Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses 'Embedded' to Thunderbird Profile


  • Please log in to reply
9 replies to this topic

#1 SumnerIV

SumnerIV

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 26 January 2017 - 10:25 AM

Hello, I came here because I found this (https://www.bleepingcomputer.com/forums/t/530139/virus-in-embedded-in-thunderbird-email-inbox/) thread which seemed to be the exact problem I was experiencing. The thread didn't seem to have a resolution. I am also hesitant to click on links from old posts as I know sometimes links change and can point to malware (maybe this isn't true in this case?)

 

Anyway, I have started to receive a much greater volume of spam emails the past two weeks and it doesn't seem to be ending. I have Symantec Endpoint Protection. I have run Symantec Endpoint Protection and it will find problems with certain Mozilla Thunderbird profiles. In Symantec I select all the problems and click delete. Then I will delete all the junk emails in my inbox, my trash, and then compact. Then I run Symantec again and it will find the same problems with the Mozilla Thunderbird profiles. I now only have one email account associated with the inbox (however, I have two other emails that forward to this address and it seems nearly all the spam emails point to one of the forwarding email addresses).

 

When I run a full scan it says things like:

 

1 'top urgent requirement.exe' ... Risk= 'Trojan.Gen' ...

2 'company profile data sheet.exe' ... Risk = 'Infostealer.Limitail'

3 'Junk' ... Risk = 'Multiple Risks'

 

And the 'Location' of these things are in folders that I can't even find.

 

Any thoughts on the matter are much appreciated.

 

Thank you!

Sumner


Edited by hamluis, 26 January 2017 - 10:46 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:05 PM

Posted 26 January 2017 - 12:25 PM

If you are sure that one of these accounts is responsible for the spam being forwarded I would either close this account or check to see was spam filters are available there.
 
Please run the following scans in the order they are requested and post the logs in your topic.  When you post a log post the entire log.  Do not wrap the log in code or quotations.  Do not use a host website to post the logs.
 
Please run Malwarebytes AntiMalware

Please download Malwarebytes Anti-Malware.

1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.

2)  Malwarebytes will automatically open.  You will see an image like the one below, click on Update Now.  

mbam1_zps98e7fba9.png

3)  Click on Settings, you will see a image like the one below.

malware%20settings_zpsixkea5sd.png

When Settings opens click on Detection and Protection, then under Non-Malware Protection, click on the down arrow for PUP (Potentially Unwanted Programs) detections and select Treat detections as malware.  Under Detection Options place a check in the box for Scan for rootkits

4)  Click on Scan (next to Settings), then click on Scan Now.  The scan will automatically run now.

5)  When the scan is complete the results will be displayed.  Click on Delete All.

malwarenew_zps34b58fdc.png

6)  Please post the Malwarebytes log.

To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the entire log in your topic.


Please download TDSSKiller from here and save it to your Desktop.

The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!

Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.

Note:  The log may be very long.  You may need to break it into parts to post the whole log.

Post this in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that
    here
    .
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats ([color=redonly available if ESET Online Scanner found something
  • ).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 26 January 2017 - 12:25 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 SumnerIV

SumnerIV
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 26 January 2017 - 12:49 PM

Thank you for the quick response. Am I an idiot for paying for Symantec?

 

Okay, the Malwarebytes version I had was a little different and the images didn't match up but I think I figured it out and set the correct settings. When I 'Quarantined' the results I had the restart my computer and then when I got back in I deleted them. Here is the log.

 

Going to do the other steps now.

 

mbam-check result log version:     2.3.2.0
========================================

User Account type:                 Administrator
DomainComputer:                    No
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601
mbam-check result log version: 2.3.2.0

Date Log Created: 01/26/17
Time Log Created: 11:46:56


User Information for Local System:
===========================================
User Account: Administrator
    Account Level: Admin
User Account: Guest
    Account Level: Guest
User Account: HomeGroupUser$
    Account Level: Guest
User Account: SalesMAN
    Account Level: Admin
Total # of user entries: 4

UAC Settings:
===================
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
    DWORD    1    Status: ON
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
    DWORD    5    Status: ON

AntiVirus Information:
===================
AntiVirus Software Installed:    "Symantec Endpoint Protection"
AntiVirus Software Installed:    "Malwarebytes"

FireWall Information:
===================
3rd Party Firewall Software Installed:    "Symantec Endpoint Protection"

AntiSpyware Information:
===================
AntiSpyware Software Installed:    "Malwarebytes"
AntiSpyware Software Installed:    "Windows Defender"
AntiSpyware Software Installed:    "Symantec Endpoint Protection"

Machine Information
===============================================
Machine ID:    d03e1bf064a4a4d8c376f736d109eede8665b8a0
System has been up for:     0.120278 Hours
System has been booted within the last hour
Current Date:    2017-Jan-26 17:46:58.205200
Date Booted:    2017-Jan-26 17:46:58.205200

Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Users\SalesMAN\Downloads\Setup.exeREG_SZ        VISTARTM
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hpbvspst.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hppprintdataupdate.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hpzsetup.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPZstub.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\cfgtoip.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpjsira.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnac01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnet01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnicifs01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniprint01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniprint64.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniscan01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppreg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpqrrx08.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZarp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZcdl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZchk01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZdui01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpzfwx01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZgat01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZnop01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZopt01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpnp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZprl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpsc01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpsl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrcn01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrein01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZshl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwis01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwrp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwup01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\LaunchApp.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\PnPLaunch.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\AccessDeniedUtility.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\FixErr1714.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\RestoreINF.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\scrubber.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\UPDScrub.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\FileToEmail\FileToEmail.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppSignalComplete.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppSetDefPtr.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpbtpg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\ehpbtpg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\stubapp.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPLJP2050.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPLJP2050_r.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\Setup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\Autorun.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hpbvspst.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\Setup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hppprintdataupdate.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hpzsetup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\HPZstub.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\afdLaunch.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\AutoFwDl.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\cfgtoip.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\ChangeACL.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpjsira.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppchkproc.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnac01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnet01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnicifs01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniprint01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniprint64.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniscan01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniscan64.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppreg.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppSetBOD.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpqrrx08.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZarp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZcdl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZchk01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZdui01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZdui40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpzfwx01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZgat01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZnfx01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZnop01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZopt01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpnp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpnp40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZprl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZprl40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpsc01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpsl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcn01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrein01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZshl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZshl40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZsui01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwis01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwrp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwup01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\LaunchApp.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\PnPLaunch.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\scrubber.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZstub.exeREG_SZ        VISTARTM
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hpbvspst.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hppprintdataupdate.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\hpzsetup.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPZstub.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\cfgtoip.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpjsira.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnac01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnet01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppnicifs01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniprint01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniprint64.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppniscan01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppreg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpqrrx08.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZarp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZcdl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZchk01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZdui01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpzfwx01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZgat01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZnop01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZopt01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpnp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZprl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpsc01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZpsl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrcn01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZrein01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZshl01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwis01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwrp01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\HPZwup01.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\LaunchApp.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\PnPLaunch.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\AccessDeniedUtility.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\FixErr1714.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\RestoreINF.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\scrubber.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\UPDScrub.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\util\ccc\FileToEmail\FileToEmail.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppSignalComplete.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hppSetDefPtr.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\hpbtpg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\setup\ehpbtpg.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\stubapp.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPLJP2050.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\HPLJP2050_r.exeREG_SZ        VISTARTM
    C:\Users\SalesMAN\AppData\Local\Temp\7zS3109\Setup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\Autorun.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hpbvspst.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\Setup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hppprintdataupdate.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\hpzsetup.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\HPZstub.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\afdLaunch.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\AutoFwDl.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\cfgtoip.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\ChangeACL.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpjsira.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppchkproc.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnac01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnet01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppnicifs01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniprint01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniprint64.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniscan01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppniscan64.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppreg.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hppSetBOD.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpqrrx08.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZarp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZcdl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZchk01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZdui01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZdui40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\hpzfwx01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZgat01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZnfx01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZnop01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZopt01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpnp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpnp40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZprl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZprl40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpsc01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZpsl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcn01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrein01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZshl01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZshl40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZsui01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwis01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwrp01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZwup01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\LaunchApp.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\PnPLaunch.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\scrubber.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZmsi40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZrcv01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr01.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZscr40.exeREG_SZ        VISTARTM
    C:\Program Files (x86)\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}\setup\HPZstub.exeREG_SZ        VISTARTM

Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 43968     BYTES    FileVersion: 3.0.0.83    MD5: [88bd122c3a35de63d75d382df75554ce]
C:\Windows\system32\drivers\mwac.sys
File Size: 81696     BYTES    FileVersion: 3.0.0.126    MD5: [90af4ed8a8d28c40f162ddc1abd49c42]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 250816    BYTES    FileVersion: 4.2.0.101    MD5: [abb371d9aef728b0489b0e6872b4a1c0]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 176064    BYTES    FileVersion: 3.0.0.149    MD5: [3bec6134f1e45aef5e971f69f0d38510]

--------------MBAMProtector:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


--------------MBAMChameleon:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


Required Dependencies:
======================

--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1001
    Group                         REG_SZ        NetworkProvider
    ImagePath                     REG_EXPAND_SZ    %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Description                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1002
    ObjectName                    REG_SZ        NT AUTHORITY\LocalService
    ErrorControl                  REG_DWORD        1
    Start                         REG_DWORD        2
    Type                          REG_DWORD        32
    DependOnService               REG_MULTI_SZ    RpcSs

    ServiceSidType                REG_DWORD        3
    RequiredPrivileges            REG_MULTI_SZ    SeAuditPrivilege

    FailureActions                REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDll                    REG_EXPAND_SZ    %SystemRoot%\System32\bfe.dll
    ServiceDllUnloadOnStop        REG_DWORD        1
    ServiceMain                   REG_SZ        BfeServiceMain

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD        1
    DisplayName                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    Group                         REG_SZ        FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    Description                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
    ErrorControl                  REG_DWORD        3
    Start                         REG_DWORD        0
    Tag                           REG_DWORD        1
    Type                          REG_DWORD        2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1


C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES    FileVersion: 6.1.7601.17514    MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\comctl32.ocx
File Size: 608448    BYTES    FileVersion: 6.0.81.5    MD5: [eb5f811c1f78005b3c147599a0cccf51]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1070232   BYTES    FileVersion: 6.1.98.46    MD5: [273676426739b02a45a0fc9349500b65]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90624     BYTES    FileVersion: 6.1.7601.23452    MD5: [307a6d4f7cd94e384ecff05afa30b42c]


MBAM Registry Settings and License Info:
========================================





Scheduler Queue:
================


Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

MBAMProtector Registry Values:
==============================



MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
    DisplayName                   REG_SZ        Malwarebytes Service
    DependOnService               REG_MULTI_SZ    RPCSS
                            WINMGMT

    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Service

MBAMScheduler Registry Values:
==============================



Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
    ProxyOverride    REG_SZ        <local>

LAN Settings:
=============

only 'Automatically detect settings' is selected

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition    REG_SZ        \Device\HarddiskVolume1

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
        h:mm:ss tt
        AM
        PM
        :

Currently:
REG_SZ        h:mm:ss tt
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:
===============================

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP:     Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.



MBAM DLL's and Runtime Files:
=============================






























MBAM Registry Settings and License Info (part 2):
==================================================







Context Menu Entries:
=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}


HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
    (Default):                    REG_SZ        IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
    (Default):                    REG_SZ        {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
    (Default):                    REG_SZ        {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
    Version                       REG_SZ        1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
    ThreadingModel                REG_SZ        Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
    (Default):                    REG_SZ        {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
    (Default):                    REG_SZ        MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
    (Default):                    REG_SZ        0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes\Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
    (Default):                    REG_SZ        MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
    (Default):                    REG_SZ        0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes\Anti-Malware


List of MBAM Related Directories:
=================================

===============================================================
END OF FILE

 


Oh, and I would close that email account but I cannot really. It is a long standing account that a lot of people use and would be difficult to get rid of (nervous about dropping customers). But perhaps that is the best solution.



#4 SumnerIV

SumnerIV
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 26 January 2017 - 12:57 PM

I ran the TDSSKiller. It didn't have 'Verify Digital Signatures' checked so I checked that, it also had a fourth click box up top labeled 'System Memory'

 

Anyway, I ran the log after rebooting and it only found one possible threat. The threat was dubious and I clicked 'Skip' as it was a file related to my ScanSnap scanner.

 

Going to lunch, will check back in soon.

 

Thanks for the help so far!



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:05 PM

Posted 26 January 2017 - 01:06 PM

Please download the version of Malwarebytes I provided the link for, run it and post the entire log in your topic.

 

In my first post I requested that you post all of the logs in their entirety.  Pleas post the TDSSKiller log.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 SumnerIV

SumnerIV
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 26 January 2017 - 02:11 PM

There were two files, this is the first one listed (the other has a time stamp three minutes later).

I thought I posted the Malwarebytes log as instructed. I will review.

 

11:50:35.0264 0x243c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:50:39.0076 0x243c  ============================================================
11:50:39.0076 0x243c  Current date / time: 2017/01/26 11:50:39.0076
11:50:39.0076 0x243c  SystemInfo:
11:50:39.0076 0x243c  
11:50:39.0076 0x243c  OS Version: 6.1.7601 ServicePack: 1.0
11:50:39.0076 0x243c  Product type: Workstation
11:50:39.0076 0x243c  ComputerName: SALESMAN-PC
11:50:39.0076 0x243c  UserName: SalesMAN
11:50:39.0076 0x243c  Windows directory: C:\Windows
11:50:39.0076 0x243c  System windows directory: C:\Windows
11:50:39.0076 0x243c  Running under WOW64
11:50:39.0076 0x243c  Processor architecture: Intel x64
11:50:39.0076 0x243c  Number of processors: 4
11:50:39.0076 0x243c  Page size: 0x1000
11:50:39.0076 0x243c  Boot type: Normal boot
11:50:39.0076 0x243c  CodeIntegrityOptions = 0x00000001
11:50:39.0076 0x243c  ============================================================
11:50:39.0286 0x243c  KLMD registered as C:\Windows\system32\drivers\35432785.sys
11:50:39.0286 0x243c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:50:39.0446 0x243c  System UUID: {E8DC6E8D-6F33-48D4-9569-96406D276671}
11:50:39.0966 0x243c  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:50:39.0966 0x243c  Drive \Device\Harddisk1\DR1 - Size: 0x7A43282000 ( 489.05 Gb ), SectorSize: 0x200, Cylinders: 0xF961, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:50:39.0976 0x243c  ============================================================
11:50:39.0976 0x243c  \Device\Harddisk0\DR0:
11:50:39.0976 0x243c  MBR partitions:
11:50:39.0976 0x243c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:50:39.0976 0x243c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
11:50:39.0976 0x243c  \Device\Harddisk1\DR1:
11:50:39.0976 0x243c  MBR partitions:
11:50:39.0976 0x243c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D218000
11:50:39.0976 0x243c  ============================================================
11:50:39.0976 0x243c  C: <-> \Device\Harddisk0\DR0\Partition2
11:50:39.0986 0x243c  Z: <-> \Device\Harddisk1\DR1\Partition1
11:50:39.0986 0x243c  ============================================================
11:50:39.0986 0x243c  Initialize success
11:50:39.0986 0x243c  ============================================================
11:50:42.0108 0x27e0  ============================================================
11:50:42.0108 0x27e0  Scan started
11:50:42.0108 0x27e0  Mode: Manual;
11:50:42.0108 0x27e0  ============================================================
11:50:42.0108 0x27e0  KSN ping started
11:50:42.0863 0x27e0  KSN ping finished: true
11:50:43.0003 0x27e0  ================ Scan system memory ========================
11:50:43.0003 0x27e0  System memory - ok
11:50:43.0003 0x27e0  ================ Scan services =============================
11:50:43.0033 0x27e0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:50:43.0043 0x27e0  1394ohci - ok
11:50:43.0063 0x27e0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:50:43.0073 0x27e0  ACPI - ok
11:50:43.0073 0x27e0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:50:43.0073 0x27e0  AcpiPmi - ok
11:50:43.0083 0x27e0  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:50:43.0083 0x27e0  AdobeARMservice - ok
11:50:43.0093 0x27e0  [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
11:50:43.0103 0x27e0  AdobeUpdateService - ok
11:50:43.0113 0x27e0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:50:43.0123 0x27e0  adp94xx - ok
11:50:43.0133 0x27e0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:50:43.0133 0x27e0  adpahci - ok
11:50:43.0143 0x27e0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:50:43.0143 0x27e0  adpu320 - ok
11:50:43.0153 0x27e0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:50:43.0153 0x27e0  AeLookupSvc - ok
11:50:43.0163 0x27e0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:50:43.0163 0x27e0  AFD - ok
11:50:43.0173 0x27e0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:50:43.0173 0x27e0  agp440 - ok
11:50:43.0213 0x27e0  [ F2EB8EB5FC46FB849498BBEF2AD6539D, 6BC9938B3E432963FFAB6A13E9237DA7888A3595522BBE99F2AA556ED06F5651 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
11:50:43.0233 0x27e0  AGSService - ok
11:50:43.0244 0x27e0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:50:43.0246 0x27e0  ALG - ok
11:50:43.0249 0x27e0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:50:43.0250 0x27e0  aliide - ok
11:50:43.0256 0x27e0  [ 102E0A294D4A2C4BB53210F4AD246A4D, B9816220CACBBD0FEB10E09FC3F46E6C376DDB6823ADACE848A9A0B2F238E6D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:50:43.0256 0x27e0  AMD External Events Utility - ok
11:50:43.0256 0x27e0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:50:43.0256 0x27e0  amdide - ok
11:50:43.0266 0x27e0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:50:43.0266 0x27e0  AmdK8 - ok
11:50:43.0266 0x27e0  amdkmdag - ok
11:50:43.0276 0x27e0  [ B283403E7717FB0D41AD962C643FB7AC, D565C26ACF487B31961515330645100CD0BC77EA1C305E2012F1068146B232A5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:50:43.0286 0x27e0  amdkmdap - ok
11:50:43.0286 0x27e0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:50:43.0286 0x27e0  AmdPPM - ok
11:50:43.0296 0x27e0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:50:43.0296 0x27e0  amdsata - ok
11:50:43.0296 0x27e0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:50:43.0306 0x27e0  amdsbs - ok
11:50:43.0306 0x27e0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:50:43.0306 0x27e0  amdxata - ok
11:50:43.0316 0x27e0  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
11:50:43.0316 0x27e0  AppID - ok
11:50:43.0316 0x27e0  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:50:43.0316 0x27e0  AppIDSvc - ok
11:50:43.0316 0x27e0  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
11:50:43.0326 0x27e0  Appinfo - ok
11:50:43.0326 0x27e0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:50:43.0336 0x27e0  AppMgmt - ok
11:50:43.0336 0x27e0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:50:43.0336 0x27e0  arc - ok
11:50:43.0336 0x27e0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:50:43.0346 0x27e0  arcsas - ok
11:50:43.0346 0x27e0  [ 9C519B210F64042CED485EC10FB0AA14, 4431FF48223CD55C875100D16A68FC71B1C328FB45F4B4370278409405877B42 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
11:50:43.0356 0x27e0  asmthub3 - ok
11:50:43.0366 0x27e0  [ 187CA0C1739F9C73C35CB313A0EC1298, 5CF68414D63A90E583AD406EEE8325520BF9EB77746E2915BFAF077D054C0B4C ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
11:50:43.0366 0x27e0  asmtxhci - ok
11:50:43.0386 0x27e0  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:50:43.0396 0x27e0  aspnet_state - ok
11:50:43.0396 0x27e0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:50:43.0396 0x27e0  AsyncMac - ok
11:50:43.0406 0x27e0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:50:43.0406 0x27e0  atapi - ok
11:50:43.0406 0x27e0  [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:50:43.0416 0x27e0  AtiHDAudioService - ok
11:50:43.0426 0x27e0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:50:43.0436 0x27e0  AudioEndpointBuilder - ok
11:50:43.0456 0x27e0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:50:43.0466 0x27e0  AudioSrv - ok
11:50:43.0466 0x27e0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:50:43.0476 0x27e0  AxInstSV - ok
11:50:43.0486 0x27e0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:50:43.0496 0x27e0  b06bdrv - ok
11:50:43.0496 0x27e0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:50:43.0506 0x27e0  b57nd60a - ok
11:50:43.0516 0x27e0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:50:43.0516 0x27e0  BDESVC - ok
11:50:43.0516 0x27e0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:50:43.0516 0x27e0  Beep - ok
11:50:43.0536 0x27e0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:50:43.0546 0x27e0  BFE - ok
11:50:43.0576 0x27e0  [ CE27F2268497E57A94A48F8D1B47A1B6, 459A2A5C7E1CA27E720AFA95B342CDFD52224467DC4FC54AF870BA5781643F88 ] BHDrvx64        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\BASHDefs\20170124.001\BHDrvx64.sys
11:50:43.0606 0x27e0  BHDrvx64 - ok
11:50:43.0626 0x27e0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:50:43.0636 0x27e0  BITS - ok
11:50:43.0646 0x27e0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:50:43.0646 0x27e0  blbdrive - ok
11:50:43.0646 0x27e0  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:50:43.0646 0x27e0  bowser - ok
11:50:43.0656 0x27e0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:50:43.0656 0x27e0  BrFiltLo - ok
11:50:43.0656 0x27e0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:50:43.0656 0x27e0  BrFiltUp - ok
11:50:43.0666 0x27e0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:50:43.0666 0x27e0  Browser - ok
11:50:43.0666 0x27e0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:50:43.0676 0x27e0  Brserid - ok
11:50:43.0676 0x27e0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:50:43.0676 0x27e0  BrSerWdm - ok
11:50:43.0686 0x27e0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:50:43.0686 0x27e0  BrUsbMdm - ok
11:50:43.0686 0x27e0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:50:43.0686 0x27e0  BrUsbSer - ok
11:50:43.0686 0x27e0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:50:43.0686 0x27e0  BTHMODEM - ok
11:50:43.0696 0x27e0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:50:43.0696 0x27e0  bthserv - ok
11:50:43.0706 0x27e0  [ B1FAF231FF2E5981D79B1215A6372C22, 7ABAA9628365FCD95D59608BC6B9F1D03B2A4A19A99F060DA70C5C395F4ECDDF ] ccSettings_{2E9A579D-7D69-46EF-BDB1-5731367D941D} C:\Windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\ccSetx64.sys
11:50:43.0706 0x27e0  ccSettings_{2E9A579D-7D69-46EF-BDB1-5731367D941D} - ok
11:50:43.0706 0x27e0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:50:43.0716 0x27e0  cdfs - ok
11:50:43.0716 0x27e0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:50:43.0716 0x27e0  cdrom - ok
11:50:43.0726 0x27e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:50:43.0726 0x27e0  CertPropSvc - ok
11:50:43.0726 0x27e0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:50:43.0726 0x27e0  circlass - ok
11:50:43.0736 0x27e0  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
11:50:43.0746 0x27e0  CLFS - ok
11:50:43.0746 0x27e0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:50:43.0756 0x27e0  clr_optimization_v2.0.50727_32 - ok
11:50:43.0756 0x27e0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:50:43.0756 0x27e0  clr_optimization_v2.0.50727_64 - ok
11:50:43.0766 0x27e0  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:43.0783 0x27e0  clr_optimization_v4.0.30319_32 - ok
11:50:43.0788 0x27e0  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:50:43.0790 0x27e0  clr_optimization_v4.0.30319_64 - ok
11:50:43.0790 0x27e0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:50:43.0790 0x27e0  CmBatt - ok
11:50:43.0800 0x27e0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:50:43.0800 0x27e0  cmdide - ok
11:50:43.0810 0x27e0  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:50:43.0820 0x27e0  CNG - ok
11:50:43.0820 0x27e0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:50:43.0820 0x27e0  Compbatt - ok
11:50:43.0820 0x27e0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:50:43.0830 0x27e0  CompositeBus - ok
11:50:43.0830 0x27e0  COMSysApp - ok
11:50:43.0830 0x27e0  [ 44622785D2D2DD8B13E6DC969B6E34A4, 98F3D48A80A6C28776EF77782472428F107C6B4203A82537730679EA5E742521 ] copperhd        C:\Windows\system32\drivers\copperhd.sys
11:50:43.0830 0x27e0  copperhd - ok
11:50:43.0850 0x27e0  [ F13F0571F6EEBDB0999F10069C71D11E, C6717B0CFF188222A2BE385708F9C7FD9FA7966A46F58CE36183AD84A3FCD5AF ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:50:43.0860 0x27e0  cphs - ok
11:50:43.0860 0x27e0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:50:43.0860 0x27e0  crcdisk - ok
11:50:43.0870 0x27e0  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:50:43.0870 0x27e0  CryptSvc - ok
11:50:43.0880 0x27e0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:50:43.0890 0x27e0  CSC - ok
11:50:43.0900 0x27e0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:50:43.0910 0x27e0  CscService - ok
11:50:43.0930 0x27e0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:50:43.0930 0x27e0  DcomLaunch - ok
11:50:43.0940 0x27e0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:50:43.0950 0x27e0  defragsvc - ok
11:50:43.0950 0x27e0  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:50:43.0950 0x27e0  DfsC - ok
11:50:43.0960 0x27e0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:50:43.0970 0x27e0  Dhcp - ok
11:50:44.0000 0x27e0  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:50:44.0010 0x27e0  DiagTrack - ok
11:50:44.0020 0x27e0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:50:44.0020 0x27e0  discache - ok
11:50:44.0020 0x27e0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
11:50:44.0030 0x27e0  Disk - ok
11:50:44.0030 0x27e0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:50:44.0030 0x27e0  dmvsc - ok
11:50:44.0040 0x27e0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:50:44.0040 0x27e0  Dnscache - ok
11:50:44.0040 0x27e0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:50:44.0050 0x27e0  dot3svc - ok
11:50:44.0050 0x27e0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:50:44.0060 0x27e0  DPS - ok
11:50:44.0060 0x27e0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:50:44.0060 0x27e0  drmkaud - ok
11:50:44.0080 0x27e0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:50:44.0090 0x27e0  DXGKrnl - ok
11:50:44.0100 0x27e0  [ F53C67226234AEC40AB2FB6F58964623, F0760A6B2E321DC4C264C07551F3D9FF781B0AD71D817CAA3E2E4A1A657C3957 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
11:50:44.0110 0x27e0  e1dexpress - ok
11:50:44.0110 0x27e0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:50:44.0110 0x27e0  EapHost - ok
11:50:44.0160 0x27e0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:50:44.0202 0x27e0  ebdrv - ok
11:50:44.0212 0x27e0  [ 6266BAEDF00023684B10E101E9FBB89B, 720B66721BD9BAE476A0CA9037C5452FB1CC645DC00E6205051C7AF84550051C ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:50:44.0222 0x27e0  eeCtrl - ok
11:50:44.0222 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
11:50:44.0222 0x27e0  EFS - ok
11:50:44.0242 0x27e0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:50:44.0252 0x27e0  ehRecvr - ok
11:50:44.0262 0x27e0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:50:44.0262 0x27e0  ehSched - ok
11:50:44.0272 0x27e0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:50:44.0282 0x27e0  elxstor - ok
11:50:44.0292 0x27e0  [ 3180E3A3EFDA196DE5B9980291CFE685, 31B735F04AC80D3BDA3872C77BC361D7E02DF081E31A3581A6C1A5B542EACF4F ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:50:44.0292 0x27e0  EraserUtilRebootDrv - ok
11:50:44.0292 0x27e0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:50:44.0292 0x27e0  ErrDev - ok
11:50:44.0304 0x27e0  [ 4D7F3114147C31390262F19F74E5BF07, E89F5304149B51327DFE1314AE13352923B752BC24585FF42F28EF5F00936A6A ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
11:50:44.0305 0x27e0  ESProtectionDriver - ok
11:50:44.0315 0x27e0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:50:44.0321 0x27e0  EventSystem - ok
11:50:44.0323 0x27e0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:50:44.0323 0x27e0  exfat - ok
11:50:44.0333 0x27e0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:50:44.0333 0x27e0  fastfat - ok
11:50:44.0343 0x27e0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:50:44.0353 0x27e0  Fax - ok
11:50:44.0363 0x27e0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:50:44.0363 0x27e0  fdc - ok
11:50:44.0363 0x27e0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:50:44.0363 0x27e0  fdPHost - ok
11:50:44.0373 0x27e0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:50:44.0373 0x27e0  FDResPub - ok
11:50:44.0373 0x27e0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:50:44.0373 0x27e0  FileInfo - ok
11:50:44.0383 0x27e0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:50:44.0383 0x27e0  Filetrace - ok
11:50:44.0383 0x27e0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:50:44.0383 0x27e0  flpydisk - ok
11:50:44.0393 0x27e0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:50:44.0393 0x27e0  FltMgr - ok
11:50:44.0423 0x27e0  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
11:50:44.0443 0x27e0  FontCache - ok
11:50:44.0443 0x27e0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:50:44.0443 0x27e0  FontCache3.0.0.0 - ok
11:50:44.0443 0x27e0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:50:44.0453 0x27e0  FsDepends - ok
11:50:44.0453 0x27e0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:50:44.0453 0x27e0  Fs_Rec - ok
11:50:44.0463 0x27e0  [ F0F2D2E8A6035786B2673C89A4A72EA0, 541D89C718081A83C65C9A77DB0CAFDF9B819EDF40A07F46E7A7D3628865164E ] FujitsuProdRegManager C:\Program Files (x86)\Fujitsu Registration\EngageService.exe
11:50:44.0463 0x27e0  FujitsuProdRegManager - ok
11:50:44.0473 0x27e0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:50:44.0483 0x27e0  fvevol - ok
11:50:44.0483 0x27e0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:50:44.0483 0x27e0  gagp30kx - ok
11:50:44.0503 0x27e0  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:50:44.0513 0x27e0  gpsvc - ok
11:50:44.0513 0x27e0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:50:44.0523 0x27e0  hcw85cir - ok
11:50:44.0523 0x27e0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:50:44.0533 0x27e0  HdAudAddService - ok
11:50:44.0533 0x27e0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:50:44.0543 0x27e0  HDAudBus - ok
11:50:44.0543 0x27e0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:50:44.0543 0x27e0  HidBatt - ok
11:50:44.0543 0x27e0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:50:44.0553 0x27e0  HidBth - ok
11:50:44.0553 0x27e0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:50:44.0553 0x27e0  HidIr - ok
11:50:44.0553 0x27e0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:50:44.0563 0x27e0  hidserv - ok
11:50:44.0563 0x27e0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:50:44.0563 0x27e0  HidUsb - ok
11:50:44.0563 0x27e0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:50:44.0573 0x27e0  hkmsvc - ok
11:50:44.0573 0x27e0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:50:44.0583 0x27e0  HomeGroupListener - ok
11:50:44.0583 0x27e0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:50:44.0583 0x27e0  HomeGroupProvider - ok
11:50:44.0593 0x27e0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:50:44.0593 0x27e0  HpSAMD - ok
11:50:44.0603 0x27e0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:50:44.0613 0x27e0  HTTP - ok
11:50:44.0623 0x27e0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:50:44.0623 0x27e0  hwpolicy - ok
11:50:44.0623 0x27e0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:50:44.0623 0x27e0  i8042prt - ok
11:50:44.0633 0x27e0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:50:44.0643 0x27e0  iaStorV - ok
11:50:44.0653 0x27e0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:50:44.0663 0x27e0  idsvc - ok
11:50:44.0683 0x27e0  [ 9BB8305D437FB039CF72492556CF4414, D574B3F1A171E2DCEEFA40C739FE5A4620C6EC2DC2A61300D1DAB5A7CA5C21E1 ] IDSVia64        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\IPSDefs\20170125.011\IDSvia64.sys
11:50:44.0693 0x27e0  IDSVia64 - ok
11:50:44.0703 0x27e0  IEEtwCollectorService - ok
11:50:44.0803 0x27e0  [ 4F3F67E755F95699166B3E6068FB2B1F, 00ACD474769CC54A381FD62C6BDF1778240BB7CBD21EFAA0BE25F975967E209C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:50:44.0894 0x27e0  igfx - ok
11:50:44.0904 0x27e0  [ AF10E1C5E730A76D11DF349A799BD0E6, FAD9C05C086B1B27EA8C5AEE0173F4BABEFA7A018DBBC2D340CFE949E1B7ECD9 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:50:44.0914 0x27e0  igfxCUIService2.0.0.0 - ok
11:50:44.0914 0x27e0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:50:44.0914 0x27e0  iirsp - ok
11:50:44.0934 0x27e0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:50:44.0944 0x27e0  IKEEXT - ok
11:50:45.0004 0x27e0  [ A3FBAA4798BC0DC070540A7A3095FD1F, 56426E38EF9E92C81C51B49BAF2C0A15D0A9B9240287619E2640A9BA67F0B1F9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:50:45.0074 0x27e0  IntcAzAudAddService - ok
11:50:45.0084 0x27e0  [ A38C7B403BBFD5B30F27C2D6B11AAF25, 25F0E31A9987B49224C8884F30AF85DE3B1181E20BC8C0401C0F85BAA481A7D1 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:50:45.0094 0x27e0  IntcDAud - ok
11:50:45.0094 0x27e0  [ 14505A1D69B2B5B6D5BF8FD1AABD81E8, F99E145FF4DF69970DF6454BCF931A723BF421E9FA9F40AF5EA5C3EEDAE1C20F ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
11:50:45.0104 0x27e0  Intel® PROSet Monitoring Service - ok
11:50:45.0104 0x27e0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:50:45.0104 0x27e0  intelide - ok
11:50:45.0104 0x27e0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:50:45.0104 0x27e0  intelppm - ok
11:50:45.0114 0x27e0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:50:45.0114 0x27e0  IPBusEnum - ok
11:50:45.0114 0x27e0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:50:45.0124 0x27e0  IpFilterDriver - ok
11:50:45.0134 0x27e0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:50:45.0134 0x27e0  iphlpsvc - ok
11:50:45.0144 0x27e0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:50:45.0144 0x27e0  IPMIDRV - ok
11:50:45.0144 0x27e0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:50:45.0154 0x27e0  IPNAT - ok
11:50:45.0154 0x27e0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:50:45.0154 0x27e0  IRENUM - ok
11:50:45.0154 0x27e0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:50:45.0154 0x27e0  isapnp - ok
11:50:45.0164 0x27e0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:50:45.0164 0x27e0  iScsiPrt - ok
11:50:45.0174 0x27e0  [ A7A2E0D3932B1986990AC7077B1658CD, F8CC75A711E6C4E5299557F05C0C6B957E8508EA496BC74CCF4827385B046CB4 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:50:45.0184 0x27e0  iusb3hub - ok
11:50:45.0194 0x27e0  [ FD9C74D20E6F97EDC442091F9DBC1189, 01DD3D862FD7A429E9D79B3B1BC657594628747B0C4C124E976D733065498EDB ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:50:45.0204 0x27e0  iusb3xhc - ok
11:50:45.0204 0x27e0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:50:45.0204 0x27e0  kbdclass - ok
11:50:45.0214 0x27e0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:50:45.0214 0x27e0  kbdhid - ok
11:50:45.0214 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
11:50:45.0214 0x27e0  KeyIso - ok
11:50:45.0224 0x27e0  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:50:45.0224 0x27e0  KSecDD - ok
11:50:45.0224 0x27e0  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:50:45.0224 0x27e0  KSecPkg - ok
11:50:45.0234 0x27e0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:50:45.0234 0x27e0  ksthunk - ok
11:50:45.0244 0x27e0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:50:45.0244 0x27e0  KtmRm - ok
11:50:45.0254 0x27e0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:50:45.0254 0x27e0  LanmanServer - ok
11:50:45.0264 0x27e0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:50:45.0264 0x27e0  LanmanWorkstation - ok
11:50:45.0304 0x27e0  [ 577D17C209DDA99AB3F1067AF6CC2BC4, E3BCB07153D6D9A7C90EBA85FBCE16A665EEA99E25AE2E885A1BF7334B78030A ] LiveUpdate      C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
11:50:45.0344 0x27e0  LiveUpdate - ok
11:50:45.0354 0x27e0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:50:45.0354 0x27e0  lltdio - ok
11:50:45.0364 0x27e0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:50:45.0364 0x27e0  lltdsvc - ok
11:50:45.0364 0x27e0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:50:45.0374 0x27e0  lmhosts - ok
11:50:45.0378 0x27e0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:50:45.0380 0x27e0  LSI_FC - ok
11:50:45.0384 0x27e0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:50:45.0386 0x27e0  LSI_SAS - ok
11:50:45.0389 0x27e0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:50:45.0391 0x27e0  LSI_SAS2 - ok
11:50:45.0395 0x27e0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:50:45.0397 0x27e0  LSI_SCSI - ok
11:50:45.0401 0x27e0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:50:45.0404 0x27e0  luafv - ok
11:50:45.0406 0x27e0  [ 3BEC6134F1E45AEF5E971F69F0D38510, 245D7CEEB6561166EE0472551D39A9D3CFDDA52A6BF2E924AB243CCA7FBC9009 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
11:50:45.0406 0x27e0  MBAMChameleon - ok
11:50:45.0406 0x27e0  [ F3960CA85778E5D7611EE0F501972340, 0DE5C8509A9A66C8185B9FAA7EAF69C0FA9C28CD9DE84AA23E128E4FF8E06BF4 ] MBAMFarflt      C:\Windows\system32\drivers\farflt.sys
11:50:45.0416 0x27e0  MBAMFarflt - ok
11:50:45.0416 0x27e0  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
11:50:45.0416 0x27e0  MBAMProtection - ok
11:50:45.0476 0x27e0  [ 28E521A6ABA9DE062A3719452816F495, B312A37DA052229DFB19353170CD5828582F8AC6426E857CA7C8ACA0DD91C160 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
11:50:45.0516 0x27e0  MBAMService - ok
11:50:45.0526 0x27e0  [ ABB371D9AEF728B0489B0E6872B4A1C0, E9539A4F85FE30F5BAED742778CA74C879995728668ABE6877C37633716D8770 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:50:45.0526 0x27e0  MBAMSwissArmy - ok
11:50:45.0536 0x27e0  [ 90AF4ED8A8D28C40F162DDC1ABD49C42, 32F93DD5E627097762FC42C3E211DD86D5FDA82A7FCF8DFCD81569E1D5BC680F ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
11:50:45.0536 0x27e0  MBAMWebProtection - ok
11:50:45.0536 0x27e0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:50:45.0536 0x27e0  Mcx2Svc - ok
11:50:45.0546 0x27e0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:50:45.0546 0x27e0  megasas - ok
11:50:45.0546 0x27e0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:50:45.0556 0x27e0  MegaSR - ok
11:50:45.0556 0x27e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:50:45.0556 0x27e0  MMCSS - ok
11:50:45.0566 0x27e0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:50:45.0566 0x27e0  Modem - ok
11:50:45.0566 0x27e0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:50:45.0566 0x27e0  monitor - ok
11:50:45.0576 0x27e0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:50:45.0576 0x27e0  mouclass - ok
11:50:45.0576 0x27e0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:50:45.0576 0x27e0  mouhid - ok
11:50:45.0576 0x27e0  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:50:45.0586 0x27e0  mountmgr - ok
11:50:45.0586 0x27e0  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:50:45.0586 0x27e0  MozillaMaintenance - ok
11:50:45.0596 0x27e0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:50:45.0596 0x27e0  mpio - ok
11:50:45.0596 0x27e0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:50:45.0606 0x27e0  mpsdrv - ok
11:50:45.0616 0x27e0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:50:45.0626 0x27e0  MpsSvc - ok
11:50:45.0636 0x27e0  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:50:45.0636 0x27e0  MRxDAV - ok
11:50:45.0636 0x27e0  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:50:45.0646 0x27e0  mrxsmb - ok
11:50:45.0656 0x27e0  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:50:45.0656 0x27e0  mrxsmb10 - ok
11:50:45.0656 0x27e0  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:50:45.0666 0x27e0  mrxsmb20 - ok
11:50:45.0666 0x27e0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:50:45.0666 0x27e0  msahci - ok
11:50:45.0666 0x27e0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:50:45.0676 0x27e0  msdsm - ok
11:50:45.0676 0x27e0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:50:45.0676 0x27e0  MSDTC - ok
11:50:45.0686 0x27e0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:50:45.0686 0x27e0  Msfs - ok
11:50:45.0686 0x27e0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:50:45.0686 0x27e0  mshidkmdf - ok
11:50:45.0686 0x27e0  MSICDSetup - ok
11:50:45.0696 0x27e0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:50:45.0696 0x27e0  msisadrv - ok
11:50:45.0696 0x27e0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:50:45.0706 0x27e0  MSiSCSI - ok
11:50:45.0706 0x27e0  msiserver - ok
11:50:45.0706 0x27e0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:50:45.0706 0x27e0  MSKSSRV - ok
11:50:45.0706 0x27e0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:50:45.0706 0x27e0  MSPCLOCK - ok
11:50:45.0716 0x27e0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:50:45.0716 0x27e0  MSPQM - ok
11:50:45.0716 0x27e0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:50:45.0726 0x27e0  MsRPC - ok
11:50:45.0726 0x27e0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:50:45.0726 0x27e0  mssmbios - ok
11:50:45.0736 0x27e0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:50:45.0736 0x27e0  MSTEE - ok
11:50:45.0736 0x27e0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:50:45.0736 0x27e0  MTConfig - ok
11:50:45.0736 0x27e0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:50:45.0736 0x27e0  Mup - ok
11:50:45.0746 0x27e0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:50:45.0756 0x27e0  napagent - ok
11:50:45.0766 0x27e0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:50:45.0766 0x27e0  NativeWifiP - ok
11:50:45.0776 0x27e0  [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG          C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\VirusDefs\20170125.001\ENG64.SYS
11:50:45.0776 0x27e0  NAVENG - ok
11:50:45.0806 0x27e0  [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15         C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\VirusDefs\20170125.001\EX64.SYS
11:50:45.0836 0x27e0  NAVEX15 - ok
11:50:45.0846 0x27e0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:50:45.0866 0x27e0  NDIS - ok
11:50:45.0866 0x27e0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:50:45.0866 0x27e0  NdisCap - ok
11:50:45.0866 0x27e0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:50:45.0866 0x27e0  NdisTapi - ok
11:50:45.0876 0x27e0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:50:45.0876 0x27e0  Ndisuio - ok
11:50:45.0876 0x27e0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:50:45.0886 0x27e0  NdisWan - ok
11:50:45.0886 0x27e0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:50:45.0886 0x27e0  NDProxy - ok
11:50:45.0896 0x27e0  [ 07B1F9832B37BA89A656956D04ED0662, FA16E5535A8C84BC7BA6140A816C8DCC680B33B61D0AAAC67F20F741343E0C56 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:50:45.0897 0x27e0  Net Driver HPZ12 - ok
11:50:45.0901 0x27e0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:50:45.0902 0x27e0  NetBIOS - ok
11:50:45.0906 0x27e0  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:50:45.0906 0x27e0  NetBT - ok
11:50:45.0916 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
11:50:45.0916 0x27e0  Netlogon - ok
11:50:45.0926 0x27e0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:50:45.0926 0x27e0  Netman - ok
11:50:45.0936 0x27e0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:45.0936 0x27e0  NetMsmqActivator - ok
11:50:45.0946 0x27e0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:45.0946 0x27e0  NetPipeActivator - ok
11:50:45.0956 0x27e0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:50:45.0966 0x27e0  netprofm - ok
11:50:46.0006 0x27e0  [ D2AFD7782D965BD66B139F2F2B854C82, 69A748714F38FC71B5BDB8EF5487F2A07D64D588D09975FCA1A4DCEF6277980F ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:50:46.0026 0x27e0  netr28ux - ok
11:50:46.0036 0x27e0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:46.0036 0x27e0  NetTcpActivator - ok
11:50:46.0036 0x27e0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:46.0036 0x27e0  NetTcpPortSharing - ok
11:50:46.0046 0x27e0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:50:46.0046 0x27e0  nfrd960 - ok
11:50:46.0056 0x27e0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:50:46.0056 0x27e0  NlaSvc - ok
11:50:46.0056 0x27e0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:50:46.0056 0x27e0  Npfs - ok
11:50:46.0066 0x27e0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:50:46.0066 0x27e0  nsi - ok
11:50:46.0066 0x27e0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:50:46.0066 0x27e0  nsiproxy - ok
11:50:46.0096 0x27e0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:50:46.0116 0x27e0  Ntfs - ok
11:50:46.0116 0x27e0  NTIOLib_1_0_C - ok
11:50:46.0116 0x27e0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:50:46.0116 0x27e0  Null - ok
11:50:46.0126 0x27e0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:50:46.0126 0x27e0  nvraid - ok
11:50:46.0136 0x27e0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:50:46.0136 0x27e0  nvstor - ok
11:50:46.0136 0x27e0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:50:46.0146 0x27e0  nv_agp - ok
11:50:46.0146 0x27e0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:50:46.0146 0x27e0  ohci1394 - ok
11:50:46.0156 0x27e0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:50:46.0156 0x27e0  ose - ok
11:50:46.0216 0x27e0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:50:46.0286 0x27e0  osppsvc - ok
11:50:46.0296 0x27e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:50:46.0296 0x27e0  p2pimsvc - ok
11:50:46.0306 0x27e0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:50:46.0316 0x27e0  p2psvc - ok
11:50:46.0316 0x27e0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:50:46.0326 0x27e0  Parport - ok
11:50:46.0326 0x27e0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:50:46.0326 0x27e0  partmgr - ok
11:50:46.0336 0x27e0  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:50:46.0336 0x27e0  PcaSvc - ok
11:50:46.0346 0x27e0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:50:46.0346 0x27e0  pci - ok
11:50:46.0346 0x27e0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:50:46.0346 0x27e0  pciide - ok
11:50:46.0357 0x27e0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:50:46.0357 0x27e0  pcmcia - ok
11:50:46.0367 0x27e0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:50:46.0367 0x27e0  pcw - ok
11:50:46.0377 0x27e0  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:50:46.0387 0x27e0  PEAUTH - ok
11:50:46.0417 0x27e0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:50:46.0450 0x27e0  PeerDistSvc - ok
11:50:46.0466 0x27e0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:50:46.0466 0x27e0  PerfHost - ok
11:50:46.0496 0x27e0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:50:46.0506 0x27e0  pla - ok
11:50:46.0516 0x27e0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:50:46.0526 0x27e0  PlugPlay - ok
11:50:46.0526 0x27e0  [ 91675C437BE3939B3E61ED3102246C81, FE60CEFD1294825D36144EC29DE9B687D6F7154F7E63A7A139EC0CDCD751A890 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:50:46.0536 0x27e0  Pml Driver HPZ12 - ok
11:50:46.0536 0x27e0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:50:46.0536 0x27e0  PNRPAutoReg - ok
11:50:46.0546 0x27e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:50:46.0546 0x27e0  PNRPsvc - ok
11:50:46.0556 0x27e0  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:50:46.0566 0x27e0  PolicyAgent - ok
11:50:46.0576 0x27e0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:50:46.0576 0x27e0  Power - ok
11:50:46.0576 0x27e0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:50:46.0576 0x27e0  PptpMiniport - ok
11:50:46.0586 0x27e0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:50:46.0586 0x27e0  Processor - ok
11:50:46.0596 0x27e0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:50:46.0596 0x27e0  ProfSvc - ok
11:50:46.0596 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:50:46.0596 0x27e0  ProtectedStorage - ok
11:50:46.0606 0x27e0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:50:46.0606 0x27e0  Psched - ok
11:50:46.0636 0x27e0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:50:46.0656 0x27e0  ql2300 - ok
11:50:46.0666 0x27e0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:50:46.0666 0x27e0  ql40xx - ok
11:50:46.0676 0x27e0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:50:46.0676 0x27e0  QWAVE - ok
11:50:46.0686 0x27e0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:50:46.0686 0x27e0  QWAVEdrv - ok
11:50:46.0686 0x27e0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:50:46.0686 0x27e0  RasAcd - ok
11:50:46.0696 0x27e0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:50:46.0696 0x27e0  RasAgileVpn - ok
11:50:46.0696 0x27e0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:50:46.0706 0x27e0  RasAuto - ok
11:50:46.0706 0x27e0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:50:46.0716 0x27e0  Rasl2tp - ok
11:50:46.0716 0x27e0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:50:46.0726 0x27e0  RasMan - ok
11:50:46.0736 0x27e0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:50:46.0736 0x27e0  RasPppoe - ok
11:50:46.0736 0x27e0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:50:46.0736 0x27e0  RasSstp - ok
11:50:46.0746 0x27e0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:50:46.0756 0x27e0  rdbss - ok
11:50:46.0756 0x27e0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:50:46.0756 0x27e0  rdpbus - ok
11:50:46.0756 0x27e0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:50:46.0766 0x27e0  RDPCDD - ok
11:50:46.0766 0x27e0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:50:46.0776 0x27e0  RDPDR - ok
11:50:46.0776 0x27e0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:50:46.0776 0x27e0  RDPENCDD - ok
11:50:46.0776 0x27e0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:50:46.0776 0x27e0  RDPREFMP - ok
11:50:46.0786 0x27e0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:50:46.0796 0x27e0  RDPWD - ok
11:50:46.0796 0x27e0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:50:46.0806 0x27e0  rdyboost - ok
11:50:46.0806 0x27e0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:50:46.0806 0x27e0  RemoteAccess - ok
11:50:46.0816 0x27e0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:50:46.0816 0x27e0  RemoteRegistry - ok
11:50:46.0826 0x27e0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:50:46.0826 0x27e0  RpcEptMapper - ok
11:50:46.0826 0x27e0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:50:46.0826 0x27e0  RpcLocator - ok
11:50:46.0836 0x27e0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
11:50:46.0846 0x27e0  RpcSs - ok
11:50:46.0846 0x27e0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:50:46.0846 0x27e0  rspndr - ok
11:50:46.0916 0x27e0  [ 0D38789364A47FBC827F758AC7F4836A, D445EB1E30DB2AB203372746DE9A8A8ACC2BF266CC7B308D27BD846C01CF31C3 ] RtlWlanu        C:\Windows\system32\DRIVERS\rtwlanu.sys
11:50:46.0970 0x27e0  RtlWlanu - ok
11:50:46.0973 0x27e0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:50:46.0973 0x27e0  s3cap - ok
11:50:46.0973 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
11:50:46.0973 0x27e0  SamSs - ok
11:50:46.0983 0x27e0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:50:46.0983 0x27e0  sbp2port - ok
11:50:46.0993 0x27e0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:50:46.0993 0x27e0  SCardSvr - ok
11:50:46.0993 0x27e0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:50:47.0003 0x27e0  scfilter - ok
11:50:47.0023 0x27e0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:50:47.0033 0x27e0  Schedule - ok
11:50:47.0043 0x27e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:50:47.0043 0x27e0  SCPolicySvc - ok
11:50:47.0053 0x27e0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:50:47.0053 0x27e0  SDRSVC - ok
11:50:47.0053 0x27e0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:50:47.0063 0x27e0  secdrv - ok
11:50:47.0063 0x27e0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:50:47.0063 0x27e0  seclogon - ok
11:50:47.0073 0x27e0  [ 9568A4CD05BC8991701AB67427EB960D, 0DF7BB3B8B5C4684B1B48C5784279ED5EE3975012A577ED6CC784F5D91F024F7 ] semlaunchsrv    C:\Program Files (x86)\Symantec\bin\SemLaunchSvc.exe
11:50:47.0083 0x27e0  semlaunchsrv - ok
11:50:47.0093 0x27e0  [ 4F0EA91DB6E107A0F1A02F9AC0EDA6B8, E5853914D7C2D2F455844AFBC96036DF8382F802CD8E2B1C2A61D95C4432A54E ] semsrv          C:\Program Files (x86)\Symantec\tomcat\bin\SemSvc.exe
11:50:47.0093 0x27e0  semsrv - ok
11:50:47.0093 0x27e0  [ 5EA8833E9135BF2CAB735DF9D6A0726A, F324C39B24070DE38918F33BC5A8BB904414A6F68224CE725B4FE16D0854C455 ] semwebsrv       C:\Program Files (x86)\Symantec\apache\bin\httpd.exe
11:50:47.0103 0x27e0  semwebsrv - ok
11:50:47.0103 0x27e0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:50:47.0103 0x27e0  SENS - ok
11:50:47.0103 0x27e0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:50:47.0113 0x27e0  SensrSvc - ok
11:50:47.0123 0x27e0  [ 37E26B70EE23E92CD9981EF944D0A20F, 906AE8E8FA2AFD1F971B87B6A6AE37842E389570CB8D61E5D60C887F9668B0AB ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin\ccSvcHst.exe
11:50:47.0123 0x27e0  SepMasterService - ok
11:50:47.0133 0x27e0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:50:47.0133 0x27e0  Serenum - ok
11:50:47.0133 0x27e0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:50:47.0133 0x27e0  Serial - ok
11:50:47.0143 0x27e0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:50:47.0143 0x27e0  sermouse - ok
11:50:47.0153 0x27e0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:50:47.0153 0x27e0  SessionEnv - ok
11:50:47.0153 0x27e0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:50:47.0153 0x27e0  sffdisk - ok
11:50:47.0163 0x27e0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:50:47.0163 0x27e0  sffp_mmc - ok
11:50:47.0163 0x27e0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:50:47.0163 0x27e0  sffp_sd - ok
11:50:47.0163 0x27e0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:50:47.0173 0x27e0  sfloppy - ok
11:50:47.0173 0x27e0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:50:47.0183 0x27e0  SharedAccess - ok
11:50:47.0193 0x27e0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:50:47.0203 0x27e0  ShellHWDetection - ok
11:50:47.0203 0x27e0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:50:47.0203 0x27e0  SiSRaid2 - ok
11:50:47.0203 0x27e0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:50:47.0213 0x27e0  SiSRaid4 - ok
11:50:47.0213 0x27e0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:50:47.0213 0x27e0  Smb - ok
11:50:47.0233 0x27e0  [ 9758C93F0F7C8350725133BE99FA8C1F, B03C18AE04625056DC470D950E5D64158F0E9A3FCBEF326B7CAB386BC5771649 ] SNAC            C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin64\snac64.exe
11:50:47.0243 0x27e0  SNAC - ok
11:50:47.0243 0x27e0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:50:47.0243 0x27e0  SNMPTRAP - ok
11:50:47.0243 0x27e0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:50:47.0243 0x27e0  spldr - ok
11:50:47.0263 0x27e0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
11:50:47.0263 0x27e0  Spooler - ok
11:50:47.0323 0x27e0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:50:47.0363 0x27e0  sppsvc - ok
11:50:47.0373 0x27e0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:50:47.0373 0x27e0  sppuinotify - ok
11:50:47.0373 0x27e0  [ 0F5185376B2EE1D787EFC28EAFB8F73B, F266549CA8BCCF6179C189B4EBF6EAEACD660D66C1492A5213971E2975FD815A ] SQLANYs_sem5    C:\Program Files (x86)\Symantec\ASA\win32\dbsrv16.exe
11:50:47.0373 0x27e0  SQLANYs_sem5 - ok
11:50:47.0393 0x27e0  [ 039F901499B39608012CB78405096509, 26B147AA721B1446D61A305063EEAC31B30D92DF945704EA0307817673267304 ] SRTSP           C:\Windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\SRTSP64.SYS
11:50:47.0413 0x27e0  SRTSP - ok
11:50:47.0413 0x27e0  [ 307CEB6DDC596A7E2810F2FE78DAA044, B7273F661CA0A6868DD0EB60A166FF34EAB8BACF2C112C243A76F512C925DFA5 ] SRTSPX          C:\Windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\SRTSPX64.SYS
11:50:47.0413 0x27e0  SRTSPX - ok
11:50:47.0423 0x27e0  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:50:47.0433 0x27e0  srv - ok
11:50:47.0433 0x27e0  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:50:47.0443 0x27e0  srv2 - ok
11:50:47.0453 0x27e0  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:50:47.0453 0x27e0  srvnet - ok
11:50:47.0453 0x27e0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:50:47.0463 0x27e0  SSDPSRV - ok
11:50:47.0463 0x27e0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:50:47.0463 0x27e0  SstpSvc - ok
11:50:47.0473 0x27e0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:50:47.0473 0x27e0  stexstor - ok
11:50:47.0488 0x27e0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:50:47.0490 0x27e0  stisvc - ok
11:50:47.0500 0x27e0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:50:47.0500 0x27e0  storflt - ok
11:50:47.0500 0x27e0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:50:47.0500 0x27e0  StorSvc - ok
11:50:47.0500 0x27e0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:50:47.0500 0x27e0  storvsc - ok
11:50:47.0510 0x27e0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:50:47.0510 0x27e0  swenum - ok
11:50:47.0520 0x27e0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:50:47.0530 0x27e0  swprv - ok
11:50:47.0530 0x27e0  [ B1C8EB180590299731417A1CBD41C01C, 15C4BB5DFA370B1954A2239497A7DE2910AB26FE084C88D83AE20381B4B4A8C4 ] SyDvCtrl        C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin64\SyDvCtrl64.sys
11:50:47.0530 0x27e0  SyDvCtrl - ok
11:50:47.0560 0x27e0  [ 779B05BB2080F9E331B968343BF39004, CA1307E83E4518FD72029A9BC3BA1E5686E0A21EAA086777C0DA7722A7CA341C ] SymEFASI        C:\Windows\system32\drivers\symefasi\0502010.007\symefasi.sys
11:50:47.0580 0x27e0  SymEFASI - ok
11:50:47.0580 0x27e0  [ 84FCE168791780B4F5B70D0DC77ADAAD, C5E99606BA7E816F587B58F2A4E6E352C44BE9EF5B8988A0833D358BF9465951 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:50:47.0580 0x27e0  SymEvent - ok
11:50:47.0590 0x27e0  [ C511489669DE79FCD3150EFFADB5A09D, DB6E89EAC5F97AD257D35647E9BF0A548C091FF5401D2BC1F8D31FAC54923305 ] SymIRON         C:\Windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\Ironx64.SYS
11:50:47.0590 0x27e0  SymIRON - ok
11:50:47.0610 0x27e0  [ 74EF605F1757927D4B2648D43FCE6F55, E58E5FE08297515738E8FF64AE77013AA4BF5FAFD29FCB7F7B7B5597AE79C5CC ] SYMNETS         C:\Windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\SYMNETS.SYS
11:50:47.0610 0x27e0  SYMNETS - ok
11:50:47.0640 0x27e0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:50:47.0660 0x27e0  SysMain - ok
11:50:47.0670 0x27e0  [ 65100CB4FB160A70B0C602B0BD98141A, 9D8CF41C09754AAFBA33DC52FFBDE8FB2C8B85C0C57A60471E4CC0A6CDE2749D ] SysPlant        C:\Windows\system32\Drivers\SysPlant.sys
11:50:47.0670 0x27e0  SysPlant - ok
11:50:47.0670 0x27e0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:50:47.0680 0x27e0  TabletInputService - ok
11:50:47.0690 0x27e0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:50:47.0690 0x27e0  TapiSrv - ok
11:50:47.0720 0x27e0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:50:47.0750 0x27e0  Tcpip - ok
11:50:47.0780 0x27e0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:50:47.0790 0x27e0  TCPIP6 - ok
11:50:47.0800 0x27e0  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:50:47.0800 0x27e0  tcpipreg - ok
11:50:47.0800 0x27e0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:50:47.0810 0x27e0  TDPIPE - ok
11:50:47.0810 0x27e0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:50:47.0810 0x27e0  TDTCP - ok
11:50:47.0810 0x27e0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:50:47.0810 0x27e0  tdx - ok
11:50:47.0820 0x27e0  [ 7DF37C2279D59F3AE439FEA2AEEF0DD4, EB7F179F65DECFF869AC34F8E9385168E4C56963BE5C256D32D2E99576E63681 ] Teefer2         C:\Windows\system32\DRIVERS\Teefer.sys
11:50:47.0820 0x27e0  Teefer2 - ok
11:50:47.0820 0x27e0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:50:47.0820 0x27e0  TermDD - ok
11:50:47.0840 0x27e0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:50:47.0850 0x27e0  TermService - ok
11:50:47.0850 0x27e0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:50:47.0850 0x27e0  Themes - ok
11:50:47.0860 0x27e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:50:47.0860 0x27e0  THREADORDER - ok
11:50:47.0860 0x27e0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:50:47.0870 0x27e0  TrkWks - ok
11:50:47.0870 0x27e0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:50:47.0880 0x27e0  TrustedInstaller - ok
11:50:47.0880 0x27e0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:50:47.0880 0x27e0  tssecsrv - ok
11:50:47.0890 0x27e0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:50:47.0890 0x27e0  TsUsbFlt - ok
11:50:47.0890 0x27e0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:50:47.0890 0x27e0  TsUsbGD - ok
11:50:47.0900 0x27e0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:50:47.0900 0x27e0  tunnel - ok
11:50:47.0900 0x27e0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:50:47.0900 0x27e0  uagp35 - ok
11:50:47.0910 0x27e0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:50:47.0920 0x27e0  udfs - ok
11:50:47.0920 0x27e0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:50:47.0920 0x27e0  UI0Detect - ok
11:50:47.0930 0x27e0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:50:47.0930 0x27e0  uliagpkx - ok
11:50:47.0930 0x27e0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:50:47.0930 0x27e0  umbus - ok
11:50:47.0940 0x27e0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:50:47.0940 0x27e0  UmPass - ok
11:50:47.0940 0x27e0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:50:47.0950 0x27e0  UmRdpService - ok
11:50:47.0960 0x27e0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:50:47.0960 0x27e0  upnphost - ok
11:50:47.0970 0x27e0  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:50:47.0970 0x27e0  usbccgp - ok
11:50:47.0970 0x27e0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:50:47.0980 0x27e0  usbcir - ok
11:50:47.0980 0x27e0  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:50:47.0980 0x27e0  usbehci - ok
11:50:47.0990 0x27e0  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:50:48.0000 0x27e0  usbhub - ok
11:50:48.0000 0x27e0  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:50:48.0000 0x27e0  usbohci - ok
11:50:48.0000 0x27e0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:50:48.0010 0x27e0  usbprint - ok
11:50:48.0013 0x27e0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:50:48.0015 0x27e0  usbscan - ok
11:50:48.0019 0x27e0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:50:48.0021 0x27e0  USBSTOR - ok
11:50:48.0023 0x27e0  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:50:48.0023 0x27e0  usbuhci - ok
11:50:48.0023 0x27e0  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
11:50:48.0023 0x27e0  usb_rndisx - ok
11:50:48.0033 0x27e0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:50:48.0033 0x27e0  UxSms - ok
11:50:48.0033 0x27e0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
11:50:48.0033 0x27e0  VaultSvc - ok
11:50:48.0043 0x27e0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:50:48.0043 0x27e0  vdrvroot - ok
11:50:48.0053 0x27e0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:50:48.0063 0x27e0  vds - ok
11:50:48.0063 0x27e0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:50:48.0063 0x27e0  vga - ok
11:50:48.0073 0x27e0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:50:48.0073 0x27e0  VgaSave - ok
11:50:48.0083 0x27e0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:50:48.0083 0x27e0  vhdmp - ok
11:50:48.0083 0x27e0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:50:48.0083 0x27e0  viaide - ok
11:50:48.0093 0x27e0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:50:48.0093 0x27e0  vmbus - ok
11:50:48.0103 0x27e0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:50:48.0103 0x27e0  VMBusHID - ok
11:50:48.0103 0x27e0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:50:48.0103 0x27e0  volmgr - ok
11:50:48.0113 0x27e0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:50:48.0123 0x27e0  volmgrx - ok
11:50:48.0123 0x27e0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:50:48.0133 0x27e0  volsnap - ok
11:50:48.0133 0x27e0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:50:48.0143 0x27e0  vsmraid - ok
11:50:48.0163 0x27e0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:50:48.0183 0x27e0  VSS - ok
11:50:48.0183 0x27e0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:50:48.0193 0x27e0  vwifibus - ok
11:50:48.0193 0x27e0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:50:48.0193 0x27e0  vwififlt - ok
11:50:48.0193 0x27e0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:50:48.0203 0x27e0  vwifimp - ok
11:50:48.0203 0x27e0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:50:48.0213 0x27e0  W32Time - ok
11:50:48.0213 0x27e0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:50:48.0213 0x27e0  WacomPen - ok
11:50:48.0223 0x27e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:50:48.0223 0x27e0  WANARP - ok
11:50:48.0223 0x27e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:50:48.0223 0x27e0  Wanarpv6 - ok
11:50:48.0253 0x27e0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:50:48.0263 0x27e0  WatAdminSvc - ok
11:50:48.0293 0x27e0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:50:48.0313 0x27e0  wbengine - ok
11:50:48.0323 0x27e0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:50:48.0323 0x27e0  WbioSrvc - ok
11:50:48.0333 0x27e0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:50:48.0333 0x27e0  wcncsvc - ok
11:50:48.0343 0x27e0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:50:48.0343 0x27e0  WcsPlugInService - ok
11:50:48.0343 0x27e0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:50:48.0343 0x27e0  Wd - ok
11:50:48.0363 0x27e0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:50:48.0373 0x27e0  Wdf01000 - ok
11:50:48.0373 0x27e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:50:48.0373 0x27e0  WdiServiceHost - ok
11:50:48.0383 0x27e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:50:48.0383 0x27e0  WdiSystemHost - ok
11:50:48.0393 0x27e0  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
11:50:48.0393 0x27e0  WebClient - ok
11:50:48.0403 0x27e0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:50:48.0403 0x27e0  Wecsvc - ok
11:50:48.0403 0x27e0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:50:48.0413 0x27e0  wercplsupport - ok
11:50:48.0413 0x27e0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:50:48.0413 0x27e0  WerSvc - ok
11:50:48.0413 0x27e0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:50:48.0423 0x27e0  WfpLwf - ok
11:50:48.0423 0x27e0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:50:48.0423 0x27e0  WIMMount - ok
11:50:48.0423 0x27e0  WinDefend - ok
11:50:48.0433 0x27e0  WinHttpAutoProxySvc - ok
11:50:48.0433 0x27e0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:50:48.0443 0x27e0  Winmgmt - ok
11:50:48.0473 0x27e0  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:50:48.0493 0x27e0  WinRM - ok
11:50:48.0503 0x27e0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
11:50:48.0503 0x27e0  WinUsb - ok
11:50:48.0523 0x27e0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:50:48.0533 0x27e0  Wlansvc - ok
11:50:48.0533 0x27e0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:50:48.0533 0x27e0  WmiAcpi - ok
11:50:48.0548 0x27e0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:50:48.0551 0x27e0  wmiApSrv - ok
11:50:48.0554 0x27e0  WMPNetworkSvc - ok
11:50:48.0556 0x27e0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:50:48.0556 0x27e0  WPCSvc - ok
11:50:48.0556 0x27e0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:50:48.0556 0x27e0  WPDBusEnum - ok
11:50:48.0566 0x27e0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:50:48.0566 0x27e0  ws2ifsl - ok
11:50:48.0566 0x27e0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:50:48.0576 0x27e0  wscsvc - ok
11:50:48.0576 0x27e0  WSearch - ok
11:50:48.0616 0x27e0  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:50:48.0646 0x27e0  wuauserv - ok
11:50:48.0646 0x27e0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:50:48.0656 0x27e0  WudfPf - ok
11:50:48.0656 0x27e0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:50:48.0666 0x27e0  WUDFRd - ok
11:50:48.0666 0x27e0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:50:48.0666 0x27e0  wudfsvc - ok
11:50:48.0676 0x27e0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:50:48.0676 0x27e0  WwanSvc - ok
11:50:48.0686 0x27e0  ================ Scan global ===============================
11:50:48.0686 0x27e0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:50:48.0696 0x27e0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:50:48.0706 0x27e0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:50:48.0706 0x27e0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:50:48.0716 0x27e0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:50:48.0726 0x27e0  [ Global ] - ok
11:50:48.0726 0x27e0  ================ Scan MBR ==================================
11:50:48.0726 0x27e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:50:48.0766 0x27e0  \Device\Harddisk0\DR0 - ok
11:50:48.0776 0x27e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:50:48.0776 0x27e0  \Device\Harddisk1\DR1 - ok
11:50:48.0776 0x27e0  ================ Scan VBR ==================================
11:50:48.0776 0x27e0  [ 2C85B1A13D8248321AB710FC17FF1B05 ] \Device\Harddisk0\DR0\Partition1
11:50:48.0776 0x27e0  \Device\Harddisk0\DR0\Partition1 - ok
11:50:48.0776 0x27e0  [ 3EC597D4E03722B05470E065B349A972 ] \Device\Harddisk0\DR0\Partition2
11:50:48.0776 0x27e0  \Device\Harddisk0\DR0\Partition2 - ok
11:50:48.0786 0x27e0  [ 1DE550A256E0E310727F7D4A4BA84EF4 ] \Device\Harddisk1\DR1\Partition1
11:50:48.0786 0x27e0  \Device\Harddisk1\DR1\Partition1 - ok
11:50:48.0786 0x27e0  ================ Scan generic autorun ======================
11:50:48.0896 0x27e0  [ BEF2C36A44611686775DC120D8C6D257, 7FF5203D9840C24E57BDAFBF7A94AEB58B1AF6A29F7F32FA56BCA382DEB9827A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:50:48.0986 0x27e0  RTHDVCPL - ok
11:50:48.0996 0x27e0  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
11:50:49.0006 0x27e0  AdobeAAMUpdater-1.0 - ok
11:50:49.0086 0x27e0  [ F1BECCB20E118DBCED2C777FC54459F4, E5D1A1193FDCBAD0E930EC6E73942D339FC3885CE407C56BEE2F861F6F1735F1 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
11:50:49.0160 0x27e0  StartCN - ok
11:50:49.0200 0x27e0  [ 666FEA598D1776C7F8EDD7746F0F7F59, 54E330BCDBAB646B555DACC15F9CFB0AD6A05BF4E273F73C5133259EEE976C21 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
11:50:49.0220 0x27e0  Malwarebytes TrayApp - ok
11:50:49.0230 0x27e0  [ CB46168FFDEA91E2B3435E51BB436558, 848D12E11B79722B07C42D848D831C6B782E1338B8F844924CB8938FE11F379D ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:50:49.0240 0x27e0  USB3MON - ok
11:50:49.0240 0x27e0  [ 3525994B92F56740C64B5412AEF1411D, 08FB7F8E1C34109699F9431D56CE0E502E165A01C7494BD7AE35A687C45CC942 ] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
11:50:49.0240 0x27e0  Copperhead - ok
11:50:49.0280 0x27e0  [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
11:50:49.0300 0x27e0  Adobe Creative Cloud - ok
11:50:49.0310 0x27e0  [ 46CDC9C5ACB644550F807F60456C07B0, 4E1DCBB9887719FB6C84E6E3A5C78FBC56A0167CB7E0C62F289B8E156D60FAEB ] C:\Program Files (x86)\PFU\ScanSnap\Driver\SSDriver\fi5110\SsWiaChecker.exe
11:50:49.0310 0x27e0  ScanSnap WIA Service Checker - ok
11:50:49.0320 0x27e0  [ 278ED9F250174B742387F20DB99BCBEC, C3BE162B1E35CF379EECF816D21C25C60599C6C382203051496FED763428849E ] C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe
11:50:49.0330 0x27e0  ScanSnap OnlineUpdate Watcher - ok
11:50:49.0360 0x27e0  [ 542C2B58BCCA8A3B2CCE4EA754F1640F, F4272F1C1B4C730B57DFFB441B43911FBEE7B0A8D044438F483375E45993934F ] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe
11:50:49.0380 0x27e0  ISUSPM - ok
11:50:49.0390 0x27e0  [ 4F6A540A9815EB1CC5746296AC2A620A, ACD89E0A95F6286C842CD2761BE890D79345F3A258FDBE915CBB3786CC5CAF9E ] C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe
11:50:49.0390 0x27e0  PowerPDF Registry Controller - ok
11:50:49.0440 0x27e0  [ E1D3D54FCA4CAD5E22B72F4D38989C9C, A91F170B263F995ED02D5A473183BC35C44EF73C705B60C20E7E7A84DA2C705E ] C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe
11:50:49.0470 0x27e0  NuanPowerPdf1NPDFLM - ok
11:50:49.0480 0x27e0  [ 130924FEDB988C2E01A33E8B2C9CD588, BA0634A5A590A027D1562F5EA6B0B977C9E39CDA601B50790A8EE6098D5E82E6 ] C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe
11:50:49.0490 0x27e0  Nuance Power PDF Standard-reminder - ok
11:50:49.0500 0x27e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:50:49.0520 0x27e0  Sidebar - ok
11:50:49.0520 0x27e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:50:49.0520 0x27e0  mctadmin - ok
11:50:49.0540 0x27e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:50:49.0550 0x27e0  Sidebar - ok
11:50:49.0560 0x27e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:50:49.0560 0x27e0  mctadmin - ok
11:50:49.0618 0x27e0  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\SalesMAN\AppData\Local\Akamai\netsession_win.exe
11:50:49.0668 0x27e0  Akamai NetSession Interface - ok
11:50:49.0668 0x27e0  Chromium - ok
11:50:49.0698 0x27e0  [ 157542251394B63CDA08DB8F92E42A83, 1E4DA9CA27752B85182A600029186E6753B48848DC9AFB74242754CEC35C617D ] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
11:50:49.0718 0x27e0  ScreenSplitter - ok
11:50:49.0738 0x27e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:50:49.0748 0x27e0  Sidebar - ok
11:50:49.0748 0x27e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:50:49.0748 0x27e0  mctadmin - ok
11:50:49.0768 0x27e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:50:49.0788 0x27e0  Sidebar - ok
11:50:49.0788 0x27e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:50:49.0788 0x27e0  mctadmin - ok
11:50:49.0808 0x27e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:50:49.0818 0x27e0  Sidebar - ok
11:50:49.0818 0x27e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:50:49.0828 0x27e0  mctadmin - ok
11:50:49.0828 0x27e0  Waiting for KSN requests completion. In queue: 412
11:50:50.0833 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:51.0839 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:52.0840 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:53.0843 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:54.0849 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:55.0856 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:56.0856 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:57.0856 0x27e0  Waiting for KSN requests completion. In queue: 311
11:50:58.0933 0x27e0  AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin\WSCSavNotifier.exe ( 12.1.7061.6600 ), 0x71000 ( enabled : updated )
11:50:58.0933 0x27e0  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.134 ), 0x61000 ( enabled : updated )
11:50:58.0933 0x27e0  FW detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin\Smc.exe ( 12.1.7061.6600 ), 0x41010 ( enabled )
11:50:59.0446 0x27e0  ============================================================
11:50:59.0446 0x27e0  Scan finished
11:50:59.0446 0x27e0  ============================================================
11:50:59.0446 0x27f8  Detected object count: 0
11:50:59.0446 0x27f8  Actual detected object count: 0
11:51:41.0208 0x0984  KLMD registered as C:\Windows\system32\drivers\79560704.sys
11:51:41.0785 0x0984  Deinitialize success
 



#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:05 PM

Posted 26 January 2017 - 02:20 PM

Let's move on, it's beginning to look like there is no malware.  Please run the ESET Online Scanner.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 SumnerIV

SumnerIV
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 26 January 2017 - 02:55 PM

ESET Scanner listed 0 threats. I didn't see an option to view logs, etc.



#9 SumnerIV

SumnerIV
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:05 PM

Posted 27 January 2017 - 02:30 PM

Am I to understand that there is no malware and that my anti-virus is merely picking up on junk emails in my inbox?



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:05 PM

Posted 28 January 2017 - 12:15 PM

It does appear that there is no malware involved here.  All of the scans failed to find anything significant.

 

In your original post you stated that you were receiving a lot of "spam" mail.  You stated that you believed that one of your Online email service was forwarding this spam to you home email client, specifically Thunderbird.  I sound like this Online email service is being used for a business or organization which would make it inconvenient to replace.  If you will provide me with the name of the Online email service you are using I will see what I can find information wise to block spam at its end.  One thing you can do is to set Thunderbird so that that it will block email from that Online service.

 

Select a message from a sender you wish to block: Right click the mouse, press and hold the Ctrl key, click on the sender's address and choose Create Filter From the list of options.

This will open the Filter rules window with the email address already inserted into the filter.

Click OK to save the filter.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users