I did not find any signs of malware at all in the logs. As for the HitmanPro logs, you have used the Early Warning Score scan. This scan type is usually intended for new malware samples that might not be detected and, rather than identifying malware, it tries to use behavior of files. This means that a lot of normal files get detected, and HitmanPro leaves it up to the user to decide what to do from the information. Those drivers are indeed normal.
Let's take a look at this:
1. Time indicates that the file appeared recently on this computer.
2. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
3. The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.
1. The first one is because you did reinstalled Windows a few days ago.
2 and 3. These files are system files (and hence protected by Windows File Protection) and that is why they are in system32 folder
As for drivers:
1. Starts automatically as a service during system bootup.
2. Program starts automatically without user intervention.
3. Time indicates that the file appeared recently on this computer.
4. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
5. The file is a device driver. Device drivers run as trusted (highly privileged) code.
6. The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.
1 and 2. Drivers are what allows Windows to essentially "talk" to all the hardware in your computer. This is why they need to start early so Windows can start properly.
3. Again, this is because you reinstalled Windows recently
4. This is a driver, and drivers are located in C:\Windows\system32\drivers
5. Again, since drivers directly talk to hardware, they run as trusted code
6. Most of the drivers are installed by Windows itself so they are protected automatically
As for the other symptoms, could you elaborate on this:
• (Remote and other) Service settings set up and disabled by me, then changed back and re-enabled to run automatically
Which services did you disable?
• Same with Task Manager items
I only see that you disabled OnlineBackup. Did you disable any other startup tasks?
• Same with Registry settings
I am not sure what you mean here. Did you disable the startup entries in the registry?
• Key Loggers and Camera installed on mine and my son's Mac NOTE: Installed on the same day by an IT individual working in Cyber Crime in DC sent here to "secure my home network and devices", who I later learned works for the "Dark Side" (I am currently in litigation and the opposing party has access to our email, home network, kids' pcs, iPads, phones, printers etc.)
I did not see any signs of a keylogger running on this computer.
• Someone is checking my Outlook email every hour on the hour and more in both Los Angeles and a suburb of DC in northern Virginia at the same location in both using a myriad of IP addresses that I cannot trace
Could you elaborate? Are you finding the ip address of the Outlook server itself, or someone who tried to access your emails?