Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zero. Access infection


  • This topic is locked This topic is locked
14 replies to this topic

#1 pcbug

pcbug

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 09 February 2015 - 10:01 PM

Can't run Frst scan. Downloaded briefly but removed by "Norton" antivirus before I could begin scan. Norton claimed to remove Zero.Access on its own and malwarebytes free version never detected anything. Tried downloading Frst multiple times now being blocked by my system immediately.

EDIT: After further review this is likely a false positive but I'm waiting for Norton to research

Edited by pcbug, 10 February 2015 - 07:48 PM.


BC AdBot (Login to Remove)

 


#2 pcbug

pcbug
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 11 February 2015 - 10:22 PM

The Frst scan results are listed below as well as the attachment. I should have stated my inability to run Frst scan was due to the false positive I was not referring to the virus itself. Norton quarantined the Zero.Access threat during a scan so I assumed an infection had already taken place. I'm concerned about a potential compromise of my system if the Norton scan was accurate.
 
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Chris (administrator) on HPALLINONE on 11-02-2015 20:59:48
Running from C:\Users\Chris\Downloads
Loaded Profiles: Chris (Available profiles: Chris & Pops)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-24] (IDT, Inc.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2011-06-17] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-05] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3877306086-240794212-3911807157-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\hp\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk -> C:\Program Files\hp\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pops\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pops\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pops\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pops\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pops\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3877306086-240794212-3911807157-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3877306086-240794212-3911807157-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
URLSearchHook: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 -> {CDD924C4-3376-46FE-9A90-E4BB46F50AD0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
SearchScopes: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3877306086-240794212-3911807157-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2015-02-11]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-01]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://cnn.com/"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-03]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-03]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-03]
CHR Extension: (Website Logon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2013-08-03]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-01]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129840 2011-06-17] (Portrait Displays, Inc.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-17] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20150203.001\BHDrvx64.sys [1622744 2015-02-02] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20150210.001\IDSvia64.sys [669400 2015-02-02] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-10] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150210.003\ENG64.SYS [129752 2015-02-03] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150210.003\EX64.SYS [2137304 2015-02-03] (Symantec Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
R3 NWVoltron; C:\Windows\system32\drivers\NWVoltron.sys [28440 2011-06-23] ()
S3 NWWakeFilterV; C:\Windows\system32\drivers\NWWakeFilterV.sys [16152 2011-06-23] (n/a)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-06] ()
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-11 20:59 - 2015-02-11 20:59 - 00023355 _____ () C:\Users\Chris\Downloads\FRST.txt
2015-02-10 22:32 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 22:32 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 22:32 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 22:32 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 22:32 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 22:32 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 22:32 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 22:32 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 22:32 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 22:32 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 22:32 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 22:31 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 22:31 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 22:31 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 22:31 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 22:31 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 22:31 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 22:31 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 22:31 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 22:31 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 22:31 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 22:31 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 22:31 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 22:31 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 22:31 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 22:31 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 22:31 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 22:31 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 22:31 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 22:31 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 22:31 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 22:31 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 22:31 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 22:31 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 22:31 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 22:31 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 22:31 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 22:31 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 22:31 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 22:31 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 22:31 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 22:31 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 22:31 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 22:31 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:31 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 22:31 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 22:31 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 22:31 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 22:31 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 22:31 - 2015-01-11 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-10 22:31 - 2015-01-11 20:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-10 22:31 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 22:31 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 22:31 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 22:31 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 22:31 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 22:31 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 22:31 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 22:31 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 22:31 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 22:31 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 22:31 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 22:31 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 22:31 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 22:31 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 22:31 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 22:31 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 22:31 - 2015-01-11 19:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-10 22:31 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 22:31 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 22:31 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 22:31 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 22:31 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 22:31 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 22:31 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 22:31 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 22:31 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 22:31 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 22:31 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 22:31 - 2015-01-11 19:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 22:31 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 22:31 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 22:31 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 22:31 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 22:31 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 22:31 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 22:31 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 22:31 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 22:31 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 22:31 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 22:31 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 22:31 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 22:31 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 22:31 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 22:31 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 22:31 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 22:31 - 2014-10-03 20:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 22:31 - 2014-10-03 19:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 22:31 - 2014-10-03 19:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 22:30 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 22:30 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 22:30 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 22:30 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 22:30 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 22:27 - 2015-02-10 22:27 - 02132992 _____ (Farbar) C:\Users\Chris\Downloads\frst64.exe
2015-02-09 20:41 - 2015-02-11 20:59 - 00000000 ____D () C:\FRST
2015-01-31 00:52 - 2015-01-31 00:52 - 00000000 ____D () C:\Windows\Sun
2015-01-31 00:45 - 2015-01-31 00:45 - 00639400 _____ (Oracle Corporation) C:\Users\Chris\Downloads\chromeinstall-8u31.exe
2015-01-30 19:28 - 2015-01-30 19:28 - 00009603 _____ () C:\Users\Pops\Downloads\NATIONWIDE FURNITURE DISTRIBUTORS Inc (4).xlsx
2015-01-30 19:28 - 2015-01-30 19:28 - 00009603 _____ () C:\Users\Pops\Downloads\NATIONWIDE FURNITURE DISTRIBUTORS Inc (3).xlsx
2015-01-24 11:49 - 2015-01-24 11:49 - 00030150 _____ () C:\Users\Pops\Downloads\Copy of CHICAGO RATE UPDATE ON 21st JAN.xlsx
2015-01-24 11:49 - 2015-01-24 11:49 - 00030150 _____ () C:\Users\Pops\Downloads\Copy of CHICAGO RATE UPDATE ON 21st JAN (1).xlsx
2015-01-13 18:29 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 18:29 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 18:29 - 2014-12-11 11:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 18:29 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 18:29 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 18:29 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-11 20:55 - 2012-07-04 19:11 - 00058016 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-11 20:52 - 2012-04-06 01:39 - 02024487 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 20:48 - 2012-07-27 17:21 - 00000000 ____D () C:\Users\Chris\Desktop\Old Dell Files
2015-02-11 20:47 - 2013-08-03 14:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-11 20:44 - 2009-07-13 23:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-11 20:43 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 20:42 - 2012-08-14 15:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 18:34 - 2013-08-03 14:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 18:30 - 2012-07-25 18:22 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\SoftGrid Client
2015-02-11 03:34 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 03:34 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 03:29 - 2012-04-06 01:56 - 00000000 ____D () C:\ProgramData\PDFC
2015-02-11 03:28 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 03:28 - 2009-07-13 22:51 - 00683332 _____ () C:\Windows\setupact.log
2015-02-11 03:28 - 2009-07-13 22:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:26 - 2014-12-11 17:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 03:26 - 2014-05-06 21:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 03:26 - 2012-04-06 02:01 - 00000000 ____D () C:\ProgramData\truesuite
2015-02-11 03:08 - 2014-03-09 20:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 03:03 - 2014-03-09 20:03 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 22:40 - 2014-04-19 00:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 20:36 - 2014-12-19 22:39 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForChris
2015-02-10 20:36 - 2014-12-19 22:39 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForChris.job
2015-02-09 17:44 - 2014-04-19 00:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-06 20:51 - 2012-07-04 19:13 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{09BA338F-8083-4573-89B9-CA285CFBA936}
2015-02-06 20:48 - 2010-11-20 21:47 - 00278694 _____ () C:\Windows\PFRO.log
2015-02-06 19:30 - 2012-11-04 17:20 - 00000000 ___RD () C:\Users\Pops\Dropbox
2015-02-06 19:30 - 2012-11-04 17:17 - 00000000 ____D () C:\Users\Pops\AppData\Roaming\Dropbox
2015-02-06 17:20 - 2013-08-03 14:57 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 07:41 - 2013-08-03 14:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 07:41 - 2013-08-03 14:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-31 00:52 - 2014-10-24 16:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 00:46 - 2014-10-24 16:03 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-31 00:46 - 2014-10-24 16:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-31 00:46 - 2014-10-24 16:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-31 00:46 - 2014-10-24 16:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-31 00:46 - 2013-10-27 00:54 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-30 22:03 - 2012-07-06 17:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-30 22:02 - 2012-12-29 09:13 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-27 17:12 - 2012-07-08 23:32 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B7A68BB9-9DF3-4E67-B965-022E9099A074}
2015-01-26 06:59 - 2012-10-06 06:51 - 00003176 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPops
2015-01-26 06:59 - 2012-10-06 06:51 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForPops.job
2015-01-24 11:00 - 2012-08-16 14:58 - 00000000 ____D () C:\Users\Pops\AppData\Local\CrashDumps
2015-01-23 18:08 - 2012-08-19 17:12 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2015-01-17 10:03 - 2014-09-14 13:28 - 00000000 ____D () C:\Users\Pops\AppData\Roaming\.minecraft
2015-01-17 09:26 - 2014-11-25 22:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-17 09:15 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
 
==================== Files in the root of some directories =======
 
2012-04-06 02:00 - 2011-06-09 17:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-07-22 15:37 - 2012-07-22 15:37 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\sp64126.exe
C:\Users\Chris\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Pops\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphllpwe.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-07 15:50
 
==================== End Of Log ============================

Attached Files


Edited by pcbug, 11 February 2015 - 10:48 PM.


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:11:28 AM

Posted 12 February 2015 - 09:09 PM

:welcome:

 

Sometimes ZeroAccess will show up on a FRST log but it did not, but I do see some bogus entries that need to go, lets clean you up some and then take a deeper look for ZeroAccess

 

 

 

 
-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
Use my link only, do not do a search for AdwCleaner as there is a bogus copy going around by scammers
 
 
Do not click on any links in the top Advertisment.
 
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
 
 
===============================================================================
 
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 
 
 
===============================================================================
 
Download Malwarebytes' Anti-Malware  to your desktop. 
 
  •  
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
 
 
MBAMDashboard_zpsddef9b5f.gif
 
  •  
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished and the log pops up...select Copy to Clipboard
  • Please paste the log back into this thread for review
  • Exit Malwarebytes
 

 


mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#4 pcbug

pcbug
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 13 February 2015 - 11:35 PM

Hello and thank you for taking the time to assist me. I completed the ADWCleaner scan and cleanup and will post the log below. However I have some questions before proceeding any further.

 

 

First I disabled my internet connection when I ran my initial Frst scan to begin this process. I have been disabling my connection whenever possible in case of a compromise and I don't know if that has any effect on the results of the initial Frst scan. Do I need to rerun it with an active connection?

 

 

Second you stated to shut down my protection software before running the Junkware Removal Tool. Exactly what portions of my protection do I need to disable? My protection has a total of 11 settings including the antivirus, antispyware, and firewall among others. Am I to disable everything or just certain portions? Do you need more information?

 

 

Here is the ADWCleaner log:

 

 

# AdwCleaner v4.110 - Logfile created 13/02/2015 at 22:16:01
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Chris - HPALLINONE
# Running from : C:\Users\Chris\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\WeatherBlinkEI
Folder Deleted : C:\Users\Chris\AppData\Local\Conduit
Folder Deleted : C:\Users\Chris\AppData\Local\iac
Folder Deleted : C:\Users\Chris\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Chris\AppData\LocalLow\iac
Folder Deleted : C:\Users\Pops\AppData\Local\DefineExt
Folder Deleted : C:\Users\Pops\AppData\LocalLow\wiseconvert
Folder Deleted : C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
Folder Deleted : C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CDD924C4-3376-46FE-9A90-E4BB46F50AD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\WeatherBlinkEI
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Google Chrome v40.0.2214.111
 
[C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=5DF5AEEB-6670-4610-A4CD-7F244F25F464&n=77fda27c&ind=2013110908&p2=^UX^xdm297^YYA^us&si=291929
 
*************************
 
AdwCleaner[R0].txt - [4945 bytes] - [13/02/2015 22:14:07]
AdwCleaner[S0].txt - [4542 bytes] - [13/02/2015 22:16:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4601  bytes] ##########


#5 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:11:28 AM

Posted 14 February 2015 - 06:35 AM

Good Morning,

 

I dont see any benefit of shutting down your internet connection unless this was a work computer and you where connected to a network, then that would be a good idea so as to not infect other computers on your network, also sometimes an infection includes a back door letting other garbage in but I don't see this presently.

 

You have Norton Internet Security, most times you can just right click on it on the system tray and it will give you an option to disable it for a given amount of time

 

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/


mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#6 pcbug

pcbug
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 14 February 2015 - 03:16 PM

I disabled my antivirus and ran the Junkware Removal Tool

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Chris on Sat 02/14/2015 at 14:07:16.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{0726BEDA-C388-4C7A-963C-6AC4893096F3}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1F694793-BECF-4F68-A45E-52A72C2BDD18}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{23F32679-DC23-448F-9989-E1ED9798A39F}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{27B7053E-5391-4363-95F9-325955C9113A}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{302BA080-C148-4778-8409-5E4D80997EB5}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{30CDD796-C769-434F-B1A7-B6B84173A283}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{34283D42-5DBB-4986-9F9C-4661AE55AECD}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3AA51389-B203-46A6-BCA4-8C8A4D73FAAE}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3AB91257-089B-4273-8AC9-4BF0324AFC65}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3AFD036A-6F47-4078-A2E6-37E7FD1A014B}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3E0BF09B-A6E9-4FEF-A605-519C67BC6111}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{42FF344B-4E12-4121-8C7A-6C313F7EDEBC}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{53709AAC-B8F0-41D4-B60D-BF23659D746C}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{552E6A81-E7D1-4B9D-BDB0-E54A1CD1FE43}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{60CD5509-0238-46C0-95A3-7FC42E4744E7}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{73C3D0A7-F13D-41D8-ADD6-533A2434F179}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7614FEC9-396F-4A42-81D7-F0CE99F48AD1}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{78D16C02-946C-4751-A225-7317C3BCE402}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7926A440-108C-4347-9FF0-87752D17360B}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7DA9D989-A9AD-4169-83C7-6E59F5A9B530}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7F7104B4-35BE-484C-802A-20BFE280CE75}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{A3DD49E0-93D1-440A-849B-07ABFE7EB772}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{AABC4496-6704-4A51-9E9E-353E7691B270}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{B297EA67-399B-4F45-B327-5AE38A6DFD95}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{BF13B888-0A50-4A10-938A-12D6011E1649}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CBD1C0C1-E5D2-4D27-8488-F0876DA568F6}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CCC3E2C1-36B3-4F15-B619-F823EF29FA83}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D6CCDB6D-3D9F-4EF9-90FD-1B5D931B4E89}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E2A9FA99-7C2C-469E-B90E-E63CABABB163}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E72412E0-C40D-47BC-A9E3-34E61C92FE26}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E773415C-35CA-4053-B5C9-230DD8182264}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E8986CBF-7CBD-4341-8B70-39DADBFE24F9}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{EEB8EDD2-72A8-493A-A107-BEA74D97112D}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{EF79B938-073F-4CA4-9F0B-A67878FF23E4}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F1DAF1EA-FCD8-45DD-9E3B-1608FDE31F56}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F2CDC6AB-FE94-4DBE-B7F5-3B9E21A121EA}
Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F4AC5A5B-D4B6-49EC-B454-2D0E1D8FEEAA}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/14/2015 at 14:10:03.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 pcbug

pcbug
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 14 February 2015 - 03:51 PM

I am a frequent user of MBAM and ran a threat scan after the other 2 tools and the results are below. Would you rather I removed my version of MBAM from my system and started fresh? Could mine be compromised because it rarely detects anything?
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2/14/2015
Scan Time: 2:19:14 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.14.05
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chris
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 457189
Time Elapsed: 20 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#8 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:11:28 AM

Posted 14 February 2015 - 05:38 PM

Great, so far we removed just a bunch of junk that you may have installed that came bundled with something else that you installed.

 

I am going to have you run two tools, if ZeroAccess is still present they will find and remove it

 

Please download TDSSKiller
  • Download TDSSKiller.exe to your desktop, if it is prevented from being downloaded than download the Zip version and extract it to your desktop
  • Double click TDSSKiller To start the program <-- XP/Vista Users
  • Right Click TDSSKiller and select RUN AS ADMINISTRATOR <--Windows 7 and 8
  • Press Start Scan
  • Only if Malicious objects are found then ensure Cure is selected
  • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
  • A copy of the log will be saved automatically to the root of the drive (typically C:\)
  •  
     
     
    =========================================================================
     

    Please download Malwarebytes Anti-Rootkit from Here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #9 pcbug

    pcbug
    • Topic Starter

    • Members
    • 13 posts
    • OFFLINE
    •  
    • Local time:11:28 AM

    Posted 14 February 2015 - 09:27 PM

    20:14:19.0044 0x0d84  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
    20:15:40.0469 0x0d84  ============================================================
    20:15:40.0469 0x0d84  Current date / time: 2015/02/14 20:15:40.0469
    20:15:40.0470 0x0d84  SystemInfo:
    20:15:40.0470 0x0d84  
    20:15:40.0470 0x0d84  OS Version: 6.1.7601 ServicePack: 1.0
    20:15:40.0470 0x0d84  Product type: Workstation
    20:15:40.0470 0x0d84  ComputerName: HPALLINONE
    20:15:40.0470 0x0d84  UserName: Chris
    20:15:40.0470 0x0d84  Windows directory: C:\Windows
    20:15:40.0470 0x0d84  System windows directory: C:\Windows
    20:15:40.0470 0x0d84  Running under WOW64
    20:15:40.0470 0x0d84  Processor architecture: Intel x64
    20:15:40.0470 0x0d84  Number of processors: 4
    20:15:40.0470 0x0d84  Page size: 0x1000
    20:15:40.0470 0x0d84  Boot type: Normal boot
    20:15:40.0470 0x0d84  ============================================================
    20:15:40.0975 0x0d84  KLMD registered as C:\Windows\system32\drivers\33979183.sys
    20:15:41.0425 0x0d84  System UUID: {CEB7AE47-84A1-BE7F-F664-2A2DE1922ED6}
    20:15:41.0839 0x0d84  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:15:41.0854 0x0d84  ============================================================
    20:15:41.0854 0x0d84  \Device\Harddisk0\DR0:
    20:15:41.0855 0x0d84  MBR partitions:
    20:15:41.0855 0x0d84  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    20:15:41.0855 0x0d84  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE7061000
    20:15:41.0855 0x0d84  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE7093800, BlocksNum 0x1D74800
    20:15:41.0855 0x0d84  ============================================================
    20:15:41.0880 0x0d84  C: <-> \Device\Harddisk0\DR0\Partition2
    20:15:41.0933 0x0d84  D: <-> \Device\Harddisk0\DR0\Partition3
    20:15:41.0965 0x0d84  ============================================================
    20:15:41.0966 0x0d84  Initialize success
    20:15:41.0966 0x0d84  ============================================================
    20:19:18.0203 0x1ba8  ============================================================
    20:19:18.0203 0x1ba8  Scan started
    20:19:18.0203 0x1ba8  Mode: Manual; 
    20:19:18.0203 0x1ba8  ============================================================
    20:19:18.0203 0x1ba8  KSN ping started
    20:19:32.0586 0x1ba8  KSN ping finished: true
    20:19:33.0553 0x1ba8  ================ Scan system memory ========================
    20:19:33.0553 0x1ba8  System memory - ok
    20:19:33.0553 0x1ba8  ================ Scan services =============================
    20:19:33.0678 0x1ba8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    20:19:33.0678 0x1ba8  1394ohci - ok
    20:19:33.0741 0x1ba8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    20:19:33.0756 0x1ba8  ACPI - ok
    20:19:33.0772 0x1ba8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    20:19:33.0787 0x1ba8  AcpiPmi - ok
    20:19:33.0865 0x1ba8  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    20:19:33.0881 0x1ba8  AdobeFlashPlayerUpdateSvc - ok
    20:19:33.0912 0x1ba8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    20:19:33.0928 0x1ba8  adp94xx - ok
    20:19:33.0959 0x1ba8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    20:19:33.0959 0x1ba8  adpahci - ok
    20:19:33.0990 0x1ba8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    20:19:33.0990 0x1ba8  adpu320 - ok
    20:19:34.0006 0x1ba8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    20:19:34.0006 0x1ba8  AeLookupSvc - ok
    20:19:34.0068 0x1ba8  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
    20:19:34.0084 0x1ba8  AESTFilters - ok
    20:19:34.0131 0x1ba8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
    20:19:34.0146 0x1ba8  AFD - ok
    20:19:34.0177 0x1ba8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
    20:19:34.0177 0x1ba8  agp440 - ok
    20:19:34.0193 0x1ba8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
    20:19:34.0193 0x1ba8  ALG - ok
    20:19:34.0224 0x1ba8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
    20:19:34.0224 0x1ba8  aliide - ok
    20:19:34.0240 0x1ba8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
    20:19:34.0240 0x1ba8  amdide - ok
    20:19:34.0271 0x1ba8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
    20:19:34.0271 0x1ba8  AmdK8 - ok
    20:19:34.0271 0x1ba8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
    20:19:34.0287 0x1ba8  AmdPPM - ok
    20:19:34.0302 0x1ba8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    20:19:34.0302 0x1ba8  amdsata - ok
    20:19:34.0333 0x1ba8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
    20:19:34.0333 0x1ba8  amdsbs - ok
    20:19:34.0349 0x1ba8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    20:19:34.0349 0x1ba8  amdxata - ok
    20:19:34.0380 0x1ba8  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
    20:19:34.0380 0x1ba8  AppID - ok
    20:19:34.0411 0x1ba8  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    20:19:34.0411 0x1ba8  AppIDSvc - ok
    20:19:34.0458 0x1ba8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
    20:19:34.0458 0x1ba8  Appinfo - ok
    20:19:34.0536 0x1ba8  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    20:19:34.0536 0x1ba8  Apple Mobile Device - ok
    20:19:34.0552 0x1ba8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
    20:19:34.0567 0x1ba8  arc - ok
    20:19:34.0583 0x1ba8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    20:19:34.0583 0x1ba8  arcsas - ok
    20:19:34.0677 0x1ba8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    20:19:34.0692 0x1ba8  aspnet_state - ok
    20:19:34.0708 0x1ba8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    20:19:34.0708 0x1ba8  AsyncMac - ok
    20:19:34.0739 0x1ba8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
    20:19:34.0739 0x1ba8  atapi - ok
    20:19:34.0801 0x1ba8  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    20:19:34.0817 0x1ba8  AudioEndpointBuilder - ok
    20:19:34.0833 0x1ba8  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    20:19:34.0848 0x1ba8  AudioSrv - ok
    20:19:34.0879 0x1ba8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    20:19:34.0879 0x1ba8  AxInstSV - ok
    20:19:34.0895 0x1ba8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
    20:19:34.0911 0x1ba8  b06bdrv - ok
    20:19:34.0926 0x1ba8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    20:19:34.0926 0x1ba8  b57nd60a - ok
    20:19:34.0942 0x1ba8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
    20:19:34.0957 0x1ba8  BDESVC - ok
    20:19:34.0957 0x1ba8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
    20:19:34.0957 0x1ba8  Beep - ok
    20:19:34.0989 0x1ba8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
    20:19:35.0004 0x1ba8  BFE - ok
    20:19:35.0207 0x1ba8  [ 99EE5EB9FCBAD85F1992C47C5BB68649, 604B618F0106B09207B262E22E70E152C4104FB2602C009F19EBEB342D0E9CE7 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20150203.001\BHDrvx64.sys
    20:19:35.0238 0x1ba8  BHDrvx64 - ok
    20:19:35.0269 0x1ba8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
    20:19:35.0285 0x1ba8  BITS - ok
    20:19:35.0301 0x1ba8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
    20:19:35.0301 0x1ba8  blbdrive - ok
    20:19:35.0363 0x1ba8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    20:19:35.0379 0x1ba8  Bonjour Service - ok
    20:19:35.0441 0x1ba8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    20:19:35.0441 0x1ba8  bowser - ok
    20:19:35.0472 0x1ba8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
    20:19:35.0472 0x1ba8  BrFiltLo - ok
    20:19:35.0488 0x1ba8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
    20:19:35.0488 0x1ba8  BrFiltUp - ok
    20:19:35.0535 0x1ba8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
    20:19:35.0550 0x1ba8  Browser - ok
    20:19:35.0581 0x1ba8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    20:19:35.0581 0x1ba8  Brserid - ok
    20:19:35.0597 0x1ba8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    20:19:35.0597 0x1ba8  BrSerWdm - ok
    20:19:35.0613 0x1ba8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    20:19:35.0613 0x1ba8  BrUsbMdm - ok
    20:19:35.0613 0x1ba8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    20:19:35.0628 0x1ba8  BrUsbSer - ok
    20:19:35.0644 0x1ba8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    20:19:35.0644 0x1ba8  BTHMODEM - ok
    20:19:35.0675 0x1ba8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
    20:19:35.0675 0x1ba8  bthserv - ok
    20:19:35.0753 0x1ba8  [ A3AD13CA2747953DDD4C9AE4FB925BEC, 860FA3A04DE9DA0B19C625681E594713844F3401FEFD7C26A28C6C94BA6920C7 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    20:19:35.0753 0x1ba8  CalendarSynchService - ok
    20:19:35.0847 0x1ba8  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys
    20:19:35.0862 0x1ba8  ccSet_NIS - ok
    20:19:35.0878 0x1ba8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    20:19:35.0878 0x1ba8  cdfs - ok
    20:19:35.0893 0x1ba8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    20:19:35.0909 0x1ba8  cdrom - ok
    20:19:35.0925 0x1ba8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
    20:19:35.0940 0x1ba8  CertPropSvc - ok
    20:19:35.0956 0x1ba8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
    20:19:35.0956 0x1ba8  circlass - ok
    20:19:35.0987 0x1ba8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
    20:19:36.0003 0x1ba8  CLFS - ok
    20:19:36.0065 0x1ba8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:19:36.0065 0x1ba8  clr_optimization_v2.0.50727_32 - ok
    20:19:36.0096 0x1ba8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    20:19:36.0112 0x1ba8  clr_optimization_v2.0.50727_64 - ok
    20:19:36.0174 0x1ba8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    20:19:36.0174 0x1ba8  clr_optimization_v4.0.30319_32 - ok
    20:19:36.0221 0x1ba8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    20:19:36.0237 0x1ba8  clr_optimization_v4.0.30319_64 - ok
    20:19:36.0268 0x1ba8  [ D68D9F4D53010B7E84D4E80A2E485554, B39D7F5737BE7C8EF6BC33595FE4538A90374E148B39BDC618163CBC30719883 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
    20:19:36.0268 0x1ba8  clwvd - ok
    20:19:36.0268 0x1ba8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
    20:19:36.0283 0x1ba8  CmBatt - ok
    20:19:36.0315 0x1ba8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    20:19:36.0330 0x1ba8  cmdide - ok
    20:19:36.0377 0x1ba8  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
    20:19:36.0393 0x1ba8  CNG - ok
    20:19:36.0424 0x1ba8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
    20:19:36.0439 0x1ba8  Compbatt - ok
    20:19:36.0455 0x1ba8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
    20:19:36.0455 0x1ba8  CompositeBus - ok
    20:19:36.0455 0x1ba8  COMSysApp - ok
    20:19:36.0471 0x1ba8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    20:19:36.0471 0x1ba8  crcdisk - ok
    20:19:36.0533 0x1ba8  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    20:19:36.0533 0x1ba8  CryptSvc - ok
    20:19:36.0642 0x1ba8  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    20:19:36.0658 0x1ba8  cvhsvc - ok
    20:19:36.0689 0x1ba8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    20:19:36.0705 0x1ba8  DcomLaunch - ok
    20:19:36.0720 0x1ba8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
    20:19:36.0736 0x1ba8  defragsvc - ok
    20:19:36.0751 0x1ba8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    20:19:36.0751 0x1ba8  DfsC - ok
    20:19:36.0767 0x1ba8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
    20:19:36.0783 0x1ba8  Dhcp - ok
    20:19:36.0783 0x1ba8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
    20:19:36.0783 0x1ba8  discache - ok
    20:19:36.0798 0x1ba8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
    20:19:36.0814 0x1ba8  Disk - ok
    20:19:36.0829 0x1ba8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    20:19:36.0845 0x1ba8  Dnscache - ok
    20:19:36.0861 0x1ba8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
    20:19:36.0861 0x1ba8  dot3svc - ok
    20:19:36.0892 0x1ba8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
    20:19:36.0892 0x1ba8  DPS - ok
    20:19:36.0923 0x1ba8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    20:19:36.0923 0x1ba8  drmkaud - ok
    20:19:36.0954 0x1ba8  [ A2613B4CBB8CF4BE09B03DC1ABAD510D, 06172C5E7186AB7ACC6E81CC6A8A6EA6E495C78FF224A4654C06A3FCA7ACE997 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
    20:19:36.0970 0x1ba8  DTSRVC - ok
    20:19:37.0032 0x1ba8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    20:19:37.0063 0x1ba8  DXGKrnl - ok
    20:19:37.0126 0x1ba8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
    20:19:37.0126 0x1ba8  EapHost - ok
    20:19:37.0219 0x1ba8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
    20:19:37.0297 0x1ba8  ebdrv - ok
    20:19:37.0360 0x1ba8  [ 47A68B3DBBB34D4FE61DE221A8536627, BC61CE4BD4F3A12C75BA6EB9D239F24CD3F54495DE9D6C901F4DAF5D92E8366B ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    20:19:37.0375 0x1ba8  eeCtrl - ok
    20:19:37.0407 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
    20:19:37.0422 0x1ba8  EFS - ok
    20:19:37.0485 0x1ba8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    20:19:37.0485 0x1ba8  ehRecvr - ok
    20:19:37.0531 0x1ba8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
    20:19:37.0531 0x1ba8  ehSched - ok
    20:19:37.0563 0x1ba8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    20:19:37.0578 0x1ba8  elxstor - ok
    20:19:37.0641 0x1ba8  [ B9773081AAF65E6D553496BA0CADCBB3, 3A77A12544755BFA1ABAA6DC53E5F03522627F57EF7092E3CC54C6431C75076A ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    20:19:37.0641 0x1ba8  EraserUtilRebootDrv - ok
    20:19:37.0672 0x1ba8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    20:19:37.0672 0x1ba8  ErrDev - ok
    20:19:37.0703 0x1ba8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
    20:19:37.0719 0x1ba8  EventSystem - ok
    20:19:37.0750 0x1ba8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
    20:19:37.0750 0x1ba8  exfat - ok
    20:19:37.0765 0x1ba8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    20:19:37.0765 0x1ba8  fastfat - ok
    20:19:37.0812 0x1ba8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
    20:19:37.0828 0x1ba8  Fax - ok
    20:19:37.0875 0x1ba8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
    20:19:37.0875 0x1ba8  fdc - ok
    20:19:37.0890 0x1ba8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
    20:19:37.0890 0x1ba8  fdPHost - ok
    20:19:37.0906 0x1ba8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
    20:19:37.0906 0x1ba8  FDResPub - ok
    20:19:37.0921 0x1ba8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    20:19:37.0921 0x1ba8  FileInfo - ok
    20:19:37.0937 0x1ba8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    20:19:37.0937 0x1ba8  Filetrace - ok
    20:19:37.0953 0x1ba8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
    20:19:37.0953 0x1ba8  flpydisk - ok
    20:19:37.0984 0x1ba8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    20:19:37.0984 0x1ba8  FltMgr - ok
    20:19:38.0062 0x1ba8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
    20:19:38.0093 0x1ba8  FontCache - ok
    20:19:38.0124 0x1ba8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    20:19:38.0124 0x1ba8  FontCache3.0.0.0 - ok
    20:19:38.0187 0x1ba8  [ 71CDC1D7F58D5EC49EBC2E2332AD3FAE, 7CA82C54BB8CADE9D0F90CAC332B22D18E8A2FE0231B8E2E5C5D571A902EB5FE ] FPLService      C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
    20:19:38.0202 0x1ba8  FPLService - ok
    20:19:38.0202 0x1ba8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    20:19:38.0218 0x1ba8  FsDepends - ok
    20:19:38.0233 0x1ba8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    20:19:38.0233 0x1ba8  Fs_Rec - ok
    20:19:38.0296 0x1ba8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    20:19:38.0311 0x1ba8  fvevol - ok
    20:19:38.0311 0x1ba8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    20:19:38.0311 0x1ba8  gagp30kx - ok
    20:19:38.0374 0x1ba8  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    20:19:38.0389 0x1ba8  GamesAppIntegrationService - ok
    20:19:38.0405 0x1ba8  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    20:19:38.0405 0x1ba8  GamesAppService - ok
    20:19:38.0452 0x1ba8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    20:19:38.0452 0x1ba8  GEARAspiWDM - ok
    20:19:38.0499 0x1ba8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
    20:19:38.0514 0x1ba8  gpsvc - ok
    20:19:38.0623 0x1ba8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    20:19:38.0623 0x1ba8  gupdate - ok
    20:19:38.0639 0x1ba8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    20:19:38.0639 0x1ba8  gupdatem - ok
    20:19:38.0670 0x1ba8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    20:19:38.0670 0x1ba8  hcw85cir - ok
    20:19:38.0717 0x1ba8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    20:19:38.0733 0x1ba8  HdAudAddService - ok
    20:19:38.0733 0x1ba8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
    20:19:38.0748 0x1ba8  HDAudBus - ok
    20:19:38.0748 0x1ba8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
    20:19:38.0748 0x1ba8  HidBatt - ok
    20:19:38.0779 0x1ba8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    20:19:38.0779 0x1ba8  HidBth - ok
    20:19:38.0811 0x1ba8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
    20:19:38.0811 0x1ba8  HidIr - ok
    20:19:38.0826 0x1ba8  [ 7A327F2FC6CDBC499A39D615CDC190F2, 609C2D92713330D42FB5FDFDDA5B05CCA31C2B767619AEB210DB8760FBFCDA66 ] hidkmdf         C:\Windows\system32\drivers\hidkmdf.sys
    20:19:38.0826 0x1ba8  hidkmdf - ok
    20:19:38.0842 0x1ba8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
    20:19:38.0842 0x1ba8  hidserv - ok
    20:19:38.0873 0x1ba8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
    20:19:38.0889 0x1ba8  HidUsb - ok
    20:19:38.0904 0x1ba8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    20:19:38.0904 0x1ba8  hkmsvc - ok
    20:19:38.0935 0x1ba8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    20:19:38.0935 0x1ba8  HomeGroupListener - ok
    20:19:38.0967 0x1ba8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    20:19:38.0967 0x1ba8  HomeGroupProvider - ok
    20:19:39.0013 0x1ba8  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    20:19:39.0013 0x1ba8  HP Support Assistant Service - ok
    20:19:39.0076 0x1ba8  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    20:19:39.0076 0x1ba8  HPClientSvc - ok
    20:19:39.0169 0x1ba8  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    20:19:39.0185 0x1ba8  hpqwmiex - ok
    20:19:39.0216 0x1ba8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    20:19:39.0216 0x1ba8  HpSAMD - ok
    20:19:39.0279 0x1ba8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    20:19:39.0294 0x1ba8  HTTP - ok
    20:19:39.0325 0x1ba8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    20:19:39.0325 0x1ba8  hwpolicy - ok
    20:19:39.0341 0x1ba8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
    20:19:39.0341 0x1ba8  i8042prt - ok
    20:19:39.0357 0x1ba8  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
    20:19:39.0372 0x1ba8  iaStor - ok
    20:19:39.0388 0x1ba8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    20:19:39.0403 0x1ba8  iaStorV - ok
    20:19:39.0497 0x1ba8  [ 3A0FF117B4ADC5ABE4D968E26A337158, 95F4EB09158DD9B4927F71F83BE3A10DDD99C131C28D9683A7CCBB8C30769AB8 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    20:19:39.0575 0x1ba8  IconMan_R - ok
    20:19:39.0637 0x1ba8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    20:19:39.0653 0x1ba8  idsvc - ok
    20:19:39.0778 0x1ba8  [ EB1118C371A096FFD4275EB85CB9EC2E, 9A697FFA7874279D26B71F1294858B8F91CB9782E40AB963AA417AFF4FFD3889 ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20150213.001\IDSvia64.sys
    20:19:39.0793 0x1ba8  IDSVia64 - ok
    20:19:39.0809 0x1ba8  IEEtwCollectorService - ok
    20:19:40.0090 0x1ba8  [ 93C8115D4BAEB1BD047AB0A9B265EE7A, 241825C19C6BB24F8645A54B30582378F12708F9307D01AAEC216C6E24D8D7F0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
    20:19:40.0371 0x1ba8  igfx - ok
    20:19:40.0386 0x1ba8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    20:19:40.0386 0x1ba8  iirsp - ok
    20:19:40.0433 0x1ba8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
    20:19:40.0449 0x1ba8  IKEEXT - ok
    20:19:40.0480 0x1ba8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
    20:19:40.0480 0x1ba8  intelide - ok
    20:19:40.0495 0x1ba8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
    20:19:40.0511 0x1ba8  intelppm - ok
    20:19:40.0527 0x1ba8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    20:19:40.0542 0x1ba8  IPBusEnum - ok
    20:19:40.0542 0x1ba8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    20:19:40.0558 0x1ba8  IpFilterDriver - ok
    20:19:40.0620 0x1ba8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    20:19:40.0636 0x1ba8  iphlpsvc - ok
    20:19:40.0651 0x1ba8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    20:19:40.0651 0x1ba8  IPMIDRV - ok
    20:19:40.0651 0x1ba8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    20:19:40.0651 0x1ba8  IPNAT - ok
    20:19:40.0729 0x1ba8  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
    20:19:40.0745 0x1ba8  iPod Service - ok
    20:19:40.0761 0x1ba8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    20:19:40.0761 0x1ba8  IRENUM - ok
    20:19:40.0792 0x1ba8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    20:19:40.0792 0x1ba8  isapnp - ok
    20:19:40.0839 0x1ba8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    20:19:40.0854 0x1ba8  iScsiPrt - ok
    20:19:40.0885 0x1ba8  [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
    20:19:40.0885 0x1ba8  itecir - ok
    20:19:40.0948 0x1ba8  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
    20:19:40.0948 0x1ba8  jhi_service - ok
    20:19:40.0979 0x1ba8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    20:19:40.0979 0x1ba8  kbdclass - ok
    20:19:40.0995 0x1ba8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
    20:19:40.0995 0x1ba8  kbdhid - ok
    20:19:41.0026 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
    20:19:41.0026 0x1ba8  KeyIso - ok
    20:19:41.0057 0x1ba8  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    20:19:41.0057 0x1ba8  KSecDD - ok
    20:19:41.0104 0x1ba8  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    20:19:41.0104 0x1ba8  KSecPkg - ok
    20:19:41.0119 0x1ba8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    20:19:41.0119 0x1ba8  ksthunk - ok
    20:19:41.0166 0x1ba8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
    20:19:41.0182 0x1ba8  KtmRm - ok
    20:19:41.0213 0x1ba8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
    20:19:41.0213 0x1ba8  LanmanServer - ok
    20:19:41.0213 0x1ba8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    20:19:41.0229 0x1ba8  LanmanWorkstation - ok
    20:19:41.0244 0x1ba8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    20:19:41.0244 0x1ba8  lltdio - ok
    20:19:41.0260 0x1ba8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    20:19:41.0275 0x1ba8  lltdsvc - ok
    20:19:41.0275 0x1ba8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    20:19:41.0291 0x1ba8  lmhosts - ok
    20:19:41.0322 0x1ba8  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    20:19:41.0322 0x1ba8  LMS - ok
    20:19:41.0353 0x1ba8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    20:19:41.0353 0x1ba8  LSI_FC - ok
    20:19:41.0369 0x1ba8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    20:19:41.0385 0x1ba8  LSI_SAS - ok
    20:19:41.0385 0x1ba8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
    20:19:41.0385 0x1ba8  LSI_SAS2 - ok
    20:19:41.0400 0x1ba8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    20:19:41.0400 0x1ba8  LSI_SCSI - ok
    20:19:41.0416 0x1ba8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
    20:19:41.0416 0x1ba8  luafv - ok
    20:19:41.0431 0x1ba8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    20:19:41.0431 0x1ba8  Mcx2Svc - ok
    20:19:41.0447 0x1ba8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
    20:19:41.0447 0x1ba8  megasas - ok
    20:19:41.0463 0x1ba8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
    20:19:41.0478 0x1ba8  MegaSR - ok
    20:19:41.0494 0x1ba8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
    20:19:41.0494 0x1ba8  MEIx64 - ok
    20:19:41.0494 0x1ba8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
    20:19:41.0494 0x1ba8  MMCSS - ok
    20:19:41.0509 0x1ba8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
    20:19:41.0525 0x1ba8  Modem - ok
    20:19:41.0525 0x1ba8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    20:19:41.0525 0x1ba8  monitor - ok
    20:19:41.0525 0x1ba8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    20:19:41.0541 0x1ba8  mouclass - ok
    20:19:41.0572 0x1ba8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    20:19:41.0572 0x1ba8  mouhid - ok
    20:19:41.0587 0x1ba8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    20:19:41.0587 0x1ba8  mountmgr - ok
    20:19:41.0603 0x1ba8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
    20:19:41.0619 0x1ba8  mpio - ok
    20:19:41.0634 0x1ba8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    20:19:41.0650 0x1ba8  mpsdrv - ok
    20:19:41.0681 0x1ba8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    20:19:41.0697 0x1ba8  MpsSvc - ok
    20:19:41.0728 0x1ba8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    20:19:41.0728 0x1ba8  MRxDAV - ok
    20:19:41.0759 0x1ba8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    20:19:41.0759 0x1ba8  mrxsmb - ok
    20:19:41.0775 0x1ba8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    20:19:41.0775 0x1ba8  mrxsmb10 - ok
    20:19:41.0790 0x1ba8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    20:19:41.0790 0x1ba8  mrxsmb20 - ok
    20:19:41.0837 0x1ba8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
    20:19:41.0837 0x1ba8  msahci - ok
    20:19:41.0853 0x1ba8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    20:19:41.0853 0x1ba8  msdsm - ok
    20:19:41.0868 0x1ba8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
    20:19:41.0868 0x1ba8  MSDTC - ok
    20:19:41.0899 0x1ba8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    20:19:41.0899 0x1ba8  Msfs - ok
    20:19:41.0915 0x1ba8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    20:19:41.0915 0x1ba8  mshidkmdf - ok
    20:19:41.0915 0x1ba8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    20:19:41.0915 0x1ba8  msisadrv - ok
    20:19:41.0931 0x1ba8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    20:19:41.0931 0x1ba8  MSiSCSI - ok
    20:19:41.0946 0x1ba8  msiserver - ok
    20:19:41.0962 0x1ba8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    20:19:41.0962 0x1ba8  MSKSSRV - ok
    20:19:41.0977 0x1ba8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    20:19:41.0977 0x1ba8  MSPCLOCK - ok
    20:19:41.0993 0x1ba8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    20:19:42.0009 0x1ba8  MSPQM - ok
    20:19:42.0024 0x1ba8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    20:19:42.0040 0x1ba8  MsRPC - ok
    20:19:42.0087 0x1ba8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
    20:19:42.0087 0x1ba8  mssmbios - ok
    20:19:42.0102 0x1ba8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    20:19:42.0102 0x1ba8  MSTEE - ok
    20:19:42.0118 0x1ba8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
    20:19:42.0118 0x1ba8  MTConfig - ok
    20:19:42.0133 0x1ba8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
    20:19:42.0133 0x1ba8  Mup - ok
    20:19:42.0165 0x1ba8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
    20:19:42.0165 0x1ba8  napagent - ok
    20:19:42.0196 0x1ba8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    20:19:42.0196 0x1ba8  NativeWifiP - ok
    20:19:42.0289 0x1ba8  [ 54F4B358F41C664CBDE4507D67EED1CD, CDCA0A778AF596933CD7CBF1119FCA551ECC03CBBD4F1E8213C3FD2FECA902F2 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150213.019\ENG64.SYS
    20:19:42.0289 0x1ba8  NAVENG - ok
    20:19:42.0367 0x1ba8  [ A74D67EEEB3938FD2FA3B65B24C32C44, 4D780B70B57E23A3A155794C4DEEBD856E32D35B789BDF4673AAC8FC3AC4367B ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150213.019\EX64.SYS
    20:19:42.0414 0x1ba8  NAVEX15 - ok
    20:19:42.0492 0x1ba8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
    20:19:42.0523 0x1ba8  NDIS - ok
    20:19:42.0523 0x1ba8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    20:19:42.0523 0x1ba8  NdisCap - ok
    20:19:42.0539 0x1ba8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    20:19:42.0539 0x1ba8  NdisTapi - ok
    20:19:42.0555 0x1ba8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    20:19:42.0555 0x1ba8  Ndisuio - ok
    20:19:42.0570 0x1ba8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    20:19:42.0570 0x1ba8  NdisWan - ok
    20:19:42.0586 0x1ba8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    20:19:42.0586 0x1ba8  NDProxy - ok
    20:19:42.0664 0x1ba8  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
    20:19:42.0679 0x1ba8  Netaapl - ok
    20:19:42.0695 0x1ba8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    20:19:42.0695 0x1ba8  NetBIOS - ok
    20:19:42.0726 0x1ba8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    20:19:42.0726 0x1ba8  NetBT - ok
    20:19:42.0757 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
    20:19:42.0757 0x1ba8  Netlogon - ok
    20:19:42.0789 0x1ba8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
    20:19:42.0804 0x1ba8  Netman - ok
    20:19:42.0851 0x1ba8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    20:19:42.0851 0x1ba8  NetMsmqActivator - ok
    20:19:42.0867 0x1ba8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    20:19:42.0867 0x1ba8  NetPipeActivator - ok
    20:19:42.0898 0x1ba8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
    20:19:42.0913 0x1ba8  netprofm - ok
    20:19:43.0007 0x1ba8  [ 8B5D2D7CB0EF5B1967860B8AB742A46C, 65B61FF5156D0EC0F95143FFBB0099F6F8B9CBB4CA4227F455884B8F51E93FB4 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
    20:19:43.0038 0x1ba8  netr28x - ok
    20:19:43.0054 0x1ba8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    20:19:43.0054 0x1ba8  NetTcpActivator - ok
    20:19:43.0054 0x1ba8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    20:19:43.0054 0x1ba8  NetTcpPortSharing - ok
    20:19:43.0101 0x1ba8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    20:19:43.0101 0x1ba8  nfrd960 - ok
    20:19:43.0272 0x1ba8  [ 2393ACEBBCFF7BAFF04EB60C96914E17, DE97BEE4B8454D86B1CF8E2748CFFB3A1560CE962E1F3611E5B3542C1496A038 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
    20:19:43.0288 0x1ba8  NIS - ok
    20:19:43.0335 0x1ba8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
    20:19:43.0350 0x1ba8  NlaSvc - ok
    20:19:43.0350 0x1ba8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    20:19:43.0350 0x1ba8  Npfs - ok
    20:19:43.0381 0x1ba8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
    20:19:43.0381 0x1ba8  nsi - ok
    20:19:43.0397 0x1ba8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    20:19:43.0397 0x1ba8  nsiproxy - ok
    20:19:43.0491 0x1ba8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    20:19:43.0537 0x1ba8  Ntfs - ok
    20:19:43.0553 0x1ba8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
    20:19:43.0553 0x1ba8  Null - ok
    20:19:43.0569 0x1ba8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    20:19:43.0569 0x1ba8  nvraid - ok
    20:19:43.0584 0x1ba8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    20:19:43.0584 0x1ba8  nvstor - ok
    20:19:43.0615 0x1ba8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    20:19:43.0615 0x1ba8  nv_agp - ok
    20:19:43.0631 0x1ba8  [ 1E65CFD59DDFA8166D2174DC3E6D4AAE, 739287F30E7E2DACA84F41B19272FC2AA5A175CDE655E8262FEE127983CBC6AF ] NWVoltron       C:\Windows\system32\drivers\NWVoltron.sys
    20:19:43.0631 0x1ba8  NWVoltron - ok
    20:19:43.0647 0x1ba8  [ 29B7F4F503EF7652024C28A3DD0E3586, CD87BEA97A4DEAB6C9E6666C8C9B241C850A278AB7EADF2753BE0319224A3FF1 ] NWWakeFilterV   C:\Windows\system32\drivers\NWWakeFilterV.sys
    20:19:43.0647 0x1ba8  NWWakeFilterV - ok
    20:19:43.0647 0x1ba8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    20:19:43.0662 0x1ba8  ohci1394 - ok
    20:19:43.0678 0x1ba8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    20:19:43.0678 0x1ba8  ose - ok
    20:19:43.0865 0x1ba8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    20:19:44.0021 0x1ba8  osppsvc - ok
    20:19:44.0037 0x1ba8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    20:19:44.0052 0x1ba8  p2pimsvc - ok
    20:19:44.0068 0x1ba8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
    20:19:44.0083 0x1ba8  p2psvc - ok
    20:19:44.0099 0x1ba8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
    20:19:44.0099 0x1ba8  Parport - ok
    20:19:44.0115 0x1ba8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    20:19:44.0130 0x1ba8  partmgr - ok
    20:19:44.0161 0x1ba8  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    20:19:44.0161 0x1ba8  PcaSvc - ok
    20:19:44.0177 0x1ba8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
    20:19:44.0193 0x1ba8  pci - ok
    20:19:44.0224 0x1ba8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
    20:19:44.0224 0x1ba8  pciide - ok
    20:19:44.0255 0x1ba8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    20:19:44.0255 0x1ba8  pcmcia - ok
    20:19:44.0271 0x1ba8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
    20:19:44.0271 0x1ba8  pcw - ok
    20:19:44.0302 0x1ba8  pdfcDispatcher - ok
    20:19:44.0333 0x1ba8  [ C7801DEF1C78747996A52C1F4C473E6F, B19FB226C1E0330695B4BCD768C6C92A5671A4EE2209A854F8952D6F6810E29C ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
    20:19:44.0333 0x1ba8  PdiService - ok
    20:19:44.0395 0x1ba8  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    20:19:44.0411 0x1ba8  PEAUTH - ok
    20:19:44.0489 0x1ba8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    20:19:44.0489 0x1ba8  PerfHost - ok
    20:19:44.0567 0x1ba8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
    20:19:44.0598 0x1ba8  pla - ok
    20:19:44.0661 0x1ba8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    20:19:44.0676 0x1ba8  PlugPlay - ok
    20:19:44.0692 0x1ba8  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
    20:19:44.0692 0x1ba8  pmxdrv - ok
    20:19:44.0707 0x1ba8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    20:19:44.0707 0x1ba8  PNRPAutoReg - ok
    20:19:44.0723 0x1ba8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    20:19:44.0739 0x1ba8  PNRPsvc - ok
    20:19:44.0754 0x1ba8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    20:19:44.0770 0x1ba8  PolicyAgent - ok
    20:19:44.0785 0x1ba8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
    20:19:44.0801 0x1ba8  Power - ok
    20:19:44.0832 0x1ba8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    20:19:44.0832 0x1ba8  PptpMiniport - ok
    20:19:44.0848 0x1ba8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
    20:19:44.0848 0x1ba8  Processor - ok
    20:19:44.0895 0x1ba8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
    20:19:44.0910 0x1ba8  ProfSvc - ok
    20:19:44.0910 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
    20:19:44.0926 0x1ba8  ProtectedStorage - ok
    20:19:44.0941 0x1ba8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    20:19:44.0941 0x1ba8  Psched - ok
    20:19:45.0019 0x1ba8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    20:19:45.0051 0x1ba8  ql2300 - ok
    20:19:45.0066 0x1ba8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    20:19:45.0082 0x1ba8  ql40xx - ok
    20:19:45.0082 0x1ba8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
    20:19:45.0097 0x1ba8  QWAVE - ok
    20:19:45.0097 0x1ba8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    20:19:45.0097 0x1ba8  QWAVEdrv - ok
    20:19:45.0113 0x1ba8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    20:19:45.0113 0x1ba8  RasAcd - ok
    20:19:45.0129 0x1ba8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    20:19:45.0129 0x1ba8  RasAgileVpn - ok
    20:19:45.0144 0x1ba8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
    20:19:45.0144 0x1ba8  RasAuto - ok
    20:19:45.0160 0x1ba8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    20:19:45.0160 0x1ba8  Rasl2tp - ok
    20:19:45.0191 0x1ba8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
    20:19:45.0191 0x1ba8  RasMan - ok
    20:19:45.0191 0x1ba8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    20:19:45.0191 0x1ba8  RasPppoe - ok
    20:19:45.0207 0x1ba8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    20:19:45.0207 0x1ba8  RasSstp - ok
    20:19:45.0222 0x1ba8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    20:19:45.0238 0x1ba8  rdbss - ok
    20:19:45.0238 0x1ba8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
    20:19:45.0253 0x1ba8  rdpbus - ok
    20:19:45.0269 0x1ba8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    20:19:45.0269 0x1ba8  RDPCDD - ok
    20:19:45.0285 0x1ba8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    20:19:45.0285 0x1ba8  RDPENCDD - ok
    20:19:45.0300 0x1ba8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    20:19:45.0300 0x1ba8  RDPREFMP - ok
    20:19:45.0347 0x1ba8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    20:19:45.0363 0x1ba8  RDPWD - ok
    20:19:45.0378 0x1ba8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    20:19:45.0394 0x1ba8  rdyboost - ok
    20:19:45.0409 0x1ba8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    20:19:45.0409 0x1ba8  RemoteAccess - ok
    20:19:45.0425 0x1ba8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    20:19:45.0441 0x1ba8  RemoteRegistry - ok
    20:19:45.0487 0x1ba8  [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    20:19:45.0503 0x1ba8  RoxioNow Service - ok
    20:19:45.0519 0x1ba8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    20:19:45.0519 0x1ba8  RpcEptMapper - ok
    20:19:45.0534 0x1ba8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
    20:19:45.0534 0x1ba8  RpcLocator - ok
    20:19:45.0565 0x1ba8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
    20:19:45.0581 0x1ba8  RpcSs - ok
    20:19:45.0612 0x1ba8  [ F8FEA7764348C59262B340916CBFEB40, 2CDD8C8821D6083A733683FA113C6D47674DDE68B6CBB2603C0BD8F1C7EF96C2 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
    20:19:45.0612 0x1ba8  RSPCIESTOR - ok
    20:19:45.0628 0x1ba8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    20:19:45.0628 0x1ba8  rspndr - ok
    20:19:45.0643 0x1ba8  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
    20:19:45.0659 0x1ba8  RTL8167 - ok
    20:19:45.0675 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
    20:19:45.0675 0x1ba8  SamSs - ok
    20:19:45.0690 0x1ba8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    20:19:45.0690 0x1ba8  sbp2port - ok
    20:19:45.0706 0x1ba8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    20:19:45.0721 0x1ba8  SCardSvr - ok
    20:19:45.0721 0x1ba8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    20:19:45.0721 0x1ba8  scfilter - ok
    20:19:45.0768 0x1ba8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
    20:19:45.0799 0x1ba8  Schedule - ok
    20:19:45.0815 0x1ba8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
    20:19:45.0815 0x1ba8  SCPolicySvc - ok
    20:19:45.0831 0x1ba8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    20:19:45.0846 0x1ba8  SDRSVC - ok
    20:19:45.0862 0x1ba8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    20:19:45.0877 0x1ba8  secdrv - ok
    20:19:45.0877 0x1ba8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
    20:19:45.0877 0x1ba8  seclogon - ok
    20:19:45.0893 0x1ba8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
    20:19:45.0893 0x1ba8  SENS - ok
    20:19:45.0924 0x1ba8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    20:19:45.0924 0x1ba8  SensrSvc - ok
    20:19:45.0940 0x1ba8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
    20:19:45.0940 0x1ba8  Serenum - ok
    20:19:45.0971 0x1ba8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
    20:19:45.0971 0x1ba8  Serial - ok
    20:19:46.0002 0x1ba8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    20:19:46.0002 0x1ba8  sermouse - ok
    20:19:46.0018 0x1ba8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
    20:19:46.0018 0x1ba8  SessionEnv - ok
    20:19:46.0049 0x1ba8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    20:19:46.0049 0x1ba8  sffdisk - ok
    20:19:46.0065 0x1ba8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    20:19:46.0065 0x1ba8  sffp_mmc - ok
    20:19:46.0065 0x1ba8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    20:19:46.0065 0x1ba8  sffp_sd - ok
    20:19:46.0080 0x1ba8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    20:19:46.0080 0x1ba8  sfloppy - ok
    20:19:46.0127 0x1ba8  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
    20:19:46.0143 0x1ba8  Sftfs - ok
    20:19:46.0221 0x1ba8  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    20:19:46.0236 0x1ba8  sftlist - ok
    20:19:46.0299 0x1ba8  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
    20:19:46.0314 0x1ba8  Sftplay - ok
    20:19:46.0330 0x1ba8  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
    20:19:46.0330 0x1ba8  Sftredir - ok
    20:19:46.0330 0x1ba8  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
    20:19:46.0330 0x1ba8  Sftvol - ok
    20:19:46.0361 0x1ba8  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    20:19:46.0361 0x1ba8  sftvsa - ok
    20:19:46.0377 0x1ba8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    20:19:46.0392 0x1ba8  SharedAccess - ok
    20:19:46.0408 0x1ba8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    20:19:46.0423 0x1ba8  ShellHWDetection - ok
    20:19:46.0439 0x1ba8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
    20:19:46.0439 0x1ba8  SiSRaid2 - ok
    20:19:46.0455 0x1ba8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    20:19:46.0455 0x1ba8  SiSRaid4 - ok
    20:19:46.0470 0x1ba8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    20:19:46.0486 0x1ba8  Smb - ok
    20:19:46.0501 0x1ba8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    20:19:46.0501 0x1ba8  SNMPTRAP - ok
    20:19:46.0517 0x1ba8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
    20:19:46.0517 0x1ba8  spldr - ok
    20:19:46.0579 0x1ba8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
    20:19:46.0595 0x1ba8  Spooler - ok
    20:19:46.0704 0x1ba8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
    20:19:46.0798 0x1ba8  sppsvc - ok
    20:19:46.0813 0x1ba8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    20:19:46.0813 0x1ba8  sppuinotify - ok
    20:19:46.0954 0x1ba8  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS
    20:19:46.0969 0x1ba8  SRTSP - ok
    20:19:46.0985 0x1ba8  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS
    20:19:46.0985 0x1ba8  SRTSPX - ok
    20:19:47.0016 0x1ba8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
    20:19:47.0016 0x1ba8  srv - ok
    20:19:47.0047 0x1ba8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    20:19:47.0047 0x1ba8  srv2 - ok
    20:19:47.0079 0x1ba8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    20:19:47.0079 0x1ba8  srvnet - ok
    20:19:47.0079 0x1ba8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    20:19:47.0094 0x1ba8  SSDPSRV - ok
    20:19:47.0110 0x1ba8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    20:19:47.0110 0x1ba8  SstpSvc - ok
    20:19:47.0157 0x1ba8  [ E942412186178B1331F8335E30FA076F, 000CA0F392A1CEA4F7843364A3639CF2ADB66BE48A6850C6AD61DD252E7727B3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
    20:19:47.0172 0x1ba8  STacSV - ok
    20:19:47.0188 0x1ba8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
    20:19:47.0188 0x1ba8  stexstor - ok
    20:19:47.0235 0x1ba8  [ DCC8845692DEA3477BCF6CE9D06C711F, 22EFA0620B99E73FE9296540DB3A7AFC8E39E0ADCEE6419084218B504A550FBE ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
    20:19:47.0250 0x1ba8  STHDA - ok
    20:19:47.0313 0x1ba8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
    20:19:47.0313 0x1ba8  StillCam - ok
    20:19:47.0344 0x1ba8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
    20:19:47.0359 0x1ba8  stisvc - ok
    20:19:47.0375 0x1ba8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
    20:19:47.0375 0x1ba8  swenum - ok
    20:19:47.0391 0x1ba8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
    20:19:47.0406 0x1ba8  swprv - ok
    20:19:47.0437 0x1ba8  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS
    20:19:47.0453 0x1ba8  SymDS - ok
    20:19:47.0484 0x1ba8  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS
    20:19:47.0515 0x1ba8  SymEFA - ok
    20:19:47.0547 0x1ba8  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    20:19:47.0562 0x1ba8  SymEvent - ok
    20:19:47.0593 0x1ba8  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS
    20:19:47.0593 0x1ba8  SymIRON - ok
    20:19:47.0625 0x1ba8  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS
    20:19:47.0656 0x1ba8  SymNetS - ok
    20:19:47.0718 0x1ba8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
    20:19:47.0765 0x1ba8  SysMain - ok
    20:19:47.0781 0x1ba8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    20:19:47.0796 0x1ba8  TabletInputService - ok
    20:19:47.0812 0x1ba8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
    20:19:47.0812 0x1ba8  TapiSrv - ok
    20:19:47.0827 0x1ba8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
    20:19:47.0827 0x1ba8  TBS - ok
    20:19:47.0937 0x1ba8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    20:19:47.0983 0x1ba8  Tcpip - ok
    20:19:48.0061 0x1ba8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    20:19:48.0077 0x1ba8  TCPIP6 - ok
    20:19:48.0124 0x1ba8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    20:19:48.0124 0x1ba8  tcpipreg - ok
    20:19:48.0139 0x1ba8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    20:19:48.0139 0x1ba8  TDPIPE - ok
    20:19:48.0155 0x1ba8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    20:19:48.0155 0x1ba8  TDTCP - ok
    20:19:48.0202 0x1ba8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    20:19:48.0217 0x1ba8  tdx - ok
    20:19:48.0233 0x1ba8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
    20:19:48.0233 0x1ba8  TermDD - ok
    20:19:48.0295 0x1ba8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
    20:19:48.0327 0x1ba8  TermService - ok
    20:19:48.0342 0x1ba8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
    20:19:48.0342 0x1ba8  Themes - ok
    20:19:48.0373 0x1ba8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
    20:19:48.0373 0x1ba8  THREADORDER - ok
    20:19:48.0405 0x1ba8  [ FF879027C552A37897D107BE6CEDF6DF, 6E56CFD51847CAB1B84A9A1172F3944D0584872BAC8167F1F56B3D63B5E12B79 ] tihub3          C:\Windows\system32\drivers\tihub3.sys
    20:19:48.0405 0x1ba8  tihub3 - ok
    20:19:48.0451 0x1ba8  [ 133C3B4A3E44616F8F571A0EBBEF9B74, 40085B6D46CE728BD2579A917211725711BA380D4E0678AC939A9CE874D3FDC8 ] tixhci          C:\Windows\system32\drivers\tixhci.sys
    20:19:48.0467 0x1ba8  tixhci - ok
    20:19:48.0483 0x1ba8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
    20:19:48.0483 0x1ba8  TrkWks - ok
    20:19:48.0529 0x1ba8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    20:19:48.0529 0x1ba8  TrustedInstaller - ok
    20:19:48.0576 0x1ba8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    20:19:48.0576 0x1ba8  tssecsrv - ok
    20:19:48.0607 0x1ba8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    20:19:48.0607 0x1ba8  TsUsbFlt - ok
    20:19:48.0607 0x1ba8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
    20:19:48.0623 0x1ba8  TsUsbGD - ok
    20:19:48.0639 0x1ba8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    20:19:48.0654 0x1ba8  tunnel - ok
    20:19:48.0670 0x1ba8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
    20:19:48.0670 0x1ba8  uagp35 - ok
    20:19:48.0701 0x1ba8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    20:19:48.0717 0x1ba8  udfs - ok
    20:19:48.0732 0x1ba8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    20:19:48.0732 0x1ba8  UI0Detect - ok
    20:19:48.0763 0x1ba8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    20:19:48.0763 0x1ba8  uliagpkx - ok
    20:19:48.0779 0x1ba8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
    20:19:48.0779 0x1ba8  umbus - ok
    20:19:48.0795 0x1ba8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
    20:19:48.0795 0x1ba8  UmPass - ok
    20:19:48.0935 0x1ba8  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    20:19:48.0997 0x1ba8  UNS - ok
    20:19:49.0044 0x1ba8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
    20:19:49.0060 0x1ba8  upnphost - ok
    20:19:49.0091 0x1ba8  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
    20:19:49.0091 0x1ba8  USBAAPL64 - ok
    20:19:49.0122 0x1ba8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    20:19:49.0122 0x1ba8  usbccgp - ok
    20:19:49.0169 0x1ba8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    20:19:49.0169 0x1ba8  usbcir - ok
    20:19:49.0200 0x1ba8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
    20:19:49.0200 0x1ba8  usbehci - ok
    20:19:49.0216 0x1ba8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    20:19:49.0231 0x1ba8  usbhub - ok
    20:19:49.0247 0x1ba8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
    20:19:49.0247 0x1ba8  usbohci - ok
    20:19:49.0278 0x1ba8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
    20:19:49.0278 0x1ba8  usbprint - ok
    20:19:49.0294 0x1ba8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
    20:19:49.0294 0x1ba8  USBSTOR - ok
    20:19:49.0309 0x1ba8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    20:19:49.0325 0x1ba8  usbuhci - ok
    20:19:49.0341 0x1ba8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
    20:19:49.0356 0x1ba8  usbvideo - ok
    20:19:49.0372 0x1ba8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
    20:19:49.0372 0x1ba8  UxSms - ok
    20:19:49.0387 0x1ba8  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
    20:19:49.0387 0x1ba8  VaultSvc - ok
    20:19:49.0419 0x1ba8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    20:19:49.0434 0x1ba8  vdrvroot - ok
    20:19:49.0465 0x1ba8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
    20:19:49.0481 0x1ba8  vds - ok
    20:19:49.0497 0x1ba8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    20:19:49.0497 0x1ba8  vga - ok
    20:19:49.0512 0x1ba8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
    20:19:49.0512 0x1ba8  VgaSave - ok
    20:19:49.0543 0x1ba8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    20:19:49.0543 0x1ba8  vhdmp - ok
    20:19:49.0575 0x1ba8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
    20:19:49.0575 0x1ba8  viaide - ok
    20:19:49.0590 0x1ba8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    20:19:49.0590 0x1ba8  volmgr - ok
    20:19:49.0621 0x1ba8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    20:19:49.0637 0x1ba8  volmgrx - ok
    20:19:49.0653 0x1ba8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    20:19:49.0653 0x1ba8  volsnap - ok
    20:19:49.0668 0x1ba8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
    20:19:49.0668 0x1ba8  vsmraid - ok
    20:19:49.0731 0x1ba8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
    20:19:49.0762 0x1ba8  VSS - ok
    20:19:49.0777 0x1ba8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
    20:19:49.0777 0x1ba8  vwifibus - ok
    20:19:49.0793 0x1ba8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
    20:19:49.0793 0x1ba8  vwififlt - ok
    20:19:49.0824 0x1ba8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
    20:19:49.0840 0x1ba8  W32Time - ok
    20:19:49.0855 0x1ba8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
    20:19:49.0855 0x1ba8  WacomPen - ok
    20:19:49.0871 0x1ba8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    20:19:49.0871 0x1ba8  WANARP - ok
    20:19:49.0887 0x1ba8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    20:19:49.0887 0x1ba8  Wanarpv6 - ok
    20:19:49.0949 0x1ba8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    20:19:49.0980 0x1ba8  WatAdminSvc - ok
    20:19:50.0027 0x1ba8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
    20:19:50.0058 0x1ba8  wbengine - ok
    20:19:50.0074 0x1ba8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    20:19:50.0074 0x1ba8  WbioSrvc - ok
    20:19:50.0089 0x1ba8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    20:19:50.0105 0x1ba8  wcncsvc - ok
    20:19:50.0121 0x1ba8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    20:19:50.0121 0x1ba8  WcsPlugInService - ok
    20:19:50.0121 0x1ba8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
    20:19:50.0136 0x1ba8  Wd - ok
    20:19:50.0199 0x1ba8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    20:19:50.0214 0x1ba8  Wdf01000 - ok
    20:19:50.0245 0x1ba8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    20:19:50.0245 0x1ba8  WdiServiceHost - ok
    20:19:50.0245 0x1ba8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    20:19:50.0245 0x1ba8  WdiSystemHost - ok
    20:19:50.0292 0x1ba8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
    20:19:50.0308 0x1ba8  WebClient - ok
    20:19:50.0323 0x1ba8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    20:19:50.0323 0x1ba8  Wecsvc - ok
    20:19:50.0339 0x1ba8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    20:19:50.0355 0x1ba8  wercplsupport - ok
    20:19:50.0370 0x1ba8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
    20:19:50.0370 0x1ba8  WerSvc - ok
    20:19:50.0386 0x1ba8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    20:19:50.0386 0x1ba8  WfpLwf - ok
    20:19:50.0401 0x1ba8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    20:19:50.0401 0x1ba8  WIMMount - ok
    20:19:50.0433 0x1ba8  WinDefend - ok
    20:19:50.0433 0x1ba8  WinHttpAutoProxySvc - ok
    20:19:50.0479 0x1ba8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    20:19:50.0495 0x1ba8  Winmgmt - ok
    20:19:50.0589 0x1ba8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
    20:19:50.0635 0x1ba8  WinRM - ok
    20:19:50.0682 0x1ba8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
    20:19:50.0682 0x1ba8  WinUsb - ok
    20:19:50.0729 0x1ba8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
    20:19:50.0745 0x1ba8  Wlansvc - ok
    20:19:50.0776 0x1ba8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    20:19:50.0776 0x1ba8  wlcrasvc - ok
    20:19:50.0869 0x1ba8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    20:19:50.0932 0x1ba8  wlidsvc - ok
    20:19:50.0947 0x1ba8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
    20:19:50.0947 0x1ba8  WmiAcpi - ok
    20:19:50.0963 0x1ba8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    20:19:50.0979 0x1ba8  wmiApSrv - ok
    20:19:50.0994 0x1ba8  WMPNetworkSvc - ok
    20:19:51.0010 0x1ba8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    20:19:51.0025 0x1ba8  WPCSvc - ok
    20:19:51.0025 0x1ba8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    20:19:51.0025 0x1ba8  WPDBusEnum - ok
    20:19:51.0041 0x1ba8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    20:19:51.0041 0x1ba8  ws2ifsl - ok
    20:19:51.0041 0x1ba8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
    20:19:51.0057 0x1ba8  wscsvc - ok
    20:19:51.0057 0x1ba8  WSearch - ok
    20:19:51.0150 0x1ba8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
    20:19:51.0213 0x1ba8  wuauserv - ok
    20:19:51.0259 0x1ba8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    20:19:51.0259 0x1ba8  WudfPf - ok
    20:19:51.0322 0x1ba8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    20:19:51.0322 0x1ba8  WUDFRd - ok
    20:19:51.0369 0x1ba8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    20:19:51.0369 0x1ba8  wudfsvc - ok
    20:19:51.0400 0x1ba8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
    20:19:51.0415 0x1ba8  WwanSvc - ok
    20:19:51.0431 0x1ba8  ================ Scan global ===============================
    20:19:51.0447 0x1ba8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    20:19:51.0493 0x1ba8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    20:19:51.0509 0x1ba8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    20:19:51.0525 0x1ba8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    20:19:51.0571 0x1ba8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
    20:19:51.0571 0x1ba8  [ Global ] - ok
    20:19:51.0571 0x1ba8  ================ Scan MBR ==================================
    20:19:51.0587 0x1ba8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    20:19:51.0868 0x1ba8  \Device\Harddisk0\DR0 - ok
    20:19:51.0868 0x1ba8  ================ Scan VBR ==================================
    20:19:51.0868 0x1ba8  [ D3AEACBBA146EA29D6C4964778B8A449 ] \Device\Harddisk0\DR0\Partition1
    20:19:51.0961 0x1ba8  \Device\Harddisk0\DR0\Partition1 - ok
    20:19:51.0961 0x1ba8  [ 9AA185AD12CAA0CBFADA366C84461898 ] \Device\Harddisk0\DR0\Partition2
    20:19:52.0039 0x1ba8  \Device\Harddisk0\DR0\Partition2 - ok
    20:19:52.0039 0x1ba8  [ 1570E1F6042283C7C8343D53991920E0 ] \Device\Harddisk0\DR0\Partition3
    20:19:52.0039 0x1ba8  \Device\Harddisk0\DR0\Partition3 - ok
    20:19:52.0039 0x1ba8  ================ Scan generic autorun ======================
    20:19:52.0102 0x1ba8  [ 13392E518730835DC9584C60B04E77C2, E4CF50A5D0777A51CACFBA144CD41621BDE2C4CBB5678C8C2624F7612F9DEE11 ] C:\Program Files\IDT\WDM\beats64.exe
    20:19:52.0102 0x1ba8  BeatsOSDApp - ok
    20:19:52.0149 0x1ba8  [ 0899CF4DED834760397AA8C5DDD264F4, 00AB9C5A588473571A6FB42E03956B07FAA65B57945048AE0583BACE2A22C236 ] C:\Program Files\IDT\WDM\sttray64.exe
    20:19:52.0180 0x1ba8  SysTrayApp - ok
    20:19:52.0289 0x1ba8  [ 709DC2B8AEA800E9E0A966BF80008D79, 0FA3E4AFCF3C18A8F4F0B99C91FA42DE05ED88470879EF13E0B5950A6496DA39 ] C:\Windows\system32\igfxtray.exe
    20:19:52.0289 0x1ba8  IgfxTray - ok
    20:19:52.0305 0x1ba8  [ 3478BAAA807DC79E3F5C512D606091D0, 343F4B3B00699C8E139ABD4C2AD234E9F1F0A05DC8CBEDFA35991801F4735414 ] C:\Windows\system32\hkcmd.exe
    20:19:52.0320 0x1ba8  HotKeysCmds - ok
    20:19:52.0351 0x1ba8  [ 83A0DA77915A7B631373F7A62F736A9A, 52E89B2270F7A336AF8E30E2222C53459923F06652B2E1B5508786356CE128E7 ] C:\Windows\system32\igfxpers.exe
    20:19:52.0351 0x1ba8  Persistence - ok
    20:19:52.0383 0x1ba8  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    20:19:52.0383 0x1ba8  hpsysdrv - ok
    20:19:52.0461 0x1ba8  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
    20:19:52.0461 0x1ba8  NCPluginUpdater - ok
    20:19:52.0492 0x1ba8  [ C09AAD7E3EDCF7078449CA6046C7B395, 7AC5474F0A06E2063824FAC8F72432E569E2C95BAF0C3B78EFA8128561CD93AE ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
    20:19:52.0507 0x1ba8  DT HPO - ok
    20:19:52.0554 0x1ba8  [ 2ECC555292D3DC382521724F7E1FBFBC, AD786D4647F30263B1BEDB6CDDE9841F8420C4C2EED74CD481A0255F9A142F1D ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    20:19:52.0570 0x1ba8  PDF Complete - ok
    20:19:52.0601 0x1ba8  [ 6E95474CB9E22BC9768EFA176C6A0A29, 0AE08EA94B239F4418BF49A734E36AFEE624CF5C2EB1C24820131D24FD0A7C27 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    20:19:52.0601 0x1ba8  HP Software Update - ok
    20:19:52.0679 0x1ba8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    20:19:52.0710 0x1ba8  Sidebar - ok
    20:19:52.0726 0x1ba8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    20:19:52.0726 0x1ba8  mctadmin - ok
    20:19:52.0757 0x1ba8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    20:19:52.0773 0x1ba8  Sidebar - ok
    20:19:52.0788 0x1ba8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    20:19:52.0788 0x1ba8  mctadmin - ok
    20:19:52.0929 0x1ba8  [ F98A242F61736233824F2E306069EE96, C7213F68C0566B15EF7AF9B2BBD964ACDA6E5FB0DD84B4276A6BB7E4FFE5D80E ] C:\Program Files\hp\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
    20:19:52.0975 0x1ba8  HP Officejet 6700 (NET) - ok
    20:19:52.0975 0x1ba8  Waiting for KSN requests completion. In queue: 59
    20:19:53.0989 0x1ba8  Waiting for KSN requests completion. In queue: 59
    20:19:55.0003 0x1ba8  Waiting for KSN requests completion. In queue: 59
    20:19:56.0033 0x1ba8  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50000 ( disabled : updated )
    20:19:56.0033 0x1ba8  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
    20:19:58.0872 0x1ba8  ============================================================
    20:19:58.0872 0x1ba8  Scan finished
    20:19:58.0872 0x1ba8  ============================================================
    20:19:58.0872 0x1994  Detected object count: 0
    20:19:58.0872 0x1994  Actual detected object count: 0
    20:22:22.0962 0x148c  Deinitialize success


    #10 pcbug

    pcbug
    • Topic Starter

    • Members
    • 13 posts
    • OFFLINE
    •  
    • Local time:11:28 AM

    Posted 14 February 2015 - 10:08 PM

    Malwarebytes Anti-Rootkit BETA 1.08.3.1004
    www.malwarebytes.org
     
    Database version:
      main:    v2015.02.15.01
      rootkit: v2015.02.03.01
     
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17633
    Chris :: HPALLINONE [administrator]
     
    2/14/2015 8:33:11 PM
    mbar-log-2015-02-14 (20-33-11).txt
     
    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled: 
    Objects scanned: 457959
    Time elapsed: 28 minute(s), 14 second(s)
     
    Memory Processes Detected: 0
    (No malicious items detected)
     
    Memory Modules Detected: 0
    (No malicious items detected)
     
    Registry Keys Detected: 0
    (No malicious items detected)
     
    Registry Values Detected: 0
    (No malicious items detected)
     
    Registry Data Items Detected: 0
    (No malicious items detected)
     
    Folders Detected: 0
    (No malicious items detected)
     
    Files Detected: 0
    (No malicious items detected)
     
    Physical Sectors Detected: 0
    (No malicious items detected)
     
    (end)
     
     
     
    ---------------------------------------
     
     
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.08.3.1004
     
    © Malwarebytes Corporation 2011-2012
     
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
     
    Account is Administrative
     
    Internet Explorer version: 11.0.9600.17633
     
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
    CPU speed: 2.494000 GHz
    Memory total: 6342111232, free: 4301017088
     
    Downloaded database version: v2015.02.15.01
    Downloaded database version: v2015.02.03.01
    Downloaded database version: v2014.12.06.01
    =======================================
    Initializing...
    ------------ Kernel report ------------
         02/14/2015 20:33:02
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\NISx64\1506000.020\SYMDS64.SYS
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\NISx64\1506000.020\ccSetx64.sys
    \SystemRoot\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS
    \SystemRoot\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS
    \SystemRoot\system32\drivers\NISx64\1506000.020\Ironx64.SYS
    \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20150213.001\IDSvia64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\drivers\blbdrive.sys
    \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20150203.001\BHDrvx64.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HECIx64.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\drivers\tixhci.sys
    \SystemRoot\system32\DRIVERS\RtsPStor.sys
    \SystemRoot\system32\DRIVERS\netr28x.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\DRIVERS\itecir.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\drivers\intelppm.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\clwvd.sys
    \SystemRoot\system32\DRIVERS\ks.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\serscan.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\circlass.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\DRIVERS\stwrt64.sys
    \SystemRoot\system32\DRIVERS\portcls.sys
    \SystemRoot\system32\DRIVERS\drmk.sys
    \SystemRoot\system32\drivers\tihub3.sys
    \SystemRoot\system32\DRIVERS\hidir.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\kbdhid.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\drivers\hidusb.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\drivers\NWVoltron.sys
    \SystemRoot\system32\drivers\NWTransLibV.sys
    \SystemRoot\System32\drivers\mshidkmdf.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\drivers\MTConfig.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\Sftvollh.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\system32\DRIVERS\Sftfslh.sys
    \SystemRoot\system32\DRIVERS\Sftplaylh.sys
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\DRIVERS\Sftredirlh.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150213.019\EX64.SYS
    \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150213.019\ENG64.SYS
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \SystemRoot\System32\cdd.dll
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\gdi32.dll
    \Windows\System32\clbcatq.dll
    ----------- End -----------
    Done!
     
    Scan started
    Database versions:
      main:    v2015.02.15.01
      rootkit: v2015.02.03.01
     
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8007e38060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8007ca89d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8007e38060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8006056050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 1F23B703
     
    Partition information:
     
        Partition 0 type is Primary (0x7)
        Partition is ACTIVE.
        Partition starts at LBA: 2048  Numsec = 204800
        Partition file system is NTFS
        Partition is bootable
     
        Partition 1 type is Primary (0x7)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 206848  Numsec = 3875934208
     
        Partition 2 type is Primary (0x7)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 3876141056  Numsec = 30885888
     
        Partition 3 type is Empty (0x0)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 0  Numsec = 0
     
    Disk Size: 2000398934016 bytes
    Sector size: 512 bytes
     
    Done!
    Scan finished
    =======================================
     
     
    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removal finished
     


    #11 pcbug

    pcbug
    • Topic Starter

    • Members
    • 13 posts
    • OFFLINE
    •  
    • Local time:11:28 AM

    Posted 14 February 2015 - 10:18 PM

    Both scans turned up clean. Anything else I should do?


    Edited by pcbug, 14 February 2015 - 10:18 PM.


    #12 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:11:28 AM

    Posted 14 February 2015 - 10:21 PM

    I think your free to go unless you feel you still have problems, let me know


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #13 pcbug

    pcbug
    • Topic Starter

    • Members
    • 13 posts
    • OFFLINE
    •  
    • Local time:11:28 AM

    Posted 14 February 2015 - 11:10 PM

    Everything has been working fine throughout this process. I was only alarmed because Norton quarantined a "Zero.Access" trojan and the more I researched the more I realized I was in over my head on this one.

     

    Based on everything you've seen you see no more reason for alarm and I can continue my normal activities online?

     

    If that is the case I thank you for your time in walking me through this process. I have a few more tools in my arsenal now, thanks again.



    #14 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:11:28 AM

    Posted 15 February 2015 - 08:20 AM

    You should open up Nortons Quarantine folder and delete what it found.  Our tools are updated on a regular basis so it would be best to remove them and if you have problems in the future just come back to the forum and we can download a nice new clean one.  Dont go and try to download any on your own, what one tool can do to fix one system can damage another so let us decide what you need to run, as an example there is a bogus link online for AdwCleaner and if you download if from that site instead of the link we provide here at Bleeping it will infect your computer... :(   Sometimes a tool is pulled offline to be fixed because it caused problems, we are alerted to things like this but the general public is not.

     

    The only thing I can suggest is upgrading Malwarebytes to the Pro Version, it has a protection module that blocks known bad sites and links in some web pages that may have been tampered with, the cost is minimal but this is totally your choice.

     

    Sometimes when you get a serious infection it could leave your computer compromised, what that means its not to be trusted even after the cleaning but I have not seen anything serious in any of your logs so I believe your ok 

     

     

    Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
  •  
     
    ==========================================================
     
     
    Please download DelFix and save the file to your Desktop.
     
    DelFix_zps139e2ea1.jpg
     
  • Windows XP Double Click DelFix.exe to run the program. 
  • Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR 
  • Checkmark " Remove Disinfection Tools"
  • Click the Run button
  •  
    This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually
     
     
     
    ==========================================================
     
     
     
    How did I get infected in the first place ?    
    Read these links and find out how to prevent getting infected again.
  • Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
  •  
     
    Safe Surfn
    Ken

    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #15 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:11:28 AM

    Posted 15 February 2015 - 10:12 PM

    It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users