Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't get rid of pesky virus


  • Please log in to reply
9 replies to this topic

#1 Donnaoscar

Donnaoscar

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 09 October 2014 - 01:33 PM

Hi I seem to have a bad computer infection which I can't seem to get rid off have several trojan viruses that must have imbedded themselves deep into my system I have a avg internet security which has stopped trojan inject 2 and trojan.dork, I have tried removing them by ways of scans in safe mode, I'm not that clever when it comes to deleting them by registry editing and now am stuck? How do I remove these blinking Trojans???? Thanks


Edited by Orange Blossom, 09 October 2014 - 01:56 PM.
Moved from Vista to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 PM

Posted 09 October 2014 - 03:16 PM

Hello, the inject Trojans are very difficult to remove and some we may need specific tools.. Let's look at these logs first.
I recommend backing up important data and not doing any financial transactions on here until cleaned.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner
    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).

    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 01:08 PM

Here is report from minitoolbox

 

iniToolBox by Farbar  Version: 21-07-2014
Ran by Donna (administrator) on 10-10-2014 at 19:03:55
Running from "C:\Users\Donna\Downloads"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="Local Area Connection* 18" address=10.254.88.8
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Donna-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection* 18:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS Adapter
   Physical Address. . . . . . . . . : 00-FF-88-71-74-CF
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Physical Address. . . . . . . . . : 00-1E-4C-03-29-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5413:ed20:8bab:9cf3%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 10 October 2014 17:44:45
   Lease Expires . . . . . . . . . . : 11 October 2014 17:44:45
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 251665996
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-56-2A-34-00-1D-72-05-01-0D
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-1D-72-05-01-0D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{5CC00B90-C6F0-47E8-AA76-8517B41B4D72}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{86D7B9CF-3656-4800-AD2E-9AF961D26315}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 10:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 20:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{887174CF-EF0D-4D5A-8FC5-0B77C7C79CFD}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  8.8.8.8
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
 
Pinging google.com [62.252.169.172] with 32 bytes of data:
 
Reply from 62.252.169.172: bytes=32 time=61ms TTL=57
 
Reply from 62.252.169.172: bytes=32 time=13ms TTL=57
 
 
 
Ping statistics for 62.252.169.172:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 13ms, Maximum = 61ms, Average = 37ms
 
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=173ms TTL=44
 
Reply from 206.190.36.45: bytes=32 time=172ms TTL=44
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 172ms, Maximum = 173ms, Average = 172ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 21 ...00 ff 88 71 74 cf ...... Anchorfree HSS Adapter
 10 ...00 1e 4c 03 29 7c ...... Broadcom 802.11g Network Adapter
  8 ...00 1d 72 05 01 0d ...... Broadcom NetLink ™ Gigabit Ethernet
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{5CC00B90-C6F0-47E8-AA76-8517B41B4D72}
 20 ...00 00 00 00 00 00 00 e0  isatap.{86D7B9CF-3656-4800-AD2E-9AF961D26315}
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 23 ...00 00 00 00 00 00 00 e0  isatap.{887174CF-EF0D-4D5A-8FC5-0B77C7C79CFD}
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    281
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    281 fe80::/64                On-link
 10    281 fe80::5413:ed20:8bab:9cf3/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/10/2014 10:02:11 AM) (Source: Application Error) (User: )
Description: Faulting application N360.exe, version 12.11.4.4, time stamp 0x53f531a0, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000018,
process id 0xb04, application start time 0xN360.exe0.
 
Error: (10/09/2014 07:45:51 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0xd68, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:27:08 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x3e0, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:27:08 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x690, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:26:21 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (10/09/2014 07:19:16 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x12a4, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:19:15 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x1728, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:12:25 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x134c, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:08:01 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x121c, application start time 0xmbam.exe0.
 
Error: (10/09/2014 07:06:21 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x1550, application start time 0xmbam.exe0.
 
 
System errors:
=============
Error: (10/10/2014 05:45:25 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (10/10/2014 00:23:35 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (10/10/2014 10:02:16 AM) (Source: Service Control Manager) (User: )
Description: Windows Update
 
Error: (10/10/2014 09:57:22 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (10/10/2014 03:02:47 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (10/10/2014 02:52:25 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (10/10/2014 02:47:59 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (10/09/2014 09:53:59 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (10/09/2014 09:49:24 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (10/09/2014 09:31:57 PM) (Source: Service Control Manager) (User: )
Description: Windows Update
 
 
Microsoft Office Sessions:
=========================
Error: (10/10/2014 10:02:11 AM) (Source: Application Error)(User: )
Description: N360.exe12.11.4.453f531a0unknown0.0.0.000000000c000000500000018b0401cfe4683157dc98
 
Error: (10/09/2014 07:45:51 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd6801cfe3f13a27efb5
 
Error: (10/09/2014 07:27:08 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd3e001cfe3ee94f7a71c
 
Error: (10/09/2014 07:27:08 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd69001cfe3ee9da48da1
 
Error: (10/09/2014 07:26:21 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (10/09/2014 07:19:16 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd12a401cfe3ed8575f7ca
 
Error: (10/09/2014 07:19:15 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd172801cfe3ed86e3b0ca
 
Error: (10/09/2014 07:12:25 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd134c01cfe3ec891f750a
 
Error: (10/09/2014 07:08:01 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd121c01cfe3ebf527d18a
 
Error: (10/09/2014 07:06:21 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd155001cfe3ebb8acb9aa
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-10 17:46:26.951
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-10 17:46:26.468
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-10 17:46:25.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-10 17:46:25.501
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:55:31.481
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:55:30.904
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:55:30.202
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:55:29.640
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:41:25.428
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-09 21:41:24.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.3003 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 3.11.20070515 - Acer Inc.)
Acer Tour (HKLM\...\{94389919-B0AA-4882-9BE8-9F0B004ECA35}) (Version: 2.0.1003 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2012 (Version: 12.0.1872 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2092 - AVG Technologies) Hidden
AVG PC Tuneup 2011 10.0.0.24 (HKLM\...\AVG PC Tuneup 2011_is1) (Version: 10.0.0.24 - )
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}) (Version: 10.15.10 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 (HKLM\...\Business Contact Manager for Outlook 2007) (Version: 3.0.5828.0 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 (Version: 3.0.5828.0 - Microsoft Corporation) Hidden
calibre (HKLM\...\{F194B9D2-5BB0-4A36-912A-861DE0652181}) (Version: 1.23.0 - Kovid Goyal)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EBSCO Publishing Download Manager (HKLM\...\{1451479C-2331-43E3-A8C5-5D388EBE8969}) (Version: 1.0.3 - EBSCO Publishing)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Expat Shield 2.25 (HKLM\...\ExpatShield) (Version: 2.25 - AnchorFree)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version:  - )
HP Deskjet 2540 series Basic Device Software (HKLM\...\{928AC9CB-00D5-4D1E-B7D3-7BCB178081B5}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Mega Codec Pack 8.7.0 (HKLM\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Learning Lodge Navigator (HKLM\...\VTechDownloadManager) (Version:  - VTech)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.1.2047.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0008.97 - Mio Technology)
Mozilla Firefox 11.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 11.0 (x86 en-GB)) (Version: 11.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{05949FEF-E82C-468C-97D7-FF80BF0343CA}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5423 - Realtek Semiconductor Corp.)
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SolveigMM AVI Trimmer (HKLM\...\SolveigMM AVI Trimmer 2.0.1112.12) (Version: 2.0.1112.12 - Solveig Multimedia)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.0.3.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.14 - VSO Software)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinX DVD Ripper Platinum 6.0.2 (HKLM\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 80%
Total physical RAM: 1013.68 MB
Available physical RAM: 202.2 MB
Total Pagefile: 2291.69 MB
Available Pagefile: 647.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.05 MB
 
========================= Partitions: =====================================
 
1 Drive c: (ACER) (Fixed) (Total:32.38 GB) (Free:3.29 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:32.38 GB) (Free:8.97 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DONNA-PC
 
Administrator            Donna                    Guest                    
 
 
**** End of log ****


#4 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 01:14 PM

 TDSSKiller report
 
 
9:10:38.0318 0x1630  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:10:46.0772 0x1630  ============================================================
19:10:46.0773 0x1630  Current date / time: 2014/10/10 19:10:46.0772
19:10:46.0773 0x1630  SystemInfo:
19:10:46.0773 0x1630  
19:10:46.0773 0x1630  OS Version: 6.0.6002 ServicePack: 2.0
19:10:46.0773 0x1630  Product type: Workstation
19:10:46.0773 0x1630  ComputerName: DONNA-PC
19:10:46.0773 0x1630  UserName: Donna
19:10:46.0773 0x1630  Windows directory: C:\Windows
19:10:46.0773 0x1630  System windows directory: C:\Windows
19:10:46.0773 0x1630  Processor architecture: Intel x86
19:10:46.0773 0x1630  Number of processors: 1
19:10:46.0773 0x1630  Page size: 0x1000
19:10:46.0773 0x1630  Boot type: Normal boot
19:10:46.0774 0x1630  ============================================================
19:10:48.0648 0x1630  KLMD registered as C:\Windows\system32\drivers\63313903.sys
19:10:49.0762 0x1630  System UUID: {3EB56029-92D4-092E-0F95-0E70830B8592}
19:10:52.0408 0x1630  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:10:52.0408 0x1630  ============================================================
19:10:52.0408 0x1630  \Device\Harddisk0\DR0:
19:10:52.0408 0x1630  MBR partitions:
19:10:52.0408 0x1630  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x40C4800
19:10:52.0408 0x1630  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x544D000, BlocksNum 0x40C2000
19:10:52.0408 0x1630  ============================================================
19:10:52.0439 0x1630  C: <-> \Device\Harddisk0\DR0\Partition1
19:10:52.0486 0x1630  D: <-> \Device\Harddisk0\DR0\Partition2
19:10:52.0486 0x1630  ============================================================
19:10:52.0486 0x1630  Initialize success
19:10:52.0486 0x1630  ============================================================
19:11:08.0219 0x05a4  ============================================================
19:11:08.0219 0x05a4  Scan started
19:11:08.0219 0x05a4  Mode: Manual; 
19:11:08.0219 0x05a4  ============================================================
19:11:08.0219 0x05a4  KSN ping started
19:11:12.0149 0x05a4  KSN ping finished: true
19:11:15.0684 0x05a4  ================ Scan system memory ========================
19:11:15.0684 0x05a4  System memory - ok
19:11:15.0684 0x05a4  ================ Scan services =============================
19:11:15.0960 0x05a4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:11:15.0971 0x05a4  ACPI - ok
19:11:16.0098 0x05a4  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:16.0108 0x05a4  AdobeFlashPlayerUpdateSvc - ok
19:11:16.0228 0x05a4  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:11:16.0282 0x05a4  adp94xx - ok
19:11:16.0353 0x05a4  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:11:16.0367 0x05a4  adpahci - ok
19:11:16.0409 0x05a4  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:11:16.0415 0x05a4  adpu160m - ok
19:11:16.0453 0x05a4  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:11:16.0459 0x05a4  adpu320 - ok
19:11:16.0503 0x05a4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:11:16.0506 0x05a4  AeLookupSvc - ok
19:11:16.0566 0x05a4  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
19:11:16.0578 0x05a4  AFD - ok
19:11:16.0641 0x05a4  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:11:16.0644 0x05a4  agp440 - ok
19:11:16.0672 0x05a4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:11:16.0676 0x05a4  aic78xx - ok
19:11:16.0705 0x05a4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
19:11:16.0709 0x05a4  ALG - ok
19:11:16.0747 0x05a4  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:11:16.0749 0x05a4  aliide - ok
19:11:16.0762 0x05a4  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:11:16.0765 0x05a4  amdagp - ok
19:11:16.0799 0x05a4  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:11:16.0801 0x05a4  amdide - ok
19:11:16.0860 0x05a4  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:11:16.0863 0x05a4  AmdK7 - ok
19:11:16.0906 0x05a4  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:11:16.0909 0x05a4  AmdK8 - ok
19:11:16.0958 0x05a4  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
19:11:16.0960 0x05a4  Appinfo - ok
19:11:17.0103 0x05a4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:17.0144 0x05a4  Apple Mobile Device - ok
19:11:17.0170 0x05a4  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
19:11:17.0176 0x05a4  arc - ok
19:11:17.0269 0x05a4  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:11:17.0273 0x05a4  arcsas - ok
19:11:17.0536 0x05a4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:11:17.0612 0x05a4  aspnet_state - ok
19:11:17.0665 0x05a4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:17.0667 0x05a4  AsyncMac - ok
19:11:17.0737 0x05a4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
19:11:17.0739 0x05a4  atapi - ok
19:11:17.0797 0x05a4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:11:17.0809 0x05a4  AudioEndpointBuilder - ok
19:11:17.0863 0x05a4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:11:17.0872 0x05a4  Audiosrv - ok
19:11:17.0947 0x05a4  [ FD49555C8235ABE2C6F22AF62EDB694E, A665B4EF64A59E72EB78DBCA1B38A84D0033CDDFAAD32A1788464AB9921B76EA ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:17.0970 0x05a4  b57nd60x - ok
19:11:18.0104 0x05a4  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
19:11:18.0112 0x05a4  BBSvc - ok
19:11:18.0137 0x05a4  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
19:11:18.0147 0x05a4  BBUpdate - ok
19:11:18.0274 0x05a4  [ 746F59822A5187510471FC46889B8CC9, 7D731460D5EE677C19C632366E3B055AD10B1E65808AE10D3E082641C9F705FF ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
19:11:18.0308 0x05a4  BCM43XV - ok
19:11:18.0357 0x05a4  [ 746F59822A5187510471FC46889B8CC9, 7D731460D5EE677C19C632366E3B055AD10B1E65808AE10D3E082641C9F705FF ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
19:11:18.0372 0x05a4  BCM43XX - ok
19:11:18.0407 0x05a4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:11:18.0448 0x05a4  Beep - ok
19:11:18.0523 0x05a4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
19:11:18.0552 0x05a4  BFE - ok
19:11:18.0902 0x05a4  [ 61FE6EEED1EE7694C1C709661F7136D3, 55D8E46AFAA11519F1FF1AFB4FE565ABF8358D6E62D411D73C15EB72590F3635 ] BHDrvx86        C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys
19:11:19.0280 0x05a4  BHDrvx86 - ok
19:11:19.0378 0x05a4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
19:11:19.0434 0x05a4  BITS - ok
19:11:19.0445 0x05a4  blbdrive - ok
19:11:19.0543 0x05a4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:11:19.0564 0x05a4  Bonjour Service - ok
19:11:19.0645 0x05a4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:11:19.0649 0x05a4  bowser - ok
19:11:19.0728 0x05a4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:11:19.0732 0x05a4  BrFiltLo - ok
19:11:19.0747 0x05a4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:11:19.0750 0x05a4  BrFiltUp - ok
19:11:19.0792 0x05a4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
19:11:19.0796 0x05a4  Browser - ok
19:11:19.0853 0x05a4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:11:19.0857 0x05a4  Brserid - ok
19:11:19.0877 0x05a4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:11:19.0881 0x05a4  BrSerWdm - ok
19:11:19.0926 0x05a4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:11:19.0928 0x05a4  BrUsbMdm - ok
19:11:19.0947 0x05a4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:11:19.0949 0x05a4  BrUsbSer - ok
19:11:19.0964 0x05a4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:11:19.0967 0x05a4  BTHMODEM - ok
19:11:20.0101 0x05a4  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_N360      C:\Windows\system32\drivers\N360\1506000.020\ccSetx86.sys
19:11:20.0108 0x05a4  ccSet_N360 - ok
19:11:20.0158 0x05a4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:11:20.0162 0x05a4  cdfs - ok
19:11:20.0201 0x05a4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:11:20.0205 0x05a4  cdrom - ok
19:11:20.0279 0x05a4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
19:11:20.0282 0x05a4  CertPropSvc - ok
19:11:20.0335 0x05a4  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:11:20.0338 0x05a4  circlass - ok
19:11:20.0428 0x05a4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
19:11:20.0439 0x05a4  CLFS - ok
19:11:20.0585 0x05a4  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:20.0669 0x05a4  clr_optimization_v2.0.50727_32 - ok
19:11:20.0718 0x05a4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:20.0809 0x05a4  clr_optimization_v4.0.30319_32 - ok
19:11:20.0851 0x05a4  CLTNetCnService - ok
19:11:20.0929 0x05a4  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:11:20.0994 0x05a4  CmBatt - ok
19:11:21.0023 0x05a4  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:11:21.0027 0x05a4  cmdide - ok
19:11:21.0070 0x05a4  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:11:21.0088 0x05a4  Compbatt - ok
19:11:21.0102 0x05a4  COMSysApp - ok
19:11:21.0142 0x05a4  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:11:21.0144 0x05a4  crcdisk - ok
19:11:21.0161 0x05a4  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:11:21.0166 0x05a4  Crusoe - ok
19:11:21.0228 0x05a4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:11:21.0234 0x05a4  CryptSvc - ok
19:11:21.0343 0x05a4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:11:21.0377 0x05a4  DcomLaunch - ok
19:11:21.0441 0x05a4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:11:21.0445 0x05a4  DfsC - ok
19:11:21.0576 0x05a4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
19:11:21.0709 0x05a4  DFSR - ok
19:11:21.0869 0x05a4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:11:21.0878 0x05a4  Dhcp - ok
19:11:21.0954 0x05a4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
19:11:21.0957 0x05a4  disk - ok
19:11:22.0001 0x05a4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:11:22.0006 0x05a4  Dnscache - ok
19:11:22.0047 0x05a4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
19:11:22.0076 0x05a4  dot3svc - ok
19:11:22.0113 0x05a4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
19:11:22.0120 0x05a4  DPS - ok
19:11:22.0182 0x05a4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:11:22.0218 0x05a4  drmkaud - ok
19:11:22.0285 0x05a4  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:11:22.0319 0x05a4  DXGKrnl - ok
19:11:22.0381 0x05a4  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:11:22.0387 0x05a4  E1G60 - ok
19:11:22.0456 0x05a4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
19:11:22.0459 0x05a4  EapHost - ok
19:11:22.0529 0x05a4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:11:22.0556 0x05a4  Ecache - ok
19:11:22.0632 0x05a4  [ 8CEAC32AD17E06113DB87150C214E237, 2ECEB4216E7874E3240161B26D983B3D1202D30DDD2E524B1FA8A11690B0E239 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:11:22.0704 0x05a4  eeCtrl - ok
19:11:22.0765 0x05a4  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:11:22.0829 0x05a4  elxstor - ok
19:11:22.0912 0x05a4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:11:22.0946 0x05a4  EMDMgmt - ok
19:11:23.0033 0x05a4  [ 54BDBCA093814E7002723C424C0FA3F6, 677237F6898D0B96ADBB3C2BEFB6B15DF560005E31DC09799C0948C92497D58B ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:11:23.0087 0x05a4  EraserUtilRebootDrv - ok
19:11:23.0207 0x05a4  [ A7B084BFBBD582A843D2F5C35220F962, EFB87F3C42B475D2732ED125E290C5048539AB0B39087135779B380EF27FD84C ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
19:11:23.0211 0x05a4  eRecoveryService - ok
19:11:23.0279 0x05a4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
19:11:23.0311 0x05a4  EventSystem - ok
19:11:23.0368 0x05a4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:11:23.0433 0x05a4  exfat - ok
19:11:23.0652 0x05a4  [ 6C5B729C5934E2D8EC0BD6762AAE9251, 7705EFAAAB1D7FE1D0558DE25D9DF48792CFD02566933E6DC5AF599DC5EA821A ] ExpatShieldService C:\Program Files\Expat Shield\bin\openvpnas.exe
19:11:23.0885 0x05a4  ExpatShieldService - ok
19:11:23.0940 0x05a4  [ 2CFEA9C337B699ACA38487E8A7438F35, 2BD6718798A246C996109745107834AE8F768EA7A01EE305F162C65AA5F7D4EB ] ExpatSrv        C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
19:11:23.0961 0x05a4  ExpatSrv - ok
19:11:24.0018 0x05a4  [ C73830C0AA60BD62CBD16B45DA7D87FD, 26A961DF94D1950100BD73691DB7DFA3EF2BBA088157D3827A9A4F8072F400B4 ] ExpatTrayService C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE
19:11:24.0022 0x05a4  ExpatTrayService - ok
19:11:24.0037 0x05a4  ExpatWd - ok
19:11:24.0124 0x05a4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:11:24.0131 0x05a4  fastfat - ok
19:11:24.0200 0x05a4  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:11:24.0203 0x05a4  fdc - ok
19:11:24.0298 0x05a4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
19:11:24.0301 0x05a4  fdPHost - ok
19:11:24.0382 0x05a4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:11:24.0385 0x05a4  FDResPub - ok
19:11:24.0435 0x05a4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:11:24.0439 0x05a4  FileInfo - ok
19:11:24.0484 0x05a4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:11:24.0486 0x05a4  Filetrace - ok
19:11:24.0598 0x05a4  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:11:24.0600 0x05a4  flpydisk - ok
19:11:24.0644 0x05a4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:11:24.0652 0x05a4  FltMgr - ok
19:11:24.0721 0x05a4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
19:11:24.0766 0x05a4  FontCache - ok
19:11:24.0873 0x05a4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:24.0880 0x05a4  FontCache3.0.0.0 - ok
19:11:24.0925 0x05a4  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
19:11:24.0929 0x05a4  FsUsbExDisk - ok
19:11:24.0993 0x05a4  [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
19:11:25.0005 0x05a4  FsUsbExService - ok
19:11:25.0096 0x05a4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:11:25.0098 0x05a4  Fs_Rec - ok
19:11:25.0129 0x05a4  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:11:25.0181 0x05a4  gagp30kx - ok
19:11:25.0217 0x05a4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:11:25.0219 0x05a4  GEARAspiWDM - ok
19:11:25.0279 0x05a4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
19:11:25.0357 0x05a4  gpsvc - ok
19:11:25.0431 0x05a4  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:11:25.0441 0x05a4  HdAudAddService - ok
19:11:25.0510 0x05a4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:11:25.0544 0x05a4  HDAudBus - ok
19:11:25.0611 0x05a4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:11:25.0613 0x05a4  HidBth - ok
19:11:25.0694 0x05a4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:11:25.0697 0x05a4  HidIr - ok
19:11:25.0728 0x05a4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
19:11:25.0731 0x05a4  hidserv - ok
19:11:25.0758 0x05a4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:11:25.0760 0x05a4  HidUsb - ok
19:11:25.0838 0x05a4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:11:25.0842 0x05a4  hkmsvc - ok
19:11:25.0891 0x05a4  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:11:25.0893 0x05a4  HpCISSs - ok
19:11:25.0969 0x05a4  [ 82C47A85494249623F40E43C7B04051C, 97EF087B49219B68686914B250634FF67D13B7D3F81562614F108D2A40BEBA54 ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
19:11:25.0974 0x05a4  HPSupportSolutionsFrameworkService - ok
19:11:26.0054 0x05a4  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:11:26.0072 0x05a4  HSFHWAZL - ok
19:11:26.0160 0x05a4  [ 7BC42C65B5C6281777C1A7605B253BA8, 71885EB4E8625450ECA4623466FB3D5437DAABE739A5DC3B5F4CF982A65F8A86 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:11:26.0238 0x05a4  HSF_DPV - ok
19:11:26.0329 0x05a4  [ 06C9C9DE9AB51DAA5A83A838C7A58ADF, FE0811DD312BB645F63172AB0793B9D9027BD1EB72387F47E0EB7FFBCEFCC2CD ] HssDrv          C:\Windows\system32\DRIVERS\HssDrv.sys
19:11:26.0332 0x05a4  HssDrv - ok
19:11:26.0422 0x05a4  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E, A11CE324DD8E8BDFFDF513429C32D3C16EC79DC9A7517048587759B26BF38583 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:11:26.0432 0x05a4  HSXHWAZL - ok
19:11:26.0496 0x05a4  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:11:26.0517 0x05a4  HTTP - ok
19:11:26.0573 0x05a4  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:11:26.0576 0x05a4  i2omp - ok
19:11:26.0702 0x05a4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:11:26.0705 0x05a4  i8042prt - ok
19:11:26.0795 0x05a4  [ 204A73A56751C68C6031E9D5D611EC98, 02710099E3B1FE62FD207CB8952184C99FA5A69FF23734D0236E8F6B39BC596A ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:11:26.0813 0x05a4  IAANTMON - ok
19:11:26.0904 0x05a4  [ 2358C53F30CB9DCD1D3843C4E2F299B2, C3E5F2D60133B10DEA52AF11E192DFDC4160611F5F0A86ED66138DB91532CA4A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:11:26.0912 0x05a4  iaStor - ok
19:11:26.0969 0x05a4  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:11:27.0010 0x05a4  iaStorV - ok
19:11:27.0219 0x05a4  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:27.0343 0x05a4  idsvc - ok
19:11:27.0584 0x05a4  [ 938CE852BAEB639E61B7D2A077298F9F, A13496BFDDA4ECD0800A44FC47E7E7B526658238FC8D9957849C074A1E92AC48 ] IDSVix86        C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141009.002\IDSvix86.sys
19:11:27.0617 0x05a4  IDSVix86 - ok
19:11:27.0791 0x05a4  [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
19:11:27.0979 0x05a4  igfx - ok
19:11:28.0023 0x05a4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:11:28.0049 0x05a4  iirsp - ok
19:11:28.0110 0x05a4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:11:28.0133 0x05a4  IKEEXT - ok
19:11:28.0170 0x05a4  [ 9D64201C9E5AC8D1F088762BA00FF3AB, 1F83B0C828654B8C195A33CA4424AD9F9CFE411D503BB79986D7396DB9BBC994 ] int15           C:\Windows\system32\drivers\int15.sys
19:11:28.0265 0x05a4  int15 - ok
19:11:28.0410 0x05a4  [ 9438FE15DA89C6AACE8A79DB2C6F60C1, 9A298FFE670DBEAC0690AA3C39775AE93A85CAC268EDC445233EB3BF3785B5F0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:11:28.0543 0x05a4  IntcAzAudAddService - ok
19:11:28.0584 0x05a4  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
19:11:28.0586 0x05a4  intelide - ok
19:11:28.0632 0x05a4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:11:28.0635 0x05a4  intelppm - ok
19:11:28.0671 0x05a4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:11:28.0706 0x05a4  IPBusEnum - ok
19:11:28.0753 0x05a4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:28.0757 0x05a4  IpFilterDriver - ok
19:11:28.0806 0x05a4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:11:28.0815 0x05a4  iphlpsvc - ok
19:11:28.0823 0x05a4  IpInIp - ok
19:11:28.0863 0x05a4  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:11:28.0867 0x05a4  IPMIDRV - ok
19:11:28.0900 0x05a4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:11:28.0905 0x05a4  IPNAT - ok
19:11:28.0973 0x05a4  [ 781ABA6C29AD40259602703A328DAEC6, 2DB936C8DE6D4424C6A10D4200F3D7F97A3A129A3B1064A83AB9846C3A828BE0 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:11:29.0029 0x05a4  iPod Service - ok
19:11:29.0068 0x05a4  [ E50A95179211B12946F7E035D60AF560, 69765E2548BA708FF35545EC944DBA1940AD4065AF90E53B97A7792AC231DCF7 ] irda            C:\Windows\system32\DRIVERS\irda.sys
19:11:29.0073 0x05a4  irda - ok
19:11:29.0114 0x05a4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:11:29.0132 0x05a4  IRENUM - ok
19:11:29.0200 0x05a4  [ CBB0D940221A281BCFEAEA695BD1CDA5, D05D192019524A02FE3FAE6827B98A942FA1AD651BF7AA53530A8A6F4ADFB7EB ] Irmon           C:\Windows\System32\irmon.dll
19:11:29.0203 0x05a4  Irmon - ok
19:11:29.0297 0x05a4  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:11:29.0341 0x05a4  isapnp - ok
19:11:29.0396 0x05a4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:11:29.0404 0x05a4  iScsiPrt - ok
19:11:29.0457 0x05a4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:11:29.0461 0x05a4  iteatapi - ok
19:11:29.0485 0x05a4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:11:29.0488 0x05a4  iteraid - ok
19:11:29.0519 0x05a4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:11:29.0522 0x05a4  kbdclass - ok
19:11:29.0581 0x05a4  [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:11:29.0583 0x05a4  kbdhid - ok
19:11:29.0615 0x05a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
19:11:29.0617 0x05a4  KeyIso - ok
19:11:29.0698 0x05a4  [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A, 573681387B27FB2C8DC6612474B9BB8631F6CD3CED29AEBF91992606875724D2 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:11:29.0700 0x05a4  KMWDFILTER - ok
19:11:29.0749 0x05a4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:11:29.0783 0x05a4  KSecDD - ok
19:11:29.0863 0x05a4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:11:29.0886 0x05a4  KtmRm - ok
19:11:29.0942 0x05a4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:11:29.0949 0x05a4  LanmanServer - ok
19:11:29.0998 0x05a4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:11:30.0006 0x05a4  LanmanWorkstation - ok
19:11:30.0066 0x05a4  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:11:30.0070 0x05a4  LightScribeService - ok
19:11:30.0172 0x05a4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:11:30.0198 0x05a4  lltdio - ok
19:11:30.0246 0x05a4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:11:30.0269 0x05a4  lltdsvc - ok
19:11:30.0296 0x05a4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:11:30.0299 0x05a4  lmhosts - ok
19:11:30.0361 0x05a4  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:11:30.0386 0x05a4  LSI_FC - ok
19:11:30.0425 0x05a4  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:11:30.0429 0x05a4  LSI_SAS - ok
19:11:30.0443 0x05a4  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:11:30.0447 0x05a4  LSI_SCSI - ok
19:11:30.0497 0x05a4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:11:30.0501 0x05a4  luafv - ok
19:11:30.0544 0x05a4  lxda_device - ok
19:11:30.0558 0x05a4  MBAMSwissArmy - ok
19:11:30.0626 0x05a4  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:11:30.0628 0x05a4  mdmxsdk - ok
19:11:30.0692 0x05a4  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:11:30.0694 0x05a4  megasas - ok
19:11:30.0785 0x05a4  MFE_RR - ok
19:11:30.0816 0x05a4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
19:11:30.0819 0x05a4  MMCSS - ok
19:11:30.0878 0x05a4  MobilityService - ok
19:11:30.0959 0x05a4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
19:11:30.0962 0x05a4  Modem - ok
19:11:31.0026 0x05a4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:11:31.0029 0x05a4  monitor - ok
19:11:31.0075 0x05a4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:11:31.0077 0x05a4  mouclass - ok
19:11:31.0127 0x05a4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:11:31.0131 0x05a4  mouhid - ok
19:11:31.0168 0x05a4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:11:31.0172 0x05a4  MountMgr - ok
19:11:31.0207 0x05a4  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:11:31.0253 0x05a4  mpio - ok
19:11:31.0306 0x05a4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:11:31.0309 0x05a4  mpsdrv - ok
19:11:31.0416 0x05a4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:11:31.0447 0x05a4  MpsSvc - ok
19:11:31.0478 0x05a4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:11:31.0478 0x05a4  Mraid35x - ok
19:11:31.0494 0x05a4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:11:31.0510 0x05a4  MRxDAV - ok
19:11:31.0572 0x05a4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:31.0572 0x05a4  mrxsmb - ok
19:11:31.0603 0x05a4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:31.0619 0x05a4  mrxsmb10 - ok
19:11:31.0634 0x05a4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:31.0650 0x05a4  mrxsmb20 - ok
19:11:31.0697 0x05a4  [ 0D1C042188FFE61A702A9DF5944DE5BA, 3EB1B2A70BEF3AAB332B091E4C7DC1C28E1213A6121E8343668F263C09FC82FE ] msahci          C:\Windows\system32\drivers\msahci.sys
19:11:31.0697 0x05a4  msahci - ok
19:11:31.0790 0x05a4  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:11:31.0806 0x05a4  msdsm - ok
19:11:31.0837 0x05a4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
19:11:31.0853 0x05a4  MSDTC - ok
19:11:31.0900 0x05a4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:11:31.0900 0x05a4  Msfs - ok
19:11:31.0993 0x05a4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:11:31.0993 0x05a4  msisadrv - ok
19:11:32.0071 0x05a4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:11:32.0071 0x05a4  MSiSCSI - ok
19:11:32.0087 0x05a4  msiserver - ok
19:11:32.0103 0x05a4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:11:32.0103 0x05a4  MSKSSRV - ok
19:11:32.0164 0x05a4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:11:32.0165 0x05a4  MSPCLOCK - ok
19:11:32.0210 0x05a4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:11:32.0212 0x05a4  MSPQM - ok
19:11:32.0274 0x05a4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:11:32.0282 0x05a4  MsRPC - ok
19:11:32.0304 0x05a4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:11:32.0307 0x05a4  mssmbios - ok
19:11:32.0350 0x05a4  MSSQL$MSSMLBIZ - ok
19:11:32.0377 0x05a4  [ ADAF062116B4E6D96E44D26486A87AF6, 1A2EE7C4598E8442F24A5C97FEBF7AC6A20703F7EA9097B6E48BE4A05E231D8C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:11:32.0460 0x05a4  MSSQLServerADHelper - ok
19:11:32.0483 0x05a4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:11:32.0487 0x05a4  MSTEE - ok
19:11:32.0549 0x05a4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:11:32.0552 0x05a4  Mup - ok
19:11:32.0632 0x05a4  [ 58F25291031DE092C19F0E9320A23296, 3FF1568CC5E746C9196C2BF3D5CBF304B4D6CBAF3A36B438C95AB073EF0D670A ] MusCAudio       C:\Windows\system32\drivers\MusCAudio.sys
19:11:32.0635 0x05a4  MusCAudio - ok
19:11:32.0835 0x05a4  [ A0C88349651D9F5421AFD363C27102E8, 71D5F7EDAF47AB1376444CB648BFD86CEA36735EE42A9935BDB876DF8F765F45 ] N360            C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe
19:11:32.0848 0x05a4  N360 - ok
19:11:32.0896 0x05a4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
19:11:32.0909 0x05a4  napagent - ok
19:11:32.0964 0x05a4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:11:33.0053 0x05a4  NativeWifiP - ok
19:11:33.0171 0x05a4  [ 339D6CD79DFCB48EF125A89949ED54B4, D3C6F56363F0FA9A45C3560816DD7533C7D15D7DCC78346A4A48C29EA86D9439 ] NAVENG          C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141009.016\NAVENG.SYS
19:11:33.0177 0x05a4  NAVENG - ok
19:11:33.0470 0x05a4  [ 2061D3961C053AA0C55A20F6184DA4CF, 4D50107E7245ED58B943BA536B6B69A6C7465202DCE78135BB0FD5EF2EF02FB3 ] NAVEX15         C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141009.016\NAVEX15.SYS
19:11:33.0581 0x05a4  NAVEX15 - ok
19:11:33.0658 0x05a4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:11:33.0692 0x05a4  NDIS - ok
19:11:33.0744 0x05a4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:11:33.0765 0x05a4  NdisTapi - ok
19:11:33.0804 0x05a4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:11:33.0808 0x05a4  Ndisuio - ok
19:11:33.0841 0x05a4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:11:33.0848 0x05a4  NdisWan - ok
19:11:33.0908 0x05a4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:11:33.0911 0x05a4  NDProxy - ok
19:11:33.0971 0x05a4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:11:33.0971 0x05a4  NetBIOS - ok
19:11:34.0002 0x05a4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:11:34.0018 0x05a4  netbt - ok
19:11:34.0034 0x05a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
19:11:34.0034 0x05a4  Netlogon - ok
19:11:34.0113 0x05a4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
19:11:34.0113 0x05a4  Netman - ok
19:11:34.0178 0x05a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:34.0257 0x05a4  NetMsmqActivator - ok
19:11:34.0270 0x05a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:34.0275 0x05a4  NetPipeActivator - ok
19:11:34.0316 0x05a4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
19:11:34.0327 0x05a4  netprofm - ok
19:11:34.0364 0x05a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:34.0368 0x05a4  NetTcpActivator - ok
19:11:34.0385 0x05a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:34.0390 0x05a4  NetTcpPortSharing - ok
19:11:34.0522 0x05a4  [ A15F219208843A5A210C8CB391384453, E333018B7A841F1E1E6E4A56BA05B4A4FDF46866B3697747ADCF4CA0F43D8A1D ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
19:11:34.0657 0x05a4  NETw3v32 - ok
19:11:34.0744 0x05a4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:11:34.0794 0x05a4  nfrd960 - ok
19:11:34.0848 0x05a4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:11:34.0856 0x05a4  NlaSvc - ok
19:11:34.0898 0x05a4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:11:34.0900 0x05a4  Npfs - ok
19:11:34.0953 0x05a4  [ 6D8D2E5652FC2442C810C5D8BE784148, 013FF4FA03CA2E066B1946CC09889616B243068BA0FB2E58D4C1435BF66FBC87 ] NSCIRDA         C:\Windows\system32\DRIVERS\nscirda.sys
19:11:34.0972 0x05a4  NSCIRDA - ok
19:11:34.0998 0x05a4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
19:11:35.0001 0x05a4  nsi - ok
19:11:35.0099 0x05a4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:11:35.0101 0x05a4  nsiproxy - ok
19:11:35.0181 0x05a4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:11:35.0237 0x05a4  Ntfs - ok
19:11:35.0264 0x05a4  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:11:35.0266 0x05a4  NTIDrvr - ok
19:11:35.0309 0x05a4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:11:35.0311 0x05a4  ntrigdigi - ok
19:11:35.0362 0x05a4  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
19:11:35.0365 0x05a4  NuidFltr - ok
19:11:35.0400 0x05a4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
19:11:35.0402 0x05a4  Null - ok
19:11:35.0449 0x05a4  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
19:11:35.0474 0x05a4  NVENETFD - ok
19:11:35.0520 0x05a4  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:11:35.0527 0x05a4  nvraid - ok
19:11:35.0569 0x05a4  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:11:35.0614 0x05a4  nvstor - ok
19:11:35.0645 0x05a4  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:11:35.0645 0x05a4  nv_agp - ok
19:11:35.0661 0x05a4  NwlnkFlt - ok
19:11:35.0676 0x05a4  NwlnkFwd - ok
19:11:35.0785 0x05a4  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
19:11:35.0785 0x05a4  ohci1394 - ok
19:11:35.0941 0x05a4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:35.0941 0x05a4  ose - ok
19:11:36.0004 0x05a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:11:36.0051 0x05a4  p2pimsvc - ok
19:11:36.0097 0x05a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:11:36.0113 0x05a4  p2psvc - ok
19:11:36.0160 0x05a4  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
19:11:36.0175 0x05a4  Parport - ok
19:11:36.0205 0x05a4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:11:36.0208 0x05a4  partmgr - ok
19:11:36.0221 0x05a4  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:11:36.0223 0x05a4  Parvdm - ok
19:11:36.0261 0x05a4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:11:36.0265 0x05a4  PcaSvc - ok
19:11:36.0308 0x05a4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
19:11:36.0316 0x05a4  pci - ok
19:11:36.0350 0x05a4  [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:11:36.0352 0x05a4  pciide - ok
19:11:36.0431 0x05a4  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:11:36.0439 0x05a4  pcmcia - ok
19:11:36.0552 0x05a4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:11:36.0619 0x05a4  PEAUTH - ok
19:11:36.0811 0x05a4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
19:11:36.0899 0x05a4  pla - ok
19:11:36.0940 0x05a4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:11:36.0952 0x05a4  PlugPlay - ok
19:11:37.0032 0x05a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:11:37.0065 0x05a4  PNRPAutoReg - ok
19:11:37.0099 0x05a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:11:37.0125 0x05a4  PNRPsvc - ok
19:11:37.0236 0x05a4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:11:37.0259 0x05a4  PolicyAgent - ok
19:11:37.0311 0x05a4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:11:37.0324 0x05a4  PptpMiniport - ok
19:11:37.0371 0x05a4  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
19:11:37.0375 0x05a4  Processor - ok
19:11:37.0421 0x05a4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
19:11:37.0429 0x05a4  ProfSvc - ok
19:11:37.0457 0x05a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
19:11:37.0459 0x05a4  ProtectedStorage - ok
19:11:37.0490 0x05a4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:11:37.0494 0x05a4  PSched - ok
19:11:37.0638 0x05a4  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:11:37.0716 0x05a4  ql2300 - ok
19:11:37.0794 0x05a4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:11:37.0794 0x05a4  ql40xx - ok
19:11:37.0856 0x05a4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
19:11:37.0856 0x05a4  QWAVE - ok
19:11:37.0950 0x05a4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:11:37.0950 0x05a4  QWAVEdrv - ok
19:11:38.0012 0x05a4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:11:38.0152 0x05a4  RasAcd - ok
19:11:38.0230 0x05a4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
19:11:38.0230 0x05a4  RasAuto - ok
19:11:38.0307 0x05a4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:11:38.0377 0x05a4  Rasl2tp - ok
19:11:38.0434 0x05a4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
19:11:38.0446 0x05a4  RasMan - ok
19:11:38.0493 0x05a4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:11:38.0515 0x05a4  RasPppoe - ok
19:11:38.0579 0x05a4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:11:38.0584 0x05a4  RasSstp - ok
19:11:38.0654 0x05a4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:11:38.0663 0x05a4  rdbss - ok
19:11:38.0709 0x05a4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:11:38.0712 0x05a4  RDPCDD - ok
19:11:38.0772 0x05a4  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
19:11:38.0787 0x05a4  rdpdr - ok
19:11:38.0804 0x05a4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:11:38.0806 0x05a4  RDPENCDD - ok
19:11:38.0867 0x05a4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:11:38.0875 0x05a4  RDPWD - ok
19:11:38.0917 0x05a4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:11:38.0922 0x05a4  RemoteAccess - ok
19:11:38.0959 0x05a4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:11:38.0966 0x05a4  RemoteRegistry - ok
19:11:39.0009 0x05a4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
19:11:39.0012 0x05a4  RpcLocator - ok
19:11:39.0085 0x05a4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
19:11:39.0108 0x05a4  RpcSs - ok
19:11:39.0182 0x05a4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:11:39.0186 0x05a4  rspndr - ok
19:11:39.0267 0x05a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
19:11:39.0269 0x05a4  SamSs - ok
19:11:39.0318 0x05a4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:11:39.0323 0x05a4  sbp2port - ok
19:11:39.0360 0x05a4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:11:39.0367 0x05a4  SCardSvr - ok
19:11:39.0443 0x05a4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
19:11:39.0477 0x05a4  Schedule - ok
19:11:39.0518 0x05a4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:11:39.0520 0x05a4  SCPolicySvc - ok
19:11:39.0844 0x05a4  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:11:39.0875 0x05a4  sdbus - ok
19:11:39.0953 0x05a4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:11:39.0969 0x05a4  SDRSVC - ok
19:11:40.0031 0x05a4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:11:40.0031 0x05a4  secdrv - ok
19:11:40.0078 0x05a4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
19:11:40.0078 0x05a4  seclogon - ok
19:11:40.0187 0x05a4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
19:11:40.0203 0x05a4  SENS - ok
19:11:40.0218 0x05a4  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:11:40.0234 0x05a4  Serenum - ok
19:11:40.0257 0x05a4  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
19:11:40.0263 0x05a4  Serial - ok
19:11:40.0308 0x05a4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:11:40.0353 0x05a4  sermouse - ok
19:11:40.0439 0x05a4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:11:40.0460 0x05a4  SessionEnv - ok
19:11:40.0497 0x05a4  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:11:40.0500 0x05a4  sffdisk - ok
19:11:40.0522 0x05a4  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:11:40.0524 0x05a4  sffp_mmc - ok
19:11:40.0553 0x05a4  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:11:40.0554 0x05a4  sffp_sd - ok
19:11:40.0569 0x05a4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:11:40.0573 0x05a4  sfloppy - ok
19:11:40.0624 0x05a4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:11:40.0637 0x05a4  SharedAccess - ok
19:11:40.0743 0x05a4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:11:40.0755 0x05a4  ShellHWDetection - ok
19:11:40.0780 0x05a4  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:11:40.0787 0x05a4  sisagp - ok
19:11:40.0807 0x05a4  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:11:40.0810 0x05a4  SiSRaid2 - ok
19:11:40.0828 0x05a4  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:11:40.0832 0x05a4  SiSRaid4 - ok
19:11:41.0035 0x05a4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
19:11:41.0216 0x05a4  slsvc - ok
19:11:41.0429 0x05a4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:11:41.0434 0x05a4  SLUINotify - ok
19:11:41.0490 0x05a4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:11:41.0498 0x05a4  Smb - ok
19:11:41.0579 0x05a4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:11:41.0583 0x05a4  SNMPTRAP - ok
19:11:41.0642 0x05a4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:11:41.0644 0x05a4  spldr - ok
19:11:41.0733 0x05a4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
19:11:41.0741 0x05a4  Spooler - ok
19:11:41.0801 0x05a4  [ 5673E79BBB62A4C35B10D821FF1B4ACA, 26B809F1AC8B988E8DA86522A11DE03DF6FDBC09A09F3A359306DAAFBA4038FD ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:11:41.0811 0x05a4  SQLBrowser - ok
19:11:41.0855 0x05a4  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:11:41.0912 0x05a4  SQLWriter - ok
19:11:42.0080 0x05a4  [ 7A3F8D98848D08E8C6E2C2BAA0764CBE, 778DCBB4AF43C370E015BF79FF8EAC6C878F549F8D6C7736780A163DB3E5F3E0 ] SRTSP           C:\Windows\System32\Drivers\N360\1506000.020\SRTSP.SYS
19:11:42.0124 0x05a4  SRTSP - ok
19:11:42.0154 0x05a4  [ D3EE2801E382ED0B37169B2AF153E3A0, 70921DBBC948B043D0FD1321C87CBE4E24BB073E0C3E2C984DF2CEA294E41805 ] SRTSPX          C:\Windows\system32\drivers\N360\1506000.020\SRTSPX.SYS
19:11:42.0186 0x05a4  SRTSPX - ok
19:11:42.0257 0x05a4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:11:42.0272 0x05a4  srv - ok
19:11:42.0290 0x05a4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:11:42.0296 0x05a4  srv2 - ok
19:11:42.0353 0x05a4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:11:42.0358 0x05a4  srvnet - ok
19:11:42.0420 0x05a4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:11:42.0429 0x05a4  SSDPSRV - ok
19:11:42.0517 0x05a4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:11:42.0524 0x05a4  SstpSvc - ok
19:11:42.0575 0x05a4  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
19:11:42.0611 0x05a4  StillCam - ok
19:11:42.0670 0x05a4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
19:11:42.0704 0x05a4  stisvc - ok
19:11:42.0726 0x05a4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:11:42.0728 0x05a4  swenum - ok
19:11:42.0767 0x05a4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
19:11:42.0798 0x05a4  swprv - ok
19:11:42.0873 0x05a4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:11:42.0875 0x05a4  Symc8xx - ok
19:11:42.0948 0x05a4  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\N360\1506000.020\SYMDS.SYS
19:11:42.0966 0x05a4  SymDS - ok
19:11:43.0062 0x05a4  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\Windows\system32\drivers\N360\1506000.020\SYMEFA.SYS
19:11:43.0119 0x05a4  SymEFA - ok
19:11:43.0174 0x05a4  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
19:11:43.0180 0x05a4  SymEvent - ok
19:11:43.0240 0x05a4  [ 164B4870B45A5BFD9535A62E857F066B, 33BFE1169271F31F1A69A3B84B4E6165CE60AD5CEAD87F69EAE0C1EDD4A57C28 ] SymIRON         C:\Windows\system32\drivers\N360\1506000.020\Ironx86.SYS
19:11:43.0265 0x05a4  SymIRON - ok
19:11:43.0332 0x05a4  [ D3F7FB40012382F7B206200AE794FBD7, B58C1969C766D5BF0BCFE9642D4F2B221E62240A9FCE18738B21DB457F57C22C ] SYMTDIv         C:\Windows\System32\Drivers\N360\1506000.020\SYMTDIV.SYS
19:11:43.0349 0x05a4  SYMTDIv - ok
19:11:43.0379 0x05a4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:11:43.0390 0x05a4  Sym_hi - ok
19:11:43.0457 0x05a4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:11:43.0460 0x05a4  Sym_u3 - ok
19:11:43.0568 0x05a4  [ F7A4250BB3E3AFCD4AF100E551509352, 9315238985753F3E89127D29DD6EC74C4817FEA6E179DB452A03AB247C28794D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:11:43.0577 0x05a4  SynTP - ok
19:11:43.0675 0x05a4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
19:11:43.0709 0x05a4  SysMain - ok
19:11:43.0750 0x05a4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:11:43.0756 0x05a4  TabletInputService - ok
19:11:43.0833 0x05a4  [ 0C3B2A9C4BD2DD9A6C2E4084314DD719, AEB6D9616BC7083BEF1D199CC7E0307DDF9A63541E60380697749F7B6497E847 ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
19:11:43.0836 0x05a4  taphss - ok
19:11:43.0896 0x05a4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:11:43.0908 0x05a4  TapiSrv - ok
19:11:43.0995 0x05a4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
19:11:44.0001 0x05a4  TBS - ok
19:11:44.0080 0x05a4  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:11:44.0136 0x05a4  Tcpip - ok
19:11:44.0191 0x05a4  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:11:44.0216 0x05a4  Tcpip6 - ok
19:11:44.0273 0x05a4  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:11:44.0288 0x05a4  tcpipreg - ok
19:11:44.0328 0x05a4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:11:44.0330 0x05a4  TDPIPE - ok
19:11:44.0373 0x05a4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:11:44.0378 0x05a4  TDTCP - ok
19:11:44.0451 0x05a4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:11:44.0476 0x05a4  tdx - ok
19:11:44.0547 0x05a4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:11:44.0550 0x05a4  TermDD - ok
19:11:44.0640 0x05a4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
19:11:44.0672 0x05a4  TermService - ok
19:11:44.0719 0x05a4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
19:11:44.0730 0x05a4  Themes - ok
19:11:44.0778 0x05a4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:11:44.0781 0x05a4  THREADORDER - ok
19:11:44.0855 0x05a4  [ 78213F01CE781F93180BEF5EB5B3AD81, D036E406775DAC1DEEEF283D98CEEC3D0A75C178FDAE783A5ED1383F662288AA ] tifm21          C:\Windows\system32\drivers\tifm21.sys
19:11:44.0903 0x05a4  tifm21 - ok
19:11:44.0963 0x05a4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
19:11:44.0968 0x05a4  TrkWks - ok
19:11:45.0025 0x05a4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:11:45.0028 0x05a4  TrustedInstaller - ok
19:11:45.0066 0x05a4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:11:45.0069 0x05a4  tssecsrv - ok
19:11:45.0161 0x05a4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:11:45.0164 0x05a4  tunmp - ok
19:11:45.0184 0x05a4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:11:45.0186 0x05a4  tunnel - ok
19:11:45.0261 0x05a4  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:11:45.0264 0x05a4  uagp35 - ok
19:11:45.0311 0x05a4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:11:45.0321 0x05a4  udfs - ok
19:11:45.0377 0x05a4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:11:45.0382 0x05a4  UI0Detect - ok
19:11:45.0417 0x05a4  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:11:45.0420 0x05a4  uliagpkx - ok
19:11:45.0461 0x05a4  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:11:45.0472 0x05a4  uliahci - ok
19:11:45.0492 0x05a4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:11:45.0497 0x05a4  UlSata - ok
19:11:45.0568 0x05a4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:11:45.0574 0x05a4  ulsata2 - ok
19:11:45.0615 0x05a4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:11:45.0618 0x05a4  umbus - ok
19:11:45.0703 0x05a4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
19:11:45.0724 0x05a4  upnphost - ok
19:11:45.0832 0x05a4  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:11:45.0852 0x05a4  USBAAPL - ok
19:11:45.0914 0x05a4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:11:45.0941 0x05a4  usbccgp - ok
19:11:46.0018 0x05a4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:11:46.0046 0x05a4  usbcir - ok
19:11:46.0147 0x05a4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:11:46.0147 0x05a4  usbehci - ok
19:11:46.0225 0x05a4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:11:46.0225 0x05a4  usbhub - ok
19:11:46.0256 0x05a4  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:11:46.0256 0x05a4  usbohci - ok
19:11:46.0305 0x05a4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:11:46.0308 0x05a4  usbprint - ok
19:11:46.0357 0x05a4  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:11:46.0360 0x05a4  usbscan - ok
19:11:46.0426 0x05a4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:11:46.0429 0x05a4  USBSTOR - ok
19:11:46.0494 0x05a4  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:11:46.0497 0x05a4  usbuhci - ok
19:11:46.0547 0x05a4  [ 0A6B81F01BC86399482E27E6FDA7B33B, EDED102916634ADE83F5ACE327E2E3FF1C145A35A80320FAF03872B069DDA626 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:11:46.0553 0x05a4  usbvideo - ok
19:11:46.0605 0x05a4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
19:11:46.0609 0x05a4  UxSms - ok
19:11:46.0682 0x05a4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
19:11:46.0706 0x05a4  vds - ok
19:11:46.0760 0x05a4  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:11:46.0763 0x05a4  vga - ok
19:11:46.0842 0x05a4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:11:47.0096 0x05a4  VgaSave - ok
19:11:47.0197 0x05a4  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:11:47.0229 0x05a4  viaagp - ok
19:11:47.0355 0x05a4  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:11:47.0600 0x05a4  ViaC7 - ok
19:11:47.0781 0x05a4  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:11:48.0015 0x05a4  viaide - ok
19:11:48.0171 0x05a4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:11:48.0202 0x05a4  volmgr - ok
19:11:48.0446 0x05a4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:11:48.0479 0x05a4  volmgrx - ok
19:11:48.0566 0x05a4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:11:48.0576 0x05a4  volsnap - ok
19:11:48.0655 0x05a4  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:11:48.0678 0x05a4  vsmraid - ok
19:11:48.0795 0x05a4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
19:11:48.0853 0x05a4  VSS - ok
19:11:48.0929 0x05a4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
19:11:48.0943 0x05a4  W32Time - ok
19:11:49.0002 0x05a4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:11:49.0018 0x05a4  WacomPen - ok
19:11:49.0091 0x05a4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:11:49.0112 0x05a4  Wanarp - ok
19:11:49.0128 0x05a4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:11:49.0130 0x05a4  Wanarpv6 - ok
19:11:49.0495 0x05a4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:11:49.0559 0x05a4  wcncsvc - ok
19:11:49.0634 0x05a4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:11:49.0639 0x05a4  WcsPlugInService - ok
19:11:50.0171 0x05a4  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
19:11:50.0199 0x05a4  Wd - ok
19:11:50.0260 0x05a4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:11:50.0383 0x05a4  Wdf01000 - ok
19:11:50.0460 0x05a4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:11:50.0466 0x05a4  WdiServiceHost - ok
19:11:50.0480 0x05a4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:11:50.0487 0x05a4  WdiSystemHost - ok
19:11:50.0664 0x05a4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
19:11:50.0674 0x05a4  WebClient - ok
19:11:50.0971 0x05a4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:11:51.0037 0x05a4  Wecsvc - ok
19:11:51.0111 0x05a4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:11:51.0117 0x05a4  wercplsupport - ok
19:11:51.0218 0x05a4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:11:51.0226 0x05a4  WerSvc - ok
19:11:51.0367 0x05a4  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA, 711DD957AF98F1B835ECE0FEBCCF8FCC7763F1DAA232F1C9E80DE6DA123C7F33 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:11:51.0489 0x05a4  winachsf - ok
19:11:51.0627 0x05a4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:11:51.0639 0x05a4  WinDefend - ok
19:11:51.0704 0x05a4  WinHttpAutoProxySvc - ok
19:11:51.0793 0x05a4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:11:51.0831 0x05a4  Winmgmt - ok
19:11:51.0952 0x05a4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:11:52.0063 0x05a4  WinRM - ok
19:11:52.0217 0x05a4  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
19:11:52.0263 0x05a4  WinUSB - ok
19:11:52.0332 0x05a4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:11:52.0384 0x05a4  Wlansvc - ok
19:11:52.0584 0x05a4  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:11:52.0818 0x05a4  wlidsvc - ok
19:11:52.0891 0x05a4  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:11:52.0912 0x05a4  WmiAcpi - ok
19:11:53.0003 0x05a4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:11:53.0010 0x05a4  wmiApSrv - ok
19:11:53.0261 0x05a4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:11:53.0349 0x05a4  WMPNetworkSvc - ok
19:11:53.0550 0x05a4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:11:53.0559 0x05a4  WPCSvc - ok
19:11:53.0620 0x05a4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:11:53.0632 0x05a4  WPDBusEnum - ok
19:11:53.0700 0x05a4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
19:11:53.0760 0x05a4  WpdUsb - ok
19:11:53.0864 0x05a4  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:11:53.0921 0x05a4  WPFFontCache_v0400 - ok
19:11:53.0981 0x05a4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:11:53.0985 0x05a4  ws2ifsl - ok
19:11:54.0047 0x05a4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:11:54.0052 0x05a4  wscsvc - ok
19:11:54.0137 0x05a4  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:11:54.0163 0x05a4  WSDPrintDevice - ok
19:11:54.0328 0x05a4  [ 65D1FF8AAFF4A7D8F787A290E5087816, 9681C1B3B683E7F9531CD223C4C09877C829EFF3C707DD826752A815C1CF8982 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:11:54.0388 0x05a4  WSDScan - ok
19:11:54.0409 0x05a4  WSearch - ok
19:11:54.0547 0x05a4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:11:54.0687 0x05a4  wuauserv - ok
19:11:54.0744 0x05a4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:11:54.0766 0x05a4  WudfPf - ok
19:11:54.0808 0x05a4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:11:54.0842 0x05a4  WUDFRd - ok
19:11:54.0893 0x05a4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:11:54.0955 0x05a4  wudfsvc - ok
19:11:55.0002 0x05a4  [ 88AF537264F2B818DA15479CEEAF5D7C, E0F95D6448FFB77351BB63ED444238F891B16748FD09F8BCCA23BEC4E341A96B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
19:11:55.0004 0x05a4  XAudio - ok
19:11:55.0052 0x05a4  [ 15A317674A08DF26BE65164D959E9203, 6EEE0D1711F37936D157651E265A65137BCBFBDA17F066C844BAA0D53558F86A ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
19:11:55.0114 0x05a4  XAudioService - ok
19:11:55.0217 0x05a4  ================ Scan global ===============================
19:11:55.0259 0x05a4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:11:55.0360 0x05a4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:11:55.0404 0x05a4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:11:55.0463 0x05a4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
19:11:55.0487 0x05a4  [ Global ] - ok
19:11:55.0492 0x05a4  ================ Scan MBR ==================================
19:11:55.0627 0x05a4  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
19:11:58.0888 0x05a4  \Device\Harddisk0\DR0 - ok
19:11:58.0893 0x05a4  ================ Scan VBR ==================================
19:11:58.0912 0x05a4  [ 5E02A659758AEC0A344638A285F6FEFB ] \Device\Harddisk0\DR0\Partition1
19:11:58.0930 0x05a4  \Device\Harddisk0\DR0\Partition1 - ok
19:11:58.0976 0x05a4  [ D2305D88B4A92E232043C165381ECAC1 ] \Device\Harddisk0\DR0\Partition2
19:11:59.0005 0x05a4  \Device\Harddisk0\DR0\Partition2 - ok
19:11:59.0010 0x05a4  ================ Scan generic autorun ======================
19:11:59.0151 0x05a4  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
19:11:59.0261 0x05a4  Windows Defender - ok
19:11:59.0509 0x05a4  [ C3C40834D72095517D2944ED5910DC67, 5062D6487013D78223AC11FA97C065BA2A7D51F7C8592ED6C89DE13D318630F1 ] C:\Windows\RtHDVCpl.exe
19:11:59.0711 0x05a4  RtHDVCpl - ok
19:11:59.0887 0x05a4  [ DFFC976A9D802FAA434052A8EF6C34CB, 565880E03E5D2005E17FEBC3148D6A119DA9A036F54B9FEF993180E23D12E0D4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:11:59.0976 0x05a4  SynTPEnh - ok
19:12:00.0211 0x05a4  [ B3E0C20A53D6A55590468B33AA9BC525, 162B848C258B333FE0E8A01B74C6CD602EAAFEBB40838F2987EF4DFF6D589A80 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
19:12:00.0226 0x05a4  IAAnotif - ok
19:12:00.0320 0x05a4  [ 488DFCA5BB51550681AE88BA7907AD7E, 07DE8F00D646E95C26FA51F8C5DEC1124FEB48C6A1F42C9727C422B175F4A8A0 ] c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
19:12:00.0336 0x05a4  Adobe Reader Speed Launcher - ok
19:12:00.0461 0x05a4  [ BBADDD291165F398BA4F058287175209, B0F07879DA75CB4027A1EAD18C5E055362E73112CF7E8D6CCE672DDCD9A09F69 ] C:\Acer\WR_PopUp\WarReg_PopUp.exe
19:12:00.0485 0x05a4  WarReg_PopUp - ok
19:12:00.0575 0x05a4  [ 7F7B42B1BA42242116F5B277A063FE2E, BFB7657EE55F97B0ADB16AD8FB8545910301C63832801927B4955148744E6556 ] C:\Windows\system32\igfxtray.exe
19:12:00.0623 0x05a4  IgfxTray - ok
19:12:00.0669 0x05a4  [ 5F529FBB095CBC9F14BB1E97A7A6B547, A69BD52B70AB2564417C9A5C78472EDF457EDBDF5B8BEC3367B765A482C65EC0 ] C:\Windows\system32\hkcmd.exe
19:12:00.0676 0x05a4  HotKeysCmds - ok
19:12:00.0703 0x05a4  [ D8A33AF26E4143F7A892009890BB6F64, 4570A1B45A264D141DC919C94E5D8DD0D0D224D418ADE23385BFD787F095BEBF ] C:\Windows\system32\igfxpers.exe
19:12:00.0709 0x05a4  Persistence - ok
19:12:00.0976 0x05a4  [ 0F31EFC96FFB8B5DEA52B92271944A7B, 1143977D2F6E4E5556DBCF9E8B2B703603DD1F98FD77B3867161FFCA857197E9 ] C:\Windows\Skytel.exe
19:12:01.0095 0x05a4  Skytel - ok
19:12:01.0200 0x05a4  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:12:01.0230 0x05a4  APSDaemon - ok
19:12:01.0321 0x05a4  [ 7BD122DD57F91C789F2863B1B4589621, 010DE1F22D24F87551B61E41AD7FB3CA179F7D48FFC8DF16EF368131F3F49897 ] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
19:12:01.0351 0x05a4  AgentMonitor - ok
19:12:01.0672 0x05a4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
19:12:01.0672 0x05a4  HP Software Update - ok
19:12:01.0796 0x05a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:12:01.0874 0x05a4  Sidebar - ok
19:12:01.0937 0x05a4  WindowsWelcomeCenter - ok
19:12:02.0015 0x05a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:12:02.0046 0x05a4  Sidebar - ok
19:12:02.0062 0x05a4  WindowsWelcomeCenter - ok
19:12:02.0077 0x05a4  Waiting for KSN requests completion. In queue: 15
19:12:03.0048 0x05a4  Waiting for KSN requests completion. In queue: 15
19:12:04.0048 0x05a4  Waiting for KSN requests completion. In queue: 15
19:12:05.0403 0x05a4  AV detected via SS2: Norton 360, C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51000 ( enabled : updated )
19:12:05.0406 0x05a4  FW detected via SS2: Norton 360, C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
19:12:07.0905 0x05a4  ============================================================
19:12:07.0905 0x05a4  Scan finished
19:12:07.0905 0x05a4  ============================================================
19:12:07.0926 0x10d0  Detected object count: 0
19:12:07.0927 0x10d0  Actual detected object count: 0


#5 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 01:17 PM

I have changed my virus scan protector from avg to norton 360 and done a few scans with them and its currently saying its clean but not sure if its still infected or not? 



#6 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 01:27 PM

This is adwcleaner report

# AdwCleaner v3.311 - Report created 10/10/2014 at 19:19:10
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Donna - DONNA-PC
# Running from : C:\Users\Donna\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : ExpatShieldService
Service Deleted : ExpatSrv
[#] Service Deleted : ExpatTrayService
Service Deleted : ExpatWd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Expat Shield
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Expat Shield
Folder Deleted : C:\Program Files\Expat_Shield
Folder Deleted : C:\Program Files\ExpressFiles
Folder Deleted : C:\Users\Donna\AppData\Local\Conduit
Folder Deleted : C:\Users\Donna\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Donna\AppData\LocalLow\Expat_Shield
Folder Deleted : C:\Users\Donna\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\g1xh4847.default\Extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
Folder Deleted : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
[!] Folder Deleted : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\END
File Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\g1xh4847.default\searchplugins\search.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\ExpatIE.ExpatIEApp
Key Deleted : HKLM\SOFTWARE\Classes\ExpatIE.ExpatIEApp.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B3CDF87-154C-400D-A551-581DEB9E6214}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69FF6A7-3A87-477A-AD18-F7F4CFF7EA90}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Key Deleted : HKCU\Software\AVG Nation toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Expat_Shield
Key Deleted : HKLM\SOFTWARE\AVG Nation toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ExpatShield
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Expat_Shield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ExpatShield
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpatShield
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16575
 
 
-\\ Mozilla Firefox v11.0 (en-GB)
 
[ File : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\g1xh4847.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.disneystore.co.uk/disney/store/DSISearch?Searchstr={searchTerms}&storeId=30053&catalogId=10002&langId=-11&pageCmdName=homeLandingPage&Ntx=mode+matchallpartial&N=0&Nu=pProductID&Nr=pPublished%3A1&Ntk=All_Shopping&Ntt=soft+elsa&D=soft+elsa&Dr=pPublished%3A1
 
*************************
 
AdwCleaner[R0].txt - [7426 octets] - [10/10/2014 19:15:39]
AdwCleaner[S0].txt - [6671 octets] - [10/10/2014 19:19:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6731 octets] ##########


#7 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 01:50 PM

Junkware removal tool 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by Donna on 10/10/2014 at 19:42:14.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{26A819EE-F0BF-4C95-A97D-88FF55D1FC42}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{4DB4CB82-886B-4F6D-A80C-79E0F3A1242E}
Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{56CB9BD2-DD33-4EE2-9B8A-1EAEB8E5E7F8}
Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{72284413-A7C9-41F0-A648-F66C06FBAE18}
Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{7FCEFDA9-B0D1-433C-9017-0E603679E9AE}
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Donna\AppData\Roaming\mozilla\firefox\profiles\g1xh4847.default\minidumps [3 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/10/2014 at 19:48:13.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 PM

Posted 10 October 2014 - 03:14 PM

Ok good... Uninstall the AVG thru Control Panel if you haven't and reboot the machine.. Are you running ESET? We need to.

Edited by boopme, 10 October 2014 - 03:15 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Donnaoscar

Donnaoscar
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 10 October 2014 - 06:01 PM

Yes I ran it it found nothing, thanks for your help



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 PM

Posted 10 October 2014 - 06:41 PM

Great! how's it running?
Would you like a free AV to replace your outdated AVG?

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u201-windows-i586.exe or Windows x64: jre-8u201-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u201-windows-i586.exe (or jre-8u201-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users