Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

windows 7 wont reboot [Solved]

Started by mjdevo31 , May 24 2014 01:53 PM

windows 7 toshiba norton power eraser

This topic is locked

#31
Dakeyras

Posted 05 June 2014 - 04:33 AM

Anti-Malware Mammoth

Expert
9,772 posts

Acknowledged, lets proceed as follows shall we...

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your problem machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter

Note: Replace letter e with the drive letter of your flash drive.

The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

#32
mjdevo31

Posted 05 June 2014 - 07:37 PM

Member

Topic Starter
Member
29 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014

Ran by SYSTEM on MININT-7APBKBU on 05-06-2014 21:34:22

Running from G:\

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Recovery

The current controlset is ControlSet001

ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)

HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-02-02] (Symantec Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\Frank\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-15] (Google Inc.)

HKU\Frank\...\Run: [Facebook Update] => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)

HKU\Frank\...\Run: [Spotify] => "C:\Users\Frank\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

HKU\Frank\...\Run: [Google Update] => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-29] (Google Inc.)

HKU\Frank\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)

HKU\Frank\...\Run: [ooVoo.exe] => C:\program files (x86)\oovoo\oovoo.exe [35239488 2013-06-20] (ooVoo LLC)

HKU\Frank\...\Run: [ALconnect] => C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe [715880 2013-08-23] (Koninklijke Philips Electronics N.V.)

HKU\Frank\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries)

HKU\Frank\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) =================

S2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)

S2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-02-02] (Symantec Corporation)

S2 ezGOSvc; C:\windows\SysWOW64\ezGOSvc.dll [80256 2011-06-26] ()

S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries)

S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)

S2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3234848 2009-02-02] (Symantec Corporation)

S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [425800 2009-02-02] (Symantec Corporation)

S2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1832072 2009-02-02] (Symantec Corporation)

S2 astcc; C:\windows\SYSTEM32\astsrv.exe [X]

==================== Drivers (Whitelisted) ====================

S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-09] (DT Soft Ltd)

S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)

S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)

S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)

S3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140524.016\eng64.sys [126040 2013-09-16] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140524.016\ex64.sys [2099288 2013-09-16] (Symantec Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

S1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)

S1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2009-02-02] (Symantec Corporation)

S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)

S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2009-02-02] (Symantec Corporation)

S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)

S1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-02-02] (Symantec Corporation)

S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2011-07-07] (Symantec Corporation)

S3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-02-02] (Symantec Corporation)

S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)

S1 WPS; C:\windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-02] (Symantec Corporation)

S3 WpsHelper; C:\windows\system32\drivers\WpsHelper.sys [233120 2012-09-27] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

NETSVC: ezGOSvc -> C:\windows\SysWOW64\ezGOSvc.dll ()

==================== One Month Created Files and Folders ========

2014-06-05 21:34 - 2014-06-05 21:34 - 00000000 ____D () C:\FRST

2014-05-24 16:22 - 2014-05-24 16:23 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r

2014-05-24 08:49 - 2014-05-24 08:54 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe

2014-05-23 17:17 - 2014-05-08 22:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll

2014-05-23 17:17 - 2014-05-08 22:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll

2014-05-23 17:17 - 2014-03-24 18:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll

2014-05-23 17:17 - 2014-03-24 18:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-23 16:30 - 2014-05-05 20:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2014-05-23 16:30 - 2014-05-05 19:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-23 16:30 - 2014-05-05 19:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2014-05-23 16:30 - 2014-05-05 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-23 16:29 - 2014-05-23 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-05-23 16:29 - 2014-05-05 20:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2014-05-23 16:29 - 2014-05-05 19:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp

2014-05-22 16:38 - 2014-05-22 16:39 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe

2014-05-21 18:08 - 2014-04-11 18:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll

2014-05-15 22:01 - 2014-03-04 01:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll

2014-05-15 22:00 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-15 22:00 - 2014-03-04 01:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-15 16:00 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2014-05-15 16:00 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\System32\objsel.dll

2014-05-15 16:00 - 2014-03-04 01:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll

2014-05-15 16:00 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe

2014-05-15 16:00 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-15 16:00 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-15 16:00 - 2014-03-04 01:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-15 15:59 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2014-05-15 15:59 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2014-05-15 15:59 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll

2014-05-15 15:59 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe

2014-05-15 15:59 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll

2014-05-15 15:59 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll

2014-05-15 15:59 - 2014-04-11 18:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-15 15:59 - 2014-04-11 18:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-15 15:59 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll

2014-05-15 15:59 - 2014-03-04 01:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll

2014-05-15 15:59 - 2014-03-04 01:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll

2014-05-15 15:59 - 2014-03-04 01:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll

2014-05-15 15:59 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\wincredprovider.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\cngprovider.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\adprovider.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\capiprovider.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\dpapiprovider.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\dimsroam.dll

2014-05-15 15:59 - 2014-03-04 01:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-15 15:59 - 2014-03-04 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-15 15:59 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-08 05:08 - 2014-05-24 08:54 - 00000000 ___SD () C:\Windows\System32\CompatTel

==================== One Month Modified Files and Folders =======

2014-06-05 21:34 - 2014-06-05 21:34 - 00000000 ____D () C:\FRST

2014-05-24 19:07 - 2011-06-26 15:26 - 00000000 ____D () C:\Users\Frank\AppData\Local\Temp

2014-05-24 19:04 - 2011-06-26 21:27 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype

2014-05-24 18:57 - 2011-05-15 08:19 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-24 18:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep

2014-05-24 18:34 - 2009-07-13 21:13 - 00786598 _____ () C:\Windows\System32\PerfStringBackup.INI

2014-05-24 18:24 - 2011-05-15 07:46 - 01497119 _____ () C:\Windows\WindowsUpdate.log

2014-05-24 18:08 - 2012-02-29 08:51 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job

2014-05-24 17:46 - 2011-09-01 17:20 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job

2014-05-24 17:34 - 2012-02-29 08:51 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job

2014-05-24 17:34 - 2011-05-15 08:19 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-24 16:23 - 2014-05-24 16:22 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-05-24 09:51 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-24 09:51 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-24 09:43 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-24 09:43 - 2009-07-13 20:51 - 00143074 _____ () C:\Windows\setupact.log

2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r

2014-05-24 08:54 - 2014-05-24 08:49 - 01022064 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NBRT-SOS-Downloader.exe

2014-05-24 08:54 - 2014-05-08 05:08 - 00000000 ___SD () C:\Windows\System32\CompatTel

2014-05-24 08:48 - 2011-09-01 17:20 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job

2014-05-23 17:52 - 2011-06-26 21:27 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-05-23 17:51 - 2011-06-26 21:27 - 00000000 ____D () C:\ProgramData\Skype

2014-05-23 16:31 - 2011-06-26 15:40 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-05-23 16:29 - 2014-05-23 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp

2014-05-22 17:09 - 2012-02-29 08:51 - 00002380 _____ () C:\Users\Frank\Desktop\Google Chrome.lnk

2014-05-22 16:39 - 2014-05-22 16:38 - 03077584 _____ (Symantec Corporation) C:\Users\Frank\Downloads\NPE.exe

2014-05-22 16:31 - 2013-08-31 18:36 - 00000000 ____D () C:\Windows\System32\MRT

2014-05-22 16:31 - 2011-07-07 21:10 - 93223848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

2014-05-09 16:52 - 2011-05-15 08:19 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-09 16:51 - 2011-05-15 08:19 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-08 22:14 - 2014-05-23 17:17 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll

2014-05-08 22:11 - 2014-05-23 17:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll

2014-05-06 17:03 - 2012-02-29 08:51 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA

2014-05-06 17:03 - 2012-02-29 08:51 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core

Some content of TEMP:

====================

C:\Users\Frank\AppData\Local\Temp\.exe

C:\Users\Frank\AppData\Local\Temp\ApnStub.exe

C:\Users\Frank\AppData\Local\Temp\C407.exe

C:\Users\Frank\AppData\Local\Temp\converter.exe

C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe

C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe

C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe

C:\Users\Frank\AppData\Local\Temp\offercast.exe

C:\Users\Frank\AppData\Local\Temp\ose00000.exe

C:\Users\Frank\AppData\Local\Temp\RegAsm.exe

C:\Users\Frank\AppData\Local\Temp\setup.exe

C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe

C:\Users\Frank\AppData\Local\Temp\tmpA69.exe

C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe

C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe

C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe

C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe

C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe

C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe

C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe

C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll

[2010-11-20 19:24] - [2010-11-20 19:24] - 0520192 ____A (Microsoft Corporation) 968AFC005FD539EC6DF069294C42EA8B

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE Association (whitelisted) =============

==================== Restore Points =========================

Restore point made on: 2014-05-02 17:01:47

Restore point made on: 2014-05-03 09:37:38

Restore point made on: 2014-05-03 09:39:43

Restore point made on: 2014-05-03 09:41:50

Restore point made on: 2014-05-05 10:31:00

Restore point made on: 2014-05-06 10:55:03

Restore point made on: 2014-05-08 05:07:57

Restore point made on: 2014-05-14 16:18:38

Restore point made on: 2014-05-15 15:45:53

Restore point made on: 2014-05-23 02:17:52

Restore point made on: 2014-05-24 08:51:11

==================== Memory info ===========================

Percentage of memory in use: 17%

Total physical RAM: 3019.86 MB

Available physical RAM: 2480.9 MB

Total Pagefile: 3018.06 MB

Available Pagefile: 2464.2 MB

Total Virtual: 8192 MB

Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (TI106136W0E) (Fixed) (Total:285.15 GB) (Free:178.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive g: (BIG POPPA) (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 95469684)

Partition 1: (Active) - (Size=1 GB) - (Type=27)

Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=11 GB) - (Type=17)

========================================================

Disk: 2 (Size: 2 GB) (Disk ID: 91F72D24)

Partition 1: (Active) - (Size=2 GB) - (Type=06)

LastRegBack: 2014-04-30 15:52

==================== End Of Log ============================

#33
Dakeyras

Posted 06 June 2014 - 01:29 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Does indeed appear this machine is infected with similar to the other we worked upon.

Anyway carry out the below for myself please...

Custom FRST Scan:

Now please enter System Recovery Options on your infected machine again and then select Command Prompt.
Then run/launch FRST64 again as outlined in my prior post .
Type the following in the edit box after "Search:".

rpcss.dll

Click on the Search File(s) button/radio tab.
Once the search is complete a notepad file named Search.txt will be saved you your usb drive.
Post the contents of the aforementioned notepad file in your next reply.

#34
mjdevo31

Posted 06 June 2014 - 03:52 AM

Member

Topic Starter
Member
29 posts

Search txt. attached

Attached Files

Search.txt 999bytes 457 downloads

#35
Dakeyras

Posted 06 June 2014 - 02:13 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Search txt. attached

Thanks, though no real need to attach anything unless I request such.

Custom FRST Script:

Please download the attached fixlist.txt(see below) and save it to your USB Drive.

Now please enter System Recovery Options on the infected machine again and then select Command Prompt.
Run FRST64 again as outlined in my prior post and then press the Fix button just once and wait.
The tool will make a log on the USB Drive (Fixlog.txt). Please copy and paste the contents of the aforementioned notepad file in your next reply
Reboot the machine back into Normal Mode(if able).

Note: This above custom script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Next:

When completed the above, please post back the following in the order asked for:

Is your machine able to boot-up normally now or not ?
Fixlog Log from the Custom Script.

#36
mjdevo31

Posted 06 June 2014 - 08:05 PM

Member

Topic Starter
Member
29 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014

Ran by SYSTEM at 2014-06-06 22:04:09 Run:1

Running from G:\

Boot Mode: Recovery

==============================================

Content of fixlist:

*****************

HKLM\...\Run: [] => [X]

2014-05-24 16:22 - 2014-05-24 16:23 - 02066432 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-05-24 09:04 - 2014-05-24 09:04 - 00286093 _____ () C:\Users\Frank\Downloads\love (1).m4r

2014-05-22 17:13 - 2014-05-22 17:13 - 00013358 ____H () C:\Users\Frank\Desktop\~WRL2348.tmp

C:\Users\Frank\AppData\Local\Temp\.exe

C:\Users\Frank\AppData\Local\Temp\ApnStub.exe

C:\Users\Frank\AppData\Local\Temp\C407.exe

C:\Users\Frank\AppData\Local\Temp\converter.exe

C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe

C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe

C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe

C:\Users\Frank\AppData\Local\Temp\offercast.exe

C:\Users\Frank\AppData\Local\Temp\ose00000.exe

C:\Users\Frank\AppData\Local\Temp\RegAsm.exe

C:\Users\Frank\AppData\Local\Temp\setup.exe

C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe

C:\Users\Frank\AppData\Local\Temp\tmpA69.exe

C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe

C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe

C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe

C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe

C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe

C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe

C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe

C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe

Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll C:\Windows\System32\rpcss.dll

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.

C:\Users\Frank\Downloads\FRST64.exe => Moved successfully.

C:\Users\Frank\Downloads\love (1).m4r => Moved successfully.

C:\Users\Frank\Desktop\~WRL2348.tmp => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\ApnStub.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\C407.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\converter.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\DTLite4451-0236.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\DTLite4481-0347.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\NEW5D24.tmp.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\offercast.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\ose00000.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\RegAsm.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\setup.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmp32A4.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmpA69.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmpA6A.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmpCAD6.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmpE1A7.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\tmpED4A.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\UpdaterCopy.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\{2FDC85E2-AF64-44DF-B1AC-03764E4A45F5}-21.0.1180.60_20.0.1132.57_chrome_updater.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\{5E096AB7-16BD-437F-B64C-AB99B1F7B74C}-GoogleUpdateSetup.exe => Moved successfully.

C:\Users\Frank\AppData\Local\Temp\~SpUnin~.exe => Moved successfully.

C:\Windows\System32\rpcss.dll => Moved successfully.

C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll

==== End of Fixlog ====

#37
Dakeyras

Posted 07 June 2014 - 02:20 AM

Anti-Malware Mammoth

Expert
9,772 posts

Can your machine boot up successfully into Normal Mode or not ?

I have to point out, you rarely answer my questions and this does make it that much harder for myself to assist you.

#38
mjdevo31

Posted 07 June 2014 - 08:25 AM

Member

Topic Starter
Member
29 posts

Yes it does boot up, although the color of the desktop background is different.

#39
Dakeyras

Posted 07 June 2014 - 08:41 AM

Anti-Malware Mammoth

Expert
9,772 posts

Acknowledged, probably due to malware. Not a real cause for concern however and feel free to change it when I give the all clear.

Scan with TDSSKiller:

Please download TDSSKiller to the desktop.

Alternate download is here.

Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
When the main GUI(graphical user interface) window opens, click on Change Parameters
Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
Click on Start Scan, the scan will run.
When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
A Report will have been created by TDSSKiller in your root directory C:\
To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!

#40
mjdevo31

Posted 07 June 2014 - 06:25 PM

Member

Topic Starter
Member
29 posts

No threats found.

#41
Dakeyras

Posted 08 June 2014 - 11:44 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

No threats found.

Good, however I would still like to review the log. So please post it in your next reply.

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to your Desktop.

Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

Next:

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered ?
TDSSKIller Log.
Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

#42
mjdevo31

Posted 09 June 2014 - 07:22 PM

Member

Topic Starter
Member
29 posts

21:04:29.0902 0x1b0c TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54

21:04:33.0151 0x1b0c ============================================================

21:04:33.0151 0x1b0c Current date / time: 2014/06/09 21:04:33.0151

21:04:33.0151 0x1b0c SystemInfo:

21:04:33.0151 0x1b0c

21:04:33.0151 0x1b0c OS Version: 6.1.7601 ServicePack: 1.0

21:04:33.0151 0x1b0c Product type: Workstation

21:04:33.0151 0x1b0c ComputerName: FRANK-PC

21:04:33.0152 0x1b0c UserName: Frank

21:04:33.0152 0x1b0c Windows directory: C:\windows

21:04:33.0152 0x1b0c System windows directory: C:\windows

21:04:33.0152 0x1b0c Running under WOW64

21:04:33.0152 0x1b0c Processor architecture: Intel x64

21:04:33.0152 0x1b0c Number of processors: 4

21:04:33.0152 0x1b0c Page size: 0x1000

21:04:33.0152 0x1b0c Boot type: Normal boot

21:04:33.0152 0x1b0c ============================================================

21:04:33.0718 0x1b0c KLMD registered as C:\windows\system32\drivers\99569307.sys

21:04:34.0911 0x1b0c System UUID: {F5F4F827-2823-4A43-671F-ED465317CAB4}

21:04:36.0505 0x1b0c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:04:36.0518 0x1b0c ============================================================

21:04:36.0518 0x1b0c \Device\Harddisk0\DR0:

21:04:36.0518 0x1b0c MBR partitions:

21:04:36.0518 0x1b0c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23A4C800

21:04:36.0518 0x1b0c ============================================================

21:04:36.0558 0x1b0c C: <-> \Device\Harddisk0\DR0\Partition1

21:04:36.0558 0x1b0c ============================================================

21:04:36.0558 0x1b0c Initialize success

21:04:36.0558 0x1b0c ============================================================

21:04:53.0921 0x191c ============================================================

21:04:53.0921 0x191c Scan started

21:04:53.0921 0x191c Mode: Manual; SigCheck; TDLFS;

21:04:53.0921 0x191c ============================================================

21:04:53.0921 0x191c KSN ping started

21:04:58.0746 0x191c KSN ping finished: true

21:05:02.0827 0x191c ================ Scan system memory ========================

21:05:02.0827 0x191c System memory - ok

21:05:02.0828 0x191c ================ Scan services =============================

21:05:03.0387 0x191c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

21:05:03.0748 0x191c 1394ohci - ok

21:05:04.0165 0x191c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys

21:05:04.0257 0x191c ACPI - ok

21:05:04.0315 0x191c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

21:05:04.0423 0x191c AcpiPmi - ok

21:05:04.0705 0x191c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:05:04.0767 0x191c AdobeARMservice - ok

21:05:04.0931 0x191c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

21:05:05.0037 0x191c adp94xx - ok

21:05:05.0121 0x191c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys

21:05:05.0189 0x191c adpahci - ok

21:05:05.0334 0x191c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys

21:05:05.0391 0x191c adpu320 - ok

21:05:05.0495 0x191c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

21:05:06.0258 0x191c AeLookupSvc - ok

21:05:06.0446 0x191c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\windows\system32\drivers\afd.sys

21:05:06.0653 0x191c AFD - ok

21:05:06.0780 0x191c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys

21:05:06.0826 0x191c agp440 - ok

21:05:06.0956 0x191c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe

21:05:07.0131 0x191c ALG - ok

21:05:07.0301 0x191c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys

21:05:07.0343 0x191c aliide - ok

21:05:07.0419 0x191c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys

21:05:07.0473 0x191c amdide - ok

21:05:07.0570 0x191c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

21:05:07.0700 0x191c AmdK8 - ok

21:05:07.0742 0x191c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

21:05:07.0822 0x191c AmdPPM - ok

21:05:07.0895 0x191c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys

21:05:07.0953 0x191c amdsata - ok

21:05:08.0082 0x191c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys

21:05:08.0203 0x191c amdsbs - ok

21:05:08.0259 0x191c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys

21:05:08.0311 0x191c amdxata - ok

21:05:08.0425 0x191c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys

21:05:09.0423 0x191c AppID - ok

21:05:09.0472 0x191c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll

21:05:09.0619 0x191c AppIDSvc - ok

21:05:09.0751 0x191c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll

21:05:09.0867 0x191c Appinfo - ok

21:05:10.0100 0x191c [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:05:10.0206 0x191c Apple Mobile Device - ok

21:05:10.0238 0x191c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys

21:05:10.0288 0x191c arc - ok

21:05:10.0336 0x191c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys

21:05:10.0385 0x191c arcsas - ok

21:05:10.0693 0x191c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

21:05:10.0851 0x191c aspnet_state - ok

21:05:10.0939 0x191c astcc - ok

21:05:10.0961 0x191c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

21:05:11.0094 0x191c AsyncMac - ok

21:05:11.0151 0x191c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys

21:05:11.0194 0x191c atapi - ok

21:05:11.0513 0x191c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

21:05:11.0951 0x191c AudioEndpointBuilder - ok

21:05:12.0026 0x191c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll

21:05:12.0241 0x191c AudioSrv - ok

21:05:12.0362 0x191c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll

21:05:12.0594 0x191c AxInstSV - ok

21:05:12.0788 0x191c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

21:05:12.0947 0x191c b06bdrv - ok

21:05:13.0018 0x191c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

21:05:13.0140 0x191c b57nd60a - ok

21:05:13.0225 0x191c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll

21:05:13.0335 0x191c BDESVC - ok

21:05:13.0386 0x191c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys

21:05:13.0530 0x191c Beep - ok

21:05:13.0656 0x191c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll

21:05:14.0005 0x191c BFE - ok

21:05:14.0143 0x191c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll

21:05:14.0464 0x191c BITS - ok

21:05:14.0516 0x191c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

21:05:14.0585 0x191c blbdrive - ok

21:05:14.0767 0x191c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:05:14.0873 0x191c Bonjour Service - ok

21:05:14.0921 0x191c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys

21:05:15.0035 0x191c bowser - ok

21:05:15.0099 0x191c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

21:05:15.0154 0x191c BrFiltLo - ok

21:05:15.0237 0x191c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

21:05:15.0312 0x191c BrFiltUp - ok

21:05:15.0390 0x191c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll

21:05:15.0513 0x191c Browser - ok

21:05:15.0577 0x191c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys

21:05:15.0670 0x191c Brserid - ok

21:05:15.0850 0x191c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

21:05:15.0964 0x191c BrSerWdm - ok

21:05:16.0151 0x191c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

21:05:16.0328 0x191c BrUsbMdm - ok

21:05:16.0405 0x191c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

21:05:16.0548 0x191c BrUsbSer - ok

21:05:16.0608 0x191c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

21:05:16.0686 0x191c BTHMODEM - ok

21:05:16.0732 0x191c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll

21:05:16.0976 0x191c bthserv - ok

21:05:17.0164 0x191c [ 5E68928BA2412E60FF1C61441313CF8D, 9BB1E00C758000932F1AB63F86C1D3E588174B3E57756638BB65D59E11D07D1D ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

21:05:17.0251 0x191c ccEvtMgr - ok

21:05:17.0297 0x191c [ 5E68928BA2412E60FF1C61441313CF8D, 9BB1E00C758000932F1AB63F86C1D3E588174B3E57756638BB65D59E11D07D1D ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

21:05:17.0352 0x191c ccSetMgr - ok

21:05:17.0426 0x191c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

21:05:17.0685 0x191c cdfs - ok

21:05:17.0776 0x191c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

21:05:17.0905 0x191c cdrom - ok

21:05:18.0057 0x191c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll

21:05:18.0264 0x191c CertPropSvc - ok

21:05:18.0309 0x191c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys

21:05:18.0439 0x191c circlass - ok

21:05:18.0516 0x191c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys

21:05:18.0601 0x191c CLFS - ok

21:05:18.0953 0x191c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:05:19.0046 0x191c clr_optimization_v2.0.50727_32 - ok

21:05:19.0277 0x191c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:05:19.0452 0x191c clr_optimization_v2.0.50727_64 - ok

21:05:19.0802 0x191c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:05:20.0400 0x191c clr_optimization_v4.0.30319_32 - ok

21:05:20.0475 0x191c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:05:20.0896 0x191c clr_optimization_v4.0.30319_64 - ok

21:05:20.0943 0x191c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

21:05:21.0012 0x191c CmBatt - ok

21:05:21.0047 0x191c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys

21:05:21.0087 0x191c cmdide - ok

21:05:21.0305 0x191c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys

21:05:21.0435 0x191c CNG - ok

21:05:21.0875 0x191c [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys

21:05:22.0161 0x191c CnxtHdAudService - ok

21:05:22.0361 0x191c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys

21:05:22.0403 0x191c Compbatt - ok

21:05:22.0447 0x191c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

21:05:22.0536 0x191c CompositeBus - ok

21:05:22.0587 0x191c COMSysApp - ok

21:05:22.0703 0x191c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

21:05:22.0744 0x191c crcdisk - ok

21:05:22.0849 0x191c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll

21:05:23.0037 0x191c CryptSvc - ok

21:05:23.0407 0x191c [ BA25D4B9B067248F7CAC416E855D706B, EB00FEC005863284D25AC708CEF65D945A1599801A3FDE4B992C1AD4593E2036 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys

21:05:23.0452 0x191c dc3d - ok

21:05:23.0581 0x191c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll

21:05:23.0979 0x191c DcomLaunch - ok

21:05:24.0178 0x191c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll

21:05:24.0364 0x191c defragsvc - ok

21:05:24.0456 0x191c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys

21:05:24.0594 0x191c DfsC - ok

21:05:24.0678 0x191c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll

21:05:24.0870 0x191c Dhcp - ok

21:05:24.0983 0x191c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys

21:05:25.0201 0x191c discache - ok

21:05:25.0327 0x191c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys

21:05:25.0404 0x191c Disk - ok

21:05:25.0472 0x191c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll

21:05:25.0621 0x191c Dnscache - ok

21:05:25.0673 0x191c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll

21:05:25.0816 0x191c dot3svc - ok

21:05:25.0876 0x191c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll

21:05:26.0097 0x191c DPS - ok

21:05:26.0209 0x191c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

21:05:26.0297 0x191c drmkaud - ok

21:05:26.0523 0x191c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

21:05:26.0813 0x191c DXGKrnl - ok

21:05:26.0887 0x191c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll

21:05:27.0048 0x191c EapHost - ok

21:05:27.0898 0x191c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys

21:05:28.0338 0x191c ebdrv - ok

21:05:28.0475 0x191c [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

21:05:28.0550 0x191c eeCtrl - ok

21:05:28.0640 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe

21:05:28.0805 0x191c EFS - ok

21:05:29.0062 0x191c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe

21:05:29.0316 0x191c ehRecvr - ok

21:05:29.0409 0x191c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe

21:05:29.0498 0x191c ehSched - ok

21:05:29.0642 0x191c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys

21:05:29.0774 0x191c elxstor - ok

21:05:29.0840 0x191c [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:05:29.0947 0x191c EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )

21:05:32.0855 0x191c Detect skipped due to KSN trusted

21:05:32.0855 0x191c EraserUtilRebootDrv - ok

21:05:32.0882 0x191c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys

21:05:32.0996 0x191c ErrDev - ok

21:05:33.0201 0x191c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll

21:05:33.0453 0x191c EventSystem - ok

21:05:33.0485 0x191c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys

21:05:33.0611 0x191c exfat - ok

21:05:33.0763 0x191c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys

21:05:33.0974 0x191c fastfat - ok

21:05:34.0073 0x191c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe

21:05:34.0264 0x191c Fax - ok

21:05:34.0307 0x191c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys

21:05:34.0382 0x191c fdc - ok

21:05:34.0424 0x191c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll

21:05:34.0575 0x191c fdPHost - ok

21:05:34.0619 0x191c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll

21:05:34.0782 0x191c FDResPub - ok

21:05:34.0829 0x191c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys

21:05:34.0878 0x191c FileInfo - ok

21:05:34.0954 0x191c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys

21:05:35.0163 0x191c Filetrace - ok

21:05:35.0179 0x191c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys

21:05:35.0227 0x191c flpydisk - ok

21:05:35.0401 0x191c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

21:05:35.0472 0x191c FltMgr - ok

21:05:35.0866 0x191c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll

21:05:36.0169 0x191c FontCache - ok

21:05:36.0278 0x191c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:05:36.0343 0x191c FontCache3.0.0.0 - ok

21:05:36.0373 0x191c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys

21:05:36.0417 0x191c FsDepends - ok

21:05:36.0515 0x191c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

21:05:36.0563 0x191c Fs_Rec - ok

21:05:36.0664 0x191c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

21:05:36.0761 0x191c fvevol - ok

21:05:36.0935 0x191c [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys

21:05:37.0015 0x191c FwLnk - ok

21:05:37.0160 0x191c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

21:05:37.0206 0x191c gagp30kx - ok

21:05:37.0491 0x191c [ CFD54D70F76E84E1E737AE1140FBC5C0, 29B71794842FDFEC1512EAD8E298E2D0568E062A119141F7C309CC8910C6BA9C ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

21:05:37.0583 0x191c Garmin Core Update Service - ok

21:05:37.0675 0x191c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys

21:05:37.0711 0x191c GEARAspiWDM - ok

21:05:37.0813 0x191c [ 6D1180296D2B3CBDC9D29B035479259C, 9CB6B911E95C9CBE84AAA98C61B71CC48D6DA8CEB08B527E9F5D6FF37B928A69 ] GemCCID C:\windows\system32\Drivers\GemCCID.sys

21:05:37.0914 0x191c GemCCID - ok

21:05:38.0182 0x191c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll

21:05:38.0547 0x191c gpsvc - ok

21:05:38.0793 0x191c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:05:38.0848 0x191c gupdate - ok

21:05:38.0915 0x191c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:05:38.0980 0x191c gupdatem - ok

21:05:39.0118 0x191c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

21:05:39.0174 0x191c gusvc - ok

21:05:39.0228 0x191c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

21:05:39.0513 0x191c hcw85cir - ok

21:05:39.0634 0x191c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

21:05:39.0746 0x191c HdAudAddService - ok

21:05:39.0809 0x191c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

21:05:39.0869 0x191c HDAudBus - ok

21:05:39.0936 0x191c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys

21:05:40.0000 0x191c HidBatt - ok

21:05:40.0131 0x191c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys

21:05:40.0211 0x191c HidBth - ok

21:05:40.0346 0x191c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys

21:05:40.0402 0x191c HidIr - ok

21:05:40.0445 0x191c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll

21:05:40.0602 0x191c hidserv - ok

21:05:40.0711 0x191c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

21:05:40.0773 0x191c HidUsb - ok

21:05:40.0885 0x191c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll

21:05:41.0066 0x191c hkmsvc - ok

21:05:41.0118 0x191c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll

21:05:41.0275 0x191c HomeGroupListener - ok

21:05:41.0435 0x191c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll

21:05:41.0539 0x191c HomeGroupProvider - ok

21:05:41.0676 0x191c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

21:05:41.0731 0x191c HpSAMD - ok

21:05:41.0859 0x191c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys

21:05:42.0168 0x191c HTTP - ok

21:05:42.0247 0x191c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

21:05:42.0291 0x191c hwpolicy - ok

21:05:42.0418 0x191c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

21:05:42.0471 0x191c i8042prt - ok

21:05:42.0591 0x191c [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

21:05:42.0664 0x191c iaStor - ok

21:05:42.0743 0x191c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

21:05:42.0829 0x191c iaStorV - ok

21:05:42.0909 0x191c [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

21:05:42.0970 0x191c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

21:05:45.0727 0x191c Detect skipped due to KSN trusted

21:05:45.0727 0x191c IDriverT - ok

21:05:45.0913 0x191c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:05:46.0094 0x191c idsvc - ok

21:05:46.0116 0x191c IEEtwCollectorService - ok

21:05:47.0530 0x191c [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550DC3AED07A02030 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

21:05:48.0873 0x191c igfx - ok

21:05:49.0046 0x191c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys

21:05:49.0090 0x191c iirsp - ok

21:05:49.0237 0x191c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll

21:05:49.0483 0x191c IKEEXT - ok

21:05:49.0554 0x191c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys

21:05:49.0597 0x191c intelide - ok

21:05:49.0779 0x191c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

21:05:49.0947 0x191c intelppm - ok

21:05:50.0077 0x191c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll

21:05:50.0229 0x191c IPBusEnum - ok

21:05:50.0304 0x191c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

21:05:50.0414 0x191c IpFilterDriver - ok

21:05:50.0526 0x191c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll

21:05:50.0910 0x191c iphlpsvc - ok

21:05:50.0951 0x191c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

21:05:51.0030 0x191c IPMIDRV - ok

21:05:51.0129 0x191c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys

21:05:51.0376 0x191c IPNAT - ok

21:05:51.0511 0x191c [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:05:51.0622 0x191c iPod Service - ok

21:05:51.0680 0x191c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys

21:05:51.0801 0x191c IRENUM - ok

21:05:51.0930 0x191c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys

21:05:51.0973 0x191c isapnp - ok

21:05:52.0046 0x191c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

21:05:52.0108 0x191c iScsiPrt - ok

21:05:52.0199 0x191c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

21:05:52.0246 0x191c kbdclass - ok

21:05:52.0327 0x191c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

21:05:52.0472 0x191c kbdhid - ok

21:05:52.0573 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe

21:05:52.0621 0x191c KeyIso - ok

21:05:52.0677 0x191c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

21:05:52.0725 0x191c KSecDD - ok

21:05:52.0833 0x191c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

21:05:52.0890 0x191c KSecPkg - ok

21:05:52.0962 0x191c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys

21:05:53.0173 0x191c ksthunk - ok

21:05:53.0347 0x191c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll

21:05:53.0574 0x191c KtmRm - ok

21:05:53.0708 0x191c [ 045FB70BC993B691517CE309045FF02D, DF8D4755DB8440999CAABE1B25181D76342E0F79D9979A0600ECCAFA60E4130D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys

21:05:53.0750 0x191c L1C - ok

21:05:53.0832 0x191c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll

21:05:54.0015 0x191c LanmanServer - ok

21:05:54.0277 0x191c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

21:05:54.0505 0x191c LanmanWorkstation - ok

21:05:54.0968 0x191c [ 6105B28F5D03C4AFFA7197B228768849, 2CD17178816100DBAFEFCD940DF8D012CDADC78C278835DEADB8D5F6BC0FC11A ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE

21:05:55.0346 0x191c LiveUpdate - ok

21:05:55.0407 0x191c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

21:05:55.0521 0x191c lltdio - ok

21:05:55.0584 0x191c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll

21:05:55.0913 0x191c lltdsvc - ok

21:05:55.0959 0x191c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll

21:05:56.0128 0x191c lmhosts - ok

21:05:56.0323 0x191c [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

21:05:56.0454 0x191c LMS - ok

21:05:56.0557 0x191c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

21:05:56.0607 0x191c LSI_FC - ok

21:05:56.0695 0x191c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

21:05:56.0748 0x191c LSI_SAS - ok

21:05:56.0817 0x191c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

21:05:56.0867 0x191c LSI_SAS2 - ok

21:05:56.0898 0x191c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

21:05:56.0951 0x191c LSI_SCSI - ok

21:05:57.0017 0x191c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys

21:05:57.0162 0x191c luafv - ok

21:05:57.0230 0x191c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

21:05:57.0299 0x191c Mcx2Svc - ok

21:05:57.0364 0x191c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys

21:05:57.0411 0x191c megasas - ok

21:05:57.0481 0x191c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

21:05:57.0543 0x191c MegaSR - ok

21:05:57.0595 0x191c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

21:05:57.0627 0x191c MEIx64 - ok

21:05:57.0832 0x191c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll

21:05:58.0033 0x191c MMCSS - ok

21:05:58.0111 0x191c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys

21:05:58.0259 0x191c Modem - ok

21:05:58.0290 0x191c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys

21:05:58.0356 0x191c monitor - ok

21:05:58.0478 0x191c [ EB03D4164E7F10B601D280413655ADE4, 5C35A13962567FA6C886A8E4DD32D494294176AE5A0EE3E3E9A954C9419624F7 ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys

21:05:58.0538 0x191c MotioninJoyXFilter - ok

21:05:58.0609 0x191c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

21:05:58.0654 0x191c mouclass - ok

21:05:58.0760 0x191c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

21:05:58.0837 0x191c mouhid - ok

21:05:58.0901 0x191c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys

21:05:58.0950 0x191c mountmgr - ok

21:05:58.0998 0x191c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys

21:05:59.0054 0x191c mpio - ok

21:05:59.0139 0x191c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

21:05:59.0269 0x191c mpsdrv - ok

21:05:59.0408 0x191c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll

21:05:59.0794 0x191c MpsSvc - ok

21:05:59.0888 0x191c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

21:05:59.0980 0x191c MRxDAV - ok

21:06:00.0027 0x191c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

21:06:00.0235 0x191c mrxsmb - ok

21:06:00.0384 0x191c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

21:06:00.0488 0x191c mrxsmb10 - ok

21:06:00.0539 0x191c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

21:06:00.0616 0x191c mrxsmb20 - ok

21:06:00.0671 0x191c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys

21:06:00.0714 0x191c msahci - ok

21:06:00.0814 0x191c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys

21:06:00.0868 0x191c msdsm - ok

21:06:00.0945 0x191c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe

21:06:01.0076 0x191c MSDTC - ok

21:06:01.0220 0x191c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys

21:06:01.0329 0x191c Msfs - ok

21:06:01.0367 0x191c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

21:06:01.0478 0x191c mshidkmdf - ok

21:06:01.0514 0x191c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys

21:06:01.0557 0x191c msisadrv - ok

21:06:01.0651 0x191c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll

21:06:01.0812 0x191c MSiSCSI - ok

21:06:01.0821 0x191c msiserver - ok

21:06:01.0928 0x191c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

21:06:02.0049 0x191c MSKSSRV - ok

21:06:02.0123 0x191c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

21:06:02.0229 0x191c MSPCLOCK - ok

21:06:02.0290 0x191c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys

21:06:02.0406 0x191c MSPQM - ok

21:06:02.0524 0x191c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

21:06:02.0600 0x191c MsRPC - ok

21:06:02.0686 0x191c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

21:06:02.0727 0x191c mssmbios - ok

21:06:02.0832 0x191c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys

21:06:03.0037 0x191c MSTEE - ok

21:06:03.0079 0x191c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys

21:06:03.0204 0x191c MTConfig - ok

21:06:03.0293 0x191c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys

21:06:03.0350 0x191c Mup - ok

21:06:03.0416 0x191c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll

21:06:03.0620 0x191c napagent - ok

21:06:03.0702 0x191c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

21:06:03.0869 0x191c NativeWifiP - ok

21:06:04.0154 0x191c [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140608.019\ENG64.SYS

21:06:04.0200 0x191c NAVENG - ok

21:06:05.0071 0x191c [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20140608.019\EX64.SYS

21:06:05.0270 0x191c NAVEX15 - ok

21:06:05.0598 0x191c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys

21:06:05.0807 0x191c NDIS - ok

21:06:05.0858 0x191c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

21:06:06.0019 0x191c NdisCap - ok

21:06:06.0048 0x191c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

21:06:06.0174 0x191c NdisTapi - ok

21:06:06.0282 0x191c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

21:06:06.0529 0x191c Ndisuio - ok

21:06:06.0605 0x191c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

21:06:06.0754 0x191c NdisWan - ok

21:06:06.0796 0x191c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

21:06:06.0935 0x191c NDProxy - ok

21:06:07.0091 0x191c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

21:06:07.0219 0x191c NetBIOS - ok

21:06:07.0277 0x191c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

21:06:07.0413 0x191c NetBT - ok

21:06:07.0485 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe

21:06:07.0533 0x191c Netlogon - ok

21:06:07.0754 0x191c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll

21:06:07.0941 0x191c Netman - ok

21:06:08.0142 0x191c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:06:08.0255 0x191c NetMsmqActivator - ok

21:06:08.0342 0x191c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:06:08.0397 0x191c NetPipeActivator - ok

21:06:08.0526 0x191c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll

21:06:08.0734 0x191c netprofm - ok

21:06:08.0842 0x191c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:06:08.0911 0x191c NetTcpActivator - ok

21:06:08.0927 0x191c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:06:08.0986 0x191c NetTcpPortSharing - ok

21:06:09.0066 0x191c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

21:06:09.0110 0x191c nfrd960 - ok

21:06:09.0190 0x191c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll

21:06:09.0322 0x191c NlaSvc - ok

21:06:09.0357 0x191c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys

21:06:09.0472 0x191c Npfs - ok

21:06:09.0538 0x191c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll

21:06:09.0700 0x191c nsi - ok

21:06:09.0769 0x191c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

21:06:09.0875 0x191c nsiproxy - ok

21:06:10.0143 0x191c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

21:06:10.0379 0x191c Ntfs - ok

21:06:10.0430 0x191c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys

21:06:10.0533 0x191c Null - ok

21:06:10.0583 0x191c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys

21:06:10.0635 0x191c nvraid - ok

21:06:10.0695 0x191c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys

21:06:10.0749 0x191c nvstor - ok

21:06:10.0802 0x191c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys

21:06:10.0855 0x191c nv_agp - ok

21:06:10.0907 0x191c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

21:06:10.0957 0x191c ohci1394 - ok

21:06:11.0119 0x191c [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:06:11.0251 0x191c ose64 - ok

21:06:12.0465 0x191c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:06:12.0929 0x191c osppsvc - ok

21:06:13.0127 0x191c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll

21:06:13.0295 0x191c p2pimsvc - ok

21:06:13.0396 0x191c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll

21:06:13.0502 0x191c p2psvc - ok

21:06:13.0577 0x191c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys

21:06:13.0632 0x191c Parport - ok

21:06:13.0750 0x191c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys

21:06:13.0867 0x191c partmgr - ok

21:06:13.0913 0x191c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll

21:06:14.0099 0x191c PcaSvc - ok

21:06:14.0184 0x191c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys

21:06:14.0249 0x191c pci - ok

21:06:14.0310 0x191c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys

21:06:14.0350 0x191c pciide - ok

21:06:14.0470 0x191c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys

21:06:14.0530 0x191c pcmcia - ok

21:06:14.0576 0x191c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys

21:06:14.0620 0x191c pcw - ok

21:06:14.0771 0x191c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys

21:06:15.0003 0x191c PEAUTH - ok

21:06:15.0192 0x191c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe

21:06:15.0375 0x191c PerfHost - ok

21:06:15.0479 0x191c [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys

21:06:15.0518 0x191c PGEffect - ok

21:06:15.0694 0x191c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll

21:06:16.0188 0x191c pla - ok

21:06:16.0364 0x191c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll

21:06:16.0551 0x191c PlugPlay - ok

21:06:16.0711 0x191c [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm C:\windows\system32\DRIVERS\pnetmdm64.sys

21:06:16.0786 0x191c pnetmdm - ok

21:06:16.0843 0x191c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

21:06:16.0927 0x191c PNRPAutoReg - ok

21:06:17.0039 0x191c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll

21:06:17.0112 0x191c PNRPsvc - ok

21:06:17.0169 0x191c [ 34A8FAE065249F85A67A3215FF5ECB34, 913297755C1046BA004E79660B7DA5BBE5E92B96AAA83D78AE3FF379371950D5 ] Point64 C:\windows\system32\DRIVERS\point64.sys

21:06:17.0214 0x191c Point64 - ok

21:06:17.0441 0x191c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

21:06:17.0809 0x191c PolicyAgent - ok

21:06:17.0913 0x191c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll

21:06:18.0120 0x191c Power - ok

21:06:18.0263 0x191c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

21:06:18.0415 0x191c PptpMiniport - ok

21:06:18.0505 0x191c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys

21:06:18.0588 0x191c Processor - ok

21:06:18.0668 0x191c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll

21:06:18.0796 0x191c ProfSvc - ok

21:06:18.0841 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe

21:06:18.0889 0x191c ProtectedStorage - ok

21:06:18.0974 0x191c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys

21:06:19.0139 0x191c Psched - ok

21:06:19.0358 0x191c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys

21:06:19.0549 0x191c ql2300 - ok

21:06:19.0687 0x191c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys

21:06:19.0738 0x191c ql40xx - ok

21:06:19.0855 0x191c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll

21:06:19.0955 0x191c QWAVE - ok

21:06:19.0978 0x191c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

21:06:20.0056 0x191c QWAVEdrv - ok

21:06:20.0096 0x191c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

21:06:20.0338 0x191c RasAcd - ok

21:06:20.0497 0x191c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

21:06:20.0609 0x191c RasAgileVpn - ok

21:06:20.0669 0x191c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll

21:06:20.0857 0x191c RasAuto - ok

21:06:20.0892 0x191c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

21:06:21.0039 0x191c Rasl2tp - ok

21:06:21.0143 0x191c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll

21:06:21.0340 0x191c RasMan - ok

21:06:21.0391 0x191c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

21:06:21.0537 0x191c RasPppoe - ok

21:06:21.0655 0x191c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

21:06:21.0781 0x191c RasSstp - ok

21:06:21.0882 0x191c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

21:06:22.0076 0x191c rdbss - ok

21:06:22.0132 0x191c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys

21:06:22.0253 0x191c rdpbus - ok

21:06:22.0314 0x191c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

21:06:22.0435 0x191c RDPCDD - ok

21:06:22.0572 0x191c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

21:06:22.0717 0x191c RDPENCDD - ok

21:06:22.0756 0x191c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

21:06:22.0862 0x191c RDPREFMP - ok

21:06:22.0950 0x191c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

21:06:23.0042 0x191c RDPWD - ok

21:06:23.0168 0x191c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys

21:06:23.0225 0x191c rdyboost - ok

21:06:23.0383 0x191c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll

21:06:23.0517 0x191c RemoteAccess - ok

21:06:23.0642 0x191c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll

21:06:23.0767 0x191c RemoteRegistry - ok

21:06:23.0831 0x191c [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys

21:06:23.0967 0x191c RimUsb - ok

21:06:24.0028 0x191c [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys

21:06:24.0150 0x191c ROOTMODEM - ok

21:06:24.0320 0x191c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

21:06:24.0499 0x191c RpcEptMapper - ok

21:06:24.0630 0x191c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe

21:06:24.0692 0x191c RpcLocator - ok

21:06:24.0794 0x191c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll

21:06:24.0947 0x191c RpcSs - ok

21:06:25.0065 0x191c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

21:06:25.0178 0x191c rspndr - ok

21:06:25.0343 0x191c [ 0E3DCF76F11DC431B088A2DFD7265CDA, 7FCC8A9C28B8B2E9EC6AB9FFF7354929838134F61DB9D5BB96C5F6A7ABDC6B6A ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys

21:06:25.0440 0x191c RSUSBSTOR - ok

21:06:25.0591 0x191c [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys

21:06:25.0797 0x191c RTL8192Ce - ok

21:06:25.0896 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe

21:06:25.0954 0x191c SamSs - ok

21:06:26.0047 0x191c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys

21:06:26.0096 0x191c sbp2port - ok

21:06:26.0173 0x191c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll

21:06:26.0316 0x191c SCardSvr - ok

21:06:26.0342 0x191c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

21:06:26.0502 0x191c scfilter - ok

21:06:26.0668 0x191c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll

21:06:27.0208 0x191c Schedule - ok

21:06:27.0291 0x191c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll

21:06:27.0401 0x191c SCPolicySvc - ok

21:06:27.0546 0x191c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll

21:06:27.0705 0x191c SDRSVC - ok

21:06:27.0771 0x191c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys

21:06:27.0948 0x191c secdrv - ok

21:06:28.0016 0x191c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll

21:06:28.0149 0x191c seclogon - ok

21:06:28.0204 0x191c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll

21:06:28.0379 0x191c SENS - ok

21:06:28.0506 0x191c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll

21:06:28.0608 0x191c SensrSvc - ok

21:06:28.0653 0x191c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys

21:06:28.0753 0x191c Serenum - ok

21:06:28.0870 0x191c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys

21:06:28.0959 0x191c Serial - ok

21:06:29.0101 0x191c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys

21:06:29.0148 0x191c sermouse - ok

21:06:29.0218 0x191c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll

21:06:29.0407 0x191c SessionEnv - ok

21:06:29.0435 0x191c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys

21:06:29.0548 0x191c sffdisk - ok

21:06:29.0622 0x191c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

21:06:29.0741 0x191c sffp_mmc - ok

21:06:29.0779 0x191c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

21:06:29.0860 0x191c sffp_sd - ok

21:06:29.0969 0x191c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

21:06:30.0087 0x191c sfloppy - ok

21:06:30.0176 0x191c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll

21:06:30.0365 0x191c SharedAccess - ok

21:06:30.0446 0x191c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll

21:06:30.0623 0x191c ShellHWDetection - ok

21:06:30.0659 0x191c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

21:06:30.0703 0x191c SiSRaid2 - ok

21:06:30.0757 0x191c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

21:06:30.0805 0x191c SiSRaid4 - ok

21:06:31.0002 0x191c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

21:06:31.0283 0x191c SkypeUpdate - ok

21:06:31.0338 0x191c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys

21:06:31.0577 0x191c Smb - ok

21:06:32.0491 0x191c [ 48BFC901748A6CBDBCADD7991C867060, B4CA27CDEA5AF1C21B23BB658DF3CFB856EF55CCC4633CE6021652DB3CB59AF1 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

21:06:32.0898 0x191c SmcService - ok

21:06:33.0025 0x191c [ 767DE5FFE38B673C03551F50D96EBA0B, F9ACF6B6352A8F0DFC11F187013831514F8C64816381BEE0495AA279A46EC7F4 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE

21:06:33.0094 0x191c SNAC - ok

21:06:33.0415 0x191c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe

21:06:33.0473 0x191c SNMPTRAP - ok

21:06:33.0634 0x191c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys

21:06:33.0679 0x191c spldr - ok

21:06:33.0780 0x191c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe

21:06:33.0900 0x191c Spooler - ok

21:06:34.0349 0x191c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe

21:06:35.0187 0x191c sppsvc - ok

21:06:35.0234 0x191c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll

21:06:35.0348 0x191c sppuinotify - ok

21:06:35.0416 0x191c [ B531FC8918DCDAAE638511A123C3465E, 298B802248F2EE093FFC6291559087633BE68939B224ED99CB3C5406C2F08ED6 ] SRTSP C:\windows\system32\Drivers\SRTSP64.SYS

21:06:35.0511 0x191c SRTSP - ok

21:06:35.0579 0x191c [ 2BD3A73D0601320B72486FC3EBC2544F, 50677898DB77F95A4E7AF40902B9E0B1D85C7B66E1588562FE9C8EB074001EB3 ] SRTSPL C:\windows\system32\Drivers\SRTSPL64.SYS

21:06:35.0659 0x191c SRTSPL - ok

21:06:35.0703 0x191c [ 529B337C1AEEB289F0B502EB0EE6A8F5, 2D042B520A5A0BAE912A9F06E27DB6F8F8EC24F6F21C549DF81748CAF5D74FE1 ] SRTSPX C:\windows\system32\Drivers\SRTSPX64.SYS

21:06:35.0748 0x191c SRTSPX - ok

21:06:35.0827 0x191c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys

21:06:36.0091 0x191c srv - ok

21:06:36.0270 0x191c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

21:06:36.0480 0x191c srv2 - ok

21:06:36.0535 0x191c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

21:06:36.0611 0x191c srvnet - ok

21:06:36.0719 0x191c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

21:06:36.0871 0x191c SSDPSRV - ok

21:06:36.0959 0x191c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll

21:06:37.0098 0x191c SstpSvc - ok

21:06:37.0154 0x191c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys

21:06:37.0197 0x191c stexstor - ok

21:06:37.0383 0x191c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys

21:06:37.0517 0x191c StillCam - ok

21:06:37.0759 0x191c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll

21:06:37.0905 0x191c stisvc - ok

21:06:37.0997 0x191c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys

21:06:38.0039 0x191c swenum - ok

21:06:38.0100 0x191c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll

21:06:38.0294 0x191c swprv - ok

21:06:38.0709 0x191c [ D880FBD65B6F4885AC89628225B91398, BB5B35D663772C1BC66E1705B2FEC21A23D26F51FCBA8227F0C3C6DEE4BDF6AB ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

21:06:38.0989 0x191c Symantec AntiVirus - ok

21:06:39.0133 0x191c [ D1F1A5E72E33D6BE449F5F1F4A513DD1, 10B80C6D6379F2D2D9D05BA5F822637C2C3C39621F88849CBD2625737B781832 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS

21:06:39.0176 0x191c SymEvent - ok

21:06:39.0296 0x191c [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

21:06:39.0359 0x191c SynTP - ok

21:06:39.0680 0x191c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll

21:06:40.0072 0x191c SysMain - ok

21:06:40.0153 0x191c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll

21:06:40.0262 0x191c TabletInputService - ok

21:06:40.0348 0x191c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll

21:06:40.0515 0x191c TapiSrv - ok

21:06:40.0608 0x191c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll

21:06:40.0723 0x191c TBS - ok

21:06:41.0158 0x191c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\windows\system32\drivers\tcpip.sys

21:06:41.0383 0x191c Tcpip - ok

21:06:41.0680 0x191c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

21:06:41.0868 0x191c TCPIP6 - ok

21:06:41.0947 0x191c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

21:06:42.0001 0x191c tcpipreg - ok

21:06:42.0072 0x191c [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

21:06:42.0112 0x191c tdcmdpst - ok

21:06:42.0216 0x191c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

21:06:42.0302 0x191c TDPIPE - ok

21:06:42.0394 0x191c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

21:06:42.0486 0x191c TDTCP - ok

21:06:42.0605 0x191c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys

21:06:42.0720 0x191c tdx - ok

21:06:42.0752 0x191c [ EF6CCF8B483201F7196D83FC136FA43A, FC5BD00C0CCE73AE0CC703040B2524775FCBA2702DE0B0CD0450F2D68245725C ] Teefer2 C:\windows\system32\DRIVERS\teefer2.sys

21:06:42.0792 0x191c Teefer2 - ok

21:06:42.0851 0x191c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys

21:06:42.0895 0x191c TermDD - ok

21:06:43.0012 0x191c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll

21:06:43.0254 0x191c TermService - ok

21:06:43.0295 0x191c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll

21:06:43.0373 0x191c Themes - ok

21:06:43.0488 0x191c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll

21:06:43.0607 0x191c THREADORDER - ok

21:06:43.0730 0x191c [ 83E91963C4452BE6899503CF9EBFD3ED, 0121415C3FEDF030A73A43D5A8DCF44C077655B0E758F2ABBBDD4079743EF115 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

21:06:43.0842 0x191c TMachInfo - ok

21:06:43.0937 0x191c [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\windows\system32\TODDSrv.exe

21:06:44.0029 0x191c TODDSrv - ok

21:06:44.0234 0x191c [ CDC97FA5C42B07FB0D4600E17C32F582, 1801964D228E03FF72D01E714ECE76D3040DD89B8FE828821CF999E6CB455F53 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

21:06:44.0332 0x191c TosCoSrv - ok

21:06:44.0462 0x191c [ EDB4B432DB13EA3D1EB2356310D33263, C587155A73AE282545A1A646740BD8E56DFD3D2F231B484469D691401354A245 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

21:06:44.0529 0x191c TOSHIBA HDD SSD Alert Service - ok

21:06:44.0874 0x191c [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys

21:06:45.0026 0x191c tos_sps64 - ok

21:06:45.0126 0x191c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll

21:06:45.0298 0x191c TrkWks - ok

21:06:45.0451 0x191c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

21:06:45.0573 0x191c TrustedInstaller - ok

21:06:45.0633 0x191c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

21:06:45.0713 0x191c tssecsrv - ok

21:06:45.0762 0x191c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

21:06:45.0874 0x191c TsUsbFlt - ok

21:06:45.0948 0x191c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

21:06:46.0024 0x191c TsUsbGD - ok

21:06:46.0111 0x191c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

21:06:46.0266 0x191c tunnel - ok

21:06:46.0412 0x191c [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

21:06:46.0448 0x191c TVALZ - ok

21:06:46.0606 0x191c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys

21:06:46.0651 0x191c uagp35 - ok

21:06:46.0714 0x191c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys

21:06:46.0964 0x191c udfs - ok

21:06:47.0011 0x191c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe

21:06:47.0058 0x191c UI0Detect - ok

21:06:47.0200 0x191c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

21:06:47.0252 0x191c uliagpkx - ok

21:06:47.0310 0x191c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys

21:06:47.0426 0x191c umbus - ok

21:06:47.0553 0x191c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys

21:06:47.0660 0x191c UmPass - ok

21:06:48.0334 0x191c [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

21:06:49.0004 0x191c UNS - ok

21:06:49.0110 0x191c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll

21:06:49.0320 0x191c upnphost - ok

21:06:49.0386 0x191c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys

21:06:49.0468 0x191c USBAAPL64 - ok

21:06:49.0581 0x191c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

21:06:49.0707 0x191c usbccgp - ok

21:06:49.0789 0x191c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys

21:06:50.0012 0x191c usbcir - ok

21:06:50.0060 0x191c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys

21:06:50.0123 0x191c usbehci - ok

21:06:50.0321 0x191c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

21:06:50.0430 0x191c usbhub - ok

21:06:50.0471 0x191c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys

21:06:50.0599 0x191c usbohci - ok

21:06:50.0674 0x191c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

21:06:50.0749 0x191c usbprint - ok

21:06:50.0831 0x191c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

21:06:50.0974 0x191c usbscan - ok

21:06:51.0062 0x191c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

21:06:51.0302 0x191c USBSTOR - ok

21:06:51.0535 0x191c [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\windows\system32\DRIVERS\tinspusb.sys

21:06:51.0623 0x191c USBTINSP - ok

21:06:51.0665 0x191c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys

21:06:51.0751 0x191c usbuhci - ok

21:06:51.0842 0x191c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

21:06:52.0031 0x191c usbvideo - ok

21:06:52.0095 0x191c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll

21:06:52.0247 0x191c UxSms - ok

21:06:52.0330 0x191c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe

21:06:52.0390 0x191c VaultSvc - ok

21:06:52.0510 0x191c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

21:06:52.0554 0x191c vdrvroot - ok

21:06:52.0627 0x191c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe

21:06:52.0847 0x191c vds - ok

21:06:52.0889 0x191c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys

21:06:52.0944 0x191c vga - ok

21:06:53.0002 0x191c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys

21:06:53.0123 0x191c VgaSave - ok

21:06:53.0161 0x191c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys

21:06:53.0221 0x191c vhdmp - ok

21:06:53.0328 0x191c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys

21:06:53.0369 0x191c viaide - ok

21:06:53.0420 0x191c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys

21:06:53.0466 0x191c volmgr - ok

21:06:53.0558 0x191c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys

21:06:53.0630 0x191c volmgrx - ok

21:06:53.0803 0x191c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys

21:06:53.0883 0x191c volsnap - ok

21:06:53.0967 0x191c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys

21:06:54.0022 0x191c vsmraid - ok

21:06:54.0259 0x191c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe

21:06:54.0894 0x191c VSS - ok

21:06:54.0947 0x191c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

21:06:55.0078 0x191c vwifibus - ok

21:06:55.0162 0x191c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

21:06:55.0242 0x191c vwififlt - ok

21:06:55.0349 0x191c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

21:06:55.0407 0x191c vwifimp - ok

21:06:55.0545 0x191c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll

21:06:55.0791 0x191c W32Time - ok

21:06:55.0853 0x191c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys

21:06:55.0909 0x191c WacomPen - ok

21:06:55.0956 0x191c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

21:06:56.0191 0x191c WANARP - ok

21:06:56.0323 0x191c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

21:06:56.0434 0x191c Wanarpv6 - ok

21:06:56.0684 0x191c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

21:06:57.0007 0x191c WatAdminSvc - ok

21:06:57.0207 0x191c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe

21:06:57.0653 0x191c wbengine - ok

21:06:57.0725 0x191c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll

21:06:57.0801 0x191c WbioSrvc - ok

21:06:57.0891 0x191c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll

21:06:58.0003 0x191c wcncsvc - ok

21:06:58.0055 0x191c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

21:06:58.0095 0x191c WcsPlugInService - ok

21:06:58.0130 0x191c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys

21:06:58.0165 0x191c Wd - ok

21:06:58.0289 0x191c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

21:06:58.0385 0x191c Wdf01000 - ok

21:06:58.0493 0x191c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll

21:06:58.0813 0x191c WdiServiceHost - ok

21:06:58.0837 0x191c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll

21:06:58.0953 0x191c WdiSystemHost - ok

21:06:59.0048 0x191c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll

21:06:59.0104 0x191c WebClient - ok

21:06:59.0200 0x191c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll

21:06:59.0309 0x191c Wecsvc - ok

21:06:59.0403 0x191c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll

21:06:59.0531 0x191c wercplsupport - ok

21:06:59.0576 0x191c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll

21:06:59.0668 0x191c WerSvc - ok

21:06:59.0763 0x191c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

21:06:59.0841 0x191c WfpLwf - ok

21:06:59.0918 0x191c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys

21:06:59.0948 0x191c WIMMount - ok

21:07:00.0026 0x191c WinDefend - ok

21:07:00.0042 0x191c WinHttpAutoProxySvc - ok

21:07:00.0166 0x191c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

21:07:00.0350 0x191c Winmgmt - ok

21:07:00.0657 0x191c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll

21:07:01.0110 0x191c WinRM - ok

21:07:01.0284 0x191c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

21:07:01.0348 0x191c WinUsb - ok

21:07:01.0544 0x191c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll

21:07:01.0848 0x191c Wlansvc - ok

21:07:01.0928 0x191c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:07:01.0997 0x191c wlcrasvc - ok

21:07:02.0421 0x191c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:07:02.0871 0x191c wlidsvc - ok

21:07:02.0907 0x191c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys

21:07:02.0999 0x191c WmiAcpi - ok

21:07:03.0125 0x191c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

21:07:03.0231 0x191c wmiApSrv - ok

21:07:03.0332 0x191c WMPNetworkSvc - ok

21:07:03.0350 0x191c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll

21:07:03.0423 0x191c WPCSvc - ok

21:07:03.0474 0x191c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

21:07:03.0638 0x191c WPDBusEnum - ok

21:07:03.0682 0x191c [ 37725EBE2F8972809903A10599C365A2, 6F16E3D474AFA1C971B271484DB81E1CF40D1AA501955D16CF1390A01474D87D ] WPS C:\windows\system32\drivers\wpsdrvnt.sys

21:07:03.0723 0x191c WPS - ok

21:07:03.0973 0x191c [ 49B9FA407586503D27D17DBDEAEAC970, 50EC5AC0F8F6945A3A00D5435793340125BF4EF74D89CED04EC6D2F3395A19BC ] WpsHelper C:\windows\system32\drivers\WpsHelper.sys

21:07:04.0030 0x191c WpsHelper - ok

21:07:04.0089 0x191c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

21:07:04.0213 0x191c ws2ifsl - ok

21:07:04.0333 0x191c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll

21:07:04.0436 0x191c wscsvc - ok

21:07:04.0543 0x191c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys

21:07:04.0633 0x191c WSDPrintDevice - ok

21:07:04.0652 0x191c WSearch - ok

21:07:05.0021 0x191c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll

21:07:05.0338 0x191c wuauserv - ok

21:07:05.0434 0x191c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys

21:07:05.0519 0x191c WudfPf - ok

21:07:05.0617 0x191c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

21:07:05.0689 0x191c WUDFRd - ok

21:07:05.0759 0x191c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll

21:07:05.0907 0x191c wudfsvc - ok

21:07:06.0034 0x191c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll

21:07:06.0309 0x191c WwanSvc - ok

21:07:06.0412 0x191c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys

21:07:06.0457 0x191c xusb21 - ok

21:07:06.0473 0x191c ================ Scan global ===============================

21:07:06.0554 0x191c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll

21:07:06.0685 0x191c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll

21:07:06.0764 0x191c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll

21:07:06.0824 0x191c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll

21:07:06.0943 0x191c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe

21:07:06.0966 0x191c [ Global ] - ok

21:07:06.0972 0x191c ================ Scan MBR ==================================

21:07:07.0018 0x191c [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

21:07:09.0497 0x191c \Device\Harddisk0\DR0 - ok

21:07:09.0498 0x191c ================ Scan VBR ==================================

21:07:09.0646 0x191c [ 92BBBC1DB7B1474E117F235D958F049F ] \Device\Harddisk0\DR0\Partition1

21:07:09.0649 0x191c \Device\Harddisk0\DR0\Partition1 - ok

21:07:09.0650 0x191c ================ Scan generic autorun ======================

21:07:09.0731 0x191c [ 64E498DF53A9481C0F65923B8E1AF8FF, C3DC9C5A4659811129593A5538BDBBC812B4FF8386445F144918B5A1733316A2 ] C:\windows\system32\igfxtray.exe

21:07:09.0809 0x191c IgfxTray - ok

21:07:09.0893 0x191c [ D2AF25E2921BACC9B87E1AB7054F22D2, 847472F224A3AD34738A6F9DBEF327AC5B741B1382760F9F441E361EB875CE80 ] C:\windows\system32\hkcmd.exe

21:07:09.0997 0x191c HotKeysCmds - ok

21:07:10.0126 0x191c [ E58E1B907C67DE1FD65BE37EB3C5E79D, 83DC46A2AF97315D86AB6AF909820518268D7D71403385129CF33BDF6FD3F82C ] C:\windows\system32\igfxpers.exe

21:07:10.0238 0x191c Persistence - ok

21:07:10.0350 0x191c [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe

21:07:10.0732 0x191c SmartAudio - ok

21:07:10.0734 0x191c SynTPEnh - ok

21:07:10.0738 0x191c TPwrMain - ok

21:07:10.0742 0x191c TCrdMain - ok

21:07:10.0848 0x191c [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

21:07:10.0885 0x191c TosVolRegulator - ok

21:07:11.0076 0x191c [ 578AD386192D03662C38D5E155144C59, BB5920B2B87288A85CBDFFB8E387D7ADFC390613D1C0968526DA2D69C28AAAB1 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

21:07:11.0311 0x191c TosSENotify - ok

21:07:11.0319 0x191c TosNC - ok

21:07:11.0320 0x191c TosReelTimeMonitor - ok

21:07:11.0477 0x191c [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe

21:07:11.0603 0x191c BCSSync - ok

21:07:11.0818 0x191c [ B810B8C3EA2658054C931B5713D7C206, 7E991423FC2F8B5DF884B81DA98F7188C0CBE40EE3C96DAD0E2D2A479A95A5A0 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

21:07:11.0999 0x191c ToshibaServiceStation - ok

21:07:12.0141 0x191c [ 5424CDA35AED398886F72DB02C7B7646, E74E11DFEE6773F0005B707828E464E8D3DF0D7990B31E4769389449614140F5 ] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

21:07:12.0252 0x191c ccApp - ok

21:07:12.0509 0x191c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

21:07:12.0703 0x191c Adobe ARM - ok

21:07:12.0815 0x191c [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

21:07:12.0878 0x191c APSDaemon - ok

21:07:13.0058 0x191c [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe

21:07:13.0202 0x191c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

21:07:16.0881 0x191c Detect skipped due to KSN trusted

21:07:16.0881 0x191c QuickTime Task - ok

21:07:16.0979 0x191c [ B2387FD351A3D4780A917E4C00A83310, D23AADD424B1FC3D2C3A388252EEDA05F9B05922472A74E0CF4EEE7E005EADE1 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

21:07:17.0120 0x191c iTunesHelper - ok

21:07:17.0361 0x191c [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

21:07:17.0619 0x191c BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )

21:07:20.0833 0x191c Detect skipped due to KSN trusted

21:07:20.0833 0x191c BrMfcWnd - ok

21:07:21.0000 0x191c [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe

21:07:21.0053 0x191c ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )

21:07:24.0008 0x191c Detect skipped due to KSN trusted

21:07:24.0008 0x191c ControlCenter3 - ok

21:07:24.0275 0x191c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

21:07:24.0644 0x191c Sidebar - ok

21:07:24.0712 0x191c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

21:07:24.0803 0x191c mctadmin - ok

21:07:24.0988 0x191c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

21:07:25.0154 0x191c Sidebar - ok

21:07:25.0234 0x191c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

21:07:25.0298 0x191c mctadmin - ok

21:07:25.0467 0x191c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

21:07:25.0539 0x191c swg - ok

21:07:25.0742 0x191c [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe

21:07:25.0801 0x191c Facebook Update - ok

21:07:25.0917 0x191c Spotify - ok

21:07:26.0172 0x191c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe

21:07:26.0242 0x191c Google Update - ok

21:07:26.0478 0x191c [ 0C81C5C55CC47AB6DE3B487F5B465F11, 9F65A29735B4A182848943CF8C291FDFF3F3BDC143993DF87CC248E04AF09EA5 ] C:\Users\Frank\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe

21:07:26.0847 0x191c ALconnect - ok

21:07:27.0029 0x191c [ 4561E1427C32B47DCC7ACF30F95A8775, 1609F1A97671B6B544059E243A693F8219B1EDADF842622CF811F929A5BE2506 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

21:07:27.0235 0x191c GarminExpressTrayApp - ok

21:07:27.0299 0x191c Skype - ok

21:07:27.0551 0x191c [ 52F4719BF4A62567043D19D6FAB756B4, 35C5A98528DADB5D4B98A1AC5AE8FD2A441C031F80568E6CEBB8A0C1570E6EA2 ] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe

21:07:27.0886 0x191c FlashPlayerUpdate - ok

21:07:27.0893 0x191c Waiting for KSN requests completion. In queue: 9

21:07:28.0893 0x191c Waiting for KSN requests completion. In queue: 9

21:07:29.0893 0x191c Waiting for KSN requests completion. In queue: 9

21:07:31.0534 0x191c AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\WSCSavNotifier.exe ( 11.0.6100.463 ), 0x70000 ( disabled : updated )

21:07:31.0679 0x191c FW detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe ( 11.0.6100.480 ), 0x41010 ( enabled )

21:07:34.0619 0x191c ============================================================

21:07:34.0619 0x191c Scan finished

21:07:34.0619 0x191c ============================================================

21:07:34.0640 0x0a10 Detected object count: 0

21:07:34.0640 0x0a10 Actual detected object count: 0

#43
mjdevo31

Posted 09 June 2014 - 07:22 PM

Member

Topic Starter
Member
29 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014

Ran by Frank at 2014-06-09 21:17:00

Running from C:\Users\Frank\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

ActiveLink Connect (HKCU\...\ActiveLink Connect) (Version: 5.6.0.16645 - Koninklijke Philips Electronics N.V.)

ActiveLink Connect (x32 Version: 5.6.0.16645 - Koninklijke Philips Electronics N.V.) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.3.300.262 - Adobe Systems Incorporated)

Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.1.42 - Atheros Communications Inc.)

Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden

Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 2.0.0.0 - Brother Industries, Ltd.)

Citrix Presentation Server Client - Web Only (HKLM-x32\...\{E9459BCF-0982-498B-ABA7-26C34323493F}) (Version: 10.200.2650 - Citrix Systems, Inc.)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)

Connectivity Library and TI-Nspire™ handheld drivers (x32 Version: 1.0.0.539 - Texas Instruments Inc.) Hidden

CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F2CE207D-C146-4BFD-A1C2-219483C58819}) (Version: - Microsoft)

Elevated Installer (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden

Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)

Garmin Express (HKLM-x32\...\{31a12940-e5c8-4d27-a6ac-005212152f1f}) (Version: 2.2.21 - Garmin Ltd or its subsidiaries)

Garmin Express (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express Tray (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden

Garmin Update Service (x32 Version: 2.2.21 - Garmin Ltd or its subsidiaries) Hidden

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{F2C07BE3-0F88-4D0C-957B-3557699981E9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)

HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)

iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)

Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden

Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)

Languages of the World (HKLM-x32\...\Languages of the World) (Version: - )

LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.96 - Symantec Corporation)

MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0080-0409-1000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com)

Mozilla Firefox 5.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 5.0 (x86 en-US)) (Version: 5.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Project64 1.7 (HKLM-x32\...\Project64 1.7) (Version: - )

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)

Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)

Secure Download Manager (HKLM-x32\...\{FF6A778A-02DA-4B2D-82F7-733A467984EC}) (Version: 3.0.2 - e-academy Inc.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden

Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Symantec Endpoint Protection (HKLM\...\{73CA0462-DD49-495D-A6E5-AC4CF6F5FAC1}) (Version: 11.0.6100.645 - Symantec Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)

TI-Nspire Student Software (HKLM-x32\...\TI-Nspire Student Software) (Version: 3.0.2.1791 - Texas Instruments)

TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)

TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)

Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)

TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)

TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)

TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden

TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.1 - TOSHIBA Corporation)

TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)

TOSHIBA HDD/SSD Alert (Version: 3.1.64.7 - TOSHIBA Corporation) Hidden

TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7 - TOSHIBA Corporation) Hidden

TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)

TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)

TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)

TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)

TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)

TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden

TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)

TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.1 - TOSHIBA Corporation)

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)

TOSHIBA Value Added Package (Version: 1.5.4.64 - TOSHIBA Corporation) Hidden

TOSHIBA Value Added Package (x32 Version: 1.5.4.64 - TOSHIBA Corporation) Hidden

TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)

TOSHIBA Web Camera Application (x32 Version: 2.0.0.19 - TOSHIBA Corporation) Hidden

TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)

ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points =========================

15-05-2014 00:15:58 Windows Update

15-05-2014 23:44:24 Windows Update

23-05-2014 10:15:26 Windows Update

24-05-2014 16:48:40 Windows Update

07-06-2014 02:13:45 Windows Update

07-06-2014 02:19:54 Removed ooVoo

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1588E93D-2308-4472-B9A9-BAB098B8DBB2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)

Task: {2F9B75BB-7FF5-4C2C-BA53-75F76AEEEE01} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {31DDD830-8402-4703-9693-582C9BF61FB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)

Task: {6F164D15-F9CB-4716-B91D-7E0A8735A93A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {7C575633-397E-4AFD-B8D4-D9828E9F1585} - System32\Tasks\{39A542E2-8002-4D34-9CD8-F5A1F545D0C5} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)

Task: {85D0D968-FB8D-49E3-BA39-34410D9B812B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {9E6201F9-C5BC-44D8-B86B-4BBAF8F9210C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-15] (Google Inc.)

Task: {B4A7420F-8C84-498D-90BF-1B2153AB9FD8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {B5068366-AE49-41E3-93CC-6ECA86CCA3ED} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {E371773F-B278-4ACA-AECF-80D3762A3403} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-15] (Google Inc.)

Task: {E5DEB6A4-86AC-4401-A53E-A45FDEB4E279} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {EEE3DF03-6D65-409F-BC34-034B93A6B29B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job => C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001Core.job => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1504366700-2138237974-4129982290-1001UA.job => C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-30 14:23 - 2012-03-11 14:56 - 00086608 _____ () C:\windows\System32\cpwmon64.dll

2011-07-01 00:06 - 2011-06-27 03:11 - 00080256 _____ () c:\windows\syswow64\ezgosvc.dll

2011-04-04 22:18 - 2011-04-04 22:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-05-03 13:38 - 2005-04-22 13:36 - 00143360 ____N () C:\windows\system32\BrSNMP64.dll

2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll

2013-08-22 14:00 - 2013-08-22 14:00 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll

2014-05-03 13:38 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

2010-12-08 18:42 - 2010-12-08 18:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-05-03 13:38 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2014-06-06 22:10 - 2014-05-13 19:40 - 00716616 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll

2014-06-06 22:10 - 2014-05-13 19:40 - 00126280 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll

2014-06-06 22:10 - 2014-05-13 19:40 - 04217672 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-06-06 22:10 - 2014-05-13 19:40 - 00414536 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-06-06 22:10 - 2014-05-13 19:40 - 01732424 _____ () C:\Users\Frank\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (06/08/2014 04:27:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (06/07/2014 08:40:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/07/2014 08:12:28 PM) (Source: SescLU) (EventID: 13) (User: )

Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (06/06/2014 10:20:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed

System Error:

The system cannot find the file specified.

Error: (06/06/2014 10:14:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddWin32ServiceFiles: Unable to back up image of service Easybits GO Services for Windows since QueryServiceConfig API failed

System Error:

The system cannot find the file specified.

Error: (06/06/2014 10:12:50 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:

=============

Error: (06/09/2014 04:13:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (06/06/2014 10:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/06/2014 10:06:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AST Service service failed to start due to the following error:

%%2

Error: (06/06/2014 10:06:08 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 11:06:58 PM on ‎5/‎24/‎2014 was unexpected.

Error: (05/24/2014 10:02:14 PM) (Source: Disk) (EventID: 11) (User: )