Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan.Zbot Activity 15


  • This topic is locked This topic is locked
14 replies to this topic

#1 bob1776

bob1776

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 05 January 2015 - 07:28 PM

For over a week, I keep getting a Norton 360 notice that "An intrusion attempt by C71585.com was blocked" and when I click on details it reads "IPS Alert Name  System Infected: Trojan.Zbot Activity 15."  When I look at the Norton history log, it's happening over 20 plus times each day.

 

Have tried everything to remove it, multiple times: 

 

Norton 360 full system scan

Norton Utilities registry scan and drive cleanup  

Norton FixNecurs64bit.exe removal tool

Norton Power Eraser

SUPERAntiSpyware.exe  (Version 6.0)

Malwarebytes mbam-setup-2.0.4.1028.exe

 

I've also run the FRST64.exe (Farbar Recovery Scanner Tool)

 

I'm running Windows 7 Home Premium with Service Pack 1 on a HP laptop.  Intel Core i5 CPU, 4 GB RAM, and 64 bit operating system.  Firewall and virus protection by Norton 360.  I make frequent updates to all Windows and Norton software.

 

I've ran DDS and FRST64 and have the logs for each.  Below is the DDS.txt log.  Attached is:

DDS attach.txt log

FRST.txt

FRST addition.txt 

 

Thanks for any help.  I'm new to this forum and have exhausted the little tech knowledge I might have to resolve this nightmare.  

*************

 

 

DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183  BrowserJavaVersion: 10.71.2
Run by Sal at 15:37:01 on 2015-01-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.1229 [GMT -8:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 Premier Edition *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Windows\system32\CISVC.EXE
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Windows\SysWOW64\RegAss.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
C:\Program Files (x86)\Norton Utilities 14\RMTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\WorldCard8\BinExpress\WCExpress.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\syswow64\dllhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = 192.168.*.*;*.local
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe /H
uRun: [AdobeBridge] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Sal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WCEXPR~1.LNK - C:\Program Files (x86)\WorldCard8\BinExpress\WCExpress.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001071-0002-0071-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {C2ED62BE-4FF5-4FAF-9274-3BA328DCA35C} - hxxps://timetracking.quickbooks.com/ocx/tts/TimeTrackingV2.ocx
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CD3C92F6-BAA6-41E8-99BD-3767231247D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DF726AAC-D7FC-43B3-9F0F-4B46F882D931} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DF726AAC-D7FC-43B3-9F0F-4B46F882D931}\05C61697023547164796F6E6 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{DF726AAC-D7FC-43B3-9F0F-4B46F882D931}\16474777966696 : DHCPNameServer = 192.168.5.1
TCP: Interfaces\{DF726AAC-D7FC-43B3-9F0F-4B46F882D931}\6796E616B61636166656 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{DF726AAC-D7FC-43B3-9F0F-4B46F882D931}\96E6475627E65647 : DHCPNameServer = 10.251.0.12 10.251.0.10
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files (x86)\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  EgisPwdFilter EgisDSPwdFilter
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Plantronics MyHeadset Updater] C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - <orphaned>
x64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sal\AppData\Roaming\Mozilla\Firefox\Profiles\87lv8z9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\nphdplg.dll
FF - plugin: C:\Users\Sal\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Sal\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\Sal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Sal\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
FF - ExtSQL: !HIDDEN! 2011-07-26 15:19; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 dlkmdldr;dlkmdldr;C:\Windows\System32\drivers\dlkmdldr.sys [2013-6-25 15664]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-10-12 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-10-12 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-11 1587416]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-10-12 162392]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\IPSDefs\20150102.001\IDSviA64.sys [2015-1-4 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-10-12 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-10-12 593112]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-8 89600]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2013-5-8 8998800]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-31 338168]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2010-2-4 689008]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-7-31 137528]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe [2014-10-12 265040]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-11-9 65657]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-11-26 1248256]
R2 RegAss;RegAss;C:\Windows\System32\RegAss.exe --> C:\Windows\System32\RegAss.exe [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-12 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]
R3 dlkmd;dlkmd;C:\Windows\System32\drivers\dlkmd.sys [2013-6-25 389936]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-28 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-28 271872]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-12 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-17 40448]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2013-3-20 6144]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-7-12 35104]
S3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64;C:\Windows\System32\drivers\DisplayLinkUsbIo_x64_7.6.56275.0.sys [2014-7-10 46384]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-9 1038088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2011-6-5 11776]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2013-3-19 23552]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2013-3-19 27648]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2013-3-20 12288]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\System32\drivers\nwusbser2.sys [2009-6-3 213376]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\System32\drivers\S3XXx64.sys [2012-7-31 70016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-29 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S3 ZTEusbgps;ZTE GPS Port;C:\Windows\System32\drivers\ZTEusbgps.sys [2011-6-5 121344]
S3 ZTEusbnmeaext;ZTE NMEAExt Port;C:\Windows\System32\drivers\ZTEusbnmeaext.sys [2011-6-5 121344]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2015-01-05 22:43:33 -------- d-----w- C:\FRST
2015-01-05 22:23:35 2123776 ----a-w- C:\frst64.exe
2015-01-05 05:15:08 -------- d-----w- C:\NPE
2015-01-05 02:18:16 -------- d-----w- C:\ProgramData\Malwarebytes
2015-01-04 08:30:01 -------- d-----w- C:\Program Files\iPod
2015-01-04 08:29:58 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-04 08:29:58 -------- d-----w- C:\Program Files\iTunes
2015-01-04 08:29:58 -------- d-----w- C:\Program Files (x86)\iTunes
2015-01-02 18:58:07 -------- d-----w- C:\Users\Sal\AppData\Local\NPE
2014-12-11 00:44:14 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-11 00:44:13 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-11 00:30:59 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-12-11 00:30:59 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-12-11 00:28:31 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-11 00:28:31 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-12-11 00:28:31 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-12-11 00:28:31 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-12-11 00:28:31 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-12-11 00:28:31 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-12-11 00:28:31 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-12-11 00:28:31 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-12-11 00:28:31 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-12-11 00:28:31 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-12-11 00:27:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-12-11 00:27:38 2048 ----a-w- C:\Windows\System32\tzres.dll
.
==================== Find3M  ====================
.
2014-12-15 08:51:48 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-15 08:51:48 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-21 08:38:00 2237952 ----a-w- C:\Windows\System32\wininet.dll
2014-11-21 08:37:51 600576 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-21 08:36:24 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-21 08:36:17 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-21 08:36:17 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-11-21 08:35:42 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-21 07:17:51 1762816 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 07:17:44 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-21 07:16:46 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-21 07:16:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-21 07:16:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-11-21 07:16:16 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-21 07:00:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-21 06:54:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-21 06:31:56 441856 ----a-w- C:\Windows\System32\html.iec
2014-11-21 06:24:52 361984 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-21 06:05:06 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-11-21 05:59:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-19 12:31:16 1217192 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-19 01:17:03 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-13 05:34:42 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 15:38:15.38 ===============
 


Edited by bob1776, 05 January 2015 - 07:47 PM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 06 January 2015 - 04:55 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 06 January 2015 - 12:58 PM

Thanks for the great instructions.

 

I ran the GMER rootkit scanner and then the TDDSKiller (no malicious threats found using TDDSKiller.)  Both logs are pasted below.  I'm still getting repeated Norton alerts stating System Infected: Trojan.Zbot Activity 15.

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-06 09:29:00
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PC4O 465.76GB
Running: qt8sb04h.exe; Driver: C:\Users\Sal\AppData\Local\Temp\pxldapow.sys


---- Threads - GMER 2.1 ----

Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3168]                                             0000000077952e65
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3176]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3180]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3184]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3188]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3192]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3196]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3200]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3204]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3208]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3212]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3216]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3220]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3224]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3236]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3240]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3244]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3248]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3252]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3256]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3260]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3264]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3268]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3272]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3276]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3300]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3304]                                             0000000077953e85
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3396]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3408]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3460]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3464]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3468]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3472]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3476]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3480]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3484]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3488]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3516]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3520]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3636]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:4148]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:5876]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3612]                                             0000000074b629e1
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:3964]                                             0000000077957151
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:7880]                                             0000000077953e85
Thread  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [3124:7884]                                             0000000077953e85
Thread  c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [3884:5364]                                                                  000007feedd9f5f8
Thread  c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [3884:5908]                                                                  000007feedc3bc60

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{321E759E-A771-47DC-A844-E1FE1AE65123}\Connection@Name  isatap.{4764C079-3BC9-429A-A6EC-D9747EED6EF9}
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind     \Device\{C8318DE0-D9C8-4A33-B0AF-D9FFAC3A8CD3}?\Device\{93CF7337-C93E-4F2C-8BAB-2E4D20D8DEE9}?\Device\{321E759E-A771-47DC-A844-E1FE1AE65123}?\Device\{D5A4F929-2B02-4914-8B00-B5119E907895}?
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route    "{C8318DE0-D9C8-4A33-B0AF-D9FFAC3A8CD3}"?"{93CF7337-C93E-4F2C-8BAB-2E4D20D8DEE9}"?"{321E759E-A771-47DC-A844-E1FE1AE65123}"?"{D5A4F929-2B02-4914-8B00-B5119E907895}"?
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export   \Device\TCPIP6TUNNEL_{C8318DE0-D9C8-4A33-B0AF-D9FFAC3A8CD3}?\Device\TCPIP6TUNNEL_{93CF7337-C93E-4F2C-8BAB-2E4D20D8DEE9}?\Device\TCPIP6TUNNEL_{321E759E-A771-47DC-A844-E1FE1AE65123}?\Device\TCPIP6TUNNEL_{D5A4F929-2B02-4914-8B00-B5119E907895}?
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f395586394                                                                  
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{321E759E-A771-47DC-A844-E1FE1AE65123}@InterfaceName                       isatap.{4764C079-3BC9-429A-A6EC-D9747EED6EF9}
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{321E759E-A771-47DC-A844-E1FE1AE65123}@ReusableType                        0
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{C8318DE0-D9C8-4A33-B0AF-D9FFAC3A8CD3}@InterfaceName                       isatap.{CD3C92F6-BAA6-41E8-99BD-3767231247D9}
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{C8318DE0-D9C8-4A33-B0AF-D9FFAC3A8CD3}@ReusableType                        0
Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                              83060
Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch                                                                             27314
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f395586394 (not active ControlSet)                                              

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----

09:37:32.0559 0x1bb0  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
09:37:41.0440 0x1bb0  ============================================================
09:37:41.0440 0x1bb0  Current date / time: 2015/01/06 09:37:41.0440
09:37:41.0440 0x1bb0  SystemInfo:
09:37:41.0440 0x1bb0  
09:37:41.0440 0x1bb0  OS Version: 6.1.7601 ServicePack: 1.0
09:37:41.0440 0x1bb0  Product type: Workstation
09:37:41.0440 0x1bb0  ComputerName: USS
09:37:41.0444 0x1bb0  UserName: Sal
09:37:41.0444 0x1bb0  Windows directory: C:\Windows
09:37:41.0444 0x1bb0  System windows directory: C:\Windows
09:37:41.0444 0x1bb0  Running under WOW64
09:37:41.0444 0x1bb0  Processor architecture: Intel x64
09:37:41.0444 0x1bb0  Number of processors: 4
09:37:41.0444 0x1bb0  Page size: 0x1000
09:37:41.0444 0x1bb0  Boot type: Normal boot
09:37:41.0444 0x1bb0  ============================================================
09:37:43.0131 0x1bb0  KLMD registered as C:\Windows\system32\drivers\47022892.sys
09:37:43.0404 0x1bb0  System UUID: {F3BF5A63-5AD4-0CD1-3C98-0F83C796B0EB}
09:37:43.0945 0x1bb0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:37:43.0951 0x1bb0  ============================================================
09:37:43.0951 0x1bb0  \Device\Harddisk0\DR0:
09:37:43.0961 0x1bb0  MBR partitions:
09:37:43.0961 0x1bb0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
09:37:43.0961 0x1bb0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37E09800
09:37:43.0961 0x1bb0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37E6D800, BlocksNum 0x24E4800
09:37:43.0961 0x1bb0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
09:37:43.0961 0x1bb0  ============================================================
09:37:44.0005 0x1bb0  C: <-> \Device\Harddisk0\DR0\Partition2
09:37:44.0049 0x1bb0  D: <-> \Device\Harddisk0\DR0\Partition3
09:37:44.0063 0x1bb0  E: <-> \Device\Harddisk0\DR0\Partition4
09:37:44.0063 0x1bb0  ============================================================
09:37:44.0063 0x1bb0  Initialize success
09:37:44.0063 0x1bb0  ============================================================
09:38:04.0545 0x1e28  ============================================================
09:38:04.0545 0x1e28  Scan started
09:38:04.0545 0x1e28  Mode: Manual; 
09:38:04.0545 0x1e28  ============================================================
09:38:04.0545 0x1e28  KSN ping started
09:38:08.0751 0x1e28  KSN ping finished: true
09:38:10.0098 0x1e28  ================ Scan system memory ========================
09:38:10.0098 0x1e28  System memory - ok
09:38:10.0098 0x1e28  ================ Scan services =============================
09:38:10.0315 0x1e28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:38:10.0325 0x1e28  1394ohci - ok
09:38:10.0388 0x1e28  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
09:38:10.0392 0x1e28  Accelerometer - ok
09:38:10.0424 0x1e28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:38:10.0441 0x1e28  ACPI - ok
09:38:10.0462 0x1e28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:38:10.0463 0x1e28  AcpiPmi - ok
09:38:10.0532 0x1e28  [ D44BCAF639E4E45307C2BC80715273D5, 1E1CDE13C39D835447096CBEC104A2EDDCE15D94288DB3FBB02421B8B8307989 ] adfs            C:\Windows\system32\drivers\adfs.sys
09:38:10.0538 0x1e28  adfs - ok
09:38:10.0687 0x1e28  [ 9444A3530C2E88B7ED96A566FF9CCC13, B6372B557715279A03063FD0A30512A5938A689A950B9C6AF7BBC66C15FA87A6 ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
09:38:10.0700 0x1e28  Adobe Version Cue CS4 - ok
09:38:10.0805 0x1e28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:38:10.0827 0x1e28  adp94xx - ok
09:38:10.0878 0x1e28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:38:10.0894 0x1e28  adpahci - ok
09:38:10.0933 0x1e28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:38:10.0938 0x1e28  adpu320 - ok
09:38:10.0965 0x1e28  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:38:10.0967 0x1e28  AeLookupSvc - ok
09:38:11.0059 0x1e28  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
09:38:11.0064 0x1e28  AESTFilters - ok
09:38:11.0129 0x1e28  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
09:38:11.0144 0x1e28  AFD - ok
09:38:11.0191 0x1e28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:38:11.0193 0x1e28  agp440 - ok
09:38:11.0229 0x1e28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:38:11.0233 0x1e28  ALG - ok
09:38:11.0286 0x1e28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:38:11.0288 0x1e28  aliide - ok
09:38:11.0302 0x1e28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:38:11.0304 0x1e28  amdide - ok
09:38:11.0335 0x1e28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:38:11.0339 0x1e28  AmdK8 - ok
09:38:11.0364 0x1e28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:38:11.0368 0x1e28  AmdPPM - ok
09:38:11.0393 0x1e28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:38:11.0399 0x1e28  amdsata - ok
09:38:11.0437 0x1e28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:38:11.0446 0x1e28  amdsbs - ok
09:38:11.0459 0x1e28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:38:11.0461 0x1e28  amdxata - ok
09:38:11.0521 0x1e28  [ 37EA167782AF19301AF9C05804948BB2, 6BAD7DB48485C65043BBD5D9376D2D225561506C7780E7D56B4C85D26DFB38FB ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
09:38:11.0523 0x1e28  AmUStor - ok
09:38:11.0580 0x1e28  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
09:38:11.0584 0x1e28  AppID - ok
09:38:11.0633 0x1e28  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:38:11.0635 0x1e28  AppIDSvc - ok
09:38:11.0671 0x1e28  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:38:11.0676 0x1e28  Appinfo - ok
09:38:11.0763 0x1e28  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:38:11.0767 0x1e28  Apple Mobile Device - ok
09:38:11.0810 0x1e28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:38:11.0815 0x1e28  arc - ok
09:38:11.0852 0x1e28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:38:11.0858 0x1e28  arcsas - ok
09:38:11.0984 0x1e28  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:38:12.0006 0x1e28  aspnet_state - ok
09:38:12.0036 0x1e28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:38:12.0038 0x1e28  AsyncMac - ok
09:38:12.0077 0x1e28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:38:12.0079 0x1e28  atapi - ok
09:38:12.0173 0x1e28  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:38:12.0194 0x1e28  AudioEndpointBuilder - ok
09:38:12.0216 0x1e28  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:38:12.0231 0x1e28  AudioSrv - ok
09:38:12.0288 0x1e28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:38:12.0294 0x1e28  AxInstSV - ok
09:38:12.0356 0x1e28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:38:12.0370 0x1e28  b06bdrv - ok
09:38:12.0414 0x1e28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:38:12.0421 0x1e28  b57nd60a - ok
09:38:12.0588 0x1e28  [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
09:38:12.0667 0x1e28  BCM43XX - ok
09:38:12.0773 0x1e28  [ 2E552B658273B90251E0441631DE2CA3, EE6D42A9D95E8D53B5DBF9A3F195C63505CCB9C59C63E4BF7014CDC528217723 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
09:38:12.0775 0x1e28  BcmSqlStartupSvc - ok
09:38:12.0805 0x1e28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:38:12.0809 0x1e28  BDESVC - ok
09:38:12.0839 0x1e28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:38:12.0841 0x1e28  Beep - ok
09:38:12.0920 0x1e28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:38:12.0949 0x1e28  BFE - ok
09:38:13.0203 0x1e28  [ D90F5136CB6512B2B9A855C94F79B0B5, 7E2FFDF2B1147E25EA2530DB55667352116EE676D0B6F76ED4C6FEAFC88AB5D4 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\BASHDefs\20141209.001\BHDrvx64.sys
09:38:13.0244 0x1e28  BHDrvx64 - ok
09:38:13.0303 0x1e28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:38:13.0328 0x1e28  BITS - ok
09:38:13.0357 0x1e28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:38:13.0359 0x1e28  blbdrive - ok
09:38:13.0452 0x1e28  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:13.0473 0x1e28  Bonjour Service - ok
09:38:13.0513 0x1e28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:38:13.0516 0x1e28  bowser - ok
09:38:13.0551 0x1e28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:38:13.0552 0x1e28  BrFiltLo - ok
09:38:13.0613 0x1e28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:38:13.0615 0x1e28  BrFiltUp - ok
09:38:13.0669 0x1e28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:38:13.0677 0x1e28  Browser - ok
09:38:13.0712 0x1e28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:38:13.0725 0x1e28  Brserid - ok
09:38:13.0746 0x1e28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:38:13.0749 0x1e28  BrSerWdm - ok
09:38:13.0762 0x1e28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:38:13.0764 0x1e28  BrUsbMdm - ok
09:38:13.0774 0x1e28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:38:13.0776 0x1e28  BrUsbSer - ok
09:38:13.0833 0x1e28  [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
09:38:13.0834 0x1e28  BTCFilterService - ok
09:38:13.0892 0x1e28  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:38:13.0894 0x1e28  BthEnum - ok
09:38:13.0923 0x1e28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:38:13.0927 0x1e28  BTHMODEM - ok
09:38:13.0956 0x1e28  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:38:13.0962 0x1e28  BthPan - ok
09:38:14.0000 0x1e28  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:38:14.0019 0x1e28  BTHPORT - ok
09:38:14.0061 0x1e28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:38:14.0064 0x1e28  bthserv - ok
09:38:14.0074 0x1e28  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:38:14.0077 0x1e28  BTHUSB - ok
09:38:14.0099 0x1e28  [ AF838D8029AE7C27470862D63FA54D24, 96247094D2446CEE594AD765B98DE8583762A96FE83223CB18B4CDB3A4958376 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
09:38:14.0102 0x1e28  btwaudio - ok
09:38:14.0116 0x1e28  [ 5C849BD7C78791C5CEE9F4651D7FE38D, BC93A1B911FB4A44EC4DB64AF9AFC6F2013CD76BFB6FA9E4834CFDAAAF4BCD9F ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
09:38:14.0120 0x1e28  btwavdt - ok
09:38:14.0226 0x1e28  [ 10FFB5FA51D5713D872B41A59DFC2213, E0C0EA99C862E3FCE4D121BB34DEC00E74A371DF4093A44055E70E9F4CFA3DC6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:38:14.0248 0x1e28  btwdins - ok
09:38:14.0264 0x1e28  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
09:38:14.0266 0x1e28  btwl2cap - ok
09:38:14.0297 0x1e28  [ 3E1991AFA851A36DC978B0A1B0535C8B, F55F7FDDD2A71532F163E4F14B26A09DCDB7C970E806D803418D4CE0DFF09FB6 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
09:38:14.0298 0x1e28  btwrchid - ok
09:38:14.0405 0x1e28  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys
09:38:14.0414 0x1e28  ccSet_N360 - ok
09:38:14.0445 0x1e28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:38:14.0448 0x1e28  cdfs - ok
09:38:14.0504 0x1e28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:38:14.0512 0x1e28  cdrom - ok
09:38:14.0564 0x1e28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:38:14.0569 0x1e28  CertPropSvc - ok
09:38:14.0648 0x1e28  [ 2C24DB5F78F0ACA759803001E6B4F320, 4977EBCCD7026E941E8AD997967378D3080131929B8FE4DBA6F929CEC3AAC728 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
09:38:14.0655 0x1e28  CinemaNow Service - ok
09:38:14.0697 0x1e28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:38:14.0699 0x1e28  circlass - ok
09:38:14.0724 0x1e28  [ FF60401F1C659CA2ED4BAE85D3FD14DA, 71EEA0078E1545A2F80B0020BE7113843B713DE1A5CC20D9810BD9F3889A4DB0 ] CISVC           C:\Windows\system32\CISVC.EXE
09:38:14.0726 0x1e28  CISVC - ok
09:38:14.0770 0x1e28  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:38:14.0784 0x1e28  CLFS - ok
09:38:14.0859 0x1e28  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:14.0863 0x1e28  clr_optimization_v2.0.50727_32 - ok
09:38:14.0909 0x1e28  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:38:14.0915 0x1e28  clr_optimization_v2.0.50727_64 - ok
09:38:14.0996 0x1e28  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:15.0026 0x1e28  clr_optimization_v4.0.30319_32 - ok
09:38:15.0049 0x1e28  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:38:15.0074 0x1e28  clr_optimization_v4.0.30319_64 - ok
09:38:15.0103 0x1e28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:38:15.0105 0x1e28  CmBatt - ok
09:38:15.0119 0x1e28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:38:15.0120 0x1e28  cmdide - ok
09:38:15.0193 0x1e28  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:38:15.0213 0x1e28  CNG - ok
09:38:15.0243 0x1e28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:38:15.0244 0x1e28  Compbatt - ok
09:38:15.0282 0x1e28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:38:15.0284 0x1e28  CompositeBus - ok
09:38:15.0299 0x1e28  COMSysApp - ok
09:38:15.0338 0x1e28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:38:15.0340 0x1e28  crcdisk - ok
09:38:15.0397 0x1e28  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:38:15.0407 0x1e28  CryptSvc - ok
09:38:15.0446 0x1e28  [ C72D445D22C23A14B8B97E36699C22AE, D4940968ABDBD714F3B98F395A9746D8FC0BD2B322B5EEE6DD9AD791FF63BD54 ] CSRBC           C:\Windows\system32\Drivers\csrbcx64.sys
09:38:15.0448 0x1e28  CSRBC - ok
09:38:15.0507 0x1e28  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
09:38:15.0511 0x1e28  dc3d - ok
09:38:15.0641 0x1e28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:38:15.0671 0x1e28  DcomLaunch - ok
09:38:15.0709 0x1e28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:38:15.0719 0x1e28  defragsvc - ok
09:38:15.0779 0x1e28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:38:15.0785 0x1e28  DfsC - ok
09:38:15.0861 0x1e28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:38:15.0875 0x1e28  Dhcp - ok
09:38:15.0894 0x1e28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:38:15.0896 0x1e28  discache - ok
09:38:15.0929 0x1e28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:38:15.0932 0x1e28  Disk - ok
09:38:16.0340 0x1e28  [ 9593F0E5C69D855A86778E29EDB57B21, 758CE9AA74127F775E5ABEDD5856A9AC7D00769A8503A4078F83D608CC847903 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
09:38:16.0671 0x1e28  DisplayLinkService - ok
09:38:16.0746 0x1e28  [ 4D4C4139497EAB6C46C2006BBE0EC866, 1C060C84184ECD829FE1DFC9A1515B773B9C8682E0EAFB32BF215E93AB7CDA9F ] DisplayLinkUsbIo_x64 C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.6.56275.0.sys
09:38:16.0749 0x1e28  DisplayLinkUsbIo_x64 - ok
09:38:16.0779 0x1e28  DisplayLinkUsbPort - ok
09:38:16.0856 0x1e28  [ 04D5F6658E6B2C84B87AB268F581C63C, BAE4BE5E80A84224031D2EAEC7078AA60D8435F0F0DE889943F22E21530BFA6F ] dlkmd           C:\Windows\system32\drivers\dlkmd.sys
09:38:16.0869 0x1e28  dlkmd - ok
09:38:16.0903 0x1e28  [ 69C062163DCA5FD01169A56EE91785C4, 062E5BFFD81C2B9D75127942D301AFD4642457C0272F23AD1CE2072C06DB7D56 ] dlkmdldr        C:\Windows\system32\drivers\dlkmdldr.sys
09:38:16.0904 0x1e28  dlkmdldr - ok
09:38:16.0956 0x1e28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:38:16.0966 0x1e28  Dnscache - ok
09:38:17.0015 0x1e28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:38:17.0027 0x1e28  dot3svc - ok
09:38:17.0064 0x1e28  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
09:38:17.0069 0x1e28  dot4 - ok
09:38:17.0104 0x1e28  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:38:17.0106 0x1e28  Dot4Print - ok
09:38:17.0119 0x1e28  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
09:38:17.0123 0x1e28  dot4usb - ok
09:38:17.0148 0x1e28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:38:17.0156 0x1e28  DPS - ok
09:38:17.0206 0x1e28  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:38:17.0207 0x1e28  drmkaud - ok
09:38:17.0235 0x1e28  [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO           C:\Windows\system32\DRIVERS\dvmio.sys
09:38:17.0237 0x1e28  DVMIO - ok
09:38:17.0336 0x1e28  [ B66B5B27C8C9881F90435A1F7FE370C3, DC257C7C971C3A268ED2982B14CDB5E1F61733E535C7BC24A1DFEB517246301F ] DvmMDES         C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
09:38:17.0349 0x1e28  DvmMDES - ok
09:38:17.0415 0x1e28  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:38:17.0444 0x1e28  DXGKrnl - ok
09:38:17.0495 0x1e28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:38:17.0502 0x1e28  EapHost - ok
09:38:17.0710 0x1e28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:38:17.0795 0x1e28  ebdrv - ok
09:38:17.0911 0x1e28  [ 47A68B3DBBB34D4FE61DE221A8536627, BC61CE4BD4F3A12C75BA6EB9D239F24CD3F54495DE9D6C901F4DAF5D92E8366B ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:38:17.0925 0x1e28  eeCtrl - ok
09:38:17.0977 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
09:38:17.0981 0x1e28  EFS - ok
09:38:18.0068 0x1e28  [ B15B00955C4A4413B1CB3F056D65148D, 8A010B2DB14AC33636AF1310D5E8FF99A6B883967C168ECC6A3FA9B752B6E192 ] EgisTec Service C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
09:38:18.0089 0x1e28  EgisTec Service - ok
09:38:18.0179 0x1e28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:38:18.0199 0x1e28  ehRecvr - ok
09:38:18.0230 0x1e28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:38:18.0234 0x1e28  ehSched - ok
09:38:18.0282 0x1e28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:38:18.0296 0x1e28  elxstor - ok
09:38:18.0379 0x1e28  [ B9773081AAF65E6D553496BA0CADCBB3, 3A77A12544755BFA1ABAA6DC53E5F03522627F57EF7092E3CC54C6431C75076A ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:38:18.0386 0x1e28  EraserUtilRebootDrv - ok
09:38:18.0426 0x1e28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:38:18.0427 0x1e28  ErrDev - ok
09:38:18.0487 0x1e28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:38:18.0505 0x1e28  EventSystem - ok
09:38:18.0539 0x1e28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:38:18.0545 0x1e28  exfat - ok
09:38:18.0601 0x1e28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:38:18.0607 0x1e28  fastfat - ok
09:38:18.0694 0x1e28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:38:18.0725 0x1e28  Fax - ok
09:38:18.0746 0x1e28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:38:18.0748 0x1e28  fdc - ok
09:38:18.0764 0x1e28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:38:18.0765 0x1e28  fdPHost - ok
09:38:18.0778 0x1e28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:38:18.0780 0x1e28  FDResPub - ok
09:38:18.0793 0x1e28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:38:18.0795 0x1e28  FileInfo - ok
09:38:18.0811 0x1e28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:38:18.0813 0x1e28  Filetrace - ok
09:38:18.0933 0x1e28  [ 7E76EED28B8B8696B7F7ED5F757AA304, 4D42711B63F90FF9AF3D6C8E4EDB3FF08CAB6FE5131D9A43F4D10D1CA51F7378 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
09:38:18.0949 0x1e28  FileZilla Server - ok
09:38:19.0015 0x1e28  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:38:19.0033 0x1e28  FLEXnet Licensing Service - ok
09:38:19.0120 0x1e28  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
09:38:19.0149 0x1e28  FLEXnet Licensing Service 64 - ok
09:38:19.0182 0x1e28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:38:19.0183 0x1e28  flpydisk - ok
09:38:19.0233 0x1e28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:38:19.0246 0x1e28  FltMgr - ok
09:38:19.0360 0x1e28  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:38:19.0392 0x1e28  FontCache - ok
09:38:19.0448 0x1e28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:38:19.0451 0x1e28  FontCache3.0.0.0 - ok
09:38:19.0479 0x1e28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:38:19.0483 0x1e28  FsDepends - ok
09:38:19.0523 0x1e28  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
09:38:19.0526 0x1e28  fssfltr - ok
09:38:19.0644 0x1e28  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:38:19.0685 0x1e28  fsssvc - ok
09:38:19.0726 0x1e28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:38:19.0727 0x1e28  Fs_Rec - ok
09:38:19.0798 0x1e28  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:38:19.0808 0x1e28  fvevol - ok
09:38:19.0831 0x1e28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:38:19.0835 0x1e28  gagp30kx - ok
09:38:19.0897 0x1e28  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:38:19.0900 0x1e28  GEARAspiWDM - ok
09:38:19.0964 0x1e28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:38:19.0990 0x1e28  gpsvc - ok
09:38:20.0117 0x1e28  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:38:20.0123 0x1e28  gupdate - ok
09:38:20.0141 0x1e28  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:38:20.0146 0x1e28  gupdatem - ok
09:38:20.0205 0x1e28  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:20.0215 0x1e28  gusvc - ok
09:38:20.0242 0x1e28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:38:20.0244 0x1e28  hcw85cir - ok
09:38:20.0292 0x1e28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:38:20.0309 0x1e28  HdAudAddService - ok
09:38:20.0336 0x1e28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:38:20.0340 0x1e28  HDAudBus - ok
09:38:20.0358 0x1e28  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
09:38:20.0360 0x1e28  HECIx64 - ok
09:38:20.0375 0x1e28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:38:20.0377 0x1e28  HidBatt - ok
09:38:20.0395 0x1e28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:38:20.0399 0x1e28  HidBth - ok
09:38:20.0420 0x1e28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:38:20.0421 0x1e28  HidIr - ok
09:38:20.0444 0x1e28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:38:20.0446 0x1e28  hidserv - ok
09:38:20.0488 0x1e28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:38:20.0490 0x1e28  HidUsb - ok
09:38:20.0530 0x1e28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:38:20.0537 0x1e28  hkmsvc - ok
09:38:20.0627 0x1e28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:38:20.0640 0x1e28  HomeGroupListener - ok
09:38:20.0692 0x1e28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:38:20.0703 0x1e28  HomeGroupProvider - ok
09:38:20.0764 0x1e28  [ 13BB1114451C63BFB41BA7DAA4D70A29, A07D27DCD1D5F333973DDF7E91BF902307088C48696EE1D1970A0152A507231B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:38:20.0769 0x1e28  HP Support Assistant Service - ok
09:38:20.0825 0x1e28  [ A2DE0A67C77EBC6DFAD3D55232790ADD, 12374AD692CE8FA2462DA590D31BF847B61EBC3EFBC0690C1A746AFFA6C13C3A ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
09:38:20.0830 0x1e28  HP Wireless Assistant Service - ok
09:38:20.0914 0x1e28  [ C958976C7DAAF47084A33EBBC6E28B84, AAC98901E25911EA6FF65E95007CE2F75B31145ACFADF92CBA48BCAE54CD96EE ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
09:38:20.0920 0x1e28  HPDrvMntSvc.exe - ok
09:38:20.0966 0x1e28  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
09:38:20.0968 0x1e28  hpdskflt - ok
09:38:21.0070 0x1e28  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
09:38:21.0082 0x1e28  hpqcxs08 - ok
09:38:21.0124 0x1e28  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
09:38:21.0131 0x1e28  hpqddsvc - ok
09:38:21.0202 0x1e28  [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559, FCC28D44C1E3F6FF65C596CDA9BF09C03D4EF3EEFCDB628954A07B0D3E182F3B ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:38:21.0227 0x1e28  hpqwmiex - ok
09:38:21.0284 0x1e28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:38:21.0289 0x1e28  HpSAMD - ok
09:38:21.0364 0x1e28  [ 7F57926169C1B8ABA9274EA7D4B70F18, A2BB01054737C6B0461381221D1C344951AC2BE9E5AE01E15A6871B31B62BE78 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:38:21.0392 0x1e28  HPSLPSVC - ok
09:38:21.0431 0x1e28  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
09:38:21.0433 0x1e28  hpsrv - ok
09:38:21.0469 0x1e28  [ B6492D01712A22FF3FEA25A999DBD321, DA0BB9F4EC5352409F492378168C5A256186B1E76463C72ADE06C63F46363BEF ] HPWMISVC        C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
09:38:21.0471 0x1e28  HPWMISVC - ok
09:38:21.0547 0x1e28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:38:21.0570 0x1e28  HTTP - ok
09:38:21.0603 0x1e28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:38:21.0605 0x1e28  hwpolicy - ok
09:38:21.0667 0x1e28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:38:21.0673 0x1e28  i8042prt - ok
09:38:21.0727 0x1e28  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:38:21.0748 0x1e28  iaStor - ok
09:38:21.0836 0x1e28  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:38:21.0837 0x1e28  IAStorDataMgrSvc - ok
09:38:21.0907 0x1e28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:38:21.0925 0x1e28  iaStorV - ok
09:38:22.0026 0x1e28  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:38:22.0050 0x1e28  idsvc - ok
09:38:22.0244 0x1e28  [ B463A82741E67093B7DBAE8D460159D0, E4DD5FFF9F2C4322AD7E05DEAB5200346196995CBDAD5F7A583748041BB048A6 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\IPSDefs\20150102.001\IDSvia64.sys
09:38:22.0268 0x1e28  IDSVia64 - ok
09:38:22.0661 0x1e28  [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:38:23.0028 0x1e28  igfx - ok
09:38:23.0077 0x1e28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:38:23.0079 0x1e28  iirsp - ok
09:38:23.0137 0x1e28  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:38:23.0160 0x1e28  IKEEXT - ok
09:38:23.0193 0x1e28  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
09:38:23.0198 0x1e28  Impcd - ok
09:38:23.0229 0x1e28  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:38:23.0237 0x1e28  IntcDAud - ok
09:38:23.0271 0x1e28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:38:23.0273 0x1e28  intelide - ok
09:38:23.0307 0x1e28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:38:23.0311 0x1e28  intelppm - ok
09:38:23.0342 0x1e28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:38:23.0348 0x1e28  IPBusEnum - ok
09:38:23.0392 0x1e28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:38:23.0396 0x1e28  IpFilterDriver - ok
09:38:23.0472 0x1e28  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:38:23.0496 0x1e28  iphlpsvc - ok
09:38:23.0534 0x1e28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:38:23.0540 0x1e28  IPMIDRV - ok
09:38:23.0557 0x1e28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:38:23.0561 0x1e28  IPNAT - ok
09:38:23.0677 0x1e28  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:38:23.0697 0x1e28  iPod Service - ok
09:38:23.0727 0x1e28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:38:23.0729 0x1e28  IRENUM - ok
09:38:23.0768 0x1e28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:38:23.0770 0x1e28  isapnp - ok
09:38:23.0817 0x1e28  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:38:23.0830 0x1e28  iScsiPrt - ok
09:38:23.0857 0x1e28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:38:23.0860 0x1e28  kbdclass - ok
09:38:23.0885 0x1e28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:38:23.0887 0x1e28  kbdhid - ok
09:38:23.0902 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
09:38:23.0905 0x1e28  KeyIso - ok
09:38:23.0947 0x1e28  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:38:23.0953 0x1e28  KSecDD - ok
09:38:24.0001 0x1e28  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:38:24.0009 0x1e28  KSecPkg - ok
09:38:24.0021 0x1e28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:38:24.0023 0x1e28  ksthunk - ok
09:38:24.0067 0x1e28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:38:24.0084 0x1e28  KtmRm - ok
09:38:24.0145 0x1e28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:38:24.0159 0x1e28  LanmanServer - ok
09:38:24.0204 0x1e28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:38:24.0211 0x1e28  LanmanWorkstation - ok
09:38:24.0244 0x1e28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:38:24.0247 0x1e28  lltdio - ok
09:38:24.0281 0x1e28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:38:24.0295 0x1e28  lltdsvc - ok
09:38:24.0315 0x1e28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:38:24.0317 0x1e28  lmhosts - ok
09:38:24.0375 0x1e28  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:38:24.0388 0x1e28  LMS - ok
09:38:24.0436 0x1e28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:38:24.0440 0x1e28  LSI_FC - ok
09:38:24.0458 0x1e28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:38:24.0461 0x1e28  LSI_SAS - ok
09:38:24.0495 0x1e28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:38:24.0498 0x1e28  LSI_SAS2 - ok
09:38:24.0518 0x1e28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:38:24.0522 0x1e28  LSI_SCSI - ok
09:38:24.0543 0x1e28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:38:24.0548 0x1e28  luafv - ok
09:38:24.0655 0x1e28  [ 36EFC8C32829A27BAF0E63BFDBD5EE90, 7B8C211FFDFBD5D2D9680FA4633379185740876919709F8B41515BAD95BD215B ] massfilter      C:\Windows\system32\drivers\massfilter.sys
09:38:24.0657 0x1e28  massfilter - ok
09:38:24.0691 0x1e28  MBAMSwissArmy - ok
09:38:24.0735 0x1e28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:38:24.0741 0x1e28  Mcx2Svc - ok
09:38:24.0772 0x1e28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:38:24.0774 0x1e28  megasas - ok
09:38:24.0814 0x1e28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:38:24.0826 0x1e28  MegaSR - ok
09:38:24.0859 0x1e28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:38:24.0863 0x1e28  MMCSS - ok
09:38:24.0892 0x1e28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:38:24.0895 0x1e28  Modem - ok
09:38:24.0942 0x1e28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:38:24.0944 0x1e28  monitor - ok
09:38:25.0001 0x1e28  [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
09:38:25.0004 0x1e28  motccgp - ok
09:38:25.0009 0x1e28  motccgpfl - ok
09:38:25.0031 0x1e28  motmodem - ok
09:38:25.0155 0x1e28  [ 1BCB26A55B2E092FAA4DA01D9A3DE528, A4A00F6DAB0EB8AC750184221E19F6182DC8A4CAD87D1259DC15AAF7ACA82360 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
09:38:25.0162 0x1e28  Motorola Device Manager - ok
09:38:25.0176 0x1e28  [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
09:38:25.0178 0x1e28  MotoSwitchService - ok
09:38:25.0194 0x1e28  [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
09:38:25.0196 0x1e28  Motousbnet - ok
09:38:25.0226 0x1e28  [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
09:38:25.0227 0x1e28  motusbdevice - ok
09:38:25.0273 0x1e28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:38:25.0276 0x1e28  mouclass - ok
09:38:25.0313 0x1e28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:38:25.0316 0x1e28  mouhid - ok
09:38:25.0361 0x1e28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:38:25.0365 0x1e28  mountmgr - ok
09:38:25.0458 0x1e28  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:38:25.0464 0x1e28  MozillaMaintenance - ok
09:38:25.0511 0x1e28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:38:25.0519 0x1e28  mpio - ok
09:38:25.0535 0x1e28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:38:25.0541 0x1e28  mpsdrv - ok
09:38:25.0645 0x1e28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:38:25.0669 0x1e28  MpsSvc - ok
09:38:25.0706 0x1e28  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:38:25.0711 0x1e28  MRxDAV - ok
09:38:25.0748 0x1e28  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:38:25.0757 0x1e28  mrxsmb - ok
09:38:25.0800 0x1e28  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:38:25.0811 0x1e28  mrxsmb10 - ok
09:38:25.0825 0x1e28  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:38:25.0830 0x1e28  mrxsmb20 - ok
09:38:25.0880 0x1e28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:38:25.0881 0x1e28  msahci - ok
09:38:25.0910 0x1e28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:38:25.0914 0x1e28  msdsm - ok
09:38:25.0939 0x1e28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:38:25.0944 0x1e28  MSDTC - ok
09:38:25.0978 0x1e28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:38:25.0979 0x1e28  Msfs - ok
09:38:25.0995 0x1e28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:38:25.0996 0x1e28  mshidkmdf - ok
09:38:26.0032 0x1e28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:38:26.0033 0x1e28  msisadrv - ok
09:38:26.0063 0x1e28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:38:26.0068 0x1e28  MSiSCSI - ok
09:38:26.0072 0x1e28  msiserver - ok
09:38:26.0095 0x1e28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:38:26.0096 0x1e28  MSKSSRV - ok
09:38:26.0111 0x1e28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:38:26.0112 0x1e28  MSPCLOCK - ok
09:38:26.0125 0x1e28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:38:26.0126 0x1e28  MSPQM - ok
09:38:26.0169 0x1e28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:38:26.0180 0x1e28  MsRPC - ok
09:38:26.0193 0x1e28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:38:26.0194 0x1e28  mssmbios - ok
09:38:26.0267 0x1e28  MSSQL$MSSMLBIZ - ok
09:38:26.0336 0x1e28  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:38:26.0339 0x1e28  MSSQLServerADHelper100 - ok
09:38:26.0379 0x1e28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:38:26.0381 0x1e28  MSTEE - ok
09:38:26.0396 0x1e28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:38:26.0398 0x1e28  MTConfig - ok
09:38:26.0420 0x1e28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:38:26.0423 0x1e28  Mup - ok
09:38:26.0658 0x1e28  [ A0C88349651D9F5421AFD363C27102E8, 71D5F7EDAF47AB1376444CB648BFD86CEA36735EE42A9935BDB876DF8F765F45 ] N360            C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
09:38:26.0670 0x1e28  N360 - ok
09:38:26.0751 0x1e28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:38:26.0769 0x1e28  napagent - ok
09:38:26.0817 0x1e28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:38:26.0826 0x1e28  NativeWifiP - ok
09:38:26.0944 0x1e28  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\VirusDefs\20150104.024\ENG64.SYS
09:38:26.0951 0x1e28  NAVENG - ok
09:38:27.0068 0x1e28  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\21.0.0.100\Definitions\VirusDefs\20150104.024\EX64.SYS
09:38:27.0124 0x1e28  NAVEX15 - ok
09:38:27.0185 0x1e28  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:38:27.0209 0x1e28  NDIS - ok
09:38:27.0240 0x1e28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:38:27.0242 0x1e28  NdisCap - ok
09:38:27.0265 0x1e28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:38:27.0267 0x1e28  NdisTapi - ok
09:38:27.0314 0x1e28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:38:27.0318 0x1e28  Ndisuio - ok
09:38:27.0358 0x1e28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:38:27.0366 0x1e28  NdisWan - ok
09:38:27.0400 0x1e28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:38:27.0403 0x1e28  NDProxy - ok
09:38:27.0461 0x1e28  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:38:27.0466 0x1e28  Net Driver HPZ12 - ok
09:38:27.0477 0x1e28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:38:27.0480 0x1e28  NetBIOS - ok
09:38:27.0533 0x1e28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:38:27.0542 0x1e28  NetBT - ok
09:38:27.0602 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
09:38:27.0605 0x1e28  Netlogon - ok
09:38:27.0649 0x1e28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:38:27.0665 0x1e28  Netman - ok
09:38:27.0740 0x1e28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:27.0749 0x1e28  NetMsmqActivator - ok
09:38:27.0766 0x1e28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:27.0772 0x1e28  NetPipeActivator - ok
09:38:27.0796 0x1e28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:38:27.0808 0x1e28  netprofm - ok
09:38:27.0815 0x1e28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:27.0819 0x1e28  NetTcpActivator - ok
09:38:27.0825 0x1e28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:27.0829 0x1e28  NetTcpPortSharing - ok
09:38:28.0054 0x1e28  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
09:38:28.0190 0x1e28  netw5v64 - ok
09:38:28.0228 0x1e28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:38:28.0231 0x1e28  nfrd960 - ok
09:38:28.0280 0x1e28  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:38:28.0295 0x1e28  NlaSvc - ok
09:38:28.0314 0x1e28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:38:28.0316 0x1e28  Npfs - ok
09:38:28.0337 0x1e28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:38:28.0340 0x1e28  nsi - ok
09:38:28.0346 0x1e28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:38:28.0347 0x1e28  nsiproxy - ok
09:38:28.0458 0x1e28  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:38:28.0500 0x1e28  Ntfs - ok
09:38:28.0512 0x1e28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:38:28.0513 0x1e28  Null - ok
09:38:28.0542 0x1e28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:38:28.0547 0x1e28  nvraid - ok
09:38:28.0624 0x1e28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:38:28.0632 0x1e28  nvstor - ok
09:38:28.0685 0x1e28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:38:28.0692 0x1e28  nv_agp - ok
09:38:28.0755 0x1e28  [ 17BCF5DF3C54DCF2AF2E164EB84A0169, 442882D7C13D44FE9936AF388209D7CB64E6B151F85C186B49E1287CD4FAE7E6 ] NWADI           C:\Windows\system32\DRIVERS\NWADIenum.sys
09:38:28.0768 0x1e28  NWADI - ok
09:38:28.0818 0x1e28  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWUSBModem      C:\Windows\system32\DRIVERS\nwusbmdm.sys
09:38:28.0829 0x1e28  NWUSBModem - ok
09:38:28.0874 0x1e28  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWUSBPort       C:\Windows\system32\DRIVERS\nwusbser.sys
09:38:28.0881 0x1e28  NWUSBPort - ok
09:38:28.0925 0x1e28  [ A3FADCF96ABF4803E7A946CD48641AC3, BA8C11B7234A64787AD313079639908E05C85F252A8C381AEADF1A8945A5C181 ] NWUSBPort2      C:\Windows\system32\DRIVERS\nwusbser2.sys
09:38:28.0931 0x1e28  NWUSBPort2 - ok
09:38:28.0949 0x1e28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:38:28.0952 0x1e28  ohci1394 - ok
09:38:29.0005 0x1e28  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:29.0013 0x1e28  ose - ok
09:38:29.0243 0x1e28  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:38:29.0366 0x1e28  osppsvc - ok
09:38:29.0409 0x1e28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:38:29.0419 0x1e28  p2pimsvc - ok
09:38:29.0447 0x1e28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:38:29.0460 0x1e28  p2psvc - ok
09:38:29.0482 0x1e28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:38:29.0485 0x1e28  Parport - ok
09:38:29.0525 0x1e28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:38:29.0530 0x1e28  partmgr - ok
09:38:29.0601 0x1e28  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:38:29.0612 0x1e28  PcaSvc - ok
09:38:29.0635 0x1e28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:38:29.0644 0x1e28  pci - ok
09:38:29.0681 0x1e28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:38:29.0683 0x1e28  pciide - ok
09:38:29.0720 0x1e28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:38:29.0730 0x1e28  pcmcia - ok
09:38:29.0748 0x1e28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:38:29.0752 0x1e28  pcw - ok
09:38:29.0822 0x1e28  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:38:29.0840 0x1e28  PEAUTH - ok
09:38:29.0929 0x1e28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:38:29.0932 0x1e28  PerfHost - ok
09:38:30.0017 0x1e28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:38:30.0053 0x1e28  pla - ok
09:38:30.0103 0x1e28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:38:30.0123 0x1e28  PlugPlay - ok
09:38:30.0172 0x1e28  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:38:30.0178 0x1e28  Pml Driver HPZ12 - ok
09:38:30.0204 0x1e28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:38:30.0207 0x1e28  PNRPAutoReg - ok
09:38:30.0238 0x1e28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:38:30.0252 0x1e28  PNRPsvc - ok
09:38:30.0307 0x1e28  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
09:38:30.0311 0x1e28  Point64 - ok
09:38:30.0378 0x1e28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:38:30.0397 0x1e28  PolicyAgent - ok
09:38:30.0426 0x1e28  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:38:30.0434 0x1e28  Power - ok
09:38:30.0468 0x1e28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:38:30.0472 0x1e28  PptpMiniport - ok
09:38:30.0500 0x1e28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:38:30.0503 0x1e28  Processor - ok
09:38:30.0553 0x1e28  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:38:30.0560 0x1e28  ProfSvc - ok
09:38:30.0577 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:38:30.0578 0x1e28  ProtectedStorage - ok
09:38:30.0630 0x1e28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:38:30.0634 0x1e28  Psched - ok
09:38:30.0784 0x1e28  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
09:38:30.0788 0x1e28  PST Service - ok
09:38:30.0863 0x1e28  [ 7D1014036A7D97601A9BC1BD65C3BAEA, F6CC87C58CB885AAC10F7E8B56C391B68655B0292EA0E13C7881350926020D5E ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:38:30.0866 0x1e28  QBCFMonitorService - ok
09:38:30.0947 0x1e28  [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:38:30.0951 0x1e28  QBFCService - ok
09:38:31.0027 0x1e28  [ 53411630C482DD481547FF7FF7E0D7D1, 459C7124B27F5547CD19E767B59A28BC1550F76553666381E5A12ACA48F56160 ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
09:38:31.0058 0x1e28  QBVSS - ok
09:38:31.0157 0x1e28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:38:31.0197 0x1e28  ql2300 - ok
09:38:31.0212 0x1e28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:38:31.0216 0x1e28  ql40xx - ok
09:38:31.0249 0x1e28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:38:31.0256 0x1e28  QWAVE - ok
09:38:31.0284 0x1e28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:38:31.0286 0x1e28  QWAVEdrv - ok
09:38:31.0296 0x1e28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:38:31.0298 0x1e28  RasAcd - ok
09:38:31.0310 0x1e28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:38:31.0312 0x1e28  RasAgileVpn - ok
09:38:31.0335 0x1e28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:38:31.0339 0x1e28  RasAuto - ok
09:38:31.0378 0x1e28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:38:31.0382 0x1e28  Rasl2tp - ok
09:38:31.0429 0x1e28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:38:31.0449 0x1e28  RasMan - ok
09:38:31.0468 0x1e28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:38:31.0471 0x1e28  RasPppoe - ok
09:38:31.0489 0x1e28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:38:31.0492 0x1e28  RasSstp - ok
09:38:31.0545 0x1e28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:38:31.0555 0x1e28  rdbss - ok
09:38:31.0613 0x1e28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:38:31.0614 0x1e28  rdpbus - ok
09:38:31.0643 0x1e28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:38:31.0643 0x1e28  RDPCDD - ok
09:38:31.0656 0x1e28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:38:31.0657 0x1e28  RDPENCDD - ok
09:38:31.0673 0x1e28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:38:31.0674 0x1e28  RDPREFMP - ok
09:38:31.0710 0x1e28  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:38:31.0716 0x1e28  RDPWD - ok
09:38:31.0774 0x1e28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:38:31.0780 0x1e28  rdyboost - ok
09:38:31.0830 0x1e28  RegAss - ok
09:38:31.0860 0x1e28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:38:31.0863 0x1e28  RemoteAccess - ok
09:38:31.0896 0x1e28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:38:31.0901 0x1e28  RemoteRegistry - ok
09:38:31.0937 0x1e28  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:38:31.0942 0x1e28  RFCOMM - ok
09:38:31.0957 0x1e28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:38:31.0961 0x1e28  RpcEptMapper - ok
09:38:31.0987 0x1e28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:38:31.0988 0x1e28  RpcLocator - ok
09:38:32.0031 0x1e28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:38:32.0044 0x1e28  RpcSs - ok
09:38:32.0076 0x1e28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:38:32.0079 0x1e28  rspndr - ok
09:38:32.0124 0x1e28  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:38:32.0133 0x1e28  RTL8167 - ok
09:38:32.0172 0x1e28  [ EABC640DD0E22C0AE213BE60FDECDF05, 9AB2B1FB227C7C8B8EE9EFF6A3DBDA29A8E4B2309220E7E1D32EECFCD20C48A3 ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
09:38:32.0175 0x1e28  S3XXx64 - ok
09:38:32.0193 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
09:38:32.0195 0x1e28  SamSs - ok
09:38:32.0236 0x1e28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:38:32.0239 0x1e28  sbp2port - ok
09:38:32.0269 0x1e28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:38:32.0275 0x1e28  SCardSvr - ok
09:38:32.0307 0x1e28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:38:32.0309 0x1e28  scfilter - ok
09:38:32.0383 0x1e28  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:38:32.0411 0x1e28  Schedule - ok
09:38:32.0448 0x1e28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:38:32.0450 0x1e28  SCPolicySvc - ok
09:38:32.0494 0x1e28  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
09:38:32.0501 0x1e28  sdbus - ok
09:38:32.0547 0x1e28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:38:32.0557 0x1e28  SDRSVC - ok
09:38:32.0599 0x1e28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:38:32.0601 0x1e28  secdrv - ok
09:38:32.0657 0x1e28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:38:32.0661 0x1e28  seclogon - ok
09:38:32.0728 0x1e28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:38:32.0733 0x1e28  SENS - ok
09:38:32.0768 0x1e28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:38:32.0772 0x1e28  SensrSvc - ok
09:38:32.0783 0x1e28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:38:32.0785 0x1e28  Serenum - ok
09:38:32.0808 0x1e28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:38:32.0813 0x1e28  Serial - ok
09:38:32.0865 0x1e28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:38:32.0868 0x1e28  sermouse - ok
09:38:32.0917 0x1e28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:38:32.0925 0x1e28  SessionEnv - ok
09:38:32.0942 0x1e28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:38:32.0944 0x1e28  sffdisk - ok
09:38:32.0956 0x1e28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:38:32.0958 0x1e28  sffp_mmc - ok
09:38:32.0974 0x1e28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:38:32.0976 0x1e28  sffp_sd - ok
09:38:32.0994 0x1e28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:38:32.0996 0x1e28  sfloppy - ok
09:38:33.0042 0x1e28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:38:33.0061 0x1e28  SharedAccess - ok
09:38:33.0119 0x1e28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:38:33.0130 0x1e28  ShellHWDetection - ok
09:38:33.0159 0x1e28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:38:33.0161 0x1e28  SiSRaid2 - ok
09:38:33.0181 0x1e28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:38:33.0184 0x1e28  SiSRaid4 - ok
09:38:33.0266 0x1e28  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:38:33.0281 0x1e28  SkypeUpdate - ok
09:38:33.0314 0x1e28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:38:33.0319 0x1e28  Smb - ok
09:38:33.0348 0x1e28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:38:33.0352 0x1e28  SNMPTRAP - ok
09:38:33.0367 0x1e28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:38:33.0369 0x1e28  spldr - ok
09:38:33.0439 0x1e28  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:38:33.0460 0x1e28  Spooler - ok
09:38:33.0627 0x1e28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:38:33.0715 0x1e28  sppsvc - ok
09:38:33.0761 0x1e28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:38:33.0767 0x1e28  sppuinotify - ok
09:38:33.0871 0x1e28  [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
09:38:33.0887 0x1e28  SQLAgent$MSSMLBIZ - ok
09:38:33.0948 0x1e28  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:38:33.0961 0x1e28  SQLBrowser - ok
09:38:34.0010 0x1e28  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:38:34.0018 0x1e28  SQLWriter - ok
09:38:34.0177 0x1e28  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS
09:38:34.0200 0x1e28  SRTSP - ok
09:38:34.0205 0x1e28  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS
09:38:34.0207 0x1e28  SRTSPX - ok
09:38:34.0260 0x1e28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:38:34.0272 0x1e28  srv - ok
09:38:34.0299 0x1e28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:38:34.0309 0x1e28  srv2 - ok
09:38:34.0350 0x1e28  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
09:38:34.0358 0x1e28  SrvHsfHDA - ok
09:38:34.0431 0x1e28  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
09:38:34.0470 0x1e28  SrvHsfV92 - ok
09:38:34.0511 0x1e28  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
09:38:34.0531 0x1e28  SrvHsfWinac - ok
09:38:34.0620 0x1e28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:38:34.0628 0x1e28  srvnet - ok
09:38:34.0658 0x1e28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:38:34.0668 0x1e28  SSDPSRV - ok
09:38:34.0703 0x1e28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:38:34.0706 0x1e28  SstpSvc - ok
09:38:34.0838 0x1e28  [ B2D8B364A831427A5741F6C408FA8AE3, 17BA3A936B26A2E4169F87C5E84DDA1E7892511D6B8A2E39564CCC930F582A64 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
09:38:34.0852 0x1e28  STacSV - ok
09:38:34.0891 0x1e28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:38:34.0893 0x1e28  stexstor - ok
09:38:34.0944 0x1e28  [ EF5ACDE92BA3F691BBFEF781CB063501, 4E16919DE52D8766FF88921F6B95B4015842F28EA19EAEF1D808BB3161713583 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
09:38:34.0961 0x1e28  STHDA - ok
09:38:35.0027 0x1e28  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
09:38:35.0029 0x1e28  StillCam - ok
09:38:35.0109 0x1e28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:38:35.0135 0x1e28  stisvc - ok
09:38:35.0173 0x1e28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:38:35.0175 0x1e28  swenum - ok
09:38:35.0221 0x1e28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:38:35.0237 0x1e28  swprv - ok
09:38:35.0284 0x1e28  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1506000.020\SYMDS64.SYS
09:38:35.0297 0x1e28  SymDS - ok
09:38:35.0380 0x1e28  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS
09:38:35.0411 0x1e28  SymEFA - ok
09:38:35.0490 0x1e28  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:38:35.0499 0x1e28  SymEvent - ok
09:38:35.0558 0x1e28  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS
09:38:35.0569 0x1e28  SymIRON - ok
09:38:35.0644 0x1e28  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS
09:38:35.0662 0x1e28  SymNetS - ok
09:38:35.0734 0x1e28  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:38:35.0754 0x1e28  SynTP - ok
09:38:35.0873 0x1e28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:38:35.0919 0x1e28  SysMain - ok
09:38:35.0954 0x1e28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:38:35.0958 0x1e28  TabletInputService - ok
09:38:36.0000 0x1e28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:38:36.0010 0x1e28  TapiSrv - ok
09:38:36.0038 0x1e28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:38:36.0042 0x1e28  TBS - ok
09:38:36.0132 0x1e28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:38:36.0180 0x1e28  Tcpip - ok
09:38:36.0238 0x1e28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:38:36.0278 0x1e28  TCPIP6 - ok
09:38:36.0323 0x1e28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:38:36.0326 0x1e28  tcpipreg - ok
09:38:36.0360 0x1e28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:38:36.0361 0x1e28  TDPIPE - ok
09:38:36.0396 0x1e28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:38:36.0398 0x1e28  TDTCP - ok
09:38:36.0445 0x1e28  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:38:36.0451 0x1e28  tdx - ok
09:38:36.0496 0x1e28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:38:36.0500 0x1e28  TermDD - ok
09:38:36.0568 0x1e28  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:38:36.0588 0x1e28  TermService - ok
09:38:36.0619 0x1e28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:38:36.0621 0x1e28  Themes - ok
09:38:36.0642 0x1e28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:38:36.0645 0x1e28  THREADORDER - ok
09:38:36.0658 0x1e28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:38:36.0663 0x1e28  TrkWks - ok
09:38:36.0718 0x1e28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:38:36.0724 0x1e28  TrustedInstaller - ok
09:38:36.0742 0x1e28  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:38:36.0744 0x1e28  tssecsrv - ok
09:38:36.0802 0x1e28  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:38:36.0804 0x1e28  TsUsbFlt - ok
09:38:36.0876 0x1e28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:38:36.0883 0x1e28  tunnel - ok
09:38:36.0916 0x1e28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:38:36.0921 0x1e28  uagp35 - ok
09:38:36.0966 0x1e28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:38:36.0981 0x1e28  udfs - ok
09:38:37.0016 0x1e28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:38:37.0019 0x1e28  UI0Detect - ok
09:38:37.0068 0x1e28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:38:37.0073 0x1e28  uliagpkx - ok
09:38:37.0101 0x1e28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
09:38:37.0104 0x1e28  umbus - ok
09:38:37.0140 0x1e28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:38:37.0142 0x1e28  UmPass - ok
09:38:37.0296 0x1e28  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:38:37.0355 0x1e28  UNS - ok
09:38:37.0386 0x1e28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:38:37.0396 0x1e28  upnphost - ok
09:38:37.0458 0x1e28  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:38:37.0461 0x1e28  USBAAPL64 - ok
09:38:37.0504 0x1e28  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:38:37.0510 0x1e28  usbccgp - ok
09:38:37.0560 0x1e28  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:38:37.0566 0x1e28  usbcir - ok
09:38:37.0619 0x1e28  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:38:37.0622 0x1e28  usbehci - ok
09:38:37.0690 0x1e28  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:38:37.0704 0x1e28  usbhub - ok
09:38:37.0724 0x1e28  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:38:37.0726 0x1e28  usbohci - ok
09:38:37.0759 0x1e28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:38:37.0761 0x1e28  usbprint - ok
09:38:37.0797 0x1e28  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:38:37.0799 0x1e28  usbscan - ok
09:38:37.0832 0x1e28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:38:37.0837 0x1e28  USBSTOR - ok
09:38:37.0853 0x1e28  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:38:37.0856 0x1e28  usbuhci - ok
09:38:37.0922 0x1e28  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:38:37.0931 0x1e28  usbvideo - ok
09:38:37.0953 0x1e28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:38:37.0955 0x1e28  UxSms - ok
09:38:37.0969 0x1e28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
09:38:37.0971 0x1e28  VaultSvc - ok
09:38:38.0087 0x1e28  [ 2662F24C7AEE2A32CEBDEC907A5366F1, B6A59DE0AA0E58F239D54DFEC902D1E5E8BAA19642EF1114101787A00272903D ] vcsFPService    C:\Windows\system32\vcsFPService.exe
09:38:38.0144 0x1e28  vcsFPService - ok
09:38:38.0173 0x1e28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:38:38.0175 0x1e28  vdrvroot - ok
09:38:38.0243 0x1e28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:38:38.0262 0x1e28  vds - ok
09:38:38.0287 0x1e28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:38:38.0289 0x1e28  vga - ok
09:38:38.0302 0x1e28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:38:38.0304 0x1e28  VgaSave - ok
09:38:38.0342 0x1e28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:38:38.0348 0x1e28  vhdmp - ok
09:38:38.0382 0x1e28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:38:38.0383 0x1e28  viaide - ok
09:38:38.0395 0x1e28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:38:38.0398 0x1e28  volmgr - ok
09:38:38.0444 0x1e28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:38:38.0461 0x1e28  volmgrx - ok
09:38:38.0482 0x1e28  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:38:38.0490 0x1e28  volsnap - ok
09:38:38.0515 0x1e28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:38:38.0520 0x1e28  vsmraid - ok
09:38:38.0658 0x1e28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:38:38.0701 0x1e28  VSS - ok
09:38:38.0724 0x1e28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:38:38.0726 0x1e28  vwifibus - ok
09:38:38.0755 0x1e28  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:38:38.0758 0x1e28  vwififlt - ok
09:38:38.0786 0x1e28  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:38:38.0787 0x1e28  vwifimp - ok
09:38:38.0831 0x1e28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:38:38.0843 0x1e28  W32Time - ok
09:38:38.0867 0x1e28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:38:38.0868 0x1e28  WacomPen - ok
09:38:38.0916 0x1e28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:38:38.0922 0x1e28  WANARP - ok
09:38:38.0931 0x1e28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:38:38.0936 0x1e28  Wanarpv6 - ok
09:38:39.0039 0x1e28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:38:39.0072 0x1e28  WatAdminSvc - ok
09:38:39.0154 0x1e28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:38:39.0193 0x1e28  wbengine - ok
09:38:39.0233 0x1e28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:38:39.0240 0x1e28  WbioSrvc - ok
09:38:39.0289 0x1e28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:38:39.0306 0x1e28  wcncsvc - ok
09:38:39.0321 0x1e28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:38:39.0324 0x1e28  WcsPlugInService - ok
09:38:39.0353 0x1e28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:38:39.0354 0x1e28  Wd - ok
09:38:39.0394 0x1e28  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
09:38:39.0396 0x1e28  WDC_SAM - ok
09:38:39.0463 0x1e28  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:38:39.0490 0x1e28  Wdf01000 - ok
09:38:39.0513 0x1e28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:38:39.0517 0x1e28  WdiServiceHost - ok
09:38:39.0522 0x1e28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:38:39.0526 0x1e28  WdiSystemHost - ok
09:38:39.0573 0x1e28  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:38:39.0582 0x1e28  WebClient - ok
09:38:39.0632 0x1e28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:38:39.0640 0x1e28  Wecsvc - ok
09:38:39.0655 0x1e28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:38:39.0660 0x1e28  wercplsupport - ok
09:38:39.0680 0x1e28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:38:39.0684 0x1e28  WerSvc - ok
09:38:39.0704 0x1e28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:38:39.0706 0x1e28  WfpLwf - ok
09:38:39.0720 0x1e28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:38:39.0721 0x1e28  WIMMount - ok
09:38:39.0750 0x1e28  WinDefend - ok
09:38:39.0769 0x1e28  WinHttpAutoProxySvc - ok
09:38:39.0828 0x1e28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:38:39.0842 0x1e28  Winmgmt - ok
09:38:39.0940 0x1e28  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
09:38:39.0987 0x1e28  WinRM - ok
09:38:40.0051 0x1e28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
09:38:40.0054 0x1e28  WinUSB - ok
09:38:40.0099 0x1e28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:38:40.0122 0x1e28  Wlansvc - ok
09:38:40.0170 0x1e28  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:38:40.0172 0x1e28  wlcrasvc - ok
09:38:40.0301 0x1e28  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:38:40.0359 0x1e28  wlidsvc - ok
09:38:40.0401 0x1e28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:38:40.0402 0x1e28  WmiAcpi - ok
09:38:40.0439 0x1e28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:38:40.0445 0x1e28  wmiApSrv - ok
09:38:40.0477 0x1e28  WMPNetworkSvc - ok
09:38:40.0508 0x1e28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:38:40.0512 0x1e28  WPCSvc - ok
09:38:40.0567 0x1e28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:38:40.0576 0x1e28  WPDBusEnum - ok
09:38:40.0601 0x1e28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:38:40.0602 0x1e28  ws2ifsl - ok
09:38:40.0671 0x1e28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:38:40.0679 0x1e28  wscsvc - ok
09:38:40.0684 0x1e28  WSearch - ok
09:38:40.0830 0x1e28  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:38:40.0894 0x1e28  wuauserv - ok
09:38:40.0928 0x1e28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:38:40.0931 0x1e28  WudfPf - ok
09:38:40.0981 0x1e28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:38:40.0986 0x1e28  WUDFRd - ok
09:38:41.0020 0x1e28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:38:41.0024 0x1e28  wudfsvc - ok
09:38:41.0063 0x1e28  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:38:41.0070 0x1e28  WwanSvc - ok
09:38:41.0120 0x1e28  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
09:38:41.0131 0x1e28  yukonw7 - ok
09:38:41.0186 0x1e28  [ D6959A4FC3B56AFD9E31B0E71377C05F, 95ACE7E58C1DCB8DE6E64CD0E0FF06D5B84311C2D864E7B6E29F59B2D8888F5B ] ZTEusbgps       C:\Windows\system32\DRIVERS\ZTEusbgps.sys
09:38:41.0190 0x1e28  ZTEusbgps - ok
09:38:41.0252 0x1e28  [ D6959A4FC3B56AFD9E31B0E71377C05F, 95ACE7E58C1DCB8DE6E64CD0E0FF06D5B84311C2D864E7B6E29F59B2D8888F5B ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
09:38:41.0257 0x1e28  ZTEusbmdm6k - ok
09:38:41.0273 0x1e28  [ D6959A4FC3B56AFD9E31B0E71377C05F, 95ACE7E58C1DCB8DE6E64CD0E0FF06D5B84311C2D864E7B6E29F59B2D8888F5B ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
09:38:41.0278 0x1e28  ZTEusbnmea - ok
09:38:41.0299 0x1e28  [ D6959A4FC3B56AFD9E31B0E71377C05F, 95ACE7E58C1DCB8DE6E64CD0E0FF06D5B84311C2D864E7B6E29F59B2D8888F5B ] ZTEusbnmeaext   C:\Windows\system32\DRIVERS\ZTEusbnmeaext.sys
09:38:41.0304 0x1e28  ZTEusbnmeaext - ok
09:38:41.0331 0x1e28  [ D6959A4FC3B56AFD9E31B0E71377C05F, 95ACE7E58C1DCB8DE6E64CD0E0FF06D5B84311C2D864E7B6E29F59B2D8888F5B ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
09:38:41.0336 0x1e28  ZTEusbser6k - ok
09:38:41.0416 0x1e28  ================ Scan global ===============================
09:38:41.0435 0x1e28  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:38:41.0486 0x1e28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:38:41.0508 0x1e28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:38:41.0536 0x1e28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:38:41.0613 0x1e28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:38:41.0630 0x1e28  [ Global ] - ok
09:38:41.0630 0x1e28  ================ Scan MBR ==================================
09:38:41.0639 0x1e28  [ 14F805A6A3C9F9682974EEC8426E7418 ] \Device\Harddisk0\DR0
09:38:42.0135 0x1e28  \Device\Harddisk0\DR0 - ok
09:38:42.0136 0x1e28  ================ Scan VBR ==================================
09:38:42.0139 0x1e28  [ 7ABE193F32BD686390990C34C99D824D ] \Device\Harddisk0\DR0\Partition1
09:38:42.0142 0x1e28  \Device\Harddisk0\DR0\Partition1 - ok
09:38:42.0146 0x1e28  [ 02FE196921A42CBF066530155025DC49 ] \Device\Harddisk0\DR0\Partition2
09:38:42.0148 0x1e28  \Device\Harddisk0\DR0\Partition2 - ok
09:38:42.0153 0x1e28  [ D9F1CD620042F3BC8C5380926A0EC69D ] \Device\Harddisk0\DR0\Partition3
09:38:42.0154 0x1e28  \Device\Harddisk0\DR0\Partition3 - ok
09:38:42.0157 0x1e28  [ 3E0DEC1E52E21F969D53CF4AD37F7EF2 ] \Device\Harddisk0\DR0\Partition4
09:38:42.0158 0x1e28  \Device\Harddisk0\DR0\Partition4 - ok
09:38:42.0159 0x1e28  ================ Scan generic autorun ======================
09:38:42.0159 0x1e28  SynTPEnh - ok
09:38:42.0203 0x1e28  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
09:38:42.0211 0x1e28  AmIcoSinglun64 - ok
09:38:42.0292 0x1e28  [ 89BD2A491AFF80014199DE4159EA2409, 0C6A0A0764A8324165EE8DA94F25291FEFCCA90E0D4AB7F7B7B9551343EF2D3D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
09:38:42.0311 0x1e28  SmartMenu - ok
09:38:42.0351 0x1e28  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
09:38:42.0351 0x1e28  HPWirelessAssistant - ok
09:38:42.0387 0x1e28  [ 759CDFE07A593142AD7FD5029E582FE3, 24DF8DD2003F2460CE08C2B64CFC8576DFA2067E71DE2F8FA94553D2391D8471 ] C:\Program Files\IDT\WDM\sttray64.exe
09:38:42.0401 0x1e28  SysTrayApp - ok
09:38:42.0442 0x1e28  [ 5DF7E326D8640A5803399DFE5F500F59, D32F206660A9B1DC4F7B3138E494A9D8F20F98F7F148063615595AD2CE29F9AA ] C:\Windows\system32\igfxtray.exe
09:38:42.0447 0x1e28  IgfxTray - ok
09:38:42.0469 0x1e28  [ DA7098874BDE1EF2659B2E5164321F61, 280B0CEFA23D3595E2345D6B9504356FEA6ECA05190C7FE7B64C052A23376B0E ] C:\Windows\system32\hkcmd.exe
09:38:42.0479 0x1e28  HotKeysCmds - ok
09:38:42.0498 0x1e28  [ D8EA8066BC468584A790D4F99A46C8C5, F254BCB94C45754F05DE597B4E51F85D1B70D49652DEC4F88C481A8BBD7B8578 ] C:\Windows\system32\igfxpers.exe
09:38:42.0509 0x1e28  Persistence - ok
09:38:42.0570 0x1e28  [ 477394524F13ECD100A5E5B82E41883E, D90064E0596A47A3476AE8BA41823322F00DF568A969C7BF450BD80B63F18C00 ] C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
09:38:42.0574 0x1e28  Plantronics MyHeadset Updater - ok
09:38:42.0634 0x1e28  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
09:38:42.0645 0x1e28  IAStorIcon - ok
09:38:42.0728 0x1e28  [ F5DF8B70484A39A0F0EE3BB51B4DCF85, 2506E7D5A8A194ACC791718A40FFCC10B3437E08BD9F71225CF83C5560587317 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
09:38:42.0744 0x1e28  EgisTecPMMUpdate - ok
09:38:42.0759 0x1e28  [ 03522B916831A962E854E942B533D834, 411A3FE6E5BC8A29068B5740ADA773AFAEEADDA4BEB2025A0786FA73C0A53800 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
09:38:42.0764 0x1e28  EgisUpdate - ok
09:38:42.0828 0x1e28  [ FC07410C2F91CAFE43F25534E8749C13, 619ED84F55EE12374226A571ABDBFAF9E095CF28916B0ED89F5FDD20960681C3 ] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
09:38:42.0844 0x1e28  VitaKeyTSR - ok
09:38:42.0958 0x1e28  [ A6529976525B50C461C628B38D8805F1, 70188A8B3E350AB8DD73365FD4E476363DDA00BAA1C002B917EC3E2177E1F736 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe
09:38:43.0040 0x1e28  NortonOnlineBackupReminder - ok
09:38:43.0176 0x1e28  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:38:43.0200 0x1e28  Adobe ARM - ok
09:38:43.0296 0x1e28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:38:43.0342 0x1e28  Sidebar - ok
09:38:43.0376 0x1e28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:38:43.0381 0x1e28  mctadmin - ok
09:38:43.0415 0x1e28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:38:43.0438 0x1e28  Sidebar - ok
09:38:43.0446 0x1e28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:38:43.0448 0x1e28  mctadmin - ok
09:38:43.0494 0x1e28  [ C31AAE3D6F9739EC1534D88E2444A0E8, BF92A3F9128E0C65D1233A94EC9695002433A4F86158980178F0353AC9B56E8C ] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe
09:38:43.0501 0x1e28  NortonUtilities - ok
09:38:43.0718 0x1e28  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Sal\AppData\Local\Google\Update\GoogleUpdate.exe
09:38:43.0721 0x1e28  Google Update - ok
09:38:43.0723 0x1e28  Waiting for KSN requests completion. In queue: 92
09:38:44.0723 0x1e28  Waiting for KSN requests completion. In queue: 92
09:38:45.0975 0x1e28  Waiting for KSN requests completion. In queue: 92
09:38:47.0038 0x1e28  AV detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51000 ( enabled : updated )
09:38:47.0041 0x1e28  FW detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
09:38:49.0867 0x1e28  ============================================================
09:38:49.0867 0x1e28  Scan finished
09:38:49.0867 0x1e28  ============================================================
09:38:49.0879 0x1fc0  Detected object count: 0
09:38:49.0879 0x1fc0  Actual detected object count: 0


Edited by bob1776, 06 January 2015 - 05:42 PM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 08 January 2015 - 04:29 AM

Your computer is infected with the poweliks trojan...

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 08 January 2015 - 02:52 PM

Marius - Thanks for continuing to help me.  Your time is truly appreciated.

 

I downloaded to desktop the fixlist.txt file you posted and then ran FRST64.exe from desktop.  The fixlog.txt is pasted below.

 

I then downloaded and ran Malwarebytes Anti-Malware mbam-setup-2.0.4.1028.exe.  No malicious items detected.  The application log is pasted below.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2015
Ran by Sal at 2015-01-08 08:30:09 Run:1
Running from C:\Users\Sal\Desktop
Loaded Profile: Sal (Available profiles: Sal)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CustomCLSID: HKU\S-1-5-21-761812601-814193575-3437521603-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
AlternateDataStreams: C:\ProgramData\Temp:D287FACF
SearchScopes: HKLM-x32 -> {4B0B9626-4706-4690-A2B5-81618054EEEA} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-761812601-814193575-3437521603-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869

EmptyTemp:
*****************

"HKU\S-1-5-21-761812601-814193575-3437521603-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key Deleted Successfully.
C:\ProgramData\Temp => ":D287FACF" ADS removed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4B0B9626-4706-4690-A2B5-81618054EEEA}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{4B0B9626-4706-4690-A2B5-81618054EEEA} => Key not found. 
"HKU\S-1-5-21-761812601-814193575-3437521603-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found. 
EmptyTemp: => Removed 51.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 08:30:25 ====
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/8/2015
Scan Time: 9:18:11 AM
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.08.10
Rootkit Database: v2015.01.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sal

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371492
Time Elapsed: 17 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
()

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 09 January 2015 - 06:22 AM

Looks good!

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 10 January 2015 - 01:34 PM

Marius,

 

Thanks again for all of your help.  I ran ESET online scanner as instructed and it found 2 threats.  I also followed your instructions to untick "Remove found threats" so I'm guessing the 2 threats are still on my computer.  A copy of the ESET "List of Found Threats" is pasted below.

C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res	a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\All Users\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res	a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 12 January 2015 - 04:35 AM

These files aren´t malware but contain security risks. I´d delete them immediately - your choice.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 12 January 2015 - 04:54 PM

Marius,

 

I ran ESET online scanner once again and deleted the 2 threats it found.

 

Next, I ran adwCleaner, Junkware Removal Tool and SecurityCheck.  The logs are pasted below.

# AdwCleaner v4.107 - Report created 12/01/2015 at 12:17:06
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sal - USS
# Running from : C:\Users\Sal\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\Program Files (x86)\Optimizer Pro 3.26
Folder Deleted : C:\Users\Sal\AppData\Local\PackageAware
Folder Deleted : C:\Users\Sal\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Sal\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\Sal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Folder Deleted : C:\Users\Sal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\Sal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{090B161B-F63E-47AD-8468-3147D9E5116A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2E957863-1143-4317-A7BB-6156F08C2F9A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{371D7615-748D-4DBF-A44B-655D028A105E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{510FCD9E-D887-4717-B6FD-3FB2E368BFE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5F57E6F2-3AD9-4EDE-B847-79BFF014DCA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6018C93A-F578-44AC-AF31-60979913C86C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63932C54-3F31-435D-B43F-1069100D994A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CEDCB88-FC93-44CF-8E34-B1C9A97D83EA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{72B98577-9F63-4472-8C83-CCE16822F990}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78FF1BF6-6612-4502-BBE8-661DFC831CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEBB2F5E-F6E3-4857-9621-2112C288646D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F9D4647-EFF9-40BF-896B-DD7D18B85066}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [3230 octets] - [12/01/2015 12:13:37]
AdwCleaner[S0].txt - [2942 octets] - [12/01/2015 12:17:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3002 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sal on Mon 01/12/2015 at 12:34:09.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Sal\appdata\local\{4DF41E27-F01F-432A-B8F2-8DEA10A813EB}
Successfully deleted: [Empty Folder] C:\Users\Sal\appdata\local\{6C112F56-3FAB-43DA-83AC-0656BBC1356E}
Successfully deleted: [Empty Folder] C:\Users\Sal\appdata\local\{896B4E80-0630-46EC-8AFF-3B7C5AA865F2}
Successfully deleted: [Empty Folder] C:\Users\Sal\appdata\local\{8CE64D5F-7DD6-4C9A-91D6-C2BBA5353510}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/12/2015 at 12:38:35.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360 Premier Edition  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 71 
  Adobe Flash Player 14.0.0.145 Flash Player out of Date! 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.71)
 Google Chrome (39.0.2171.95)
 Google Chrome (Plugins...)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 13 January 2015 - 10:16 AM

Are any problems left or may I post the final reply? :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 13 January 2015 - 03:05 PM

It seems all problems have been resolved.  Thank you. 



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 14 January 2015 - 02:35 AM

Your system is clean now! :)

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

  • Please download IE 11 from here
  • Save it to your desktop.
  • Double click on the file on your desktop to start the installation process.
  • Reboot

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.




Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 bob1776

bob1776
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 16 January 2015 - 04:36 AM

Marius,

 

Outdated software updated and I ran all the tools, no issues at all.  Great security recommendations too.  Thank you so much for all of your time and your help.       



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 17 January 2015 - 06:15 AM

You´re welcome! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 17 January 2015 - 06:15 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users