Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Win:32 Alureon-EV [Rtk] or Backdoor.Tids


  • This topic is locked This topic is locked
8 replies to this topic

#1 frankmc98

frankmc98

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 19 January 2014 - 04:07 PM

I seem to have become infected with something that is being detected by my Symantic and Avast but it never seems to be deleted after scans or using other malware removers. In fact Malwarebytes does not detect its presence in my system but Symantic and avast put out different quarentine messages. Avast says it detects the Win:32 Alureon-EV thing and Symantic says it quarentines backdoor.tids either way it does not seem removable and I have not seen it mentioned in any of the forums. Here is the DDS txt.:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Frank at 21:32:29 on 2014-01-19
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3836.1903 [GMT 1:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\ActivIdentity\ActivClient\acCOMpkcs.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: IBM Forms Viewer Helper: {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Forms Viewer\4.0\PEhelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [AprvRemoveLegacyExcelKeys] "C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Excel\Addins\OfficeAddIn.OfficeAddIn
mRun: [AprvRemoveLegacyWordKeys] "C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Word\Addins\OfficeAddIn.OfficeAddIn
mRun: [ApproveItForOfficeSetup] "C:\Program Files (x86)\ApproveIt\Support\Tools\ApproveItForOfficeSetup.exe " /1 /p "C:\Program Files (x86)\ApproveIt\"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APPROV~1.LNK - C:\Windows\Installer\{4E01B649-0023-4EB5-9263-57DE317C3418}\Icon9557F1BC1.ico
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~1.LNK - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{498D088C-CAAE-4102-8634-D7751A537A05} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{498D088C-CAAE-4102-8634-D7751A537A05}\14C4943454D275C414E48373 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{498D088C-CAAE-4102-8634-D7751A537A05}\24D275C414E4 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{498D088C-CAAE-4102-8634-D7751A537A05}\350756564645F6573686441657373797 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{498D088C-CAAE-4102-8634-D7751A537A05}\64F4E4F52454C4741434F4D4 : DHCPNameServer = 195.238.2.21 195.238.2.22
TCP: Interfaces\{A81ADF45-373A-4314-B318-3BCA7B218324} : DHCPNameServer = 192.168.1.1
Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll
SSODL: WebCheck - <orphaned>
SEH: DVDIdleShell Class - {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files (x86)\DVD Region+CSS Free\DVDShell.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
x64-Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - plugin: C:\PROGRA~2\GRADKE~1\DBSIGN~1\lib\npDBsignWeb.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt\plugins\NPPDFArchitectPreviewerPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\nphdplg.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2_x64.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
FF - ExtSQL: 2013-11-21 18:46; {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}; C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
FF - ExtSQL: 2013-12-02 19:15; {F58A62EB-38DC-43C4-A539-DC52E135208D}; C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
.
---- FIREFOX POLICIES ----
FF - user.js: dom.ipc.plugins.enabled.npmfv.dll - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-1-9 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-1-9 207904]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2014-1-9 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-1-9 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-1-9 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-12-5 283064]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2013/11/12 23:52:06];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2013-11-13 146928]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-1-9 78648]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-25 137648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-13 215040]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-11-13 36408]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-9 79672]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2013-11-28 12800]
S3 massfilter_hs;USB Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2013-11-28 12800]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-11-13 216576]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-16 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-01-19 20:15:08    388096    ----a-r-    C:\Users\Frank\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-19 20:15:03    --------    d-----w-    C:\Program Files (x86)\Trend Micro
2014-01-18 13:47:58    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-18 13:47:50    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-18 13:47:47    117464    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-01-18 13:46:49    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-18 13:44:31    35904    ----a-w-    C:\Windows\SysWow64\drivers\wjlp1uza.sys
2014-01-17 22:51:49    --------    d-----w-    C:\Program Files\Enigma Software Group
2014-01-17 22:49:59    --------    d-----w-    C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 22:49:39    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-01-17 21:03:37    --------    d--h--w-    C:\ProgramData\{3CC94C07-8A93-4B85-9448-4BD335E44494}
2014-01-17 07:53:38    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-17 07:53:38    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-17 07:53:37    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-17 07:53:35    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-17 07:53:35    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-17 07:53:35    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-17 07:53:35    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-17 07:53:32    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A97FFAA-0BA4-424B-92E6-74EA2F84BD95}\mpengine.dll
2014-01-17 07:53:30    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\MSVCR71.dll
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\MSVCR100.dll
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\MSVCP71.dll
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\MSVCP100.dll
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\ATL71.DLL
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\atiumdva.dll
2014-01-12 08:12:08    0    ----a-w-    C:\Windows\System32\atiumdag.dll
2014-01-12 07:05:24    175528    ----a-w-    C:\Windows\System32\drivers\tmcomm.sys
2014-01-09 18:26:20    28184    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2014-01-09 18:11:29    --------    d-----w-    C:\Users\Frank\AppData\Roaming\AVAST Software
2014-01-09 18:10:13    82744    ----a-w-    C:\Windows\System32\drivers\aswstm.sys.1389291050
2014-01-09 18:10:13    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-01-09 18:10:12    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-01-09 18:10:11    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-01-09 18:10:11    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-01-09 18:10:10    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-09 18:10:09    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-01-09 18:10:02    43152    ----a-w-    C:\Windows\avastSS.scr
2014-01-09 18:09:33    --------    d-----w-    C:\Program Files\AVAST Software
2014-01-09 18:08:32    --------    d-----w-    C:\ProgramData\AVAST Software
2014-01-08 17:14:12    --------    d-----w-    C:\Users\Frank\AppData\Roaming\OpenOffice
2014-01-07 19:38:00    --------    d-----w-    C:\Program Files (x86)\OpenOffice 4
2014-01-02 21:41:32    --------    d-----w-    C:\Program Files (x86)\PDF Architect
2014-01-02 21:41:03    --------    d-----w-    C:\Users\Frank\AppData\Roaming\pdfforge
2014-01-02 21:41:00    137000    ----a-w-    C:\Windows\SysWow64\MSMAPI32.OCX
2014-01-02 21:40:59    662288    ----a-w-    C:\Windows\SysWow64\MSCOMCT2.OCX
2014-01-02 21:40:59    110264    ----a-w-    C:\Windows\System32\pdfcmon.dll
2014-01-02 21:40:58    23552    ----a-w-    C:\Windows\SysWow64\MSMPIDE.DLL
2014-01-02 21:40:58    --------    d-----w-    C:\Program Files (x86)\PDFCreator
2013-12-30 09:19:46    8388608    ----a-w-    C:\Users\Frank\AppData\Roaming\qhaqscmh.mp3
2013-12-29 13:08:07    --------    d-----w-    C:\Users\Frank\AppData\Roaming\Easeware
2013-12-29 10:47:26    --------    d-----w-    C:\Users\Frank\AppData\Local\Diagnostics
2013-12-28 10:03:52    --------    d-----w-    C:\Users\Frank\AppData\Local\Avg2014
2013-12-28 09:54:48    --------    d-----w-    C:\Users\Frank\AppData\Roaming\TuneUp Software
2013-12-28 09:54:02    --------    d-----w-    C:\ProgramData\TuneUp Software
2013-12-28 09:53:47    --------    d-sh--w-    C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 09:53:47    --------    d--h--w-    C:\ProgramData\Common Files
2013-12-28 09:42:45    --------    d-----w-    C:\Users\Frank\AppData\Roaming\OpenCandy
2013-12-21 09:18:50    --------    d-----w-    C:\Windows\SysWow64\C2MP
.
==================== Find3M  ====================
.
2014-01-19 19:25:12    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-19 19:25:12    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-05 20:53:26    283064    ----a-w-    C:\Windows\System32\drivers\dtsoftbus01.sys
2013-11-27 02:23:01    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-27 02:23:01    194048    ----a-w-    C:\Windows\SysWow64\elshyph.dll
2013-11-27 02:03:16    243712    ----a-w-    C:\Windows\System32\wow64.dll
2013-11-27 02:01:57    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2013-11-27 02:01:57    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
2013-11-27 02:01:57    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-11-26 11:25:52    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-21 14:22:02    172592    ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-11-18 02:54:50    395048    ----a-w-    C:\Windows\System32\SynCOM.dll
2013-11-18 02:54:50    286768    ----a-w-    C:\Windows\System32\drivers\SynTP.sys
2013-11-18 02:54:50    261928    ----a-w-    C:\Windows\System32\SynCtrl.dll
2013-11-18 02:54:50    206120    ----a-w-    C:\Windows\SysWow64\SynCtrl.dll
2013-11-18 02:54:50    204584    ----a-w-    C:\Windows\System32\SynTPAPI.dll
2013-11-18 02:54:50    1721576    ----a-w-    C:\Windows\System32\WdfCoInstaller01009.dll
2013-11-18 02:54:50    169256    ----a-w-    C:\Windows\SysWow64\SynCOM.dll
2013-11-18 02:54:50    147752    ----a-w-    C:\Windows\System32\SynTPCo4.dll
2013-11-18 02:54:50    107816    ----a-w-    C:\Windows\SysWow64\SynTPCOM.dll
2013-11-17 14:20:19    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2013-11-17 14:20:19    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-11-17 02:30:51    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2013-11-17 02:30:51    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2013-11-13 11:37:36    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-13 07:49:09    0    ----a-w-    C:\Windows\ativpsrm.bin
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 21:34:24.17 ===============

 

My attach.txt is too big to upload...

 

 



BC AdBot (Login to Remove)

 


#2 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 21 January 2014 - 07:29 PM

Hello and welcome.  Please follow these guidelines while we work on your PC:

  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.

icon11.gif  Download TDSSKiller.zip and extract TDSSKiller.exe to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
  • If Malicious objects are found then ensure Cure is selected.  Important - If there is no option to "Cure" it is critical that you select "Skip"
  • Then click Continue > Reboot now
  • Once complete, a log will be produced in c:\. It will be named for example, TDSSKiller.2.7.1.0_19.01.2012_17.24.26_log.txt
  • Post that log, please.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#3 frankmc98

frankmc98
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 22 January 2014 - 08:41 AM

Here are the results:

 

14:38:26.0350 0x1ea94  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
14:38:32.0561 0x1ea94  ============================================================
14:38:32.0561 0x1ea94  Current date / time: 2014/01/22 14:38:32.0561
14:38:32.0562 0x1ea94  SystemInfo:
14:38:32.0562 0x1ea94  
14:38:32.0562 0x1ea94  OS Version: 6.1.7601 ServicePack: 1.0
14:38:32.0562 0x1ea94  Product type: Workstation
14:38:32.0562 0x1ea94  ComputerName: FRANK-PC
14:38:32.0562 0x1ea94  UserName: Frank
14:38:32.0562 0x1ea94  Windows directory: C:\Windows
14:38:32.0562 0x1ea94  System windows directory: C:\Windows
14:38:32.0562 0x1ea94  Running under WOW64
14:38:32.0562 0x1ea94  Processor architecture: Intel x64
14:38:32.0562 0x1ea94  Number of processors: 2
14:38:32.0562 0x1ea94  Page size: 0x1000
14:38:32.0562 0x1ea94  Boot type: Normal boot
14:38:32.0562 0x1ea94  ============================================================
14:38:34.0733 0x1ea94  KLMD registered as C:\Windows\system32\drivers\02097574.sys
14:38:35.0075 0x1ea94  System UUID: {4088B65F-AA88-BCCE-2859-E64E7036E583}
14:38:36.0023 0x1ea94  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:36.0030 0x1ea94  ============================================================
14:38:36.0030 0x1ea94  \Device\Harddisk0\DR0:
14:38:36.0030 0x1ea94  MBR partitions:
14:38:36.0030 0x1ea94  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:38:36.0030 0x1ea94  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3805C800
14:38:36.0030 0x1ea94  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x380C0800, BlocksNum 0x2291800
14:38:36.0030 0x1ea94  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:38:36.0030 0x1ea94  ============================================================
14:38:36.0041 0x1ea94  C: <-> \Device\Harddisk0\DR0\Partition2
14:38:36.0093 0x1ea94  D: <-> \Device\Harddisk0\DR0\Partition3
14:38:36.0107 0x1ea94  E: <-> \Device\Harddisk0\DR0\Partition4
14:38:36.0107 0x1ea94  ============================================================
14:38:36.0108 0x1ea94  Initialize success
14:38:36.0108 0x1ea94  ============================================================
14:38:57.0648 0x1ebc0  ============================================================
14:38:57.0648 0x1ebc0  Scan started
14:38:57.0648 0x1ebc0  Mode: Manual; TDLFS;
14:38:57.0648 0x1ebc0  ============================================================
14:38:57.0648 0x1ebc0  KSN ping started
14:39:14.0572 0x1ebc0  KSN ping finished: true
14:39:15.0278 0x1ebc0  ================ Scan system memory ========================
14:39:15.0278 0x1ebc0  System memory - ok
14:39:15.0281 0x1ebc0  ================ Scan services =============================
14:39:15.0455 0x1ebc0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:39:15.0460 0x1ebc0  1394ohci - ok
14:39:15.0570 0x1ebc0  [ 5E8EFEB338DEB1F485420B090FE6C85E, 1F80E36F10A9F3B25D218B903CB0045F3EE0796D9E73A7744C414CA7ECF0EF51 ] ac.sharedstore  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
14:39:15.0576 0x1ebc0  ac.sharedstore - ok
14:39:15.0597 0x1ebc0  [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
14:39:15.0598 0x1ebc0  Accelerometer - ok
14:39:15.0628 0x1ebc0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:39:15.0635 0x1ebc0  ACPI - ok
14:39:15.0659 0x1ebc0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:39:15.0660 0x1ebc0  AcpiPmi - ok
14:39:15.0829 0x1ebc0  [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:39:15.0835 0x1ebc0  AdobeFlashPlayerUpdateSvc - ok
14:39:15.0875 0x1ebc0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:39:15.0886 0x1ebc0  adp94xx - ok
14:39:15.0901 0x1ebc0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:39:15.0908 0x1ebc0  adpahci - ok
14:39:15.0925 0x1ebc0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:39:15.0929 0x1ebc0  adpu320 - ok
14:39:15.0949 0x1ebc0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:39:15.0952 0x1ebc0  AeLookupSvc - ok
14:39:16.0030 0x1ebc0  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
14:39:16.0034 0x1ebc0  AESTFilters - ok
14:39:16.0108 0x1ebc0  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
14:39:16.0133 0x1ebc0  AFD - ok
14:39:16.0180 0x1ebc0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:39:16.0181 0x1ebc0  agp440 - ok
14:39:16.0200 0x1ebc0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:39:16.0202 0x1ebc0  ALG - ok
14:39:16.0212 0x1ebc0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:39:16.0213 0x1ebc0  aliide - ok
14:39:16.0247 0x1ebc0  [ BCC32BF5EBB5DFD4380FA053D3651949, 72799B17EFB11836FEA241AD844C8D5EEF62656084CE89077DAF8FC30706A019 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:39:16.0255 0x1ebc0  AMD External Events Utility - ok
14:39:16.0270 0x1ebc0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:39:16.0271 0x1ebc0  amdide - ok
14:39:16.0298 0x1ebc0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:39:16.0300 0x1ebc0  AmdK8 - ok
14:39:16.0325 0x1ebc0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:39:16.0327 0x1ebc0  AmdPPM - ok
14:39:16.0385 0x1ebc0  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:39:16.0388 0x1ebc0  amdsata - ok
14:39:16.0410 0x1ebc0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:39:16.0414 0x1ebc0  amdsbs - ok
14:39:16.0429 0x1ebc0  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:39:16.0430 0x1ebc0  amdxata - ok
14:39:16.0479 0x1ebc0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:39:16.0481 0x1ebc0  AppID - ok
14:39:16.0505 0x1ebc0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:39:16.0508 0x1ebc0  AppIDSvc - ok
14:39:16.0562 0x1ebc0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:39:16.0566 0x1ebc0  Appinfo - ok
14:39:16.0634 0x1ebc0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:39:16.0637 0x1ebc0  Apple Mobile Device - ok
14:39:16.0665 0x1ebc0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:39:16.0669 0x1ebc0  arc - ok
14:39:16.0687 0x1ebc0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:39:16.0691 0x1ebc0  arcsas - ok
14:39:16.0769 0x1ebc0  [ 57483E691D635510533E081EC4CB81EC, 5A963D1A51EAE53271820824522DD0372789035FEC8EEDA7B03A5049E0F85AF8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
14:39:16.0771 0x1ebc0  aswKbd - ok
14:39:16.0789 0x1ebc0  [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:39:16.0792 0x1ebc0  aswMonFlt - ok
14:39:16.0805 0x1ebc0  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
14:39:16.0808 0x1ebc0  aswRdr - ok
14:39:16.0821 0x1ebc0  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
14:39:16.0824 0x1ebc0  aswRvrt - ok
14:39:16.0869 0x1ebc0  [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:39:16.0892 0x1ebc0  aswSnx - ok
14:39:16.0929 0x1ebc0  [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:39:16.0938 0x1ebc0  aswSP - ok
14:39:16.0963 0x1ebc0  [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
14:39:16.0965 0x1ebc0  aswStm - ok
14:39:16.0996 0x1ebc0  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
14:39:17.0004 0x1ebc0  aswVmm - ok
14:39:17.0034 0x1ebc0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:39:17.0035 0x1ebc0  AsyncMac - ok
14:39:17.0087 0x1ebc0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:39:17.0088 0x1ebc0  atapi - ok
14:39:17.0204 0x1ebc0  [ F8633CDD09647A64EE8DB550630427FF, 565F32E6B1E8451B2DD866E4997336A47B8DC6669392BDAAF252C35C0383E8A3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:39:17.0281 0x1ebc0  athr - ok
14:39:17.0344 0x1ebc0  [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
14:39:17.0347 0x1ebc0  AtiHdmiService - ok
14:39:17.0572 0x1ebc0  [ A29087680A1C3B049E3C05438E8FF2B8, 8895C480DE55078A0B0BDF105A745940E02A8A7545EA5EE84FB675634620AD89 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:39:17.0790 0x1ebc0  atikmdag - ok
14:39:17.0815 0x1ebc0  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
14:39:17.0816 0x1ebc0  AtiPcie - ok
14:39:17.0889 0x1ebc0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:39:17.0918 0x1ebc0  AudioEndpointBuilder - ok
14:39:17.0957 0x1ebc0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:39:17.0974 0x1ebc0  AudioSrv - ok
14:39:18.0072 0x1ebc0  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:39:18.0075 0x1ebc0  avast! Antivirus - ok
14:39:18.0137 0x1ebc0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:39:18.0140 0x1ebc0  AxInstSV - ok
14:39:18.0181 0x1ebc0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:39:18.0191 0x1ebc0  b06bdrv - ok
14:39:18.0214 0x1ebc0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:39:18.0221 0x1ebc0  b57nd60a - ok
14:39:18.0256 0x1ebc0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:39:18.0258 0x1ebc0  BDESVC - ok
14:39:18.0272 0x1ebc0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:39:18.0273 0x1ebc0  Beep - ok
14:39:18.0345 0x1ebc0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:39:18.0379 0x1ebc0  BFE - ok
14:39:18.0430 0x1ebc0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:39:18.0466 0x1ebc0  BITS - ok
14:39:18.0483 0x1ebc0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:39:18.0484 0x1ebc0  blbdrive - ok
14:39:18.0551 0x1ebc0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:39:18.0574 0x1ebc0  Bonjour Service - ok
14:39:18.0601 0x1ebc0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:39:18.0604 0x1ebc0  bowser - ok
14:39:18.0615 0x1ebc0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:39:18.0616 0x1ebc0  BrFiltLo - ok
14:39:18.0633 0x1ebc0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:39:18.0634 0x1ebc0  BrFiltUp - ok
14:39:18.0668 0x1ebc0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:39:18.0674 0x1ebc0  Browser - ok
14:39:18.0687 0x1ebc0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:39:18.0693 0x1ebc0  Brserid - ok
14:39:18.0702 0x1ebc0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:39:18.0703 0x1ebc0  BrSerWdm - ok
14:39:18.0708 0x1ebc0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:39:18.0709 0x1ebc0  BrUsbMdm - ok
14:39:18.0716 0x1ebc0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:39:18.0717 0x1ebc0  BrUsbSer - ok
14:39:18.0742 0x1ebc0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:39:18.0745 0x1ebc0  BTHMODEM - ok
14:39:18.0788 0x1ebc0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:39:18.0791 0x1ebc0  bthserv - ok
14:39:18.0898 0x1ebc0  [ 260A069F403DA226D18C058AD14FD3A3, 65649EA8FF712B237C9480DC4AC86680F9C47B32D3C84470267B6CBABD36565F ] ccEvtMgr        C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
14:39:18.0902 0x1ebc0  ccEvtMgr - ok
14:39:18.0937 0x1ebc0  [ 260A069F403DA226D18C058AD14FD3A3, 65649EA8FF712B237C9480DC4AC86680F9C47B32D3C84470267B6CBABD36565F ] ccSetMgr        C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
14:39:18.0940 0x1ebc0  ccSetMgr - ok
14:39:18.0962 0x1ebc0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:39:18.0966 0x1ebc0  cdfs - ok
14:39:19.0025 0x1ebc0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:39:19.0028 0x1ebc0  cdrom - ok
14:39:19.0085 0x1ebc0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:39:19.0089 0x1ebc0  CertPropSvc - ok
14:39:19.0134 0x1ebc0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:39:19.0137 0x1ebc0  circlass - ok
14:39:19.0156 0x1ebc0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:39:19.0177 0x1ebc0  CLFS - ok
14:39:19.0233 0x1ebc0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:39:19.0235 0x1ebc0  clr_optimization_v2.0.50727_32 - ok
14:39:19.0270 0x1ebc0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:39:19.0272 0x1ebc0  clr_optimization_v2.0.50727_64 - ok
14:39:19.0378 0x1ebc0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:39:19.0382 0x1ebc0  clr_optimization_v4.0.30319_32 - ok
14:39:19.0421 0x1ebc0  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:39:19.0435 0x1ebc0  clr_optimization_v4.0.30319_64 - ok
14:39:19.0511 0x1ebc0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:39:19.0512 0x1ebc0  CmBatt - ok
14:39:19.0550 0x1ebc0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:39:19.0552 0x1ebc0  cmdide - ok
14:39:19.0614 0x1ebc0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:39:19.0624 0x1ebc0  CNG - ok
14:39:19.0684 0x1ebc0  [ C7A0E61D5714AC20DE52D4F66EC773B8, 53F0C91FD62E6787221EFB4BFDB087C2087CACD6B0C0605F58FC391F546EBA7A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:39:19.0692 0x1ebc0  Com4QLBEx - ok
14:39:19.0715 0x1ebc0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:39:19.0717 0x1ebc0  Compbatt - ok
14:39:19.0768 0x1ebc0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:39:19.0771 0x1ebc0  CompositeBus - ok
14:39:19.0783 0x1ebc0  COMSysApp - ok
14:39:19.0803 0x1ebc0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:39:19.0804 0x1ebc0  crcdisk - ok
14:39:19.0856 0x1ebc0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:39:19.0863 0x1ebc0  CryptSvc - ok
14:39:19.0917 0x1ebc0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:39:19.0930 0x1ebc0  DcomLaunch - ok
14:39:19.0962 0x1ebc0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:39:19.0984 0x1ebc0  defragsvc - ok
14:39:20.0025 0x1ebc0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:39:20.0028 0x1ebc0  DfsC - ok
14:39:20.0087 0x1ebc0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:39:20.0097 0x1ebc0  Dhcp - ok
14:39:20.0106 0x1ebc0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:39:20.0109 0x1ebc0  discache - ok
14:39:20.0129 0x1ebc0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:39:20.0132 0x1ebc0  Disk - ok
14:39:20.0194 0x1ebc0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:39:20.0201 0x1ebc0  Dnscache - ok
14:39:20.0252 0x1ebc0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:39:20.0259 0x1ebc0  dot3svc - ok
14:39:20.0304 0x1ebc0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:39:20.0311 0x1ebc0  DPS - ok
14:39:20.0360 0x1ebc0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:39:20.0360 0x1ebc0  drmkaud - ok
14:39:20.0425 0x1ebc0  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:39:20.0443 0x1ebc0  dtsoftbus01 - ok
14:39:20.0509 0x1ebc0  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:39:20.0530 0x1ebc0  DXGKrnl - ok
14:39:20.0561 0x1ebc0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:39:20.0567 0x1ebc0  EapHost - ok
14:39:20.0694 0x1ebc0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:39:20.0765 0x1ebc0  ebdrv - ok
14:39:20.0839 0x1ebc0  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:39:20.0850 0x1ebc0  eeCtrl - ok
14:39:20.0892 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
14:39:20.0897 0x1ebc0  EFS - ok
14:39:20.0991 0x1ebc0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:39:21.0020 0x1ebc0  ehRecvr - ok
14:39:21.0058 0x1ebc0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:39:21.0061 0x1ebc0  ehSched - ok
14:39:21.0101 0x1ebc0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:39:21.0113 0x1ebc0  elxstor - ok
14:39:21.0139 0x1ebc0  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
14:39:21.0141 0x1ebc0  enecir - ok
14:39:21.0186 0x1ebc0  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:39:21.0190 0x1ebc0  EraserUtilRebootDrv - ok
14:39:21.0208 0x1ebc0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:39:21.0209 0x1ebc0  ErrDev - ok
14:39:21.0288 0x1ebc0  esgiguard - ok
14:39:21.0331 0x1ebc0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:39:21.0354 0x1ebc0  EventSystem - ok
14:39:21.0375 0x1ebc0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:39:21.0380 0x1ebc0  exfat - ok
14:39:21.0404 0x1ebc0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:39:21.0409 0x1ebc0  fastfat - ok
14:39:21.0474 0x1ebc0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:39:21.0516 0x1ebc0  Fax - ok
14:39:21.0545 0x1ebc0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:39:21.0547 0x1ebc0  fdc - ok
14:39:21.0560 0x1ebc0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:39:21.0563 0x1ebc0  fdPHost - ok
14:39:21.0579 0x1ebc0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:39:21.0583 0x1ebc0  FDResPub - ok
14:39:21.0595 0x1ebc0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:39:21.0597 0x1ebc0  FileInfo - ok
14:39:21.0608 0x1ebc0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:39:21.0610 0x1ebc0  Filetrace - ok
14:39:21.0615 0x1ebc0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:39:21.0616 0x1ebc0  flpydisk - ok
14:39:21.0674 0x1ebc0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:39:21.0683 0x1ebc0  FltMgr - ok
14:39:21.0764 0x1ebc0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:39:21.0807 0x1ebc0  FontCache - ok
14:39:21.0873 0x1ebc0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:39:21.0874 0x1ebc0  FontCache3.0.0.0 - ok
14:39:21.0885 0x1ebc0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:39:21.0887 0x1ebc0  FsDepends - ok
14:39:21.0942 0x1ebc0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:39:21.0944 0x1ebc0  Fs_Rec - ok
14:39:21.0981 0x1ebc0  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:39:21.0989 0x1ebc0  fvevol - ok
14:39:22.0019 0x1ebc0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:39:22.0021 0x1ebc0  gagp30kx - ok
14:39:22.0090 0x1ebc0  [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:39:22.0096 0x1ebc0  GameConsoleService - ok
14:39:22.0148 0x1ebc0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:39:22.0150 0x1ebc0  GEARAspiWDM - ok
14:39:22.0226 0x1ebc0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:39:22.0260 0x1ebc0  gpsvc - ok
14:39:22.0267 0x1ebc0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:39:22.0268 0x1ebc0  hcw85cir - ok
14:39:22.0332 0x1ebc0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:39:22.0340 0x1ebc0  HdAudAddService - ok
14:39:22.0364 0x1ebc0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:39:22.0367 0x1ebc0  HDAudBus - ok
14:39:22.0387 0x1ebc0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:39:22.0389 0x1ebc0  HidBatt - ok
14:39:22.0404 0x1ebc0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:39:22.0407 0x1ebc0  HidBth - ok
14:39:22.0427 0x1ebc0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:39:22.0428 0x1ebc0  HidIr - ok
14:39:22.0467 0x1ebc0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:39:22.0474 0x1ebc0  hidserv - ok
14:39:22.0531 0x1ebc0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:39:22.0532 0x1ebc0  HidUsb - ok
14:39:22.0579 0x1ebc0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:39:22.0583 0x1ebc0  hkmsvc - ok
14:39:22.0645 0x1ebc0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:39:22.0662 0x1ebc0  HomeGroupListener - ok
14:39:22.0717 0x1ebc0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:39:22.0726 0x1ebc0  HomeGroupProvider - ok
14:39:22.0794 0x1ebc0  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:39:22.0797 0x1ebc0  HP Support Assistant Service - ok
14:39:22.0831 0x1ebc0  [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
14:39:22.0832 0x1ebc0  hpdskflt - ok
14:39:22.0935 0x1ebc0  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:39:22.0944 0x1ebc0  hpqcxs08 - ok
14:39:22.0961 0x1ebc0  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:39:22.0967 0x1ebc0  hpqddsvc - ok
14:39:23.0006 0x1ebc0  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:39:23.0007 0x1ebc0  HpqKbFiltr - ok
14:39:23.0085 0x1ebc0  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:39:23.0127 0x1ebc0  hpqwmiex - ok
14:39:23.0194 0x1ebc0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:39:23.0196 0x1ebc0  HpSAMD - ok
14:39:23.0280 0x1ebc0  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:39:23.0354 0x1ebc0  HPSLPSVC - ok
14:39:23.0383 0x1ebc0  [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv           C:\Windows\system32\Hpservice.exe
14:39:23.0386 0x1ebc0  hpsrv - ok
14:39:23.0454 0x1ebc0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:39:23.0486 0x1ebc0  HTTP - ok
14:39:23.0533 0x1ebc0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:39:23.0535 0x1ebc0  hwpolicy - ok
14:39:23.0571 0x1ebc0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:39:23.0573 0x1ebc0  i8042prt - ok
14:39:23.0601 0x1ebc0  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:39:23.0611 0x1ebc0  iaStorV - ok
14:39:23.0661 0x1ebc0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:39:23.0679 0x1ebc0  idsvc - ok
14:39:23.0734 0x1ebc0  IEEtwCollectorService - ok
14:39:23.0955 0x1ebc0  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:39:24.0083 0x1ebc0  igfx - ok
14:39:24.0125 0x1ebc0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:39:24.0128 0x1ebc0  iirsp - ok
14:39:24.0170 0x1ebc0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:39:24.0203 0x1ebc0  IKEEXT - ok
14:39:24.0222 0x1ebc0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:39:24.0223 0x1ebc0  intelide - ok
14:39:24.0237 0x1ebc0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:39:24.0239 0x1ebc0  intelppm - ok
14:39:24.0261 0x1ebc0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:39:24.0265 0x1ebc0  IPBusEnum - ok
14:39:24.0312 0x1ebc0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:39:24.0314 0x1ebc0  IpFilterDriver - ok
14:39:24.0351 0x1ebc0  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:39:24.0377 0x1ebc0  iphlpsvc - ok
14:39:24.0394 0x1ebc0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:39:24.0396 0x1ebc0  IPMIDRV - ok
14:39:24.0415 0x1ebc0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:39:24.0418 0x1ebc0  IPNAT - ok
14:39:24.0470 0x1ebc0  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:39:24.0498 0x1ebc0  iPod Service - ok
14:39:24.0519 0x1ebc0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:39:24.0520 0x1ebc0  IRENUM - ok
14:39:24.0534 0x1ebc0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:39:24.0535 0x1ebc0  isapnp - ok
14:39:24.0554 0x1ebc0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:39:24.0560 0x1ebc0  iScsiPrt - ok
14:39:24.0585 0x1ebc0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:39:24.0588 0x1ebc0  kbdclass - ok
14:39:24.0605 0x1ebc0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:39:24.0606 0x1ebc0  kbdhid - ok
14:39:24.0621 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
14:39:24.0623 0x1ebc0  KeyIso - ok
14:39:24.0672 0x1ebc0  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:39:24.0675 0x1ebc0  KSecDD - ok
14:39:24.0693 0x1ebc0  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:39:24.0699 0x1ebc0  KSecPkg - ok
14:39:24.0720 0x1ebc0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:39:24.0721 0x1ebc0  ksthunk - ok
14:39:24.0751 0x1ebc0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:39:24.0761 0x1ebc0  KtmRm - ok
14:39:24.0819 0x1ebc0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:39:24.0836 0x1ebc0  LanmanServer - ok
14:39:24.0883 0x1ebc0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:39:24.0890 0x1ebc0  LanmanWorkstation - ok
14:39:24.0948 0x1ebc0  [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:39:24.0951 0x1ebc0  LightScribeService - ok
14:39:25.0115 0x1ebc0  [ 6105B28F5D03C4AFFA7197B228768849, 2CD17178816100DBAFEFCD940DF8D012CDADC78C278835DEADB8D5F6BC0FC11A ] LiveUpdate      C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
14:39:25.0182 0x1ebc0  LiveUpdate - ok
14:39:25.0220 0x1ebc0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:39:25.0222 0x1ebc0  lltdio - ok
14:39:25.0257 0x1ebc0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:39:25.0265 0x1ebc0  lltdsvc - ok
14:39:25.0285 0x1ebc0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:39:25.0288 0x1ebc0  lmhosts - ok
14:39:25.0312 0x1ebc0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:39:25.0315 0x1ebc0  LSI_FC - ok
14:39:25.0338 0x1ebc0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:39:25.0343 0x1ebc0  LSI_SAS - ok
14:39:25.0357 0x1ebc0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:39:25.0359 0x1ebc0  LSI_SAS2 - ok
14:39:25.0377 0x1ebc0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:39:25.0383 0x1ebc0  LSI_SCSI - ok
14:39:25.0408 0x1ebc0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:39:25.0413 0x1ebc0  luafv - ok
14:39:25.0457 0x1ebc0  [ 1B4DBCAA0321BBB76255983148051F09, 8E93EC4FFBCB3CE17B8659978EB7A6BE2D8D3386FCDCE160B2F580BCF91E76EF ] massfilter      C:\Windows\system32\drivers\massfilter.sys
14:39:25.0458 0x1ebc0  massfilter - ok
14:39:25.0469 0x1ebc0  [ 7AD627CDB12F5F451F24C8A97CA6E175, ECBE9293B62D45D874D01B37FC97E861643C40D7085F5CC3A1375E47C1B39F39 ] massfilter_hs   C:\Windows\system32\drivers\massfilter_hs.sys
14:39:25.0470 0x1ebc0  massfilter_hs - ok
14:39:25.0500 0x1ebc0  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
14:39:25.0506 0x1ebc0  mcdbus - ok
14:39:25.0552 0x1ebc0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:39:25.0555 0x1ebc0  Mcx2Svc - ok
14:39:25.0571 0x1ebc0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:39:25.0573 0x1ebc0  megasas - ok
14:39:25.0599 0x1ebc0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:39:25.0605 0x1ebc0  MegaSR - ok
14:39:25.0632 0x1ebc0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:39:25.0637 0x1ebc0  MMCSS - ok
14:39:25.0654 0x1ebc0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:39:25.0655 0x1ebc0  Modem - ok
14:39:25.0684 0x1ebc0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:39:25.0685 0x1ebc0  monitor - ok
14:39:25.0738 0x1ebc0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:39:25.0740 0x1ebc0  mouclass - ok
14:39:25.0758 0x1ebc0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:39:25.0760 0x1ebc0  mouhid - ok
14:39:25.0803 0x1ebc0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:39:25.0808 0x1ebc0  mountmgr - ok
14:39:25.0864 0x1ebc0  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:39:25.0867 0x1ebc0  MozillaMaintenance - ok
14:39:25.0885 0x1ebc0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:39:25.0888 0x1ebc0  mpio - ok
14:39:25.0916 0x1ebc0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:39:25.0918 0x1ebc0  mpsdrv - ok
14:39:25.0988 0x1ebc0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:39:26.0022 0x1ebc0  MpsSvc - ok
14:39:26.0078 0x1ebc0  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:39:26.0081 0x1ebc0  MRxDAV - ok
14:39:26.0129 0x1ebc0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:39:26.0133 0x1ebc0  mrxsmb - ok
14:39:26.0151 0x1ebc0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:39:26.0167 0x1ebc0  mrxsmb10 - ok
14:39:26.0181 0x1ebc0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:39:26.0184 0x1ebc0  mrxsmb20 - ok
14:39:26.0228 0x1ebc0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:39:26.0230 0x1ebc0  msahci - ok
14:39:26.0281 0x1ebc0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:39:26.0284 0x1ebc0  msdsm - ok
14:39:26.0302 0x1ebc0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:39:26.0307 0x1ebc0  MSDTC - ok
14:39:26.0330 0x1ebc0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:39:26.0331 0x1ebc0  Msfs - ok
14:39:26.0343 0x1ebc0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:39:26.0344 0x1ebc0  mshidkmdf - ok
14:39:26.0371 0x1ebc0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:39:26.0372 0x1ebc0  msisadrv - ok
14:39:26.0419 0x1ebc0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:39:26.0424 0x1ebc0  MSiSCSI - ok
14:39:26.0429 0x1ebc0  msiserver - ok
14:39:26.0455 0x1ebc0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:39:26.0456 0x1ebc0  MSKSSRV - ok
14:39:26.0469 0x1ebc0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:39:26.0470 0x1ebc0  MSPCLOCK - ok
14:39:26.0483 0x1ebc0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:39:26.0484 0x1ebc0  MSPQM - ok
14:39:26.0536 0x1ebc0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:39:26.0546 0x1ebc0  MsRPC - ok
14:39:26.0564 0x1ebc0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:39:26.0565 0x1ebc0  mssmbios - ok
14:39:26.0578 0x1ebc0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:39:26.0579 0x1ebc0  MSTEE - ok
14:39:26.0590 0x1ebc0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:39:26.0591 0x1ebc0  MTConfig - ok
14:39:26.0609 0x1ebc0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:39:26.0613 0x1ebc0  Mup - ok
14:39:26.0667 0x1ebc0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:39:26.0692 0x1ebc0  napagent - ok
14:39:26.0726 0x1ebc0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:39:26.0734 0x1ebc0  NativeWifiP - ok
14:39:26.0930 0x1ebc0  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140121.005\ENG64.SYS
14:39:26.0933 0x1ebc0  NAVENG - ok
14:39:27.0064 0x1ebc0  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140121.005\EX64.SYS
14:39:27.0109 0x1ebc0  NAVEX15 - ok
14:39:27.0174 0x1ebc0  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:39:27.0211 0x1ebc0  NDIS - ok
14:39:27.0234 0x1ebc0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:39:27.0236 0x1ebc0  NdisCap - ok
14:39:27.0257 0x1ebc0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:39:27.0258 0x1ebc0  NdisTapi - ok
14:39:27.0301 0x1ebc0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:39:27.0303 0x1ebc0  Ndisuio - ok
14:39:27.0350 0x1ebc0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:39:27.0356 0x1ebc0  NdisWan - ok
14:39:27.0397 0x1ebc0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:39:27.0399 0x1ebc0  NDProxy - ok
14:39:27.0475 0x1ebc0  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:39:27.0478 0x1ebc0  Net Driver HPZ12 - ok
14:39:27.0530 0x1ebc0  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
14:39:27.0532 0x1ebc0  Netaapl - ok
14:39:27.0544 0x1ebc0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:39:27.0546 0x1ebc0  NetBIOS - ok
14:39:27.0604 0x1ebc0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:39:27.0613 0x1ebc0  NetBT - ok
14:39:27.0624 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
14:39:27.0627 0x1ebc0  Netlogon - ok
14:39:27.0659 0x1ebc0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:39:27.0680 0x1ebc0  Netman - ok
14:39:27.0703 0x1ebc0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:39:27.0728 0x1ebc0  netprofm - ok
14:39:27.0759 0x1ebc0  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:39:27.0762 0x1ebc0  NetTcpPortSharing - ok
14:39:27.0950 0x1ebc0  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:39:28.0070 0x1ebc0  netw5v64 - ok
14:39:28.0100 0x1ebc0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:39:28.0103 0x1ebc0  nfrd960 - ok
14:39:28.0121 0x1ebc0  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:39:28.0139 0x1ebc0  NlaSvc - ok
14:39:28.0156 0x1ebc0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:39:28.0157 0x1ebc0  Npfs - ok
14:39:28.0167 0x1ebc0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:39:28.0171 0x1ebc0  nsi - ok
14:39:28.0183 0x1ebc0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:39:28.0185 0x1ebc0  nsiproxy - ok
14:39:28.0286 0x1ebc0  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:39:28.0321 0x1ebc0  Ntfs - ok
14:39:28.0332 0x1ebc0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:39:28.0333 0x1ebc0  Null - ok
14:39:28.0349 0x1ebc0  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:39:28.0353 0x1ebc0  nvraid - ok
14:39:28.0399 0x1ebc0  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:39:28.0403 0x1ebc0  nvstor - ok
14:39:28.0419 0x1ebc0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:39:28.0423 0x1ebc0  nv_agp - ok
14:39:28.0485 0x1ebc0  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:39:28.0495 0x1ebc0  odserv - ok
14:39:28.0514 0x1ebc0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:39:28.0516 0x1ebc0  ohci1394 - ok
14:39:28.0564 0x1ebc0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:28.0569 0x1ebc0  ose - ok
14:39:28.0606 0x1ebc0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:39:28.0627 0x1ebc0  p2pimsvc - ok
14:39:28.0650 0x1ebc0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:39:28.0676 0x1ebc0  p2psvc - ok
14:39:28.0701 0x1ebc0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:39:28.0704 0x1ebc0  Parport - ok
14:39:28.0725 0x1ebc0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:39:28.0728 0x1ebc0  partmgr - ok
14:39:28.0738 0x1ebc0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:39:28.0745 0x1ebc0  PcaSvc - ok
14:39:28.0767 0x1ebc0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:39:28.0775 0x1ebc0  pci - ok
14:39:28.0818 0x1ebc0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:39:28.0819 0x1ebc0  pciide - ok
14:39:28.0845 0x1ebc0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:39:28.0850 0x1ebc0  pcmcia - ok
14:39:28.0871 0x1ebc0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:39:28.0872 0x1ebc0  pcw - ok
14:39:28.0998 0x1ebc0  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
14:39:29.0066 0x1ebc0  PDF Architect Helper Service - ok
14:39:29.0140 0x1ebc0  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
14:39:29.0174 0x1ebc0  PDF Architect Service - ok
14:39:29.0210 0x1ebc0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:39:29.0225 0x1ebc0  PEAUTH - ok
14:39:29.0329 0x1ebc0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:39:29.0331 0x1ebc0  PerfHost - ok
14:39:29.0422 0x1ebc0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:39:29.0454 0x1ebc0  pla - ok
14:39:29.0489 0x1ebc0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:39:29.0514 0x1ebc0  PlugPlay - ok
14:39:29.0589 0x1ebc0  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:39:29.0593 0x1ebc0  Pml Driver HPZ12 - ok
14:39:29.0619 0x1ebc0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:39:29.0623 0x1ebc0  PNRPAutoReg - ok
14:39:29.0645 0x1ebc0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:39:29.0654 0x1ebc0  PNRPsvc - ok
14:39:29.0699 0x1ebc0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:39:29.0711 0x1ebc0  PolicyAgent - ok
14:39:29.0742 0x1ebc0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:39:29.0751 0x1ebc0  Power - ok
14:39:29.0804 0x1ebc0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:39:29.0807 0x1ebc0  PptpMiniport - ok
14:39:29.0833 0x1ebc0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:39:29.0835 0x1ebc0  Processor - ok
14:39:29.0863 0x1ebc0  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
14:39:29.0872 0x1ebc0  ProfSvc - ok
14:39:29.0885 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:39:29.0888 0x1ebc0  ProtectedStorage - ok
14:39:29.0938 0x1ebc0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:39:29.0944 0x1ebc0  Psched - ok
14:39:29.0973 0x1ebc0  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:39:29.0980 0x1ebc0  PSI_SVC_2 - ok
14:39:30.0044 0x1ebc0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:39:30.0077 0x1ebc0  ql2300 - ok
14:39:30.0094 0x1ebc0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:39:30.0097 0x1ebc0  ql40xx - ok
14:39:30.0124 0x1ebc0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:39:30.0131 0x1ebc0  QWAVE - ok
14:39:30.0141 0x1ebc0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:39:30.0143 0x1ebc0  QWAVEdrv - ok
14:39:30.0155 0x1ebc0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:39:30.0157 0x1ebc0  RasAcd - ok
14:39:30.0185 0x1ebc0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:39:30.0187 0x1ebc0  RasAgileVpn - ok
14:39:30.0202 0x1ebc0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:39:30.0208 0x1ebc0  RasAuto - ok
14:39:30.0257 0x1ebc0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:39:30.0260 0x1ebc0  Rasl2tp - ok
14:39:30.0319 0x1ebc0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:39:30.0342 0x1ebc0  RasMan - ok
14:39:30.0351 0x1ebc0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:39:30.0354 0x1ebc0  RasPppoe - ok
14:39:30.0369 0x1ebc0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:39:30.0372 0x1ebc0  RasSstp - ok
14:39:30.0428 0x1ebc0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:39:30.0445 0x1ebc0  rdbss - ok
14:39:30.0459 0x1ebc0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:39:30.0460 0x1ebc0  rdpbus - ok
14:39:30.0478 0x1ebc0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:39:30.0481 0x1ebc0  RDPCDD - ok
14:39:30.0505 0x1ebc0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:39:30.0507 0x1ebc0  RDPENCDD - ok
14:39:30.0518 0x1ebc0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:39:30.0522 0x1ebc0  RDPREFMP - ok
14:39:30.0551 0x1ebc0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:39:30.0556 0x1ebc0  RDPWD - ok
14:39:30.0601 0x1ebc0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:39:30.0607 0x1ebc0  rdyboost - ok
14:39:30.0629 0x1ebc0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:39:30.0633 0x1ebc0  RemoteAccess - ok
14:39:30.0659 0x1ebc0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:39:30.0665 0x1ebc0  RemoteRegistry - ok
14:39:30.0731 0x1ebc0  [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:39:30.0739 0x1ebc0  RichVideo - ok
14:39:30.0752 0x1ebc0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:39:30.0757 0x1ebc0  RpcEptMapper - ok
14:39:30.0783 0x1ebc0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:39:30.0786 0x1ebc0  RpcLocator - ok
14:39:30.0841 0x1ebc0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:39:30.0854 0x1ebc0  RpcSs - ok
14:39:30.0886 0x1ebc0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:39:30.0890 0x1ebc0  rspndr - ok
14:39:30.0929 0x1ebc0  [ A5DF2F732A6C95554E548FCB6932BD31, C86B89CDB42F465329CAD3B601A6A006C4785F0CBF753361A7677D68D558EFC9 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
14:39:30.0934 0x1ebc0  RSUSBSTOR - ok
14:39:30.0966 0x1ebc0  [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:39:30.0971 0x1ebc0  RTL8167 - ok
14:39:30.0976 0x1ebc0  RtsUIR - ok
14:39:30.0990 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
14:39:30.0994 0x1ebc0  SamSs - ok
14:39:31.0040 0x1ebc0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:39:31.0044 0x1ebc0  sbp2port - ok
14:39:31.0078 0x1ebc0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:39:31.0087 0x1ebc0  SCardSvr - ok
14:39:31.0134 0x1ebc0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:39:31.0136 0x1ebc0  scfilter - ok
14:39:31.0209 0x1ebc0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:39:31.0268 0x1ebc0  Schedule - ok
14:39:31.0329 0x1ebc0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:39:31.0331 0x1ebc0  SCPolicySvc - ok
14:39:31.0390 0x1ebc0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:39:31.0393 0x1ebc0  sdbus - ok
14:39:31.0411 0x1ebc0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:39:31.0417 0x1ebc0  SDRSVC - ok
14:39:31.0447 0x1ebc0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:39:31.0449 0x1ebc0  secdrv - ok
14:39:31.0497 0x1ebc0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:39:31.0501 0x1ebc0  seclogon - ok
14:39:31.0512 0x1ebc0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:39:31.0517 0x1ebc0  SENS - ok
14:39:31.0542 0x1ebc0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:39:31.0546 0x1ebc0  SensrSvc - ok
14:39:31.0558 0x1ebc0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:39:31.0560 0x1ebc0  Serenum - ok
14:39:31.0576 0x1ebc0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:39:31.0581 0x1ebc0  Serial - ok
14:39:31.0595 0x1ebc0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:39:31.0596 0x1ebc0  sermouse - ok
14:39:31.0652 0x1ebc0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:39:31.0657 0x1ebc0  SessionEnv - ok
14:39:31.0683 0x1ebc0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:39:31.0684 0x1ebc0  sffdisk - ok
14:39:31.0703 0x1ebc0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:39:31.0704 0x1ebc0  sffp_mmc - ok
14:39:31.0722 0x1ebc0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:39:31.0724 0x1ebc0  sffp_sd - ok
14:39:31.0736 0x1ebc0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:39:31.0737 0x1ebc0  sfloppy - ok
14:39:31.0771 0x1ebc0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:39:31.0780 0x1ebc0  SharedAccess - ok
14:39:31.0841 0x1ebc0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:39:31.0867 0x1ebc0  ShellHWDetection - ok
14:39:31.0892 0x1ebc0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:39:31.0896 0x1ebc0  SiSRaid2 - ok
14:39:31.0904 0x1ebc0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:39:31.0907 0x1ebc0  SiSRaid4 - ok
14:39:31.0930 0x1ebc0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:39:31.0933 0x1ebc0  Smb - ok
14:39:32.0131 0x1ebc0  [ 9B34CD63A68AA922A1A30B449A626A7F, 20DE1335698B4DEDAAFB20DBFCA71DCA32961DBF64F60189154D85AA0F042034 ] SmcService      C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
14:39:32.0274 0x1ebc0  SmcService - ok
14:39:32.0343 0x1ebc0  [ C2E9B4E50CF3A15255B45A7C7A0A881E, 23FD6694E11C70240B7AD13D9D7A990F6AC1199A6756AA2701DB77AB0EB50F0B ] SNAC            C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
14:39:32.0353 0x1ebc0  SNAC - ok
14:39:32.0386 0x1ebc0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:39:32.0390 0x1ebc0  SNMPTRAP - ok
14:39:32.0405 0x1ebc0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:39:32.0406 0x1ebc0  spldr - ok
14:39:32.0465 0x1ebc0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
14:39:32.0494 0x1ebc0  Spooler - ok
14:39:32.0645 0x1ebc0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:39:32.0726 0x1ebc0  sppsvc - ok
14:39:32.0746 0x1ebc0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:39:32.0751 0x1ebc0  sppuinotify - ok
14:39:32.0773 0x1ebc0  [ B531FC8918DCDAAE638511A123C3465E, 298B802248F2EE093FFC6291559087633BE68939B224ED99CB3C5406C2F08ED6 ] SRTSP           C:\Windows\system32\Drivers\SRTSP64.SYS
14:39:32.0784 0x1ebc0  SRTSP - ok
14:39:32.0826 0x1ebc0  [ 2BD3A73D0601320B72486FC3EBC2544F, 50677898DB77F95A4E7AF40902B9E0B1D85C7B66E1588562FE9C8EB074001EB3 ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL64.SYS
14:39:32.0837 0x1ebc0  SRTSPL - ok
14:39:32.0858 0x1ebc0  [ 529B337C1AEEB289F0B502EB0EE6A8F5, 2D042B520A5A0BAE912A9F06E27DB6F8F8EC24F6F21C549DF81748CAF5D74FE1 ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX64.SYS
14:39:32.0860 0x1ebc0  SRTSPX - ok
14:39:32.0894 0x1ebc0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:39:32.0906 0x1ebc0  srv - ok
14:39:32.0934 0x1ebc0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:39:32.0944 0x1ebc0  srv2 - ok
14:39:32.0988 0x1ebc0  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:39:32.0995 0x1ebc0  SrvHsfHDA - ok
14:39:33.0052 0x1ebc0  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:39:33.0084 0x1ebc0  SrvHsfV92 - ok
14:39:33.0125 0x1ebc0  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:39:33.0141 0x1ebc0  SrvHsfWinac - ok
14:39:33.0162 0x1ebc0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:39:33.0168 0x1ebc0  srvnet - ok
14:39:33.0196 0x1ebc0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:39:33.0213 0x1ebc0  SSDPSRV - ok
14:39:33.0229 0x1ebc0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:39:33.0234 0x1ebc0  SstpSvc - ok
14:39:33.0328 0x1ebc0  [ 810199DCC3BDC38304D7D649992EA7BC, B72D88A9F03D2BE65D45691AB643D11EC306E654AEB74C6610DC7331FE440110 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
14:39:33.0336 0x1ebc0  STacSV - ok
14:39:33.0346 0x1ebc0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:39:33.0349 0x1ebc0  stexstor - ok
14:39:33.0398 0x1ebc0  [ ED1722F43CE61409EF68340402D6267D, 2FC14738C8F268DE4539064DE6D8954B6C9CD4ADE1139E2C74BD3486BF9A0861 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
14:39:33.0409 0x1ebc0  STHDA - ok
14:39:33.0460 0x1ebc0  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:39:33.0461 0x1ebc0  StillCam - ok
14:39:33.0519 0x1ebc0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:39:33.0550 0x1ebc0  stisvc - ok
14:39:33.0591 0x1ebc0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:39:33.0593 0x1ebc0  swenum - ok
14:39:33.0628 0x1ebc0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:39:33.0642 0x1ebc0  swprv - ok
14:39:33.0741 0x1ebc0  [ 05799A82B7A2714AE14EE17C4B660701, 8099370FB46581B971BB478F2A1D5A39973C8AF723A75048B53AA081568B0F78 ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
14:39:33.0809 0x1ebc0  Symantec AntiVirus - ok
14:39:33.0848 0x1ebc0  [ 7E4D281982E19ABD06728C7EE9AC40A8, A46F5A9B38F8D854C7EE55A75674F6A0FD2A98CB80BD7B8D6892597B3C1EBF6C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:39:33.0852 0x1ebc0  SymEvent - ok
14:39:33.0912 0x1ebc0  [ 924D711941956F7420A4925592BE8253, D621114FC94D9B257EC5B684B90E54B63D4078D5FC19550C2E396AE4EDD2C552 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:39:33.0919 0x1ebc0  SynTP - ok
14:39:34.0016 0x1ebc0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:39:34.0079 0x1ebc0  SysMain - ok
14:39:34.0141 0x1ebc0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:39:34.0146 0x1ebc0  TabletInputService - ok
14:39:34.0177 0x1ebc0  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:39:34.0178 0x1ebc0  tap0901 - ok
14:39:34.0237 0x1ebc0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:39:34.0262 0x1ebc0  TapiSrv - ok
14:39:34.0287 0x1ebc0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:39:34.0292 0x1ebc0  TBS - ok
14:39:34.0373 0x1ebc0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:39:34.0442 0x1ebc0  Tcpip - ok
14:39:34.0522 0x1ebc0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:39:34.0563 0x1ebc0  TCPIP6 - ok
14:39:34.0630 0x1ebc0  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:39:34.0632 0x1ebc0  tcpipreg - ok
14:39:34.0663 0x1ebc0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:39:34.0664 0x1ebc0  TDPIPE - ok
14:39:34.0689 0x1ebc0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:39:34.0690 0x1ebc0  TDTCP - ok
14:39:34.0751 0x1ebc0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:39:34.0754 0x1ebc0  tdx - ok
14:39:34.0777 0x1ebc0  [ EF6CCF8B483201F7196D83FC136FA43A, FC5BD00C0CCE73AE0CC703040B2524775FCBA2702DE0B0CD0450F2D68245725C ] Teefer2         C:\Windows\system32\DRIVERS\teefer2.sys
14:39:34.0781 0x1ebc0  Teefer2 - ok
14:39:34.0825 0x1ebc0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:39:34.0827 0x1ebc0  TermDD - ok
14:39:34.0881 0x1ebc0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
14:39:34.0898 0x1ebc0  TermService - ok
14:39:34.0959 0x1ebc0  [ 8F14DE79EBE73D6D717B8455E64DDA86, 7561D79B1F213AC4877E7972CCD2926228330CDDE244FA8E3B77F4FB192BACC8 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
14:39:34.0966 0x1ebc0  TGCM_ImportWiFiSvc - ok
14:39:34.0986 0x1ebc0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:39:34.0992 0x1ebc0  Themes - ok
14:39:35.0037 0x1ebc0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:39:35.0041 0x1ebc0  THREADORDER - ok
14:39:35.0059 0x1ebc0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:39:35.0066 0x1ebc0  TrkWks - ok
14:39:35.0138 0x1ebc0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:39:35.0145 0x1ebc0  TrustedInstaller - ok
14:39:35.0191 0x1ebc0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:39:35.0193 0x1ebc0  tssecsrv - ok
14:39:35.0242 0x1ebc0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:39:35.0244 0x1ebc0  TsUsbFlt - ok
14:39:35.0307 0x1ebc0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:39:35.0310 0x1ebc0  tunnel - ok
14:39:35.0338 0x1ebc0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:39:35.0340 0x1ebc0  uagp35 - ok
14:39:35.0362 0x1ebc0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:39:35.0383 0x1ebc0  udfs - ok
14:39:35.0406 0x1ebc0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:39:35.0410 0x1ebc0  UI0Detect - ok
14:39:35.0462 0x1ebc0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:39:35.0464 0x1ebc0  uliagpkx - ok
14:39:35.0487 0x1ebc0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:39:35.0489 0x1ebc0  umbus - ok
14:39:35.0522 0x1ebc0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:39:35.0523 0x1ebc0  UmPass - ok
14:39:35.0562 0x1ebc0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:39:35.0587 0x1ebc0  upnphost - ok
14:39:35.0619 0x1ebc0  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:39:35.0621 0x1ebc0  USBAAPL64 - ok
14:39:35.0665 0x1ebc0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:39:35.0668 0x1ebc0  usbccgp - ok
14:39:35.0685 0x1ebc0  USBCCID - ok
14:39:35.0709 0x1ebc0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:39:35.0712 0x1ebc0  usbcir - ok
14:39:35.0754 0x1ebc0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:39:35.0756 0x1ebc0  usbehci - ok
14:39:35.0794 0x1ebc0  [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
14:39:35.0797 0x1ebc0  usbfilter - ok
14:39:35.0864 0x1ebc0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:39:35.0873 0x1ebc0  usbhub - ok
14:39:35.0888 0x1ebc0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:39:35.0890 0x1ebc0  usbohci - ok
14:39:35.0912 0x1ebc0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:39:35.0914 0x1ebc0  usbprint - ok
14:39:35.0930 0x1ebc0  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:39:35.0935 0x1ebc0  USBSTOR - ok
14:39:35.0956 0x1ebc0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:39:35.0958 0x1ebc0  usbuhci - ok
14:39:35.0995 0x1ebc0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:39:36.0000 0x1ebc0  usbvideo - ok
14:39:36.0028 0x1ebc0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:39:36.0033 0x1ebc0  UxSms - ok
14:39:36.0065 0x1ebc0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
14:39:36.0069 0x1ebc0  VaultSvc - ok
14:39:36.0087 0x1ebc0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:39:36.0088 0x1ebc0  vdrvroot - ok
14:39:36.0148 0x1ebc0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:39:36.0163 0x1ebc0  vds - ok
14:39:36.0185 0x1ebc0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:39:36.0187 0x1ebc0  vga - ok
14:39:36.0203 0x1ebc0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:39:36.0205 0x1ebc0  VgaSave - ok
14:39:36.0225 0x1ebc0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:39:36.0230 0x1ebc0  vhdmp - ok
14:39:36.0280 0x1ebc0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:39:36.0282 0x1ebc0  viaide - ok
14:39:36.0298 0x1ebc0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:39:36.0300 0x1ebc0  volmgr - ok
14:39:36.0355 0x1ebc0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:39:36.0372 0x1ebc0  volmgrx - ok
14:39:36.0427 0x1ebc0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:39:36.0434 0x1ebc0  volsnap - ok
14:39:36.0460 0x1ebc0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:39:36.0464 0x1ebc0  vsmraid - ok
14:39:36.0567 0x1ebc0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:39:36.0605 0x1ebc0  VSS - ok
14:39:36.0636 0x1ebc0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:39:36.0637 0x1ebc0  vwifibus - ok
14:39:36.0659 0x1ebc0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:39:36.0661 0x1ebc0  vwififlt - ok
14:39:36.0750 0x1ebc0  [ 08BD0D600A2BEB28CEA9383D2477AD81, DB564FBB787EF138CDF778CCC363904AA434DEF916B54B753593BB6DE07361C6 ] VyprVPN         C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
14:39:36.0752 0x1ebc0  VyprVPN - ok
14:39:36.0785 0x1ebc0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:39:36.0808 0x1ebc0  W32Time - ok
14:39:36.0825 0x1ebc0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:39:36.0826 0x1ebc0  WacomPen - ok
14:39:36.0886 0x1ebc0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:39:36.0890 0x1ebc0  WANARP - ok
14:39:36.0907 0x1ebc0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:39:36.0909 0x1ebc0  Wanarpv6 - ok
14:39:37.0008 0x1ebc0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:39:37.0034 0x1ebc0  WatAdminSvc - ok
14:39:37.0132 0x1ebc0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:39:37.0167 0x1ebc0  wbengine - ok
14:39:37.0182 0x1ebc0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:39:37.0189 0x1ebc0  WbioSrvc - ok
14:39:37.0244 0x1ebc0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:39:37.0256 0x1ebc0  wcncsvc - ok
14:39:37.0273 0x1ebc0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:39:37.0277 0x1ebc0  WcsPlugInService - ok
14:39:37.0292 0x1ebc0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:39:37.0294 0x1ebc0  Wd - ok
14:39:37.0333 0x1ebc0  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
14:39:37.0335 0x1ebc0  WDC_SAM - ok
14:39:37.0383 0x1ebc0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:39:37.0416 0x1ebc0  Wdf01000 - ok
14:39:37.0444 0x1ebc0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:39:37.0450 0x1ebc0  WdiServiceHost - ok
14:39:37.0456 0x1ebc0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:39:37.0461 0x1ebc0  WdiSystemHost - ok
14:39:37.0477 0x1ebc0  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
14:39:37.0486 0x1ebc0  WebClient - ok
14:39:37.0504 0x1ebc0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:39:37.0512 0x1ebc0  Wecsvc - ok
14:39:37.0529 0x1ebc0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:39:37.0536 0x1ebc0  wercplsupport - ok
14:39:37.0553 0x1ebc0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:39:37.0559 0x1ebc0  WerSvc - ok
14:39:37.0590 0x1ebc0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:39:37.0591 0x1ebc0  WfpLwf - ok
14:39:37.0605 0x1ebc0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:39:37.0606 0x1ebc0  WIMMount - ok
14:39:37.0633 0x1ebc0  WinDefend - ok
14:39:37.0643 0x1ebc0  WinHttpAutoProxySvc - ok
14:39:37.0693 0x1ebc0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:39:37.0700 0x1ebc0  Winmgmt - ok
14:39:37.0809 0x1ebc0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:39:37.0856 0x1ebc0  WinRM - ok
14:39:37.0926 0x1ebc0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:39:37.0928 0x1ebc0  WinUsb - ok
14:39:37.0957 0x1ebc0  wjlp1uza - ok
14:39:38.0012 0x1ebc0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:39:38.0053 0x1ebc0  Wlansvc - ok
14:39:38.0071 0x1ebc0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:39:38.0074 0x1ebc0  WmiAcpi - ok
14:39:38.0111 0x1ebc0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:39:38.0116 0x1ebc0  wmiApSrv - ok
14:39:38.0154 0x1ebc0  WMPNetworkSvc - ok
14:39:38.0167 0x1ebc0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:39:38.0171 0x1ebc0  WPCSvc - ok
14:39:38.0217 0x1ebc0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:39:38.0225 0x1ebc0  WPDBusEnum - ok
14:39:38.0270 0x1ebc0  [ 1D98E69903BC3A2D8383696DD701B679, 760DFF9ABB73A468FBC2CDF7160AA6466F59B65D5717AC1FBE29779BE03280D6 ] WPS             C:\Windows\system32\drivers\wpsdrvnt.sys
14:39:38.0273 0x1ebc0  WPS - ok
14:39:38.0351 0x1ebc0  [ 49B9FA407586503D27D17DBDEAEAC970, 50EC5AC0F8F6945A3A00D5435793340125BF4EF74D89CED04EC6D2F3395A19BC ] WpsHelper       C:\Windows\system32\drivers\WpsHelper.sys
14:39:38.0359 0x1ebc0  WpsHelper - ok
14:39:38.0384 0x1ebc0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:39:38.0385 0x1ebc0  ws2ifsl - ok
14:39:38.0404 0x1ebc0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:39:38.0412 0x1ebc0  wscsvc - ok
14:39:38.0416 0x1ebc0  WSearch - ok
14:39:38.0529 0x1ebc0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:39:38.0617 0x1ebc0  wuauserv - ok
14:39:38.0674 0x1ebc0  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:39:38.0677 0x1ebc0  WudfPf - ok
14:39:38.0726 0x1ebc0  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:38.0730 0x1ebc0  WUDFRd - ok
14:39:38.0775 0x1ebc0  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:39:38.0783 0x1ebc0  wudfsvc - ok
14:39:38.0816 0x1ebc0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:39:38.0824 0x1ebc0  WwanSvc - ok
14:39:38.0867 0x1ebc0  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:39:38.0877 0x1ebc0  yukonw7 - ok
14:39:38.0924 0x1ebc0  [ AD6558FBC66691959BA4AC55A57C3921, CC34BD59847ECDE1CAE9F123982D2182FD101F9DD02964313BF84B81AD7EB5C0 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:39:38.0927 0x1ebc0  ZTEusbmdm6k - ok
14:39:38.0943 0x1ebc0  [ AD6558FBC66691959BA4AC55A57C3921, CC34BD59847ECDE1CAE9F123982D2182FD101F9DD02964313BF84B81AD7EB5C0 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:39:38.0946 0x1ebc0  ZTEusbnmea - ok
14:39:38.0968 0x1ebc0  [ AD6558FBC66691959BA4AC55A57C3921, CC34BD59847ECDE1CAE9F123982D2182FD101F9DD02964313BF84B81AD7EB5C0 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:39:38.0971 0x1ebc0  ZTEusbser6k - ok
14:39:39.0041 0x1ebc0  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
14:39:39.0045 0x1ebc0  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
14:39:39.0053 0x1ebc0  ================ Scan global ===============================
14:39:39.0077 0x1ebc0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:39:39.0112 0x1ebc0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:39:39.0138 0x1ebc0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:39:39.0171 0x1ebc0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:39:39.0204 0x1ebc0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:39:39.0214 0x1ebc0  [ Global ] - ok
14:39:39.0214 0x1ebc0  ================ Scan MBR ==================================
14:39:39.0226 0x1ebc0  [ D6967E0F4D643358ED82E826D8F87F31 ] \Device\Harddisk0\DR0
14:39:39.0585 0x1ebc0  \Device\Harddisk0\DR0 - ok
14:39:39.0585 0x1ebc0  ================ Scan VBR ==================================
14:39:39.0588 0x1ebc0  [ 57C50EF00F538A4EC790A9178B380A94 ] \Device\Harddisk0\DR0\Partition1
14:39:39.0590 0x1ebc0  \Device\Harddisk0\DR0\Partition1 - ok
14:39:39.0624 0x1ebc0  [ D2C4E592510A9B96433B37929BBB6940 ] \Device\Harddisk0\DR0\Partition2
14:39:39.0643 0x1ebc0  \Device\Harddisk0\DR0\Partition2 - ok
14:39:39.0673 0x1ebc0  [ 8C5D80B8886F20FDDD4D0D0612426D25 ] \Device\Harddisk0\DR0\Partition3
14:39:39.0675 0x1ebc0  \Device\Harddisk0\DR0\Partition3 - ok
14:39:39.0691 0x1ebc0  [ ED18637C2B583E669D980AB44CA66395 ] \Device\Harddisk0\DR0\Partition4
14:39:39.0693 0x1ebc0  \Device\Harddisk0\DR0\Partition4 - ok
14:39:39.0693 0x1ebc0  Waiting for KSN requests completion. In queue: 63
14:39:40.0693 0x1ebc0  Waiting for KSN requests completion. In queue: 63
14:39:41.0693 0x1ebc0  Waiting for KSN requests completion. In queue: 63
14:39:42.0693 0x1ebc0  Waiting for KSN requests completion. In queue: 63
14:39:43.0714 0x1ebc0  AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\WSCSavNotifier.exe ( 11.0.6000.419 ), 0x71000 ( enabled : updated )
14:39:43.0714 0x1ebc0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x42000 ( disabled : updated )
14:39:43.0716 0x1ebc0  FW detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe ( 11.0.6000.436 ), 0x41010 ( enabled )
14:39:46.0883 0x1ebc0  ============================================================
14:39:46.0883 0x1ebc0  Scan finished
14:39:46.0883 0x1ebc0  ============================================================
14:39:46.0894 0x1e184  Detected object count: 0
14:39:46.0895 0x1e184  Actual detected object count: 0
 



#4 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 22 January 2014 - 11:57 AM

Please do this next:

icon11.gif   Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#5 frankmc98

frankmc98
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 22 January 2014 - 02:11 PM

Here it is:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 01
Ran by Frank (administrator) on FRANK-PC on 22-01-2014 19:22:25
Running from C:\Users\Frank\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Golden Frog, Inc.) C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Golden Frog, Inc.) C:\Program Files (x86)\VyprVPN\VyprVPN.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acCOMpkcs.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
() C:\Program Files (x86)\MagicDVDRipper\MagicDVDRipper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2013-11-18] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-10-31] (Sun Microsystems, Inc.)
HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [15544 2009-08-26] ()
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [ccApp] - C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-01-25] (Symantec Corporation)
HKLM-x32\...\Run: [AprvRemoveLegacyExcelKeys] - C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2011-01-29] (Silanis Technology Inc.)
HKLM-x32\...\Run: [AprvRemoveLegacyWordKeys] - C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2011-01-29] (Silanis Technology Inc.)
HKLM-x32\...\Run: [ApproveItForOfficeSetup] - C:\Program Files (x86)\ApproveIt\Support\Tools\ApproveItForOfficeSetup.exe [155648 2010-01-26] (Silanis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-09] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-14] (Hewlett-Packard)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {95588c1b-5803-11e3-b4d8-c80aa92344c1} - "I:\WD SmartWare.exe" autoplay=true
MountPoints2: {95588cf5-5803-11e3-b4d8-c80aa92344c1} - "I:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {F10C472F-4F88-4BDC-A554-DE8EF7ADE946} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {F10C472F-4F88-4BDC-A554-DE8EF7ADE946} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {56AFA684-4D87-43F7-AD3C-32EB84F33035} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {359D5407-F29B-4F1D-9D66-84FCB825B996} URL =
SearchScopes: HKCU - {56AFA684-4D87-43F7-AD3C-32EB84F33035} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {F10C472F-4F88-4BDC-A554-DE8EF7ADE946} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: IBM Forms Viewer Helper - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Forms Viewer\4.0\PEhelper.dll (IBM Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll (Microsoft Corporation)
ShellExecuteHooks-x32: DVDIdleShell Class - {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files (x86)\DVD Region+CSS Free\DVDShell.dll [49152 2004-10-09] (Fengtao Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default
FF user.js: detected! => C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\user.js
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\DCAENTU.dll (Gradkell Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\DCARSA.dll (Gradkell Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\GuiUtils.dll (Gradkell Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDBsignWeb.dll (Gradkell Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll (IBM Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nsldap32v30.dll (Netscape Communications Corporation)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\vr64pc5w.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-31]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-09]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (BonanzaDeals) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj [2013-11-15]

==================== Services (Whitelisted) =================

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-09] (AVAST Software)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3217344 2010-04-10] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [419656 2010-04-01] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1822296 2010-04-01] (Symantec Corporation)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [75696 2014-01-15] (Golden Frog, Inc.)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-01-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-09] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-05] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140121.005\eng64.sys [126040 2013-11-13] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140121.005\ex64.sys [2099288 2013-11-13] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2013-11-21] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-12-28] (Symantec Corporation)
S3 wjlp1uza; C:\Windows\SysWOW64\drivers\wjlp1uza.sys [35904 2014-01-18] (VirusBlokAda Ltd.)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2010-04-10] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-11-14] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-10-03] (CyberLink Corp.)
U4 eabfiltr;
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 19:22 - 2014-01-22 19:23 - 00024593 _____ C:\Users\Frank\Downloads\FRST.txt
2014-01-22 19:21 - 2014-01-22 19:21 - 02077184 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-01-22 19:21 - 2014-01-22 19:21 - 00000000 ____D C:\FRST
2014-01-22 14:32 - 2014-01-22 14:32 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller(1).zip
2014-01-22 14:32 - 2014-01-22 14:32 - 00000000 ____D C:\Users\Frank\Downloads\tdsskiller(1)
2014-01-22 14:31 - 2014-01-22 14:31 - 00000000 ____D C:\Users\Frank\Downloads\tdsskiller
2014-01-22 14:30 - 2014-01-22 14:31 - 02218636 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2014-01-22 11:07 - 2014-01-22 11:07 - 00000000 ____D C:\Users\Frank\Documents\My PSP Files
2014-01-21 22:42 - 2014-01-21 22:42 - 00000000 ____D C:\Users\Frank\Downloads\The Who-Who's Next SHM-CD Japan 2013)
2014-01-21 07:33 - 2014-01-21 07:47 - 00000000 ____D C:\Users\Frank\Downloads\Despicable Me 2 (SoundTrack) 2013
2014-01-20 01:11 - 2014-01-20 01:11 - 00431864 _____ () C:\Users\Frank\Downloads\FlixsterSetup.exe
2014-01-20 00:39 - 2014-01-20 00:40 - 00000000 ____D C:\Users\Frank\Documents\aBooks
2014-01-19 21:52 - 2014-01-19 21:52 - 00004436 _____ C:\Users\Frank\Desktop\attach.zip
2014-01-19 21:36 - 2014-01-19 21:36 - 00000000 ____D C:\Users\Frank\Desktop\DDS
2014-01-19 21:34 - 2014-01-19 21:34 - 00027531 _____ C:\Users\Frank\Desktop\dds.txt
2014-01-19 21:34 - 2014-01-19 21:34 - 00012849 _____ C:\Users\Frank\Desktop\attach.txt
2014-01-19 21:29 - 2014-01-19 21:29 - 00688992 ____R (Swearware) C:\Users\Frank\Downloads\dds.com
2014-01-19 21:15 - 2014-01-19 21:15 - 00002975 _____ C:\Users\Frank\Desktop\HiJackThis.lnk
2014-01-19 21:15 - 2014-01-19 21:15 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-19 21:15 - 2014-01-19 21:15 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-18 15:20 - 2014-01-18 15:20 - 01402880 _____ C:\Users\Frank\Downloads\HiJackThis.msi
2014-01-18 14:47 - 2014-01-18 15:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-18 14:47 - 2014-01-18 14:47 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-18 14:47 - 2014-01-18 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:46 - 2014-01-18 15:16 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2014-01-18 14:46 - 2014-01-18 14:46 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-18 14:45 - 2014-01-18 14:45 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1008.exe
2014-01-18 14:44 - 2014-01-18 14:44 - 00035904 _____ (VirusBlokAda Ltd.) C:\Windows\SysWOW64\Drivers\wjlp1uza.sys
2014-01-18 14:43 - 2014-01-18 14:43 - 00000000 ____D C:\Users\Frank\Downloads\vba32arkit
2014-01-18 14:42 - 2014-01-18 14:42 - 01472131 _____ C:\Users\Frank\Downloads\vba32arkit.zip
2014-01-17 23:53 - 2014-01-17 23:53 - 00000000 _____ C:\autoexec.bat
2014-01-17 23:51 - 2014-01-17 23:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-17 23:49 - 2014-01-18 09:31 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 23:48 - 2014-01-17 23:48 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2014-01-17 23:25 - 2014-01-17 23:25 - 00023040 _____ (Microsoft Corporation) C:\Users\Frank\Downloads\chktrust.exe
2014-01-17 23:22 - 2014-01-17 23:22 - 01931088 _____ (Symantec Corporation) C:\Users\Frank\Downloads\FixTDSS.exe
2014-01-17 22:03 - 2014-01-17 22:04 - 00000000 ___HD C:\ProgramData\{3CC94C07-8A93-4B85-9448-4BD335E44494}
2014-01-17 11:20 - 2014-01-17 11:20 - 00000045 _____ C:\Users\Frank\Documents\Leslie Internet.txt
2014-01-17 09:35 - 2014-01-17 09:35 - 00001637 _____ C:\Users\Frank\Desktop\IfoEdit - Shortcut.lnk
2014-01-17 09:34 - 2014-01-17 09:34 - 00000000 ____D C:\Users\Frank\Downloads\ifoedit096
2014-01-17 09:33 - 2014-01-17 09:33 - 00455632 _____ C:\Users\Frank\Downloads\ifoedit096.zip
2014-01-17 08:53 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-17 08:53 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-17 08:53 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 17:59 - 2014-01-12 17:59 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2014-01-12 17:59 - 2014-01-12 17:59 - 00000000 ____D C:\Program Files (x86)\Safari
2014-01-12 17:40 - 2014-01-12 17:43 - 38494576 _____ (Apple Inc.) C:\Users\Frank\Downloads\SafariSetup.exe
2014-01-12 11:30 - 2014-01-12 11:30 - 01044308 _____ C:\Users\Frank\AppData\Local\census.cache
2014-01-12 11:28 - 2014-01-12 11:28 - 00249360 _____ C:\Users\Frank\AppData\Local\ars.cache
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCR71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCR100.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCP71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCP100.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\ATL71.DLL
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\atiumdva.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\atiumdag.dll
2014-01-12 08:05 - 2014-01-12 08:05 - 00000036 _____ C:\Users\Frank\AppData\Local\housecall.guid.cache
2014-01-12 08:05 - 2013-09-02 08:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-01-12 08:00 - 2014-01-12 08:00 - 02467424 _____ (Trend Micro Inc.) C:\Users\Frank\Downloads\HousecallLauncher64.exe
2014-01-10 22:51 - 2014-01-10 22:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2014-01-10 22:51 - 2014-01-10 22:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2014-01-09 19:26 - 2014-01-09 19:26 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-09 19:26 - 2014-01-09 19:26 - 00002024 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-09 19:26 - 2014-01-09 19:26 - 00001964 _____ C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-01-09 19:19 - 2014-01-09 19:19 - 00001730 _____ C:\Users\Frank\Downloads\license.avastlic
2014-01-09 19:11 - 2014-01-09 19:11 - 00000000 ____D C:\Users\Frank\AppData\Roaming\AVAST Software
2014-01-09 19:10 - 2014-01-22 07:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-09 19:10 - 2014-01-09 19:10 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-09 19:10 - 2014-01-09 19:10 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1389291050
2014-01-09 19:10 - 2014-01-09 19:10 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-09 19:09 - 2014-01-09 19:09 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-09 19:08 - 2014-01-09 19:08 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-09 19:05 - 2014-01-09 19:07 - 91412976 _____ (AVAST Software) C:\Users\Frank\Downloads\avast_free_antivirus_setup.exe
2014-01-09 15:54 - 2014-01-09 15:54 - 00000000 ____D C:\Users\Frank\Documents\Frank's Folder
2014-01-09 00:00 - 2014-01-09 00:09 - 54211072 _____ C:\Users\Frank\Downloads\calibre-1.18.0.msi
2014-01-08 18:14 - 2014-01-08 18:14 - 00000000 ____D C:\Users\Frank\AppData\Roaming\OpenOffice
2014-01-07 20:38 - 2014-01-07 20:38 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-07 20:32 - 2014-01-07 20:32 - 00000000 ____D C:\Users\Frank\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-07 19:39 - 2014-01-07 19:39 - 00000000 _____ C:\t18k.2
2014-01-07 19:39 - 2014-01-07 19:39 - 00000000 _____ C:\t18k.1
2014-01-07 19:22 - 2014-01-07 19:22 - 00000000 ____D C:\Users\Frank\Documents\Windows 7 Bible
2014-01-04 15:09 - 2014-01-04 15:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Users\Frank\Documents\PDF Architect Files
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Users\Frank\AppData\Roaming\pdfforge
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2014-01-02 22:41 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-01-02 22:40 - 2014-01-02 22:45 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2014-01-02 22:40 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-01-02 22:40 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-01-02 22:40 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-01-02 20:01 - 2014-01-02 20:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-02 20:01 - 2014-01-02 20:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-02 13:39 - 2014-01-02 13:39 - 00034653 _____ C:\Users\Frank\Downloads\hs_err_pid5732.log
2014-01-01 19:34 - 2014-01-01 19:34 - 00000769 _____ C:\Users\Frank\Downloads\links.txt
2014-01-01 10:04 - 2014-01-01 10:04 - 00000016 _____ C:\Users\Frank\Documents\Katchia's House Network.txt
2013-12-29 21:07 - 2013-12-29 21:07 - 00034694 _____ C:\Users\Frank\Downloads\hs_err_pid8100.log
2013-12-29 16:49 - 2014-01-19 09:31 - 00000026 _____ C:\Windows\dvdSanta.INI
2013-12-29 16:16 - 2014-01-19 01:35 - 00000000 ____D C:\Users\Frank\AppData\Roaming\dvdcss
2013-12-29 15:00 - 2013-12-29 15:01 - 10623051 _____ C:\Users\Frank\Documents\smime.p7m
2013-12-29 14:18 - 2013-12-29 14:18 - 00000000 ____D C:\Users\Frank\Downloads\SCRx31CCID_fw5.25
2013-12-29 14:08 - 2013-12-29 14:08 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Easeware
2013-12-28 12:14 - 2013-11-13 12:37 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-28 12:14 - 2013-11-13 12:37 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-28 12:14 - 2013-11-13 12:37 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-28 11:03 - 2013-12-28 11:03 - 00000000 ____D C:\Users\Frank\AppData\Local\Avg2014
2013-12-28 10:59 - 2014-01-22 19:30 - 00007603 _____ C:\Users\Frank\AppData\Local\Resmon.ResmonCfg
2013-12-28 10:54 - 2013-12-28 10:55 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-28 10:54 - 2013-12-28 10:54 - 00000000 ____D C:\Users\Frank\AppData\Roaming\TuneUp Software
2013-12-28 10:53 - 2013-12-28 10:53 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 10:42 - 2013-12-28 10:42 - 00000000 ____D C:\Users\Frank\Downloads\New folder
2013-12-28 10:42 - 2013-12-28 10:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\OpenCandy

==================== One Month Modified Files and Folders =======

2014-01-22 19:30 - 2013-12-28 10:59 - 00007603 _____ C:\Users\Frank\AppData\Local\Resmon.ResmonCfg
2014-01-22 19:23 - 2014-01-22 19:22 - 00024593 _____ C:\Users\Frank\Downloads\FRST.txt
2014-01-22 19:21 - 2014-01-22 19:21 - 02077184 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-01-22 19:21 - 2014-01-22 19:21 - 00000000 ____D C:\FRST
2014-01-22 19:05 - 2013-11-18 07:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 18:57 - 2013-11-15 06:57 - 00000292 _____ C:\Windows\Tasks\UpdaterEX.job
2014-01-22 17:05 - 2013-11-13 08:47 - 01978255 _____ C:\Windows\WindowsUpdate.log
2014-01-22 16:50 - 2013-11-23 16:26 - 00000000 ____D C:\Program Files (x86)\Mimo
2014-01-22 16:29 - 2009-07-14 05:51 - 00061991 _____ C:\Windows\setupact.log
2014-01-22 14:32 - 2014-01-22 14:32 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller(1).zip
2014-01-22 14:32 - 2014-01-22 14:32 - 00000000 ____D C:\Users\Frank\Downloads\tdsskiller(1)
2014-01-22 14:31 - 2014-01-22 14:31 - 00000000 ____D C:\Users\Frank\Downloads\tdsskiller
2014-01-22 14:31 - 2014-01-22 14:30 - 02218636 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2014-01-22 13:50 - 2013-11-23 16:26 - 00000000 ____D C:\Users\Frank\Downloads\Mimo
2014-01-22 12:39 - 2009-07-14 06:13 - 00777164 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 11:45 - 2013-11-13 07:10 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFrank
2014-01-22 11:45 - 2013-11-13 07:10 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForFrank.job
2014-01-22 11:24 - 2013-12-02 19:18 - 00000000 ____D C:\Users\Frank\Downloads\Edit Project
2014-01-22 11:07 - 2014-01-22 11:07 - 00000000 ____D C:\Users\Frank\Documents\My PSP Files
2014-01-22 07:27 - 2014-01-09 19:10 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-22 00:55 - 2009-07-14 05:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 00:55 - 2009-07-14 05:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 00:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 22:42 - 2014-01-21 22:42 - 00000000 ____D C:\Users\Frank\Downloads\The Who-Who's Next SHM-CD Japan 2013)
2014-01-21 16:44 - 2013-11-26 06:40 - 00000000 ____D C:\Users\Frank\AppData\Local\QuickPar
2014-01-21 08:20 - 2013-11-20 07:48 - 00000000 ____D C:\Users\Frank\AppData\Roaming\vlc
2014-01-21 07:47 - 2014-01-21 07:33 - 00000000 ____D C:\Users\Frank\Downloads\Despicable Me 2 (SoundTrack) 2013
2014-01-21 00:57 - 2013-12-19 00:57 - 00000084 _____ C:\Users\Frank\AppData\Roaming\WB.CFG
2014-01-20 01:11 - 2014-01-20 01:11 - 00431864 _____ () C:\Users\Frank\Downloads\FlixsterSetup.exe
2014-01-20 00:40 - 2014-01-20 00:39 - 00000000 ____D C:\Users\Frank\Documents\aBooks
2014-01-19 22:35 - 2013-11-16 13:10 - 00000000 ____D C:\Users\Frank\Downloads\CM-128176-SEP 11 RU 6 64 bit
2014-01-19 21:52 - 2014-01-19 21:52 - 00004436 _____ C:\Users\Frank\Desktop\attach.zip
2014-01-19 21:36 - 2014-01-19 21:36 - 00000000 ____D C:\Users\Frank\Desktop\DDS
2014-01-19 21:34 - 2014-01-19 21:34 - 00027531 _____ C:\Users\Frank\Desktop\dds.txt
2014-01-19 21:34 - 2014-01-19 21:34 - 00012849 _____ C:\Users\Frank\Desktop\attach.txt
2014-01-19 21:29 - 2014-01-19 21:29 - 00688992 ____R (Swearware) C:\Users\Frank\Downloads\dds.com
2014-01-19 21:27 - 2013-11-24 21:05 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-19 21:27 - 2013-11-15 16:13 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-19 21:15 - 2014-01-19 21:15 - 00002975 _____ C:\Users\Frank\Desktop\HiJackThis.lnk
2014-01-19 21:15 - 2014-01-19 21:15 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-19 21:15 - 2014-01-19 21:15 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-19 20:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 20:25 - 2013-11-18 07:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-19 20:25 - 2013-11-18 07:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-19 20:25 - 2013-11-18 07:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-19 09:31 - 2013-12-29 16:49 - 00000026 _____ C:\Windows\dvdSanta.INI
2014-01-19 09:12 - 2013-11-30 22:07 - 00000000 ____D C:\Program Files (x86)\dvdSanta
2014-01-19 09:12 - 2013-11-30 22:07 - 00000000 ____D C:\dvdsanta
2014-01-19 01:35 - 2013-12-29 16:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\dvdcss
2014-01-18 17:05 - 2013-11-23 16:14 - 00002126 _____ C:\Users\Frank\Downloads\FTH.txt
2014-01-18 16:25 - 2013-11-13 07:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\HpUpdate
2014-01-18 15:20 - 2014-01-18 15:20 - 01402880 _____ C:\Users\Frank\Downloads\HiJackThis.msi
2014-01-18 15:16 - 2014-01-18 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-18 15:16 - 2014-01-18 14:46 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2014-01-18 14:47 - 2014-01-18 14:47 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-18 14:47 - 2014-01-18 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:46 - 2014-01-18 14:46 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-18 14:45 - 2014-01-18 14:45 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1008.exe
2014-01-18 14:44 - 2014-01-18 14:44 - 00035904 _____ (VirusBlokAda Ltd.) C:\Windows\SysWOW64\Drivers\wjlp1uza.sys
2014-01-18 14:43 - 2014-01-18 14:43 - 00000000 ____D C:\Users\Frank\Downloads\vba32arkit
2014-01-18 14:42 - 2014-01-18 14:42 - 01472131 _____ C:\Users\Frank\Downloads\vba32arkit.zip
2014-01-18 09:31 - 2014-01-17 23:49 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-17 23:53 - 2014-01-17 23:53 - 00000000 _____ C:\autoexec.bat
2014-01-17 23:51 - 2014-01-17 23:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-17 23:48 - 2014-01-17 23:48 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2014-01-17 23:36 - 2013-11-17 14:53 - 00000442 _____ C:\Users\Frank\Documents\dIGITAL mOVIE cODES.txt
2014-01-17 23:25 - 2014-01-17 23:25 - 00023040 _____ (Microsoft Corporation) C:\Users\Frank\Downloads\chktrust.exe
2014-01-17 23:22 - 2014-01-17 23:22 - 01931088 _____ (Symantec Corporation) C:\Users\Frank\Downloads\FixTDSS.exe
2014-01-17 22:56 - 2009-07-14 05:45 - 00489944 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 22:30 - 2013-11-16 09:28 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 22:24 - 2013-11-16 09:28 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 22:04 - 2014-01-17 22:03 - 00000000 ___HD C:\ProgramData\{3CC94C07-8A93-4B85-9448-4BD335E44494}
2014-01-17 22:04 - 2013-11-28 08:41 - 00000000 ____D C:\Program Files (x86)\VyprVPN
2014-01-17 20:21 - 2013-11-13 21:00 - 00000000 ____D C:\Users\Frank\AppData\Roaming\CyberLink
2014-01-17 20:21 - 2009-10-31 11:59 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-17 16:17 - 2013-11-16 14:01 - 00000000 ____D C:\Users\Frank\AppData\Roaming\HandBrake
2014-01-17 11:20 - 2014-01-17 11:20 - 00000045 _____ C:\Users\Frank\Documents\Leslie Internet.txt
2014-01-17 09:35 - 2014-01-17 09:35 - 00001637 _____ C:\Users\Frank\Desktop\IfoEdit - Shortcut.lnk
2014-01-17 09:34 - 2014-01-17 09:34 - 00000000 ____D C:\Users\Frank\Downloads\ifoedit096
2014-01-17 09:33 - 2014-01-17 09:33 - 00455632 _____ C:\Users\Frank\Downloads\ifoedit096.zip
2014-01-12 18:15 - 2013-11-15 07:00 - 00000000 ____D C:\Users\Frank\AppData\Local\Apple Computer
2014-01-12 18:00 - 2013-11-15 07:00 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Apple Computer
2014-01-12 17:59 - 2014-01-12 17:59 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2014-01-12 17:59 - 2014-01-12 17:59 - 00000000 ____D C:\Program Files (x86)\Safari
2014-01-12 17:43 - 2014-01-12 17:40 - 38494576 _____ (Apple Inc.) C:\Users\Frank\Downloads\SafariSetup.exe
2014-01-12 15:52 - 2013-11-28 08:42 - 00008011 _____ C:\Windows\SysWOW64\vyprVPN.log
2014-01-12 12:35 - 2013-12-07 13:01 - 00000000 ____D C:\Users\Frank\Documents\ePubs
2014-01-12 11:30 - 2014-01-12 11:30 - 01044308 _____ C:\Users\Frank\AppData\Local\census.cache
2014-01-12 11:28 - 2014-01-12 11:28 - 00249360 _____ C:\Users\Frank\AppData\Local\ars.cache
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCR71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCR100.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCP71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\MSVCP100.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\ATL71.DLL
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\atiumdva.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ C:\Windows\system32\atiumdag.dll
2014-01-12 08:26 - 2013-11-16 13:14 - 00000000 ____D C:\Users\Frank\Downloads\DBsign
2014-01-12 08:05 - 2014-01-12 08:05 - 00000036 _____ C:\Users\Frank\AppData\Local\housecall.guid.cache
2014-01-12 08:00 - 2014-01-12 08:00 - 02467424 _____ (Trend Micro Inc.) C:\Users\Frank\Downloads\HousecallLauncher64.exe
2014-01-11 22:04 - 2009-10-31 12:16 - 00000000 ____D C:\Program Files (x86)\HP
2014-01-11 22:03 - 2013-11-13 08:48 - 00000000 ____D C:\Windows\Hewlett-Packard
2014-01-10 22:53 - 2013-11-13 07:12 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2014-01-10 22:51 - 2014-01-10 22:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2014-01-10 22:51 - 2014-01-10 22:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2014-01-10 22:51 - 2013-11-18 07:33 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2014-01-10 22:51 - 2009-10-31 11:37 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-09 19:28 - 2013-11-13 08:49 - 00221128 _____ C:\Windows\PFRO.log
2014-01-09 19:26 - 2014-01-09 19:26 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-09 19:26 - 2014-01-09 19:26 - 00002024 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-09 19:26 - 2014-01-09 19:26 - 00001964 _____ C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-01-09 19:19 - 2014-01-09 19:19 - 00001730 _____ C:\Users\Frank\Downloads\license.avastlic
2014-01-09 19:11 - 2014-01-09 19:11 - 00000000 ____D C:\Users\Frank\AppData\Roaming\AVAST Software
2014-01-09 19:10 - 2014-01-09 19:10 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-09 19:10 - 2014-01-09 19:10 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1389291050
2014-01-09 19:10 - 2014-01-09 19:10 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-09 19:10 - 2014-01-09 19:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-09 19:09 - 2014-01-09 19:09 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-09 19:08 - 2014-01-09 19:08 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-09 19:07 - 2014-01-09 19:05 - 91412976 _____ (AVAST Software) C:\Users\Frank\Downloads\avast_free_antivirus_setup.exe
2014-01-09 15:54 - 2014-01-09 15:54 - 00000000 ____D C:\Users\Frank\Documents\Frank's Folder
2014-01-09 00:09 - 2014-01-09 00:00 - 54211072 _____ C:\Users\Frank\Downloads\calibre-1.18.0.msi
2014-01-08 23:58 - 2013-12-07 16:30 - 00000000 ____D C:\Users\Frank\Documents\Calibre Library
2014-01-08 18:14 - 2014-01-08 18:14 - 00000000 ____D C:\Users\Frank\AppData\Roaming\OpenOffice
2014-01-07 20:45 - 2013-11-13 07:08 - 00104536 _____ C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-07 20:38 - 2014-01-07 20:38 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-07 20:32 - 2014-01-07 20:32 - 00000000 ____D C:\Users\Frank\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-07 19:39 - 2014-01-07 19:39 - 00000000 _____ C:\t18k.2
2014-01-07 19:39 - 2014-01-07 19:39 - 00000000 _____ C:\t18k.1
2014-01-07 19:22 - 2014-01-07 19:22 - 00000000 ____D C:\Users\Frank\Documents\Windows 7 Bible
2014-01-06 19:42 - 2013-11-30 08:45 - 00005632 _____ C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 15:09 - 2014-01-04 15:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-02 22:45 - 2014-01-02 22:40 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Users\Frank\Documents\PDF Architect Files
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Users\Frank\AppData\Roaming\pdfforge
2014-01-02 22:41 - 2014-01-02 22:41 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2014-01-02 20:01 - 2014-01-02 20:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-02 20:01 - 2014-01-02 20:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-02 13:39 - 2014-01-02 13:39 - 00034653 _____ C:\Users\Frank\Downloads\hs_err_pid5732.log
2014-01-02 11:37 - 2013-11-16 13:27 - 00019067 _____ C:\Users\Frank\Documents\codes original.txt
2014-01-01 20:43 - 2013-11-26 06:39 - 00001011 _____ C:\Users\Frank\Desktop\QuickPar.lnk
2014-01-01 19:34 - 2014-01-01 19:34 - 00000769 _____ C:\Users\Frank\Downloads\links.txt
2014-01-01 10:04 - 2014-01-01 10:04 - 00000016 _____ C:\Users\Frank\Documents\Katchia's House Network.txt
2013-12-29 21:07 - 2013-12-29 21:07 - 00034694 _____ C:\Users\Frank\Downloads\hs_err_pid8100.log
2013-12-29 16:31 - 2013-11-13 07:10 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2013-12-29 15:01 - 2013-12-29 15:00 - 10623051 _____ C:\Users\Frank\Documents\smime.p7m
2013-12-29 14:18 - 2013-12-29 14:18 - 00000000 ____D C:\Users\Frank\Downloads\SCRx31CCID_fw5.25
2013-12-29 14:08 - 2013-12-29 14:08 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Easeware
2013-12-28 13:06 - 2013-11-30 22:21 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-28 12:14 - 2013-12-20 06:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 12:14 - 2009-10-31 12:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-28 11:03 - 2013-12-28 11:03 - 00000000 ____D C:\Users\Frank\AppData\Local\Avg2014
2013-12-28 10:55 - 2013-12-28 10:54 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-28 10:54 - 2013-12-28 10:54 - 00000000 ____D C:\Users\Frank\AppData\Roaming\TuneUp Software
2013-12-28 10:53 - 2013-12-28 10:53 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 10:42 - 2013-12-28 10:42 - 00000000 ____D C:\Users\Frank\Downloads\New folder
2013-12-28 10:42 - 2013-12-28 10:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\OpenCandy

Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\card_setup.exe
C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\Frank\AppData\Local\Temp\Extract.exe
C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Frank\AppData\Local\Temp\handbrake-setup.exe
C:\Users\Frank\AppData\Local\Temp\HPQSi.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\SHSetup.exe
C:\Users\Frank\AppData\Local\Temp\SP48159.exe
C:\Users\Frank\AppData\Local\Temp\SP48488.exe
C:\Users\Frank\AppData\Local\Temp\SP49392.exe
C:\Users\Frank\AppData\Local\Temp\sp58915.exe
C:\Users\Frank\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Frank\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Frank\AppData\Local\Temp\vlc-2.1.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-17 17:53

==================== End Of Log ============================

 

Addition was too large to attach so here it is below:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 01
Ran by Frank at 2014-01-22 19:32:02
Running from C:\Users\Frank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
ActivClient CAC x64 (Version: 6.2 - ActivIdentity)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (x32 Version: 11.0 - Adobe Systems, Inc.)
AMD USB Filter Driver (x32 Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ApproveIt Desktop (x32 Version: 6.50.25.1000 - Silanis Technology Inc.)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
Atheros Driver Installation Program (x32 Version: 9.0 - Atheros)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Pro Antivirus (x32 Version: 9.0.2011 - Avast Software)
Avid License Control (x32 Version: 6.0.0 - Avid Technology, Inc.)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (x32 Version: 1.16.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
ConverterLite 1.6.6.0 (x32 Version: 1.6.6.0 - ConverterLite)
Corel Paint Shop Pro Photo X2 (x32 Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (x32 Version: 12.0.0.0000 - Corel Corporation)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
dBpoweramp [ID Tag Update] Codec (x32 Version: Release 3 - Illustrate)
dBpoweramp CD Writer (x32 Version: Release 3.1 - Illustrate)
dBpoweramp DSP Effects (x32 Version: Release 6 - Illustrate)
dBpoweramp Music Converter (x32 Version: Release 14 - Illustrate)
dBpoweramp Windows Media Audio 10 Codec (x32 Version: Release 7 - Illustrate)
DBsign Web Signer (x32 Version: 2.3.6.0 - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Decrypter (Remove Only) (x32 Version:  - )
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Region+CSS Free 5.9.3.2 (x32 Version:  - Fengtao Software Inc.)
dvdSanta 4.50 (x32 Version:  - ZY Computing, Inc)
ENE CIR Receiver Driver (Version: 2.7.4.0 - ENE)
e-Sign Desktop 6.6 (x32 Version: 6.60.3.1000 - Silanis Technology Inc.)
Extended Update (HKCU Version:  - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FoxyDeal (x32 Version: 1.1.0 - R&E Media GmbH)
Free Video Joiner (x32 Version:  - FreeVideoJoiner.com)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiJackThis (x32 Version: 1.0.0 - Trend Micro)
HP 3D DriveGuard (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (x32 Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Document Manager 2.0 (Version: 2.0 - HP)
HP Games (x32 Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP MediaSmart DVD (x32 Version: 3.1.3402 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.1.3402 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (x32 Version: 3.1.2125 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.1.2125 - Hewlett-Packard) Hidden
HP MediaSmart Live TV (x32 Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Live TV (x32 Version: 3.1.2206 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3405 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3405 - Hewlett-Packard) Hidden
HP MediaSmart SlingPlayer (x32 Version: 3.0.1.64 - Sling Media, Inc.)
HP MediaSmart SmartMenu (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (x32 Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.1.2207 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.1.2207 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.1.0 - Hewlett-Packard)
HP Officejet 4500 G510n-z (Version: 13.0 - HP)
HP Quick Launch Buttons (x32 Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (x32 Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (x32 Version: 131.1.35898 - Hewlett-Packard)
HP Smart Web Printing (x32 Version: 131.1.35898 - Hewlett-Packard) Hidden
HP Smart Web Printing 4.5 (Version: 4.5 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP User Guides 0153 (x32 Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (x32 Version: 3.50.9.1 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKCU Version: 0.9.7 - Hulu LLC)
IBM Forms Viewer 4.0.0 (x32 Version: 4.0.0.1 - IBM)
IDT Audio (x32 Version: 1.0.6225.0 - IDT)
IrfanView (remove only) (x32 Version: 4.36 - Irfan Skiljan)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 15 (64-bit) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java™ 6 Update 31 (x32 Version: 6.0.310 - Oracle)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (x32 Version: 1.18.8.1 - LightScribe)
LiveUpdate 3.3 (Symantec Corporation) (x32 Version: 3.3.0.96 - Symantec Corporation)
Magic DVD Ripper V8.1.0 (x32 Version:  - Magic DVD Software, Inc.)
MagicDisc 2.7.106 (x32 Version:  - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Player Codec Pack 4.2.9 (x32 Version: 4.2.9 - Media Player Codec Pack)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (x32 Version: 3.0.566.0 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (x32 Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft S/MIME (x32 Version: 14.3.123.2 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Mimo (x32 Version: 0.2.5 - Mimo, Inc.)
Mobile Connection Manager (x32 Version:  - Mobile Connection Manager)
Monkey's Audio (x32 Version:  - )
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (x32 Version: 2.3.2-I003 - )
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.2 - pdfforge)
PhotoNow! (x32 Version: 1.1.6622 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6622 - CyberLink Corp.) Hidden
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickPar 0.9 (x32 Version: 0.9 - Peter B. Clements)
QuickSFV (Version: 3.0.0 - Totally Useful Software, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (Version: 13.0 - HP)
Sibelius 7 OpenType Fonts (x32 Version: 7.0.1 - Avid)
Sibelius 7.1.0.54 (Version: 7.1.0.54 - Avid)
Smart Card Manager (x32 Version: 1.0.1-6-1 - nabber.org)
Smart Card Manager 1.0.1-6 (x32 Version:  - Fedora)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Symantec Endpoint Protection (Version: 11.0.6000.550 - Symantec Corporation)
Synaptics Pointing Device Driver (Version: 14.0.0.3 - Synaptics Incorporated)
TAP-Windows 9.9.2 (Version: 9.9.2 - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update for Office 2007 (KB934528) (x32 Version:  - )
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
VyprVPN (x32 Version: 2.2.0.1728 - Golden Frog, Inc.)
VyprVPN (x32 Version: 2.2.0.1728 - Golden Frog, Inc.) Hidden
Wave Editor 3.3.2.0 (x32 Version: 3.3.2.0 - AbyssMedia.com)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (x32 Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
ZTE USB Driver (Version: 1.0.1.25_TME - ZTE Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08B7CDD1-A7EF-4AB9-9A81-16D4905E5D9F} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-07] (CL)
Task: {10B10EAB-397B-41A7-9701-F83E40E80129} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-07] (CL)
Task: {1DEACD90-E4C3-41A5-A1B7-9016E693E235} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {2ED8A8D3-B459-438E-AD61-7104414DDC96} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-07] (CyberLink Corp.)
Task: {32B0DE2D-8D23-4388-A927-C328EDEACEC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {6494E32F-A149-4566-982C-189F60AA8394} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {67C929B0-54E1-4824-A79F-C8C7D7B0201B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-09] (AVAST Software)
Task: {806A82DC-329E-4B5A-AEE2-FEAB3600FBD1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {810716B8-0575-436D-8696-E2F1D9BE6F64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {90C54711-E524-4247-8784-EC2FE0CD5BF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-01-14] (Microsoft)
Task: {9EC124EB-ADCF-468B-BBC4-BEC71C111775} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-07] (CL)
Task: {9F971FFE-E233-4784-8052-F8FFAE7EE528} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: {A88A5D4B-A4AC-4425-99B5-1C2DA35915A1} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-06] (CyberLink)
Task: {B31B1FE0-1488-481E-AEC6-288BA87A2F87} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {B887C594-2D04-4129-959B-50542D2309EE} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {D40009E7-68EF-4C9C-A86A-4585BAE26567} - System32\Tasks\HPCeeScheduleForFrank => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {E599402D-D741-43AD-AB62-72226A3E2721} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {EAC1CA22-CDCE-47BB-A9B0-0150A9AE0DE5} - System32\Tasks\UpdaterEX => C:\Users\Frank\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFrank.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Frank\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2009-10-03 00:46 - 2009-10-03 00:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-11-13 08:45 - 2013-11-13 08:45 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-10-07 07:56 - 2009-10-07 07:56 - 00090920 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\Common\MCEMediaStatus64.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ () C:\Windows\system32\MSVCP71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ () C:\Windows\system32\MSVCR71.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ () C:\Windows\system32\ATL71.DLL
2014-01-22 00:32 - 2014-01-21 23:40 - 02156032 _____ () C:\Program Files\AVAST Software\Avast\defs\14012101\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-20 21:35 - 2009-08-20 21:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 21:35 - 2009-08-20 21:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 21:35 - 2009-08-20 21:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-10-06 08:08 - 2009-10-06 08:08 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-01-09 19:10 - 2014-01-09 19:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ () C:\Windows\system32\atiumdag.dll
2014-01-12 09:12 - 2014-01-12 09:12 - 00000000 _____ () C:\Windows\system32\atiumdva.dll
2013-12-20 06:55 - 2013-12-20 06:55 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-20 06:55 - 2010-10-29 18:35 - 00055808 _____ () C:\Program Files (x86)\Mozilla Firefox\zlib1.dll
2014-01-19 20:25 - 2014-01-19 20:25 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
2013-11-16 15:06 - 2013-09-03 14:57 - 02924544 _____ () C:\Program Files (x86)\MagicDVDRipper\MDR.DLL
2013-11-16 15:06 - 2011-01-18 10:42 - 00071680 _____ () C:\Program Files (x86)\MagicDVDRipper\avi.dll
2013-11-16 15:06 - 2011-01-18 10:42 - 00110080 _____ () C:\Program Files (x86)\MagicDVDRipper\mdr2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2014 07:31:39 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\ProgramData\Symantec\Srtsp\Quarantine\trzEFC6.tmp by: Auto-Protect scan.  Action: Cleaned by Deletion.  Action Description: The file was deleted successfully.


System errors:
=============
Error: (01/22/2014 07:29:29 PM) (Source: Service Control Manager) (User: )
Description: The VyprVPN service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/22/2014 03:00:38 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer EASYBOX
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{498D088C-CAAE-4102-8634-D7751A537A05}.
The master browser is stopping or an election is being forced.

Error: (01/22/2014 00:44:47 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/22/2014 00:42:20 AM) (Source: DCOM) (User: )
Description: {84AC6BE7-8CF2-4E67-A80E-32ACD3D7C381}

Error: (01/21/2014 10:43:13 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/21/2014 06:28:36 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/21/2014 05:01:37 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer EASYBOX
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{498D088C-CAAE-4102-8634-D7751A537A05}.
The master browser is stopping or an election is being forced.

Error: (01/21/2014 05:00:53 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/21/2014 05:00:52 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/21/2014 05:00:51 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 68%
Total physical RAM: 3836.2 MB
Available physical RAM: 1213.16 MB
Total Pagefile: 7670.57 MB
Available Pagefile: 4445.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.18 GB) (Free:144.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.28 GB) (Free:2.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive f: (SAFE_HOUSE) (CDROM) (Total:7.59 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2B463001)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

 



#6 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 22 January 2014 - 07:55 PM

Please look through Symantec and avast! and see if you can tell me in more detail what they are detecting.  A full file path would be very helpful.  Also, are you having any problems with the computer like Google redirects, crashes, unwanted audio ads, etc?


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#7 frankmc98

frankmc98
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 23 January 2014 - 12:55 AM

Here is the log from Symantic but I have not yet located the same for Avast it's too large to attach ind each time I restart my computer the messages roll in and the file gets larger I have since deleted the files in quarantine from both programs

 

2C000A122E33,7,3,8,FRANK-PC,Frank,,,,,,,16777216,"New virus definition file loaded. Version: 160110b.",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311B,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp255889734.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,0d0c7c53-b9c4-46f7-8c2e-e3e24311b515,0,,
2C000A12311C,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzFB87.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,af248489-5793-47ee-8fed-e6af1ac79465,0,,
2C000A12311C,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp216381934.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,6d659867-38cd-4c6d-85f8-77fed9488276,0,,
2C000A12311C,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\Windows\TEMP\_avast_\unp255889734.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311C,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzF9E0.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,a01f2a3c-1c02-4aea-90ce-d34aea85a03e,0,,
2C000A12311C,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp255889734.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    0d0c7c53-b9c4-46f7-8c2e-e3e24311b515    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,8d695e5e-61bc-43d8-80e4-aa55cef4f51a,0,,
2C000A12311C,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp255889734.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    0d0c7c53-b9c4-46f7-8c2e-e3e24311b515    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,8d695e5e-61bc-43d8-80e4-aa55cef4f51a,0,,
2C000A12311C,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp255889734.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    0d0c7c53-b9c4-46f7-8c2e-e3e24311b515    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,8d695e5e-61bc-43d8-80e4-aa55cef4f51a,0,,
2C000A12311D,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\ProgramData\Symantec\SRTSP\Quarantine\trzFB87.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311D,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzFB87.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    af248489-5793-47ee-8fed-e6af1ac79465    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,6ab2033c-cd57-4792-83b9-cf17d5c0d1df,0,,
2C000A12311C,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp58466592.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,ea3e644c-8c43-4ada-9dd1-a66b4bc8c04e,0,,
2C000A12311D,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzFB87.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    af248489-5793-47ee-8fed-e6af1ac79465    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,6ab2033c-cd57-4792-83b9-cf17d5c0d1df,0,,
2C000A12311D,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzFB87.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    af248489-5793-47ee-8fed-e6af1ac79465    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,6ab2033c-cd57-4792-83b9-cf17d5c0d1df,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp175082630.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,1708439f-8741-41f6-a645-a7ac05589836,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trz61.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,bb61dfe8-111d-4bb7-822e-931cfe5fba5c,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzA1.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,834944e3-1ed3-44e2-b575-ac45f2db263a,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp58413528.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,d000cd20-f400-4c92-8b65-8622431be98d,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp210460705.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,9f55bcae-a636-46c5-8a86-e15ec547568d,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trz767.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,bfdef3aa-4807-450f-a606-5750d96c262d,0,,
2C000A12311E,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\Windows\TEMP\_avast_\unp216381934.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trz7A7.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,e3f9e67b-4e42-4178-ba00-a94854277369,0,,
2C000A12311E,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp216381934.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    6d659867-38cd-4c6d-85f8-77fed9488276    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,b329e10a-2fec-4e52-96e0-c98c2fbf7dcf,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp216381934.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    6d659867-38cd-4c6d-85f8-77fed9488276    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,b329e10a-2fec-4e52-96e0-c98c2fbf7dcf,0,,
2C000A12311E,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp216381934.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    6d659867-38cd-4c6d-85f8-77fed9488276    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,b329e10a-2fec-4e52-96e0-c98c2fbf7dcf,0,,
2C000A12311E,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\ProgramData\Symantec\SRTSP\Quarantine\trzF9E0.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311E,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzF9E0.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    a01f2a3c-1c02-4aea-90ce-d34aea85a03e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,45a06322-77af-4999-bf63-806030bb1cf0,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzF9E0.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    a01f2a3c-1c02-4aea-90ce-d34aea85a03e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,45a06322-77af-4999-bf63-806030bb1cf0,0,,
2C000A12311E,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trzF9E0.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    a01f2a3c-1c02-4aea-90ce-d34aea85a03e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,45a06322-77af-4999-bf63-806030bb1cf0,0,,
2C000A12311E,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\Windows\TEMP\_avast_\unp58466592.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\ProgramData\Symantec\SRTSP\Quarantine\trz7F6.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,01cc1a93-b182-4191-845a-d229c496c82d,0,,
2C000A12311E,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp58466592.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    ea3e644c-8c43-4ada-9dd1-a66b4bc8c04e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,c48d19c2-71df-4527-a527-fb1ea4ee8b0f,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp58466592.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    ea3e644c-8c43-4ada-9dd1-a66b4bc8c04e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,c48d19c2-71df-4527-a527-fb1ea4ee8b0f,0,,
2C000A12311E,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp58466592.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    ea3e644c-8c43-4ada-9dd1-a66b4bc8c04e    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,c48d19c2-71df-4527-a527-fb1ea4ee8b0f,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp93955662.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,aab0f67e-8bcf-47bd-8db7-480d3be86e2d,0,,
2C000A12311E,20,2,2,FRANK-PC,Frank,,,,,,,16777216,"Unable to create a backup of C:\Windows\TEMP\_avast_\unp175082630.tmp",0,,0,,,,,0,,,,,,,,,,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,,,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp200182244.tmp,5,1,14,256,37769284,"",0,,0,201    4    6    1    65542    0    0    0    0    0    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,06c4eb35-36eb-4f61-86ee-37ce06b5cec5,0,,
2C000A12311E,46,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp175082630.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    1708439f-8741-41f6-a645-a7ac05589836    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,bec86d07-8e8d-4f02-b63b-f5fd0a7c5752,0,,
2C000A12311E,5,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp175082630.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    1708439f-8741-41f6-a645-a7ac05589836    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-4C42-BFE7-7CB6CF50ECB7},,,,WORKGROUP,00:FF:63:F0:9D:08,11.0.6000.419,,,,,,,,,,,,,,,,0,,bec86d07-8e8d-4f02-b63b-f5fd0a7c5752,0,,
2C000A12311E,51,1,2,FRANK-PC,SYSTEM,Backdoor.Tidserv,C:\Windows\TEMP\_avast_\unp175082630.tmp,5,1,19,256,37769284,"",0,,0,101        0    0                Backdoor.Tidserv        0    0    1708439f-8741-41f6-a645-a7ac05589836    0,0,38034,0,1,0,0,0,0,,0,2,4,0,,{93A67159-20EE-



#8 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 23 January 2014 - 09:40 AM

Since you deleted the quarantined items are you still getting the alerts?  It looks to me like the two AVs are likely seeing that infection in each others quarantine.  Your logs don't show an active infection.

 

Regarding the two AV programs, it's never a good idea to run more than one.  It does not offer any more protection and in some cases can actually cause conflicts that result in less protection.  I'd recommend that you uninstall one or the other.

 

Run this for me also, please:

 

icon11.gif  Download TFC to your desktop

  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't,  manually reboot to ensure a complete clean


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#9 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 29 January 2014 - 09:06 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users