Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows 7 wont reboot [Solved]

windows 7 toshiba norton power eraser

  • This topic is locked This topic is locked

#31
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Acknowledged, lets proceed as follows shall we...

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your problem machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

  • 0

Advertisements


#32
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by SYSTEM on MININT-7APBKBU on 05-06-2014 21:34:22
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-02-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Frank\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-15] (Google Inc.)
HKU\Frank\...\Run: [Facebook Update] => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\Frank\...\Run: [Spotify] => "C:\Users\Frank\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\Frank\...\Run: [Google Update] => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-29] (Google Inc.)
HKU\Frank\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\Frank\...\Run: [ooVoo.exe] => C:\program files (x86)\oovoo\oovoo.exe [35239488 2013-06-20] (ooVoo LLC)
HKU\Frank\...\Run: [ALconnect] => C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe [715880 2013-08-23] (Koninklijke Philips Electronics N.V.)
HKU\Frank\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries)
HKU\Frank\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Services (Whitelisted) =================
 
S2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)
S2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)
S2 ezGOSvc; C:\windows\SysWOW64\ezGOSvc.dll [80256 2011-06-26] ()
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
S2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3234848 2009-02-02] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [425800 2009-02-02] (Symantec Corporation)
S2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1832072 2009-02-02] (Symantec Corporation)
S2 astcc; C:\windows\SYSTEM32\astsrv.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-09] (DT Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
S3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140524.016\eng64.sys [126040 2013-09-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140524.016\ex64.sys [2099288 2013-09-16] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)
S1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)
S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)
S1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2011-07-07] (Symantec Corporation)
S3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-02-02] (Symantec Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S1 WPS; C:\windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-02] (Symantec Corporation)
S3 WpsHelper; C:\windows\system32\drivers\WpsHelper.sys [233120 2012-09-27] (Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
NETSVC: ezGOSvc -> C:\windows\SysWOW64\ezGOSvc.dll ()
 
==================== One Month Created Files and Folders ========
 
2014-06-05 21:34 - 2014-06-05 21:34 - 00000000 ____D () C:\FRST
2014-05-24 16:22 - 2014-05-24 16:23 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r
2014-05-24 08:49 - 2014-05-24 08:54 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe
2014-05-23 17:17 - 2014-05-08 22:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-23 17:17 - 2014-05-08 22:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-23 17:17 - 2014-03-24 18:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-05-23 17:17 - 2014-03-24 18:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-23 16:30 - 2014-05-05 20:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-23 16:30 - 2014-05-05 19:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-23 16:30 - 2014-05-05 19:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-05-23 16:30 - 2014-05-05 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-23 16:29 - 2014-05-23 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-23 16:29 - 2014-05-05 20:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-23 16:29 - 2014-05-05 19:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp
2014-05-22 16:38 - 2014-05-22 16:39 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe
2014-05-21 18:08 - 2014-04-11 18:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-05-15 22:01 - 2014-03-04 01:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-05-15 22:00 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 22:00 - 2014-03-04 01:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 16:00 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-05-15 16:00 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\System32\objsel.dll
2014-05-15 16:00 - 2014-03-04 01:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-05-15 16:00 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-05-15 16:00 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 16:00 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 16:00 - 2014-03-04 01:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:59 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-05-15 15:59 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-05-15 15:59 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-05-15 15:59 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-05-15 15:59 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-05-15 15:59 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-05-15 15:59 - 2014-04-11 18:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:59 - 2014-04-11 18:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:59 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-05-15 15:59 - 2014-03-04 01:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-05-15 15:59 - 2014-03-04 01:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2014-05-15 15:59 - 2014-03-04 01:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-05-15 15:59 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\wincredprovider.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\cngprovider.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\adprovider.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\capiprovider.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\dpapiprovider.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2014-05-15 15:59 - 2014-03-04 01:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:59 - 2014-03-04 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:59 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-08 05:08 - 2014-05-24 08:54 - 00000000 ___SD () C:\Windows\System32\CompatTel
 
==================== One Month Modified Files and Folders =======
 
2014-06-05 21:34 - 2014-06-05 21:34 - 00000000 ____D () C:\FRST
2014-05-24 19:07 - 2011-06-26 15:26 - 00000000 ____D () C:\Users\Frank\AppData\Local\Temp
2014-05-24 19:04 - 2011-06-26 21:27 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype
2014-05-24 18:57 - 2011-05-15 08:19 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 18:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep
2014-05-24 18:34 - 2009-07-13 21:13 - 00786598 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-24 18:24 - 2011-05-15 07:46 - 01497119 _____ () C:\Windows\WindowsUpdate.log
2014-05-24 18:08 - 2012-02-29 08:51 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job
2014-05-24 17:46 - 2011-09-01 17:20 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job
2014-05-24 17:34 - 2012-02-29 08:51 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job
2014-05-24 17:34 - 2011-05-15 08:19 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 16:23 - 2014-05-24 16:22 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-05-24 09:51 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 09:51 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 09:43 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-24 09:43 - 2009-07-13 20:51 - 00143074 _____ () C:\Windows\setupact.log
2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r
2014-05-24 08:54 - 2014-05-24 08:49 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe
2014-05-24 08:54 - 2014-05-08 05:08 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-24 08:48 - 2011-09-01 17:20 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job
2014-05-23 17:52 - 2011-06-26 21:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-23 17:51 - 2011-06-26 21:27 - 00000000 ____D () C:\ProgramData\Skype
2014-05-23 16:31 - 2011-06-26 15:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-23 16:29 - 2014-05-23 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp
2014-05-22 17:09 - 2012-02-29 08:51 - 00002380 _____ () C:\Users\Frank\Desktop\Google Chrome.lnk
2014-05-22 16:39 - 2014-05-22 16:38 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe
2014-05-22 16:31 - 2013-08-31 18:36 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-22 16:31 - 2011-07-07 21:10 - 93223848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-09 16:52 - 2011-05-15 08:19 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 16:51 - 2011-05-15 08:19 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 22:14 - 2014-05-23 17:17 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 22:11 - 2014-05-23 17:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-06 17:03 - 2012-02-29 08:51 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA
2014-05-06 17:03 - 2012-02-29 08:51 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core
 
Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\.exe
C:\Users\Frank\AppData\Local\Temp\ApnStub.exe
C:\Users\Frank\AppData\Local\Temp\C407.exe
C:\Users\Frank\AppData\Local\Temp\converter.exe
C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe
C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe
C:\Users\Frank\AppData\Local\Temp\offercast.exe
C:\Users\Frank\AppData\Local\Temp\ose00000.exe
C:\Users\Frank\AppData\Local\Temp\RegAsm.exe
C:\Users\Frank\AppData\Local\Temp\setup.exe
C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe
C:\Users\Frank\AppData\Local\Temp\tmpA69.exe
C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe
C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe
C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe
C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe
C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe
C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe
C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe
C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0520192 ____A (Microsoft Corporation) 968AFC005FD539EC6DF069294C42EA8B
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (whitelisted) =============
 
 
==================== Restore Points  =========================
 
Restore point made on: 2014-05-02 17:01:47
Restore point made on: 2014-05-03 09:37:38
Restore point made on: 2014-05-03 09:39:43
Restore point made on: 2014-05-03 09:41:50
Restore point made on: 2014-05-05 10:31:00
Restore point made on: 2014-05-06 10:55:03
Restore point made on: 2014-05-08 05:07:57
Restore point made on: 2014-05-14 16:18:38
Restore point made on: 2014-05-15 15:45:53
Restore point made on: 2014-05-23 02:17:52
Restore point made on: 2014-05-24 08:51:11
 
==================== Memory info =========================== 
 
Percentage of memory in use: 17%
Total physical RAM: 3019.86 MB
Available physical RAM: 2480.9 MB
Total Pagefile: 3018.06 MB
Available Pagefile: 2464.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: (TI106136W0E) (Fixed) (Total:285.15 GB) (Free:178.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (BIG POPPA) (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 95469684)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)
 
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
 
 
LastRegBack: 2014-04-30 15:52
 
==================== End Of Log ============================

  • 0

#33
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Hi. :)

Does indeed appear this machine is infected with similar to the other we worked upon.

Anyway carry out the below for myself please...

Custom FRST Scan:
  • Now please enter System Recovery Options on your infected machine again and then select Command Prompt.
  • Then run/launch FRST64 again as outlined in my prior post .
  • Type the following in the edit box after "Search:".
rpcss.dll
  • Click on the Search File(s) button/radio tab.
  • Once the search is complete a notepad file named Search.txt will be saved you your usb drive.
  • Post the contents of the aforementioned notepad file in your next reply.

  • 0

#34
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Search txt. attached

Attached Files


  • 0

#35
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Hi. :)
 

Search txt. attached


Thanks, though no real need to attach anything unless I request such.

Custom FRST Script:

Please download the attached fixlist.txt(see below) and save it to your USB Drive.

  • Now please enter System Recovery Options on the infected machine again and then select Command Prompt.
  • Run FRST64 again as outlined in my prior post and then press the Fix button just once and wait.
  • The tool will make a log on the USB Drive (Fixlog.txt). Please copy and paste the contents of the aforementioned notepad file in your next reply
  • Reboot the machine back into Normal Mode(if able).
Note: This above custom script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Next:

When completed the above, please post back the following in the order asked for:
  • Is your machine able to boot-up normally now or not ?
  • Fixlog Log from the Custom Script.

  • 0

#36
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by SYSTEM at 2014-06-06 22:04:09 Run:1
Running from G:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
HKLM\...\Run: [] => [X]
2014-05-24 16:22 - 2014-05-24 16:23 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r
2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp
C:\Users\Frank\AppData\Local\Temp\.exe
C:\Users\Frank\AppData\Local\Temp\ApnStub.exe
C:\Users\Frank\AppData\Local\Temp\C407.exe
C:\Users\Frank\AppData\Local\Temp\converter.exe
C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe
C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe
C:\Users\Frank\AppData\Local\Temp\offercast.exe
C:\Users\Frank\AppData\Local\Temp\ose00000.exe
C:\Users\Frank\AppData\Local\Temp\RegAsm.exe
C:\Users\Frank\AppData\Local\Temp\setup.exe
C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe
C:\Users\Frank\AppData\Local\Temp\tmpA69.exe
C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe
C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe
C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe
C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe
C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe
C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe
C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe
C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll C:\Windows\System32\rpcss.dll
 
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
C:\Users\Frank\Downloads\FRST64.exe => Moved successfully.
C:\Users\Frank\Downloads\love (1).m4r => Moved successfully.
C:\Users\Frank\Desktop\~WRL2348.tmp => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\ApnStub.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\C407.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\converter.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\offercast.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\RegAsm.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\setup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmpA69.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe => Moved successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
 
==== End of Fixlog ====

  • 0

#37
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Can your machine boot up successfully into Normal Mode or not ?

I have to point out, you rarely answer my questions and this does make it that much harder for myself to assist you. ;)
  • 0

#38
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Yes it does boot up, although the color of the desktop background is different.


  • 0

#39
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Acknowledged, probably due to malware. Not a real cause for concern however and feel free to change it when I give the all clear. :)

Scan with TDSSKiller:

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!
  • 0

#40
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

No threats found.


  • 0

Advertisements


#41
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Hi. :)
 

No threats found.


Good, however I would still like to review the log. So please post it in your next reply.

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to your Desktop.
  • Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.
Next:

When completed the above, please post back the following in the order asked for:
  • How is your computer performing now, any further symptoms and or problems encountered ?
  • TDSSKIller Log.
  • Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#42
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
21:04:29.0902 0x1b0c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
21:04:33.0151 0x1b0c  ============================================================
21:04:33.0151 0x1b0c  Current date / time: 2014/06/09 21:04:33.0151
21:04:33.0151 0x1b0c  SystemInfo:
21:04:33.0151 0x1b0c  
21:04:33.0151 0x1b0c  OS Version: 6.1.7601 ServicePack: 1.0
21:04:33.0151 0x1b0c  Product type: Workstation
21:04:33.0151 0x1b0c  ComputerName: FRANK-PC
21:04:33.0152 0x1b0c  UserName: Frank
21:04:33.0152 0x1b0c  Windows directory: C:\windows
21:04:33.0152 0x1b0c  System windows directory: C:\windows
21:04:33.0152 0x1b0c  Running under WOW64
21:04:33.0152 0x1b0c  Processor architecture: Intel x64
21:04:33.0152 0x1b0c  Number of processors: 4
21:04:33.0152 0x1b0c  Page size: 0x1000
21:04:33.0152 0x1b0c  Boot type: Normal boot
21:04:33.0152 0x1b0c  ============================================================
21:04:33.0718 0x1b0c  KLMD registered as C:\windows\system32\drivers\99569307.sys
21:04:34.0911 0x1b0c  System UUID: {F5F4F827-2823-4A43-671F-ED465317CAB4}
21:04:36.0505 0x1b0c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:04:36.0518 0x1b0c  ============================================================
21:04:36.0518 0x1b0c  \Device\Harddisk0\DR0:
21:04:36.0518 0x1b0c  MBR partitions:
21:04:36.0518 0x1b0c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23A4C800
21:04:36.0518 0x1b0c  ============================================================
21:04:36.0558 0x1b0c  C: <-> \Device\Harddisk0\DR0\Partition1
21:04:36.0558 0x1b0c  ============================================================
21:04:36.0558 0x1b0c  Initialize success
21:04:36.0558 0x1b0c  ============================================================
21:04:53.0921 0x191c  ============================================================
21:04:53.0921 0x191c  Scan started
21:04:53.0921 0x191c  Mode: Manual; SigCheck; TDLFS; 
21:04:53.0921 0x191c  ============================================================
21:04:53.0921 0x191c  KSN ping started
21:04:58.0746 0x191c  KSN ping finished: true
21:05:02.0827 0x191c  ================ Scan system memory ========================
21:05:02.0827 0x191c  System memory - ok
21:05:02.0828 0x191c  ================ Scan services =============================
21:05:03.0387 0x191c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
21:05:03.0748 0x191c  1394ohci - ok
21:05:04.0165 0x191c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
21:05:04.0257 0x191c  ACPI - ok
21:05:04.0315 0x191c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
21:05:04.0423 0x191c  AcpiPmi - ok
21:05:04.0705 0x191c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:05:04.0767 0x191c  AdobeARMservice - ok
21:05:04.0931 0x191c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
21:05:05.0037 0x191c  adp94xx - ok
21:05:05.0121 0x191c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
21:05:05.0189 0x191c  adpahci - ok
21:05:05.0334 0x191c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
21:05:05.0391 0x191c  adpu320 - ok
21:05:05.0495 0x191c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
21:05:06.0258 0x191c  AeLookupSvc - ok
21:05:06.0446 0x191c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
21:05:06.0653 0x191c  AFD - ok
21:05:06.0780 0x191c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
21:05:06.0826 0x191c  agp440 - ok
21:05:06.0956 0x191c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
21:05:07.0131 0x191c  ALG - ok
21:05:07.0301 0x191c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
21:05:07.0343 0x191c  aliide - ok
21:05:07.0419 0x191c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
21:05:07.0473 0x191c  amdide - ok
21:05:07.0570 0x191c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
21:05:07.0700 0x191c  AmdK8 - ok
21:05:07.0742 0x191c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
21:05:07.0822 0x191c  AmdPPM - ok
21:05:07.0895 0x191c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
21:05:07.0953 0x191c  amdsata - ok
21:05:08.0082 0x191c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
21:05:08.0203 0x191c  amdsbs - ok
21:05:08.0259 0x191c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
21:05:08.0311 0x191c  amdxata - ok
21:05:08.0425 0x191c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
21:05:09.0423 0x191c  AppID - ok
21:05:09.0472 0x191c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
21:05:09.0619 0x191c  AppIDSvc - ok
21:05:09.0751 0x191c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
21:05:09.0867 0x191c  Appinfo - ok
21:05:10.0100 0x191c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:05:10.0206 0x191c  Apple Mobile Device - ok
21:05:10.0238 0x191c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
21:05:10.0288 0x191c  arc - ok
21:05:10.0336 0x191c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
21:05:10.0385 0x191c  arcsas - ok
21:05:10.0693 0x191c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:05:10.0851 0x191c  aspnet_state - ok
21:05:10.0939 0x191c  astcc - ok
21:05:10.0961 0x191c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
21:05:11.0094 0x191c  AsyncMac - ok
21:05:11.0151 0x191c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
21:05:11.0194 0x191c  atapi - ok
21:05:11.0513 0x191c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:05:11.0951 0x191c  AudioEndpointBuilder - ok
21:05:12.0026 0x191c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
21:05:12.0241 0x191c  AudioSrv - ok
21:05:12.0362 0x191c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
21:05:12.0594 0x191c  AxInstSV - ok
21:05:12.0788 0x191c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
21:05:12.0947 0x191c  b06bdrv - ok
21:05:13.0018 0x191c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
21:05:13.0140 0x191c  b57nd60a - ok
21:05:13.0225 0x191c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
21:05:13.0335 0x191c  BDESVC - ok
21:05:13.0386 0x191c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
21:05:13.0530 0x191c  Beep - ok
21:05:13.0656 0x191c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
21:05:14.0005 0x191c  BFE - ok
21:05:14.0143 0x191c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
21:05:14.0464 0x191c  BITS - ok
21:05:14.0516 0x191c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
21:05:14.0585 0x191c  blbdrive - ok
21:05:14.0767 0x191c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:05:14.0873 0x191c  Bonjour Service - ok
21:05:14.0921 0x191c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
21:05:15.0035 0x191c  bowser - ok
21:05:15.0099 0x191c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
21:05:15.0154 0x191c  BrFiltLo - ok
21:05:15.0237 0x191c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
21:05:15.0312 0x191c  BrFiltUp - ok
21:05:15.0390 0x191c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
21:05:15.0513 0x191c  Browser - ok
21:05:15.0577 0x191c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
21:05:15.0670 0x191c  Brserid - ok
21:05:15.0850 0x191c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
21:05:15.0964 0x191c  BrSerWdm - ok
21:05:16.0151 0x191c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
21:05:16.0328 0x191c  BrUsbMdm - ok
21:05:16.0405 0x191c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
21:05:16.0548 0x191c  BrUsbSer - ok
21:05:16.0608 0x191c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
21:05:16.0686 0x191c  BTHMODEM - ok
21:05:16.0732 0x191c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
21:05:16.0976 0x191c  bthserv - ok
21:05:17.0164 0x191c  [ 5E68928BA2412E60FF1C61441313CF8D, 9BB1E00C758000932F1AB63F86C1D3E588174B3E57756638BB65D59E11D07D1D ] ccEvtMgr        C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:05:17.0251 0x191c  ccEvtMgr - ok
21:05:17.0297 0x191c  [ 5E68928BA2412E60FF1C61441313CF8D, 9BB1E00C758000932F1AB63F86C1D3E588174B3E57756638BB65D59E11D07D1D ] ccSetMgr        C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:05:17.0352 0x191c  ccSetMgr - ok
21:05:17.0426 0x191c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
21:05:17.0685 0x191c  cdfs - ok
21:05:17.0776 0x191c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
21:05:17.0905 0x191c  cdrom - ok
21:05:18.0057 0x191c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
21:05:18.0264 0x191c  CertPropSvc - ok
21:05:18.0309 0x191c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
21:05:18.0439 0x191c  circlass - ok
21:05:18.0516 0x191c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
21:05:18.0601 0x191c  CLFS - ok
21:05:18.0953 0x191c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:05:19.0046 0x191c  clr_optimization_v2.0.50727_32 - ok
21:05:19.0277 0x191c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:05:19.0452 0x191c  clr_optimization_v2.0.50727_64 - ok
21:05:19.0802 0x191c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:05:20.0400 0x191c  clr_optimization_v4.0.30319_32 - ok
21:05:20.0475 0x191c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:05:20.0896 0x191c  clr_optimization_v4.0.30319_64 - ok
21:05:20.0943 0x191c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
21:05:21.0012 0x191c  CmBatt - ok
21:05:21.0047 0x191c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
21:05:21.0087 0x191c  cmdide - ok
21:05:21.0305 0x191c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
21:05:21.0435 0x191c  CNG - ok
21:05:21.0875 0x191c  [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:05:22.0161 0x191c  CnxtHdAudService - ok
21:05:22.0361 0x191c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
21:05:22.0403 0x191c  Compbatt - ok
21:05:22.0447 0x191c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
21:05:22.0536 0x191c  CompositeBus - ok
21:05:22.0587 0x191c  COMSysApp - ok
21:05:22.0703 0x191c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
21:05:22.0744 0x191c  crcdisk - ok
21:05:22.0849 0x191c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
21:05:23.0037 0x191c  CryptSvc - ok
21:05:23.0407 0x191c  [ BA25D4B9B067248F7CAC416E855D706B, EB00FEC005863284D25AC708CEF65D945A1599801A3FDE4B992C1AD4593E2036 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
21:05:23.0452 0x191c  dc3d - ok
21:05:23.0581 0x191c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
21:05:23.0979 0x191c  DcomLaunch - ok
21:05:24.0178 0x191c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
21:05:24.0364 0x191c  defragsvc - ok
21:05:24.0456 0x191c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
21:05:24.0594 0x191c  DfsC - ok
21:05:24.0678 0x191c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
21:05:24.0870 0x191c  Dhcp - ok
21:05:24.0983 0x191c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
21:05:25.0201 0x191c  discache - ok
21:05:25.0327 0x191c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
21:05:25.0404 0x191c  Disk - ok
21:05:25.0472 0x191c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
21:05:25.0621 0x191c  Dnscache - ok
21:05:25.0673 0x191c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
21:05:25.0816 0x191c  dot3svc - ok
21:05:25.0876 0x191c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
21:05:26.0097 0x191c  DPS - ok
21:05:26.0209 0x191c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
21:05:26.0297 0x191c  drmkaud - ok
21:05:26.0523 0x191c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
21:05:26.0813 0x191c  DXGKrnl - ok
21:05:26.0887 0x191c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
21:05:27.0048 0x191c  EapHost - ok
21:05:27.0898 0x191c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
21:05:28.0338 0x191c  ebdrv - ok
21:05:28.0475 0x191c  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:05:28.0550 0x191c  eeCtrl - ok
21:05:28.0640 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
21:05:28.0805 0x191c  EFS - ok
21:05:29.0062 0x191c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
21:05:29.0316 0x191c  ehRecvr - ok
21:05:29.0409 0x191c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
21:05:29.0498 0x191c  ehSched - ok
21:05:29.0642 0x191c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
21:05:29.0774 0x191c  elxstor - ok
21:05:29.0840 0x191c  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:05:29.0947 0x191c  EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )
21:05:32.0855 0x191c  Detect skipped due to KSN trusted
21:05:32.0855 0x191c  EraserUtilRebootDrv - ok
21:05:32.0882 0x191c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
21:05:32.0996 0x191c  ErrDev - ok
21:05:33.0201 0x191c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
21:05:33.0453 0x191c  EventSystem - ok
21:05:33.0485 0x191c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
21:05:33.0611 0x191c  exfat - ok
21:05:33.0763 0x191c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
21:05:33.0974 0x191c  fastfat - ok
21:05:34.0073 0x191c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
21:05:34.0264 0x191c  Fax - ok
21:05:34.0307 0x191c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
21:05:34.0382 0x191c  fdc - ok
21:05:34.0424 0x191c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
21:05:34.0575 0x191c  fdPHost - ok
21:05:34.0619 0x191c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
21:05:34.0782 0x191c  FDResPub - ok
21:05:34.0829 0x191c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
21:05:34.0878 0x191c  FileInfo - ok
21:05:34.0954 0x191c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
21:05:35.0163 0x191c  Filetrace - ok
21:05:35.0179 0x191c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
21:05:35.0227 0x191c  flpydisk - ok
21:05:35.0401 0x191c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
21:05:35.0472 0x191c  FltMgr - ok
21:05:35.0866 0x191c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
21:05:36.0169 0x191c  FontCache - ok
21:05:36.0278 0x191c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:05:36.0343 0x191c  FontCache3.0.0.0 - ok
21:05:36.0373 0x191c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
21:05:36.0417 0x191c  FsDepends - ok
21:05:36.0515 0x191c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
21:05:36.0563 0x191c  Fs_Rec - ok
21:05:36.0664 0x191c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
21:05:36.0761 0x191c  fvevol - ok
21:05:36.0935 0x191c  [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk           C:\windows\system32\DRIVERS\FwLnk.sys
21:05:37.0015 0x191c  FwLnk - ok
21:05:37.0160 0x191c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
21:05:37.0206 0x191c  gagp30kx - ok
21:05:37.0491 0x191c  [ CFD54D70F76E84E1E737AE1140FBC5C0, 29B71794842FDFEC1512EAD8E298E2D0568E062A119141F7C309CC8910C6BA9C ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
21:05:37.0583 0x191c  Garmin Core Update Service - ok
21:05:37.0675 0x191c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:05:37.0711 0x191c  GEARAspiWDM - ok
21:05:37.0813 0x191c  [ 6D1180296D2B3CBDC9D29B035479259C, 9CB6B911E95C9CBE84AAA98C61B71CC48D6DA8CEB08B527E9F5D6FF37B928A69 ] GemCCID         C:\windows\system32\Drivers\GemCCID.sys
21:05:37.0914 0x191c  GemCCID - ok
21:05:38.0182 0x191c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
21:05:38.0547 0x191c  gpsvc - ok
21:05:38.0793 0x191c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:38.0848 0x191c  gupdate - ok
21:05:38.0915 0x191c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:38.0980 0x191c  gupdatem - ok
21:05:39.0118 0x191c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:05:39.0174 0x191c  gusvc - ok
21:05:39.0228 0x191c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
21:05:39.0513 0x191c  hcw85cir - ok
21:05:39.0634 0x191c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:05:39.0746 0x191c  HdAudAddService - ok
21:05:39.0809 0x191c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
21:05:39.0869 0x191c  HDAudBus - ok
21:05:39.0936 0x191c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
21:05:40.0000 0x191c  HidBatt - ok
21:05:40.0131 0x191c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
21:05:40.0211 0x191c  HidBth - ok
21:05:40.0346 0x191c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
21:05:40.0402 0x191c  HidIr - ok
21:05:40.0445 0x191c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
21:05:40.0602 0x191c  hidserv - ok
21:05:40.0711 0x191c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
21:05:40.0773 0x191c  HidUsb - ok
21:05:40.0885 0x191c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
21:05:41.0066 0x191c  hkmsvc - ok
21:05:41.0118 0x191c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:05:41.0275 0x191c  HomeGroupListener - ok
21:05:41.0435 0x191c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:05:41.0539 0x191c  HomeGroupProvider - ok
21:05:41.0676 0x191c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
21:05:41.0731 0x191c  HpSAMD - ok
21:05:41.0859 0x191c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
21:05:42.0168 0x191c  HTTP - ok
21:05:42.0247 0x191c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
21:05:42.0291 0x191c  hwpolicy - ok
21:05:42.0418 0x191c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
21:05:42.0471 0x191c  i8042prt - ok
21:05:42.0591 0x191c  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
21:05:42.0664 0x191c  iaStor - ok
21:05:42.0743 0x191c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
21:05:42.0829 0x191c  iaStorV - ok
21:05:42.0909 0x191c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:05:42.0970 0x191c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:05:45.0727 0x191c  Detect skipped due to KSN trusted
21:05:45.0727 0x191c  IDriverT - ok
21:05:45.0913 0x191c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:05:46.0094 0x191c  idsvc - ok
21:05:46.0116 0x191c  IEEtwCollectorService - ok
21:05:47.0530 0x191c  [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550DC3AED07A02030 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
21:05:48.0873 0x191c  igfx - ok
21:05:49.0046 0x191c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
21:05:49.0090 0x191c  iirsp - ok
21:05:49.0237 0x191c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
21:05:49.0483 0x191c  IKEEXT - ok
21:05:49.0554 0x191c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
21:05:49.0597 0x191c  intelide - ok
21:05:49.0779 0x191c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
21:05:49.0947 0x191c  intelppm - ok
21:05:50.0077 0x191c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
21:05:50.0229 0x191c  IPBusEnum - ok
21:05:50.0304 0x191c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
21:05:50.0414 0x191c  IpFilterDriver - ok
21:05:50.0526 0x191c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
21:05:50.0910 0x191c  iphlpsvc - ok
21:05:50.0951 0x191c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
21:05:51.0030 0x191c  IPMIDRV - ok
21:05:51.0129 0x191c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
21:05:51.0376 0x191c  IPNAT - ok
21:05:51.0511 0x191c  [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:05:51.0622 0x191c  iPod Service - ok
21:05:51.0680 0x191c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
21:05:51.0801 0x191c  IRENUM - ok
21:05:51.0930 0x191c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
21:05:51.0973 0x191c  isapnp - ok
21:05:52.0046 0x191c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
21:05:52.0108 0x191c  iScsiPrt - ok
21:05:52.0199 0x191c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
21:05:52.0246 0x191c  kbdclass - ok
21:05:52.0327 0x191c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
21:05:52.0472 0x191c  kbdhid - ok
21:05:52.0573 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
21:05:52.0621 0x191c  KeyIso - ok
21:05:52.0677 0x191c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
21:05:52.0725 0x191c  KSecDD - ok
21:05:52.0833 0x191c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
21:05:52.0890 0x191c  KSecPkg - ok
21:05:52.0962 0x191c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
21:05:53.0173 0x191c  ksthunk - ok
21:05:53.0347 0x191c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
21:05:53.0574 0x191c  KtmRm - ok
21:05:53.0708 0x191c  [ 045FB70BC993B691517CE309045FF02D, DF8D4755DB8440999CAABE1B25181D76342E0F79D9979A0600ECCAFA60E4130D ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
21:05:53.0750 0x191c  L1C - ok
21:05:53.0832 0x191c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
21:05:54.0015 0x191c  LanmanServer - ok
21:05:54.0277 0x191c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:05:54.0505 0x191c  LanmanWorkstation - ok
21:05:54.0968 0x191c  [ 6105B28F5D03C4AFFA7197B228768849, 2CD17178816100DBAFEFCD940DF8D012CDADC78C278835DEADB8D5F6BC0FC11A ] LiveUpdate      C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
21:05:55.0346 0x191c  LiveUpdate - ok
21:05:55.0407 0x191c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
21:05:55.0521 0x191c  lltdio - ok
21:05:55.0584 0x191c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
21:05:55.0913 0x191c  lltdsvc - ok
21:05:55.0959 0x191c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
21:05:56.0128 0x191c  lmhosts - ok
21:05:56.0323 0x191c  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:05:56.0454 0x191c  LMS - ok
21:05:56.0557 0x191c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
21:05:56.0607 0x191c  LSI_FC - ok
21:05:56.0695 0x191c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
21:05:56.0748 0x191c  LSI_SAS - ok
21:05:56.0817 0x191c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
21:05:56.0867 0x191c  LSI_SAS2 - ok
21:05:56.0898 0x191c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
21:05:56.0951 0x191c  LSI_SCSI - ok
21:05:57.0017 0x191c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
21:05:57.0162 0x191c  luafv - ok
21:05:57.0230 0x191c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
21:05:57.0299 0x191c  Mcx2Svc - ok
21:05:57.0364 0x191c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
21:05:57.0411 0x191c  megasas - ok
21:05:57.0481 0x191c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
21:05:57.0543 0x191c  MegaSR - ok
21:05:57.0595 0x191c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
21:05:57.0627 0x191c  MEIx64 - ok
21:05:57.0832 0x191c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
21:05:58.0033 0x191c  MMCSS - ok
21:05:58.0111 0x191c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
21:05:58.0259 0x191c  Modem - ok
21:05:58.0290 0x191c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
21:05:58.0356 0x191c  monitor - ok
21:05:58.0478 0x191c  [ EB03D4164E7F10B601D280413655ADE4, 5C35A13962567FA6C886A8E4DD32D494294176AE5A0EE3E3E9A954C9419624F7 ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
21:05:58.0538 0x191c  MotioninJoyXFilter - ok
21:05:58.0609 0x191c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
21:05:58.0654 0x191c  mouclass - ok
21:05:58.0760 0x191c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
21:05:58.0837 0x191c  mouhid - ok
21:05:58.0901 0x191c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
21:05:58.0950 0x191c  mountmgr - ok
21:05:58.0998 0x191c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
21:05:59.0054 0x191c  mpio - ok
21:05:59.0139 0x191c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
21:05:59.0269 0x191c  mpsdrv - ok
21:05:59.0408 0x191c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
21:05:59.0794 0x191c  MpsSvc - ok
21:05:59.0888 0x191c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
21:05:59.0980 0x191c  MRxDAV - ok
21:06:00.0027 0x191c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
21:06:00.0235 0x191c  mrxsmb - ok
21:06:00.0384 0x191c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
21:06:00.0488 0x191c  mrxsmb10 - ok
21:06:00.0539 0x191c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
21:06:00.0616 0x191c  mrxsmb20 - ok
21:06:00.0671 0x191c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
21:06:00.0714 0x191c  msahci - ok
21:06:00.0814 0x191c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
21:06:00.0868 0x191c  msdsm - ok
21:06:00.0945 0x191c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
21:06:01.0076 0x191c  MSDTC - ok
21:06:01.0220 0x191c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
21:06:01.0329 0x191c  Msfs - ok
21:06:01.0367 0x191c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
21:06:01.0478 0x191c  mshidkmdf - ok
21:06:01.0514 0x191c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
21:06:01.0557 0x191c  msisadrv - ok
21:06:01.0651 0x191c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
21:06:01.0812 0x191c  MSiSCSI - ok
21:06:01.0821 0x191c  msiserver - ok
21:06:01.0928 0x191c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
21:06:02.0049 0x191c  MSKSSRV - ok
21:06:02.0123 0x191c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
21:06:02.0229 0x191c  MSPCLOCK - ok
21:06:02.0290 0x191c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
21:06:02.0406 0x191c  MSPQM - ok
21:06:02.0524 0x191c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
21:06:02.0600 0x191c  MsRPC - ok
21:06:02.0686 0x191c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
21:06:02.0727 0x191c  mssmbios - ok
21:06:02.0832 0x191c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
21:06:03.0037 0x191c  MSTEE - ok
21:06:03.0079 0x191c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
21:06:03.0204 0x191c  MTConfig - ok
21:06:03.0293 0x191c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
21:06:03.0350 0x191c  Mup - ok
21:06:03.0416 0x191c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
21:06:03.0620 0x191c  napagent - ok
21:06:03.0702 0x191c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
21:06:03.0869 0x191c  NativeWifiP - ok
21:06:04.0154 0x191c  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140608.019\ENG64.SYS
21:06:04.0200 0x191c  NAVENG - ok
21:06:05.0071 0x191c  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140608.019\EX64.SYS
21:06:05.0270 0x191c  NAVEX15 - ok
21:06:05.0598 0x191c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
21:06:05.0807 0x191c  NDIS - ok
21:06:05.0858 0x191c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
21:06:06.0019 0x191c  NdisCap - ok
21:06:06.0048 0x191c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
21:06:06.0174 0x191c  NdisTapi - ok
21:06:06.0282 0x191c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
21:06:06.0529 0x191c  Ndisuio - ok
21:06:06.0605 0x191c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
21:06:06.0754 0x191c  NdisWan - ok
21:06:06.0796 0x191c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
21:06:06.0935 0x191c  NDProxy - ok
21:06:07.0091 0x191c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
21:06:07.0219 0x191c  NetBIOS - ok
21:06:07.0277 0x191c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
21:06:07.0413 0x191c  NetBT - ok
21:06:07.0485 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
21:06:07.0533 0x191c  Netlogon - ok
21:06:07.0754 0x191c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
21:06:07.0941 0x191c  Netman - ok
21:06:08.0142 0x191c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:08.0255 0x191c  NetMsmqActivator - ok
21:06:08.0342 0x191c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:08.0397 0x191c  NetPipeActivator - ok
21:06:08.0526 0x191c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
21:06:08.0734 0x191c  netprofm - ok
21:06:08.0842 0x191c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:08.0911 0x191c  NetTcpActivator - ok
21:06:08.0927 0x191c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:08.0986 0x191c  NetTcpPortSharing - ok
21:06:09.0066 0x191c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
21:06:09.0110 0x191c  nfrd960 - ok
21:06:09.0190 0x191c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
21:06:09.0322 0x191c  NlaSvc - ok
21:06:09.0357 0x191c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
21:06:09.0472 0x191c  Npfs - ok
21:06:09.0538 0x191c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
21:06:09.0700 0x191c  nsi - ok
21:06:09.0769 0x191c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
21:06:09.0875 0x191c  nsiproxy - ok
21:06:10.0143 0x191c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
21:06:10.0379 0x191c  Ntfs - ok
21:06:10.0430 0x191c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
21:06:10.0533 0x191c  Null - ok
21:06:10.0583 0x191c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
21:06:10.0635 0x191c  nvraid - ok
21:06:10.0695 0x191c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
21:06:10.0749 0x191c  nvstor - ok
21:06:10.0802 0x191c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
21:06:10.0855 0x191c  nv_agp - ok
21:06:10.0907 0x191c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
21:06:10.0957 0x191c  ohci1394 - ok
21:06:11.0119 0x191c  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:06:11.0251 0x191c  ose64 - ok
21:06:12.0465 0x191c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:06:12.0929 0x191c  osppsvc - ok
21:06:13.0127 0x191c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
21:06:13.0295 0x191c  p2pimsvc - ok
21:06:13.0396 0x191c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
21:06:13.0502 0x191c  p2psvc - ok
21:06:13.0577 0x191c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
21:06:13.0632 0x191c  Parport - ok
21:06:13.0750 0x191c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
21:06:13.0867 0x191c  partmgr - ok
21:06:13.0913 0x191c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
21:06:14.0099 0x191c  PcaSvc - ok
21:06:14.0184 0x191c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
21:06:14.0249 0x191c  pci - ok
21:06:14.0310 0x191c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
21:06:14.0350 0x191c  pciide - ok
21:06:14.0470 0x191c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
21:06:14.0530 0x191c  pcmcia - ok
21:06:14.0576 0x191c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
21:06:14.0620 0x191c  pcw - ok
21:06:14.0771 0x191c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
21:06:15.0003 0x191c  PEAUTH - ok
21:06:15.0192 0x191c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
21:06:15.0375 0x191c  PerfHost - ok
21:06:15.0479 0x191c  [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
21:06:15.0518 0x191c  PGEffect - ok
21:06:15.0694 0x191c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
21:06:16.0188 0x191c  pla - ok
21:06:16.0364 0x191c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
21:06:16.0551 0x191c  PlugPlay - ok
21:06:16.0711 0x191c  [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm         C:\windows\system32\DRIVERS\pnetmdm64.sys
21:06:16.0786 0x191c  pnetmdm - ok
21:06:16.0843 0x191c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
21:06:16.0927 0x191c  PNRPAutoReg - ok
21:06:17.0039 0x191c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
21:06:17.0112 0x191c  PNRPsvc - ok
21:06:17.0169 0x191c  [ 34A8FAE065249F85A67A3215FF5ECB34, 913297755C1046BA004E79660B7DA5BBE5E92B96AAA83D78AE3FF379371950D5 ] Point64         C:\windows\system32\DRIVERS\point64.sys
21:06:17.0214 0x191c  Point64 - ok
21:06:17.0441 0x191c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
21:06:17.0809 0x191c  PolicyAgent - ok
21:06:17.0913 0x191c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
21:06:18.0120 0x191c  Power - ok
21:06:18.0263 0x191c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
21:06:18.0415 0x191c  PptpMiniport - ok
21:06:18.0505 0x191c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
21:06:18.0588 0x191c  Processor - ok
21:06:18.0668 0x191c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
21:06:18.0796 0x191c  ProfSvc - ok
21:06:18.0841 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
21:06:18.0889 0x191c  ProtectedStorage - ok
21:06:18.0974 0x191c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
21:06:19.0139 0x191c  Psched - ok
21:06:19.0358 0x191c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
21:06:19.0549 0x191c  ql2300 - ok
21:06:19.0687 0x191c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
21:06:19.0738 0x191c  ql40xx - ok
21:06:19.0855 0x191c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
21:06:19.0955 0x191c  QWAVE - ok
21:06:19.0978 0x191c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
21:06:20.0056 0x191c  QWAVEdrv - ok
21:06:20.0096 0x191c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
21:06:20.0338 0x191c  RasAcd - ok
21:06:20.0497 0x191c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
21:06:20.0609 0x191c  RasAgileVpn - ok
21:06:20.0669 0x191c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
21:06:20.0857 0x191c  RasAuto - ok
21:06:20.0892 0x191c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
21:06:21.0039 0x191c  Rasl2tp - ok
21:06:21.0143 0x191c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
21:06:21.0340 0x191c  RasMan - ok
21:06:21.0391 0x191c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
21:06:21.0537 0x191c  RasPppoe - ok
21:06:21.0655 0x191c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
21:06:21.0781 0x191c  RasSstp - ok
21:06:21.0882 0x191c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
21:06:22.0076 0x191c  rdbss - ok
21:06:22.0132 0x191c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
21:06:22.0253 0x191c  rdpbus - ok
21:06:22.0314 0x191c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
21:06:22.0435 0x191c  RDPCDD - ok
21:06:22.0572 0x191c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
21:06:22.0717 0x191c  RDPENCDD - ok
21:06:22.0756 0x191c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
21:06:22.0862 0x191c  RDPREFMP - ok
21:06:22.0950 0x191c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
21:06:23.0042 0x191c  RDPWD - ok
21:06:23.0168 0x191c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
21:06:23.0225 0x191c  rdyboost - ok
21:06:23.0383 0x191c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
21:06:23.0517 0x191c  RemoteAccess - ok
21:06:23.0642 0x191c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
21:06:23.0767 0x191c  RemoteRegistry - ok
21:06:23.0831 0x191c  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\windows\system32\Drivers\RimUsb_AMD64.sys
21:06:23.0967 0x191c  RimUsb - ok
21:06:24.0028 0x191c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys
21:06:24.0150 0x191c  ROOTMODEM - ok
21:06:24.0320 0x191c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
21:06:24.0499 0x191c  RpcEptMapper - ok
21:06:24.0630 0x191c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
21:06:24.0692 0x191c  RpcLocator - ok
21:06:24.0794 0x191c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
21:06:24.0947 0x191c  RpcSs - ok
21:06:25.0065 0x191c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
21:06:25.0178 0x191c  rspndr - ok
21:06:25.0343 0x191c  [ 0E3DCF76F11DC431B088A2DFD7265CDA, 7FCC8A9C28B8B2E9EC6AB9FFF7354929838134F61DB9D5BB96C5F6A7ABDC6B6A ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
21:06:25.0440 0x191c  RSUSBSTOR - ok
21:06:25.0591 0x191c  [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:06:25.0797 0x191c  RTL8192Ce - ok
21:06:25.0896 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
21:06:25.0954 0x191c  SamSs - ok
21:06:26.0047 0x191c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
21:06:26.0096 0x191c  sbp2port - ok
21:06:26.0173 0x191c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
21:06:26.0316 0x191c  SCardSvr - ok
21:06:26.0342 0x191c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
21:06:26.0502 0x191c  scfilter - ok
21:06:26.0668 0x191c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
21:06:27.0208 0x191c  Schedule - ok
21:06:27.0291 0x191c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
21:06:27.0401 0x191c  SCPolicySvc - ok
21:06:27.0546 0x191c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
21:06:27.0705 0x191c  SDRSVC - ok
21:06:27.0771 0x191c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
21:06:27.0948 0x191c  secdrv - ok
21:06:28.0016 0x191c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
21:06:28.0149 0x191c  seclogon - ok
21:06:28.0204 0x191c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
21:06:28.0379 0x191c  SENS - ok
21:06:28.0506 0x191c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
21:06:28.0608 0x191c  SensrSvc - ok
21:06:28.0653 0x191c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
21:06:28.0753 0x191c  Serenum - ok
21:06:28.0870 0x191c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
21:06:28.0959 0x191c  Serial - ok
21:06:29.0101 0x191c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
21:06:29.0148 0x191c  sermouse - ok
21:06:29.0218 0x191c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
21:06:29.0407 0x191c  SessionEnv - ok
21:06:29.0435 0x191c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
21:06:29.0548 0x191c  sffdisk - ok
21:06:29.0622 0x191c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
21:06:29.0741 0x191c  sffp_mmc - ok
21:06:29.0779 0x191c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
21:06:29.0860 0x191c  sffp_sd - ok
21:06:29.0969 0x191c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
21:06:30.0087 0x191c  sfloppy - ok
21:06:30.0176 0x191c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
21:06:30.0365 0x191c  SharedAccess - ok
21:06:30.0446 0x191c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:06:30.0623 0x191c  ShellHWDetection - ok
21:06:30.0659 0x191c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
21:06:30.0703 0x191c  SiSRaid2 - ok
21:06:30.0757 0x191c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
21:06:30.0805 0x191c  SiSRaid4 - ok
21:06:31.0002 0x191c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:06:31.0283 0x191c  SkypeUpdate - ok
21:06:31.0338 0x191c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
21:06:31.0577 0x191c  Smb - ok
21:06:32.0491 0x191c  [ 48BFC901748A6CBDBCADD7991C867060, B4CA27CDEA5AF1C21B23BB658DF3CFB856EF55CCC4633CE6021652DB3CB59AF1 ] SmcService      C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
21:06:32.0898 0x191c  SmcService - ok
21:06:33.0025 0x191c  [ 767DE5FFE38B673C03551F50D96EBA0B, F9ACF6B6352A8F0DFC11F187013831514F8C64816381BEE0495AA279A46EC7F4 ] SNAC            C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
21:06:33.0094 0x191c  SNAC - ok
21:06:33.0415 0x191c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
21:06:33.0473 0x191c  SNMPTRAP - ok
21:06:33.0634 0x191c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
21:06:33.0679 0x191c  spldr - ok
21:06:33.0780 0x191c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
21:06:33.0900 0x191c  Spooler - ok
21:06:34.0349 0x191c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
21:06:35.0187 0x191c  sppsvc - ok
21:06:35.0234 0x191c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
21:06:35.0348 0x191c  sppuinotify - ok
21:06:35.0416 0x191c  [ B531FC8918DCDAAE638511A123C3465E, 298B802248F2EE093FFC6291559087633BE68939B224ED99CB3C5406C2F08ED6 ] SRTSP           C:\windows\system32\Drivers\SRTSP64.SYS
21:06:35.0511 0x191c  SRTSP - ok
21:06:35.0579 0x191c  [ 2BD3A73D0601320B72486FC3EBC2544F, 50677898DB77F95A4E7AF40902B9E0B1D85C7B66E1588562FE9C8EB074001EB3 ] SRTSPL          C:\windows\system32\Drivers\SRTSPL64.SYS
21:06:35.0659 0x191c  SRTSPL - ok
21:06:35.0703 0x191c  [ 529B337C1AEEB289F0B502EB0EE6A8F5, 2D042B520A5A0BAE912A9F06E27DB6F8F8EC24F6F21C549DF81748CAF5D74FE1 ] SRTSPX          C:\windows\system32\Drivers\SRTSPX64.SYS
21:06:35.0748 0x191c  SRTSPX - ok
21:06:35.0827 0x191c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
21:06:36.0091 0x191c  srv - ok
21:06:36.0270 0x191c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
21:06:36.0480 0x191c  srv2 - ok
21:06:36.0535 0x191c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
21:06:36.0611 0x191c  srvnet - ok
21:06:36.0719 0x191c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
21:06:36.0871 0x191c  SSDPSRV - ok
21:06:36.0959 0x191c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
21:06:37.0098 0x191c  SstpSvc - ok
21:06:37.0154 0x191c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
21:06:37.0197 0x191c  stexstor - ok
21:06:37.0383 0x191c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
21:06:37.0517 0x191c  StillCam - ok
21:06:37.0759 0x191c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
21:06:37.0905 0x191c  stisvc - ok
21:06:37.0997 0x191c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
21:06:38.0039 0x191c  swenum - ok
21:06:38.0100 0x191c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
21:06:38.0294 0x191c  swprv - ok
21:06:38.0709 0x191c  [ D880FBD65B6F4885AC89628225B91398, BB5B35D663772C1BC66E1705B2FEC21A23D26F51FCBA8227F0C3C6DEE4BDF6AB ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
21:06:38.0989 0x191c  Symantec AntiVirus - ok
21:06:39.0133 0x191c  [ D1F1A5E72E33D6BE449F5F1F4A513DD1, 10B80C6D6379F2D2D9D05BA5F822637C2C3C39621F88849CBD2625737B781832 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
21:06:39.0176 0x191c  SymEvent - ok
21:06:39.0296 0x191c  [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
21:06:39.0359 0x191c  SynTP - ok
21:06:39.0680 0x191c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
21:06:40.0072 0x191c  SysMain - ok
21:06:40.0153 0x191c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
21:06:40.0262 0x191c  TabletInputService - ok
21:06:40.0348 0x191c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
21:06:40.0515 0x191c  TapiSrv - ok
21:06:40.0608 0x191c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
21:06:40.0723 0x191c  TBS - ok
21:06:41.0158 0x191c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
21:06:41.0383 0x191c  Tcpip - ok
21:06:41.0680 0x191c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
21:06:41.0868 0x191c  TCPIP6 - ok
21:06:41.0947 0x191c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
21:06:42.0001 0x191c  tcpipreg - ok
21:06:42.0072 0x191c  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
21:06:42.0112 0x191c  tdcmdpst - ok
21:06:42.0216 0x191c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
21:06:42.0302 0x191c  TDPIPE - ok
21:06:42.0394 0x191c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
21:06:42.0486 0x191c  TDTCP - ok
21:06:42.0605 0x191c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
21:06:42.0720 0x191c  tdx - ok
21:06:42.0752 0x191c  [ EF6CCF8B483201F7196D83FC136FA43A, FC5BD00C0CCE73AE0CC703040B2524775FCBA2702DE0B0CD0450F2D68245725C ] Teefer2         C:\windows\system32\DRIVERS\teefer2.sys
21:06:42.0792 0x191c  Teefer2 - ok
21:06:42.0851 0x191c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
21:06:42.0895 0x191c  TermDD - ok
21:06:43.0012 0x191c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
21:06:43.0254 0x191c  TermService - ok
21:06:43.0295 0x191c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
21:06:43.0373 0x191c  Themes - ok
21:06:43.0488 0x191c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
21:06:43.0607 0x191c  THREADORDER - ok
21:06:43.0730 0x191c  [ 83E91963C4452BE6899503CF9EBFD3ED, 0121415C3FEDF030A73A43D5A8DCF44C077655B0E758F2ABBBDD4079743EF115 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:06:43.0842 0x191c  TMachInfo - ok
21:06:43.0937 0x191c  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv         C:\windows\system32\TODDSrv.exe
21:06:44.0029 0x191c  TODDSrv - ok
21:06:44.0234 0x191c  [ CDC97FA5C42B07FB0D4600E17C32F582, 1801964D228E03FF72D01E714ECE76D3040DD89B8FE828821CF999E6CB455F53 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:06:44.0332 0x191c  TosCoSrv - ok
21:06:44.0462 0x191c  [ EDB4B432DB13EA3D1EB2356310D33263, C587155A73AE282545A1A646740BD8E56DFD3D2F231B484469D691401354A245 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:06:44.0529 0x191c  TOSHIBA HDD SSD Alert Service - ok
21:06:44.0874 0x191c  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys
21:06:45.0026 0x191c  tos_sps64 - ok
21:06:45.0126 0x191c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
21:06:45.0298 0x191c  TrkWks - ok
21:06:45.0451 0x191c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:06:45.0573 0x191c  TrustedInstaller - ok
21:06:45.0633 0x191c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
21:06:45.0713 0x191c  tssecsrv - ok
21:06:45.0762 0x191c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
21:06:45.0874 0x191c  TsUsbFlt - ok
21:06:45.0948 0x191c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
21:06:46.0024 0x191c  TsUsbGD - ok
21:06:46.0111 0x191c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
21:06:46.0266 0x191c  tunnel - ok
21:06:46.0412 0x191c  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:06:46.0448 0x191c  TVALZ - ok
21:06:46.0606 0x191c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
21:06:46.0651 0x191c  uagp35 - ok
21:06:46.0714 0x191c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
21:06:46.0964 0x191c  udfs - ok
21:06:47.0011 0x191c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
21:06:47.0058 0x191c  UI0Detect - ok
21:06:47.0200 0x191c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
21:06:47.0252 0x191c  uliagpkx - ok
21:06:47.0310 0x191c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
21:06:47.0426 0x191c  umbus - ok
21:06:47.0553 0x191c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
21:06:47.0660 0x191c  UmPass - ok
21:06:48.0334 0x191c  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:06:49.0004 0x191c  UNS - ok
21:06:49.0110 0x191c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
21:06:49.0320 0x191c  upnphost - ok
21:06:49.0386 0x191c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
21:06:49.0468 0x191c  USBAAPL64 - ok
21:06:49.0581 0x191c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
21:06:49.0707 0x191c  usbccgp - ok
21:06:49.0789 0x191c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
21:06:50.0012 0x191c  usbcir - ok
21:06:50.0060 0x191c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
21:06:50.0123 0x191c  usbehci - ok
21:06:50.0321 0x191c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
21:06:50.0430 0x191c  usbhub - ok
21:06:50.0471 0x191c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
21:06:50.0599 0x191c  usbohci - ok
21:06:50.0674 0x191c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
21:06:50.0749 0x191c  usbprint - ok
21:06:50.0831 0x191c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
21:06:50.0974 0x191c  usbscan - ok
21:06:51.0062 0x191c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
21:06:51.0302 0x191c  USBSTOR - ok
21:06:51.0535 0x191c  [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP        C:\windows\system32\DRIVERS\tinspusb.sys
21:06:51.0623 0x191c  USBTINSP - ok
21:06:51.0665 0x191c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
21:06:51.0751 0x191c  usbuhci - ok
21:06:51.0842 0x191c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
21:06:52.0031 0x191c  usbvideo - ok
21:06:52.0095 0x191c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
21:06:52.0247 0x191c  UxSms - ok
21:06:52.0330 0x191c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
21:06:52.0390 0x191c  VaultSvc - ok
21:06:52.0510 0x191c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
21:06:52.0554 0x191c  vdrvroot - ok
21:06:52.0627 0x191c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
21:06:52.0847 0x191c  vds - ok
21:06:52.0889 0x191c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
21:06:52.0944 0x191c  vga - ok
21:06:53.0002 0x191c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
21:06:53.0123 0x191c  VgaSave - ok
21:06:53.0161 0x191c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
21:06:53.0221 0x191c  vhdmp - ok
21:06:53.0328 0x191c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
21:06:53.0369 0x191c  viaide - ok
21:06:53.0420 0x191c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
21:06:53.0466 0x191c  volmgr - ok
21:06:53.0558 0x191c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
21:06:53.0630 0x191c  volmgrx - ok
21:06:53.0803 0x191c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
21:06:53.0883 0x191c  volsnap - ok
21:06:53.0967 0x191c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
21:06:54.0022 0x191c  vsmraid - ok
21:06:54.0259 0x191c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
21:06:54.0894 0x191c  VSS - ok
21:06:54.0947 0x191c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
21:06:55.0078 0x191c  vwifibus - ok
21:06:55.0162 0x191c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
21:06:55.0242 0x191c  vwififlt - ok
21:06:55.0349 0x191c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
21:06:55.0407 0x191c  vwifimp - ok
21:06:55.0545 0x191c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
21:06:55.0791 0x191c  W32Time - ok
21:06:55.0853 0x191c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
21:06:55.0909 0x191c  WacomPen - ok
21:06:55.0956 0x191c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
21:06:56.0191 0x191c  WANARP - ok
21:06:56.0323 0x191c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
21:06:56.0434 0x191c  Wanarpv6 - ok
21:06:56.0684 0x191c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
21:06:57.0007 0x191c  WatAdminSvc - ok
21:06:57.0207 0x191c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
21:06:57.0653 0x191c  wbengine - ok
21:06:57.0725 0x191c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
21:06:57.0801 0x191c  WbioSrvc - ok
21:06:57.0891 0x191c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
21:06:58.0003 0x191c  wcncsvc - ok
21:06:58.0055 0x191c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:06:58.0095 0x191c  WcsPlugInService - ok
21:06:58.0130 0x191c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
21:06:58.0165 0x191c  Wd - ok
21:06:58.0289 0x191c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
21:06:58.0385 0x191c  Wdf01000 - ok
21:06:58.0493 0x191c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
21:06:58.0813 0x191c  WdiServiceHost - ok
21:06:58.0837 0x191c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
21:06:58.0953 0x191c  WdiSystemHost - ok
21:06:59.0048 0x191c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
21:06:59.0104 0x191c  WebClient - ok
21:06:59.0200 0x191c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
21:06:59.0309 0x191c  Wecsvc - ok
21:06:59.0403 0x191c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
21:06:59.0531 0x191c  wercplsupport - ok
21:06:59.0576 0x191c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
21:06:59.0668 0x191c  WerSvc - ok
21:06:59.0763 0x191c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
21:06:59.0841 0x191c  WfpLwf - ok
21:06:59.0918 0x191c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
21:06:59.0948 0x191c  WIMMount - ok
21:07:00.0026 0x191c  WinDefend - ok
21:07:00.0042 0x191c  WinHttpAutoProxySvc - ok
21:07:00.0166 0x191c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
21:07:00.0350 0x191c  Winmgmt - ok
21:07:00.0657 0x191c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
21:07:01.0110 0x191c  WinRM - ok
21:07:01.0284 0x191c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
21:07:01.0348 0x191c  WinUsb - ok
21:07:01.0544 0x191c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
21:07:01.0848 0x191c  Wlansvc - ok
21:07:01.0928 0x191c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:07:01.0997 0x191c  wlcrasvc - ok
21:07:02.0421 0x191c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:07:02.0871 0x191c  wlidsvc - ok
21:07:02.0907 0x191c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
21:07:02.0999 0x191c  WmiAcpi - ok
21:07:03.0125 0x191c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
21:07:03.0231 0x191c  wmiApSrv - ok
21:07:03.0332 0x191c  WMPNetworkSvc - ok
21:07:03.0350 0x191c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
21:07:03.0423 0x191c  WPCSvc - ok
21:07:03.0474 0x191c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
21:07:03.0638 0x191c  WPDBusEnum - ok
21:07:03.0682 0x191c  [ 37725EBE2F8972809903A10599C365A2, 6F16E3D474AFA1C971B271484DB81E1CF40D1AA501955D16CF1390A01474D87D ] WPS             C:\windows\system32\drivers\wpsdrvnt.sys
21:07:03.0723 0x191c  WPS - ok
21:07:03.0973 0x191c  [ 49B9FA407586503D27D17DBDEAEAC970, 50EC5AC0F8F6945A3A00D5435793340125BF4EF74D89CED04EC6D2F3395A19BC ] WpsHelper       C:\windows\system32\drivers\WpsHelper.sys
21:07:04.0030 0x191c  WpsHelper - ok
21:07:04.0089 0x191c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
21:07:04.0213 0x191c  ws2ifsl - ok
21:07:04.0333 0x191c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
21:07:04.0436 0x191c  wscsvc - ok
21:07:04.0543 0x191c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
21:07:04.0633 0x191c  WSDPrintDevice - ok
21:07:04.0652 0x191c  WSearch - ok
21:07:05.0021 0x191c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
21:07:05.0338 0x191c  wuauserv - ok
21:07:05.0434 0x191c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
21:07:05.0519 0x191c  WudfPf - ok
21:07:05.0617 0x191c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
21:07:05.0689 0x191c  WUDFRd - ok
21:07:05.0759 0x191c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
21:07:05.0907 0x191c  wudfsvc - ok
21:07:06.0034 0x191c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
21:07:06.0309 0x191c  WwanSvc - ok
21:07:06.0412 0x191c  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\windows\system32\DRIVERS\xusb21.sys
21:07:06.0457 0x191c  xusb21 - ok
21:07:06.0473 0x191c  ================ Scan global ===============================
21:07:06.0554 0x191c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
21:07:06.0685 0x191c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
21:07:06.0764 0x191c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
21:07:06.0824 0x191c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
21:07:06.0943 0x191c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
21:07:06.0966 0x191c  [ Global ] - ok
21:07:06.0972 0x191c  ================ Scan MBR ==================================
21:07:07.0018 0x191c  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:07:09.0497 0x191c  \Device\Harddisk0\DR0 - ok
21:07:09.0498 0x191c  ================ Scan VBR ==================================
21:07:09.0646 0x191c  [ 92BBBC1DB7B1474E117F235D958F049F ] \Device\Harddisk0\DR0\Partition1
21:07:09.0649 0x191c  \Device\Harddisk0\DR0\Partition1 - ok
21:07:09.0650 0x191c  ================ Scan generic autorun ======================
21:07:09.0731 0x191c  [ 64E498DF53A9481C0F65923B8E1AF8FF, C3DC9C5A4659811129593A5538BDBBC812B4FF8386445F144918B5A1733316A2 ] C:\windows\system32\igfxtray.exe
21:07:09.0809 0x191c  IgfxTray - ok
21:07:09.0893 0x191c  [ D2AF25E2921BACC9B87E1AB7054F22D2, 847472F224A3AD34738A6F9DBEF327AC5B741B1382760F9F441E361EB875CE80 ] C:\windows\system32\hkcmd.exe
21:07:09.0997 0x191c  HotKeysCmds - ok
21:07:10.0126 0x191c  [ E58E1B907C67DE1FD65BE37EB3C5E79D, 83DC46A2AF97315D86AB6AF909820518268D7D71403385129CF33BDF6FD3F82C ] C:\windows\system32\igfxpers.exe
21:07:10.0238 0x191c  Persistence - ok
21:07:10.0350 0x191c  [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
21:07:10.0732 0x191c  SmartAudio - ok
21:07:10.0734 0x191c  SynTPEnh - ok
21:07:10.0738 0x191c  TPwrMain - ok
21:07:10.0742 0x191c  TCrdMain - ok
21:07:10.0848 0x191c  [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
21:07:10.0885 0x191c  TosVolRegulator - ok
21:07:11.0076 0x191c  [ 578AD386192D03662C38D5E155144C59, BB5920B2B87288A85CBDFFB8E387D7ADFC390613D1C0968526DA2D69C28AAAB1 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
21:07:11.0311 0x191c  TosSENotify - ok
21:07:11.0319 0x191c  TosNC - ok
21:07:11.0320 0x191c  TosReelTimeMonitor - ok
21:07:11.0477 0x191c  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
21:07:11.0603 0x191c  BCSSync - ok
21:07:11.0818 0x191c  [ B810B8C3EA2658054C931B5713D7C206, 7E991423FC2F8B5DF884B81DA98F7188C0CBE40EE3C96DAD0E2D2A479A95A5A0 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
21:07:11.0999 0x191c  ToshibaServiceStation - ok
21:07:12.0141 0x191c  [ 5424CDA35AED398886F72DB02C7B7646, E74E11DFEE6773F0005B707828E464E8D3DF0D7990B31E4769389449614140F5 ] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
21:07:12.0252 0x191c  ccApp - ok
21:07:12.0509 0x191c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:07:12.0703 0x191c  Adobe ARM - ok
21:07:12.0815 0x191c  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:07:12.0878 0x191c  APSDaemon - ok
21:07:13.0058 0x191c  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:07:13.0202 0x191c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
21:07:16.0881 0x191c  Detect skipped due to KSN trusted
21:07:16.0881 0x191c  QuickTime Task - ok
21:07:16.0979 0x191c  [ B2387FD351A3D4780A917E4C00A83310, D23AADD424B1FC3D2C3A388252EEDA05F9B05922472A74E0CF4EEE7E005EADE1 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
21:07:17.0120 0x191c  iTunesHelper - ok
21:07:17.0361 0x191c  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
21:07:17.0619 0x191c  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
21:07:20.0833 0x191c  Detect skipped due to KSN trusted
21:07:20.0833 0x191c  BrMfcWnd - ok
21:07:21.0000 0x191c  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
21:07:21.0053 0x191c  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
21:07:24.0008 0x191c  Detect skipped due to KSN trusted
21:07:24.0008 0x191c  ControlCenter3 - ok
21:07:24.0275 0x191c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:07:24.0644 0x191c  Sidebar - ok
21:07:24.0712 0x191c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:07:24.0803 0x191c  mctadmin - ok
21:07:24.0988 0x191c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:07:25.0154 0x191c  Sidebar - ok
21:07:25.0234 0x191c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:07:25.0298 0x191c  mctadmin - ok
21:07:25.0467 0x191c  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:07:25.0539 0x191c  swg - ok
21:07:25.0742 0x191c  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe
21:07:25.0801 0x191c  Facebook Update - ok
21:07:25.0917 0x191c  Spotify - ok
21:07:26.0172 0x191c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe
21:07:26.0242 0x191c  Google Update - ok
21:07:26.0478 0x191c  [ 0C81C5C55CC47AB6DE3B487F5B465F11, 9F65A29735B4A182848943CF8C291FDFF3F3BDC143993DF87CC248E04AF09EA5 ] C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
21:07:26.0847 0x191c  ALconnect - ok
21:07:27.0029 0x191c  [ 4561E1427C32B47DCC7ACF30F95A8775, 1609F1A97671B6B544059E243A693F8219B1EDADF842622CF811F929A5BE2506 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:07:27.0235 0x191c  GarminExpressTrayApp - ok
21:07:27.0299 0x191c  Skype - ok
21:07:27.0551 0x191c  [ 52F4719BF4A62567043D19D6FAB756B4, 35C5A98528DADB5D4B98A1AC5AE8FD2A441C031F80568E6CEBB8A0C1570E6EA2 ] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
21:07:27.0886 0x191c  FlashPlayerUpdate - ok
21:07:27.0893 0x191c  Waiting for KSN requests completion. In queue: 9
21:07:28.0893 0x191c  Waiting for KSN requests completion. In queue: 9
21:07:29.0893 0x191c  Waiting for KSN requests completion. In queue: 9
21:07:31.0534 0x191c  AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\WSCSavNotifier.exe ( 11.0.6100.463 ), 0x70000 ( disabled : updated )
21:07:31.0679 0x191c  FW detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe ( 11.0.6100.480 ), 0x41010 ( enabled )
21:07:34.0619 0x191c  ============================================================
21:07:34.0619 0x191c  Scan finished
21:07:34.0619 0x191c  ============================================================
21:07:34.0640 0x0a10  Detected object count: 0
21:07:34.0640 0x0a10  Actual detected object count: 0

  • 0

#43
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Frank at 2014-06-09 21:17:00
Running from C:\Users\Frank\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
 
==================== Installed Programs ======================
 
ActiveLink Connect (HKCU\...\ActiveLink Connect) (Version: 5.6.0.16645 - Koninklijke Philips Electronics N.V.)
ActiveLink Connect (x32 Version: 5.6.0.16645 - Koninklijke Philips Electronics N.V.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.3.300.262 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.1.42 - Atheros Communications Inc.)
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Citrix Presentation Server Client - Web Only (HKLM-x32\...\{E9459BCF-0982-498B-ABA7-26C34323493F}) (Version: 10.200.2650 - Citrix Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
Connectivity Library and TI-Nspire™ handheld drivers (x32 Version: 1.0.0.539 - Texas Instruments Inc.) Hidden
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F2CE207D-C146-4BFD-A1C2-219483C58819}) (Version:  - Microsoft)
Elevated Installer (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{31a12940-e5c8-4d27-a6ac-005212152f1f}) (Version: 2.2.21 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{F2C07BE3-0F88-4D0C-957B-3557699981E9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
[email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Languages of the World (HKLM-x32\...\Languages of the World) (Version:  - )
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.96 - Symantec Corporation)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0080-0409-1000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com)
Mozilla Firefox 5.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 5.0 (x86 en-US)) (Version: 5.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Project64 1.7 (HKLM-x32\...\Project64 1.7) (Version:  - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{FF6A778A-02DA-4B2D-82F7-733A467984EC}) (Version: 3.0.2 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Symantec Endpoint Protection (HKLM\...\{73CA0462-DD49-495D-A6E5-AC4CF6F5FAC1}) (Version: 11.0.6100.645 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TI-Nspire Student Software (HKLM-x32\...\TI-Nspire Student Software) (Version: 3.0.2.1791 - Texas Instruments)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.1 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.1 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.19 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
15-05-2014 00:15:58 Windows Update
15-05-2014 23:44:24 Windows Update
23-05-2014 10:15:26 Windows Update
24-05-2014 16:48:40 Windows Update
07-06-2014 02:13:45 Windows Update
07-06-2014 02:19:54 Removed ooVoo
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1588E93D-2308-4472-B9A9-BAB098B8DBB2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {2F9B75BB-7FF5-4C2C-BA53-75F76AEEEE01} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {31DDD830-8402-4703-9693-582C9BF61FB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)
Task: {6F164D15-F9CB-4716-B91D-7E0A8735A93A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7C575633-397E-4AFD-B8D4-D9828E9F1585} - System32\Tasks\{39A542E2-8002-4D34-9CD8-F5A1F545D0C5} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {85D0D968-FB8D-49E3-BA39-34410D9B812B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {9E6201F9-C5BC-44D8-B86B-4BBAF8F9210C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-15] (Google Inc.)
Task: {B4A7420F-8C84-498D-90BF-1B2153AB9FD8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B5068366-AE49-41E3-93CC-6ECA86CCA3ED} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {E371773F-B278-4ACA-AECF-80D3762A3403} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-15] (Google Inc.)
Task: {E5DEB6A4-86AC-4401-A53E-A45FDEB4E279} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {EEE3DF03-6D65-409F-BC34-034B93A6B29B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-03-30 14:23 - 2012-03-11 14:56 - 00086608 _____ () C:\windows\System32\cpwmon64.dll
2011-07-01 00:06 - 2011-06-27 03:11 - 00080256 _____ () c:\windows\syswow64\ezgosvc.dll
2011-04-04 22:18 - 2011-04-04 22:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-03 13:38 - 2005-04-22 13:36 - 00143360 ____N () C:\windows\system32\BrSNMP64.dll
2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2013-08-22 14:00 - 2013-08-22 14:00 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2014-05-03 13:38 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2010-12-08 18:42 - 2010-12-08 18:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-03 13:38 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-06 22:10 - 2014-05-13 19:40 - 00716616 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-06 22:10 - 2014-05-13 19:40 - 00126280 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-06-06 22:10 - 2014-05-13 19:40 - 04217672 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-06 22:10 - 2014-05-13 19:40 - 00414536 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-06-06 22:10 - 2014-05-13 19:40 - 01732424 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
 
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003
 
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/07/2014 08:12:28 PM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error.  Available content updates may have failed to install.
 
Error: (06/06/2014 10:20:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/06/2014 10:14:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/06/2014 10:12:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (06/09/2014 04:13:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (06/06/2014 10:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (06/06/2014 10:06:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AST Service service failed to start due to the following error: 
%%2
 
Error: (06/06/2014 10:06:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:06:58 PM on ‎5/‎24/‎2014 was unexpected.
 
Error: (05/24/2014 10:02:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/24/2014 10:02:13 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/24/2014 10:01:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/24/2014 09:34:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/24/2014 09:34:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/24/2014 09:33:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
 
Microsoft Office Sessions:
=========================
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
 
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003
 
Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
 
Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/07/2014 08:12:28 PM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error.  Available content updates may have failed to install.
 
Error: (06/06/2014 10:20:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (06/06/2014 10:14:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (06/06/2014 10:12:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 59%
Total physical RAM: 3019.86 MB
Available physical RAM: 1227.73 MB
Total Pagefile: 6037.9 MB
Available Pagefile: 3448.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI106136W0E) (Fixed) (Total:285.15 GB) (Free:178.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 95469684)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)
 
==================== End Of Log ============================

  • 0

#44
mjdevo31

mjdevo31

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Frank (administrator) on FRANK-PC on 09-06-2014 21:13:39
Running from C:\Users\Frank\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Koninklijke Philips Electronics N.V.) C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Google Inc.) C:\Users\Frank\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Frank\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Frank\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Frank\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
(Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-02-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-15] (Google Inc.)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [Facebook Update] => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [Spotify] => "C:\Users\Frank\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [Google Update] => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-29] (Google Inc.)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [ALconnect] => C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe [715880 2013-08-23] (Koninklijke Philips Electronics N.V.)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe [686280 2012-06-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\MountPoints2: {5c784086-f9bb-11e0-9f0d-00266cbddc66} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1504366700-2138237974-4129982290-1001\...\MountPoints2: {7fc381af-ce5a-11e0-a14c-00266cbddc66} - F:\LaunchU3.exe -a
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...insDate02152014
SearchScopes: HKLM - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNJ
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNJ
SearchScopes: HKLM-x32 - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNJ
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNJ
SearchScopes: HKCU - DefaultScope {EEE88328-1C1E-44F9-BF45-14D29F82870E} URL = http://www.google.co...&rlz=1I7TSNJ_en
SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcas...q={searchTerms}
SearchScopes: HKCU - {54851B17-76E3-4761-A07C-7580B78E3E26} URL = http://websearch.ask...EE-F3B8E3F08B90
SearchScopes: HKCU - {EEE88328-1C1E-44F9-BF45-14D29F82870E} URL = http://www.google.co...&rlz=1I7TSNJ_en
SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNJ
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xmb4wk2g.default
FF DefaultSearchEngine: XFINITY
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: XFINITY
FF Homepage: hxxp://xfinity.comcast.net/?cid=insDate02152014
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Frank\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Frank\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Frank\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xmb4wk2g.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\xfinity.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-21]
 
Chrome: 
=======
CHR HomePage: hxxp://xfinity.comcast.net/?cid=insDate02152014
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: xfinity search
CHR DefaultSearchProvider: XFINITY Search
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Frank\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Google Search) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Xfinity) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb [2014-02-15]
CHR Extension: (EasyBib Tools) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmffdimoneaieldiddcmajhbjijmnggi [2013-03-19]
CHR Extension: (F22 with Northern Lights) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\mebpgiobbdmbfgpmehhaokfapikcpfdh [2012-02-29]
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR HKLM-x32\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx [2013-02-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Frank\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3234848 2009-02-02] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [425800 2009-02-02] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1832072 2009-02-02] (Symantec Corporation)
S2 astcc; C:\windows\SYSTEM32\astsrv.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation) [File not signed]
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140609.009\eng64.sys [126040 2013-09-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140609.009\ex64.sys [2099288 2013-09-16] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2011-07-08] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-02-02] (Symantec Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 WPS; C:\windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-02] (Symantec Corporation)
R3 WpsHelper; C:\windows\system32\drivers\WpsHelper.sys [233120 2012-10-05] (Symantec Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\CHDRT64.sys 99B1B888B793DE320C5479B3C953781F
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys BA25D4B9B067248F7CAC416E855D706B
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 1B7AA375F711F66D5FF2B855F9EC987F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 7230C8B80DDE1F0524C353240B78CC0E
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\System32\DRIVERS\FwLnk.sys 60ACB128E64C35C2B4E4AAB1B0A5C293
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\Drivers\GemCCID.sys 6D1180296D2B3CBDC9D29B035479259C
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 370C2A8629B30F910F740387795DDC6F
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 045FB70BC993B691517CE309045FF02D
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MijXfilt.sys EB03D4164E7F10B601D280413655ADE4
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Symantec\Definitions\VirusDefs\20140609.009\eng64.sys 702E07EC32F96ACDB873E9A5465D4401
C:\ProgramData\Symantec\Definitions\VirusDefs\20140609.009\ex64.sys 302EA314A1AF0D7CEF0A3D0195F79561
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pgeffect.sys 91111CEBBDE8015E822C46120ED9537C
C:\Windows\System32\DRIVERS\pnetmdm64.sys 06841F5CD8410B6BDC0B5A631B8F8787
C:\Windows\System32\DRIVERS\point64.sys 34A8FAE065249F85A67A3215FF5ECB34
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 0E3DCF76F11DC431B088A2DFD7265CDA
C:\Windows\System32\DRIVERS\rtl8192Ce.sys 64FDF4FE366CA42DA2B7D9D424B6E39B
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SRTSP64.SYS B531FC8918DCDAAE638511A123C3465E
C:\Windows\SysWOW64\Drivers\SRTSP64.SYS B531FC8918DCDAAE638511A123C3465E
C:\Windows\System32\Drivers\SRTSPL64.SYS 2BD3A73D0601320B72486FC3EBC2544F
C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS 2BD3A73D0601320B72486FC3EBC2544F
C:\Windows\System32\Drivers\SRTSPX64.SYS 529B337C1AEEB289F0B502EB0EE6A8F5
C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS 529B337C1AEEB289F0B502EB0EE6A8F5
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\windows\system32\Drivers\SYMEVENT64x86.SYS D1F1A5E72E33D6BE449F5F1F4A513DD1
C:\Windows\System32\DRIVERS\SynTP.sys 470C47DABA9CA3966F0AB3F835D7D135
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\teefer2.sys EF6CCF8B483201F7196D83FC136FA43A
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\tinspusb.sys C44D96B1CDDE705B23F55AB423CCA73D
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\windows\system32\drivers\wpsdrvnt.sys 37725EBE2F8972809903A10599C365A2
C:\windows\system32\drivers\WpsHelper.sys 49B9FA407586503D27D17DBDEAEAC970
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 9176C0822FAA649E45121875BE32F5D2
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-09 21:13 - 2014-06-09 21:15 - 00043393 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-06-09 21:11 - 2014-06-09 21:12 - 02080768 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2014-06-07 20:15 - 2014-06-07 20:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2014-06-07 20:11 - 2014-06-07 20:12 - 02072576 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-06-06 22:13 - 2014-06-06 22:13 - 00000040 _____ () C:\Users\Public\Documents\_rgpl
2014-06-06 01:34 - 2014-06-09 21:14 - 00000000 ____D () C:\FRST
2014-05-24 12:49 - 2014-05-24 12:54 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe
2014-05-23 21:17 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-23 21:17 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-23 21:17 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-23 21:17 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-23 20:30 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-23 20:30 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-23 20:30 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-23 20:30 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-23 20:29 - 2014-05-23 20:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-23 20:29 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-23 20:29 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-22 20:38 - 2014-05-22 20:39 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe
2014-05-21 22:08 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-16 02:01 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-16 02:00 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-16 02:00 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-15 20:00 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 20:00 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 20:00 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 20:00 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 20:00 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-15 20:00 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-15 20:00 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-15 19:59 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 19:59 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 19:59 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 19:59 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 19:59 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 19:59 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-15 19:59 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-15 19:59 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-15 19:59 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 19:59 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 19:59 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 19:59 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 19:59 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 19:59 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-15 19:59 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-15 19:59 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
 
==================== One Month Modified Files and Folders =======
 
2014-06-09 21:16 - 2011-06-26 19:26 - 00000000 ____D () C:\Users\Frank\AppData\Local\Temp
2014-06-09 21:15 - 2014-06-09 21:13 - 00043393 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-06-09 21:14 - 2014-06-06 01:34 - 00000000 ____D () C:\FRST
2014-06-09 21:13 - 2011-05-15 11:46 - 01565188 _____ () C:\windows\WindowsUpdate.log
2014-06-09 21:12 - 2014-06-09 21:11 - 02080768 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2014-06-09 21:08 - 2012-02-29 12:51 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job
2014-06-09 21:08 - 2012-02-29 12:51 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job
2014-06-09 21:02 - 2009-07-14 01:13 - 00786598 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-09 21:00 - 2011-09-01 21:20 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job
2014-06-09 21:00 - 2011-05-15 12:19 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 20:59 - 2011-09-01 21:20 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job
2014-06-09 20:59 - 2011-06-27 01:27 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype
2014-06-09 20:59 - 2011-05-15 12:19 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-07 20:15 - 2014-06-07 20:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2014-06-07 20:12 - 2014-06-07 20:11 - 02072576 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-06-06 23:02 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-06-06 22:16 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 22:16 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 22:13 - 2014-06-06 22:13 - 00000040 _____ () C:\Users\Public\Documents\_rgpl
2014-06-06 22:12 - 2012-02-29 12:51 - 00002380 _____ () C:\Users\Frank\Desktop\Google Chrome.lnk
2014-06-06 22:06 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-06 22:06 - 2009-07-14 00:51 - 00143130 _____ () C:\windows\setupact.log
2014-05-24 22:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\sysprep
2014-05-24 14:43 - 2011-06-26 19:27 - 00000000 ___RD () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-24 14:43 - 2011-06-26 19:26 - 00000000 ___RD () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 12:54 - 2014-05-24 12:49 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe
2014-05-24 12:54 - 2014-05-08 09:08 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-23 21:52 - 2011-06-27 01:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-23 21:52 - 2011-06-27 01:27 - 00000000 ____D () C:\ProgramData\Skype
2014-05-23 20:31 - 2011-06-26 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-23 20:29 - 2014-05-23 20:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-22 20:42 - 2013-08-31 22:36 - 00000000 ____D () C:\windows\system32\MRT
2014-05-22 20:39 - 2014-05-22 20:38 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe
2014-05-22 20:31 - 2011-07-08 01:10 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-13 20:44 - 2011-08-16 01:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
 
Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\RemoveGO.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-06 22:54
 
==================== End Of Log ===========================

  • 0

#45
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Hi. :)

Do please answer my prior query after completing the below, thank you.
 

How is your computer performing now, any further symptoms and or problems encountered ?


I advise you uninstall the following version of Java:-

Java 6 Update 20

It is way out of date and a security risk for this reason and the other one I mentioned in a prior post whilst assisting you with the first machine.

Custom FRST Script:

Delete the following in your Downloads folder:-

FRST64.exe
FRST64 (1).exe


Then download to the aforementioned folder:-

and a new copy of FRST64
  • Now right-click on FRST.exe and select Run as Administrator to start FRST.
  • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
  • A log will now open named Fixlog and it will also be on the desktop >> close FRST.
  • Reboot your machine(ensure you do this) and post the contents of the aforementioned Fixlog in your next reply.
Scan with AdwCleaner:

Please download adwcleaner from here and save to your Downloads folder.

Alternate downloads are here or here.
  • Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
  • Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
  • Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt
  • 0






Similar Topics


Also tagged with one or more of these keywords: windows 7, toshiba, norton power eraser

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP