2b3c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:28:37.0685 0x2b3c  vga - ok
21:28:37.0695 0x2b3c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:28:37.0705 0x2b3c  VgaSave - ok
21:28:37.0755 0x2b3c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:28:37.0765 0x2b3c  vhdmp - ok
21:28:37.0815 0x2b3c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:28:37.0815 0x2b3c  viaide - ok
21:28:37.0835 0x2b3c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:28:37.0835 0x2b3c  volmgr - ok
21:28:37.0895 0x2b3c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:28:37.0905 0x2b3c  volmgrx - ok
21:28:37.0987 0x2b3c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:28:37.0997 0x2b3c  volsnap - ok
21:28:38.0017 0x2b3c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:28:38.0017 0x2b3c  vsmraid - ok
21:28:38.0117 0x2b3c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:28:38.0179 0x2b3c  VSS - ok
21:28:38.0211 0x2b3c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:28:38.0214 0x2b3c  vwifibus - ok
21:28:38.0281 0x2b3c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:28:38.0311 0x2b3c  W32Time - ok
21:28:38.0321 0x2b3c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:28:38.0333 0x2b3c  WacomPen - ok
21:28:38.0354 0x2b3c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:28:38.0359 0x2b3c  WANARP - ok
21:28:38.0364 0x2b3c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:28:38.0366 0x2b3c  Wanarpv6 - ok
21:28:38.0453 0x2b3c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:28:38.0505 0x2b3c  WatAdminSvc - ok
21:28:38.0675 0x2b3c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:28:38.0726 0x2b3c  wbengine - ok
21:28:38.0757 0x2b3c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:28:38.0767 0x2b3c  WbioSrvc - ok
21:28:38.0829 0x2b3c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:28:38.0852 0x2b3c  wcncsvc - ok
21:28:38.0872 0x2b3c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:28:38.0877 0x2b3c  WcsPlugInService - ok
21:28:38.0889 0x2b3c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:28:38.0889 0x2b3c  Wd - ok
21:28:38.0959 0x2b3c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:28:38.0999 0x2b3c  Wdf01000 - ok
21:28:39.0030 0x2b3c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:28:39.0035 0x2b3c  WdiServiceHost - ok
21:28:39.0041 0x2b3c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:28:39.0041 0x2b3c  WdiSystemHost - ok
21:28:39.0101 0x2b3c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:28:39.0161 0x2b3c  WebClient - ok
21:28:39.0191 0x2b3c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:28:39.0191 0x2b3c  Wecsvc - ok
21:28:39.0211 0x2b3c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:28:39.0211 0x2b3c  wercplsupport - ok
21:28:39.0231 0x2b3c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:28:39.0231 0x2b3c  WerSvc - ok
21:28:39.0241 0x2b3c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:28:39.0251 0x2b3c  WfpLwf - ok
21:28:39.0321 0x2b3c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
21:28:39.0331 0x2b3c  WimFltr - ok
21:28:39.0351 0x2b3c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:28:39.0351 0x2b3c  WIMMount - ok
21:28:39.0401 0x2b3c  WinDefend - ok
21:28:39.0421 0x2b3c  WinHttpAutoProxySvc - ok
21:28:39.0541 0x2b3c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:28:39.0551 0x2b3c  Winmgmt - ok
21:28:39.0661 0x2b3c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:28:39.0743 0x2b3c  WinRM - ok
21:28:39.0825 0x2b3c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:28:39.0825 0x2b3c  WinUsb - ok
21:28:39.0915 0x2b3c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:28:39.0945 0x2b3c  Wlansvc - ok
21:28:39.0997 0x2b3c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:28:39.0997 0x2b3c  WmiAcpi - ok
21:28:40.0017 0x2b3c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:28:40.0027 0x2b3c  wmiApSrv - ok
21:28:40.0037 0x2b3c  WMPNetworkSvc - ok
21:28:40.0047 0x2b3c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:28:40.0047 0x2b3c  WPCSvc - ok
21:28:40.0099 0x2b3c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:28:40.0099 0x2b3c  WPDBusEnum - ok
21:28:40.0149 0x2b3c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:28:40.0149 0x2b3c  ws2ifsl - ok
21:28:40.0159 0x2b3c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:28:40.0169 0x2b3c  wscsvc - ok
21:28:40.0169 0x2b3c  WSearch - ok
21:28:40.0300 0x2b3c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:28:40.0424 0x2b3c  wuauserv - ok
21:28:40.0481 0x2b3c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:28:40.0485 0x2b3c  WudfPf - ok
21:28:40.0523 0x2b3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:28:40.0533 0x2b3c  WUDFRd - ok
21:28:40.0553 0x2b3c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:28:40.0563 0x2b3c  wudfsvc - ok
21:28:40.0613 0x2b3c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:28:40.0623 0x2b3c  WwanSvc - ok
21:28:40.0733 0x2b3c  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
21:28:40.0733 0x2b3c  {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
21:28:40.0743 0x2b3c  ================ Scan global ===============================
21:28:40.0793 0x2b3c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:28:40.0853 0x2b3c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:28:40.0863 0x2b3c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:28:40.0923 0x2b3c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:28:41.0003 0x2b3c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:28:41.0023 0x2b3c  [ Global ] - ok
21:28:41.0023 0x2b3c  ================ Scan MBR ==================================
21:28:41.0033 0x2b3c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:28:41.0303 0x2b3c  \Device\Harddisk0\DR0 - ok
21:28:41.0303 0x2b3c  ================ Scan VBR ==================================
21:28:41.0313 0x2b3c  [ 7EB106B90141AE825AAC57BA9D3BEAAA ] \Device\Harddisk0\DR0\Partition1
21:28:41.0313 0x2b3c  \Device\Harddisk0\DR0\Partition1 - ok
21:28:41.0313 0x2b3c  [ 80953E881AF9DF625242F4126D19D0A8 ] \Device\Harddisk0\DR0\Partition2
21:28:41.0313 0x2b3c  \Device\Harddisk0\DR0\Partition2 - ok
21:28:41.0313 0x2b3c  Waiting for KSN requests completion. In queue: 141
21:28:42.0315 0x2b3c  Waiting for KSN requests completion. In queue: 141
21:28:43.0317 0x2b3c  Waiting for KSN requests completion. In queue: 141
21:28:44.0317 0x2b3c  Waiting for KSN requests completion. In queue: 141
21:28:45.0401 0x2b3c  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
21:28:45.0401 0x2b3c  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
21:28:48.0245 0x2b3c  ============================================================
21:28:48.0245 0x2b3c  Scan finished
21:28:48.0245 0x2b3c  ============================================================
21:28:48.0245 0x11cc  Detected object count: 0
21:28:48.0245 0x11cc  Actual detected object count: 0
 



#4 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 31 December 2013 - 12:36 AM

I tried to run aswMBR but when I try and update with Avast definitions I'm getting warnings about running out of space and stopped the update when I got down to only 29 megs left on my hard drive.



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 31 December 2013 - 10:53 AM

Try without the update
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 31 December 2013 - 11:12 AM

Hi Boopme,

 

Thanks for your help! I cleared out some programs, etc, and was able to successfully run a scan with the update. Here's the log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-31 05:59:51
-----------------------------
05:59:51.055    OS Version: Windows x64 6.1.7601 Service Pack 1
05:59:51.055    Number of processors: 2 586 0x170A
05:59:51.056    ComputerName: VINCE-PC  UserName: Vince
06:00:14.231    Initialize success
06:01:38.024    AVAST engine defs: 13123001
06:02:05.083    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
06:02:05.087    Disk 0 Vendor: ST9500420ASG 0002SDM1 Size: 476940MB BusType: 11
06:02:05.743    Disk 0 MBR read successfully
06:02:05.745    Disk 0 MBR scan
06:02:05.750    Disk 0 Windows 7 default MBR code
06:02:05.753    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
06:02:05.819    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        15000 MB offset 80325
06:02:05.875    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       461899 MB offset 30800325
06:02:06.072    Disk 0 scanning C:\Windows\system32\drivers
06:03:04.546    Service scanning
06:03:19.272    Service BHDrvx64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys **LOCKED** 5
06:03:25.731    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
06:03:26.855    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
06:03:34.311    Service IDSVia64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131227.001\IDSvia64.sys **LOCKED** 5
06:03:40.110    Service NAVENG C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131229.021\ENG64.SYS **LOCKED** 5
06:03:40.274    Service NAVEX15 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131229.021\EX64.SYS **LOCKED** 5
06:04:02.968    Modules scanning
06:04:02.974    Disk 0 trace - called modules:
06:04:02.989    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
06:04:02.994    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c33790]
06:04:02.999    3 CLASSPNP.SYS[fffff88001a8643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046f4060]
06:04:11.543    AVAST engine scan C:\Windows
06:04:20.825    AVAST engine scan C:\Windows\system32
06:11:27.998    AVAST engine scan C:\Windows\system32\drivers
06:12:06.842    AVAST engine scan C:\Users\Vince
07:07:19.441    AVAST engine scan C:\ProgramData
07:19:41.138    Scan finished successfully
08:08:42.324    Disk 0 MBR has been saved successfully to "C:\Users\Vince\Desktop\MBR.dat"
08:08:42.324    The log file has been saved successfully to "C:\Users\Vince\Desktop\aswMBR.txt"
 


Edited by agentwd40, 31 December 2013 - 11:12 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 31 December 2013 - 11:18 AM

Hmmm that's OK


b]Empty your temp folders using TFC (Temporary File Cleaner)[/b]
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 31 December 2013 - 06:04 PM

OK. So I ran TFC first and that cleared up 727 megs.

 

Then I ran a scan with ESET. Here's the log:

 

C:\Program Files (x86)\xfinitytb\xfinitydx.dll    a variant of Win32/Toolbar.Visicom.B application    cleaned by deleting - quarantined
C:\Program Files (x86)\xfinitytb\xfinitytb.dll    a variant of Win32/Toolbar.Visicom.A application    cleaned by deleting - quarantined
C:\Users\Vince\AppData\Local\SupportSoft\ComcastUI\Vince\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\extensions\{7000b6ca-4388-4d95-893d-6659c2d4d1ce}\Xfinity.com Toolbar Updater.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Vince\Desktop\Downloads\HSS-1.34-install-anchorfree-76-conduit.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Vince\Desktop\Downloads\WeFiSetup_02_31_1107.exe    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Users\Vince\Downloads\Avery Wizard 4.0.0.exe    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
C:\Users\Vince\Downloads\Setup_FreeConverter.exe    Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\Users\Vince\Downloads\XfinitydotcomToolbar.exe    multiple threats    cleaned by deleting - quarantined
 

I also found something that may have been causing much of the problem. I had Norton Backup running and didn't realize it was backing up to my hard drive since November of 2011. So I stopped that and deleted the eleven or so backup files that had accumulated for the last two years. I don't know how it got set up like that. I thought it was backing up to an online Norton storage space. Anyway, that regained 215 GB's of space, so as of now I have 285 GB unused out of 451 GB's total. And that figure has not changed throughout the day.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 31 December 2013 - 06:45 PM

That sounds like the problem.. I see ESET found some Conduit infection.. We should run these 2 quick scans ans be sure there are no others.

ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 31 December 2013 - 08:07 PM

Here's the logs from the two programs you mentioned in the last post:

 

1) AdwCleaner

 

# AdwCleaner v3.016 - Report created 31/12/2013 at 16:03:34
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Vince - VINCE-PC
# Running from : C:\Users\Vince\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : hshld
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\comcasttb
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Vince\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\StumbleUpon
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\Extensions\{ee1a404c-5714-451f-9365-a94936993d19}
File Deleted : C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\searchplugins\safesearch.xml
File Deleted : C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DCC70A83-E184-40A3-906B-779AF5E941C4}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Vince\AppData\Roaming\Mozilla\Firefox\Profiles\6zmp8xso.default\prefs.js ]

Line Deleted : user_pref("extensions.AMAZON_NS_PH.active-buttons.amazontweet.rss.items", "%5B%7B%22title%22%3A%22amazonmp3%3A%20Free%20for%20a%20limited%20time%3A%20Shawn%20Mullins'%20%5C%22Light%20You%20Up%5C%22%20[...]

-\\ Google Chrome v

[ File : C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8736 octets] - [31/12/2013 15:58:25]
AdwCleaner[R1].txt - [8796 octets] - [31/12/2013 16:02:50]
AdwCleaner[S0].txt - [8288 octets] - [31/12/2013 16:03:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8348 octets] ##########
 

2) JRT

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Vince on Tue 12/31/2013 at 16:36:51.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] antispywareservice
Successfully deleted: [Service] antispywareservice



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Dealio_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Dealio_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Dealio_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Dealio_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Users\Vince\AppData\Roaming\mozilla\firefox\profiles\6zmp8xso.default\searchplugins\bing-zugo.xml
Emptied folder: C:\Users\Vince\AppData\Roaming\mozilla\firefox\profiles\6zmp8xso.default\minidumps [385 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/31/2013 at 16:45:26.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Hard drive space is still holding at 281 GB, so that's looking pretty good. Been connected to the Internet all day. How do those logs look?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 01 January 2014 - 02:28 PM

Good logs all spy and crapware that gets in over time..
Last step and your good to go.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 agentwd40

agentwd40
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:39 AM

Posted 01 January 2014 - 09:50 PM

Ran another scan with TFC and cleared 108 MB's. Thanks so much for your help with getting this figured out. I really appreciate it!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:39 AM

Posted 01 January 2014 - 10:30 PM

I think you are good to go and you're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users