Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The Perils of Email Attachments - Something Definitely Wrong


  • This topic is locked This topic is locked
13 replies to this topic

#1 schtoltheim

schtoltheim

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 02 December 2014 - 05:10 PM

Hi, I'm hoping you'll be able to resolve a problem with my mother's computer.

 

Today, my mother got an email from a local store containing a document. She tried opening on her iPad and it would not open properly (I believe she said that a message said 'it could not be recognized'. Not know this as a warning sign, she then opened it on her desktop computer and saved it.

Unsurprisingly, it turned out to be some kind of malware. The local store, when asked about the email, said that someone must have hijacked their email account and told her not to open her email. My mother's Rogers email account (technically Yahoo, who works with Rogers, a Canadian service provider) email account has been locked due to too many password change requests.

 

I'd greatly appreciate some help in trying to resolve this issue! I don't know if it was an email only thing or what, but I'd appreciate some help in trying to make sure her computer is safe (as well as the iPad, although I'm actually not too worried about the that as I understand they are fairly malware resiliant).

Her computer is running Windows Vista. She ran Norton, but it found nothing.

 

So far, I have taken no mesures yet to deal with the issue (aside from turn off her computer). I'm not great with computers, but I am good at following instructions from more knowledgable folks than!


Edited by schtoltheim, 02 December 2014 - 05:21 PM.


BC AdBot (Login to Remove)

 


#2 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 02 December 2014 - 05:17 PM

It looks like it was a zip file called document46092.zip attached to the email, if that means anything.



#3 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,555 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:20 PM

Posted 02 December 2014 - 05:24 PM

 

My mother's Rogers email account (technically Yahoo, who works with Rogers, a Canadian service provider)email account has been locked due to too many password change requests.

Slightly off topic however.

 

Tell you mother to check if her @rogers has any sub accounts that she did not create. At 1 stage rogers accounts were a tradable commodity on Yahoo chat. What used to happen was somebody would use a cracker to crack rogers id's then trade them, You could create sub accounts and the owner was none the wiser, Till they got an email informing them about too many password changes.



#4 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 02 December 2014 - 05:40 PM

Thanks for the tip! My mother called Rogers and they told her there had been no activity on her account. I'll have her doublecheck for those.



#5 technonymous

technonymous

  • Members
  • 2,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 PM

Posted 02 December 2014 - 05:41 PM

Yahoo is spam heaven. You can create a new account and not even use it and within days 1000's of spam junk. I suggest using the ISP e-mail service or, maybe gmail which is a vast improvement.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 05 December 2014 - 12:05 PM

Best option is to run a few tools...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 06 December 2014 - 07:08 PM

MiniToolBox

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Lewis Family (administrator) on 06-12-2014 at 13:21:47
Running from "C:\Users\Lewis Family\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : LewisFamily-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-21-70-3F-FB-05
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::98de:f032:d8fe:8f76%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.18(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : December-06-14 12:52:48 PM
   Lease Expires . . . . . . . . . . : December-13-14 12:52:57 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 251666800
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-F9-22-CA-00-21-70-3F-FB-05
   DNS Servers . . . . . . . . . . . : 64.71.255.204
                                       64.71.255.198
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:387a:147c:3f57:ffed(Preferred)
   Link-local IPv6 Address . . . . . : fe80::387a:147c:3f57:ffed%10(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{BE023E7C-CCC0-4AB3-931B-9A4FAC6E7258}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns.cp.net.rogers.com
Address:  64.71.255.204

Name:    google.com
Addresses:  2607:f8b0:400b:80a::1008
      66.185.95.34
      66.185.95.44
      66.185.95.30
      66.185.95.20
      66.185.95.40
      66.185.95.55
      66.185.95.35
      66.185.95.25
      66.185.95.49
      66.185.95.45
      66.185.95.39
      66.185.95.29
      66.185.95.59
      66.185.95.50
      66.185.95.24
      66.185.95.54



Pinging google.com [66.185.95.24] with 32 bytes of data:

Reply from 66.185.95.24: bytes=32 time=24ms TTL=59

Reply from 66.185.95.24: bytes=32 time=24ms TTL=59



Ping statistics for 66.185.95.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 24ms, Maximum = 24ms, Average = 24ms

Server:  dns.cp.net.rogers.com
Address:  64.71.255.204

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=104ms TTL=52

Reply from 206.190.36.45: bytes=32 time=112ms TTL=52



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 104ms, Maximum = 112ms, Average = 108ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 21 70 3f fb 05 ...... Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 13 ...00 00 00 00 00 00 00 e0  isatap.{BE023E7C-CCC0-4AB3-931B-9A4FAC6E7258}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.18     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.18    266
     192.168.0.18  255.255.255.255         On-link      192.168.0.18    266
    192.168.0.255  255.255.255.255         On-link      192.168.0.18    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.18    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.18    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 10     18 2001::/32                On-link
 10    266 2001:0:5ef5:79fd:387a:147c:3f57:ffed/128
                                    On-link
 11    266 fe80::/64                On-link
 10    266 fe80::/64                On-link
 10    266 fe80::387a:147c:3f57:ffed/128
                                    On-link
 11    266 fe80::98de:f032:d8fe:8f76/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/06/2014 00:53:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 05:23:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 05:22:56 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/02/2014 03:39:13 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (12/02/2014 00:06:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 07:35:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2014 09:39:46 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (12/01/2014 06:02:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 10:37:25 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (11/30/2014 10:40:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9173


System errors:
=============
Error: (12/06/2014 00:57:51 PM) (Source: Service Control Manager) (User: )
Description: KtmRm for Distributed Transaction Coordinator

Error: (12/06/2014 00:53:16 PM) (Source: Service Control Manager) (User: )
Description: SessionLauncher%%3

Error: (12/06/2014 00:52:45 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.11 for the Network Card with network address 0021703FFB05 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (12/05/2014 05:23:46 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/05/2014 05:23:37 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/05/2014 05:23:08 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/05/2014 05:23:08 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/05/2014 05:23:08 PM) (Source: Service Control Manager) (User: )
Description: AFD
BHDrvx64
ccSet_N360
ctxusbm
DfsC
eeCtrl
IDSVia64
NetBIOS
netbt
nsiproxy
pavboot
PSched
RapportKE64
RasAcd
rdbss
SASDIFSV
SASKUTIL
Smb
spldr
SRTSP
SRTSPX
SymIRON
SYMTDIv
tdx
Wanarpv6

Error: (12/05/2014 05:23:08 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/05/2014 05:23:08 PM) (Source: Service Control Manager) (User: )
Description: Network Location AwarenessNetwork Store Interface Service%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-06 13:13:25.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:13:25.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:13:24.668
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:13:24.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:11:11.010
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:11:06.415
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:10:56.359
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:10:51.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:00:50.664
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-06 13:00:50.107
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour (HKLM-x32\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5200 series MP Drivers (HKLM-x32\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
ccc-utility64 (Version: 2008.0728.2151.37274 - ATI) Hidden
ccc-utility64 (x32 Version: 2008.0728.2151.37274 - ATI) Hidden
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Dock (HKLM-x32\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
EMCGadgets64 (Version: 1.1.501 - Sonic) Hidden
EMCGadgets64 (x32 Version: 1.1.501 - Sonic) Hidden
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Basic Device Software (HKLM-x32\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
iTunes (HKLM-x32\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.4.7717 - Juniper Networks)
Juniper Networks Setup Client (HKCU-x32\...\Juniper_Setup_Client) (Version: 2.1.4.7717 - Juniper Networks)
Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 6.5.0.16339 - Juniper Networks)
Juniper Terminal Services Client (HKCU-x32\...\Juniper_Term_Services) (Version: 6.5.0.16339 - Juniper Networks)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM-x32\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM-x32\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Rapport (Version: 3.5.1205.20 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1205.20 - Trusteer) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.43.1000 - SUPERAntiSpyware.com)
SUPERAntiSpyware (HKLM-x32\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.43.1000 - SUPERAntiSpyware.com)
Tropico 4 Gold (HKCU\...\Tropico 4 Gold) (Version: 1.05 - Kalypso Media)
Tropico 4 Gold (HKCU-x32\...\Tropico 4 Gold) (Version: 1.05 - Kalypso Media)
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU-x32\...\Warcraft III) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 6142.26 MB
Available physical RAM: 3918.25 MB
Total Pagefile: 12487.35 MB
Available Pagefile: 9973.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3997.09 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.11 GB) (Free:285.11 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.03 GB) NTFS
3 Drive e: (Art of Conquest) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\LEWISFAMILY-PC

Administrator            ASPNET                   Guest                    
Lewis Family             


**** End of log ****
 


Tdsskiller

13:23:25.0127 0x0430  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
13:23:30.0786 0x0430  ============================================================
13:23:30.0787 0x0430  Current date / time: 2014/12/06 13:23:30.0786
13:23:30.0787 0x0430  SystemInfo:
13:23:30.0787 0x0430  
13:23:30.0787 0x0430  OS Version: 6.0.6002 ServicePack: 2.0
13:23:30.0787 0x0430  Product type: Workstation
13:23:30.0787 0x0430  ComputerName: LEWISFAMILY-PC
13:23:30.0788 0x0430  UserName: Lewis Family
13:23:30.0788 0x0430  Windows directory: C:\Windows
13:23:30.0788 0x0430  System windows directory: C:\Windows
13:23:30.0788 0x0430  Running under WOW64
13:23:30.0788 0x0430  Processor architecture: Intel x64
13:23:30.0788 0x0430  Number of processors: 4
13:23:30.0788 0x0430  Page size: 0x1000
13:23:30.0788 0x0430  Boot type: Normal boot
13:23:30.0789 0x0430  ============================================================
13:23:33.0344 0x0430  KLMD registered as C:\Windows\system32\drivers\39740751.sys
13:23:33.0689 0x0430  System UUID: {04BF8568-CA3C-5C05-A032-7ADCD7D0A69B}
13:23:34.0418 0x0430  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:23:34.0483 0x0430  ============================================================
13:23:34.0483 0x0430  \Device\Harddisk0\DR0:
13:23:34.0483 0x0430  MBR partitions:
13:23:34.0483 0x0430  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000
13:23:34.0483 0x0430  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x48A38000
13:23:34.0483 0x0430  ============================================================
13:23:34.0520 0x0430  C: <-> \Device\Harddisk0\DR0\Partition2
13:23:34.0559 0x0430  D: <-> \Device\Harddisk0\DR0\Partition1
13:23:34.0559 0x0430  ============================================================
13:23:34.0559 0x0430  Initialize success
13:23:34.0559 0x0430  ============================================================
13:23:44.0368 0x14b4  ============================================================
13:23:44.0368 0x14b4  Scan started
13:23:44.0368 0x14b4  Mode: Manual;
13:23:44.0368 0x14b4  ============================================================
13:23:44.0368 0x14b4  KSN ping started
13:23:48.0335 0x14b4  KSN ping finished: true
13:23:49.0787 0x14b4  ================ Scan system memory ========================
13:23:49.0787 0x14b4  System memory - ok
13:23:49.0787 0x14b4  ================ Scan services =============================
13:23:49.0872 0x14b4  [ A0709B82FA3B5AFAD1467E565B8B3BA0, 3C20E66B37768169A69514F7F1DD21113483499BF3BD8852B803882E019B60FC ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:23:49.0887 0x14b4  !SASCORE - ok
13:23:50.0082 0x14b4  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:23:50.0086 0x14b4  ACDaemon - ok
13:23:50.0275 0x14b4  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:23:50.0292 0x14b4  ACPI - ok
13:23:50.0390 0x14b4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:23:50.0393 0x14b4  AdobeARMservice - ok
13:23:50.0492 0x14b4  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:23:50.0499 0x14b4  AdobeFlashPlayerUpdateSvc - ok
13:23:50.0588 0x14b4  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:23:50.0664 0x14b4  adp94xx - ok
13:23:50.0718 0x14b4  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:23:50.0735 0x14b4  adpahci - ok
13:23:50.0772 0x14b4  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:23:50.0778 0x14b4  adpu160m - ok
13:23:50.0817 0x14b4  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:23:50.0824 0x14b4  adpu320 - ok
13:23:50.0875 0x14b4  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:23:50.0876 0x14b4  AeLookupSvc - ok
13:23:50.0941 0x14b4  [ 0D7A11395C0A33D9E7587CDB9866EFAD, 2CD8E485B104F89FC2436FC38FE5152D076782F39D67B99C8CA9DF33B2CB43E6 ] AERTFilters     C:\Windows\system32\AERTSr64.exe
13:23:50.0943 0x14b4  AERTFilters - ok
13:23:51.0020 0x14b4  [ E58A17E945593544C707423F9772EEA0, FC17AFF979354EB89DCA307BF07C52B84629AF540D4C6A32DD537695CA654205 ] AFD             C:\Windows\system32\drivers\afd.sys
13:23:51.0038 0x14b4  AFD - ok
13:23:51.0099 0x14b4  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:23:51.0102 0x14b4  agp440 - ok
13:23:51.0143 0x14b4  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:23:51.0147 0x14b4  aic78xx - ok
13:23:51.0194 0x14b4  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
13:23:51.0198 0x14b4  ALG - ok
13:23:51.0248 0x14b4  [ 9544C2C55541C0C6BFD7B489D0E7D430, E242A7632BB51C965A7D2E2B0112C75018C0BB4B9A574920E44756E3AC1D8E77 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:23:51.0250 0x14b4  aliide - ok
13:23:51.0272 0x14b4  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:23:51.0274 0x14b4  amdide - ok
13:23:51.0319 0x14b4  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:23:51.0322 0x14b4  AmdK8 - ok
13:23:51.0386 0x14b4  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
13:23:51.0388 0x14b4  Appinfo - ok
13:23:51.0475 0x14b4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:23:51.0478 0x14b4  Apple Mobile Device - ok
13:23:51.0495 0x14b4  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
13:23:51.0499 0x14b4  arc - ok
13:23:51.0587 0x14b4  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:23:51.0593 0x14b4  arcsas - ok
13:23:51.0745 0x14b4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:23:51.0748 0x14b4  aspnet_state - ok
13:23:51.0789 0x14b4  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:23:51.0792 0x14b4  AsyncMac - ok
13:23:51.0830 0x14b4  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
13:23:51.0831 0x14b4  atapi - ok
13:23:51.0922 0x14b4  [ 4B4E11DC0035C9B8FA97473EBF38D267, 3A31DEDEF3DBFED96DE30089E8BE27131618EE7483A146074815A6EEBA806362 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:23:51.0943 0x14b4  Ati External Event Utility - ok
13:23:52.0221 0x14b4  [ 844115F01F9058335CDEFD5E039CA112, 9968C6BD48CFDDB4888783F5931B6C8166BB0D51E72361733754375B20B776E7 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:23:52.0376 0x14b4  atikmdag - ok
13:23:52.0465 0x14b4  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:23:52.0475 0x14b4  AudioEndpointBuilder - ok
13:23:52.0524 0x14b4  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:23:52.0533 0x14b4  AudioSrv - ok
13:23:52.0618 0x14b4  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
13:23:52.0635 0x14b4  BFE - ok
13:23:52.0830 0x14b4  [ D90F5136CB6512B2B9A855C94F79B0B5, 7E2FFDF2B1147E25EA2530DB55667352116EE676D0B6F76ED4C6FEAFC88AB5D4 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20141203.001\BHDrvx64.sys
13:23:52.0905 0x14b4  BHDrvx64 - ok
13:23:52.0993 0x14b4  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
13:23:53.0052 0x14b4  BITS - ok
13:23:53.0074 0x14b4  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:23:53.0078 0x14b4  blbdrive - ok
13:23:53.0155 0x14b4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:23:53.0165 0x14b4  Bonjour Service - ok
13:23:53.0208 0x14b4  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:23:53.0213 0x14b4  bowser - ok
13:23:53.0258 0x14b4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:23:53.0261 0x14b4  BrFiltLo - ok
13:23:53.0285 0x14b4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:23:53.0287 0x14b4  BrFiltUp - ok
13:23:53.0318 0x14b4  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
13:23:53.0322 0x14b4  Browser - ok
13:23:53.0366 0x14b4  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:23:53.0370 0x14b4  Brserid - ok
13:23:53.0407 0x14b4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:23:53.0410 0x14b4  BrSerWdm - ok
13:23:53.0431 0x14b4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:23:53.0433 0x14b4  BrUsbMdm - ok
13:23:53.0457 0x14b4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:23:53.0459 0x14b4  BrUsbSer - ok
13:23:53.0504 0x14b4  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:23:53.0507 0x14b4  BTHMODEM - ok
13:23:53.0616 0x14b4  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys
13:23:53.0622 0x14b4  ccSet_N360 - ok
13:23:53.0657 0x14b4  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:23:53.0661 0x14b4  cdfs - ok
13:23:53.0723 0x14b4  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:23:53.0726 0x14b4  cdrom - ok
13:23:53.0799 0x14b4  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:23:53.0802 0x14b4  CertPropSvc - ok
13:23:53.0828 0x14b4  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:23:53.0830 0x14b4  circlass - ok
13:23:53.0877 0x14b4  [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS            C:\Windows\system32\CLFS.sys
13:23:53.0890 0x14b4  CLFS - ok
13:23:54.0008 0x14b4  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:23:54.0032 0x14b4  clr_optimization_v2.0.50727_32 - ok
13:23:54.0078 0x14b4  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:23:54.0082 0x14b4  clr_optimization_v2.0.50727_64 - ok
13:23:54.0179 0x14b4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:23:54.0197 0x14b4  clr_optimization_v4.0.30319_32 - ok
13:23:54.0299 0x14b4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:23:54.0317 0x14b4  clr_optimization_v4.0.30319_64 - ok
13:23:54.0355 0x14b4  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:23:54.0374 0x14b4  cmdide - ok
13:23:54.0393 0x14b4  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:23:54.0395 0x14b4  Compbatt - ok
13:23:54.0401 0x14b4  COMSysApp - ok
13:23:54.0430 0x14b4  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:23:54.0432 0x14b4  crcdisk - ok
13:23:54.0496 0x14b4  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:23:54.0501 0x14b4  CryptSvc - ok
13:23:54.0580 0x14b4  [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
13:23:54.0589 0x14b4  ctxusbm - ok
13:23:54.0736 0x14b4  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:23:54.0811 0x14b4  DcomLaunch - ok
13:23:54.0875 0x14b4  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:23:54.0880 0x14b4  DfsC - ok
13:23:55.0048 0x14b4  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
13:23:55.0164 0x14b4  DFSR - ok
13:23:55.0248 0x14b4  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:23:55.0255 0x14b4  Dhcp - ok
13:23:55.0319 0x14b4  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
13:23:55.0323 0x14b4  disk - ok
13:23:55.0395 0x14b4  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:23:55.0399 0x14b4  Dnscache - ok
13:23:55.0485 0x14b4  [ DB29915209770D8B59654345EC2D943A, 3D55C5F86E8FC46A82ECA4CBE30DE1C53AB9F6CD79D1597571667774DD86ABD2 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:23:55.0490 0x14b4  DockLoginService - ok
13:23:55.0541 0x14b4  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
13:23:55.0558 0x14b4  dot3svc - ok
13:23:55.0633 0x14b4  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
13:23:55.0638 0x14b4  DPS - ok
13:23:55.0698 0x14b4  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:23:55.0700 0x14b4  drmkaud - ok
13:23:55.0754 0x14b4  [ 362CCEF305F45829316D62D3410F2062, 35033749E9B6B5AFC9C8C305F4AA1597E9776D465E7BBC24A20E836B7BEF0D73 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:23:55.0820 0x14b4  DXGKrnl - ok
13:23:55.0926 0x14b4  [ 17D40652EF3E55EEAE187A89DF40965A, D49D45E64D52FE0FD10A3A5F537A5F7AA4387BE862A1A5544565A1D5D3CDAAE5 ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
13:23:55.0943 0x14b4  e1express - ok
13:23:56.0032 0x14b4  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
13:23:56.0038 0x14b4  E1G60 - ok
13:23:56.0087 0x14b4  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
13:23:56.0090 0x14b4  EapHost - ok
13:23:56.0128 0x14b4  [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:23:56.0135 0x14b4  Ecache - ok
13:23:56.0245 0x14b4  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:23:56.0270 0x14b4  eeCtrl - ok
13:23:56.0368 0x14b4  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:23:56.0386 0x14b4  ehRecvr - ok
13:23:56.0424 0x14b4  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
13:23:56.0433 0x14b4  ehSched - ok
13:23:56.0477 0x14b4  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
13:23:56.0479 0x14b4  ehstart - ok
13:23:56.0511 0x14b4  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:23:56.0528 0x14b4  elxstor - ok
13:23:56.0575 0x14b4  [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:23:56.0597 0x14b4  EMDMgmt - ok
13:23:56.0727 0x14b4  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:23:56.0746 0x14b4  EraserUtilRebootDrv - ok
13:23:56.0782 0x14b4  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:23:56.0785 0x14b4  ErrDev - ok
13:23:56.0842 0x14b4  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
13:23:56.0859 0x14b4  EventSystem - ok
13:23:56.0902 0x14b4  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
13:23:56.0909 0x14b4  exfat - ok
13:23:56.0983 0x14b4  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:23:57.0000 0x14b4  fastfat - ok
13:23:57.0054 0x14b4  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:23:57.0056 0x14b4  fdc - ok
13:23:57.0072 0x14b4  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:23:57.0074 0x14b4  fdPHost - ok
13:23:57.0090 0x14b4  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:23:57.0092 0x14b4  FDResPub - ok
13:23:57.0102 0x14b4  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:23:57.0105 0x14b4  FileInfo - ok
13:23:57.0136 0x14b4  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:23:57.0138 0x14b4  Filetrace - ok
13:23:57.0159 0x14b4  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:23:57.0161 0x14b4  flpydisk - ok
13:23:57.0202 0x14b4  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:23:57.0219 0x14b4  FltMgr - ok
13:23:57.0324 0x14b4  [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache       C:\Windows\system32\FntCache.dll
13:23:57.0415 0x14b4  FontCache - ok
13:23:57.0493 0x14b4  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:23:57.0496 0x14b4  FontCache3.0.0.0 - ok
13:23:57.0525 0x14b4  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:23:57.0527 0x14b4  Fs_Rec - ok
13:23:57.0552 0x14b4  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:23:57.0556 0x14b4  gagp30kx - ok
13:23:57.0609 0x14b4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:23:57.0612 0x14b4  GEARAspiWDM - ok
13:23:57.0663 0x14b4  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:23:57.0780 0x14b4  gpsvc - ok
13:23:57.0858 0x14b4  [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:23:57.0875 0x14b4  HdAudAddService - ok
13:23:57.0942 0x14b4  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:23:58.0009 0x14b4  HDAudBus - ok
13:23:58.0026 0x14b4  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:23:58.0029 0x14b4  HidBth - ok
13:23:58.0055 0x14b4  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:23:58.0057 0x14b4  HidIr - ok
13:23:58.0087 0x14b4  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
13:23:58.0089 0x14b4  hidserv - ok
13:23:58.0142 0x14b4  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:23:58.0144 0x14b4  HidUsb - ok
13:23:58.0168 0x14b4  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:23:58.0172 0x14b4  hkmsvc - ok
13:23:58.0219 0x14b4  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:23:58.0222 0x14b4  HpCISSs - ok
13:23:58.0274 0x14b4  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:23:58.0316 0x14b4  HTTP - ok
13:23:58.0343 0x14b4  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:23:58.0346 0x14b4  i2omp - ok
13:23:58.0412 0x14b4  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:23:58.0415 0x14b4  i8042prt - ok
13:23:58.0501 0x14b4  [ 07FB761600EFF44AF02C35B8B57E5863, 77266CF3A21BA73722C3868214F3B062C534B3C38DB2591C26E2E9F56FA70FD1 ] iaStor          C:\Windows\system32\drivers\iastor.sys
13:23:58.0518 0x14b4  iaStor - ok
13:23:58.0557 0x14b4  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:23:58.0574 0x14b4  iaStorV - ok
13:23:58.0663 0x14b4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:23:58.0666 0x14b4  IDriverT - ok
13:23:58.0749 0x14b4  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:23:58.0816 0x14b4  idsvc - ok
13:23:58.0950 0x14b4  [ B463A82741E67093B7DBAE8D460159D0, E4DD5FFF9F2C4322AD7E05DEAB5200346196995CBDAD5F7A583748041BB048A6 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20141205.001\IDSvia64.sys
13:23:58.0992 0x14b4  IDSVia64 - ok
13:23:59.0063 0x14b4  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:23:59.0066 0x14b4  iirsp - ok
13:23:59.0112 0x14b4  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:23:59.0129 0x14b4  IKEEXT - ok
13:23:59.0203 0x14b4  [ 0DD17D4B59D0EC40E3C86A505BB0B6DD, 345A223585D640483438D3A18DB5768B95F1790BA25C5B360BA505401CCBD68D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:23:59.0253 0x14b4  IntcAzAudAddService - ok
13:23:59.0306 0x14b4  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:23:59.0308 0x14b4  intelide - ok
13:23:59.0319 0x14b4  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:23:59.0321 0x14b4  intelppm - ok
13:23:59.0346 0x14b4  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:23:59.0350 0x14b4  IPBusEnum - ok
13:23:59.0395 0x14b4  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:23:59.0399 0x14b4  IpFilterDriver - ok
13:23:59.0453 0x14b4  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:23:59.0459 0x14b4  iphlpsvc - ok
13:23:59.0464 0x14b4  IpInIp - ok
13:23:59.0495 0x14b4  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:23:59.0531 0x14b4  IPMIDRV - ok
13:23:59.0583 0x14b4  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:23:59.0590 0x14b4  IPNAT - ok
13:23:59.0740 0x14b4  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:23:59.0754 0x14b4  iPod Service - ok
13:23:59.0783 0x14b4  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:23:59.0785 0x14b4  IRENUM - ok
13:23:59.0825 0x14b4  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:23:59.0828 0x14b4  isapnp - ok
13:23:59.0878 0x14b4  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:23:59.0894 0x14b4  iScsiPrt - ok
13:23:59.0922 0x14b4  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:23:59.0925 0x14b4  iteatapi - ok
13:23:59.0962 0x14b4  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:23:59.0965 0x14b4  iteraid - ok
13:23:59.0986 0x14b4  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:23:59.0989 0x14b4  kbdclass - ok
13:23:59.0998 0x14b4  [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:24:00.0000 0x14b4  kbdhid - ok
13:24:00.0023 0x14b4  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
13:24:00.0025 0x14b4  KeyIso - ok
13:24:00.0071 0x14b4  [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:24:00.0105 0x14b4  KSecDD - ok
13:24:00.0155 0x14b4  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:24:00.0157 0x14b4  ksthunk - ok
13:24:00.0216 0x14b4  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:24:00.0233 0x14b4  KtmRm - ok
13:24:00.0269 0x14b4  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:24:00.0286 0x14b4  LanmanServer - ok
13:24:00.0320 0x14b4  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:24:00.0327 0x14b4  LanmanWorkstation - ok
13:24:00.0354 0x14b4  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:24:00.0357 0x14b4  lltdio - ok
13:24:00.0388 0x14b4  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:24:00.0405 0x14b4  lltdsvc - ok
13:24:00.0429 0x14b4  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:24:00.0431 0x14b4  lmhosts - ok
13:24:00.0449 0x14b4  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:24:00.0454 0x14b4  LSI_FC - ok
13:24:00.0479 0x14b4  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:24:00.0483 0x14b4  LSI_SAS - ok
13:24:00.0511 0x14b4  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:24:00.0516 0x14b4  LSI_SCSI - ok
13:24:00.0541 0x14b4  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:24:00.0546 0x14b4  luafv - ok
13:24:00.0572 0x14b4  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:24:00.0576 0x14b4  Mcx2Svc - ok
13:24:00.0618 0x14b4  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:24:00.0621 0x14b4  megasas - ok
13:24:00.0730 0x14b4  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:24:00.0747 0x14b4  MegaSR - ok
13:24:00.0838 0x14b4  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
13:24:00.0840 0x14b4  MMCSS - ok
13:24:00.0860 0x14b4  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
13:24:00.0863 0x14b4  Modem - ok
13:24:00.0912 0x14b4  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:24:00.0914 0x14b4  monitor - ok
13:24:00.0944 0x14b4  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:24:00.0946 0x14b4  mouclass - ok
13:24:00.0951 0x14b4  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:24:00.0953 0x14b4  mouhid - ok
13:24:00.0987 0x14b4  [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:24:01.0016 0x14b4  MountMgr - ok
13:24:01.0276 0x14b4  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:24:01.0302 0x14b4  MozillaMaintenance - ok
13:24:01.0334 0x14b4  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
13:24:01.0339 0x14b4  mpio - ok
13:24:01.0382 0x14b4  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:24:01.0386 0x14b4  mpsdrv - ok
13:24:01.0447 0x14b4  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:24:01.0472 0x14b4  MpsSvc - ok
13:24:01.0493 0x14b4  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:24:01.0495 0x14b4  Mraid35x - ok
13:24:01.0532 0x14b4  [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:24:01.0538 0x14b4  MRxDAV - ok
13:24:01.0562 0x14b4  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:24:01.0567 0x14b4  mrxsmb - ok
13:24:01.0599 0x14b4  [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:24:01.0608 0x14b4  mrxsmb10 - ok
13:24:01.0679 0x14b4  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:24:01.0683 0x14b4  mrxsmb20 - ok
13:24:01.0706 0x14b4  [ 730B784962D22D2C6481EAE2370E7C8C, D797363808125247CFCE49E5E427193B95292260B70CDB882331CD9F58F8979B ] msahci          C:\Windows\system32\drivers\msahci.sys
13:24:01.0709 0x14b4  msahci - ok
13:24:01.0728 0x14b4  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:24:01.0733 0x14b4  msdsm - ok
13:24:01.0760 0x14b4  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
13:24:01.0765 0x14b4  MSDTC - ok
13:24:01.0790 0x14b4  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:24:01.0793 0x14b4  Msfs - ok
13:24:01.0811 0x14b4  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:24:01.0813 0x14b4  msisadrv - ok
13:24:01.0840 0x14b4  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:24:01.0846 0x14b4  MSiSCSI - ok
13:24:01.0851 0x14b4  msiserver - ok
13:24:01.0868 0x14b4  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:24:01.0870 0x14b4  MSKSSRV - ok
13:24:01.0891 0x14b4  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:24:01.0893 0x14b4  MSPCLOCK - ok
13:24:01.0939 0x14b4  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:24:01.0941 0x14b4  MSPQM - ok
13:24:01.0990 0x14b4  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:24:02.0000 0x14b4  MsRPC - ok
13:24:02.0021 0x14b4  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:24:02.0023 0x14b4  mssmbios - ok
13:24:02.0043 0x14b4  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:24:02.0045 0x14b4  MSTEE - ok
13:24:02.0091 0x14b4  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:24:02.0094 0x14b4  Mup - ok
13:24:02.0204 0x14b4  [ A0C88349651D9F5421AFD363C27102E8, 71D5F7EDAF47AB1376444CB648BFD86CEA36735EE42A9935BDB876DF8F765F45 ] N360            C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
13:24:02.0211 0x14b4  N360 - ok
13:24:02.0283 0x14b4  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
13:24:02.0293 0x14b4  napagent - ok
13:24:02.0370 0x14b4  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:24:02.0377 0x14b4  NativeWifiP - ok
13:24:02.0521 0x14b4  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141205.018\ENG64.SYS
13:24:02.0527 0x14b4  NAVENG - ok
13:24:02.0633 0x14b4  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141205.018\EX64.SYS
13:24:02.0724 0x14b4  NAVEX15 - ok
13:24:02.0811 0x14b4  [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:24:02.0831 0x14b4  NDIS - ok
13:24:02.0868 0x14b4  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:24:02.0871 0x14b4  NdisTapi - ok
13:24:02.0896 0x14b4  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:24:02.0899 0x14b4  Ndisuio - ok
13:24:02.0949 0x14b4  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:24:02.0957 0x14b4  NdisWan - ok
13:24:02.0981 0x14b4  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:24:02.0984 0x14b4  NDProxy - ok
13:24:02.0990 0x14b4  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:24:02.0993 0x14b4  NetBIOS - ok
13:24:03.0055 0x14b4  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:24:03.0072 0x14b4  netbt - ok
13:24:03.0090 0x14b4  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
13:24:03.0092 0x14b4  Netlogon - ok
13:24:03.0125 0x14b4  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
13:24:03.0134 0x14b4  Netman - ok
13:24:03.0202 0x14b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:03.0207 0x14b4  NetMsmqActivator - ok
13:24:03.0219 0x14b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:03.0223 0x14b4  NetPipeActivator - ok
13:24:03.0251 0x14b4  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
13:24:03.0267 0x14b4  netprofm - ok
13:24:03.0275 0x14b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:03.0279 0x14b4  NetTcpActivator - ok
13:24:03.0286 0x14b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:03.0290 0x14b4  NetTcpPortSharing - ok
13:24:03.0308 0x14b4  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:24:03.0311 0x14b4  nfrd960 - ok
13:24:03.0334 0x14b4  [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:24:03.0351 0x14b4  NlaSvc - ok
13:24:03.0385 0x14b4  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:24:03.0388 0x14b4  Npfs - ok
13:24:03.0397 0x14b4  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
13:24:03.0399 0x14b4  nsi - ok
13:24:03.0404 0x14b4  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:24:03.0407 0x14b4  nsiproxy - ok
13:24:03.0482 0x14b4  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:24:03.0541 0x14b4  Ntfs - ok
13:24:03.0565 0x14b4  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
13:24:03.0567 0x14b4  Null - ok
13:24:03.0591 0x14b4  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:24:03.0598 0x14b4  nvraid - ok
13:24:03.0662 0x14b4  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:24:03.0665 0x14b4  nvstor - ok
13:24:03.0682 0x14b4  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:24:03.0687 0x14b4  nv_agp - ok
13:24:03.0691 0x14b4  NwlnkFlt - ok
13:24:03.0697 0x14b4  NwlnkFwd - ok
13:24:03.0836 0x14b4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:24:03.0853 0x14b4  odserv - ok
13:24:03.0947 0x14b4  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:24:03.0950 0x14b4  ohci1394 - ok
13:24:03.0986 0x14b4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:24:03.0992 0x14b4  ose - ok
13:24:04.0085 0x14b4  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:24:04.0119 0x14b4  p2pimsvc - ok
13:24:04.0175 0x14b4  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:24:04.0195 0x14b4  p2psvc - ok
13:24:04.0224 0x14b4  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
13:24:04.0228 0x14b4  Parport - ok
13:24:04.0271 0x14b4  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:24:04.0274 0x14b4  partmgr - ok
13:24:04.0336 0x14b4  [ 8A0F8A9580D9F2FC512A35D5709088A9, 3385B3FC4120C249ADB20190F4B2FF63A4358D4BE36C507B6300BCAD069F722A ] pavboot         C:\Windows\system32\drivers\pavboot64.sys
13:24:04.0339 0x14b4  pavboot - ok
13:24:04.0369 0x14b4  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:24:04.0372 0x14b4  PcaSvc - ok
13:24:04.0407 0x14b4  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
13:24:04.0413 0x14b4  pci - ok
13:24:04.0468 0x14b4  [ 2657F6C0B78C36D95034BE109336E382, C85CFDA57A64B7CC1BB09225C2F81629CEF21C5F25735B098F214397D6DE0D2C ] pciide          C:\Windows\system32\drivers\pciide.sys
13:24:04.0470 0x14b4  pciide - ok
13:24:04.0501 0x14b4  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:24:04.0509 0x14b4  pcmcia - ok
13:24:04.0564 0x14b4  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:24:04.0598 0x14b4  PEAUTH - ok
13:24:04.0669 0x14b4  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:24:04.0672 0x14b4  PerfHost - ok
13:24:04.0729 0x14b4  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
13:24:04.0779 0x14b4  pla - ok
13:24:04.0847 0x14b4  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:24:04.0855 0x14b4  PlugPlay - ok
13:24:04.0884 0x14b4  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:24:04.0904 0x14b4  PNRPAutoReg - ok
13:24:04.0933 0x14b4  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:24:04.0953 0x14b4  PNRPsvc - ok
13:24:05.0119 0x14b4  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:24:05.0143 0x14b4  PolicyAgent - ok
13:24:05.0176 0x14b4  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:24:05.0236 0x14b4  PptpMiniport - ok
13:24:05.0287 0x14b4  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
13:24:05.0315 0x14b4  Processor - ok
13:24:05.0346 0x14b4  [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:24:05.0353 0x14b4  ProfSvc - ok
13:24:05.0365 0x14b4  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:24:05.0367 0x14b4  ProtectedStorage - ok
13:24:05.0439 0x14b4  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:24:05.0442 0x14b4  PSched - ok
13:24:05.0476 0x14b4  [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
13:24:05.0479 0x14b4  PxHlpa64 - ok
13:24:05.0562 0x14b4  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:24:05.0637 0x14b4  ql2300 - ok
13:24:05.0660 0x14b4  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:24:05.0665 0x14b4  ql40xx - ok
13:24:05.0693 0x14b4  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
13:24:05.0710 0x14b4  QWAVE - ok
13:24:05.0732 0x14b4  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:24:05.0735 0x14b4  QWAVEdrv - ok
13:24:05.0937 0x14b4  [ 844115F01F9058335CDEFD5E039CA112, 9968C6BD48CFDDB4888783F5931B6C8166BB0D51E72361733754375B20B776E7 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
13:24:06.0035 0x14b4  R300 - ok
13:24:06.0304 0x14b4  [ C8A3EB028DB462B6E2011BCDBA334621, 689B62C36E569E39063B05F31015CAC932771E7D6370D0B29D175DC923AFF5DB ] RapportCerberus_80071 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80071.sys
13:24:06.0450 0x14b4  RapportCerberus_80071 - ok
13:24:06.0550 0x14b4  [ E3D5101523591BCA602582F56E7E3358, 4D661AB3817B4498FCDC7078E2DFEC54AEF95C32F6A59655B9AEAD2057D7B4CA ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
13:24:06.0560 0x14b4  RapportEI64 - ok
13:24:06.0639 0x14b4  [ 259330BCFAB4FE2697A2ED6D4DB4E6E0, 798222C16C34F4385F473CD6DD8EEF0776698D96DD3C638CCDECC363933E37CB ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
13:24:06.0672 0x14b4  RapportKE64 - ok
13:24:06.0785 0x14b4  [ DCEB4D28DFFF5E95946F6084F0FFD356, 71ACDAAAFEBB497B070038CEA99A4297DA620453D905C2BB70BF5AECEDD320C4 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
13:24:06.0855 0x14b4  RapportMgmtService - ok
13:24:06.0882 0x14b4  [ A144D91222721F08CEA1065815029C43, 19AC84ADD342BEF58F7513B17061ED3F4D37DE998BEF2BF360D076B92FBF40FD ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
13:24:06.0895 0x14b4  RapportPG64 - ok
13:24:06.0944 0x14b4  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:24:06.0947 0x14b4  RasAcd - ok
13:24:06.0966 0x14b4  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
13:24:06.0970 0x14b4  RasAuto - ok
13:24:07.0003 0x14b4  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:24:07.0009 0x14b4  Rasl2tp - ok
13:24:07.0052 0x14b4  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
13:24:07.0060 0x14b4  RasMan - ok
13:24:07.0087 0x14b4  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:24:07.0090 0x14b4  RasPppoe - ok
13:24:07.0118 0x14b4  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:24:07.0122 0x14b4  RasSstp - ok
13:24:07.0161 0x14b4  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:24:07.0178 0x14b4  rdbss - ok
13:24:07.0198 0x14b4  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:24:07.0200 0x14b4  RDPCDD - ok
13:24:07.0224 0x14b4  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:24:07.0241 0x14b4  rdpdr - ok
13:24:07.0246 0x14b4  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:24:07.0248 0x14b4  RDPENCDD - ok
13:24:07.0287 0x14b4  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:24:07.0296 0x14b4  RDPWD - ok
13:24:07.0323 0x14b4  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:24:07.0327 0x14b4  RemoteAccess - ok
13:24:07.0363 0x14b4  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:24:07.0380 0x14b4  RemoteRegistry - ok
13:24:07.0454 0x14b4  [ FDED778DAF09235E4580F1B9046946B6, E6DCFF75617B1F23967CF19533AA554A45012AF9B6FD6AD9BD7AC29DCF3D7B6A ] RoxLiveShare10  C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
13:24:07.0471 0x14b4  RoxLiveShare10 - ok
13:24:07.0583 0x14b4  [ E054A2CAF0E2A55C9AAC0BF1CCC558A5, F7C637DB45E834813E04DBAC2F918FD897CAC3C1DD20B8087BEE39C3BEEACA61 ] RoxMediaDB10    C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
13:24:07.0626 0x14b4  RoxMediaDB10 - ok
13:24:07.0674 0x14b4  [ C75FDA9AB3314E555123673E08F9D86D, 97B8DB1AD3DFDDAACE14500EB2497B72C83702F6CA3C2A7E417AA9B0B45BBBF0 ] RoxWatch10      C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
13:24:07.0682 0x14b4  RoxWatch10 - ok
13:24:07.0710 0x14b4  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
13:24:07.0713 0x14b4  RpcLocator - ok
13:24:07.0758 0x14b4  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
13:24:07.0774 0x14b4  RpcSs - ok
13:24:07.0803 0x14b4  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:24:07.0806 0x14b4  rspndr - ok
13:24:07.0879 0x14b4  [ F49D8DF8895D809CB0A4DEB44113DE6F, F2481B7A6331388024D1841A6F926F4BDEB4AC9A4B7D6786CC9CCCFEA25C38D7 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
13:24:07.0886 0x14b4  RTL8169 - ok
13:24:07.0952 0x14b4  [ 5532C4BF15173270757A75B46BAEB960, BDA8BBE27019FFEC5C60EEB15B6D94B0C7A4E534D634066DFA1E4CB99DC6FA87 ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
13:24:07.0954 0x14b4  RtNdPt60 - ok
13:24:07.0964 0x14b4  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
13:24:07.0966 0x14b4  SamSs - ok
13:24:08.0019 0x14b4  [ 99DF79C258B3342B6C8A5F802998DE56, BA9E343BF84F0C125896A402DDDEBCC52AD3A6E4573253AE1004FF7A9567F62D ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:24:08.0029 0x14b4  SASDIFSV - ok
13:24:08.0042 0x14b4  [ 2859C35C0651E8EB0D86D48E740388F2, 4AD913E558D51CDE4442C7F4BE42697AD91C0F34C92F2EA63B040830F97AAB77 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:24:08.0044 0x14b4  SASKUTIL - ok
13:24:08.0073 0x14b4  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:24:08.0077 0x14b4  sbp2port - ok
13:24:08.0115 0x14b4  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:24:08.0121 0x14b4  SCardSvr - ok
13:24:08.0172 0x14b4  [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule        C:\Windows\system32\schedsvc.dll
13:24:08.0190 0x14b4  Schedule - ok
13:24:08.0223 0x14b4  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:24:08.0226 0x14b4  SCPolicySvc - ok
13:24:08.0276 0x14b4  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:24:08.0293 0x14b4  SDRSVC - ok
13:24:08.0306 0x14b4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:24:08.0308 0x14b4  secdrv - ok
13:24:08.0319 0x14b4  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll
13:24:08.0321 0x14b4  seclogon - ok
13:24:08.0331 0x14b4  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
13:24:08.0335 0x14b4  SENS - ok
13:24:08.0348 0x14b4  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:24:08.0350 0x14b4  Serenum - ok
13:24:08.0366 0x14b4  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys
13:24:08.0370 0x14b4  Serial - ok
13:24:08.0396 0x14b4  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:24:08.0398 0x14b4  sermouse - ok
13:24:08.0428 0x14b4  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
13:24:08.0432 0x14b4  SessionEnv - ok
13:24:08.0491 0x14b4  SessionLauncher - ok
13:24:08.0510 0x14b4  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:24:08.0513 0x14b4  sffdisk - ok
13:24:08.0528 0x14b4  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:24:08.0530 0x14b4  sffp_mmc - ok
13:24:08.0545 0x14b4  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:24:08.0547 0x14b4  sffp_sd - ok
13:24:08.0573 0x14b4  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:24:08.0575 0x14b4  sfloppy - ok
13:24:08.0622 0x14b4  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:24:08.0631 0x14b4  SharedAccess - ok
13:24:08.0672 0x14b4  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:24:08.0689 0x14b4  ShellHWDetection - ok
13:24:08.0727 0x14b4  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:24:08.0738 0x14b4  SiSRaid2 - ok
13:24:08.0766 0x14b4  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:24:08.0769 0x14b4  SiSRaid4 - ok
13:24:08.0883 0x14b4  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
13:24:08.0970 0x14b4  slsvc - ok
13:24:09.0020 0x14b4  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:24:09.0026 0x14b4  SLUINotify - ok
13:24:09.0061 0x14b4  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:24:09.0065 0x14b4  Smb - ok
13:24:09.0090 0x14b4  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:24:09.0094 0x14b4  SNMPTRAP - ok
13:24:09.0168 0x14b4  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:24:09.0170 0x14b4  spldr - ok
13:24:09.0211 0x14b4  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
13:24:09.0219 0x14b4  Spooler - ok
13:24:09.0305 0x14b4  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS
13:24:09.0339 0x14b4  SRTSP - ok
13:24:09.0355 0x14b4  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS
13:24:09.0357 0x14b4  SRTSPX - ok
13:24:09.0399 0x14b4  [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:24:09.0416 0x14b4  srv - ok
13:24:09.0435 0x14b4  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:24:09.0440 0x14b4  srv2 - ok
13:24:09.0463 0x14b4  [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:24:09.0469 0x14b4  srvnet - ok
13:24:09.0480 0x14b4  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:24:09.0488 0x14b4  SSDPSRV - ok
13:24:09.0556 0x14b4  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:24:09.0561 0x14b4  SstpSvc - ok
13:24:09.0774 0x14b4  [ AFE32AFD30464FC59CB8E88DC72F66FA, 24644F8AA47E61B98EF867BE18A9BE383822D64F3AADF2ED35E42FBFBA7B340F ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:24:09.0841 0x14b4  Steam Client Service - ok
13:24:09.0884 0x14b4  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
13:24:09.0917 0x14b4  stisvc - ok
13:24:09.0973 0x14b4  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:24:09.0977 0x14b4  stllssvr - ok
13:24:10.0012 0x14b4  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:24:10.0027 0x14b4  swenum - ok
13:24:10.0064 0x14b4  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
13:24:10.0076 0x14b4  swprv - ok
13:24:10.0131 0x14b4  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:24:10.0147 0x14b4  Symc8xx - ok
13:24:10.0185 0x14b4  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1506000.020\SYMDS64.SYS
13:24:10.0211 0x14b4  SymDS - ok
13:24:10.0259 0x14b4  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS
13:24:10.0310 0x14b4  SymEFA - ok
13:24:10.0375 0x14b4  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:24:10.0391 0x14b4  SymEvent - ok
13:24:10.0432 0x14b4  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS
13:24:10.0449 0x14b4  SymIRON - ok
13:24:10.0498 0x14b4  [ 018D1F8343C301B4AF9DD042D2FFBCC8, 5DE8FADCBFA91B018DFA1E9B55CC84F70539791E1EDABB06301569EE92AFD970 ] SYMTDIv         C:\Windows\System32\Drivers\N360x64\1506000.020\SYMTDIV.SYS
13:24:10.0548 0x14b4  SYMTDIv - ok
13:24:10.0595 0x14b4  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:24:10.0626 0x14b4  Sym_hi - ok
13:24:10.0645 0x14b4  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:24:10.0647 0x14b4  Sym_u3 - ok
13:24:10.0697 0x14b4  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
13:24:10.0719 0x14b4  SysMain - ok
13:24:10.0792 0x14b4  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
13:24:10.0796 0x14b4  TabletInputService - ok
13:24:10.0885 0x14b4  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:24:10.0902 0x14b4  TapiSrv - ok
13:24:10.0946 0x14b4  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
13:24:10.0950 0x14b4  TBS - ok
13:24:11.0224 0x14b4  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:24:11.0394 0x14b4  Tcpip - ok
13:24:11.0450 0x14b4  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:24:11.0482 0x14b4  Tcpip6 - ok
13:24:11.0509 0x14b4  [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:24:11.0525 0x14b4  tcpipreg - ok
13:24:11.0558 0x14b4  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:24:11.0561 0x14b4  TDPIPE - ok
13:24:11.0579 0x14b4  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:24:11.0583 0x14b4  TDTCP - ok
13:24:11.0611 0x14b4  [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:24:11.0615 0x14b4  tdx - ok
13:24:11.0627 0x14b4  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:24:11.0630 0x14b4  TermDD - ok
13:24:11.0692 0x14b4  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
13:24:11.0717 0x14b4  TermService - ok
13:24:11.0738 0x14b4  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
13:24:11.0745 0x14b4  Themes - ok
13:24:11.0787 0x14b4  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:24:11.0789 0x14b4  THREADORDER - ok
13:24:11.0823 0x14b4  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
13:24:11.0834 0x14b4  TrkWks - ok
13:24:11.0887 0x14b4  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:24:11.0889 0x14b4  TrustedInstaller - ok
13:24:11.0958 0x14b4  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:24:11.0961 0x14b4  tssecsrv - ok
13:24:12.0020 0x14b4  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:24:12.0023 0x14b4  tunmp - ok
13:24:12.0053 0x14b4  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:24:12.0056 0x14b4  tunnel - ok
13:24:12.0082 0x14b4  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:24:12.0086 0x14b4  uagp35 - ok
13:24:12.0179 0x14b4  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:24:12.0189 0x14b4  udfs - ok
13:24:12.0224 0x14b4  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:24:12.0227 0x14b4  UI0Detect - ok
13:24:12.0248 0x14b4  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:24:12.0252 0x14b4  uliagpkx - ok
13:24:12.0281 0x14b4  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:24:12.0298 0x14b4  uliahci - ok
13:24:12.0340 0x14b4  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:24:12.0345 0x14b4  UlSata - ok
13:24:12.0366 0x14b4  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:24:12.0372 0x14b4  ulsata2 - ok
13:24:12.0393 0x14b4  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:24:12.0395 0x14b4  umbus - ok
13:24:12.0413 0x14b4  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
13:24:12.0430 0x14b4  upnphost - ok
13:24:12.0502 0x14b4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:24:12.0505 0x14b4  USBAAPL64 - ok
13:24:12.0556 0x14b4  [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:24:12.0561 0x14b4  usbccgp - ok
13:24:12.0587 0x14b4  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:24:12.0590 0x14b4  usbcir - ok
13:24:12.0637 0x14b4  [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:24:12.0640 0x14b4  usbehci - ok
13:24:12.0652 0x14b4  [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:24:12.0661 0x14b4  usbhub - ok
13:24:12.0682 0x14b4  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:24:12.0684 0x14b4  usbohci - ok
13:24:12.0712 0x14b4  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:24:12.0714 0x14b4  usbprint - ok
13:24:12.0750 0x14b4  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:24:12.0753 0x14b4  usbscan - ok
13:24:12.0783 0x14b4  [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:24:12.0787 0x14b4  USBSTOR - ok
13:24:12.0833 0x14b4  [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:24:12.0835 0x14b4  usbuhci - ok
13:24:12.0867 0x14b4  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
13:24:12.0871 0x14b4  UxSms - ok
13:24:13.0019 0x14b4  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
13:24:13.0034 0x14b4  vds - ok
13:24:13.0062 0x14b4  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:24:13.0065 0x14b4  vga - ok
13:24:13.0090 0x14b4  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:24:13.0093 0x14b4  VgaSave - ok
13:24:13.0105 0x14b4  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
13:24:13.0107 0x14b4  viaide - ok
13:24:13.0139 0x14b4  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:24:13.0142 0x14b4  volmgr - ok
13:24:13.0186 0x14b4  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:24:13.0203 0x14b4  volmgrx - ok
13:24:13.0230 0x14b4  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:24:13.0244 0x14b4  volsnap - ok
13:24:13.0281 0x14b4  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:24:13.0287 0x14b4  vsmraid - ok
13:24:13.0372 0x14b4  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
13:24:13.0415 0x14b4  VSS - ok
13:24:13.0475 0x14b4  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
13:24:13.0487 0x14b4  W32Time - ok
13:24:13.0517 0x14b4  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:24:13.0534 0x14b4  WacomPen - ok
13:24:13.0568 0x14b4  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:24:13.0573 0x14b4  Wanarp - ok
13:24:13.0579 0x14b4  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:24:13.0583 0x14b4  Wanarpv6 - ok
13:24:13.0614 0x14b4  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:24:13.0640 0x14b4  wcncsvc - ok
13:24:13.0668 0x14b4  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:24:13.0672 0x14b4  WcsPlugInService - ok
13:24:13.0702 0x14b4  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
13:24:13.0705 0x14b4  Wd - ok
13:24:13.0752 0x14b4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:24:13.0819 0x14b4  Wdf01000 - ok
13:24:13.0830 0x14b4  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:24:13.0835 0x14b4  WdiServiceHost - ok
13:24:13.0841 0x14b4  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:24:13.0845 0x14b4  WdiSystemHost - ok
13:24:13.0867 0x14b4  [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient       C:\Windows\System32\webclnt.dll
13:24:13.0884 0x14b4  WebClient - ok
13:24:13.0959 0x14b4  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:24:13.0966 0x14b4  Wecsvc - ok
13:24:13.0985 0x14b4  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:24:14.0011 0x14b4  wercplsupport - ok
13:24:14.0043 0x14b4  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:24:14.0047 0x14b4  WerSvc - ok
13:24:14.0063 0x14b4  WinDefend - ok
13:24:14.0093 0x14b4  WinHttpAutoProxySvc - ok
13:24:14.0205 0x14b4  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:24:14.0225 0x14b4  Winmgmt - ok
13:24:14.0302 0x14b4  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
13:24:14.0359 0x14b4  WinRM - ok
13:24:14.0403 0x14b4  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:24:14.0421 0x14b4  Wlansvc - ok
13:24:14.0456 0x14b4  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:24:14.0459 0x14b4  WmiAcpi - ok
13:24:14.0547 0x14b4  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:24:14.0572 0x14b4  wmiApSrv - ok
13:24:14.0604 0x14b4  WMPNetworkSvc - ok
13:24:14.0637 0x14b4  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:24:14.0645 0x14b4  WPCSvc - ok
13:24:14.0710 0x14b4  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:24:14.0714 0x14b4  WPDBusEnum - ok
13:24:14.0742 0x14b4  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:24:14.0744 0x14b4  WpdUsb - ok
13:24:14.0914 0x14b4  [ A2BFEDF5D926CBED9C5F7BC46169A99C, 4F336C0D1DFBCDF9583F528331300FD377AE6565E0C70D58CD9E6ACE95B7273F ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:24:14.0981 0x14b4  WPFFontCache_v0400 - ok
13:24:15.0005 0x14b4  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:24:15.0008 0x14b4  ws2ifsl - ok
13:24:15.0040 0x14b4  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:24:15.0044 0x14b4  wscsvc - ok
13:24:15.0049 0x14b4  WSearch - ok
13:24:15.0529 0x14b4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:24:15.0598 0x14b4  wuauserv - ok
13:24:15.0659 0x14b4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:24:15.0663 0x14b4  WudfPf - ok
13:24:15.0736 0x14b4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:24:15.0753 0x14b4  WUDFRd - ok
13:24:15.0807 0x14b4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:24:15.0812 0x14b4  wudfsvc - ok
13:24:15.0879 0x14b4  [ 177590B0D2F8BE513626BB8C8D6E6A08, FFC37F92E55F9EF1C5D2BA4FDC0E919AEDB0C74AF1B10E5EF622BF0D194F4623 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
13:24:15.0883 0x14b4  {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
13:24:15.0886 0x14b4  ================ Scan global ===============================
13:24:15.0916 0x14b4  [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll
13:24:15.0956 0x14b4  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
13:24:15.0986 0x14b4  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
13:24:16.0100 0x14b4  [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe
13:24:16.0113 0x14b4  [ Global ] - ok
13:24:16.0114 0x14b4  ================ Scan MBR ==================================
13:24:16.0132 0x14b4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:24:16.0519 0x17d4  Object required for P2P: [ C8A3EB028DB462B6E2011BCDBA334621 ] RapportCerberus_80071
13:24:16.0789 0x14b4  \Device\Harddisk0\DR0 - ok
13:24:16.0790 0x14b4  ================ Scan VBR ==================================
13:24:16.0815 0x14b4  [ 637C2C79528DE163D2AB6C6CA271913D ] \Device\Harddisk0\DR0\Partition1
13:24:16.0873 0x14b4  \Device\Harddisk0\DR0\Partition1 - ok
13:24:16.0882 0x14b4  [ 9C1784D7CC0F2EBF8FE39A05B4DD034D ] \Device\Harddisk0\DR0\Partition2
13:24:16.0906 0x14b4  \Device\Harddisk0\DR0\Partition2 - ok
13:24:16.0907 0x14b4  ================ Scan generic autorun ======================
13:24:16.0907 0x14b4  Windows Defender - ok
13:24:17.0183 0x14b4  [ B226E09227FA658298B980AA4BB37621, A07C6803396934CBB3443EA743B8E8ADEE1C921F3AF2A3444437B152D914B2D2 ] C:\Windows\RAVCpl64.exe
13:24:17.0366 0x14b4  RtHDVCpl - ok
13:24:17.0379 0x14b4  Skytel - ok
13:24:17.0525 0x14b4  [ E1E71D80D078C576801B6FE2A29FCF85, 7A8911FF626E5EEC01D7C1922F8AD6901EFC75952ADB3FAF606506C7DB4BC54A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:24:17.0528 0x14b4  StartCCC - ok
13:24:17.0553 0x14b4  [ 0AD1782EDBC87F6C8444D59C382D9197, 574506487DAC5B1EC7F13562EFE44D0A13713CE73A4782719C94EECC998E8CFB ] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
13:24:17.0564 0x14b4  RoxWatchTray - ok
13:24:17.0588 0x14b4  [ 186C9D39541CC0DFFCC454F79AA0B0BF, 71D333B9037362650E5E4DBF4EFA3CFD49034C53F27C7FFDE8DE6149ADB6471D ] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
13:24:17.0592 0x14b4  PDVDDXSrv - ok
13:24:17.0779 0x14b4  [ E977A3AF3D7B55C2E88D6489D7AFD467, 86C586B0DC7CBB53D8B0D7CBBEF1003D682FE138091F37A1D52607AD3ACECFE8 ] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
13:24:17.0813 0x14b4  Dell DataSafe Online - ok
13:24:17.0895 0x14b4  [ ED7A6D40B20DC34BE06F4AE196AE7D50, 6BE8E459AB2957B443F03419B5A765B61DEB946F1056CEB9C43FB26EB800A835 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:24:17.0904 0x14b4  QuickTime Task - ok
13:24:18.0028 0x14b4  [ 20FFD9CA4AF20000665B73F4E56235B4, 35D3B37CA3C6D5D1C0ECC1428145C1D498C22C532CB37B5A8CD27CA71911FE7B ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
13:24:18.0035 0x14b4  ConnectionCenter - ok
13:24:18.0234 0x14b4  [ 3B78ACCCAA5132638E7CF419F4A965C7, C91DD62901778FEB6BDBABD6F736D59FD85361AE53867AD232C90D22ECB7B49F ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
13:24:18.0259 0x14b4  CanonSolutionMenuEx - ok
13:24:18.0393 0x14b4  [ 3B104EE76B142ECDFCD38ED80F0098A5, EFDB2B48255A2928B13BE922CD40FD18A12102A397036DDF2BE9C2160359695E ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
13:24:18.0407 0x14b4  Nikon Message Center 2 - ok
13:24:18.0488 0x14b4  [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
13:24:18.0493 0x14b4  ArcSoft Connection Service - ok
13:24:18.0668 0x14b4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:24:18.0689 0x14b4  Adobe ARM - ok
13:24:18.0795 0x14b4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
13:24:18.0798 0x14b4  HP Software Update - ok
13:24:18.0966 0x14b4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:24:19.0049 0x14b4  Sidebar - ok
13:24:19.0053 0x14b4  WindowsWelcomeCenter - ok
13:24:19.0189 0x14b4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:24:19.0194 0x17d4  Object send P2P result: true
13:24:19.0216 0x14b4  Sidebar - ok
13:24:19.0225 0x14b4  WindowsWelcomeCenter - ok
13:24:19.0336 0x14b4  [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe
13:24:19.0375 0x14b4  Sidebar - ok
13:24:19.0435 0x14b4  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
13:24:19.0438 0x14b4  ehTray.exe - ok
13:24:19.0550 0x14b4  [ 76E2AA43B8B1C44240C38A4CD8D3D375, 1555399049FF879AF62876C9E4240ABC6680107C2648621C30B47D6A785AEE1D ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
13:24:19.0606 0x14b4  SUPERAntiSpyware - ok
13:24:19.0612 0x14b4  WMPNSCFG - ok
13:24:19.0616 0x14b4  Waiting for KSN requests completion. In queue: 34
13:24:20.0617 0x14b4  Waiting for KSN requests completion. In queue: 34
13:24:21.0617 0x14b4  Waiting for KSN requests completion. In queue: 34
13:24:22.0644 0x14b4  AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51000 ( enabled : updated )
13:24:22.0648 0x14b4  FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
13:24:25.0153 0x14b4  ============================================================
13:24:25.0153 0x14b4  Scan finished
13:24:25.0153 0x14b4  ============================================================
13:24:25.0162 0x1774  Detected object count: 0
13:24:25.0162 0x1774  Actual detected object count: 0
 


AdwCleaner

 

# AdwCleaner v4.104 - Report created 06/12/2014 at 13:54:27
# Updated 05/12/2014 by Xplode
# Database : 2014-12-01.1 [Local]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Lewis Family - LEWISFAMILY-PC
# Running from : C:\Users\Lewis Family\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Lewis Family\Desktop\Sync Folder.lnk

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Websteroids
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v33.1 (x86 en-US)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [4022 octets] - [26/03/2014 20:23:19]
AdwCleaner[R1].txt - [1824 octets] - [26/03/2014 20:34:41]
AdwCleaner[R2].txt - [1895 octets] - [26/03/2014 20:40:07]
AdwCleaner[R3].txt - [3767 octets] - [06/12/2014 13:32:12]
AdwCleaner[R4].txt - [3451 octets] - [06/12/2014 13:54:27]
AdwCleaner[S0].txt - [3682 octets] - [26/03/2014 20:26:53]
AdwCleaner[S1].txt - [1893 octets] - [26/03/2014 20:36:21]
AdwCleaner[S2].txt - [1956 octets] - [26/03/2014 20:41:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [3691 octets] ##########
 


JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Lewis Family on 06/12/2014 at 14:53:25.99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Lewis Family\AppData\Roaming\mozilla\firefox\profiles\dzly2llr.Sue\minidumps [88 files]
Emptied folder: C:\Users\Lewis Family\AppData\Roaming\mozilla\firefox\profiles\454g5k8k.Bill\minidumps [117 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/12/2014 at 15:01:41.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Esetscan

C:\AdwCleaner\Quarantine\C\ProgramData\Websteroids\Websteroids.exe.vir    a variant of MSIL/Adware.PullUpdate.B application
C:\AdwCleaner\Quarantine\C\ProgramData\Websteroids\WebsteroidsService.exe.vir    a variant of MSIL/Adware.PullUpdate.A application
C:\Program Files (x86)\InstallConverter bundle uninstaller\uninstaller.exe    a variant of Win32/ClientConnect.A potentially unwanted application
C:\Users\Lewis Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\40af6790-4d27f04a    a variant of Java/Exploit.Agent.W trojan
C:\Users\Lewis Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\11935daa-129ad319    Java/TrojanDownloader.Agent.NCP trojan
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 06 December 2014 - 10:16 PM

Let's remove what ADW found..
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
I did not see an antivirus , did I miss it?

How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 08 December 2014 - 07:18 PM

Here's the cleaning log.

 

# AdwCleaner v4.105 - Report created 08/12/2014 at 19:00:38
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Local]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Lewis Family - LEWISFAMILY-PC
# Running from : C:\Users\Lewis Family\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v33.1 (x86 en-US)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [4022 octets] - [26/03/2014 20:23:19]
AdwCleaner[R1].txt - [1824 octets] - [26/03/2014 20:34:41]
AdwCleaner[R2].txt - [1895 octets] - [26/03/2014 20:40:07]
AdwCleaner[R3].txt - [3767 octets] - [06/12/2014 13:32:12]
AdwCleaner[R4].txt - [3827 octets] - [06/12/2014 13:54:27]
AdwCleaner[R5].txt - [1753 octets] - [08/12/2014 18:55:41]
AdwCleaner[S0].txt - [3682 octets] - [26/03/2014 20:26:53]
AdwCleaner[S1].txt - [1893 octets] - [26/03/2014 20:36:21]
AdwCleaner[S2].txt - [1956 octets] - [26/03/2014 20:41:57]
AdwCleaner[S3].txt - [2980 octets] - [06/12/2014 14:02:55]
AdwCleaner[S4].txt - [1682 octets] - [08/12/2014 19:00:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1742 octets] ##########


Alright, I ran the clean and cleaned those four items.

 

It is odd that no anti-malware programs showed up in the logs. My parents have Norton 360 on their PC. It does strike me as odd that it didn't show up. They also have Malwarebytes and Super-Antimalware, both of which were fairly out of date when I got there. The one bit of weirdness I noticed on this front was that although being out of date for nearly a year, the definitions won't update. I think the version might be very out of date, which might explain that.

 

The only other immediate weirdness I've seen was Norton Auto-Protect flipping out when I tried to grab the latest version of AdwCleaner. I had to disable it to get it downloaded.

 

Should I run some scans in Safe Mode? I don't think my parents ran Norton in safe mode when they told me they had already scanned the computer with it and I don't think they've run Malwarebytes at al.

 

What would you recommend doing as the next step? As my parents use their computer for banking, I really want to make sure things are safe for them.



#10 technonymous

technonymous

  • Members
  • 2,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 PM

Posted 08 December 2014 - 10:41 PM

Your logs look fine. However, yahoo e-mail is utter garbage and I would only use that for things that require a e-mail for a download or public use. Get a g-mail account for offical use, family, freinds, signing up for accounts etc. You can use pop mail with G-mail and get Windows live essentials e-mail client (similar to outlook) and Norton will monitor it for file attachments and worms. I also suggest anyone to head over to Comodo antivirus website and getting a free 1 year crypto e-mail signature.


Edited by technonymous, 08 December 2014 - 10:42 PM.


#11 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 10 December 2014 - 12:59 PM

Ran a Norton scan in safe mode and I found something called PerionInstaller. Norton removed it.

Is there anything else I should do?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 10 December 2014 - 01:17 PM

It looks good.. I want you to make a new topic though.. Looks like everything in your "Installed" list is installed twice.. I want to see of there is something deeper on here.to be sure.

It will take a few days for a reply.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

Edited by boopme, 10 December 2014 - 01:17 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 14 December 2014 - 03:59 PM

Thanks!

 

I've posted the logs in this topic: http://www.bleepingcomputer.com/forums/t/559825/install-list-list-installed-twice/



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 14 December 2014 - 10:50 PM

Thank You.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users