Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Save Pass virus infected computer and browser [Solved]

Started by sayan.dg , Jul 19 2014 03:02 PM
Save Pass

  • This topic is locked This topic is locked

#1
sayan.dg
Posted 19 July 2014 - 03:02 PM

sayan.dg

    Member

  • Member
  • PipPip
  • 73 posts

My computer has been infected by Save pass (chrome browser)

whenever am opening a page lots of banners are coming up .

wherever i click additional banners are popping up making it miserable

 

i tried to uninstall it and though it is removed from add remove program the problem still persisits.

in Program files there is a dll and exe that is still there

 

Kindly help me get rid of this nuisance

I feel vulnerable as all my browsing activities/details are being tracked

 

Thank you 


  • 0

Advertisements

#2
pystryker
Posted 19 July 2014 - 10:38 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to GeeksToGo! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, let's get a look at your system and see what's going on. :)


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Step 2: Scan with aswMBR
  • Please download aswMBR.exe to your desktop.
  • Double click the file to run it.
  • It will ask if you want to download the latest Avast! virus definitions, please answer yes.
aswmbrscan_zpsdc05b0f9.jpg
  • Click the Scan button to begin the scan.
aswmbrsavelog_zps1aeef48e.jpg
  • Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
  • Click Exit
Things I need to see in your next post:


FRST Log

Addition.txt Log

aswMBR Log
  • 0

#3
sayan.dg
Posted 20 July 2014 - 04:53 AM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Thanks for your reply pystryker

 

here are the logs and reports yo asked me to run

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-07-2014
Ran by User (administrator) on SAYANLAPTOP-PC on 20-07-2014 12:32:57
Running from C:\Users\User\Desktop
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\System32\hpservice.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vfsFPService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(WebEx Communications, Inc.) C:\WINDOWS\System32\atashost.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.4.0.13\nis.exe
(PC Tools) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\omtsreco.exe
() C:\Program Files\Opera\22.0.1471.70\opera_crashreporter.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR.EXE
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\oracle.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
() C:\WINDOWS\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-13] (Macrovision Corporation)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-02-28] (Google Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [77056 2013-05-16] (WordWeb Software)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [] => [X]
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
URLSearchHook: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {B9C1BF5F-E271-422B-BFD5-A07157B06656} URL = http://in.search.yah...p={searchTerms}
SearchScopes: HKCU - {2BA04D11-8564-403A-B344-68B2683997B9} URL = http://in.search.yah...&Submit1=Search
SearchScopes: HKCU - {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = http://www.google.co...age={startPage}
SearchScopes: HKCU - {B576969D-1009-4827-9D3E-7317D68475B9} URL = http://search.condui...&ctid=CT2504091
SearchScopes: HKCU - {B9C1BF5F-E271-422B-BFD5-A07157B06656} URL = http://in.search.yah...p={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.c...m=1&toolbar=VZ2
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: No Name -> {11111111-1111-1111-1111-110511701150} ->  No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Vuze Remote Toolbar - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{57A952AE-881C-4F89-9627-1D4EA5C788B9}: [NameServer]202.159.219.229,203.94.243.70
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2009-10-22]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-20]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-16]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-02-17]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\WCaptureMoz [2013-08-13]
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-24]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-03]
CHR Extension: (TV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-02-14]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-03]
CHR Extension: (The Economist) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebjgjhbjedcomcajgpodjgfjgkepgpl [2014-02-14]
CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-01-28]
CHR Extension: (Norton Identity Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-21]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-03]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\User\AppData\Local\Slick Savings\coupons.crx [2014-04-28]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\WordWeb\wcxChrome.crx [2013-08-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-13]
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
 
========================== Services (Whitelisted) =================
 
S3 DiskDoctorService; C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-09-29] (DigitalPersona, Inc.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-09] (globalUpdate) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 NU16StartManagerSvc; C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
S4 OracleJobSchedulerDATABASE1; c:\app\user\product\11.2.0\dbhome_1\Bin\extjob.exe [49152 2010-04-02] () [File not signed]
R2 OracleMTSRecoveryService; C:\app\User\product\11.2.0\dbhome_1\bin\omtsreco.exe [69632 2010-04-01] (Oracle Corporation) [File not signed]
S3 OracleOraDb11g_home1ClrAgent; C:\app\User\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [38400 2010-02-28] (Oracle Corporation) [File not signed]
R2 OracleServiceDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\ORACLE.EXE [106487808 2010-04-02] (Oracle Corporation) [File not signed]
S3 OracleVssWriterDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\OraVSSW.exe [159744 2010-04-02] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2009-01-12] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2009-01-12] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-27] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [189536 2004-09-10] (SafeNet, Inc)
S3 SpeedDiskService; C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266 2009-07-21] (IDT, Inc.)
R2 OracleOraDb11g_home1TNSListener; C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR  [X]
S2 Update Greener Web; "C:\Program Files\Greener Web\updateGreenerWeb.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [50688 2009-10-01] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-10] (Symantec Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvix86.sys [395992 2014-03-28] (Symantec Corporation)
S3 iscFlash; C:\SwSetup\sp42557\iscflash.sys [11520 2008-08-05] (Insyde Software) [File not signed]
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVENG.SYS [93272 2014-07-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVEX15.SYS [1612376 2014-07-16] (Symantec Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [27696 2009-07-07] (Cisco Systems, Inc.)
R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [84064 2004-09-10] (Rainbow Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-01-10] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1504000.00D\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1504000.00D\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1504000.00D\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-02-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [119112 2010-07-30] (MCCI Corporation)
S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [14920 2010-07-30] (MCCI Corporation)
S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [135880 2010-07-30] (MCCI Corporation)
S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [129992 2010-07-30] (MCCI Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
U1 eabfiltr; 
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-19] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-20 12:32 - 2014-07-20 12:34 - 00028792 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-20 12:31 - 2014-07-20 12:33 - 00000000 ____D () C:\FRST
2014-07-20 12:24 - 2014-07-20 12:24 - 01079808 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-07-20 12:09 - 2014-07-20 12:09 - 00003928 ____N () C:\bootex.log
2014-07-20 02:42 - 2014-07-20 02:42 - 01373696 _____ () C:\Users\User\Downloads\VirtualRouterInstaller.msi
2014-07-17 11:06 - 2014-07-17 11:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 11:05 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-17 11:04 - 2014-07-17 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 11:04 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 11:04 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-17 11:04 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 14:10 - 2014-07-16 14:10 - 00000000 ____D () C:\Users\User\Desktop\TAX
2014-07-16 14:06 - 2014-07-16 14:07 - 00000000 ____D () C:\Users\User\Desktop\MTNL
2014-07-09 15:02 - 2014-06-07 05:35 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:02 - 2014-06-07 04:55 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:02 - 2014-06-07 04:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 15:02 - 2014-06-07 04:34 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:02 - 2014-06-07 04:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:02 - 2014-06-07 04:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:02 - 2014-06-07 04:30 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:02 - 2014-06-07 04:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:02 - 2014-06-07 04:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:02 - 2014-06-07 04:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 15:02 - 2014-06-07 04:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:02 - 2014-06-07 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:02 - 2014-06-07 04:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-09 15:02 - 2014-06-07 04:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 14:47 - 2014-06-07 05:49 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 14:47 - 2014-06-06 14:29 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 14:47 - 2014-05-30 12:23 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 17:11 - 2014-07-08 17:12 - 00991301 _____ () C:\Users\User\Downloads\ITR-2_2014 (1).zip
2014-07-08 17:01 - 2014-07-08 17:01 - 01343560 _____ () C:\Users\User\Downloads\ITR1_2014.zip
2014-07-08 17:00 - 2014-07-08 17:01 - 00878985 _____ () C:\Users\User\Downloads\ITR-1_2014 (1).zip
2014-07-05 20:43 - 2014-07-05 20:44 - 05230474 _____ () C:\Users\User\Downloads\IMG_0698 (2).MOV
2014-07-05 20:42 - 2014-07-05 20:43 - 05263289 _____ () C:\Users\User\Downloads\IMG_0698 (1).MOV
2014-07-02 22:45 - 2014-07-02 22:46 - 05253126 _____ () C:\Users\User\Downloads\IMG_0698.MOV
2014-07-02 22:39 - 2014-07-02 22:40 - 05377260 _____ () C:\Users\User\Downloads\IMG_0633 (4).MOV
2014-07-02 22:33 - 2014-07-02 22:34 - 05146006 _____ () C:\Users\User\Downloads\IMG_0633 (3).MOV
2014-07-02 17:57 - 2014-07-02 17:59 - 05542506 _____ () C:\Users\User\Downloads\IMG_0633 (2).MOV
2014-07-02 13:00 - 2014-07-02 13:03 - 05257394 _____ () C:\Users\User\Downloads\IMG_0633 (1).MOV
2014-07-02 12:56 - 2014-07-02 12:58 - 05217737 _____ () C:\Users\User\Downloads\IMG_0633.MOV
2014-07-02 12:47 - 2014-07-02 12:49 - 05358669 _____ () C:\Users\User\Downloads\IMG_0699.MOV
2014-06-29 14:40 - 2014-07-16 15:35 - 00000000 ____D () C:\Users\User\Desktop\2014
 
==================== One Month Modified Files and Folders =======
 
2014-07-20 12:34 - 2014-07-20 12:32 - 00028792 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-20 12:33 - 2014-07-20 12:31 - 00000000 ____D () C:\FRST
2014-07-20 12:31 - 2009-01-08 00:34 - 01546622 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 12:27 - 2012-05-18 23:30 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 12:24 - 2014-07-20 12:24 - 01079808 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-07-20 12:21 - 2009-12-20 02:54 - 00000286 _____ () C:\ProgramData\hpqp.ini
2014-07-20 12:19 - 2006-11-02 18:15 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:19 - 2006-11-02 18:15 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:18 - 2014-02-25 12:39 - 00000274 _____ () C:\Windows\Tasks\NUAutoUpdate.job
2014-07-20 12:18 - 2012-05-18 23:30 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 12:18 - 2009-01-07 06:20 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-20 12:17 - 2014-06-09 11:56 - 00001418 _____ () C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.job
2014-07-20 12:17 - 2014-06-09 11:55 - 00001314 _____ () C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.job
2014-07-20 12:17 - 2014-06-09 11:54 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-20 12:17 - 2006-11-02 18:28 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 12:09 - 2014-07-20 12:09 - 00003928 ____N () C:\bootex.log
2014-07-20 05:05 - 2009-06-30 10:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2014-07-20 04:56 - 2013-05-27 14:23 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-07-20 04:51 - 2014-06-09 11:54 - 00000000 ____D () C:\Program Files\SavePass
2014-07-20 04:39 - 2012-05-03 09:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 03:05 - 2009-06-30 10:53 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2014-07-20 02:48 - 2012-12-27 14:43 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2014-07-20 02:42 - 2014-07-20 02:42 - 01373696 _____ () C:\Users\User\Downloads\VirtualRouterInstaller.msi
2014-07-20 02:07 - 2009-02-27 22:38 - 00000000 ____D () C:\Program Files\Opera
2014-07-20 01:53 - 2009-01-08 00:36 - 00002140 _____ () C:\Windows\bthservsdp.dat
2014-07-20 01:53 - 2006-11-02 18:28 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-19 23:59 - 2014-06-09 11:54 - 00000912 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-19 14:48 - 2012-12-27 14:43 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2014-07-18 09:37 - 2012-07-04 11:39 - 00398550 _____ () C:\Windows\PFRO.log
2014-07-17 17:42 - 2012-11-18 17:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-07-17 11:06 - 2014-07-17 11:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 11:04 - 2014-07-17 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 11:03 - 2008-07-03 12:14 - 00000000 ____D () C:\Program Files\Java
2014-07-16 15:35 - 2014-06-29 14:40 - 00000000 ____D () C:\Users\User\Desktop\2014
2014-07-16 14:10 - 2014-07-16 14:10 - 00000000 ____D () C:\Users\User\Desktop\TAX
2014-07-16 14:07 - 2014-07-16 14:06 - 00000000 ____D () C:\Users\User\Desktop\MTNL
2014-07-15 04:10 - 2013-02-21 20:25 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-07-15 04:08 - 2014-02-17 08:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-15 04:08 - 2014-02-17 08:19 - 00002231 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-15 00:06 - 2011-10-02 11:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-13 01:32 - 2009-01-27 20:32 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-12 12:34 - 2012-05-03 09:57 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-12 12:34 - 2011-05-14 01:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-11 06:20 - 2012-07-12 01:12 - 00001758 _____ () C:\Users\User\Documents\Default.rdp
2014-07-11 03:02 - 2014-07-17 11:04 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-17 11:05 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-17 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-17 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-10 03:50 - 2006-11-02 18:14 - 04828464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 03:25 - 2013-08-07 20:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:10 - 2006-11-02 15:54 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-10 03:08 - 2008-07-03 11:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-08 18:32 - 2013-05-04 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 17:12 - 2014-07-08 17:11 - 00991301 _____ () C:\Users\User\Downloads\ITR-2_2014 (1).zip
2014-07-08 17:01 - 2014-07-08 17:01 - 01343560 _____ () C:\Users\User\Downloads\ITR1_2014.zip
2014-07-08 17:01 - 2014-07-08 17:00 - 00878985 _____ () C:\Users\User\Downloads\ITR-1_2014 (1).zip
2014-07-08 03:17 - 2013-12-15 09:13 - 00073981 _____ () C:\Users\User\Downloads\times-new-roman-psmt-1361535583.zip
2014-07-08 01:53 - 2014-01-10 08:59 - 00000000 ____D () C:\Users\User\Desktop\Adobe Illustrator CS5
2014-07-08 01:51 - 2009-01-07 12:29 - 00000000 ____D () C:\My Movies
2014-07-08 01:51 - 2009-01-07 06:21 - 00085504 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-06 20:48 - 2010-08-02 20:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Google
2014-07-05 20:44 - 2014-07-05 20:43 - 05230474 _____ () C:\Users\User\Downloads\IMG_0698 (2).MOV
2014-07-05 20:43 - 2014-07-05 20:42 - 05263289 _____ () C:\Users\User\Downloads\IMG_0698 (1).MOV
2014-07-02 22:46 - 2014-07-02 22:45 - 05253126 _____ () C:\Users\User\Downloads\IMG_0698.MOV
2014-07-02 22:40 - 2014-07-02 22:39 - 05377260 _____ () C:\Users\User\Downloads\IMG_0633 (4).MOV
2014-07-02 22:34 - 2014-07-02 22:33 - 05146006 _____ () C:\Users\User\Downloads\IMG_0633 (3).MOV
2014-07-02 17:59 - 2014-07-02 17:57 - 05542506 _____ () C:\Users\User\Downloads\IMG_0633 (2).MOV
2014-07-02 13:03 - 2014-07-02 13:00 - 05257394 _____ () C:\Users\User\Downloads\IMG_0633 (1).MOV
2014-07-02 12:58 - 2014-07-02 12:56 - 05217737 _____ () C:\Users\User\Downloads\IMG_0633.MOV
2014-07-02 12:49 - 2014-07-02 12:47 - 05358669 _____ () C:\Users\User\Downloads\IMG_0699.MOV
2014-06-30 10:20 - 2009-01-17 22:55 - 00000000 ____D () C:\Users\User\Desktop\sayan
2014-06-29 21:10 - 2010-11-06 00:04 - 00000000 ____D () C:\Users\User\Desktop\Astro
2014-06-29 21:09 - 2013-02-13 22:04 - 00000000 ____D () C:\Users\User\Desktop\ignou
2014-06-29 21:08 - 2014-06-04 20:18 - 00000000 ____D () C:\Users\User\Desktop\angio
2014-06-29 13:35 - 2012-08-24 21:33 - 00000000 ____D () C:\Users\User\Desktop\CS 2012
2014-06-21 11:05 - 2006-11-02 16:03 - 00830468 _____ () C:\Windows\system32\PerfStringBackup.INI
 
Files to move or delete:
====================
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe
 
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\User\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-20 12:28
 
==================== End Of Log ============================
 
 
 
*********************************************************************************************************************************
*********************************************************************************************************************************
*********************************************************************************************************************************
Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-07-2014
Ran by User at 2014-07-20 12:35:57
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
5600 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS5 (HKLM\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avro Keyboard 5.5.0 (HKLM\...\Avro Keyboard_is1) (Version: 5.5.0 - OmicronLab)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BookSmart® 3.4.4 3.4.4 (HKLM\...\BookSmart® 3.4.4 3.4.4) (Version:  - Blurb, Inc)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
calibre (HKLM\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
Cisco Network Magic (Version: 5.5.09195.0 - Pure Networks) Hidden
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.2519 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.11 (HKLM\...\{1A5D65E1-B438-4148-97E3-1BC3627BEC71}) (Version: 4.11.3805 - DigitalPersona, Inc.)
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Free Video Call Recorder for Skype version 1.2.15.514 (HKLM\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.15.514 - DVDVideoSoft Ltd.)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Goravani Jyotish Studio 3.9 (HKLM\...\{D18CEC90-7219-4047-B2CC-9B8B9472AAA7}_is1) (Version:  - Goravani)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 D1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6310 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}) (Version: 1.0.9 - Hewlett-Packard)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0102 (HKLM\...\{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{A5CE7175-080D-49AC-B5A3-E7E3502428F5}) (Version: 3.00 I2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Jagannatha Hora 7.66 (HKLM\...\Jagannatha Hora_is1) (Version: 7.66 - PVR Narasimha Rao)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )
LightScribe System Software (HKLM\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTNL 3G version 1.0 (HKLM\...\{6B1C21DC-F011-4917-A6AB-4C707D5276EB}_is1) (Version: 1.0 - MTNL)
muvee autoProducer 6.1 (HKLM\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
My Screen Recorder 4 (HKLM\...\My Screen Recorder 4.0_is1) (Version:  - Deskshare Inc.)
NaturalReaderFree (HKLM\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11.9 - NaturalSoft)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Network Magic (HKLM\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.0 - Nikon)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.2.2 - Nokia)
Nokia PC Internet Access (Version: 2.0.2.2 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
Norton Utilities 16 (HKLM\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
OL School Atlas (HKLM\...\{630E9109-D2B8-4614-93BA-77FDF37FAA73}) (Version: 1.00.0000 - Orient Longman)
Opera Stable 22.0.1471.70 (HKLM\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
Oracle Data Provider for .NET Help (HKLM\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 11.2.010 - Oracle Corporation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.)
PowerDirector (Version: 6.5.2719 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{AAD72731-807A-4B79-AE05-9190B7002B7B}) (Version: 3.10 A7 - Hewlett-Packard)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Pure Networks Platform (Version: 11.2.09195.1 - Pure Networks) Hidden
Python 3.3.3 (HKLM\...\{39b6eb84-331c-3657-ad2e-837537ddf04f}) (Version: 3.3.3150 - Python Software Foundation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Security Task Manager 1.8c (HKLM\...\Security Task Manager) (Version: 1.8c - Neuber Software)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sentinel Protection Installer 7.0.0 (HKLM\...\{547D4265-AF45-42E9-A62A-C58182AA35B9}) (Version: 7.0.0 - SafeNet, Inc.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.34 - Validity Sensors, Inc.)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.1.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM\...\Vuze_Remote Toolbar) (Version: 6.9.0.16 - Vuze Remote) <==== ATTENTION
WebEx Support Manager for Internet Explorer (HKLM\...\{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}) (Version: 6.5.4917 - WebEx Communications Inc.)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
WildTangent Games App for HP (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-2 - BitNami)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
 
==================== Restore Points  =========================
 
17-07-2014 05:30:26 Installed Java 7 Update 65
18-07-2014 12:05:19 Scheduled Checkpoint
19-07-2014 00:16:40 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2006-11-02 15:53 - 2011-03-06 00:34 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0D38D1CE-0131-4E81-8046-5A36F598A0A3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-09] (globalUpdate) <==== ATTENTION
Task: {0D52D31E-661C-4065-A256-CF47E1A04940} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1207FF2B-0694-4A4A-83C6-4F35345AA082} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {17FEDD0A-7643-4078-A460-BB35E63DC827} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - User => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1B347BAA-5746-44AD-845C-2ED13D482D66} - System32\Tasks\{656BEA03-63D6-40B0-84D3-7DDF0447700A} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {1E4DC692-4D25-42E2-99DD-3B558ECBA687} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {290B2CDA-E91A-436F-AC7E-B91FC315BE4D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2E7A36EE-79AD-4D56-A962-F206C6139298} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
Task: {351D51B7-0FCA-4E34-88C0-E0C6E8D30647} - System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2 => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.exe
Task: {449B3246-7601-48F4-8032-2A96B047B393} - System32\Tasks\NUSchedule => C:\Program Files\Symantec\Norton Utilities 16\nu.exe [2014-01-17] (Symantec)
Task: {5203D9EE-8E0B-4363-9AA8-04AED42518F3} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {54204973-503A-4360-A8B6-F6ED65DA5B57} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {556AEF19-A9CF-431C-955B-B4CBE4356909} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-28] (Google Inc.)
Task: {573C30D2-CF14-4262-969F-F7ABC7221A2D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {6B55480D-FA3D-407A-B29B-02EEA46217BC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6CE32B5D-F782-438D-8D41-7D8800A6C64D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)
Task: {75914DA6-82FC-40DF-B17A-03CB056CAA65} - System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5 => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
Task: {77CB15C1-B973-456E-AAD4-4335DAFFF4C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7CD8A808-6829-4312-BAE8-03645914E6C0} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {7E7A9EA8-2A42-42CD-B9E0-C52416863446} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-05-26] ()
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {8C528B1C-2C76-4588-ACAC-77CEA94A99A8} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {95AA2056-04CC-48E3-8BCB-0E1019FC1020} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {97349477-3B85-43F2-AB89-EB7439FED792} - System32\Tasks\Opera scheduled Autoupdate 1388224918 => C:\Program Files\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {973DA91D-63EF-4B59-B178-7C5DB768ADF2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {A9EFAF5F-3A90-488B-848B-112DD4FBF3A6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-09] (globalUpdate) <==== ATTENTION
Task: {BE882345-73FA-4B83-AED6-5932CD99D546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {C23D46F1-9C6C-4ED0-BE47-33B014228E21} - System32\Tasks\Microsoft\Windows\RestartManager\{E3BCBBC5-0942-42e5-9A4F-4F2E5C3AD053} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {CDB97CD8-359A-4228-94EF-E0C77C90A9F2} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {DB68DD01-8809-4DC6-B223-E5A6EFF99DC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
Task: {E10319AA-E2DC-4089-8525-CF00DB4E55F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-28] (Google Inc.)
Task: {E55752A0-9BC0-4698-9843-A7974FF1CAD9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E919426A-FE7A-4713-9C6B-4AA631B5CCCF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EE6EDCC5-7482-4DBF-B9AC-0B5D803409FE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FB86B8BE-EEEA-47D0-AE5E-7DBF84B91926} - System32\Tasks\NUAutoUpdate => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe [2014-01-17] (Symantec)
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.exe
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-12-20 02:53 - 2009-01-12 16:50 - 00120216 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00259480 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00345384 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-08-03 14:03 - 2013-06-08 21:29 - 02926848 ____N () C:\Windows\wweb32.dll
2014-07-20 02:06 - 2014-06-16 13:54 - 01396344 _____ () C:\Program Files\Opera\22.0.1471.70\opera_crashreporter.exe
2014-07-20 02:06 - 2014-06-16 13:55 - 00957048 _____ () C:\Program Files\Opera\22.0.1471.70\ffmpegsumo.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00292216 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2009-12-20 02:53 - 2009-01-12 16:50 - 00116080 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-25 12:42 - 2014-02-25 12:42 - 16265096 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
2008-07-03 12:09 - 2008-03-27 03:56 - 00341328 _____ () C:\Windows\SMINST\BLService.exe
2008-07-03 12:09 - 2006-09-14 02:24 - 00081920 _____ () C:\Windows\SMINST\STString.dll
2008-07-03 12:09 - 2007-11-15 04:16 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2008-07-03 12:02 - 2007-01-09 14:55 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-07-17 08:40 - 2014-07-15 14:54 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-17 08:40 - 2014-07-15 14:54 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-17 08:40 - 2014-07-15 14:54 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-04-11 21:09 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 21:09 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:206E2596
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:F3AB0B43
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: MSSQL$MSSMLBIZ => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SQLBrowser => 2
MSCONFIG\Services: SQLWriter => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avro Keyboard => C:\Program Files\Avro Keyboard\Avro Keyboard.exe
MSCONFIG\startupreg: googletalk => C:\Users\User\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => 
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: S301MD => C:\Program Files\MTNL 3G\Delhi\Resource\driver\MctlSuc.exe
MSCONFIG\startupreg: SearchSettings => 
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: uTorrent => "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: HP Integrated Bluetooth module
Description: HP Integrated Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: HP
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/20/2014 00:35:02 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\USER\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSION STATE> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/20/2014 00:35:02 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\USER\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSION STATE> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/20/2014 00:20:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 04:08:50 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=36.0.1985.125;lang=;guid=48F16FEB5FCC4F48B0F5F4B884E36C1E;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\4a209602-97bd-42e4-8c11-044e9014818e.dmp
 
Error: (07/20/2014 02:43:28 AM) (Source: MsiInstaller) (EventID: 10005) (User: SAYANLAPTOP-PC)
Description: Product: Virtual Router v1.0 -- This is an unsupported version of Windows. Only Windows 8, Windows 7, Windows Server 2008 R2 and later are supported.
 
Error: (07/20/2014 02:34:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application YahooMessenger.exe, version 11.5.0.228, time stamp 0x4fbf6b79, faulting module Flash32_14_0_0_145.ocx_unloaded, version 0.0.0.0, time stamp 0x53aa18ec, exception code 0xc0000005, fault offset 0x5c4bcdac,
process id 0xc7c, application start time 0xYahooMessenger.exe0.
 
Error: (07/20/2014 01:55:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:32:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/19/2014 09:52:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application YahooMessenger.exe, version 11.5.0.228, time stamp 0x4fbf6b79, faulting module Flash32_14_0_0_145.ocx_unloaded, version 0.0.0.0, time stamp 0x53aa18ec, exception code 0xc0000005, fault offset 0x5ccfcdac,
process id 0x7e0, application start time 0xYahooMessenger.exe0.
 
Error: (07/19/2014 07:59:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (07/20/2014 00:23:23 PM) (Source: WMPNetworkSvc) (EventID: 14325) (User: )
Description: WMPNetworkSvc0x80070002
 
Error: (07/20/2014 00:20:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Update Greener Web%%2
 
Error: (07/20/2014 00:20:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/20/2014 00:18:30 PM) (Source: Print) (EventID: 23) (User: NT AUTHORITY)
Description: Printer Acrobat PDFWriter failed to initialize because a suitable Acrobat PDFWriter driver could not be found. The new printer settings that you specified have not taken effect. Install or reinstall the printer driver. You might need to contact the vendor for an updated driver.
 
Error: (07/20/2014 00:17:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 05:08:26 on 20-07-2014 was unexpected.
 
Error: (07/20/2014 03:51:51 AM) (Source: VDS Dynamic Provider) (EventID: 10) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
 
Error: (07/20/2014 03:18:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000vfsFPService
 
Error: (07/20/2014 03:18:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000vfsFPService
 
Error: (07/20/2014 02:48:07 AM) (Source: VDS Dynamic Provider) (EventID: 10) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
 
Error: (07/20/2014 02:42:55 AM) (Source: VDS Dynamic Provider) (EventID: 10) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
 
 
Microsoft Office Sessions:
=========================
Error: (08/25/2012 01:42:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/25/2012 00:52:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/25/2012 00:50:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/02/2011 06:30:43 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4472 seconds with 300 seconds of active time.  This session ended with a crash.
 
Error: (03/08/2011 08:17:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/02/2010 02:03:48 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29409 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error: (10/26/2010 05:42:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/17/2010 04:01:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/13/2010 00:43:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34096 seconds with 11280 seconds of active time.  This session ended with a crash.
 
Error: (08/25/2010 02:21:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19222 seconds with 10140 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-20 12:34:39.045
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:38.640
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:38.264
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:37.899
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:08.428
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:08.024
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:07.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-20 12:34:07.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-17 08:19:49.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\User\AppData\Local\Temp\TEMP.^^^\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-17 08:19:48.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\User\AppData\Local\Temp\TEMP.^^^\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 67%
Total physical RAM: 3002.45 MB
Available physical RAM: 974.73 MB
Total Pagefile: 6233.15 MB
Available Pagefile: 3546.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.68 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.81 GB) (Free:3.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9.07 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 4F102E62)
Partition 1: (Active) - (Size=224 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
******************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-20 14:55:08
-----------------------------
14:55:08.829    OS Version: Windows 6.0.6002 Service Pack 2
14:55:08.829    Number of processors: 2 586 0xF0D
14:55:08.830    ComputerName: SAYANLAPTOP-PC  UserName: User
14:55:37.040    Initialize success
14:55:37.134    VM: initialized successfully
14:55:37.162    VM: Intel CPU virtualization not supported 
14:56:33.952    AVAST engine defs: 14071901
14:56:39.071    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:56:39.074    Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3
14:56:39.311    Disk 0 MBR read successfully
14:56:39.314    Disk 0 MBR scan
14:56:39.337    Disk 0 unknown MBR code
14:56:39.342    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       229179 MB offset 63
14:56:39.381    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS         9292 MB offset 469360640
14:56:39.390    Disk 0 scanning sectors +488390656
14:56:39.758    Disk 0 scanning C:\Windows\system32\drivers
14:57:01.897    Service scanning
14:57:07.184    Service BHDrvx86 C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys **LOCKED** 5
14:57:09.467    Service ccSet_NIS C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys **LOCKED** 5
14:57:13.140    Service eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys **LOCKED** 5
14:57:13.762    Service EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
14:57:19.561    Service IDSVix86 C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvix86.sys **LOCKED** 5
14:57:28.636    Service NAVENG C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVENG.SYS **LOCKED** 5
14:57:28.844    Service NAVEX15 C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVEX15.SYS **LOCKED** 5
14:57:59.402    Service SRTSPX C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS **LOCKED** 5
14:58:00.695    Service SymDS C:\Windows\system32\drivers\NIS\1504000.00D\SYMDS.SYS **LOCKED** 5
14:58:00.965    Service SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
14:58:01.146    Service SymIRON C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS **LOCKED** 5
14:58:01.312    Service SYMTDIv C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS **LOCKED** 5
14:58:11.680    Modules scanning
14:59:08.775    Disk 0 trace - called modules:
14:59:08.802    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll iaStor.sys sptd.sys 
14:59:08.810    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x878c87b8]
14:59:08.818    3 CLASSPNP.SYS[82ed28b3] -> nt!IofCallDriver -> [0x872980f0]
14:59:08.825    5 hpdskflt.sys[8c1a6f92] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86741028]
14:59:09.649    AVAST engine scan C:\Windows
14:59:13.516    AVAST engine scan C:\Windows\system32
15:03:49.499    AVAST engine scan C:\Windows\system32\drivers
15:04:14.667    AVAST engine scan C:\Users\User
15:09:18.904    File: C:\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe  **INFECTED** Win32:Mobogenie-O [Adw]
15:09:23.050    File: C:\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe  **INFECTED** Win32:Mobogenie-N [Adw]
15:52:05.551    AVAST engine scan C:\ProgramData
16:08:46.193    Scan finished successfully
16:14:54.213    Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
16:14:54.223    The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
 
 

 


  • 0

#4
pystryker
Posted 20 July 2014 - 07:06 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello, we have some work to do, so let's get started. :thumbsup:


Step 1: P2P Warning and Program Uninstalls


The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.


Program Uninstalls

Please uninstall the following programs from your machine as they are malware related and part of the infection on your machine.
  • Vuze
  • Vuze Remote Toolbar
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [] => [X]
URLSearchHook: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKCU - {B576969D-1009-4827-9D3E-7317D68475B9} URL = http://search.condui...&ctid=CT2504091
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.c...m=1&toolbar=VZ2
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110511701150} -> No File
BHO: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKCU - Vuze Remote Toolbar - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\User\AppData\Local\Slick Savings\coupons.crx [2014-04-28]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
S2 Update Greener Web; "C:\Program Files\Greener Web\updateGreenerWeb.exe" [X]
C:\Program Files\Greener Web
C:\Program Files\Common Files\Spigot
C:\Users\User\AppData\Local\Slick Savings
2014-07-20 04:51 - 2014-06-09 11:54 - 00000000 ____D () C:\Program Files\SavePass
C:\Program Files\Vuze_Remote
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe
2006-11-02 15:53 - 2011-03-06 00:34 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
Task: {75914DA6-82FC-40DF-B17A-03CB056CAA65} - System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5 => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.exe
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
AlternateDataStreams: C:\ProgramData\TEMP:206E2596
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:F3AB0B43
C:\Users\User\AppData\Local\Mobogenie
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 4: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 5: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Fixlog.txt Log

AdwCleaner Log

Junkware Removal Tool Log

Fresh FRST Log
  • 0

#5
sayan.dg
Posted 20 July 2014 - 02:07 PM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hello 

 

I have run all the tests , here are the reports thank you

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:20-07-2014
Ran by User at 2014-07-21 00:09:49 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [] => [X]
URLSearchHook: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKCU - {B576969D-1009-4827-9D3E-7317D68475B9} URL = http://search.condui...&ctid=CT2504091
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.c...m=1&toolbar=VZ2
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110511701150} -> No File
BHO: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKCU - Vuze Remote Toolbar - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\User\AppData\Local\Slick Savings\coupons.crx [2014-04-28]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-07-06]
S2 Update Greener Web; "C:\Program Files\Greener Web\updateGreenerWeb.exe" [X]
C:\Program Files\Greener Web
C:\Program Files\Common Files\Spigot
C:\Users\User\AppData\Local\Slick Savings
2014-07-20 04:51 - 2014-06-09 11:54 - 00000000 ____D () C:\Program Files\SavePass
C:\Program Files\Vuze_Remote
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe
2006-11-02 15:53 - 2011-03-06 00:34 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
Task: {75914DA6-82FC-40DF-B17A-03CB056CAA65} - System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5 => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.exe
Task: C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.job => C:\Program Files\SavePass\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.exe
AlternateDataStreams: C:\ProgramData\TEMP:206E2596
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:F3AB0B43
C:\Users\User\AppData\Local\Mobogenie
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
End
*****************
 
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} => Value not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B576969D-1009-4827-9D3E-7317D68475B9}' => Key deleted successfully.
'HKCR\CLSID\{B576969D-1009-4827-9D3E-7317D68475B9}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}' => Key deleted successfully.
'HKCR\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}' => Key deleted successfully.
'HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}' => Key deleted successfully.
'HKCR\CLSID\{11111111-1111-1111-1111-110511701150}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}'=> Key not found.
'HKCR\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} => Value not found.
'HKCR\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} => Value not found.
'HKCR\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}'=> Key not found.
'HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj' => Key deleted successfully.
C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx => Moved successfully.
'HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj' => Key deleted successfully.
C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx => Moved successfully.
'HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk' => Key deleted successfully.
C:\Users\User\AppData\Local\Slick Savings\coupons.crx => Moved successfully.
'HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp' => Key deleted successfully.
C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx => Moved successfully.
'HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk' => Key deleted successfully.
C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx => Moved successfully.
'HKCU\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk' => Key deleted successfully.
"C:\Users\User\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx" => File/Directory not found.
Update Greener Web => Service deleted successfully.
C:\Program Files\Greener Web => Moved successfully.
C:\Program Files\Common Files\Spigot => Moved successfully.
C:\Users\User\AppData\Local\Slick Savings => Moved successfully.
C:\Program Files\SavePass => Moved successfully.
"C:\Program Files\Vuze_Remote" => File/Directory not found.
C:\ProgramData\DVD.exe => Moved successfully.
C:\ProgramData\Games.exe => Moved successfully.
C:\ProgramData\Karaoke.exe => Moved successfully.
C:\ProgramData\MobileTV.exe => Moved successfully.
C:\ProgramData\MPV.exe => Moved successfully.
C:\Windows\system32\Drivers\etc\hosts => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75914DA6-82FC-40DF-B17A-03CB056CAA65}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75914DA6-82FC-40DF-B17A-03CB056CAA65}' => Key deleted successfully.
C:\Windows\System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5' => Key deleted successfully.
C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.job => Moved successfully.
C:\Windows\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-5.job => Moved successfully.
C:\ProgramData\TEMP => ":206E2596" ADS removed successfully.
C:\ProgramData\TEMP => ":792D4CF1" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => ":F3AB0B43" ADS removed successfully.
C:\Users\User\AppData\Local\Mobogenie => Moved successfully.
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
==== End of Fixlog ====
 
#####################################################################################
 
#####################################################################################
 
#####################################################################################
 
#####################################################################################
 
# AdwCleaner v3.216 - Report created 21/07/2014 at 01:03:52
# Updated 17/07/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : User - SAYANLAPTOP-PC
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : Update Greener Web
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Users\User\AppData\Local\apn
Folder Deleted : C:\Users\User\AppData\Local\Conduit
Folder Deleted : C:\Users\User\AppData\Local\globalUpdate
Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\User\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\User\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\User\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\User\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\User\Documents\Mobogenie
File Deleted : C:\END
File Deleted : C:\Users\User\daemonprocess.txt
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9EFAF5F-3A90-488B-848B-112DD4FBF3A6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9EFAF5F-3A90-488B-848B-112DD4FBF3A6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D38D1CE-0131-4E81-8046-5A36F598A0A3}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D38D1CE-0131-4E81-8046-5A36F598A0A3}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDB97CD8-359A-4228-94EF-E0C77C90A9F2}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0057050.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0057050.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0057050.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0057050.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522702250}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555705550}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566706650}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544704450}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16561
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M1913028B-4192-4968-8B85-5ADC48B8B229&SearchSource=58&CUI=&UM=5&UP=SP1BEAF667-61A8-48F4-A128-D0A4F9396083&q={searchTerms}&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : ojpijjmpahflnipadmlpgbjmagmjchkk
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
 
*************************
 
AdwCleaner[R0].txt - [7081 octets] - [21/07/2014 01:01:28]
AdwCleaner[S0].txt - [7130 octets] - [21/07/2014 01:03:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7190 octets] ##########
 
 
#########################################################################################
 
#########################################################################################
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by User on 21-07-2014 at  1:14:32.50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\User\Local Settings\Application Data\cre"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21-07-2014 at  1:27:30.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by User (administrator) on SAYANLAPTOP-PC on 21-07-2014 01:31:53
Running from C:\Users\User\Desktop
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\System32\hpservice.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\WINDOWS\System32\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.4.0.13\nis.exe
(PC Tools) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\omtsreco.exe
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR.EXE
(Oracle Corporation) C:\app\User\product\11.2.0\dbhome_1\BIN\oracle.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\WINDOWS\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-13] (Macrovision Corporation)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-02-28] (Google Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [77056 2013-05-16] (WordWeb Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {2BA04D11-8564-403A-B344-68B2683997B9} URL = http://in.search.yah...&Submit1=Search
SearchScopes: HKCU - {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = http://www.google.co...age={startPage}
SearchScopes: HKCU - {B9C1BF5F-E271-422B-BFD5-A07157B06656} URL = http://in.search.yah...p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
 
Hosts: Hosts file not detected in the default directory
Tcpip\..\Interfaces\{57A952AE-881C-4F89-9627-1D4EA5C788B9}: [NameServer]202.159.219.229,203.94.243.70
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2009-10-22]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-21]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-16]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-02-17]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\WCaptureMoz [2013-08-13]
 
Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-24]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-03]
CHR Extension: (TV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-02-14]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-03]
CHR Extension: (The Economist) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebjgjhbjedcomcajgpodjgfjgkepgpl [2014-02-14]
CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-01-28]
CHR Extension: (Norton Identity Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-21]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-03]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\WordWeb\wcxChrome.crx [2013-08-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-13]
 
========================== Services (Whitelisted) =================
 
S3 DiskDoctorService; C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-09-29] (DigitalPersona, Inc.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 NU16StartManagerSvc; C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
S4 OracleJobSchedulerDATABASE1; c:\app\user\product\11.2.0\dbhome_1\Bin\extjob.exe [49152 2010-04-02] () [File not signed]
R2 OracleMTSRecoveryService; C:\app\User\product\11.2.0\dbhome_1\bin\omtsreco.exe [69632 2010-04-01] (Oracle Corporation) [File not signed]
S3 OracleOraDb11g_home1ClrAgent; C:\app\User\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [38400 2010-02-28] (Oracle Corporation) [File not signed]
R2 OracleServiceDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\ORACLE.EXE [106487808 2010-04-02] (Oracle Corporation) [File not signed]
S3 OracleVssWriterDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\OraVSSW.exe [159744 2010-04-02] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2009-01-12] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2009-01-12] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-27] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [189536 2004-09-10] (SafeNet, Inc)
S3 SpeedDiskService; C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266 2009-07-21] (IDT, Inc.)
R2 OracleOraDb11g_home1TNSListener; C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR  [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [50688 2009-10-01] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-07-16] (Symantec Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvix86.sys [395992 2014-03-28] (Symantec Corporation)
S3 iscFlash; C:\SwSetup\sp42557\iscflash.sys [11520 2008-08-05] (Insyde Software) [File not signed]
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVENG.SYS [93272 2014-07-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\NAVEX15.SYS [1612376 2014-07-16] (Symantec Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [27696 2009-07-07] (Cisco Systems, Inc.)
R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [84064 2004-09-10] (Rainbow Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-01-10] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1504000.00D\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1504000.00D\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1504000.00D\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-02-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [119112 2010-07-30] (MCCI Corporation)
S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [14920 2010-07-30] (MCCI Corporation)
S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [135880 2010-07-30] (MCCI Corporation)
S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [129992 2010-07-30] (MCCI Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
U1 eabfiltr; 
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-19] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-21 01:30 - 2014-07-21 01:30 - 01080320 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-07-21 01:27 - 2014-07-21 01:27 - 00001239 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-21 01:14 - 2014-07-21 01:14 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 01:11 - 2014-07-21 01:12 - 01016261 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-07-21 01:08 - 2014-07-21 01:08 - 00007270 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-21 01:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-21 01:01 - 2014-07-21 01:04 - 00000000 ____D () C:\AdwCleaner
2014-07-21 00:12 - 2014-07-21 00:12 - 01354223 _____ () C:\Users\User\Desktop\AdwCleaner.exe
2014-07-21 00:04 - 2014-07-21 00:07 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-20 16:14 - 2014-07-20 16:14 - 00003791 _____ () C:\Users\User\Desktop\aswMBR.txt
2014-07-20 16:14 - 2014-07-20 16:14 - 00000512 _____ () C:\Users\User\Desktop\MBR.dat
2014-07-20 14:54 - 2014-07-20 14:54 - 05185536 _____ (AVAST Software) C:\Users\User\Desktop\aswmbr.exe
2014-07-20 12:35 - 2014-07-20 12:38 - 00062974 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-20 12:32 - 2014-07-21 01:32 - 00025799 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-20 12:31 - 2014-07-21 01:32 - 00000000 ____D () C:\FRST
2014-07-20 02:42 - 2014-07-20 02:42 - 01373696 _____ () C:\Users\User\Downloads\VirtualRouterInstaller.msi
2014-07-17 11:06 - 2014-07-17 11:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 11:05 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-17 11:04 - 2014-07-17 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 11:04 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 11:04 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-17 11:04 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 14:10 - 2014-07-16 14:10 - 00000000 ____D () C:\Users\User\Desktop\TAX
2014-07-16 14:06 - 2014-07-16 14:07 - 00000000 ____D () C:\Users\User\Desktop\MTNL
2014-07-09 15:02 - 2014-06-07 05:35 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:02 - 2014-06-07 04:55 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:02 - 2014-06-07 04:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 15:02 - 2014-06-07 04:34 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:02 - 2014-06-07 04:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:02 - 2014-06-07 04:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:02 - 2014-06-07 04:30 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:02 - 2014-06-07 04:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:02 - 2014-06-07 04:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:02 - 2014-06-07 04:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 15:02 - 2014-06-07 04:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 15:02 - 2014-06-07 04:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:02 - 2014-06-07 04:23 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:02 - 2014-06-07 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:02 - 2014-06-07 04:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-09 15:02 - 2014-06-07 04:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 14:47 - 2014-06-07 05:49 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 14:47 - 2014-06-06 14:29 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 14:47 - 2014-05-30 12:23 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 17:11 - 2014-07-08 17:12 - 00991301 _____ () C:\Users\User\Downloads\ITR-2_2014 (1).zip
2014-07-08 17:01 - 2014-07-08 17:01 - 01343560 _____ () C:\Users\User\Downloads\ITR1_2014.zip
2014-07-08 17:00 - 2014-07-08 17:01 - 00878985 _____ () C:\Users\User\Downloads\ITR-1_2014 (1).zip
2014-07-05 20:43 - 2014-07-05 20:44 - 05230474 _____ () C:\Users\User\Downloads\IMG_0698 (2).MOV
2014-07-05 20:42 - 2014-07-05 20:43 - 05263289 _____ () C:\Users\User\Downloads\IMG_0698 (1).MOV
2014-07-02 22:45 - 2014-07-02 22:46 - 05253126 _____ () C:\Users\User\Downloads\IMG_0698.MOV
2014-07-02 22:39 - 2014-07-02 22:40 - 05377260 _____ () C:\Users\User\Downloads\IMG_0633 (4).MOV
2014-07-02 22:33 - 2014-07-02 22:34 - 05146006 _____ () C:\Users\User\Downloads\IMG_0633 (3).MOV
2014-07-02 17:57 - 2014-07-02 17:59 - 05542506 _____ () C:\Users\User\Downloads\IMG_0633 (2).MOV
2014-07-02 13:00 - 2014-07-02 13:03 - 05257394 _____ () C:\Users\User\Downloads\IMG_0633 (1).MOV
2014-07-02 12:56 - 2014-07-02 12:58 - 05217737 _____ () C:\Users\User\Downloads\IMG_0633.MOV
2014-07-02 12:47 - 2014-07-02 12:49 - 05358669 _____ () C:\Users\User\Downloads\IMG_0699.MOV
2014-06-29 14:40 - 2014-07-16 15:35 - 00000000 ____D () C:\Users\User\Desktop\2014
 
==================== One Month Modified Files and Folders =======
 
2014-07-21 01:32 - 2014-07-20 12:32 - 00025799 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-21 01:32 - 2014-07-20 12:31 - 00000000 ____D () C:\FRST
2014-07-21 01:30 - 2014-07-21 01:30 - 01080320 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-07-21 01:27 - 2014-07-21 01:27 - 00001239 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-21 01:27 - 2012-05-18 23:30 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 01:21 - 2009-01-08 00:34 - 01605877 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 01:14 - 2014-07-21 01:14 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 01:12 - 2014-07-21 01:11 - 01016261 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-07-21 01:10 - 2009-12-20 02:54 - 00000286 _____ () C:\ProgramData\hpqp.ini
2014-07-21 01:08 - 2014-07-21 01:08 - 00007270 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-21 01:07 - 2014-02-25 12:39 - 00000274 _____ () C:\Windows\Tasks\NUAutoUpdate.job
2014-07-21 01:07 - 2012-07-04 11:39 - 00398856 _____ () C:\Windows\PFRO.log
2014-07-21 01:07 - 2012-05-18 23:30 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 01:07 - 2009-01-07 06:20 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-21 01:07 - 2006-11-02 18:28 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 01:07 - 2006-11-02 18:15 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 01:07 - 2006-11-02 18:15 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 01:05 - 2009-06-30 10:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2014-07-21 01:05 - 2009-01-08 00:36 - 00002140 _____ () C:\Windows\bthservsdp.dat
2014-07-21 01:05 - 2006-11-02 18:28 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-21 01:04 - 2014-07-21 01:01 - 00000000 ____D () C:\AdwCleaner
2014-07-21 00:56 - 2013-05-27 14:23 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-07-21 00:39 - 2012-05-03 09:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 00:12 - 2014-07-21 00:12 - 01354223 _____ () C:\Users\User\Desktop\AdwCleaner.exe
2014-07-21 00:07 - 2014-07-21 00:04 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-20 23:48 - 2012-12-27 14:43 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2014-07-20 16:14 - 2014-07-20 16:14 - 00003791 _____ () C:\Users\User\Desktop\aswMBR.txt
2014-07-20 16:14 - 2014-07-20 16:14 - 00000512 _____ () C:\Users\User\Desktop\MBR.dat
2014-07-20 15:59 - 2012-11-18 17:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-07-20 14:54 - 2014-07-20 14:54 - 05185536 _____ (AVAST Software) C:\Users\User\Desktop\aswmbr.exe
2014-07-20 14:48 - 2012-12-27 14:43 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2014-07-20 12:38 - 2014-07-20 12:35 - 00062974 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-20 03:05 - 2009-06-30 10:53 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2014-07-20 02:42 - 2014-07-20 02:42 - 01373696 _____ () C:\Users\User\Downloads\VirtualRouterInstaller.msi
2014-07-20 02:07 - 2009-02-27 22:38 - 00000000 ____D () C:\Program Files\Opera
2014-07-17 11:06 - 2014-07-17 11:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 11:04 - 2014-07-17 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 11:03 - 2008-07-03 12:14 - 00000000 ____D () C:\Program Files\Java
2014-07-16 15:35 - 2014-06-29 14:40 - 00000000 ____D () C:\Users\User\Desktop\2014
2014-07-16 14:10 - 2014-07-16 14:10 - 00000000 ____D () C:\Users\User\Desktop\TAX
2014-07-16 14:07 - 2014-07-16 14:06 - 00000000 ____D () C:\Users\User\Desktop\MTNL
2014-07-15 04:10 - 2013-02-21 20:25 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-07-15 04:08 - 2014-02-17 08:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-15 04:08 - 2014-02-17 08:19 - 00002231 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-15 00:06 - 2011-10-02 11:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-13 01:32 - 2009-01-27 20:32 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-12 12:34 - 2012-05-03 09:57 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-12 12:34 - 2011-05-14 01:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-11 06:20 - 2012-07-12 01:12 - 00001758 _____ () C:\Users\User\Documents\Default.rdp
2014-07-11 03:02 - 2014-07-17 11:04 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-17 11:05 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-17 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-17 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-10 03:50 - 2006-11-02 18:14 - 04828464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 03:25 - 2013-08-07 20:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:10 - 2006-11-02 15:54 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-10 03:08 - 2008-07-03 11:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-08 18:32 - 2013-05-04 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 17:12 - 2014-07-08 17:11 - 00991301 _____ () C:\Users\User\Downloads\ITR-2_2014 (1).zip
2014-07-08 17:01 - 2014-07-08 17:01 - 01343560 _____ () C:\Users\User\Downloads\ITR1_2014.zip
2014-07-08 17:01 - 2014-07-08 17:00 - 00878985 _____ () C:\Users\User\Downloads\ITR-1_2014 (1).zip
2014-07-08 03:17 - 2013-12-15 09:13 - 00073981 _____ () C:\Users\User\Downloads\times-new-roman-psmt-1361535583.zip
2014-07-08 01:53 - 2014-01-10 08:59 - 00000000 ____D () C:\Users\User\Desktop\Adobe Illustrator CS5
2014-07-08 01:51 - 2009-01-07 12:29 - 00000000 ____D () C:\My Movies
2014-07-08 01:51 - 2009-01-07 06:21 - 00085504 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-06 20:48 - 2010-08-02 20:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Google
2014-07-05 20:44 - 2014-07-05 20:43 - 05230474 _____ () C:\Users\User\Downloads\IMG_0698 (2).MOV
2014-07-05 20:43 - 2014-07-05 20:42 - 05263289 _____ () C:\Users\User\Downloads\IMG_0698 (1).MOV
2014-07-02 22:46 - 2014-07-02 22:45 - 05253126 _____ () C:\Users\User\Downloads\IMG_0698.MOV
2014-07-02 22:40 - 2014-07-02 22:39 - 05377260 _____ () C:\Users\User\Downloads\IMG_0633 (4).MOV
2014-07-02 22:34 - 2014-07-02 22:33 - 05146006 _____ () C:\Users\User\Downloads\IMG_0633 (3).MOV
2014-07-02 17:59 - 2014-07-02 17:57 - 05542506 _____ () C:\Users\User\Downloads\IMG_0633 (2).MOV
2014-07-02 13:03 - 2014-07-02 13:00 - 05257394 _____ () C:\Users\User\Downloads\IMG_0633 (1).MOV
2014-07-02 12:58 - 2014-07-02 12:56 - 05217737 _____ () C:\Users\User\Downloads\IMG_0633.MOV
2014-07-02 12:49 - 2014-07-02 12:47 - 05358669 _____ () C:\Users\User\Downloads\IMG_0699.MOV
2014-06-30 10:20 - 2009-01-17 22:55 - 00000000 ____D () C:\Users\User\Desktop\sayan
2014-06-29 21:10 - 2010-11-06 00:04 - 00000000 ____D () C:\Users\User\Desktop\Astro
2014-06-29 21:09 - 2013-02-13 22:04 - 00000000 ____D () C:\Users\User\Desktop\ignou
2014-06-29 21:08 - 2014-06-04 20:18 - 00000000 ____D () C:\Users\User\Desktop\angio
2014-06-29 13:35 - 2012-08-24 21:33 - 00000000 ____D () C:\Users\User\Desktop\CS 2012
2014-06-21 11:05 - 2006-11-02 16:03 - 00830468 _____ () C:\Windows\system32\PerfStringBackup.INI
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\User\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\tbVuz0.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-21 01:16
 
==================== End Of Log ============================
 

  • 0

#6
pystryker
Posted 20 July 2014 - 02:27 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Looking good, let's continue. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.



Step 1: Delete Chrome's Preferences File


The infection has corrupted your user preferences file in Chrome. Please click the link below to find instructions to rebuild the preferences file.

https://support.goog...r/142059?hl=en#


Step 2: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 3: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 4: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#7
sayan.dg
Posted 21 July 2014 - 01:16 PM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hi

 

Sorry for the delayed response..The eset scan took almost 10 hours to complete and got stuck inbetween so had to restart.

The eset log file dont contain any details but i ave saved the 26 infections that it had detected am attaching that first

 

Thanks for all your help, once again

 

ESET

 

C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert0.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\OpenCandy\8C38E26EAFB6472FA1F406D2EA0AEDA2\Mobogenie_Setup_2.1.27_507.exe.vir Win32/Mobogenie.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\Slick Savings\CouponsHelper.exe.vir a variant of Win32/Toolbar.Widgi.F potentially unwanted application
C:\FRST\Quarantine\C\Program Files\SavePass\SavePass-nova.dll a variant of Win32/Toolbar.CrossRider.AI potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.29.zip a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\Users\User\AppData\Local\Google\Chrome\User Data\backup default\File System\002\t\00\00000000 Win32/Somoto.N potentially unwanted application
C:\Users\User\AppData\Local\Google\Chrome\User Data\backup default\File System\002\t\00\00000002 Win32/Somoto.N potentially unwanted application
C:\Users\User\AppData\Local\Temp\tbVuz0.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\User\Desktop\Kaala\kalademo\Kala Installer.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\User\Downloads\cbsidlm-cbsi188-Screen_Recorder-SEO-75937532.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\User\Downloads\codecpackage.exe Win32/InstallCore.BN potentially unwanted application
C:\Users\User\Downloads\FreeVideoCallRecorder.exe Win32/OpenCandy potentially unsafe application
C:\Users\User\Downloads\media.player.codec.pack.v4.3.0.setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\User\Downloads\ripsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Users\User\Downloads\New WinRAR ZIP archive\keygen.exe a variant of Win32/Keygen.EM potentially unsafe application
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1ZKJ5O8\91[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1ZKJ5O8\91[2].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1ZKJ5O8\91[3].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OUVNR0QP\91[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OUVNR0QP\91[2].js JS/Toolbar.Crossrider.B potentially unwanted application
 
 
*********************************************************************************************
*********************************************************************************************
 

 Results of screen317's Security Check version 0.99.86  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 65  
 Java SE Development Kit 7 Update 45 
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome 35.0.1916.153  
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 13 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
*******************************************************************************
*******************************************************************************
 
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 21-07-2014
Scan Time: 02:23:01
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.20.05
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341185
Time Elapsed: 44 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 5
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, Quarantined, [861bf4ac8dee8ea874a23163ce346f91], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, Quarantined, [861bf4ac8dee8ea874a23163ce346f91], 
PUP.Optional.SavePass.A, HKLM\SOFTWARE\SavePass, Quarantined, [277ae0c07cff63d3213dcc08907216ea], 
PUP.Optional.SavePass.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SavePass, Quarantined, [d8c9158b235880b671eb716345bd4fb1], 
PUP.Optional.SavePass.A, HKU\S-1-5-21-3273286156-3480778537-3055062599-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SavePass, Quarantined, [920f6937cdaeb581d08c973dd82af20e], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
Malware.Packer, C:\Users\User\Desktop\New Folder\CARDIO\PMSDVIEW.EXE, No Action By User, [cfd2b2ee97e47db92de94438758fe41c], 
PUP.Optional.OpenCandy, C:\Users\User\Downloads\DTLite4481-0347.exe, Quarantined, [0b96edb3c9b25dd951d40ac5758fa35d], 
PUP.Optional.CrossRider.T, C:\WINDOWS\System32\Tasks\5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2, Quarantined, [a0012977314a053186d89132dc26ec14], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 


  • 0

#8
pystryker
Posted 21 July 2014 - 06:30 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Sorry for the delayed response..The eset scan took almost 10 hours to complete and got stuck inbetween so had to restart.

The eset log file dont contain any details but i ave saved the 26 infections that it had detected am attaching that first


No worries on the delay, ESET is very thorough in it's search. :) Let's get rid of the items it's found and clean out your temporary files.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Clean Temporary Files

Please note: This process can take some time, and do not use the computer while it's running.

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
C:\Users\User\Desktop\Kaala\kalademo\Kala Installer.msi
C:\Users\User\Downloads\cbsidlm-cbsi188-Screen_Recorder-SEO-75937532.exe
C:\Users\User\Downloads\codecpackage.exe
C:\Users\User\Downloads\FreeVideoCallRecorder.exe
C:\Users\User\Downloads\media.player.codec.pack.v4.3.0.setup.exe
C:\Users\User\Downloads\ripsetup.exe
C:\Users\User\Downloads\New WinRAR ZIP archive\keygen.exe
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Fixlog.txt

Question: How is the machine running?
  • 0

#9
sayan.dg
Posted 22 July 2014 - 01:41 AM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hello pystryker

 

Though i have been using TFC it  hanged twice while running ..the 3rd time it worked

 

i have also run the fixlist..

 

my computer is running bit slower with things taking up a noticable time to open up.. i will also check the boot time

 

Thanks :)

 

*********************************

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:21-07-2014
Ran by User at 2014-07-22 13:06:57 Run:2
Running from C:\Users\User\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
C:\Users\User\Desktop\Kaala\kalademo\Kala Installer.msi
C:\Users\User\Downloads\cbsidlm-cbsi188-Screen_Recorder-SEO-75937532.exe
C:\Users\User\Downloads\codecpackage.exe
C:\Users\User\Downloads\FreeVideoCallRecorder.exe
C:\Users\User\Downloads\media.player.codec.pack.v4.3.0.setup.exe
C:\Users\User\Downloads\ripsetup.exe
C:\Users\User\Downloads\New WinRAR ZIP archive\keygen.exe
End
*****************
 
C:\Users\User\Desktop\Kaala\kalademo\Kala Installer.msi => Moved successfully.
C:\Users\User\Downloads\cbsidlm-cbsi188-Screen_Recorder-SEO-75937532.exe => Moved successfully.
C:\Users\User\Downloads\codecpackage.exe => Moved successfully.
C:\Users\User\Downloads\FreeVideoCallRecorder.exe => Moved successfully.
C:\Users\User\Downloads\media.player.codec.pack.v4.3.0.setup.exe => Moved successfully.
C:\Users\User\Downloads\ripsetup.exe => Moved successfully.
C:\Users\User\Downloads\New WinRAR ZIP archive\keygen.exe => Moved successfully.
 
==== End of Fixlog ====

  • 0

#10
pystryker
Posted 22 July 2014 - 05:35 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

my computer is running bit slower with things taking up a noticable time to open up.. i will also check the boot time



Let's take a look with TDSSKiller and see if there's something lurking.


Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!

Things I need to see in your next post:

TDSSKiller Log
  • 0

Advertisements

#11
sayan.dg
Posted 22 July 2014 - 07:15 AM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hello pystryker

 

Here is the log 

 

thank you :)

 

18:34:48.0929 0x13ec  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:34:56.0941 0x13ec  ============================================================
18:34:56.0941 0x13ec  Current date / time: 2014/07/22 18:34:56.0941
18:34:56.0941 0x13ec  SystemInfo:
18:34:56.0941 0x13ec  
18:34:56.0941 0x13ec  OS Version: 6.0.6002 ServicePack: 2.0
18:34:56.0941 0x13ec  Product type: Workstation
18:34:56.0942 0x13ec  ComputerName: SAYANLAPTOP-PC
18:34:56.0942 0x13ec  UserName: User
18:34:56.0942 0x13ec  Windows directory: C:\Windows
18:34:56.0942 0x13ec  System windows directory: C:\Windows
18:34:56.0942 0x13ec  Processor architecture: Intel x86
18:34:56.0942 0x13ec  Number of processors: 2
18:34:56.0942 0x13ec  Page size: 0x1000
18:34:56.0942 0x13ec  Boot type: Normal boot
18:34:56.0942 0x13ec  ============================================================
18:34:58.0773 0x13ec  KLMD registered as C:\Windows\system32\drivers\74947604.sys
18:34:59.0129 0x13ec  System UUID: {83019E79-A93C-C6D8-426E-4E1773084FA0}
18:35:00.0291 0x13ec  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:35:00.0294 0x13ec  ============================================================
18:35:00.0294 0x13ec  \Device\Harddisk0\DR0:
18:35:00.0294 0x13ec  MBR partitions:
18:35:00.0294 0x13ec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BF9DFC1
18:35:00.0294 0x13ec  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BF9E000, BlocksNum 0x1226000
18:35:00.0294 0x13ec  ============================================================
18:35:00.0352 0x13ec  C: <-> \Device\Harddisk0\DR0\Partition1
18:35:00.0484 0x13ec  D: <-> \Device\Harddisk0\DR0\Partition2
18:35:00.0484 0x13ec  ============================================================
18:35:00.0484 0x13ec  Initialize success
18:35:00.0484 0x13ec  ============================================================
18:35:56.0924 0x138c  ============================================================
18:35:56.0925 0x138c  Scan started
18:35:56.0925 0x138c  Mode: Manual; SigCheck; TDLFS; 
18:35:56.0925 0x138c  ============================================================
18:35:56.0925 0x138c  KSN ping started
18:35:59.0535 0x138c  KSN ping finished: true
18:36:02.0181 0x138c  ================ Scan system memory ========================
18:36:02.0181 0x138c  System memory - ok
18:36:02.0183 0x138c  ================ Scan services =============================
18:36:03.0384 0x138c  [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
18:36:03.0488 0x138c  Accelerometer - ok
18:36:03.0814 0x138c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:36:04.0080 0x138c  ACPI - ok
18:36:04.0813 0x138c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:36:04.0828 0x138c  AdobeARMservice - ok
18:36:05.0181 0x138c  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:36:05.0204 0x138c  AdobeFlashPlayerUpdateSvc - ok
18:36:05.0588 0x138c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:36:05.0764 0x138c  adp94xx - ok
18:36:05.0867 0x138c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:36:06.0141 0x138c  adpahci - ok
18:36:06.0308 0x138c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:36:06.0337 0x138c  adpu160m - ok
18:36:06.0470 0x138c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:36:06.0491 0x138c  adpu320 - ok
18:36:06.0564 0x138c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:36:07.0715 0x138c  AeLookupSvc - ok
18:36:07.0990 0x138c  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
18:36:08.0206 0x138c  AFD - ok
18:36:08.0537 0x138c  [ 8ED60797908FD394EEE0D6949F493224, E07C471050F8D13F0BE52BC2CF88BA0EB8612B4957C43FF16B90197C57738C99 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
18:36:08.0645 0x138c  AgereModemAudio - ok
18:36:09.0025 0x138c  [ 3712986CC3ABF0DC656B43525B9D1279, 6E8DB863BBF5FFD1F7CA841980946B25C93051BCBC67D7691B565984A78B7CFF ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
18:36:10.0097 0x138c  AgereSoftModem - ok
18:36:10.0407 0x138c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:36:10.0424 0x138c  agp440 - ok
18:36:10.0476 0x138c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:36:10.0494 0x138c  aic78xx - ok
18:36:10.0544 0x138c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
18:36:10.0998 0x138c  ALG - ok
18:36:11.0049 0x138c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
18:36:11.0064 0x138c  aliide - ok
18:36:11.0145 0x138c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:36:11.0161 0x138c  amdagp - ok
18:36:11.0200 0x138c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
18:36:11.0216 0x138c  amdide - ok
18:36:11.0348 0x138c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
18:36:11.0521 0x138c  AmdK7 - ok
18:36:11.0562 0x138c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:36:11.0730 0x138c  AmdK8 - ok
18:36:11.0893 0x138c  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
18:36:11.0976 0x138c  Appinfo - ok
18:36:12.0380 0x138c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:36:12.0394 0x138c  Apple Mobile Device - ok
18:36:12.0590 0x138c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
18:36:12.0607 0x138c  arc - ok
18:36:12.0653 0x138c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:36:12.0672 0x138c  arcsas - ok
18:36:13.0373 0x138c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:36:13.0599 0x138c  aspnet_state - ok
18:36:13.0724 0x138c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:36:13.0869 0x138c  AsyncMac - ok
18:36:13.0929 0x138c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
18:36:13.0946 0x138c  atapi - ok
18:36:14.0098 0x138c  [ 40767B965A8D575D794F1F95E2E017E9, 3B050B16A1ADE3FF93E0882012A2A9171010F52BC2CCFC1E254F8CD5DF5122F2 ] atashost        C:\Windows\system32\atashost.exe
18:36:14.0111 0x138c  atashost - ok
18:36:14.0321 0x138c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:36:14.0469 0x138c  AudioEndpointBuilder - ok
18:36:14.0484 0x138c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:36:14.0516 0x138c  Audiosrv - ok
18:36:15.0089 0x138c  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
18:36:15.0199 0x138c  BCM43XV - ok
18:36:15.0411 0x138c  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
18:36:15.0502 0x138c  BCM43XX - ok
18:36:15.0885 0x138c  [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:36:26.0988 0x138c  BcmSqlStartupSvc - ok
18:36:27.0391 0x138c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:36:27.0513 0x138c  Beep - ok
18:36:28.0050 0x138c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
18:36:28.0148 0x138c  BFE - ok
18:36:29.0150 0x138c  [ 5A55D8D9340A00B3BD2CC3413B4CB0C0, 438BB95072EC14AD597CFEF040CA7FDE8D46E4AAEE9145AC1014522F1842F713 ] BHDrvx86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx86.sys
18:36:37.0950 0x138c  BHDrvx86 - ok
18:36:38.0754 0x138c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
18:36:41.0830 0x138c  BITS - ok
18:36:41.0859 0x138c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:36:41.0912 0x138c  blbdrive - ok
18:36:42.0221 0x138c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:36:42.0248 0x138c  Bonjour Service - ok
18:36:42.0355 0x138c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:36:42.0515 0x138c  bowser - ok
18:36:42.0664 0x138c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:36:42.0707 0x138c  BrFiltLo - ok
18:36:42.0741 0x138c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:36:42.0772 0x138c  BrFiltUp - ok
18:36:42.0868 0x138c  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
18:36:42.0929 0x138c  Bridge - ok
18:36:42.0966 0x138c  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:36:42.0991 0x138c  BridgeMP - ok
18:36:43.0043 0x138c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
18:36:43.0075 0x138c  Browser - ok
18:36:43.0174 0x138c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:36:43.0528 0x138c  Brserid - ok
18:36:43.0578 0x138c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:36:43.0674 0x138c  BrSerWdm - ok
18:36:43.0705 0x138c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:36:43.0803 0x138c  BrUsbMdm - ok
18:36:43.0842 0x138c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:36:43.0902 0x138c  BrUsbSer - ok
18:36:43.0999 0x138c  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
18:36:44.0040 0x138c  BthEnum - ok
18:36:44.0159 0x138c  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:36:44.0228 0x138c  BTHMODEM - ok
18:36:44.0300 0x138c  [ C034851122F667F26F813ED1E541C191, 254D653DF90BAD406073E309751A3C2C219DEA84E765AEE5D37697D2583D7AFF ] BthMtpEnum      C:\Windows\system32\DRIVERS\BthMtpEnum.sys
18:36:44.0351 0x138c  BthMtpEnum - ok
18:36:44.0392 0x138c  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:36:44.0444 0x138c  BthPan - ok
18:36:44.0567 0x138c  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
18:36:44.0639 0x138c  BTHPORT - ok
18:36:44.0714 0x138c  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
18:36:44.0745 0x138c  BthServ - ok
18:36:44.0806 0x138c  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
18:36:44.0840 0x138c  BTHUSB - ok
18:36:44.0923 0x138c  [ 229B2C1E776062A4033305D5A9D6E28D, 2282111AFB12C9F0A3C1B213F911C23FE6E07E0630EEE026B2E68D36A9051602 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
18:36:44.0937 0x138c  btwaudio - ok
18:36:45.0020 0x138c  [ 97062053359F6908E1FB2791BFA54734, 46AEAB56C4A7B5F12BD2F1E0327FC96F9DFA618151D1B3D46B6D78B4ECC4B047 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
18:36:45.0035 0x138c  btwavdt - ok
18:36:45.0093 0x138c  [ D9269B0E3E3CF46D677FD071A40FE6CD, C8D5A1D864DA70B275E44392C490AF21903E8F3AFB2E55595162F6D93376C585 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
18:36:45.0104 0x138c  btwrchid - ok
18:36:45.0398 0x138c  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys
18:36:45.0415 0x138c  ccSet_NIS - ok
18:36:45.0494 0x138c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:36:45.0577 0x138c  cdfs - ok
18:36:45.0647 0x138c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:36:45.0710 0x138c  cdrom - ok
18:36:45.0786 0x138c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
18:36:45.0822 0x138c  CertPropSvc - ok
18:36:45.0866 0x138c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:36:45.0930 0x138c  circlass - ok
18:36:46.0005 0x138c  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
18:36:46.0032 0x138c  CLFS - ok
18:36:46.0134 0x138c  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:36:46.0153 0x138c  clr_optimization_v2.0.50727_32 - ok
18:36:46.0225 0x138c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:36:46.0350 0x138c  clr_optimization_v4.0.30319_32 - ok
18:36:46.0430 0x138c  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:36:46.0476 0x138c  CmBatt - ok
18:36:46.0510 0x138c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:36:46.0526 0x138c  cmdide - ok
18:36:46.0718 0x138c  [ A94146208170D78906C93EE39CEBDD9F, 54B0091593E2E014AD97FED1B715A71722C6B16B454C03F13E88B8423306AB79 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:36:46.0735 0x138c  Com4QLBEx - ok
18:36:46.0770 0x138c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:36:46.0786 0x138c  Compbatt - ok
18:36:46.0792 0x138c  COMSysApp - ok
18:36:46.0820 0x138c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:36:46.0836 0x138c  crcdisk - ok
18:36:46.0870 0x138c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
18:36:46.0930 0x138c  Crusoe - ok
18:36:47.0286 0x138c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:36:47.0372 0x138c  CryptSvc - ok
18:36:47.0546 0x138c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:36:47.0594 0x138c  DcomLaunch - ok
18:36:47.0657 0x138c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:36:47.0724 0x138c  DfsC - ok
18:36:48.0136 0x138c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
18:36:48.0587 0x138c  DFSR - ok
18:36:48.0737 0x138c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:36:49.0027 0x138c  Dhcp - ok
18:36:49.0145 0x138c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
18:36:49.0162 0x138c  disk - ok
18:36:49.0736 0x138c  [ 4C659CCED934CEF8FEB731949052320D, 49EA4444059E6B95EF7A0B02C2D9FEB318FCE31ED412738B22E08EE7344423F0 ] DiskDoctorService C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
18:36:50.0220 0x138c  DiskDoctorService - ok
18:36:50.0368 0x138c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:36:50.0463 0x138c  Dnscache - ok
18:36:50.0572 0x138c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
18:36:50.0616 0x138c  dot3svc - ok
18:36:50.0709 0x138c  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:36:50.0819 0x138c  Dot4 - ok
18:36:50.0864 0x138c  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:36:50.0924 0x138c  Dot4Print - ok
18:36:50.0970 0x138c  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:36:51.0032 0x138c  dot4usb - ok
18:36:51.0192 0x138c  [ 5BC1D876DFD53C31C5FC65D2E9614015, 605E7D1E2FF7A0663C5F6B29D28C830EA49B6342D570F03BE5B3D0F287AB9071 ] DpHost          C:\Program Files\DigitalPersona\Bin\DpHostW.exe
18:36:51.0253 0x138c  DpHost - detected UnsignedFile.Multi.Generic ( 1 )
18:36:54.0324 0x138c  Detect skipped due to KSN trusted
18:36:54.0324 0x138c  DpHost - ok
18:36:54.0545 0x138c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
18:36:54.0624 0x138c  DPS - ok
18:36:54.0722 0x138c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:36:54.0784 0x138c  drmkaud - ok
18:36:54.0913 0x138c  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:36:54.0953 0x138c  DXGKrnl - ok
18:36:55.0009 0x138c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
18:36:55.0089 0x138c  E1G60 - ok
18:36:55.0185 0x138c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
18:36:55.0251 0x138c  EapHost - ok
18:36:55.0338 0x138c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:36:55.0359 0x138c  Ecache - ok
18:36:55.0502 0x138c  [ 10D14FAEF105DF2432D0E03860895284, 200662CD73537A8152FA0C276F20CE9B558FB2EB1AD0C171E5CCF4DC8C02F8B3 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:36:55.0529 0x138c  eeCtrl - ok
18:36:55.0629 0x138c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:36:55.0657 0x138c  elxstor - ok
18:36:55.0734 0x138c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:36:55.0844 0x138c  EMDMgmt - ok
18:36:55.0911 0x138c  [ 004B2EA6CC2598EC5F0552E43CE29CEF, 5120903105749DC7A0356DF060B020D78F10FC1B651AC036B1D852EF65DD1D85 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
18:36:55.0976 0x138c  enecir - ok
18:36:56.0073 0x138c  [ 0424EAB7549926FB864BD41E7F0639CC, 04E349F311B24239E1B4DAD073360A0D91391B69E74B43D705A1C00FDF113F45 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:36:56.0089 0x138c  EraserUtilRebootDrv - ok
18:36:56.0176 0x138c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:36:56.0243 0x138c  ErrDev - ok
18:36:56.0314 0x138c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
18:36:56.0366 0x138c  EventSystem - ok
18:36:56.0475 0x138c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:36:56.0537 0x138c  exfat - ok
18:36:56.0835 0x138c  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:36:56.0863 0x138c  fastfat - ok
18:36:56.0952 0x138c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:36:57.0007 0x138c  fdc - ok
18:36:57.0048 0x138c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
18:36:57.0115 0x138c  fdPHost - ok
18:36:57.0139 0x138c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:36:57.0216 0x138c  FDResPub - ok
18:36:57.0289 0x138c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:36:57.0306 0x138c  FileInfo - ok
18:36:57.0329 0x138c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:36:57.0358 0x138c  Filetrace - ok
18:36:57.0417 0x138c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:36:57.0478 0x138c  flpydisk - ok
18:36:57.0548 0x138c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:36:57.0568 0x138c  FltMgr - ok
18:36:57.0809 0x138c  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
18:36:57.0919 0x138c  FontCache - ok
18:36:58.0096 0x138c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:36:58.0112 0x138c  FontCache3.0.0.0 - ok
18:36:58.0173 0x138c  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:36:58.0188 0x138c  fssfltr - ok
18:36:58.0465 0x138c  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:36:58.0784 0x138c  fsssvc - ok
18:36:58.0878 0x138c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:36:58.0939 0x138c  Fs_Rec - ok
18:36:58.0997 0x138c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:36:59.0013 0x138c  gagp30kx - ok
18:36:59.0155 0x138c  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
18:36:59.0175 0x138c  GamesAppIntegrationService - ok
18:36:59.0246 0x138c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
18:36:59.0265 0x138c  GamesAppService - ok
18:36:59.0339 0x138c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:36:59.0362 0x138c  GEARAspiWDM - ok
18:36:59.0474 0x138c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
18:36:59.0539 0x138c  gpsvc - ok
18:36:59.0692 0x138c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:36:59.0706 0x138c  gupdate - ok
18:36:59.0714 0x138c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:36:59.0727 0x138c  gupdatem - ok
18:36:59.0800 0x138c  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:36:59.0837 0x138c  HdAudAddService - ok
18:36:59.0935 0x138c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:37:00.0013 0x138c  HDAudBus - ok
18:37:00.0052 0x138c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:37:00.0099 0x138c  HidBth - ok
18:37:00.0143 0x138c  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:37:00.0204 0x138c  HidIr - ok
18:37:00.0253 0x138c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
18:37:00.0299 0x138c  hidserv - ok
18:37:00.0381 0x138c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:37:00.0464 0x138c  HidUsb - ok
18:37:00.0496 0x138c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:37:00.0547 0x138c  hkmsvc - ok
18:37:00.0715 0x138c  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:37:00.0737 0x138c  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
18:37:03.0809 0x138c  Detect skipped due to KSN trusted
18:37:03.0809 0x138c  HP Health Check Service - ok
18:37:03.0855 0x138c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:37:03.0870 0x138c  HpCISSs - ok
18:37:03.0935 0x138c  [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
18:37:04.0055 0x138c  hpdskflt - ok
18:37:04.0329 0x138c  [ FCB563B0A23643E5F80B6FF1E60F610F, C1FCECF406E154065BF3FD93C4853ED96F5300E0E218FF0AA20B34D614710735 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:37:04.0408 0x138c  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
18:37:07.0311 0x138c  Detect skipped due to KSN trusted
18:37:07.0311 0x138c  hpqcxs08 - ok
18:37:07.0355 0x138c  [ 25E443E27165C652723A92D9BDFD4649, 58528E888176D236C683F5135BE0B35F43F9F521022ED0E66D5B688F3BAF7D0F ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:37:07.0366 0x138c  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
18:37:10.0302 0x138c  Detect skipped due to KSN trusted
18:37:10.0303 0x138c  hpqddsvc - ok
18:37:10.0368 0x138c  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:37:10.0456 0x138c  HpqKbFiltr - ok
18:37:10.0511 0x138c  [ 115C0933B3ED51DFBEC4449348C8065B, 5C937F9DA4DC43CA11B6667D7DF41FC8D0E88994D0A854FDD0F3024D76DE0353 ] HpqRemHid       C:\Windows\system32\DRIVERS\HpqRemHid.sys
18:37:10.0552 0x138c  HpqRemHid - ok
18:37:10.0582 0x138c  [ D50FDAD1E57AA60F1973CFC77D905F0E, 50700337E984F71020BC0F714E0747A99E48711EAC590B22F3F104B3CFFDAF5B ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:37:10.0598 0x138c  hpqwmiex - ok
18:37:10.0680 0x138c  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv           C:\Windows\system32\Hpservice.exe
18:37:10.0693 0x138c  hpsrv - ok
18:37:10.0786 0x138c  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:37:10.0913 0x138c  HSFHWAZL - ok
18:37:10.0980 0x138c  [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:37:11.0124 0x138c  HSF_DPV - ok
18:37:11.0284 0x138c  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:37:11.0345 0x138c  HTTP - ok
18:37:11.0402 0x138c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:37:11.0417 0x138c  i2omp - ok
18:37:11.0517 0x138c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:37:11.0598 0x138c  i8042prt - ok
18:37:11.0802 0x138c  [ CB686F44BF955EA02520710A56874FA4, D898E897171B07136FCB94726AB16738C923A170B166EB5D758E404C8A6EFD0F ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:37:11.0845 0x138c  IAANTMON - ok
18:37:11.0887 0x138c  [ DB0CC620B27A928D968C1A1E9CD9CB87, 62F2FAF027C217A3A035759AF47D848AEFFA7A94C54B4C424B67459D464B8AA8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:37:11.0906 0x138c  iaStor - ok
18:37:11.0958 0x138c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:37:11.0980 0x138c  iaStorV - ok
18:37:12.0125 0x138c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:37:12.0156 0x138c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:37:14.0894 0x138c  Detect skipped due to KSN trusted
18:37:14.0894 0x138c  IDriverT - ok
18:37:15.0153 0x138c  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:37:15.0202 0x138c  idsvc - ok
18:37:15.0483 0x138c  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140721.001\IDSvix86.sys
18:37:15.0511 0x138c  IDSVix86 - ok
18:37:15.0734 0x138c  [ A74F485DC208EA867C72C1FE4529B68A, C74F9A44FC088E730E4B7E26F3120DB385F4037CE60FC22785BA405F1FC8E232 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
18:37:16.0091 0x138c  igfx - ok
18:37:16.0149 0x138c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:37:16.0164 0x138c  iirsp - ok
18:37:16.0275 0x138c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:37:16.0339 0x138c  IKEEXT - ok
18:37:16.0403 0x138c  [ 8DAB99684CFE8B4DDD5D6D0C5D55FDAC, 1FE5ED643332F9851B6895F2C0340D81EFD47C5A5F9DAC0F292AFE818C98E04F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:37:16.0454 0x138c  IntcHdmiAddService - ok
18:37:16.0534 0x138c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
18:37:16.0549 0x138c  intelide - ok
18:37:16.0629 0x138c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:37:16.0676 0x138c  intelppm - ok
18:37:16.0738 0x138c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:37:16.0769 0x138c  IPBusEnum - ok
18:37:16.0793 0x138c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:37:16.0824 0x138c  IpFilterDriver - ok
18:37:16.0912 0x138c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:37:16.0959 0x138c  iphlpsvc - ok
18:37:16.0965 0x138c  IpInIp - ok
18:37:17.0042 0x138c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:37:17.0093 0x138c  IPMIDRV - ok
18:37:17.0119 0x138c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:37:17.0174 0x138c  IPNAT - ok
18:37:17.0295 0x138c  [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:37:17.0328 0x138c  iPod Service - ok
18:37:17.0407 0x138c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:37:17.0436 0x138c  IRENUM - ok
18:37:17.0489 0x138c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:37:17.0506 0x138c  isapnp - ok
18:37:17.0604 0x138c  [ B3C02712CAA7E2949F2D95F9AE99E0F6, FAA0C8471D957363690037FA0496A53FA1C71B5590FDA70FF14C633F37735A78 ] iscFlash        C:\SwSetup\sp42557\iscflash.sys
18:37:17.0667 0x138c  iscFlash - detected UnsignedFile.Multi.Generic ( 1 )
18:37:20.0496 0x138c  Detect skipped due to KSN trusted
18:37:20.0497 0x138c  iscFlash - ok
18:37:20.0857 0x138c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:37:20.0917 0x138c  iScsiPrt - ok
18:37:20.0963 0x138c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:37:21.0001 0x138c  iteatapi - ok
18:37:21.0049 0x138c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:37:21.0088 0x138c  iteraid - ok
18:37:21.0132 0x138c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:37:21.0172 0x138c  kbdclass - ok
18:37:21.0236 0x138c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:37:21.0320 0x138c  kbdhid - ok
18:37:21.0387 0x138c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
18:37:21.0584 0x138c  KeyIso - ok
18:37:21.0695 0x138c  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:37:21.0782 0x138c  KSecDD - ok
18:37:21.0958 0x138c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:37:22.0093 0x138c  KtmRm - ok
18:37:22.0202 0x138c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:37:22.0282 0x138c  LanmanServer - ok
18:37:22.0536 0x138c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:37:22.0625 0x138c  LanmanWorkstation - ok
18:37:24.0564 0x138c  [ 9188D073CD14F886790D6037D1986063, ED956DFBD9A3AF8B6B9C41137AFC2DA959C36D17B6E3A5C0A8425D70BD99AF9E ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:37:24.0639 0x138c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:37:27.0619 0x138c  Detect skipped due to KSN trusted
18:37:27.0619 0x138c  LightScribeService - ok
18:37:27.0760 0x138c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:37:27.0851 0x138c  lltdio - ok
18:37:27.0931 0x138c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:37:28.0046 0x138c  lltdsvc - ok
18:37:28.0085 0x138c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:37:28.0226 0x138c  lmhosts - ok
18:37:28.0281 0x138c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:37:28.0324 0x138c  LSI_FC - ok
18:37:28.0395 0x138c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:37:28.0449 0x138c  LSI_SAS - ok
18:37:28.0528 0x138c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:37:28.0571 0x138c  LSI_SCSI - ok
18:37:28.0610 0x138c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:37:28.0725 0x138c  luafv - ok
18:37:28.0781 0x138c  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:37:28.0813 0x138c  MBAMProtector - ok
18:37:29.0096 0x138c  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
18:37:29.0300 0x138c  MBAMScheduler - ok
18:37:29.0611 0x138c  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
18:37:29.0705 0x138c  MBAMService - ok
18:37:29.0824 0x138c  [ 799613BA73D25641402AA81B6403EFF8, 55FFF9248C0798346888071A60BF42C809C5D4C7BBA92C97B617F7B6681E00F3 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:37:29.0855 0x138c  MBAMWebAccessControl - ok
18:37:30.0001 0x138c  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:37:30.0065 0x138c  MDM - detected UnsignedFile.Multi.Generic ( 1 )
18:37:33.0057 0x138c  Detect skipped due to KSN trusted
18:37:33.0057 0x138c  MDM - ok
18:37:33.0153 0x138c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
18:37:33.0191 0x138c  megasas - ok
18:37:33.0282 0x138c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:37:33.0348 0x138c  MegaSR - ok
18:37:33.0486 0x138c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:37:33.0519 0x138c  Microsoft Office Groove Audit Service - ok
18:37:33.0573 0x138c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
18:37:33.0679 0x138c  MMCSS - ok
18:37:33.0722 0x138c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
18:37:33.0853 0x138c  Modem - ok
18:37:33.0955 0x138c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:37:34.0034 0x138c  monitor - ok
18:37:34.0229 0x138c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:37:34.0268 0x138c  mouclass - ok
18:37:34.0333 0x138c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:37:34.0406 0x138c  mouhid - ok
18:37:34.0463 0x138c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:37:34.0503 0x138c  MountMgr - ok
18:37:34.0567 0x138c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:37:34.0609 0x138c  mpio - ok
18:37:34.0656 0x138c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:37:34.0744 0x138c  mpsdrv - ok
18:37:34.0921 0x138c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:37:35.0048 0x138c  MpsSvc - ok
18:37:35.0163 0x138c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:37:35.0197 0x138c  Mraid35x - ok
18:37:35.0391 0x138c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:37:35.0478 0x138c  MRxDAV - ok
18:37:35.0559 0x138c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:37:35.0716 0x138c  mrxsmb - ok
18:37:35.0759 0x138c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:37:35.0843 0x138c  mrxsmb10 - ok
18:37:35.0915 0x138c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:37:35.0997 0x138c  mrxsmb20 - ok
18:37:36.0081 0x138c  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:37:36.0118 0x138c  msahci - ok
18:37:36.0168 0x138c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:37:36.0210 0x138c  msdsm - ok
18:37:36.0248 0x138c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
18:37:36.0328 0x138c  MSDTC - ok
18:37:36.0405 0x138c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:37:36.0497 0x138c  Msfs - ok
18:37:36.0609 0x138c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:37:36.0667 0x138c  msisadrv - ok
18:37:36.0764 0x138c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:37:36.0872 0x138c  MSiSCSI - ok
18:37:36.0900 0x138c  msiserver - ok
18:37:37.0014 0x138c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:37:37.0119 0x138c  MSKSSRV - ok
18:37:37.0168 0x138c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:37:37.0255 0x138c  MSPCLOCK - ok
18:37:37.0289 0x138c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:37:37.0358 0x138c  MSPQM - ok
18:37:37.0547 0x138c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:37:37.0599 0x138c  MsRPC - ok
18:37:37.0724 0x138c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:37:37.0761 0x138c  mssmbios - ok
18:37:38.0023 0x138c  MSSQL$MSSMLBIZ - ok
18:37:38.0233 0x138c  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:37:38.0269 0x138c  MSSQLServerADHelper - ok
18:37:38.0356 0x138c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:37:38.0454 0x138c  MSTEE - ok
18:37:38.0527 0x138c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:37:38.0568 0x138c  Mup - ok
18:37:38.0812 0x138c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
18:37:38.0932 0x138c  napagent - ok
18:37:39.0057 0x138c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:37:39.0162 0x138c  NativeWifiP - ok
18:37:39.0369 0x138c  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\NAVENG.SYS
18:37:39.0405 0x138c  NAVENG - ok
18:37:39.0801 0x138c  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\NAVEX15.SYS
18:37:39.0958 0x138c  NAVEX15 - ok
18:37:40.0138 0x138c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:37:40.0252 0x138c  NDIS - ok
18:37:40.0299 0x138c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:37:40.0387 0x138c  NdisTapi - ok
18:37:40.0448 0x138c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:37:40.0604 0x138c  Ndisuio - ok
18:37:40.0695 0x138c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:37:40.0782 0x138c  NdisWan - ok
18:37:40.0875 0x138c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:38:15.0045 0x138c  NDProxy - ok
18:38:15.0350 0x138c  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:38:15.0457 0x138c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:38:32.0932 0x138c  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:38:32.0932 0x138c  Force sending object to P2P due to detect: Net Driver HPZ12
18:38:47.0481 0x138c  Object send P2P result: true
18:38:58.0004 0x138c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:38:59.0810 0x138c  NetBIOS - ok
18:38:59.0985 0x138c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:39:00.0163 0x138c  netbt - ok
18:39:00.0274 0x138c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
18:39:00.0388 0x138c  Netlogon - ok
18:39:00.0516 0x138c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
18:39:00.0610 0x138c  Netman - ok
18:39:01.0270 0x138c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:39:01.0297 0x138c  NetMsmqActivator - ok
18:39:01.0342 0x138c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:39:01.0370 0x138c  NetPipeActivator - ok
18:39:01.0481 0x138c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
18:39:01.0544 0x138c  netprofm - ok
18:39:01.0555 0x138c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:39:01.0651 0x138c  NetTcpActivator - ok
18:39:01.0703 0x138c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:39:01.0729 0x138c  NetTcpPortSharing - ok
18:39:01.0820 0x138c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:39:01.0848 0x138c  nfrd960 - ok
18:39:02.0343 0x138c  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] NIS             C:\Program Files\Norton Internet Security\Engine\21.4.0.13\NIS.exe
18:39:02.0381 0x138c  NIS - ok
18:39:02.0471 0x138c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:39:02.0628 0x138c  NlaSvc - ok
18:39:03.0429 0x138c  [ CD569FA91EC6F59D045C19D0D3850F44, 8DDD03BB5EB614689D62FD9BDD89A2AF960EC07BA18792AFAA87D1E565E74EBC ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
18:39:03.0651 0x138c  nmservice - ok
18:39:04.0056 0x138c  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
18:39:04.0326 0x138c  nmwcd - ok
18:39:04.0495 0x138c  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
18:39:04.0567 0x138c  nmwcdc - ok
18:39:04.0926 0x138c  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
18:39:05.0022 0x138c  nmwcdnsu - ok
18:39:05.0123 0x138c  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
18:39:05.0171 0x138c  nmwcdnsuc - ok
18:39:05.0250 0x138c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:39:05.0339 0x138c  Npfs - ok
18:39:05.0455 0x138c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
18:39:05.0494 0x138c  nsi - ok
18:39:05.0572 0x138c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:39:05.0738 0x138c  nsiproxy - ok
18:39:05.0969 0x138c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:39:06.0045 0x138c  Ntfs - ok
18:39:06.0206 0x138c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
18:39:06.0304 0x138c  ntrigdigi - ok
18:39:06.0858 0x138c  [ A66FCAB18F99477770BDEE6527E94C54, F15B8455B27391857E2CEF6342E6A59DE01EBC3616FFEE575F78479411905813 ] NU16StartManagerSvc C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
18:39:06.0913 0x138c  NU16StartManagerSvc - ok
18:39:07.0114 0x138c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
18:39:07.0187 0x138c  Null - ok
18:39:07.0377 0x138c  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
18:39:07.0530 0x138c  NVENETFD - ok
18:39:07.0621 0x138c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:39:07.0644 0x138c  nvraid - ok
18:39:07.0703 0x138c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:39:07.0727 0x138c  nvstor - ok
18:39:07.0805 0x138c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:39:07.0833 0x138c  nv_agp - ok
18:39:07.0843 0x138c  NwlnkFlt - ok
18:39:07.0855 0x138c  NwlnkFwd - ok
18:39:08.0004 0x138c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:39:08.0168 0x138c  odserv - ok
18:39:08.0503 0x138c  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:39:08.0548 0x138c  ohci1394 - ok
18:39:08.0784 0x138c  OracleJobSchedulerDATABASE1 - ok
18:39:08.0792 0x138c  OracleMTSRecoveryService - ok
18:39:08.0961 0x138c  OracleOraDb11g_home1ClrAgent - ok
18:39:08.0971 0x138c  OracleOraDb11g_home1TNSListener - ok
18:39:08.0981 0x138c  OracleServiceDATABASE1 - ok
18:39:08.0988 0x138c  OracleVssWriterDATABASE1 - ok
18:39:09.0129 0x138c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:39:09.0156 0x138c  ose - ok
18:39:09.0340 0x138c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:39:09.0548 0x138c  p2pimsvc - ok
18:39:09.0579 0x138c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:39:09.0788 0x138c  p2psvc - ok
18:39:09.0869 0x138c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
18:39:10.0011 0x138c  Parport - ok
18:39:10.0140 0x138c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:39:10.0162 0x138c  partmgr - ok
18:39:10.0271 0x138c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
18:39:10.0391 0x138c  Parvdm - ok
18:39:10.0478 0x138c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:39:10.0556 0x138c  PcaSvc - ok
18:39:10.0639 0x138c  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
18:39:10.0658 0x138c  pccsmcfd - ok
18:39:10.0806 0x138c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
18:39:10.0834 0x138c  pci - ok
18:39:10.0916 0x138c  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:39:10.0937 0x138c  pciide - ok
18:39:10.0976 0x138c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:39:11.0001 0x138c  pcmcia - ok
18:39:11.0259 0x138c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:39:11.0403 0x138c  PEAUTH - ok
18:39:11.0625 0x138c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
18:39:11.0770 0x138c  pla - ok
18:39:12.0080 0x138c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:39:12.0143 0x138c  PlugPlay - ok
18:39:12.0353 0x138c  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:39:12.0695 0x138c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:39:15.0610 0x138c  Detect skipped due to KSN trusted
18:39:15.0610 0x138c  Pml Driver HPZ12 - ok
18:39:15.0707 0x138c  [ 3DE33BCE4A930EDF57BD1F742823BCD8, EFE61739AF790DF4E8E22EE8DB3D5361C8FD0755CB5E34305F4A3C04365BF6F1 ] pnarp           C:\Windows\system32\DRIVERS\pnarp.sys
18:39:15.0723 0x138c  pnarp - ok
18:39:15.0918 0x138c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:39:15.0969 0x138c  PNRPAutoReg - ok
18:39:16.0001 0x138c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:39:16.0051 0x138c  PNRPsvc - ok
18:39:16.0149 0x138c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:39:16.0265 0x138c  PolicyAgent - ok
18:39:16.0369 0x138c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:39:16.0455 0x138c  PptpMiniport - ok
18:39:16.0482 0x138c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
18:39:16.0519 0x138c  Processor - ok
18:39:16.0585 0x138c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
18:39:16.0670 0x138c  ProfSvc - ok
18:39:16.0875 0x138c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
18:39:16.0897 0x138c  ProtectedStorage - ok
18:39:17.0058 0x138c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:39:17.0103 0x138c  PSched - ok
18:39:17.0239 0x138c  [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC, F4FD4D9F3C201CB95B8A6ABD6D89500A1F1C12BFA71429537D9834551163FC69 ] purendis        C:\Windows\system32\DRIVERS\purendis.sys
18:39:17.0254 0x138c  purendis - ok
18:39:17.0860 0x138c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:39:19.0214 0x138c  ql2300 - ok
18:39:19.0343 0x138c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:39:19.0364 0x138c  ql40xx - ok
18:39:20.0238 0x138c  [ 2D757E14216E643E7885EBC0CFB0B906, 2184BEB2D3A9F24AEDDF672AF2DE9677650262B6A25BB82FC5D403856DB56847 ] QPCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
18:39:20.0263 0x138c  QPCapSvc - ok
18:39:20.0293 0x138c  [ EA8B29EAD23DA9DA2F5DF1DA7C82E308, 14075D40D285A4EAD93CEB7DEA8AEFA023C5B9A3C5CD0F45BCE70948D84F88B0 ] QPSched         C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
18:39:20.0344 0x138c  QPSched - ok
18:39:20.0585 0x138c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
18:39:20.0657 0x138c  QWAVE - ok
18:39:20.0714 0x138c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:39:20.0736 0x138c  QWAVEdrv - ok
18:39:20.0813 0x138c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:39:20.0884 0x138c  RasAcd - ok
18:39:21.0074 0x138c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
18:39:21.0117 0x138c  RasAuto - ok
18:39:21.0150 0x138c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:39:21.0272 0x138c  Rasl2tp - ok
18:39:21.0440 0x138c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
18:39:21.0483 0x138c  RasMan - ok
18:39:21.0553 0x138c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:39:21.0630 0x138c  RasPppoe - ok
18:39:21.0693 0x138c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:39:21.0717 0x138c  RasSstp - ok
18:39:21.0835 0x138c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:39:21.0890 0x138c  rdbss - ok
18:39:21.0952 0x138c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:39:22.0024 0x138c  RDPCDD - ok
18:39:22.0080 0x138c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:39:22.0126 0x138c  rdpdr - ok
18:39:22.0187 0x138c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:39:22.0221 0x138c  RDPENCDD - ok
18:39:22.0352 0x138c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:39:22.0419 0x138c  RDPWD - ok
18:39:22.0754 0x138c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
18:39:22.0770 0x138c  RealNetworks Downloader Resolver Service - ok
18:39:22.0985 0x138c  [ B9570481A1BABCC4A9E941C553596077, B9A89B8C683F634504F7563EDAFB09F0AC8165F34F03177C96D4109CE1BE5D74 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
18:39:23.0014 0x138c  Recovery Service for Windows - ok
18:39:23.0076 0x138c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:39:23.0164 0x138c  RemoteAccess - ok
18:39:23.0578 0x138c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:39:23.0618 0x138c  RemoteRegistry - ok
18:39:23.0746 0x138c  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:39:23.0781 0x138c  RFCOMM - ok
18:39:24.0057 0x138c  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:39:24.0082 0x138c  RichVideo - ok
18:39:24.0151 0x138c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
18:39:24.0366 0x138c  RpcLocator - ok
18:39:24.0531 0x138c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
18:39:24.0597 0x138c  RpcSs - ok
18:39:24.0744 0x138c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:39:24.0812 0x138c  rspndr - ok
18:39:24.0981 0x138c  [ A1ADC7B4C074744662207DA6EDCDFBB0, 2FB2C3925F8FB4E060227E7972FC1C3E142BD70C5D1F11193D2176A3A36BD299 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
18:39:25.0140 0x138c  RTL8169 - ok
18:39:25.0324 0x138c  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
18:39:25.0501 0x138c  RTSTOR - ok
18:39:25.0532 0x138c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
18:39:25.0552 0x138c  SamSs - ok
18:39:25.0599 0x138c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:39:25.0620 0x138c  sbp2port - ok
18:39:25.0728 0x138c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:39:25.0819 0x138c  SCardSvr - ok
18:39:26.0065 0x138c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
18:39:26.0120 0x138c  Schedule - ok
18:39:26.0225 0x138c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:39:26.0262 0x138c  SCPolicySvc - ok
18:39:26.0648 0x138c  [ B60E9769655DDEE8368E3ABB6668E076, EECA05B36C6F837FA6DB2EDD78E17E9EA5F0D793B869CB99A08C61AB485A1E67 ] ScrybeUpdater   C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
18:39:26.0725 0x138c  ScrybeUpdater - ok
18:39:26.0827 0x138c  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:39:27.0146 0x138c  sdbus - ok
18:39:27.0195 0x138c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:39:27.0222 0x138c  SDRSVC - ok
18:39:27.0261 0x138c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:39:27.0496 0x138c  secdrv - ok
18:39:27.0628 0x138c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
18:39:27.0702 0x138c  seclogon - ok
18:39:27.0735 0x138c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
18:39:27.0804 0x138c  SENS - ok
18:39:28.0493 0x138c  [ D23FC3F409FDBB2A5C230ABC137C4B45, A970109D96F7E01D3A391798FFBEC0303BECB239B966FA3FE4DC1ED494429D74 ] Sentinel        C:\Windows\System32\Drivers\SENTINEL.SYS
18:39:28.0510 0x138c  Sentinel - ok
18:39:28.0640 0x138c  [ 881F7E7A2A9F9E91189B4FBB70EB5F47, 379832A928E486E1B1CC98A00303ECBD6F565E3AF2881C407D18D139E4F594BB ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
18:39:28.0660 0x138c  SentinelProtectionServer - ok
18:39:28.0765 0x138c  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:39:28.0823 0x138c  Serenum - ok
18:39:28.0927 0x138c  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
18:39:29.0060 0x138c  Serial - ok
18:39:29.0177 0x138c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:39:29.0213 0x138c  sermouse - ok
18:39:29.0593 0x138c  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
18:39:29.0666 0x138c  ServiceLayer - ok
18:39:29.0772 0x138c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:39:29.0841 0x138c  SessionEnv - ok
18:39:29.0914 0x138c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:39:29.0970 0x138c  sffdisk - ok
18:39:29.0996 0x138c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:39:30.0031 0x138c  sffp_mmc - ok
18:39:30.0107 0x138c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:39:30.0157 0x138c  sffp_sd - ok
18:39:30.0185 0x138c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:39:30.0422 0x138c  sfloppy - ok
18:39:30.0504 0x138c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:39:30.0635 0x138c  SharedAccess - ok
18:39:30.0702 0x138c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:39:30.0778 0x138c  ShellHWDetection - ok
18:39:30.0823 0x138c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:39:30.0843 0x138c  sisagp - ok
18:39:31.0048 0x138c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:39:31.0069 0x138c  SiSRaid2 - ok
18:39:31.0145 0x138c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:39:31.0167 0x138c  SiSRaid4 - ok
18:39:31.0325 0x138c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:39:31.0356 0x138c  SkypeUpdate - ok
18:39:32.0023 0x138c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
18:39:33.0020 0x138c  slsvc - ok
18:39:33.0096 0x138c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:39:33.0260 0x138c  SLUINotify - ok
18:39:33.0337 0x138c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:39:33.0409 0x138c  Smb - ok
18:39:33.0556 0x138c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:39:33.0680 0x138c  SNMPTRAP - ok
18:39:34.0288 0x138c  [ CF3AF4684F80F2D965539C6AFD5E9B5D, 7469BB8ECA5EEC5BD2A5ADB4DFCF2EB1ABEDDC2431E0902BA09F04087458835B ] SpeedDiskService C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
18:39:34.0894 0x138c  SpeedDiskService - ok
18:39:34.0951 0x138c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:39:34.0971 0x138c  spldr - ok
18:39:35.0160 0x138c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
18:39:35.0219 0x138c  Spooler - ok
18:39:35.0402 0x138c  [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd            C:\Windows\System32\Drivers\sptd.sys
18:39:35.0433 0x138c  sptd - ok
18:39:35.0519 0x138c  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:39:35.0544 0x138c  SQLBrowser - ok
18:39:35.0617 0x138c  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:39:35.0635 0x138c  SQLWriter - ok
18:39:36.0093 0x138c  [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP           C:\Windows\System32\Drivers\NIS\1504000.00D\SRTSP.SYS
18:39:36.0144 0x138c  SRTSP - ok
18:39:36.0253 0x138c  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS
18:39:36.0291 0x138c  SRTSPX - ok
18:39:36.0573 0x138c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:39:36.0686 0x138c  srv - ok
18:39:36.0763 0x138c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:39:36.0821 0x138c  srv2 - ok
18:39:36.0903 0x138c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:39:36.0950 0x138c  srvnet - ok
18:39:37.0118 0x138c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:39:37.0187 0x138c  SSDPSRV - ok
18:39:37.0448 0x138c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:39:37.0846 0x138c  SstpSvc - ok
18:39:38.0312 0x138c  [ 05AE358CD777BF8857F512A18E1DE7AA, 3EA85776E3E2D4A2539DB3D8644B497584149D79F25C310250EAAA6E37646493 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
18:39:38.0380 0x138c  STacSV - ok
18:39:38.0675 0x138c  [ E69A606872650B46DE54EC15DCC93529, 9E070CC909A6722404971DE2C98343C92A0F41F824CF881A7DCBAD9942A656A9 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
18:39:38.0751 0x138c  STHDA - ok
18:39:38.0883 0x138c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
18:39:39.0052 0x138c  stisvc - ok
18:39:39.0207 0x138c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:39:39.0226 0x138c  swenum - ok
18:39:39.0343 0x138c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
18:39:39.0391 0x138c  swprv - ok
18:39:39.0419 0x138c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:39:39.0438 0x138c  Symc8xx - ok
18:39:39.0589 0x138c  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\NIS\1504000.00D\SYMDS.SYS
18:39:39.0637 0x138c  SymDS - ok
18:39:39.0827 0x138c  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\Windows\system32\drivers\NIS\1504000.00D\SYMEFA.SYS
18:39:39.0892 0x138c  SymEFA - ok
18:39:39.0975 0x138c  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
18:39:39.0995 0x138c  SymEvent - ok
18:39:40.0097 0x138c  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS
18:39:40.0121 0x138c  SymIRON - ok
18:39:40.0263 0x138c  [ D3F7FB40012382F7B206200AE794FBD7, B58C1969C766D5BF0BCFE9642D4F2B221E62240A9FCE18738B21DB457F57C22C ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS
18:39:40.0295 0x138c  SYMTDIv - ok
18:39:40.0339 0x138c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:39:40.0359 0x138c  Sym_hi - ok
18:39:40.0466 0x138c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:39:40.0488 0x138c  Sym_u3 - ok
18:39:40.0609 0x138c  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:39:40.0640 0x138c  SynTP - ok
18:39:40.0945 0x138c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
18:39:41.0045 0x138c  SysMain - ok
18:39:41.0150 0x138c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:39:41.0254 0x138c  TabletInputService - ok
18:39:41.0402 0x138c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:39:41.0549 0x138c  TapiSrv - ok
18:39:41.0673 0x138c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
18:39:41.0741 0x138c  TBS - ok
18:39:42.0007 0x138c  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:39:42.0113 0x138c  Tcpip - ok
18:39:42.0159 0x138c  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:39:42.0264 0x138c  Tcpip6 - ok
18:39:42.0358 0x138c  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:39:42.0522 0x138c  tcpipreg - ok
18:39:42.0599 0x138c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:39:42.0674 0x138c  TDPIPE - ok
18:39:42.0744 0x138c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:39:42.0781 0x138c  TDTCP - ok
18:39:42.0874 0x138c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:39:42.0952 0x138c  tdx - ok
18:39:43.0031 0x138c  [ 34F30A078404410FE0D94F4627D91D5C, 3ED601D304C123A6115B79780CDD3AC9EAAD2DC38F3FF984C4F14CCEA6FECAF7 ] tenCapture      C:\Windows\system32\DRIVERS\tenCapture.sys
18:39:43.0052 0x138c  tenCapture - ok
18:39:43.0081 0x138c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:39:43.0103 0x138c  TermDD - ok
18:39:43.0289 0x138c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
18:39:43.0409 0x138c  TermService - ok
18:39:43.0493 0x138c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
18:39:43.0524 0x138c  Themes - ok
18:39:43.0606 0x138c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
18:39:43.0644 0x138c  THREADORDER - ok
18:39:43.0714 0x138c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
18:39:43.0754 0x138c  TrkWks - ok
18:39:44.0611 0x138c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:39:44.0729 0x138c  TrustedInstaller - ok
18:39:44.0888 0x138c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:39:44.0976 0x138c  tssecsrv - ok
18:39:45.0313 0x138c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:39:45.0397 0x138c  tunmp - ok
18:39:45.0529 0x138c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:39:45.0550 0x138c  tunnel - ok
18:39:45.0982 0x138c  [ D7B5C463518517AA606C4A1A5AD13C05, 8A454C62172A3288172671B58958C89155A3CE290809D9CCBE764561EF6BA8A3 ] u302bus         C:\Windows\system32\DRIVERS\u302bus.sys
18:39:46.0036 0x138c  u302bus - ok
18:39:46.0198 0x138c  [ 817F7608F6A0B63A9B4E340E837A6D54, 30520BE9D6A3BAAED83F384F0B713FF766FA1BFA5E2DB575AC6E144D290F0A77 ] u302mdfl        C:\Windows\system32\DRIVERS\u302mdfl.sys
18:39:46.0213 0x138c  u302mdfl - ok
18:39:46.0352 0x138c  [ 0C3F5F21513BEE7E59F3C8275C062631, B279EEA5E8FCA052218BCB7483775D15466D838C39D59DDCDEF2C86450D000D3 ] u302mdm         C:\Windows\system32\DRIVERS\u302mdm.sys
18:39:46.0375 0x138c  u302mdm - ok
18:39:46.0591 0x138c  [ 0F10057D0B998EECE3F97927CBBE6A65, 977A097A587C5DF45A632E03572F77348457ACA10A180393519D12F0D4325F06 ] u302mgmt        C:\Windows\system32\DRIVERS\u302mgmt.sys
18:39:46.0610 0x138c  u302mgmt - ok
18:39:46.0756 0x138c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:39:46.0776 0x138c  uagp35 - ok
18:39:46.0963 0x138c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:39:47.0045 0x138c  udfs - ok
18:39:47.0131 0x138c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:39:47.0169 0x138c  UI0Detect - ok
18:39:47.0176 0x138c  UIUSys - ok
18:39:47.0515 0x138c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:39:47.0538 0x138c  uliagpkx - ok
18:39:47.0660 0x138c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:39:47.0687 0x138c  uliahci - ok
18:39:47.0786 0x138c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:39:47.0808 0x138c  UlSata - ok
18:39:48.0018 0x138c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:39:48.0055 0x138c  ulsata2 - ok
18:39:48.0141 0x138c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:39:48.0235 0x138c  umbus - ok
18:39:48.0377 0x138c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
18:39:48.0453 0x138c  upnphost - ok
18:39:48.0578 0x138c  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
18:39:48.0703 0x138c  upperdev - ok
18:39:48.0840 0x138c  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:39:48.0962 0x138c  usbaudio - ok
18:39:49.0160 0x138c  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:39:49.0253 0x138c  usbccgp - ok
18:39:49.0357 0x138c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:39:49.0435 0x138c  usbcir - ok
18:39:49.0652 0x138c  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:39:49.0673 0x138c  usbehci - ok
18:39:49.0759 0x138c  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:39:49.0825 0x138c  usbhub - ok
18:39:49.0899 0x138c  [ 7BDB7B0E7D45AC0402D78B90789EF47C, 321C70DFB8F21AFF236C815F2BCC5F778177A83C7238177DA73B82A906CC116E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:39:49.0976 0x138c  usbohci - ok
18:39:50.0057 0x138c  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:39:50.0145 0x138c  usbprint - ok
18:39:50.0490 0x138c  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:39:50.0583 0x138c  usbscan - ok
18:39:50.0652 0x138c  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\drivers\usbser.sys
18:39:50.0675 0x138c  usbser - ok
18:39:50.0841 0x138c  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
18:39:50.0883 0x138c  UsbserFilt - ok
18:39:50.0951 0x138c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:39:50.0982 0x138c  USBSTOR - ok
18:39:51.0062 0x138c  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:39:51.0212 0x138c  usbuhci - ok
18:39:51.0479 0x138c  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:39:51.0830 0x138c  usbvideo - ok
18:39:52.0004 0x138c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
18:39:52.0036 0x138c  UxSms - ok
18:39:52.0180 0x138c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
18:39:52.0335 0x138c  vds - ok
18:39:52.0439 0x138c  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1, F13AB033920AA55EA4AE4CACFCBF2D1356ED49BD650618DDBC0A3036AAE7C280 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
18:39:52.0455 0x138c  vfs101x - ok
18:39:52.0512 0x138c  [ 7ED51043FED8FFD9577B4B74779D9AF0, 4520B5EFE9F70303D8DAAA9FDD61507310D941D0B8932A8F5FB670139023E2C9 ] vfsFPService    C:\Windows\system32\vfsFPService.exe
18:39:53.0007 0x138c  vfsFPService - ok
18:39:53.0207 0x138c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:39:53.0242 0x138c  vga - ok
18:39:53.0489 0x138c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:39:53.0524 0x138c  VgaSave - ok
18:39:53.0584 0x138c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:39:53.0604 0x138c  viaagp - ok
18:39:53.0669 0x138c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:39:53.0705 0x138c  ViaC7 - ok
18:39:53.0748 0x138c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
18:39:53.0767 0x138c  viaide - ok
18:39:53.0914 0x138c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:39:53.0969 0x138c  volmgr - ok
18:39:54.0154 0x138c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:39:54.0185 0x138c  volmgrx - ok
18:39:54.0327 0x138c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:39:54.0356 0x138c  volsnap - ok
18:39:54.0633 0x138c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:39:54.0657 0x138c  vsmraid - ok
18:39:54.0962 0x138c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
18:39:55.0089 0x138c  VSS - ok
18:39:55.0187 0x138c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
18:39:55.0262 0x138c  W32Time - ok
18:39:55.0652 0x138c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:39:55.0737 0x138c  WacomPen - ok
18:39:56.0028 0x138c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:39:56.0059 0x138c  Wanarp - ok
18:39:56.0069 0x138c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:39:56.0099 0x138c  Wanarpv6 - ok
18:39:56.0320 0x138c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:39:56.0401 0x138c  wcncsvc - ok
18:39:56.0473 0x138c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:39:56.0584 0x138c  WcsPlugInService - ok
18:39:56.0724 0x138c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
18:39:56.0742 0x138c  Wd - ok
18:39:56.0851 0x138c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:39:56.0899 0x138c  Wdf01000 - ok
18:39:57.0008 0x138c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:39:57.0112 0x138c  WdiServiceHost - ok
18:39:57.0119 0x138c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:39:57.0162 0x138c  WdiSystemHost - ok
18:39:57.0344 0x138c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
18:39:57.0605 0x138c  WebClient - ok
18:39:57.0715 0x138c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:39:57.0745 0x138c  Wecsvc - ok
18:39:57.0796 0x138c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:39:57.0857 0x138c  wercplsupport - ok
18:39:57.0928 0x138c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:39:58.0034 0x138c  WerSvc - ok
18:39:58.0284 0x138c  [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:39:58.0356 0x138c  winachsf - ok
18:39:58.0512 0x138c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:39:58.0541 0x138c  WinDefend - ok
18:39:58.0558 0x138c  WinHttpAutoProxySvc - ok
18:39:58.0723 0x138c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:39:58.0775 0x138c  Winmgmt - ok
18:39:59.0116 0x138c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:39:59.0562 0x138c  WinRM - ok
18:39:59.0706 0x138c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:40:09.0342 0x138c  Wlansvc - ok
18:40:09.0664 0x138c  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:40:09.0682 0x138c  wlcrasvc - ok
18:40:10.0423 0x138c  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:40:10.0736 0x138c  wlidsvc - ok
18:40:10.0870 0x138c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:40:25.0773 0x138c  WmiAcpi - ok
18:40:25.0901 0x138c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:40:29.0323 0x138c  wmiApSrv - ok
18:40:29.0590 0x138c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:40:30.0357 0x138c  WMPNetworkSvc - ok
18:40:30.0730 0x138c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:40:30.0789 0x138c  WPCSvc - ok
18:40:30.0871 0x138c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:40:30.0897 0x138c  WPDBusEnum - ok
18:40:30.0996 0x138c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
18:40:31.0055 0x138c  WpdUsb - ok
18:40:31.0724 0x138c  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:40:31.0807 0x138c  WPFFontCache_v0400 - ok
18:40:31.0883 0x138c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:40:31.0941 0x138c  ws2ifsl - ok
18:40:32.0088 0x138c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
18:40:32.0114 0x138c  wscsvc - ok
18:40:32.0121 0x138c  WSearch - ok
18:40:33.0197 0x138c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:40:33.0508 0x138c  wuauserv - ok
18:40:33.0642 0x138c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:40:33.0699 0x138c  WudfPf - ok
18:40:33.0771 0x138c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:40:33.0797 0x138c  WUDFRd - ok
18:40:34.0263 0x138c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:40:34.0307 0x138c  wudfsvc - ok
18:40:35.0549 0x138c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:40:35.0599 0x138c  YahooAUService - ok
18:40:35.0643 0x138c  ================ Scan global ===============================
18:40:35.0738 0x138c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
18:40:35.0791 0x138c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:40:35.0824 0x138c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:40:35.0971 0x138c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
18:40:35.0987 0x138c  [ Global ] - ok
18:40:35.0987 0x138c  ================ Scan MBR ==================================
18:40:36.0056 0x138c  [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
18:40:36.0522 0x138c  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:40:36.0522 0x138c  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:40:39.0079 0x138c  ================ Scan VBR ==================================
18:40:39.0256 0x138c  [ ADF01DD8CEDF5B1F655C9E7FFB76ADE3 ] \Device\Harddisk0\DR0\Partition1
18:40:39.0340 0x138c  \Device\Harddisk0\DR0\Partition1 - ok
18:40:39.0371 0x138c  [ F431A8787B1E3E7DC7EB173AEF1946FC ] \Device\Harddisk0\DR0\Partition2
18:40:39.0505 0x138c  \Device\Harddisk0\DR0\Partition2 - ok
18:40:39.0505 0x138c  ================ Scan generic autorun ======================
18:40:40.0222 0x138c  [ 94444693EA13A72F6820DFF844A1122E, DAB1D45F39CA196C6EF22F4E817C32558D87051B98FC525A07ABBAE1A52B59AB ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:40:40.0633 0x138c  SynTPEnh - ok
18:40:40.0836 0x138c  [ 6E1AC019C8FD1997BF5A17DA93627510, 28E8C2CDF1203318C1CDE525D08236057A9B6938201ABB216B810655A51F27B4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
18:40:40.0856 0x138c  IAAnotif - ok
18:40:41.0733 0x138c  [ 6FC398F279D5F5E53E61683B5450195D, 94F65501B0BFC94A56B3B6DCBC892C3C4F877D3CBDFAE785EAB1F2793C25F5F4 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
18:40:41.0754 0x138c  QlbCtrl.exe - ok
18:40:41.0990 0x138c  [ 544C1EF07AEC178A83538A251A72CE13, 7F77C7EB03DA70717CA66ABD57D1AC0E531DDA09BBC635BD320FD82E94A06D10 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
18:40:42.0025 0x138c  OnScreenDisplay - ok
18:40:42.0271 0x138c  [ 1D48CA37FAA59919C1138357ED67E14A, 2771DF3AAB6445C8F1EF93527B9F9249C5CE28A5CC615C1618DD7C9682737440 ] C:\Program Files\DigitalPersona\Bin\dpagent.exe
18:40:42.0348 0x138c  DpAgent - detected UnsignedFile.Multi.Generic ( 1 )
18:40:44.0934 0x138c  Detect skipped due to KSN trusted
18:40:44.0934 0x138c  DpAgent - ok
18:40:45.0073 0x138c  [ 080E68A15793648B1A1570574A6EADB2, 688C29A1FAC15E6E21762E969B1B75267E05FB62330BF89AA2BDED67B753BBE2 ] C:\Program Files\HP\QuickPlay\QPService.exe
18:40:45.0191 0x138c  QPService - ok
18:40:46.0698 0x138c  [ 73BFDC88C6EF9715CDF57134A438837A, 8F1F04F3C89C430A6A04090A9B3D2BDDDE0FA44441569195E6CDF7E7CBA9779F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
18:40:46.0771 0x138c  nmctxth - ok
18:40:46.0851 0x138c  [ 80185BCC7C7BF9C9D2AD71F5588E9A2C, 3AD43BA764367BE252511FEEC83C9F7FB49C3D082C66D1A385C55299B99E3941 ] C:\Windows\system32\igfxtray.exe
18:40:46.0873 0x138c  IgfxTray - ok
18:40:46.0936 0x138c  [ FF786D5E81771EE804E568DD5D4784DA, F1A87C50D7FC08759843800AA1D9D817881321CCFD7D0F0594C0E70C66F8259E ] C:\Windows\system32\hkcmd.exe
18:40:46.0957 0x138c  HotKeysCmds - ok
18:40:47.0034 0x138c  [ D6B2D8A7B6C6F397FE47143CA360C9E9, 1C457E73F787079868B2C8F5A5A7768C060B16DE64C63AF2F701B16B6A505664 ] C:\Windows\system32\igfxpers.exe
18:40:47.0055 0x138c  Persistence - ok
18:40:47.0352 0x138c  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
18:40:47.0402 0x138c  GrooveMonitor - ok
18:40:47.0652 0x138c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:40:47.0745 0x138c  Adobe ARM - ok
18:40:48.0175 0x138c  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
18:40:48.0218 0x138c  Windows Mobile-based device management - ok
18:40:48.0681 0x138c  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files\Real\realplayer\update\realsched.exe
18:40:48.0725 0x138c  TkBellExe - ok
18:40:49.0035 0x138c  [ BF9C0C31202259D2BE2B7072499504CE, F48E35458B821F2EBBF49E66B60FD6B12B91E817346F9D79DDA39B2F1F767FE2 ] C:\Program Files\IDT\WDM\sttray.exe
18:40:49.0243 0x138c  SysTrayApp - ok
18:40:49.0531 0x138c  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:40:49.0564 0x138c  AdobeAAMUpdater-1.0 - ok
18:40:49.0815 0x138c  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
18:40:49.0846 0x138c  AdobeCS5ServiceManager - ok
18:40:50.0378 0x138c  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
18:40:50.0512 0x138c  AdobeCS6ServiceManager - ok
18:40:50.0761 0x138c  [ A025DF526B0FB3DAC3169AE4330FF7A4, 4E78E592259B402BA5D69DB0E4BA754E86406D807A42463EB36BBDA925F3C0EB ] C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
18:40:50.0780 0x138c  SSDMonitor - ok
18:40:51.0219 0x138c  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:40:51.0244 0x138c  SunJavaUpdateSched - ok
18:40:51.0346 0x138c  [ 688FCBCC9F062F47A9B2F2923B13EFF9, 628906E75B2ADE34BB69E211DA486EE452B2BE21DF3B186FE85178089B8A0541 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
18:40:51.0372 0x138c  ISUSPM - ok
18:40:51.0684 0x138c  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
18:40:51.0704 0x138c  Google Update - ok
18:40:51.0785 0x138c  [ 68C54757AD5F0A434B7406A4B7177BC2, 90978BF0502FB4FD7C55BB53EE613572A499E2038C7CDD4D3CC96ED5AB2F2939 ] C:\Program Files\WordWeb\wweb32.exe
18:40:51.0803 0x138c  WordWeb - ok
18:40:52.0369 0x138c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:40:52.0552 0x138c  Sidebar - ok
18:40:52.0559 0x138c  WindowsWelcomeCenter - ok
18:40:53.0004 0x138c  [ 6105AFCB022541D34206741185D2EC72, AC90A982BCC1A23A6B70455D2EB548C88168297BB2729A4B4F3E64572D0FEFDC ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
18:40:53.0405 0x138c  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
18:40:55.0971 0x138c  Detect skipped due to KSN trusted
18:40:55.0971 0x138c  LightScribe Control Panel - ok
18:40:55.0972 0x138c  Waiting for KSN requests completion. In queue: 23
18:40:56.0972 0x138c  Waiting for KSN requests completion. In queue: 23
18:40:57.0972 0x138c  Waiting for KSN requests completion. In queue: 23
18:40:58.0990 0x138c  AV detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x50000 ( disabled : updated )
18:40:58.0994 0x138c  FW detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x50010 ( disabled )
18:40:59.0000 0x138c  Win FW state via NFP2: enabled
18:41:01.0553 0x138c  ============================================================
18:41:01.0553 0x138c  Scan finished
18:41:01.0553 0x138c  ============================================================
18:41:01.0572 0x16d4  Detected object count: 2
18:41:01.0572 0x16d4  Actual detected object count: 2
18:42:14.0758 0x16d4  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:42:14.0758 0x16d4  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:42:14.0761 0x16d4  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:42:14.0762 0x16d4  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 

  • 0

#12
pystryker
Posted 22 July 2014 - 08:58 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hi :)

Thank you for the log, we've got an infection that TDSSKiller picked up, so we're going to get rid of the bugger. :thumbsup:


Step 1: Run TDSSKiller


Please re-open TDSSKiller and run the scan as before, but when \Device\Harddisk0\DR0 (TDSS File System) is detected, please choose Delete. Leave All Others detected as Skip.

After it is finished please post that log in your next reply.

Also, after the machine reboots, let me know how it's running.


Things I need to see in your next post

TDSSKiller Log

Question: How is the computer performing?
  • 0

#13
sayan.dg
Posted 23 July 2014 - 05:45 AM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hi Pystryker

 

i have deleted the entry you asked but i had forgotten to disable the norton .. so as soon as i deleted the norton found  3 security threats i am attaching a pic of the norton alert

Untitled.jpg

 

Also here is the log ..thanks

 

12:10:12.0571 0x13b4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:10:19.0011 0x13b4  ============================================================
12:10:19.0011 0x13b4  Current date / time: 2014/07/23 12:10:19.0011
12:10:19.0011 0x13b4  SystemInfo:
12:10:19.0011 0x13b4  
12:10:19.0011 0x13b4  OS Version: 6.0.6002 ServicePack: 2.0
12:10:19.0011 0x13b4  Product type: Workstation
12:10:19.0012 0x13b4  ComputerName: SAYANLAPTOP-PC
12:10:19.0012 0x13b4  UserName: User
12:10:19.0012 0x13b4  Windows directory: C:\Windows
12:10:19.0012 0x13b4  System windows directory: C:\Windows
12:10:19.0012 0x13b4  Processor architecture: Intel x86
12:10:19.0012 0x13b4  Number of processors: 2
12:10:19.0012 0x13b4  Page size: 0x1000
12:10:19.0012 0x13b4  Boot type: Normal boot
12:10:19.0012 0x13b4  ============================================================
12:10:19.0941 0x13b4  KLMD registered as C:\Windows\system32\drivers\86113883.sys
12:10:20.0663 0x13b4  System UUID: {83019E79-A93C-C6D8-426E-4E1773084FA0}
12:10:22.0610 0x13b4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:10:22.0614 0x13b4  ============================================================
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0:
12:10:22.0614 0x13b4  MBR partitions:
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BF9DFC1
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BF9E000, BlocksNum 0x1226000
12:10:22.0614 0x13b4  ============================================================
12:10:22.0640 0x13b4  C: <-> \Device\Harddisk0\DR0\Partition1
12:10:22.0737 0x13b4  D: <-> \Device\Harddisk0\DR0\Partition2
12:10:22.0737 0x13b4  ============================================================
12:10:22.0737 0x13b4  Initialize success
12:10:22.0737 0x13b4  ============================================================
12:11:13.0045 0x1258  ============================================================
12:11:13.0045 0x1258  Scan started
12:11:13.0045 0x1258  Mode: Manual; SigCheck; TDLFS; 
12:11:13.0045 0x1258  ============================================================
12:11:13.0045 0x1258  KSN ping started
12:11:17.0630 0x1258  KSN ping finished: true
12:11:18.0356 0x1258  ================ Scan system memory ========================
12:11:18.0356 0x1258  System memory - ok
12:11:18.0356 0x1258  ================ Scan services =============================
12:11:18.0692 0x1258  [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
12:11:18.0885 0x1258  Accelerometer - ok
12:11:18.0996 0x1258  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:11:19.0040 0x1258  ACPI - ok
12:11:19.0611 0x1258  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:11:19.0632 0x1258  AdobeARMservice - ok
12:11:19.0776 0x1258  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:19.0801 0x1258  AdobeFlashPlayerUpdateSvc - ok
12:11:19.0897 0x1258  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:11:19.0969 0x1258  adp94xx - ok
12:11:20.0036 0x1258  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:11:20.0066 0x1258  adpahci - ok
12:11:20.0083 0x1258  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:11:20.0109 0x1258  adpu160m - ok
12:11:20.0128 0x1258  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:11:20.0152 0x1258  adpu320 - ok
12:11:20.0217 0x1258  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:11:20.0331 0x1258  AeLookupSvc - ok
12:11:20.0431 0x1258  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
12:11:20.0683 0x1258  AFD - ok
12:11:20.0767 0x1258  [ 8ED60797908FD394EEE0D6949F493224, E07C471050F8D13F0BE52BC2CF88BA0EB8612B4957C43FF16B90197C57738C99 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:11:21.0028 0x1258  AgereModemAudio - ok
12:11:21.0161 0x1258  [ 3712986CC3ABF0DC656B43525B9D1279, 6E8DB863BBF5FFD1F7CA841980946B25C93051BCBC67D7691B565984A78B7CFF ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
12:11:21.0496 0x1258  AgereSoftModem - ok
12:11:21.0582 0x1258  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:11:21.0611 0x1258  agp440 - ok
12:11:21.0674 0x1258  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:11:21.0696 0x1258  aic78xx - ok
12:11:21.0752 0x1258  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
12:11:21.0910 0x1258  ALG - ok
12:11:21.0946 0x1258  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
12:11:21.0965 0x1258  aliide - ok
12:11:22.0020 0x1258  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:11:22.0040 0x1258  amdagp - ok
12:11:22.0064 0x1258  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
12:11:22.0082 0x1258  amdide - ok
12:11:22.0112 0x1258  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:11:22.0179 0x1258  AmdK7 - ok
12:11:22.0214 0x1258  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:11:22.0288 0x1258  AmdK8 - ok
12:11:22.0356 0x1258  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
12:11:22.0422 0x1258  Appinfo - ok
12:11:22.0566 0x1258  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:11:22.0583 0x1258  Apple Mobile Device - ok
12:11:22.0687 0x1258  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
12:11:22.0709 0x1258  arc - ok
12:11:22.0740 0x1258  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:11:22.0761 0x1258  arcsas - ok
12:11:22.0981 0x1258  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:11:23.0006 0x1258  aspnet_state - ok
12:11:23.0066 0x1258  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:23.0128 0x1258  AsyncMac - ok
12:11:23.0181 0x1258  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
12:11:23.0202 0x1258  atapi - ok
12:11:23.0273 0x1258  [ 40767B965A8D575D794F1F95E2E017E9, 3B050B16A1ADE3FF93E0882012A2A9171010F52BC2CCFC1E254F8CD5DF5122F2 ] atashost        C:\Windows\system32\atashost.exe
12:11:23.0295 0x1258  atashost - ok
12:11:23.0385 0x1258  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:11:23.0438 0x1258  AudioEndpointBuilder - ok
12:11:23.0456 0x1258  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:11:23.0496 0x1258  Audiosrv - ok
12:11:23.0647 0x1258  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:11:23.0778 0x1258  BCM43XV - ok
12:11:23.0851 0x1258  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:11:23.0917 0x1258  BCM43XX - ok
12:11:24.0071 0x1258  [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
12:11:24.0091 0x1258  BcmSqlStartupSvc - ok
12:11:24.0164 0x1258  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:11:24.0224 0x1258  Beep - ok
12:11:24.0358 0x1258  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
12:11:24.0410 0x1258  BFE - ok
12:11:24.0699 0x1258  [ 5A55D8D9340A00B3BD2CC3413B4CB0C0, 438BB95072EC14AD597CFEF040CA7FDE8D46E4AAEE9145AC1014522F1842F713 ] BHDrvx86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140718.001\BHDrvx86.sys
12:11:24.0834 0x1258  BHDrvx86 - ok
12:11:24.0953 0x1258  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
12:11:25.0073 0x1258  BITS - ok
12:11:25.0132 0x1258  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:11:25.0190 0x1258  blbdrive - ok
12:11:25.0316 0x1258  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:11:25.0347 0x1258  Bonjour Service - ok
12:11:25.0427 0x1258  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:11:25.0468 0x1258  bowser - ok
12:11:25.0525 0x1258  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:11:25.0562 0x1258  BrFiltLo - ok
12:11:25.0579 0x1258  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:11:25.0629 0x1258  BrFiltUp - ok
12:11:25.0719 0x1258  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
12:11:25.0783 0x1258  Bridge - ok
12:11:25.0817 0x1258  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:11:25.0848 0x1258  BridgeMP - ok
12:11:25.0893 0x1258  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
12:11:25.0932 0x1258  Browser - ok
12:11:26.0046 0x1258  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:11:26.0285 0x1258  Brserid - ok
12:11:26.0328 0x1258  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:11:26.0424 0x1258  BrSerWdm - ok
12:11:26.0455 0x1258  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:11:26.0542 0x1258  BrUsbMdm - ok
12:11:26.0570 0x1258  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:11:26.0651 0x1258  BrUsbSer - ok
12:11:26.0715 0x1258  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:11:26.0759 0x1258  BthEnum - ok
12:11:26.0842 0x1258  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:11:26.0905 0x1258  BTHMODEM - ok
12:11:26.0983 0x1258  [ C034851122F667F26F813ED1E541C191, 254D653DF90BAD406073E309751A3C2C219DEA84E765AEE5D37697D2583D7AFF ] BthMtpEnum      C:\Windows\system32\DRIVERS\BthMtpEnum.sys
12:11:27.0048 0x1258  BthMtpEnum - ok
12:11:27.0131 0x1258  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:11:27.0189 0x1258  BthPan - ok
12:11:27.0330 0x1258  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:11:27.0394 0x1258  BTHPORT - ok
12:11:27.0452 0x1258  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
12:11:27.0495 0x1258  BthServ - ok
12:11:27.0589 0x1258  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:11:27.0625 0x1258  BTHUSB - ok
12:11:27.0706 0x1258  [ 229B2C1E776062A4033305D5A9D6E28D, 2282111AFB12C9F0A3C1B213F911C23FE6E07E0630EEE026B2E68D36A9051602 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:11:27.0724 0x1258  btwaudio - ok
12:11:27.0781 0x1258  [ 97062053359F6908E1FB2791BFA54734, 46AEAB56C4A7B5F12BD2F1E0327FC96F9DFA618151D1B3D46B6D78B4ECC4B047 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:11:27.0799 0x1258  btwavdt - ok
12:11:27.0832 0x1258  [ D9269B0E3E3CF46D677FD071A40FE6CD, C8D5A1D864DA70B275E44392C490AF21903E8F3AFB2E55595162F6D93376C585 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:11:27.0847 0x1258  btwrchid - ok
12:11:28.0026 0x1258  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys
12:11:28.0047 0x1258  ccSet_NIS - ok
12:11:28.0111 0x1258  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:11:28.0175 0x1258  cdfs - ok
12:11:28.0264 0x1258  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:11:28.0310 0x1258  cdrom - ok
12:11:28.0391 0x1258  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
12:11:28.0431 0x1258  CertPropSvc - ok
12:11:28.0460 0x1258  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:11:28.0507 0x1258  circlass - ok
12:11:28.0590 0x1258  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
12:11:28.0619 0x1258  CLFS - ok
12:11:28.0662 0x1258  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:28.0682 0x1258  clr_optimization_v2.0.50727_32 - ok
12:11:28.0765 0x1258  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:28.0791 0x1258  clr_optimization_v4.0.30319_32 - ok
12:11:28.0858 0x1258  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:11:28.0910 0x1258  CmBatt - ok
12:11:28.0927 0x1258  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:11:28.0947 0x1258  cmdide - ok
12:11:29.0080 0x1258  [ A94146208170D78906C93EE39CEBDD9F, 54B0091593E2E014AD97FED1B715A71722C6B16B454C03F13E88B8423306AB79 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:11:29.0101 0x1258  Com4QLBEx - ok
12:11:29.0120 0x1258  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:11:29.0140 0x1258  Compbatt - ok
12:11:29.0149 0x1258  COMSysApp - ok
12:11:29.0170 0x1258  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:11:29.0190 0x1258  crcdisk - ok
12:11:29.0220 0x1258  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:11:29.0274 0x1258  Crusoe - ok
12:11:29.0347 0x1258  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:11:29.0405 0x1258  CryptSvc - ok
12:11:29.0510 0x1258  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:11:29.0564 0x1258  DcomLaunch - ok
12:11:29.0640 0x1258  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:11:29.0698 0x1258  DfsC - ok
12:11:29.0896 0x1258  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
12:11:30.0095 0x1258  DFSR - ok
12:11:30.0232 0x1258  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:11:30.0282 0x1258  Dhcp - ok
12:11:30.0372 0x1258  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
12:11:30.0395 0x1258  disk - ok
12:11:30.0659 0x1258  [ 4C659CCED934CEF8FEB731949052320D, 49EA4444059E6B95EF7A0B02C2D9FEB318FCE31ED412738B22E08EE7344423F0 ] DiskDoctorService C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
12:11:30.0727 0x1258  DiskDoctorService - ok
12:11:30.0818 0x1258  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:11:30.0881 0x1258  Dnscache - ok
12:11:30.0967 0x1258  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
12:11:31.0015 0x1258  dot3svc - ok
12:11:31.0092 0x1258  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:11:31.0153 0x1258  Dot4 - ok
12:11:31.0202 0x1258  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:11:31.0269 0x1258  Dot4Print - ok
12:11:31.0298 0x1258  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:11:31.0365 0x1258  dot4usb - ok
12:11:31.0476 0x1258  [ 5BC1D876DFD53C31C5FC65D2E9614015, 605E7D1E2FF7A0663C5F6B29D28C830EA49B6342D570F03BE5B3D0F287AB9071 ] DpHost          C:\Program Files\DigitalPersona\Bin\DpHostW.exe
12:11:31.0525 0x1258  DpHost - detected UnsignedFile.Multi.Generic ( 1 )
12:11:34.0078 0x1258  Detect skipped due to KSN trusted
12:11:34.0078 0x1258  DpHost - ok
12:11:34.0117 0x1258  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
12:11:34.0169 0x1258  DPS - ok
12:11:34.0204 0x1258  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:11:34.0247 0x1258  drmkaud - ok
12:11:34.0343 0x1258  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:11:34.0391 0x1258  DXGKrnl - ok
12:11:34.0414 0x1258  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:11:34.0466 0x1258  E1G60 - ok
12:11:34.0535 0x1258  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
12:11:34.0593 0x1258  EapHost - ok
12:11:34.0677 0x1258  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:11:34.0703 0x1258  Ecache - ok
12:11:34.0808 0x1258  [ 10D14FAEF105DF2432D0E03860895284, 200662CD73537A8152FA0C276F20CE9B558FB2EB1AD0C171E5CCF4DC8C02F8B3 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:11:34.0841 0x1258  eeCtrl - ok
12:11:35.0002 0x1258  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:11:35.0036 0x1258  elxstor - ok
12:11:35.0185 0x1258  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:11:35.0285 0x1258  EMDMgmt - ok
12:11:35.0349 0x1258  [ 004B2EA6CC2598EC5F0552E43CE29CEF, 5120903105749DC7A0356DF060B020D78F10FC1B651AC036B1D852EF65DD1D85 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
12:11:35.0372 0x1258  enecir - ok
12:11:35.0457 0x1258  [ 0424EAB7549926FB864BD41E7F0639CC, 04E349F311B24239E1B4DAD073360A0D91391B69E74B43D705A1C00FDF113F45 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:11:35.0477 0x1258  EraserUtilRebootDrv - ok
12:11:35.0548 0x1258  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:11:35.0598 0x1258  ErrDev - ok
12:11:35.0709 0x1258  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
12:11:35.0764 0x1258  EventSystem - ok
12:11:35.0858 0x1258  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:11:35.0922 0x1258  exfat - ok
12:11:35.0986 0x1258  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:11:36.0020 0x1258  fastfat - ok
12:11:36.0102 0x1258  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:11:36.0174 0x1258  fdc - ok
12:11:36.0198 0x1258  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
12:11:36.0248 0x1258  fdPHost - ok
12:11:36.0266 0x1258  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:11:36.0364 0x1258  FDResPub - ok
12:11:36.0428 0x1258  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:11:36.0449 0x1258  FileInfo - ok
12:11:36.0468 0x1258  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:11:36.0504 0x1258  Filetrace - ok
12:11:36.0567 0x1258  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:11:36.0634 0x1258  flpydisk - ok
12:11:36.0731 0x1258  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:11:36.0758 0x1258  FltMgr - ok
12:11:36.0884 0x1258  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
12:11:36.0979 0x1258  FontCache - ok
12:11:37.0123 0x1258  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:11:37.0142 0x1258  FontCache3.0.0.0 - ok
12:11:37.0201 0x1258  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
12:11:37.0218 0x1258  fssfltr - ok
12:11:37.0388 0x1258  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:11:37.0485 0x1258  fsssvc - ok
12:11:37.0572 0x1258  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:11:37.0624 0x1258  Fs_Rec - ok
12:11:37.0680 0x1258  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:11:37.0701 0x1258  gagp30kx - ok
12:11:37.0850 0x1258  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
12:11:37.0875 0x1258  GamesAppIntegrationService - ok
12:11:37.0997 0x1258  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
12:11:38.0019 0x1258  GamesAppService - ok
12:11:38.0077 0x1258  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:11:38.0093 0x1258  GEARAspiWDM - ok
12:11:38.0225 0x1258  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
12:11:38.0303 0x1258  gpsvc - ok
12:11:38.0453 0x1258  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:38.0471 0x1258  gupdate - ok
12:11:38.0481 0x1258  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:38.0498 0x1258  gupdatem - ok
12:11:38.0595 0x1258  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:11:38.0656 0x1258  HdAudAddService - ok
12:11:38.0776 0x1258  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:11:38.0868 0x1258  HDAudBus - ok
12:11:38.0946 0x1258  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:11:39.0005 0x1258  HidBth - ok
12:11:39.0037 0x1258  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:11:39.0079 0x1258  HidIr - ok
12:11:39.0158 0x1258  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
12:11:39.0196 0x1258  hidserv - ok
12:11:39.0253 0x1258  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:11:39.0293 0x1258  HidUsb - ok
12:11:39.0323 0x1258  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:11:39.0380 0x1258  hkmsvc - ok
12:11:39.0521 0x1258  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
12:11:39.0554 0x1258  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
12:11:42.0651 0x1258  Detect skipped due to KSN trusted
12:11:42.0651 0x1258  HP Health Check Service - ok
12:11:42.0693 0x1258  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:11:42.0713 0x1258  HpCISSs - ok
12:11:42.0773 0x1258  [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
12:11:42.0788 0x1258  hpdskflt - ok
12:11:42.0924 0x1258  [ FCB563B0A23643E5F80B6FF1E60F610F, C1FCECF406E154065BF3FD93C4853ED96F5300E0E218FF0AA20B34D614710735 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:11:42.0969 0x1258  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
12:11:45.0710 0x1258  Detect skipped due to KSN trusted
12:11:45.0710 0x1258  hpqcxs08 - ok
12:11:45.0739 0x1258  [ 25E443E27165C652723A92D9BDFD4649, 58528E888176D236C683F5135BE0B35F43F9F521022ED0E66D5B688F3BAF7D0F ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:11:45.0750 0x1258  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:11:55.0847 0x1258  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:11:55.0847 0x1258  Force sending object to P2P due to detect: hpqddsvc
12:11:58.0585 0x1258  Object send P2P result: true
12:12:01.0174 0x1258  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:12:01.0219 0x1258  HpqKbFiltr - ok
12:12:01.0273 0x1258  [ 115C0933B3ED51DFBEC4449348C8065B, 5C937F9DA4DC43CA11B6667D7DF41FC8D0E88994D0A854FDD0F3024D76DE0353 ] HpqRemHid       C:\Windows\system32\DRIVERS\HpqRemHid.sys
12:12:01.0354 0x1258  HpqRemHid - ok
12:12:01.0445 0x1258  [ D50FDAD1E57AA60F1973CFC77D905F0E, 50700337E984F71020BC0F714E0747A99E48711EAC590B22F3F104B3CFFDAF5B ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
12:12:01.0489 0x1258  hpqwmiex - ok
12:12:01.0542 0x1258  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv           C:\Windows\system32\Hpservice.exe
12:12:01.0557 0x1258  hpsrv - ok
12:12:01.0659 0x1258  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:12:01.0704 0x1258  HSFHWAZL - ok
12:12:01.0846 0x1258  [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
12:12:01.0958 0x1258  HSF_DPV - ok
12:12:02.0069 0x1258  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:12:02.0142 0x1258  HTTP - ok
12:12:02.0208 0x1258  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:12:02.0228 0x1258  i2omp - ok
12:12:02.0345 0x1258  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:02.0386 0x1258  i8042prt - ok
12:12:02.0520 0x1258  [ CB686F44BF955EA02520710A56874FA4, D898E897171B07136FCB94726AB16738C923A170B166EB5D758E404C8A6EFD0F ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:12:02.0549 0x1258  IAANTMON - ok
12:12:02.0605 0x1258  [ DB0CC620B27A928D968C1A1E9CD9CB87, 62F2FAF027C217A3A035759AF47D848AEFFA7A94C54B4C424B67459D464B8AA8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:12:02.0628 0x1258  iaStor - ok
12:12:02.0664 0x1258  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:12:02.0691 0x1258  iaStorV - ok
12:12:02.0842 0x1258  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:12:02.0884 0x1258  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:12:05.0436 0x1258  Detect skipped due to KSN trusted
12:12:05.0436 0x1258  IDriverT - ok
12:12:05.0596 0x1258  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:12:05.0652 0x1258  idsvc - ok
12:12:05.0838 0x1258  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140722.001\IDSvix86.sys
12:12:05.0871 0x1258  IDSVix86 - ok
12:12:06.0440 0x1258  [ A74F485DC208EA867C72C1FE4529B68A, C74F9A44FC088E730E4B7E26F3120DB385F4037CE60FC22785BA405F1FC8E232 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:12:06.0687 0x1258  igfx - ok
12:12:06.0711 0x1258  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:12:06.0731 0x1258  iirsp - ok
12:12:06.0828 0x1258  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:12:06.0869 0x1258  IKEEXT - ok
12:12:06.0909 0x1258  [ 8DAB99684CFE8B4DDD5D6D0C5D55FDAC, 1FE5ED643332F9851B6895F2C0340D81EFD47C5A5F9DAC0F292AFE818C98E04F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
12:12:06.0939 0x1258  IntcHdmiAddService - ok
12:12:07.0006 0x1258  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
12:12:07.0025 0x1258  intelide - ok
12:12:07.0080 0x1258  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:12:07.0131 0x1258  intelppm - ok
12:12:07.0188 0x1258  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:12:07.0228 0x1258  IPBusEnum - ok
12:12:07.0244 0x1258  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:07.0281 0x1258  IpFilterDriver - ok
12:12:07.0385 0x1258  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:12:07.0467 0x1258  iphlpsvc - ok
12:12:07.0474 0x1258  IpInIp - ok
12:12:07.0515 0x1258  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:12:07.0570 0x1258  IPMIDRV - ok
12:12:07.0604 0x1258  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:12:07.0653 0x1258  IPNAT - ok
12:12:07.0758 0x1258  [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:12:07.0796 0x1258  iPod Service - ok
12:12:07.0879 0x1258  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:12:07.0914 0x1258  IRENUM - ok
12:12:07.0951 0x1258  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:12:07.0971 0x1258  isapnp - ok
12:12:08.0110 0x1258  [ B3C02712CAA7E2949F2D95F9AE99E0F6, FAA0C8471D957363690037FA0496A53FA1C71B5590FDA70FF14C633F37735A78 ] iscFlash        C:\SwSetup\sp42557\iscflash.sys
12:12:08.0140 0x1258  iscFlash - detected UnsignedFile.Multi.Generic ( 1 )
12:12:10.0919 0x1258  Detect skipped due to KSN trusted
12:12:10.0919 0x1258  iscFlash - ok
12:12:10.0998 0x1258  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:12:11.0024 0x1258  iScsiPrt - ok
12:12:11.0068 0x1258  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:12:11.0086 0x1258  iteatapi - ok
12:12:11.0165 0x1258  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:12:11.0183 0x1258  iteraid - ok
12:12:11.0204 0x1258  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:12:11.0223 0x1258  kbdclass - ok
12:12:11.0274 0x1258  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:12:11.0326 0x1258  kbdhid - ok
12:12:11.0382 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
12:12:11.0441 0x1258  KeyIso - ok
12:12:11.0521 0x1258  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:12:11.0560 0x1258  KSecDD - ok
12:12:11.0641 0x1258  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:12:11.0711 0x1258  KtmRm - ok
12:12:11.0790 0x1258  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:12:11.0830 0x1258  LanmanServer - ok
12:12:11.0910 0x1258  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:12:11.0958 0x1258  LanmanWorkstation - ok
12:12:12.0025 0x1258  [ 9188D073CD14F886790D6037D1986063, ED956DFBD9A3AF8B6B9C41137AFC2DA959C36D17B6E3A5C0A8425D70BD99AF9E ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:12:12.0069 0x1258  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:12:14.0622 0x1258  Detect skipped due to KSN trusted
12:12:14.0623 0x1258  LightScribeService - ok
12:12:14.0752 0x1258  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:12:14.0788 0x1258  lltdio - ok
12:12:14.0831 0x1258  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:12:14.0875 0x1258  lltdsvc - ok
12:12:14.0902 0x1258  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:12:14.0969 0x1258  lmhosts - ok
12:12:14.0993 0x1258  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:12:15.0014 0x1258  LSI_FC - ok
12:12:15.0031 0x1258  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:12:15.0053 0x1258  LSI_SAS - ok
12:12:15.0130 0x1258  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:12:15.0152 0x1258  LSI_SCSI - ok
12:12:15.0180 0x1258  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:12:15.0234 0x1258  luafv - ok
12:12:15.0252 0x1258  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:12:15.0269 0x1258  MBAMProtector - ok
12:12:15.0540 0x1258  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
12:12:15.0635 0x1258  MBAMScheduler - ok
12:12:15.0748 0x1258  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
12:12:15.0802 0x1258  MBAMService - ok
12:12:15.0872 0x1258  [ 799613BA73D25641402AA81B6403EFF8, 55FFF9248C0798346888071A60BF42C809C5D4C7BBA92C97B617F7B6681E00F3 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:12:15.0889 0x1258  MBAMWebAccessControl - ok
12:12:15.0971 0x1258  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:12:16.0036 0x1258  MDM - detected UnsignedFile.Multi.Generic ( 1 )
12:12:19.0070 0x1258  Detect skipped due to KSN trusted
12:12:19.0070 0x1258  MDM - ok
12:12:19.0146 0x1258  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
12:12:19.0166 0x1258  megasas - ok
12:12:19.0243 0x1258  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
12:12:19.0279 0x1258  MegaSR - ok
12:12:19.0368 0x1258  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:12:19.0385 0x1258  Microsoft Office Groove Audit Service - ok
12:12:19.0422 0x1258  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
12:12:19.0460 0x1258  MMCSS - ok
12:12:19.0493 0x1258  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
12:12:19.0531 0x1258  Modem - ok
12:12:19.0570 0x1258  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:12:19.0607 0x1258  monitor - ok
12:12:19.0667 0x1258  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:12:19.0686 0x1258  mouclass - ok
12:12:19.0716 0x1258  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:12:19.0751 0x1258  mouhid - ok
12:12:19.0801 0x1258  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:12:19.0821 0x1258  MountMgr - ok
12:12:19.0859 0x1258  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:12:19.0881 0x1258  mpio - ok
12:12:19.0927 0x1258  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:12:19.0995 0x1258  mpsdrv - ok
12:12:20.0138 0x1258  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:12:20.0224 0x1258  MpsSvc - ok
12:12:20.0256 0x1258  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:12:20.0275 0x1258  Mraid35x - ok
12:12:20.0338 0x1258  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:12:20.0380 0x1258  MRxDAV - ok
12:12:20.0450 0x1258  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:12:20.0553 0x1258  mrxsmb - ok
12:12:20.0634 0x1258  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:12:20.0691 0x1258  mrxsmb10 - ok
12:12:20.0752 0x1258  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:12:20.0790 0x1258  mrxsmb20 - ok
12:12:20.0864 0x1258  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:12:20.0883 0x1258  msahci - ok
12:12:20.0905 0x1258  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:12:20.0927 0x1258  msdsm - ok
12:12:20.0951 0x1258  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
12:12:20.0992 0x1258  MSDTC - ok
12:12:21.0020 0x1258  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:12:21.0063 0x1258  Msfs - ok
12:12:21.0114 0x1258  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:12:21.0133 0x1258  msisadrv - ok
12:12:21.0167 0x1258  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:12:21.0217 0x1258  MSiSCSI - ok
12:12:21.0248 0x1258  msiserver - ok
12:12:21.0308 0x1258  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:12:22.0357 0x1258  MSKSSRV - ok
12:12:22.0473 0x1258  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:12:22.0800 0x1258  MSPCLOCK - ok
12:12:22.0838 0x1258  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:12:22.0876 0x1258  MSPQM - ok
12:12:23.0015 0x1258  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:12:23.0042 0x1258  MsRPC - ok
12:12:23.0095 0x1258  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:12:23.0115 0x1258  mssmbios - ok
12:12:23.0228 0x1258  MSSQL$MSSMLBIZ - ok
12:12:23.0337 0x1258  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:12:23.0356 0x1258  MSSQLServerADHelper - ok
12:12:23.0383 0x1258  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:12:23.0443 0x1258  MSTEE - ok
12:12:23.0509 0x1258  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:12:23.0530 0x1258  Mup - ok
12:12:23.0600 0x1258  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
12:12:23.0661 0x1258  napagent - ok
12:12:23.0726 0x1258  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:12:23.0753 0x1258  NativeWifiP - ok
12:12:23.0903 0x1258  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.008\NAVENG.SYS
12:12:23.0922 0x1258  NAVENG - ok
12:12:24.0099 0x1258  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.008\NAVEX15.SYS
12:12:25.0005 0x1258  NAVEX15 - ok
12:12:25.0430 0x1258  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:12:25.0490 0x1258  NDIS - ok
12:12:25.0526 0x1258  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:12:25.0968 0x1258  NdisTapi - ok
12:12:25.0998 0x1258  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:12:26.0053 0x1258  Ndisuio - ok
12:12:26.0131 0x1258  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:12:26.0178 0x1258  NdisWan - ok
12:12:26.0213 0x1258  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:12:26.0261 0x1258  NDProxy - ok
12:12:26.0364 0x1258  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:12:26.0392 0x1258  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:12:28.0956 0x1258  Detect skipped due to KSN trusted
12:12:28.0956 0x1258  Net Driver HPZ12 - ok
12:12:28.0992 0x1258  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:12:29.0041 0x1258  NetBIOS - ok
12:12:29.0117 0x1258  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:12:29.0171 0x1258  netbt - ok
12:12:29.0194 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
12:12:29.0215 0x1258  Netlogon - ok
12:12:29.0326 0x1258  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
12:12:29.0407 0x1258  Netman - ok
12:12:29.0546 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0573 0x1258  NetMsmqActivator - ok
12:12:29.0604 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0630 0x1258  NetPipeActivator - ok
12:12:29.0690 0x1258  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
12:12:29.0754 0x1258  netprofm - ok
12:12:29.0765 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0790 0x1258  NetTcpActivator - ok
12:12:29.0803 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0828 0x1258  NetTcpPortSharing - ok
12:12:29.0896 0x1258  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:12:29.0915 0x1258  nfrd960 - ok
12:12:30.0019 0x1258  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] NIS             C:\Program Files\Norton Internet Security\Engine\21.4.0.13\NIS.exe
12:12:30.0043 0x1258  NIS - ok
12:12:30.0080 0x1258  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:12:30.0135 0x1258  NlaSvc - ok
12:12:30.0459 0x1258  [ CD569FA91EC6F59D045C19D0D3850F44, 8DDD03BB5EB614689D62FD9BDD89A2AF960EC07BA18792AFAA87D1E565E74EBC ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
12:12:30.0503 0x1258  nmservice - ok
12:12:30.0565 0x1258  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
12:12:30.0680 0x1258  nmwcd - ok
12:12:30.0749 0x1258  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
12:12:30.0809 0x1258  nmwcdc - ok
12:12:30.0879 0x1258  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
12:12:30.0948 0x1258  nmwcdnsu - ok
12:12:31.0021 0x1258  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
12:12:31.0062 0x1258  nmwcdnsuc - ok
12:12:31.0148 0x1258  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:12:31.0190 0x1258  Npfs - ok
12:12:31.0220 0x1258  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
12:12:31.0257 0x1258  nsi - ok
12:12:31.0282 0x1258  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:12:31.0358 0x1258  nsiproxy - ok
12:12:31.0605 0x1258  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:12:31.0674 0x1258  Ntfs - ok
12:12:31.0726 0x1258  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:12:31.0810 0x1258  ntrigdigi - ok
12:12:32.0000 0x1258  [ A66FCAB18F99477770BDEE6527E94C54, F15B8455B27391857E2CEF6342E6A59DE01EBC3616FFEE575F78479411905813 ] NU16StartManagerSvc C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
12:12:32.0049 0x1258  NU16StartManagerSvc - ok
12:12:32.0078 0x1258  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
12:12:32.0129 0x1258  Null - ok
12:12:32.0209 0x1258  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
12:12:32.0307 0x1258  NVENETFD - ok
12:12:32.0353 0x1258  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:12:32.0375 0x1258  nvraid - ok
12:12:32.0412 0x1258  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:12:32.0432 0x1258  nvstor - ok
12:12:32.0470 0x1258  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:12:32.0493 0x1258  nv_agp - ok
12:12:32.0503 0x1258  NwlnkFlt - ok
12:12:32.0511 0x1258  NwlnkFwd - ok
12:12:32.0668 0x1258  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:12:32.0704 0x1258  odserv - ok
12:12:32.0813 0x1258  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:12:32.0851 0x1258  ohci1394 - ok
12:12:32.0995 0x1258  OracleJobSchedulerDATABASE1 - ok
12:12:33.0000 0x1258  OracleMTSRecoveryService - ok
12:12:33.0008 0x1258  OracleOraDb11g_home1ClrAgent - ok
12:12:33.0018 0x1258  OracleOraDb11g_home1TNSListener - ok
12:12:33.0026 0x1258  OracleServiceDATABASE1 - ok
12:12:33.0035 0x1258  OracleVssWriterDATABASE1 - ok
12:12:33.0094 0x1258  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:12:33.0115 0x1258  ose - ok
12:12:33.0305 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:12:33.0391 0x1258  p2pimsvc - ok
12:12:33.0419 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:12:33.0468 0x1258  p2psvc - ok
12:12:33.0534 0x1258  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
12:12:33.0636 0x1258  Parport - ok
12:12:33.0716 0x1258  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:12:33.0736 0x1258  partmgr - ok
12:12:33.0799 0x1258  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:12:33.0858 0x1258  Parvdm - ok
12:12:33.0909 0x1258  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:12:33.0956 0x1258  PcaSvc - ok
12:12:34.0026 0x1258  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:12:34.0072 0x1258  pccsmcfd - ok
12:12:34.0127 0x1258  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
12:12:34.0152 0x1258  pci - ok
12:12:34.0203 0x1258  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:12:34.0222 0x1258  pciide - ok
12:12:34.0251 0x1258  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:12:34.0275 0x1258  pcmcia - ok
12:12:34.0377 0x1258  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:12:34.0514 0x1258  PEAUTH - ok
12:12:34.0645 0x1258  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
12:12:34.0825 0x1258  pla - ok
12:12:34.0911 0x1258  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:12:34.0972 0x1258  PlugPlay - ok
12:12:35.0073 0x1258  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:12:35.0104 0x1258  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:12:38.0131 0x1258  Detect skipped due to KSN trusted
12:12:38.0131 0x1258  Pml Driver HPZ12 - ok
12:12:38.0216 0x1258  [ 3DE33BCE4A930EDF57BD1F742823BCD8, EFE61739AF790DF4E8E22EE8DB3D5361C8FD0755CB5E34305F4A3C04365BF6F1 ] pnarp           C:\Windows\system32\DRIVERS\pnarp.sys
12:12:38.0231 0x1258  pnarp - ok
12:12:38.0282 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:12:38.0333 0x1258  PNRPAutoReg - ok
12:12:38.0362 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:12:38.0413 0x1258  PNRPsvc - ok
12:12:38.0524 0x1258  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:12:38.0585 0x1258  PolicyAgent - ok
12:12:38.0634 0x1258  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:12:38.0687 0x1258  PptpMiniport - ok
12:12:38.0713 0x1258  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
12:12:38.0750 0x1258  Processor - ok
12:12:38.0806 0x1258  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
12:12:38.0857 0x1258  ProfSvc - ok
12:12:38.0918 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
12:12:38.0939 0x1258  ProtectedStorage - ok
12:12:39.0011 0x1258  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:12:39.0057 0x1258  PSched - ok
12:12:39.0137 0x1258  [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC, F4FD4D9F3C201CB95B8A6ABD6D89500A1F1C12BFA71429537D9834551163FC69 ] purendis        C:\Windows\system32\DRIVERS\purendis.sys
12:12:39.0152 0x1258  purendis - ok
12:12:39.0310 0x1258  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:12:39.0381 0x1258  ql2300 - ok
12:12:39.0463 0x1258  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:12:39.0484 0x1258  ql40xx - ok
12:12:39.0658 0x1258  [ 2D757E14216E643E7885EBC0CFB0B906, 2184BEB2D3A9F24AEDDF672AF2DE9677650262B6A25BB82FC5D403856DB56847 ] QPCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
12:12:39.0683 0x1258  QPCapSvc - ok
12:12:39.0713 0x1258  [ EA8B29EAD23DA9DA2F5DF1DA7C82E308, 14075D40D285A4EAD93CEB7DEA8AEFA023C5B9A3C5CD0F45BCE70948D84F88B0 ] QPSched         C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
12:12:39.0730 0x1258  QPSched - ok
12:12:39.0793 0x1258  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
12:12:39.0843 0x1258  QWAVE - ok
12:12:39.0878 0x1258  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:12:39.0898 0x1258  QWAVEdrv - ok
12:12:39.0955 0x1258  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:12:39.0991 0x1258  RasAcd - ok
12:12:40.0060 0x1258  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
12:12:40.0101 0x1258  RasAuto - ok
12:12:40.0170 0x1258  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:12:40.0235 0x1258  Rasl2tp - ok
12:12:40.0326 0x1258  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
12:12:40.0367 0x1258  RasMan - ok
12:12:40.0439 0x1258  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:12:40.0495 0x1258  RasPppoe - ok
12:12:40.0579 0x1258  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:12:40.0603 0x1258  RasSstp - ok
12:12:40.0699 0x1258  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:12:40.0754 0x1258  rdbss - ok
12:12:40.0783 0x1258  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:12:40.0844 0x1258  RDPCDD - ok
12:12:40.0888 0x1258  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:12:40.0934 0x1258  rdpdr - ok
12:12:40.0942 0x1258  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:12:40.0977 0x1258  RDPENCDD - ok
12:12:41.0038 0x1258  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:12:41.0095 0x1258  RDPWD - ok
12:12:41.0207 0x1258  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
12:12:41.0223 0x1258  RealNetworks Downloader Resolver Service - ok
12:12:41.0344 0x1258  [ B9570481A1BABCC4A9E941C553596077, B9A89B8C683F634504F7563EDAFB09F0AC8165F34F03177C96D4109CE1BE5D74 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
12:12:41.0373 0x1258  Recovery Service for Windows - ok
12:12:41.0439 0x1258  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:12:41.0479 0x1258  RemoteAccess - ok
12:12:41.0597 0x1258  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:12:41.0632 0x1258  RemoteRegistry - ok
12:12:41.0752 0x1258  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:12:41.0860 0x1258  RFCOMM - ok
12:12:42.0121 0x1258  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:12:42.0143 0x1258  RichVideo - ok
12:12:42.0182 0x1258  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
12:12:42.0249 0x1258  RpcLocator - ok
12:12:42.0328 0x1258  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
12:12:42.0382 0x1258  RpcSs - ok
12:12:42.0419 0x1258  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:12:42.0476 0x1258  rspndr - ok
12:12:42.0579 0x1258  [ A1ADC7B4C074744662207DA6EDCDFBB0, 2FB2C3925F8FB4E060227E7972FC1C3E142BD70C5D1F11193D2176A3A36BD299 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
12:12:42.0669 0x1258  RTL8169 - ok
12:12:42.0743 0x1258  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
12:12:42.0776 0x1258  RTSTOR - ok
12:12:42.0796 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
12:12:42.0816 0x1258  SamSs - ok
12:12:42.0852 0x1258  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:12:42.0872 0x1258  sbp2port - ok
12:12:42.0936 0x1258  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:12:42.0981 0x1258  SCardSvr - ok
12:12:43.0140 0x1258  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
12:12:43.0252 0x1258  Schedule - ok
12:12:43.0310 0x1258  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:12:43.0338 0x1258  SCPolicySvc - ok
12:12:43.0556 0x1258  [ B60E9769655DDEE8368E3ABB6668E076, EECA05B36C6F837FA6DB2EDD78E17E9EA5F0D793B869CB99A08C61AB485A1E67 ] ScrybeUpdater   C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
12:12:43.0629 0x1258  ScrybeUpdater - ok
12:12:43.0691 0x1258  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:12:43.0742 0x1258  sdbus - ok
12:12:43.0781 0x1258  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:12:43.0825 0x1258  SDRSVC - ok
12:12:43.0847 0x1258  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:12:43.0919 0x1258  secdrv - ok
12:12:43.0970 0x1258  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
12:12:44.0022 0x1258  seclogon - ok
12:12:44.0099 0x1258  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
12:12:44.0157 0x1258  SENS - ok
12:12:44.0246 0x1258  [ D23FC3F409FDBB2A5C230ABC137C4B45, A970109D96F7E01D3A391798FFBEC0303BECB239B966FA3FE4DC1ED494429D74 ] Sentinel        C:\Windows\System32\Drivers\SENTINEL.SYS
12:12:44.0264 0x1258  Sentinel - ok
12:12:44.0360 0x1258  [ 881F7E7A2A9F9E91189B4FBB70EB5F47, 379832A928E486E1B1CC98A00303ECBD6F565E3AF2881C407D18D139E4F594BB ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
12:12:44.0381 0x1258  SentinelProtectionServer - ok
12:12:44.0407 0x1258  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:12:44.0465 0x1258  Serenum - ok
12:12:44.0514 0x1258  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
12:12:44.0602 0x1258  Serial - ok
12:12:44.0641 0x1258  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:12:44.0676 0x1258  sermouse - ok
12:12:44.0834 0x1258  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:12:44.0877 0x1258  ServiceLayer - ok
12:12:44.0947 0x1258  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:12:45.0016 0x1258  SessionEnv - ok
12:12:45.0089 0x1258  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:12:45.0118 0x1258  sffdisk - ok
12:12:45.0138 0x1258  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:12:45.0174 0x1258  sffp_mmc - ok
12:12:45.0193 0x1258  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:12:45.0229 0x1258  sffp_sd - ok
12:12:45.0249 0x1258  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:12:45.0311 0x1258  sfloppy - ok
12:12:45.0368 0x1258  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:12:45.0453 0x1258  SharedAccess - ok
12:12:45.0555 0x1258  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:12:45.0664 0x1258  ShellHWDetection - ok
12:12:45.0698 0x1258  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:12:45.0718 0x1258  sisagp - ok
12:12:45.0756 0x1258  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:12:45.0776 0x1258  SiSRaid2 - ok
12:12:45.0798 0x1258  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:12:45.0820 0x1258  SiSRaid4 - ok
12:12:45.0911 0x1258  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:12:45.0941 0x1258  SkypeUpdate - ok
12:12:46.0152 0x1258  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
12:12:46.0373 0x1258  slsvc - ok
12:12:46.0459 0x1258  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:12:46.0514 0x1258  SLUINotify - ok
12:12:46.0579 0x1258  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:12:46.0641 0x1258  Smb - ok
12:12:46.0708 0x1258  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:12:46.0744 0x1258  SNMPTRAP - ok
12:12:46.0882 0x1258  [ CF3AF4684F80F2D965539C6AFD5E9B5D, 7469BB8ECA5EEC5BD2A5ADB4DFCF2EB1ABEDDC2431E0902BA09F04087458835B ] SpeedDiskService C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
12:12:46.0953 0x1258  SpeedDiskService - ok
12:12:47.0026 0x1258  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:12:47.0045 0x1258  spldr - ok
12:12:47.0113 0x1258  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
12:12:47.0171 0x1258  Spooler - ok
12:12:47.0255 0x1258  [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd            C:\Windows\System32\Drivers\sptd.sys
12:12:47.0286 0x1258  sptd - ok
12:12:47.0383 0x1258  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:12:47.0408 0x1258  SQLBrowser - ok
12:12:47.0503 0x1258  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:12:47.0521 0x1258  SQLWriter - ok
12:12:47.0799 0x1258  [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP           C:\Windows\System32\Drivers\NIS\1504000.00D\SRTSP.SYS
12:12:47.0845 0x1258  SRTSP - ok
12:12:47.0868 0x1258  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS
12:12:47.0885 0x1258  SRTSPX - ok
12:12:47.0958 0x1258  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:12:48.0015 0x1258  srv - ok
12:12:48.0082 0x1258  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:12:48.0118 0x1258  srv2 - ok
12:12:48.0158 0x1258  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:12:48.0224 0x1258  srvnet - ok
12:12:48.0259 0x1258  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:12:48.0318 0x1258  SSDPSRV - ok
12:12:48.0379 0x1258  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:12:48.0421 0x1258  SstpSvc - ok
12:12:48.0675 0x1258  [ 05AE358CD777BF8857F512A18E1DE7AA, 3EA85776E3E2D4A2539DB3D8644B497584149D79F25C310250EAAA6E37646493 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
12:12:48.0754 0x1258  STacSV - ok
12:12:48.0880 0x1258  [ E69A606872650B46DE54EC15DCC93529, 9E070CC909A6722404971DE2C98343C92A0F41F824CF881A7DCBAD9942A656A9 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
12:12:48.0936 0x1258  STHDA - ok
12:12:49.0018 0x1258  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
12:12:49.0093 0x1258  stisvc - ok
12:12:49.0137 0x1258  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:12:49.0156 0x1258  swenum - ok
12:12:49.0236 0x1258  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
12:12:49.0280 0x1258  swprv - ok
12:12:49.0316 0x1258  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:12:49.0334 0x1258  Symc8xx - ok
12:12:49.0396 0x1258  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\NIS\1504000.00D\SYMDS.SYS
12:12:49.0427 0x1258  SymDS - ok
12:12:49.0512 0x1258  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\Windows\system32\drivers\NIS\1504000.00D\SYMEFA.SYS
12:12:49.0571 0x1258  SymEFA - ok
12:12:49.0638 0x1258  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
12:12:49.0658 0x1258  SymEvent - ok
12:12:49.0749 0x1258  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS
12:12:49.0772 0x1258  SymIRON - ok
12:12:49.0814 0x1258  [ D3F7FB40012382F7B206200AE794FBD7, B58C1969C766D5BF0BCFE9642D4F2B221E62240A9FCE18738B21DB457F57C22C ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS
12:12:49.0846 0x1258  SYMTDIv - ok
12:12:49.0881 0x1258  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:12:49.0899 0x1258  Sym_hi - ok
12:12:49.0918 0x1258  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:12:49.0937 0x1258  Sym_u3 - ok
12:12:49.0983 0x1258  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:12:50.0009 0x1258  SynTP - ok
12:12:50.0095 0x1258  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
12:12:50.0185 0x1258  SysMain - ok
12:12:50.0235 0x1258  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:12:50.0273 0x1258  TabletInputService - ok
12:12:50.0343 0x1258  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:12:50.0401 0x1258  TapiSrv - ok
12:12:50.0425 0x1258  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
12:12:50.0465 0x1258  TBS - ok
12:12:50.0578 0x1258  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:12:50.0643 0x1258  Tcpip - ok
12:12:50.0686 0x1258  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:12:50.0740 0x1258  Tcpip6 - ok
12:12:50.0832 0x1258  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:12:50.0941 0x1258  tcpipreg - ok
12:12:50.0984 0x1258  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:12:51.0048 0x1258  TDPIPE - ok
12:12:51.0096 0x1258  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:12:51.0164 0x1258  TDTCP - ok
12:12:51.0226 0x1258  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:12:51.0270 0x1258  tdx - ok
12:12:51.0349 0x1258  [ 34F30A078404410FE0D94F4627D91D5C, 3ED601D304C123A6115B79780CDD3AC9EAAD2DC38F3FF984C4F14CCEA6FECAF7 ] tenCapture      C:\Windows\system32\DRIVERS\tenCapture.sys
12:12:51.0370 0x1258  tenCapture - ok
12:12:51.0399 0x1258  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:12:51.0421 0x1258  TermDD - ok
12:12:51.0463 0x1258  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
12:12:51.0561 0x1258  TermService - ok
12:12:51.0601 0x1258  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
12:12:51.0632 0x1258  Themes - ok
12:12:51.0691 0x1258  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
12:12:51.0730 0x1258  THREADORDER - ok
12:12:51.0800 0x1258  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
12:12:51.0840 0x1258  TrkWks - ok
12:12:51.0985 0x1258  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:12:52.0037 0x1258  TrustedInstaller - ok
12:12:52.0107 0x1258  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:12:52.0162 0x1258  tssecsrv - ok
12:12:52.0220 0x1258  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:12:52.0241 0x1258  tunmp - ok
12:12:52.0314 0x1258  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:12:52.0335 0x1258  tunnel - ok
12:12:52.0412 0x1258  [ D7B5C463518517AA606C4A1A5AD13C05, 8A454C62172A3288172671B58958C89155A3CE290809D9CCBE764561EF6BA8A3 ] u302bus         C:\Windows\system32\DRIVERS\u302bus.sys
12:12:52.0432 0x1258  u302bus - ok
12:12:52.0495 0x1258  [ 817F7608F6A0B63A9B4E340E837A6D54, 30520BE9D6A3BAAED83F384F0B713FF766FA1BFA5E2DB575AC6E144D290F0A77 ] u302mdfl        C:\Windows\system32\DRIVERS\u302mdfl.sys
12:12:52.0509 0x1258  u302mdfl - ok
12:12:52.0548 0x1258  [ 0C3F5F21513BEE7E59F3C8275C062631, B279EEA5E8FCA052218BCB7483775D15466D838C39D59DDCDEF2C86450D000D3 ] u302mdm         C:\Windows\system32\DRIVERS\u302mdm.sys
12:12:52.0568 0x1258  u302mdm - ok
12:12:52.0631 0x1258  [ 0F10057D0B998EECE3F97927CBBE6A65, 977A097A587C5DF45A632E03572F77348457ACA10A180393519D12F0D4325F06 ] u302mgmt        C:\Windows\system32\DRIVERS\u302mgmt.sys
12:12:52.0653 0x1258  u302mgmt - ok
12:12:52.0719 0x1258  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:12:52.0739 0x1258  uagp35 - ok
12:12:52.0849 0x1258  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:12:52.0888 0x1258  udfs - ok
12:12:52.0927 0x1258  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:12:52.0966 0x1258  UI0Detect - ok
12:12:52.0973 0x1258  UIUSys - ok
12:12:53.0044 0x1258  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:12:53.0065 0x1258  uliagpkx - ok
12:12:53.0167 0x1258  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:12:53.0195 0x1258  uliahci - ok
12:12:53.0232 0x1258  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:12:53.0253 0x1258  UlSata - ok
12:12:53.0303 0x1258  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:12:53.0325 0x1258  ulsata2 - ok
12:12:53.0393 0x1258  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:12:53.0464 0x1258  umbus - ok
12:12:53.0528 0x1258  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
12:12:53.0604 0x1258  upnphost - ok
12:12:53.0686 0x1258  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:12:53.0756 0x1258  upperdev - ok
12:12:53.0836 0x1258  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:12:53.0891 0x1258  usbaudio - ok
12:12:53.0990 0x1258  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:12:54.0082 0x1258  usbccgp - ok
12:12:54.0142 0x1258  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:12:54.0204 0x1258  usbcir - ok
12:12:54.0260 0x1258  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:12:54.0281 0x1258  usbehci - ok
12:12:54.0410 0x1258  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:12:54.0455 0x1258  usbhub - ok
12:12:54.0495 0x1258  [ 7BDB7B0E7D45AC0402D78B90789EF47C, 321C70DFB8F21AFF236C815F2BCC5F778177A83C7238177DA73B82A906CC116E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:12:54.0530 0x1258  usbohci - ok
12:12:54.0565 0x1258  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:12:54.0618 0x1258  usbprint - ok
12:12:54.0686 0x1258  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:12:54.0757 0x1258  usbscan - ok
12:12:54.0826 0x1258  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\drivers\usbser.sys
12:12:54.0847 0x1258  usbser - ok
12:12:54.0960 0x1258  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:12:55.0002 0x1258  UsbserFilt - ok
12:12:55.0070 0x1258  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:12:55.0101 0x1258  USBSTOR - ok
12:12:55.0158 0x1258  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:12:55.0208 0x1258  usbuhci - ok
12:12:55.0297 0x1258  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:12:55.0349 0x1258  usbvideo - ok
12:12:55.0411 0x1258  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
12:12:55.0443 0x1258  UxSms - ok
12:12:55.0531 0x1258  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
12:12:55.0642 0x1258  vds - ok
12:12:55.0680 0x1258  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1, F13AB033920AA55EA4AE4CACFCBF2D1356ED49BD650618DDBC0A3036AAE7C280 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
12:12:55.0695 0x1258  vfs101x - ok
12:12:55.0797 0x1258  [ 7ED51043FED8FFD9577B4B74779D9AF0, 4520B5EFE9F70303D8DAAA9FDD61507310D941D0B8932A8F5FB670139023E2C9 ] vfsFPService    C:\Windows\system32\vfsFPService.exe
12:12:55.0842 0x1258  vfsFPService - ok
12:12:55.0881 0x1258  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:12:55.0918 0x1258  vga - ok
12:12:55.0941 0x1258  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:12:55.0977 0x1258  VgaSave - ok
12:12:56.0013 0x1258  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:12:56.0034 0x1258  viaagp - ok
12:12:56.0065 0x1258  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:12:56.0102 0x1258  ViaC7 - ok
12:12:56.0122 0x1258  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
12:12:56.0147 0x1258  viaide - ok
12:12:56.0166 0x1258  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:12:56.0186 0x1258  volmgr - ok
12:12:56.0272 0x1258  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:12:56.0303 0x1258  volmgrx - ok
12:12:56.0367 0x1258  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:12:56.0396 0x1258  volsnap - ok
12:12:56.0451 0x1258  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:12:56.0474 0x1258  vsmraid - ok
12:12:56.0702 0x1258  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
12:12:56.0839 0x1258  VSS - ok
12:12:56.0905 0x1258  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
12:12:56.0969 0x1258  W32Time - ok
12:12:57.0026 0x1258  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:12:57.0084 0x1258  WacomPen - ok
12:12:57.0102 0x1258  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:12:57.0133 0x1258  Wanarp - ok
12:12:57.0140 0x1258  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:12:57.0171 0x1258  Wanarpv6 - ok
12:12:57.0205 0x1258  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:12:57.0249 0x1258  wcncsvc - ok
12:12:57.0280 0x1258  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:12:57.0325 0x1258  WcsPlugInService - ok
12:12:57.0342 0x1258  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
12:12:57.0361 0x1258  Wd - ok
12:12:57.0402 0x1258  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:12:57.0446 0x1258  Wdf01000 - ok
12:12:57.0471 0x1258  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:12:57.0519 0x1258  WdiServiceHost - ok
12:12:57.0526 0x1258  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:12:57.0567 0x1258  WdiSystemHost - ok
12:12:57.0628 0x1258  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
12:12:57.0678 0x1258  WebClient - ok
12:12:57.0744 0x1258  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:12:57.0791 0x1258  Wecsvc - ok
12:12:57.0825 0x1258  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:12:57.0858 0x1258  wercplsupport - ok
12:12:57.0957 0x1258  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:12:58.0040 0x1258  WerSvc - ok
12:12:58.0135 0x1258  [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
12:12:58.0204 0x1258  winachsf - ok
12:12:58.0273 0x1258  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:12:58.0305 0x1258  WinDefend - ok
12:12:58.0319 0x1258  WinHttpAutoProxySvc - ok
12:12:58.0374 0x1258  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:12:58.0427 0x1258  Winmgmt - ok
12:12:58.0533 0x1258  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:12:58.0635 0x1258  WinRM - ok
12:12:58.0723 0x1258  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:12:58.0791 0x1258  Wlansvc - ok
12:12:58.0925 0x1258  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:12:58.0942 0x1258  wlcrasvc - ok
12:12:59.0150 0x1258  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:12:59.0246 0x1258  wlidsvc - ok
12:12:59.0293 0x1258  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:12:59.0329 0x1258  WmiAcpi - ok
12:12:59.0388 0x1258  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:12:59.0423 0x1258  wmiApSrv - ok
12:12:59.0571 0x1258  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:12:59.0674 0x1258  WMPNetworkSvc - ok
12:12:59.0734 0x1258  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:12:59.0782 0x1258  WPCSvc - ok
12:12:59.0864 0x1258  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:12:59.0889 0x1258  WPDBusEnum - ok
12:12:59.0966 0x1258  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:13:00.0015 0x1258  WpdUsb - ok
12:13:00.0396 0x1258  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:13:00.0453 0x1258  WPFFontCache_v0400 - ok
12:13:00.0498 0x1258  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:13:00.0558 0x1258  ws2ifsl - ok
12:13:00.0669 0x1258  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:13:00.0697 0x1258  wscsvc - ok
12:13:00.0703 0x1258  WSearch - ok
12:13:00.0899 0x1258  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:13:01.0018 0x1258  wuauserv - ok
12:13:01.0124 0x1258  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:13:01.0160 0x1258  WudfPf - ok
12:13:01.0219 0x1258  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:13:01.0246 0x1258  WUDFRd - ok
12:13:01.0299 0x1258  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:13:01.0333 0x1258  wudfsvc - ok
12:13:01.0458 0x1258  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:13:01.0500 0x1258  YahooAUService - ok
12:13:01.0515 0x1258  ================ Scan global ===============================
12:13:01.0542 0x1258  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
12:13:01.0627 0x1258  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
12:13:01.0659 0x1258  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
12:13:01.0752 0x1258  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
12:13:01.0764 0x1258  [ Global ] - ok
12:13:01.0765 0x1258  ================ Scan MBR ==================================
12:13:01.0815 0x1258  [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
12:13:02.0137 0x1258  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
12:13:02.0137 0x1258  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:13:04.0682 0x1258  ================ Scan VBR ==================================
12:13:04.0704 0x1258  [ ADF01DD8CEDF5B1F655C9E7FFB76ADE3 ] \Device\Harddisk0\DR0\Partition1
12:13:04.0754 0x1258  \Device\Harddisk0\DR0\Partition1 - ok
12:13:04.0808 0x1258  [ F431A8787B1E3E7DC7EB173AEF1946FC ] \Device\Harddisk0\DR0\Partition2
12:13:04.0819 0x1258  \Device\Harddisk0\DR0\Partition2 - ok
12:13:04.0820 0x1258  ================ Scan generic autorun ======================
12:13:05.0030 0x1258  [ 94444693EA13A72F6820DFF844A1122E, DAB1D45F39CA196C6EF22F4E817C32558D87051B98FC525A07ABBAE1A52B59AB ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:13:05.0168 0x1258  SynTPEnh - ok
12:13:05.0317 0x1258  [ 6E1AC019C8FD1997BF5A17DA93627510, 28E8C2CDF1203318C1CDE525D08236057A9B6938201ABB216B810655A51F27B4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:13:05.0337 0x1258  IAAnotif - ok
12:13:05.0436 0x1258  [ 6FC398F279D5F5E53E61683B5450195D, 94F65501B0BFC94A56B3B6DCBC892C3C4F877D3CBDFAE785EAB1F2793C25F5F4 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
12:13:05.0457 0x1258  QlbCtrl.exe - ok
12:13:05.0570 0x1258  [ 544C1EF07AEC178A83538A251A72CE13, 7F77C7EB03DA70717CA66ABD57D1AC0E531DDA09BBC635BD320FD82E94A06D10 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
12:13:05.0604 0x1258  OnScreenDisplay - ok
12:13:05.0695 0x1258  [ 1D48CA37FAA59919C1138357ED67E14A, 2771DF3AAB6445C8F1EF93527B9F9249C5CE28A5CC615C1618DD7C9682737440 ] C:\Program Files\DigitalPersona\Bin\dpagent.exe
12:13:05.0750 0x1258  DpAgent - detected UnsignedFile.Multi.Generic ( 1 )
12:13:08.0640 0x1258  Detect skipped due to KSN trusted
12:13:08.0640 0x1258  DpAgent - ok
12:13:08.0809 0x1258  [ 080E68A15793648B1A1570574A6EADB2, 688C29A1FAC15E6E21762E969B1B75267E05FB62330BF89AA2BDED67B753BBE2 ] C:\Program Files\HP\QuickPlay\QPService.exe
12:13:08.0842 0x1258  QPService - ok
12:13:09.0012 0x1258  [ 73BFDC88C6EF9715CDF57134A438837A, 8F1F04F3C89C430A6A04090A9B3D2BDDDE0FA44441569195E6CDF7E7CBA9779F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
12:13:09.0054 0x1258  nmctxth - ok
12:13:09.0118 0x1258  [ 80185BCC7C7BF9C9D2AD71F5588E9A2C, 3AD43BA764367BE252511FEEC83C9F7FB49C3D082C66D1A385C55299B99E3941 ] C:\Windows\system32\igfxtray.exe
12:13:09.0140 0x1258  IgfxTray - ok
12:13:09.0183 0x1258  [ FF786D5E81771EE804E568DD5D4784DA, F1A87C50D7FC08759843800AA1D9D817881321CCFD7D0F0594C0E70C66F8259E ] C:\Windows\system32\hkcmd.exe
12:13:09.0205 0x1258  HotKeysCmds - ok
12:13:09.0260 0x1258  [ D6B2D8A7B6C6F397FE47143CA360C9E9, 1C457E73F787079868B2C8F5A5A7768C060B16DE64C63AF2F701B16B6A505664 ] C:\Windows\system32\igfxpers.exe
12:13:09.0281 0x1258  Persistence - ok
12:13:09.0366 0x1258  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
12:13:09.0382 0x1258  GrooveMonitor - ok
12:13:09.0464 0x1258  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:13:09.0523 0x1258  Adobe ARM - ok
12:13:09.0628 0x1258  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
12:13:09.0656 0x1258  Windows Mobile-based device management - ok
12:13:09.0818 0x1258  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files\Real\realplayer\update\realsched.exe
12:13:09.0846 0x1258  TkBellExe - ok
12:13:10.0038 0x1258  [ BF9C0C31202259D2BE2B7072499504CE, F48E35458B821F2EBBF49E66B60FD6B12B91E817346F9D79DDA39B2F1F767FE2 ] C:\Program Files\IDT\WDM\sttray.exe
12:13:10.0110 0x1258  SysTrayApp - ok
12:13:10.0312 0x1258  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:13:10.0346 0x1258  AdobeAAMUpdater-1.0 - ok
12:13:10.0439 0x1258  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:13:10.0471 0x1258  AdobeCS5ServiceManager - ok
12:13:10.0644 0x1258  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:13:10.0713 0x1258  AdobeCS6ServiceManager - ok
12:13:10.0920 0x1258  [ A025DF526B0FB3DAC3169AE4330FF7A4, 4E78E592259B402BA5D69DB0E4BA754E86406D807A42463EB36BBDA925F3C0EB ] C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
12:13:10.0937 0x1258  SSDMonitor - ok
12:13:11.0089 0x1258  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:13:11.0113 0x1258  SunJavaUpdateSched - ok
12:13:11.0249 0x1258  [ 688FCBCC9F062F47A9B2F2923B13EFF9, 628906E75B2ADE34BB69E211DA486EE452B2BE21DF3B186FE85178089B8A0541 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
12:13:11.0271 0x1258  ISUSPM - ok
12:13:11.0487 0x1258  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
12:13:11.0506 0x1258  Google Update - ok
12:13:11.0588 0x1258  [ 68C54757AD5F0A434B7406A4B7177BC2, 90978BF0502FB4FD7C55BB53EE613572A499E2038C7CDD4D3CC96ED5AB2F2939 ] C:\Program Files\WordWeb\wweb32.exe
12:13:11.0622 0x1258  WordWeb - ok
12:13:11.0807 0x1258  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:13:11.0922 0x1258  Sidebar - ok
12:13:11.0931 0x1258  WindowsWelcomeCenter - ok
12:13:12.0151 0x1258  [ 6105AFCB022541D34206741185D2EC72, AC90A982BCC1A23A6B70455D2EB548C88168297BB2729A4B4F3E64572D0FEFDC ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
12:13:12.0556 0x1258  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
12:13:15.0454 0x1258  Detect skipped due to KSN trusted
12:13:15.0454 0x1258  LightScribe Control Panel - ok
12:13:15.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:16.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:17.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:18.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:19.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:20.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:21.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:22.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:23.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:24.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:25.0481 0x1258  AV detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51000 ( enabled : updated )
12:13:25.0485 0x1258  FW detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51010 ( enabled )
12:13:28.0015 0x1258  ============================================================
12:13:28.0015 0x1258  Scan finished
12:13:28.0015 0x1258  ============================================================
12:13:28.0032 0x17ac  Detected object count: 2
12:13:28.0032 0x17ac  Actual detected object count: 2
12:14:43.0145 0x17ac  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:14:43.0145 0x17ac  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:14:43.0194 0x17ac  \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:14:43.0238 0x17ac  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:14:43.0246 0x17ac  \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:14:43.0532 0x17ac  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:14:43.0535 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:14:43.0539 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:14:43.0543 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:14:43.0551 0x17ac  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:14:43.0554 0x17ac  \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
12:14:43.0556 0x17ac  \Device\Harddisk0\DR0\TDLFS - deleted
12:14:43.0556 0x17ac  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 
12:26:49.0839 0x1654  Deinitialize success
 

  • 0

#14
pystryker
Posted 23 July 2014 - 05:51 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
How is the computer running now?

As for Norton picking those up, they were more than likely part of the TDSS rootkit on your machine. We'll run a couple of followup scans for any remnants that may be drifting around.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Scan with Malwarebytes


Start Malwarebytes and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
  • ESET Scan Log
  • MBAM Log
[/b]
  • 0

#15
sayan.dg
Posted 24 July 2014 - 06:02 PM

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

hi pystryker

 

this time eset took more than 12 hrs to complete.. seems it is clean

 

 

Thank you

 

C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert0.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\OpenCandy\8C38E26EAFB6472FA1F406D2EA0AEDA2\Mobogenie_Setup_2.1.27_507.exe.vir Win32/Mobogenie.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\Slick Savings\CouponsHelper.exe.vir a variant of Win32/Toolbar.Widgi.F potentially unwanted application
C:\FRST\Quarantine\C\Program Files\SavePass\SavePass-nova.dll a variant of Win32/Toolbar.CrossRider.AI potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.29.zip a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\FRST\Quarantine\C\Users\User\Downloads\cbsidlm-cbsi188-Screen_Recorder-SEO-75937532.exe.xBAD a variant of Win32/CNETInstaller.B potentially unwanted application
C:\FRST\Quarantine\C\Users\User\Downloads\codecpackage.exe.xBAD Win32/InstallCore.BN potentially unwanted application
C:\FRST\Quarantine\C\Users\User\Downloads\FreeVideoCallRecorder.exe.xBAD Win32/OpenCandy potentially unsafe application
C:\FRST\Quarantine\C\Users\User\Downloads\media.player.codec.pack.v4.3.0.setup.exe.xBAD a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\FRST\Quarantine\C\Users\User\Downloads\ripsetup.exe.xBAD a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\FRST\Quarantine\C\Users\User\Downloads\New WinRAR ZIP archive\keygen.exe.xBAD a variant of Win32/Keygen.EM potentially unsafe application
C:\TDSSKiller_Quarantine\23.07.2014_12.10.19\tdlfs0000\tsk0005.dta Win32/Olmarik.AFK trojan
C:\TDSSKiller_Quarantine\23.07.2014_12.10.19\tdlfs0000\tsk0006.dta Win64/Olmarik.K trojan
 
*****************************************************************************************************************************************************************
12:10:12.0571 0x13b4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:10:19.0011 0x13b4  ============================================================
12:10:19.0011 0x13b4  Current date / time: 2014/07/23 12:10:19.0011
12:10:19.0011 0x13b4  SystemInfo:
12:10:19.0011 0x13b4  
12:10:19.0011 0x13b4  OS Version: 6.0.6002 ServicePack: 2.0
12:10:19.0011 0x13b4  Product type: Workstation
12:10:19.0012 0x13b4  ComputerName: SAYANLAPTOP-PC
12:10:19.0012 0x13b4  UserName: User
12:10:19.0012 0x13b4  Windows directory: C:\Windows
12:10:19.0012 0x13b4  System windows directory: C:\Windows
12:10:19.0012 0x13b4  Processor architecture: Intel x86
12:10:19.0012 0x13b4  Number of processors: 2
12:10:19.0012 0x13b4  Page size: 0x1000
12:10:19.0012 0x13b4  Boot type: Normal boot
12:10:19.0012 0x13b4  ============================================================
12:10:19.0941 0x13b4  KLMD registered as C:\Windows\system32\drivers\86113883.sys
12:10:20.0663 0x13b4  System UUID: {83019E79-A93C-C6D8-426E-4E1773084FA0}
12:10:22.0610 0x13b4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:10:22.0614 0x13b4  ============================================================
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0:
12:10:22.0614 0x13b4  MBR partitions:
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BF9DFC1
12:10:22.0614 0x13b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BF9E000, BlocksNum 0x1226000
12:10:22.0614 0x13b4  ============================================================
12:10:22.0640 0x13b4  C: <-> \Device\Harddisk0\DR0\Partition1
12:10:22.0737 0x13b4  D: <-> \Device\Harddisk0\DR0\Partition2
12:10:22.0737 0x13b4  ============================================================
12:10:22.0737 0x13b4  Initialize success
12:10:22.0737 0x13b4  ============================================================
12:11:13.0045 0x1258  ============================================================
12:11:13.0045 0x1258  Scan started
12:11:13.0045 0x1258  Mode: Manual; SigCheck; TDLFS; 
12:11:13.0045 0x1258  ============================================================
12:11:13.0045 0x1258  KSN ping started
12:11:17.0630 0x1258  KSN ping finished: true
12:11:18.0356 0x1258  ================ Scan system memory ========================
12:11:18.0356 0x1258  System memory - ok
12:11:18.0356 0x1258  ================ Scan services =============================
12:11:18.0692 0x1258  [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
12:11:18.0885 0x1258  Accelerometer - ok
12:11:18.0996 0x1258  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:11:19.0040 0x1258  ACPI - ok
12:11:19.0611 0x1258  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:11:19.0632 0x1258  AdobeARMservice - ok
12:11:19.0776 0x1258  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:19.0801 0x1258  AdobeFlashPlayerUpdateSvc - ok
12:11:19.0897 0x1258  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:11:19.0969 0x1258  adp94xx - ok
12:11:20.0036 0x1258  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:11:20.0066 0x1258  adpahci - ok
12:11:20.0083 0x1258  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:11:20.0109 0x1258  adpu160m - ok
12:11:20.0128 0x1258  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:11:20.0152 0x1258  adpu320 - ok
12:11:20.0217 0x1258  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:11:20.0331 0x1258  AeLookupSvc - ok
12:11:20.0431 0x1258  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
12:11:20.0683 0x1258  AFD - ok
12:11:20.0767 0x1258  [ 8ED60797908FD394EEE0D6949F493224, E07C471050F8D13F0BE52BC2CF88BA0EB8612B4957C43FF16B90197C57738C99 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:11:21.0028 0x1258  AgereModemAudio - ok
12:11:21.0161 0x1258  [ 3712986CC3ABF0DC656B43525B9D1279, 6E8DB863BBF5FFD1F7CA841980946B25C93051BCBC67D7691B565984A78B7CFF ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
12:11:21.0496 0x1258  AgereSoftModem - ok
12:11:21.0582 0x1258  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:11:21.0611 0x1258  agp440 - ok
12:11:21.0674 0x1258  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:11:21.0696 0x1258  aic78xx - ok
12:11:21.0752 0x1258  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
12:11:21.0910 0x1258  ALG - ok
12:11:21.0946 0x1258  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
12:11:21.0965 0x1258  aliide - ok
12:11:22.0020 0x1258  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:11:22.0040 0x1258  amdagp - ok
12:11:22.0064 0x1258  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
12:11:22.0082 0x1258  amdide - ok
12:11:22.0112 0x1258  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:11:22.0179 0x1258  AmdK7 - ok
12:11:22.0214 0x1258  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:11:22.0288 0x1258  AmdK8 - ok
12:11:22.0356 0x1258  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
12:11:22.0422 0x1258  Appinfo - ok
12:11:22.0566 0x1258  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:11:22.0583 0x1258  Apple Mobile Device - ok
12:11:22.0687 0x1258  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
12:11:22.0709 0x1258  arc - ok
12:11:22.0740 0x1258  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:11:22.0761 0x1258  arcsas - ok
12:11:22.0981 0x1258  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:11:23.0006 0x1258  aspnet_state - ok
12:11:23.0066 0x1258  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:23.0128 0x1258  AsyncMac - ok
12:11:23.0181 0x1258  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
12:11:23.0202 0x1258  atapi - ok
12:11:23.0273 0x1258  [ 40767B965A8D575D794F1F95E2E017E9, 3B050B16A1ADE3FF93E0882012A2A9171010F52BC2CCFC1E254F8CD5DF5122F2 ] atashost        C:\Windows\system32\atashost.exe
12:11:23.0295 0x1258  atashost - ok
12:11:23.0385 0x1258  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:11:23.0438 0x1258  AudioEndpointBuilder - ok
12:11:23.0456 0x1258  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:11:23.0496 0x1258  Audiosrv - ok
12:11:23.0647 0x1258  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:11:23.0778 0x1258  BCM43XV - ok
12:11:23.0851 0x1258  [ B9DCE12EA5D337975C444787B66BBFDE, A367A119DB469C329A398771F0E97F6D37FB77688E272ECFD09091E68E76219F ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:11:23.0917 0x1258  BCM43XX - ok
12:11:24.0071 0x1258  [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
12:11:24.0091 0x1258  BcmSqlStartupSvc - ok
12:11:24.0164 0x1258  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:11:24.0224 0x1258  Beep - ok
12:11:24.0358 0x1258  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
12:11:24.0410 0x1258  BFE - ok
12:11:24.0699 0x1258  [ 5A55D8D9340A00B3BD2CC3413B4CB0C0, 438BB95072EC14AD597CFEF040CA7FDE8D46E4AAEE9145AC1014522F1842F713 ] BHDrvx86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140718.001\BHDrvx86.sys
12:11:24.0834 0x1258  BHDrvx86 - ok
12:11:24.0953 0x1258  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
12:11:25.0073 0x1258  BITS - ok
12:11:25.0132 0x1258  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:11:25.0190 0x1258  blbdrive - ok
12:11:25.0316 0x1258  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:11:25.0347 0x1258  Bonjour Service - ok
12:11:25.0427 0x1258  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:11:25.0468 0x1258  bowser - ok
12:11:25.0525 0x1258  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:11:25.0562 0x1258  BrFiltLo - ok
12:11:25.0579 0x1258  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:11:25.0629 0x1258  BrFiltUp - ok
12:11:25.0719 0x1258  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
12:11:25.0783 0x1258  Bridge - ok
12:11:25.0817 0x1258  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:11:25.0848 0x1258  BridgeMP - ok
12:11:25.0893 0x1258  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
12:11:25.0932 0x1258  Browser - ok
12:11:26.0046 0x1258  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:11:26.0285 0x1258  Brserid - ok
12:11:26.0328 0x1258  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:11:26.0424 0x1258  BrSerWdm - ok
12:11:26.0455 0x1258  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:11:26.0542 0x1258  BrUsbMdm - ok
12:11:26.0570 0x1258  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:11:26.0651 0x1258  BrUsbSer - ok
12:11:26.0715 0x1258  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:11:26.0759 0x1258  BthEnum - ok
12:11:26.0842 0x1258  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:11:26.0905 0x1258  BTHMODEM - ok
12:11:26.0983 0x1258  [ C034851122F667F26F813ED1E541C191, 254D653DF90BAD406073E309751A3C2C219DEA84E765AEE5D37697D2583D7AFF ] BthMtpEnum      C:\Windows\system32\DRIVERS\BthMtpEnum.sys
12:11:27.0048 0x1258  BthMtpEnum - ok
12:11:27.0131 0x1258  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:11:27.0189 0x1258  BthPan - ok
12:11:27.0330 0x1258  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:11:27.0394 0x1258  BTHPORT - ok
12:11:27.0452 0x1258  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
12:11:27.0495 0x1258  BthServ - ok
12:11:27.0589 0x1258  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:11:27.0625 0x1258  BTHUSB - ok
12:11:27.0706 0x1258  [ 229B2C1E776062A4033305D5A9D6E28D, 2282111AFB12C9F0A3C1B213F911C23FE6E07E0630EEE026B2E68D36A9051602 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:11:27.0724 0x1258  btwaudio - ok
12:11:27.0781 0x1258  [ 97062053359F6908E1FB2791BFA54734, 46AEAB56C4A7B5F12BD2F1E0327FC96F9DFA618151D1B3D46B6D78B4ECC4B047 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:11:27.0799 0x1258  btwavdt - ok
12:11:27.0832 0x1258  [ D9269B0E3E3CF46D677FD071A40FE6CD, C8D5A1D864DA70B275E44392C490AF21903E8F3AFB2E55595162F6D93376C585 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:11:27.0847 0x1258  btwrchid - ok
12:11:28.0026 0x1258  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1504000.00D\ccSetx86.sys
12:11:28.0047 0x1258  ccSet_NIS - ok
12:11:28.0111 0x1258  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:11:28.0175 0x1258  cdfs - ok
12:11:28.0264 0x1258  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:11:28.0310 0x1258  cdrom - ok
12:11:28.0391 0x1258  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
12:11:28.0431 0x1258  CertPropSvc - ok
12:11:28.0460 0x1258  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:11:28.0507 0x1258  circlass - ok
12:11:28.0590 0x1258  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
12:11:28.0619 0x1258  CLFS - ok
12:11:28.0662 0x1258  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:28.0682 0x1258  clr_optimization_v2.0.50727_32 - ok
12:11:28.0765 0x1258  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:28.0791 0x1258  clr_optimization_v4.0.30319_32 - ok
12:11:28.0858 0x1258  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:11:28.0910 0x1258  CmBatt - ok
12:11:28.0927 0x1258  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:11:28.0947 0x1258  cmdide - ok
12:11:29.0080 0x1258  [ A94146208170D78906C93EE39CEBDD9F, 54B0091593E2E014AD97FED1B715A71722C6B16B454C03F13E88B8423306AB79 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:11:29.0101 0x1258  Com4QLBEx - ok
12:11:29.0120 0x1258  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:11:29.0140 0x1258  Compbatt - ok
12:11:29.0149 0x1258  COMSysApp - ok
12:11:29.0170 0x1258  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:11:29.0190 0x1258  crcdisk - ok
12:11:29.0220 0x1258  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:11:29.0274 0x1258  Crusoe - ok
12:11:29.0347 0x1258  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:11:29.0405 0x1258  CryptSvc - ok
12:11:29.0510 0x1258  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:11:29.0564 0x1258  DcomLaunch - ok
12:11:29.0640 0x1258  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:11:29.0698 0x1258  DfsC - ok
12:11:29.0896 0x1258  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
12:11:30.0095 0x1258  DFSR - ok
12:11:30.0232 0x1258  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:11:30.0282 0x1258  Dhcp - ok
12:11:30.0372 0x1258  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
12:11:30.0395 0x1258  disk - ok
12:11:30.0659 0x1258  [ 4C659CCED934CEF8FEB731949052320D, 49EA4444059E6B95EF7A0B02C2D9FEB318FCE31ED412738B22E08EE7344423F0 ] DiskDoctorService C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
12:11:30.0727 0x1258  DiskDoctorService - ok
12:11:30.0818 0x1258  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:11:30.0881 0x1258  Dnscache - ok
12:11:30.0967 0x1258  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
12:11:31.0015 0x1258  dot3svc - ok
12:11:31.0092 0x1258  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:11:31.0153 0x1258  Dot4 - ok
12:11:31.0202 0x1258  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:11:31.0269 0x1258  Dot4Print - ok
12:11:31.0298 0x1258  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:11:31.0365 0x1258  dot4usb - ok
12:11:31.0476 0x1258  [ 5BC1D876DFD53C31C5FC65D2E9614015, 605E7D1E2FF7A0663C5F6B29D28C830EA49B6342D570F03BE5B3D0F287AB9071 ] DpHost          C:\Program Files\DigitalPersona\Bin\DpHostW.exe
12:11:31.0525 0x1258  DpHost - detected UnsignedFile.Multi.Generic ( 1 )
12:11:34.0078 0x1258  Detect skipped due to KSN trusted
12:11:34.0078 0x1258  DpHost - ok
12:11:34.0117 0x1258  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
12:11:34.0169 0x1258  DPS - ok
12:11:34.0204 0x1258  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:11:34.0247 0x1258  drmkaud - ok
12:11:34.0343 0x1258  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:11:34.0391 0x1258  DXGKrnl - ok
12:11:34.0414 0x1258  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:11:34.0466 0x1258  E1G60 - ok
12:11:34.0535 0x1258  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
12:11:34.0593 0x1258  EapHost - ok
12:11:34.0677 0x1258  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:11:34.0703 0x1258  Ecache - ok
12:11:34.0808 0x1258  [ 10D14FAEF105DF2432D0E03860895284, 200662CD73537A8152FA0C276F20CE9B558FB2EB1AD0C171E5CCF4DC8C02F8B3 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:11:34.0841 0x1258  eeCtrl - ok
12:11:35.0002 0x1258  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:11:35.0036 0x1258  elxstor - ok
12:11:35.0185 0x1258  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:11:35.0285 0x1258  EMDMgmt - ok
12:11:35.0349 0x1258  [ 004B2EA6CC2598EC5F0552E43CE29CEF, 5120903105749DC7A0356DF060B020D78F10FC1B651AC036B1D852EF65DD1D85 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
12:11:35.0372 0x1258  enecir - ok
12:11:35.0457 0x1258  [ 0424EAB7549926FB864BD41E7F0639CC, 04E349F311B24239E1B4DAD073360A0D91391B69E74B43D705A1C00FDF113F45 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:11:35.0477 0x1258  EraserUtilRebootDrv - ok
12:11:35.0548 0x1258  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:11:35.0598 0x1258  ErrDev - ok
12:11:35.0709 0x1258  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
12:11:35.0764 0x1258  EventSystem - ok
12:11:35.0858 0x1258  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:11:35.0922 0x1258  exfat - ok
12:11:35.0986 0x1258  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:11:36.0020 0x1258  fastfat - ok
12:11:36.0102 0x1258  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:11:36.0174 0x1258  fdc - ok
12:11:36.0198 0x1258  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
12:11:36.0248 0x1258  fdPHost - ok
12:11:36.0266 0x1258  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:11:36.0364 0x1258  FDResPub - ok
12:11:36.0428 0x1258  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:11:36.0449 0x1258  FileInfo - ok
12:11:36.0468 0x1258  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:11:36.0504 0x1258  Filetrace - ok
12:11:36.0567 0x1258  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:11:36.0634 0x1258  flpydisk - ok
12:11:36.0731 0x1258  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:11:36.0758 0x1258  FltMgr - ok
12:11:36.0884 0x1258  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
12:11:36.0979 0x1258  FontCache - ok
12:11:37.0123 0x1258  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:11:37.0142 0x1258  FontCache3.0.0.0 - ok
12:11:37.0201 0x1258  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
12:11:37.0218 0x1258  fssfltr - ok
12:11:37.0388 0x1258  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:11:37.0485 0x1258  fsssvc - ok
12:11:37.0572 0x1258  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:11:37.0624 0x1258  Fs_Rec - ok
12:11:37.0680 0x1258  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:11:37.0701 0x1258  gagp30kx - ok
12:11:37.0850 0x1258  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
12:11:37.0875 0x1258  GamesAppIntegrationService - ok
12:11:37.0997 0x1258  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
12:11:38.0019 0x1258  GamesAppService - ok
12:11:38.0077 0x1258  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:11:38.0093 0x1258  GEARAspiWDM - ok
12:11:38.0225 0x1258  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
12:11:38.0303 0x1258  gpsvc - ok
12:11:38.0453 0x1258  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:38.0471 0x1258  gupdate - ok
12:11:38.0481 0x1258  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:38.0498 0x1258  gupdatem - ok
12:11:38.0595 0x1258  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:11:38.0656 0x1258  HdAudAddService - ok
12:11:38.0776 0x1258  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:11:38.0868 0x1258  HDAudBus - ok
12:11:38.0946 0x1258  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:11:39.0005 0x1258  HidBth - ok
12:11:39.0037 0x1258  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:11:39.0079 0x1258  HidIr - ok
12:11:39.0158 0x1258  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
12:11:39.0196 0x1258  hidserv - ok
12:11:39.0253 0x1258  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:11:39.0293 0x1258  HidUsb - ok
12:11:39.0323 0x1258  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:11:39.0380 0x1258  hkmsvc - ok
12:11:39.0521 0x1258  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
12:11:39.0554 0x1258  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
12:11:42.0651 0x1258  Detect skipped due to KSN trusted
12:11:42.0651 0x1258  HP Health Check Service - ok
12:11:42.0693 0x1258  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:11:42.0713 0x1258  HpCISSs - ok
12:11:42.0773 0x1258  [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
12:11:42.0788 0x1258  hpdskflt - ok
12:11:42.0924 0x1258  [ FCB563B0A23643E5F80B6FF1E60F610F, C1FCECF406E154065BF3FD93C4853ED96F5300E0E218FF0AA20B34D614710735 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:11:42.0969 0x1258  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
12:11:45.0710 0x1258  Detect skipped due to KSN trusted
12:11:45.0710 0x1258  hpqcxs08 - ok
12:11:45.0739 0x1258  [ 25E443E27165C652723A92D9BDFD4649, 58528E888176D236C683F5135BE0B35F43F9F521022ED0E66D5B688F3BAF7D0F ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:11:45.0750 0x1258  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:11:55.0847 0x1258  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:11:55.0847 0x1258  Force sending object to P2P due to detect: hpqddsvc
12:11:58.0585 0x1258  Object send P2P result: true
12:12:01.0174 0x1258  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:12:01.0219 0x1258  HpqKbFiltr - ok
12:12:01.0273 0x1258  [ 115C0933B3ED51DFBEC4449348C8065B, 5C937F9DA4DC43CA11B6667D7DF41FC8D0E88994D0A854FDD0F3024D76DE0353 ] HpqRemHid       C:\Windows\system32\DRIVERS\HpqRemHid.sys
12:12:01.0354 0x1258  HpqRemHid - ok
12:12:01.0445 0x1258  [ D50FDAD1E57AA60F1973CFC77D905F0E, 50700337E984F71020BC0F714E0747A99E48711EAC590B22F3F104B3CFFDAF5B ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
12:12:01.0489 0x1258  hpqwmiex - ok
12:12:01.0542 0x1258  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv           C:\Windows\system32\Hpservice.exe
12:12:01.0557 0x1258  hpsrv - ok
12:12:01.0659 0x1258  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:12:01.0704 0x1258  HSFHWAZL - ok
12:12:01.0846 0x1258  [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
12:12:01.0958 0x1258  HSF_DPV - ok
12:12:02.0069 0x1258  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:12:02.0142 0x1258  HTTP - ok
12:12:02.0208 0x1258  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:12:02.0228 0x1258  i2omp - ok
12:12:02.0345 0x1258  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:02.0386 0x1258  i8042prt - ok
12:12:02.0520 0x1258  [ CB686F44BF955EA02520710A56874FA4, D898E897171B07136FCB94726AB16738C923A170B166EB5D758E404C8A6EFD0F ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:12:02.0549 0x1258  IAANTMON - ok
12:12:02.0605 0x1258  [ DB0CC620B27A928D968C1A1E9CD9CB87, 62F2FAF027C217A3A035759AF47D848AEFFA7A94C54B4C424B67459D464B8AA8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:12:02.0628 0x1258  iaStor - ok
12:12:02.0664 0x1258  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:12:02.0691 0x1258  iaStorV - ok
12:12:02.0842 0x1258  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:12:02.0884 0x1258  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:12:05.0436 0x1258  Detect skipped due to KSN trusted
12:12:05.0436 0x1258  IDriverT - ok
12:12:05.0596 0x1258  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:12:05.0652 0x1258  idsvc - ok
12:12:05.0838 0x1258  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140722.001\IDSvix86.sys
12:12:05.0871 0x1258  IDSVix86 - ok
12:12:06.0440 0x1258  [ A74F485DC208EA867C72C1FE4529B68A, C74F9A44FC088E730E4B7E26F3120DB385F4037CE60FC22785BA405F1FC8E232 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:12:06.0687 0x1258  igfx - ok
12:12:06.0711 0x1258  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:12:06.0731 0x1258  iirsp - ok
12:12:06.0828 0x1258  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:12:06.0869 0x1258  IKEEXT - ok
12:12:06.0909 0x1258  [ 8DAB99684CFE8B4DDD5D6D0C5D55FDAC, 1FE5ED643332F9851B6895F2C0340D81EFD47C5A5F9DAC0F292AFE818C98E04F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
12:12:06.0939 0x1258  IntcHdmiAddService - ok
12:12:07.0006 0x1258  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
12:12:07.0025 0x1258  intelide - ok
12:12:07.0080 0x1258  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:12:07.0131 0x1258  intelppm - ok
12:12:07.0188 0x1258  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:12:07.0228 0x1258  IPBusEnum - ok
12:12:07.0244 0x1258  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:07.0281 0x1258  IpFilterDriver - ok
12:12:07.0385 0x1258  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:12:07.0467 0x1258  iphlpsvc - ok
12:12:07.0474 0x1258  IpInIp - ok
12:12:07.0515 0x1258  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:12:07.0570 0x1258  IPMIDRV - ok
12:12:07.0604 0x1258  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:12:07.0653 0x1258  IPNAT - ok
12:12:07.0758 0x1258  [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:12:07.0796 0x1258  iPod Service - ok
12:12:07.0879 0x1258  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:12:07.0914 0x1258  IRENUM - ok
12:12:07.0951 0x1258  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:12:07.0971 0x1258  isapnp - ok
12:12:08.0110 0x1258  [ B3C02712CAA7E2949F2D95F9AE99E0F6, FAA0C8471D957363690037FA0496A53FA1C71B5590FDA70FF14C633F37735A78 ] iscFlash        C:\SwSetup\sp42557\iscflash.sys
12:12:08.0140 0x1258  iscFlash - detected UnsignedFile.Multi.Generic ( 1 )
12:12:10.0919 0x1258  Detect skipped due to KSN trusted
12:12:10.0919 0x1258  iscFlash - ok
12:12:10.0998 0x1258  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:12:11.0024 0x1258  iScsiPrt - ok
12:12:11.0068 0x1258  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:12:11.0086 0x1258  iteatapi - ok
12:12:11.0165 0x1258  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:12:11.0183 0x1258  iteraid - ok
12:12:11.0204 0x1258  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:12:11.0223 0x1258  kbdclass - ok
12:12:11.0274 0x1258  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:12:11.0326 0x1258  kbdhid - ok
12:12:11.0382 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
12:12:11.0441 0x1258  KeyIso - ok
12:12:11.0521 0x1258  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:12:11.0560 0x1258  KSecDD - ok
12:12:11.0641 0x1258  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:12:11.0711 0x1258  KtmRm - ok
12:12:11.0790 0x1258  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:12:11.0830 0x1258  LanmanServer - ok
12:12:11.0910 0x1258  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:12:11.0958 0x1258  LanmanWorkstation - ok
12:12:12.0025 0x1258  [ 9188D073CD14F886790D6037D1986063, ED956DFBD9A3AF8B6B9C41137AFC2DA959C36D17B6E3A5C0A8425D70BD99AF9E ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:12:12.0069 0x1258  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:12:14.0622 0x1258  Detect skipped due to KSN trusted
12:12:14.0623 0x1258  LightScribeService - ok
12:12:14.0752 0x1258  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:12:14.0788 0x1258  lltdio - ok
12:12:14.0831 0x1258  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:12:14.0875 0x1258  lltdsvc - ok
12:12:14.0902 0x1258  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:12:14.0969 0x1258  lmhosts - ok
12:12:14.0993 0x1258  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:12:15.0014 0x1258  LSI_FC - ok
12:12:15.0031 0x1258  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:12:15.0053 0x1258  LSI_SAS - ok
12:12:15.0130 0x1258  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:12:15.0152 0x1258  LSI_SCSI - ok
12:12:15.0180 0x1258  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:12:15.0234 0x1258  luafv - ok
12:12:15.0252 0x1258  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:12:15.0269 0x1258  MBAMProtector - ok
12:12:15.0540 0x1258  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
12:12:15.0635 0x1258  MBAMScheduler - ok
12:12:15.0748 0x1258  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
12:12:15.0802 0x1258  MBAMService - ok
12:12:15.0872 0x1258  [ 799613BA73D25641402AA81B6403EFF8, 55FFF9248C0798346888071A60BF42C809C5D4C7BBA92C97B617F7B6681E00F3 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:12:15.0889 0x1258  MBAMWebAccessControl - ok
12:12:15.0971 0x1258  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:12:16.0036 0x1258  MDM - detected UnsignedFile.Multi.Generic ( 1 )
12:12:19.0070 0x1258  Detect skipped due to KSN trusted
12:12:19.0070 0x1258  MDM - ok
12:12:19.0146 0x1258  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
12:12:19.0166 0x1258  megasas - ok
12:12:19.0243 0x1258  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
12:12:19.0279 0x1258  MegaSR - ok
12:12:19.0368 0x1258  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:12:19.0385 0x1258  Microsoft Office Groove Audit Service - ok
12:12:19.0422 0x1258  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
12:12:19.0460 0x1258  MMCSS - ok
12:12:19.0493 0x1258  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
12:12:19.0531 0x1258  Modem - ok
12:12:19.0570 0x1258  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:12:19.0607 0x1258  monitor - ok
12:12:19.0667 0x1258  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:12:19.0686 0x1258  mouclass - ok
12:12:19.0716 0x1258  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:12:19.0751 0x1258  mouhid - ok
12:12:19.0801 0x1258  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:12:19.0821 0x1258  MountMgr - ok
12:12:19.0859 0x1258  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:12:19.0881 0x1258  mpio - ok
12:12:19.0927 0x1258  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:12:19.0995 0x1258  mpsdrv - ok
12:12:20.0138 0x1258  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:12:20.0224 0x1258  MpsSvc - ok
12:12:20.0256 0x1258  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:12:20.0275 0x1258  Mraid35x - ok
12:12:20.0338 0x1258  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:12:20.0380 0x1258  MRxDAV - ok
12:12:20.0450 0x1258  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:12:20.0553 0x1258  mrxsmb - ok
12:12:20.0634 0x1258  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:12:20.0691 0x1258  mrxsmb10 - ok
12:12:20.0752 0x1258  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:12:20.0790 0x1258  mrxsmb20 - ok
12:12:20.0864 0x1258  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:12:20.0883 0x1258  msahci - ok
12:12:20.0905 0x1258  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:12:20.0927 0x1258  msdsm - ok
12:12:20.0951 0x1258  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
12:12:20.0992 0x1258  MSDTC - ok
12:12:21.0020 0x1258  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:12:21.0063 0x1258  Msfs - ok
12:12:21.0114 0x1258  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:12:21.0133 0x1258  msisadrv - ok
12:12:21.0167 0x1258  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:12:21.0217 0x1258  MSiSCSI - ok
12:12:21.0248 0x1258  msiserver - ok
12:12:21.0308 0x1258  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:12:22.0357 0x1258  MSKSSRV - ok
12:12:22.0473 0x1258  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:12:22.0800 0x1258  MSPCLOCK - ok
12:12:22.0838 0x1258  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:12:22.0876 0x1258  MSPQM - ok
12:12:23.0015 0x1258  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:12:23.0042 0x1258  MsRPC - ok
12:12:23.0095 0x1258  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:12:23.0115 0x1258  mssmbios - ok
12:12:23.0228 0x1258  MSSQL$MSSMLBIZ - ok
12:12:23.0337 0x1258  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:12:23.0356 0x1258  MSSQLServerADHelper - ok
12:12:23.0383 0x1258  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:12:23.0443 0x1258  MSTEE - ok
12:12:23.0509 0x1258  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:12:23.0530 0x1258  Mup - ok
12:12:23.0600 0x1258  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
12:12:23.0661 0x1258  napagent - ok
12:12:23.0726 0x1258  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:12:23.0753 0x1258  NativeWifiP - ok
12:12:23.0903 0x1258  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.008\NAVENG.SYS
12:12:23.0922 0x1258  NAVENG - ok
12:12:24.0099 0x1258  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.008\NAVEX15.SYS
12:12:25.0005 0x1258  NAVEX15 - ok
12:12:25.0430 0x1258  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:12:25.0490 0x1258  NDIS - ok
12:12:25.0526 0x1258  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:12:25.0968 0x1258  NdisTapi - ok
12:12:25.0998 0x1258  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:12:26.0053 0x1258  Ndisuio - ok
12:12:26.0131 0x1258  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:12:26.0178 0x1258  NdisWan - ok
12:12:26.0213 0x1258  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:12:26.0261 0x1258  NDProxy - ok
12:12:26.0364 0x1258  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:12:26.0392 0x1258  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:12:28.0956 0x1258  Detect skipped due to KSN trusted
12:12:28.0956 0x1258  Net Driver HPZ12 - ok
12:12:28.0992 0x1258  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:12:29.0041 0x1258  NetBIOS - ok
12:12:29.0117 0x1258  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:12:29.0171 0x1258  netbt - ok
12:12:29.0194 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
12:12:29.0215 0x1258  Netlogon - ok
12:12:29.0326 0x1258  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
12:12:29.0407 0x1258  Netman - ok
12:12:29.0546 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0573 0x1258  NetMsmqActivator - ok
12:12:29.0604 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0630 0x1258  NetPipeActivator - ok
12:12:29.0690 0x1258  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
12:12:29.0754 0x1258  netprofm - ok
12:12:29.0765 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0790 0x1258  NetTcpActivator - ok
12:12:29.0803 0x1258  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:29.0828 0x1258  NetTcpPortSharing - ok
12:12:29.0896 0x1258  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:12:29.0915 0x1258  nfrd960 - ok
12:12:30.0019 0x1258  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] NIS             C:\Program Files\Norton Internet Security\Engine\21.4.0.13\NIS.exe
12:12:30.0043 0x1258  NIS - ok
12:12:30.0080 0x1258  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:12:30.0135 0x1258  NlaSvc - ok
12:12:30.0459 0x1258  [ CD569FA91EC6F59D045C19D0D3850F44, 8DDD03BB5EB614689D62FD9BDD89A2AF960EC07BA18792AFAA87D1E565E74EBC ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
12:12:30.0503 0x1258  nmservice - ok
12:12:30.0565 0x1258  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
12:12:30.0680 0x1258  nmwcd - ok
12:12:30.0749 0x1258  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
12:12:30.0809 0x1258  nmwcdc - ok
12:12:30.0879 0x1258  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
12:12:30.0948 0x1258  nmwcdnsu - ok
12:12:31.0021 0x1258  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
12:12:31.0062 0x1258  nmwcdnsuc - ok
12:12:31.0148 0x1258  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:12:31.0190 0x1258  Npfs - ok
12:12:31.0220 0x1258  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
12:12:31.0257 0x1258  nsi - ok
12:12:31.0282 0x1258  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:12:31.0358 0x1258  nsiproxy - ok
12:12:31.0605 0x1258  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:12:31.0674 0x1258  Ntfs - ok
12:12:31.0726 0x1258  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:12:31.0810 0x1258  ntrigdigi - ok
12:12:32.0000 0x1258  [ A66FCAB18F99477770BDEE6527E94C54, F15B8455B27391857E2CEF6342E6A59DE01EBC3616FFEE575F78479411905813 ] NU16StartManagerSvc C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
12:12:32.0049 0x1258  NU16StartManagerSvc - ok
12:12:32.0078 0x1258  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
12:12:32.0129 0x1258  Null - ok
12:12:32.0209 0x1258  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
12:12:32.0307 0x1258  NVENETFD - ok
12:12:32.0353 0x1258  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:12:32.0375 0x1258  nvraid - ok
12:12:32.0412 0x1258  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:12:32.0432 0x1258  nvstor - ok
12:12:32.0470 0x1258  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:12:32.0493 0x1258  nv_agp - ok
12:12:32.0503 0x1258  NwlnkFlt - ok
12:12:32.0511 0x1258  NwlnkFwd - ok
12:12:32.0668 0x1258  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:12:32.0704 0x1258  odserv - ok
12:12:32.0813 0x1258  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:12:32.0851 0x1258  ohci1394 - ok
12:12:32.0995 0x1258  OracleJobSchedulerDATABASE1 - ok
12:12:33.0000 0x1258  OracleMTSRecoveryService - ok
12:12:33.0008 0x1258  OracleOraDb11g_home1ClrAgent - ok
12:12:33.0018 0x1258  OracleOraDb11g_home1TNSListener - ok
12:12:33.0026 0x1258  OracleServiceDATABASE1 - ok
12:12:33.0035 0x1258  OracleVssWriterDATABASE1 - ok
12:12:33.0094 0x1258  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:12:33.0115 0x1258  ose - ok
12:12:33.0305 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:12:33.0391 0x1258  p2pimsvc - ok
12:12:33.0419 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:12:33.0468 0x1258  p2psvc - ok
12:12:33.0534 0x1258  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
12:12:33.0636 0x1258  Parport - ok
12:12:33.0716 0x1258  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:12:33.0736 0x1258  partmgr - ok
12:12:33.0799 0x1258  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:12:33.0858 0x1258  Parvdm - ok
12:12:33.0909 0x1258  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:12:33.0956 0x1258  PcaSvc - ok
12:12:34.0026 0x1258  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:12:34.0072 0x1258  pccsmcfd - ok
12:12:34.0127 0x1258  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
12:12:34.0152 0x1258  pci - ok
12:12:34.0203 0x1258  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:12:34.0222 0x1258  pciide - ok
12:12:34.0251 0x1258  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:12:34.0275 0x1258  pcmcia - ok
12:12:34.0377 0x1258  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:12:34.0514 0x1258  PEAUTH - ok
12:12:34.0645 0x1258  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
12:12:34.0825 0x1258  pla - ok
12:12:34.0911 0x1258  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:12:34.0972 0x1258  PlugPlay - ok
12:12:35.0073 0x1258  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:12:35.0104 0x1258  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:12:38.0131 0x1258  Detect skipped due to KSN trusted
12:12:38.0131 0x1258  Pml Driver HPZ12 - ok
12:12:38.0216 0x1258  [ 3DE33BCE4A930EDF57BD1F742823BCD8, EFE61739AF790DF4E8E22EE8DB3D5361C8FD0755CB5E34305F4A3C04365BF6F1 ] pnarp           C:\Windows\system32\DRIVERS\pnarp.sys
12:12:38.0231 0x1258  pnarp - ok
12:12:38.0282 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:12:38.0333 0x1258  PNRPAutoReg - ok
12:12:38.0362 0x1258  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:12:38.0413 0x1258  PNRPsvc - ok
12:12:38.0524 0x1258  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:12:38.0585 0x1258  PolicyAgent - ok
12:12:38.0634 0x1258  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:12:38.0687 0x1258  PptpMiniport - ok
12:12:38.0713 0x1258  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
12:12:38.0750 0x1258  Processor - ok
12:12:38.0806 0x1258  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
12:12:38.0857 0x1258  ProfSvc - ok
12:12:38.0918 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
12:12:38.0939 0x1258  ProtectedStorage - ok
12:12:39.0011 0x1258  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:12:39.0057 0x1258  PSched - ok
12:12:39.0137 0x1258  [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC, F4FD4D9F3C201CB95B8A6ABD6D89500A1F1C12BFA71429537D9834551163FC69 ] purendis        C:\Windows\system32\DRIVERS\purendis.sys
12:12:39.0152 0x1258  purendis - ok
12:12:39.0310 0x1258  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:12:39.0381 0x1258  ql2300 - ok
12:12:39.0463 0x1258  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:12:39.0484 0x1258  ql40xx - ok
12:12:39.0658 0x1258  [ 2D757E14216E643E7885EBC0CFB0B906, 2184BEB2D3A9F24AEDDF672AF2DE9677650262B6A25BB82FC5D403856DB56847 ] QPCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
12:12:39.0683 0x1258  QPCapSvc - ok
12:12:39.0713 0x1258  [ EA8B29EAD23DA9DA2F5DF1DA7C82E308, 14075D40D285A4EAD93CEB7DEA8AEFA023C5B9A3C5CD0F45BCE70948D84F88B0 ] QPSched         C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
12:12:39.0730 0x1258  QPSched - ok
12:12:39.0793 0x1258  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
12:12:39.0843 0x1258  QWAVE - ok
12:12:39.0878 0x1258  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:12:39.0898 0x1258  QWAVEdrv - ok
12:12:39.0955 0x1258  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:12:39.0991 0x1258  RasAcd - ok
12:12:40.0060 0x1258  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
12:12:40.0101 0x1258  RasAuto - ok
12:12:40.0170 0x1258  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:12:40.0235 0x1258  Rasl2tp - ok
12:12:40.0326 0x1258  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
12:12:40.0367 0x1258  RasMan - ok
12:12:40.0439 0x1258  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:12:40.0495 0x1258  RasPppoe - ok
12:12:40.0579 0x1258  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:12:40.0603 0x1258  RasSstp - ok
12:12:40.0699 0x1258  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:12:40.0754 0x1258  rdbss - ok
12:12:40.0783 0x1258  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:12:40.0844 0x1258  RDPCDD - ok
12:12:40.0888 0x1258  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:12:40.0934 0x1258  rdpdr - ok
12:12:40.0942 0x1258  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:12:40.0977 0x1258  RDPENCDD - ok
12:12:41.0038 0x1258  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:12:41.0095 0x1258  RDPWD - ok
12:12:41.0207 0x1258  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
12:12:41.0223 0x1258  RealNetworks Downloader Resolver Service - ok
12:12:41.0344 0x1258  [ B9570481A1BABCC4A9E941C553596077, B9A89B8C683F634504F7563EDAFB09F0AC8165F34F03177C96D4109CE1BE5D74 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
12:12:41.0373 0x1258  Recovery Service for Windows - ok
12:12:41.0439 0x1258  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:12:41.0479 0x1258  RemoteAccess - ok
12:12:41.0597 0x1258  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:12:41.0632 0x1258  RemoteRegistry - ok
12:12:41.0752 0x1258  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:12:41.0860 0x1258  RFCOMM - ok
12:12:42.0121 0x1258  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:12:42.0143 0x1258  RichVideo - ok
12:12:42.0182 0x1258  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
12:12:42.0249 0x1258  RpcLocator - ok
12:12:42.0328 0x1258  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
12:12:42.0382 0x1258  RpcSs - ok
12:12:42.0419 0x1258  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:12:42.0476 0x1258  rspndr - ok
12:12:42.0579 0x1258  [ A1ADC7B4C074744662207DA6EDCDFBB0, 2FB2C3925F8FB4E060227E7972FC1C3E142BD70C5D1F11193D2176A3A36BD299 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
12:12:42.0669 0x1258  RTL8169 - ok
12:12:42.0743 0x1258  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
12:12:42.0776 0x1258  RTSTOR - ok
12:12:42.0796 0x1258  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
12:12:42.0816 0x1258  SamSs - ok
12:12:42.0852 0x1258  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:12:42.0872 0x1258  sbp2port - ok
12:12:42.0936 0x1258  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:12:42.0981 0x1258  SCardSvr - ok
12:12:43.0140 0x1258  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
12:12:43.0252 0x1258  Schedule - ok
12:12:43.0310 0x1258  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:12:43.0338 0x1258  SCPolicySvc - ok
12:12:43.0556 0x1258  [ B60E9769655DDEE8368E3ABB6668E076, EECA05B36C6F837FA6DB2EDD78E17E9EA5F0D793B869CB99A08C61AB485A1E67 ] ScrybeUpdater   C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
12:12:43.0629 0x1258  ScrybeUpdater - ok
12:12:43.0691 0x1258  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:12:43.0742 0x1258  sdbus - ok
12:12:43.0781 0x1258  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:12:43.0825 0x1258  SDRSVC - ok
12:12:43.0847 0x1258  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:12:43.0919 0x1258  secdrv - ok
12:12:43.0970 0x1258  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
12:12:44.0022 0x1258  seclogon - ok
12:12:44.0099 0x1258  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
12:12:44.0157 0x1258  SENS - ok
12:12:44.0246 0x1258  [ D23FC3F409FDBB2A5C230ABC137C4B45, A970109D96F7E01D3A391798FFBEC0303BECB239B966FA3FE4DC1ED494429D74 ] Sentinel        C:\Windows\System32\Drivers\SENTINEL.SYS
12:12:44.0264 0x1258  Sentinel - ok
12:12:44.0360 0x1258  [ 881F7E7A2A9F9E91189B4FBB70EB5F47, 379832A928E486E1B1CC98A00303ECBD6F565E3AF2881C407D18D139E4F594BB ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
12:12:44.0381 0x1258  SentinelProtectionServer - ok
12:12:44.0407 0x1258  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:12:44.0465 0x1258  Serenum - ok
12:12:44.0514 0x1258  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
12:12:44.0602 0x1258  Serial - ok
12:12:44.0641 0x1258  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:12:44.0676 0x1258  sermouse - ok
12:12:44.0834 0x1258  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:12:44.0877 0x1258  ServiceLayer - ok
12:12:44.0947 0x1258  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:12:45.0016 0x1258  SessionEnv - ok
12:12:45.0089 0x1258  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:12:45.0118 0x1258  sffdisk - ok
12:12:45.0138 0x1258  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:12:45.0174 0x1258  sffp_mmc - ok
12:12:45.0193 0x1258  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:12:45.0229 0x1258  sffp_sd - ok
12:12:45.0249 0x1258  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:12:45.0311 0x1258  sfloppy - ok
12:12:45.0368 0x1258  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:12:45.0453 0x1258  SharedAccess - ok
12:12:45.0555 0x1258  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:12:45.0664 0x1258  ShellHWDetection - ok
12:12:45.0698 0x1258  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:12:45.0718 0x1258  sisagp - ok
12:12:45.0756 0x1258  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:12:45.0776 0x1258  SiSRaid2 - ok
12:12:45.0798 0x1258  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:12:45.0820 0x1258  SiSRaid4 - ok
12:12:45.0911 0x1258  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:12:45.0941 0x1258  SkypeUpdate - ok
12:12:46.0152 0x1258  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
12:12:46.0373 0x1258  slsvc - ok
12:12:46.0459 0x1258  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:12:46.0514 0x1258  SLUINotify - ok
12:12:46.0579 0x1258  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:12:46.0641 0x1258  Smb - ok
12:12:46.0708 0x1258  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:12:46.0744 0x1258  SNMPTRAP - ok
12:12:46.0882 0x1258  [ CF3AF4684F80F2D965539C6AFD5E9B5D, 7469BB8ECA5EEC5BD2A5ADB4DFCF2EB1ABEDDC2431E0902BA09F04087458835B ] SpeedDiskService C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
12:12:46.0953 0x1258  SpeedDiskService - ok
12:12:47.0026 0x1258  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:12:47.0045 0x1258  spldr - ok
12:12:47.0113 0x1258  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
12:12:47.0171 0x1258  Spooler - ok
12:12:47.0255 0x1258  [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd            C:\Windows\System32\Drivers\sptd.sys
12:12:47.0286 0x1258  sptd - ok
12:12:47.0383 0x1258  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:12:47.0408 0x1258  SQLBrowser - ok
12:12:47.0503 0x1258  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:12:47.0521 0x1258  SQLWriter - ok
12:12:47.0799 0x1258  [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP           C:\Windows\System32\Drivers\NIS\1504000.00D\SRTSP.SYS
12:12:47.0845 0x1258  SRTSP - ok
12:12:47.0868 0x1258  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\Windows\system32\drivers\NIS\1504000.00D\SRTSPX.SYS
12:12:47.0885 0x1258  SRTSPX - ok
12:12:47.0958 0x1258  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:12:48.0015 0x1258  srv - ok
12:12:48.0082 0x1258  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:12:48.0118 0x1258  srv2 - ok
12:12:48.0158 0x1258  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:12:48.0224 0x1258  srvnet - ok
12:12:48.0259 0x1258  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:12:48.0318 0x1258  SSDPSRV - ok
12:12:48.0379 0x1258  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:12:48.0421 0x1258  SstpSvc - ok
12:12:48.0675 0x1258  [ 05AE358CD777BF8857F512A18E1DE7AA, 3EA85776E3E2D4A2539DB3D8644B497584149D79F25C310250EAAA6E37646493 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
12:12:48.0754 0x1258  STacSV - ok
12:12:48.0880 0x1258  [ E69A606872650B46DE54EC15DCC93529, 9E070CC909A6722404971DE2C98343C92A0F41F824CF881A7DCBAD9942A656A9 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
12:12:48.0936 0x1258  STHDA - ok
12:12:49.0018 0x1258  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
12:12:49.0093 0x1258  stisvc - ok
12:12:49.0137 0x1258  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:12:49.0156 0x1258  swenum - ok
12:12:49.0236 0x1258  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
12:12:49.0280 0x1258  swprv - ok
12:12:49.0316 0x1258  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:12:49.0334 0x1258  Symc8xx - ok
12:12:49.0396 0x1258  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\NIS\1504000.00D\SYMDS.SYS
12:12:49.0427 0x1258  SymDS - ok
12:12:49.0512 0x1258  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\Windows\system32\drivers\NIS\1504000.00D\SYMEFA.SYS
12:12:49.0571 0x1258  SymEFA - ok
12:12:49.0638 0x1258  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
12:12:49.0658 0x1258  SymEvent - ok
12:12:49.0749 0x1258  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\Windows\system32\drivers\NIS\1504000.00D\Ironx86.SYS
12:12:49.0772 0x1258  SymIRON - ok
12:12:49.0814 0x1258  [ D3F7FB40012382F7B206200AE794FBD7, B58C1969C766D5BF0BCFE9642D4F2B221E62240A9FCE18738B21DB457F57C22C ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1504000.00D\SYMTDIV.SYS
12:12:49.0846 0x1258  SYMTDIv - ok
12:12:49.0881 0x1258  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:12:49.0899 0x1258  Sym_hi - ok
12:12:49.0918 0x1258  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:12:49.0937 0x1258  Sym_u3 - ok
12:12:49.0983 0x1258  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:12:50.0009 0x1258  SynTP - ok
12:12:50.0095 0x1258  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
12:12:50.0185 0x1258  SysMain - ok
12:12:50.0235 0x1258  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:12:50.0273 0x1258  TabletInputService - ok
12:12:50.0343 0x1258  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:12:50.0401 0x1258  TapiSrv - ok
12:12:50.0425 0x1258  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
12:12:50.0465 0x1258  TBS - ok
12:12:50.0578 0x1258  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:12:50.0643 0x1258  Tcpip - ok
12:12:50.0686 0x1258  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:12:50.0740 0x1258  Tcpip6 - ok
12:12:50.0832 0x1258  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:12:50.0941 0x1258  tcpipreg - ok
12:12:50.0984 0x1258  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:12:51.0048 0x1258  TDPIPE - ok
12:12:51.0096 0x1258  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:12:51.0164 0x1258  TDTCP - ok
12:12:51.0226 0x1258  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:12:51.0270 0x1258  tdx - ok
12:12:51.0349 0x1258  [ 34F30A078404410FE0D94F4627D91D5C, 3ED601D304C123A6115B79780CDD3AC9EAAD2DC38F3FF984C4F14CCEA6FECAF7 ] tenCapture      C:\Windows\system32\DRIVERS\tenCapture.sys
12:12:51.0370 0x1258  tenCapture - ok
12:12:51.0399 0x1258  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:12:51.0421 0x1258  TermDD - ok
12:12:51.0463 0x1258  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
12:12:51.0561 0x1258  TermService - ok
12:12:51.0601 0x1258  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
12:12:51.0632 0x1258  Themes - ok
12:12:51.0691 0x1258  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
12:12:51.0730 0x1258  THREADORDER - ok
12:12:51.0800 0x1258  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
12:12:51.0840 0x1258  TrkWks - ok
12:12:51.0985 0x1258  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:12:52.0037 0x1258  TrustedInstaller - ok
12:12:52.0107 0x1258  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:12:52.0162 0x1258  tssecsrv - ok
12:12:52.0220 0x1258  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:12:52.0241 0x1258  tunmp - ok
12:12:52.0314 0x1258  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:12:52.0335 0x1258  tunnel - ok
12:12:52.0412 0x1258  [ D7B5C463518517AA606C4A1A5AD13C05, 8A454C62172A3288172671B58958C89155A3CE290809D9CCBE764561EF6BA8A3 ] u302bus         C:\Windows\system32\DRIVERS\u302bus.sys
12:12:52.0432 0x1258  u302bus - ok
12:12:52.0495 0x1258  [ 817F7608F6A0B63A9B4E340E837A6D54, 30520BE9D6A3BAAED83F384F0B713FF766FA1BFA5E2DB575AC6E144D290F0A77 ] u302mdfl        C:\Windows\system32\DRIVERS\u302mdfl.sys
12:12:52.0509 0x1258  u302mdfl - ok
12:12:52.0548 0x1258  [ 0C3F5F21513BEE7E59F3C8275C062631, B279EEA5E8FCA052218BCB7483775D15466D838C39D59DDCDEF2C86450D000D3 ] u302mdm         C:\Windows\system32\DRIVERS\u302mdm.sys
12:12:52.0568 0x1258  u302mdm - ok
12:12:52.0631 0x1258  [ 0F10057D0B998EECE3F97927CBBE6A65, 977A097A587C5DF45A632E03572F77348457ACA10A180393519D12F0D4325F06 ] u302mgmt        C:\Windows\system32\DRIVERS\u302mgmt.sys
12:12:52.0653 0x1258  u302mgmt - ok
12:12:52.0719 0x1258  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:12:52.0739 0x1258  uagp35 - ok
12:12:52.0849 0x1258  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:12:52.0888 0x1258  udfs - ok
12:12:52.0927 0x1258  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:12:52.0966 0x1258  UI0Detect - ok
12:12:52.0973 0x1258  UIUSys - ok
12:12:53.0044 0x1258  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:12:53.0065 0x1258  uliagpkx - ok
12:12:53.0167 0x1258  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:12:53.0195 0x1258  uliahci - ok
12:12:53.0232 0x1258  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:12:53.0253 0x1258  UlSata - ok
12:12:53.0303 0x1258  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:12:53.0325 0x1258  ulsata2 - ok
12:12:53.0393 0x1258  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:12:53.0464 0x1258  umbus - ok
12:12:53.0528 0x1258  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
12:12:53.0604 0x1258  upnphost - ok
12:12:53.0686 0x1258  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:12:53.0756 0x1258  upperdev - ok
12:12:53.0836 0x1258  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:12:53.0891 0x1258  usbaudio - ok
12:12:53.0990 0x1258  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:12:54.0082 0x1258  usbccgp - ok
12:12:54.0142 0x1258  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:12:54.0204 0x1258  usbcir - ok
12:12:54.0260 0x1258  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:12:54.0281 0x1258  usbehci - ok
12:12:54.0410 0x1258  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:12:54.0455 0x1258  usbhub - ok
12:12:54.0495 0x1258  [ 7BDB7B0E7D45AC0402D78B90789EF47C, 321C70DFB8F21AFF236C815F2BCC5F778177A83C7238177DA73B82A906CC116E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:12:54.0530 0x1258  usbohci - ok
12:12:54.0565 0x1258  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:12:54.0618 0x1258  usbprint - ok
12:12:54.0686 0x1258  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:12:54.0757 0x1258  usbscan - ok
12:12:54.0826 0x1258  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\drivers\usbser.sys
12:12:54.0847 0x1258  usbser - ok
12:12:54.0960 0x1258  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:12:55.0002 0x1258  UsbserFilt - ok
12:12:55.0070 0x1258  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:12:55.0101 0x1258  USBSTOR - ok
12:12:55.0158 0x1258  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:12:55.0208 0x1258  usbuhci - ok
12:12:55.0297 0x1258  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:12:55.0349 0x1258  usbvideo - ok
12:12:55.0411 0x1258  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
12:12:55.0443 0x1258  UxSms - ok
12:12:55.0531 0x1258  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
12:12:55.0642 0x1258  vds - ok
12:12:55.0680 0x1258  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1, F13AB033920AA55EA4AE4CACFCBF2D1356ED49BD650618DDBC0A3036AAE7C280 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
12:12:55.0695 0x1258  vfs101x - ok
12:12:55.0797 0x1258  [ 7ED51043FED8FFD9577B4B74779D9AF0, 4520B5EFE9F70303D8DAAA9FDD61507310D941D0B8932A8F5FB670139023E2C9 ] vfsFPService    C:\Windows\system32\vfsFPService.exe
12:12:55.0842 0x1258  vfsFPService - ok
12:12:55.0881 0x1258  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:12:55.0918 0x1258  vga - ok
12:12:55.0941 0x1258  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:12:55.0977 0x1258  VgaSave - ok
12:12:56.0013 0x1258  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:12:56.0034 0x1258  viaagp - ok
12:12:56.0065 0x1258  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:12:56.0102 0x1258  ViaC7 - ok
12:12:56.0122 0x1258  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
12:12:56.0147 0x1258  viaide - ok
12:12:56.0166 0x1258  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:12:56.0186 0x1258  volmgr - ok
12:12:56.0272 0x1258  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:12:56.0303 0x1258  volmgrx - ok
12:12:56.0367 0x1258  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:12:56.0396 0x1258  volsnap - ok
12:12:56.0451 0x1258  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:12:56.0474 0x1258  vsmraid - ok
12:12:56.0702 0x1258  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
12:12:56.0839 0x1258  VSS - ok
12:12:56.0905 0x1258  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
12:12:56.0969 0x1258  W32Time - ok
12:12:57.0026 0x1258  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:12:57.0084 0x1258  WacomPen - ok
12:12:57.0102 0x1258  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:12:57.0133 0x1258  Wanarp - ok
12:12:57.0140 0x1258  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:12:57.0171 0x1258  Wanarpv6 - ok
12:12:57.0205 0x1258  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:12:57.0249 0x1258  wcncsvc - ok
12:12:57.0280 0x1258  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:12:57.0325 0x1258  WcsPlugInService - ok
12:12:57.0342 0x1258  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
12:12:57.0361 0x1258  Wd - ok
12:12:57.0402 0x1258  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:12:57.0446 0x1258  Wdf01000 - ok
12:12:57.0471 0x1258  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:12:57.0519 0x1258  WdiServiceHost - ok
12:12:57.0526 0x1258  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:12:57.0567 0x1258  WdiSystemHost - ok
12:12:57.0628 0x1258  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
12:12:57.0678 0x1258  WebClient - ok
12:12:57.0744 0x1258  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:12:57.0791 0x1258  Wecsvc - ok
12:12:57.0825 0x1258  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:12:57.0858 0x1258  wercplsupport - ok
12:12:57.0957 0x1258  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:12:58.0040 0x1258  WerSvc - ok
12:12:58.0135 0x1258  [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
12:12:58.0204 0x1258  winachsf - ok
12:12:58.0273 0x1258  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:12:58.0305 0x1258  WinDefend - ok
12:12:58.0319 0x1258  WinHttpAutoProxySvc - ok
12:12:58.0374 0x1258  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:12:58.0427 0x1258  Winmgmt - ok
12:12:58.0533 0x1258  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:12:58.0635 0x1258  WinRM - ok
12:12:58.0723 0x1258  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:12:58.0791 0x1258  Wlansvc - ok
12:12:58.0925 0x1258  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:12:58.0942 0x1258  wlcrasvc - ok
12:12:59.0150 0x1258  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:12:59.0246 0x1258  wlidsvc - ok
12:12:59.0293 0x1258  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:12:59.0329 0x1258  WmiAcpi - ok
12:12:59.0388 0x1258  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:12:59.0423 0x1258  wmiApSrv - ok
12:12:59.0571 0x1258  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:12:59.0674 0x1258  WMPNetworkSvc - ok
12:12:59.0734 0x1258  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:12:59.0782 0x1258  WPCSvc - ok
12:12:59.0864 0x1258  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:12:59.0889 0x1258  WPDBusEnum - ok
12:12:59.0966 0x1258  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:13:00.0015 0x1258  WpdUsb - ok
12:13:00.0396 0x1258  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:13:00.0453 0x1258  WPFFontCache_v0400 - ok
12:13:00.0498 0x1258  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:13:00.0558 0x1258  ws2ifsl - ok
12:13:00.0669 0x1258  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:13:00.0697 0x1258  wscsvc - ok
12:13:00.0703 0x1258  WSearch - ok
12:13:00.0899 0x1258  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:13:01.0018 0x1258  wuauserv - ok
12:13:01.0124 0x1258  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:13:01.0160 0x1258  WudfPf - ok
12:13:01.0219 0x1258  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:13:01.0246 0x1258  WUDFRd - ok
12:13:01.0299 0x1258  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:13:01.0333 0x1258  wudfsvc - ok
12:13:01.0458 0x1258  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:13:01.0500 0x1258  YahooAUService - ok
12:13:01.0515 0x1258  ================ Scan global ===============================
12:13:01.0542 0x1258  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
12:13:01.0627 0x1258  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
12:13:01.0659 0x1258  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
12:13:01.0752 0x1258  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
12:13:01.0764 0x1258  [ Global ] - ok
12:13:01.0765 0x1258  ================ Scan MBR ==================================
12:13:01.0815 0x1258  [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
12:13:02.0137 0x1258  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
12:13:02.0137 0x1258  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:13:04.0682 0x1258  ================ Scan VBR ==================================
12:13:04.0704 0x1258  [ ADF01DD8CEDF5B1F655C9E7FFB76ADE3 ] \Device\Harddisk0\DR0\Partition1
12:13:04.0754 0x1258  \Device\Harddisk0\DR0\Partition1 - ok
12:13:04.0808 0x1258  [ F431A8787B1E3E7DC7EB173AEF1946FC ] \Device\Harddisk0\DR0\Partition2
12:13:04.0819 0x1258  \Device\Harddisk0\DR0\Partition2 - ok
12:13:04.0820 0x1258  ================ Scan generic autorun ======================
12:13:05.0030 0x1258  [ 94444693EA13A72F6820DFF844A1122E, DAB1D45F39CA196C6EF22F4E817C32558D87051B98FC525A07ABBAE1A52B59AB ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:13:05.0168 0x1258  SynTPEnh - ok
12:13:05.0317 0x1258  [ 6E1AC019C8FD1997BF5A17DA93627510, 28E8C2CDF1203318C1CDE525D08236057A9B6938201ABB216B810655A51F27B4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:13:05.0337 0x1258  IAAnotif - ok
12:13:05.0436 0x1258  [ 6FC398F279D5F5E53E61683B5450195D, 94F65501B0BFC94A56B3B6DCBC892C3C4F877D3CBDFAE785EAB1F2793C25F5F4 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
12:13:05.0457 0x1258  QlbCtrl.exe - ok
12:13:05.0570 0x1258  [ 544C1EF07AEC178A83538A251A72CE13, 7F77C7EB03DA70717CA66ABD57D1AC0E531DDA09BBC635BD320FD82E94A06D10 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
12:13:05.0604 0x1258  OnScreenDisplay - ok
12:13:05.0695 0x1258  [ 1D48CA37FAA59919C1138357ED67E14A, 2771DF3AAB6445C8F1EF93527B9F9249C5CE28A5CC615C1618DD7C9682737440 ] C:\Program Files\DigitalPersona\Bin\dpagent.exe
12:13:05.0750 0x1258  DpAgent - detected UnsignedFile.Multi.Generic ( 1 )
12:13:08.0640 0x1258  Detect skipped due to KSN trusted
12:13:08.0640 0x1258  DpAgent - ok
12:13:08.0809 0x1258  [ 080E68A15793648B1A1570574A6EADB2, 688C29A1FAC15E6E21762E969B1B75267E05FB62330BF89AA2BDED67B753BBE2 ] C:\Program Files\HP\QuickPlay\QPService.exe
12:13:08.0842 0x1258  QPService - ok
12:13:09.0012 0x1258  [ 73BFDC88C6EF9715CDF57134A438837A, 8F1F04F3C89C430A6A04090A9B3D2BDDDE0FA44441569195E6CDF7E7CBA9779F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
12:13:09.0054 0x1258  nmctxth - ok
12:13:09.0118 0x1258  [ 80185BCC7C7BF9C9D2AD71F5588E9A2C, 3AD43BA764367BE252511FEEC83C9F7FB49C3D082C66D1A385C55299B99E3941 ] C:\Windows\system32\igfxtray.exe
12:13:09.0140 0x1258  IgfxTray - ok
12:13:09.0183 0x1258  [ FF786D5E81771EE804E568DD5D4784DA, F1A87C50D7FC08759843800AA1D9D817881321CCFD7D0F0594C0E70C66F8259E ] C:\Windows\system32\hkcmd.exe
12:13:09.0205 0x1258  HotKeysCmds - ok
12:13:09.0260 0x1258  [ D6B2D8A7B6C6F397FE47143CA360C9E9, 1C457E73F787079868B2C8F5A5A7768C060B16DE64C63AF2F701B16B6A505664 ] C:\Windows\system32\igfxpers.exe
12:13:09.0281 0x1258  Persistence - ok
12:13:09.0366 0x1258  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
12:13:09.0382 0x1258  GrooveMonitor - ok
12:13:09.0464 0x1258  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:13:09.0523 0x1258  Adobe ARM - ok
12:13:09.0628 0x1258  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
12:13:09.0656 0x1258  Windows Mobile-based device management - ok
12:13:09.0818 0x1258  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files\Real\realplayer\update\realsched.exe
12:13:09.0846 0x1258  TkBellExe - ok
12:13:10.0038 0x1258  [ BF9C0C31202259D2BE2B7072499504CE, F48E35458B821F2EBBF49E66B60FD6B12B91E817346F9D79DDA39B2F1F767FE2 ] C:\Program Files\IDT\WDM\sttray.exe
12:13:10.0110 0x1258  SysTrayApp - ok
12:13:10.0312 0x1258  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:13:10.0346 0x1258  AdobeAAMUpdater-1.0 - ok
12:13:10.0439 0x1258  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:13:10.0471 0x1258  AdobeCS5ServiceManager - ok
12:13:10.0644 0x1258  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:13:10.0713 0x1258  AdobeCS6ServiceManager - ok
12:13:10.0920 0x1258  [ A025DF526B0FB3DAC3169AE4330FF7A4, 4E78E592259B402BA5D69DB0E4BA754E86406D807A42463EB36BBDA925F3C0EB ] C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
12:13:10.0937 0x1258  SSDMonitor - ok
12:13:11.0089 0x1258  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:13:11.0113 0x1258  SunJavaUpdateSched - ok
12:13:11.0249 0x1258  [ 688FCBCC9F062F47A9B2F2923B13EFF9, 628906E75B2ADE34BB69E211DA486EE452B2BE21DF3B186FE85178089B8A0541 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
12:13:11.0271 0x1258  ISUSPM - ok
12:13:11.0487 0x1258  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
12:13:11.0506 0x1258  Google Update - ok
12:13:11.0588 0x1258  [ 68C54757AD5F0A434B7406A4B7177BC2, 90978BF0502FB4FD7C55BB53EE613572A499E2038C7CDD4D3CC96ED5AB2F2939 ] C:\Program Files\WordWeb\wweb32.exe
12:13:11.0622 0x1258  WordWeb - ok
12:13:11.0807 0x1258  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:13:11.0922 0x1258  Sidebar - ok
12:13:11.0931 0x1258  WindowsWelcomeCenter - ok
12:13:12.0151 0x1258  [ 6105AFCB022541D34206741185D2EC72, AC90A982BCC1A23A6B70455D2EB548C88168297BB2729A4B4F3E64572D0FEFDC ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
12:13:12.0556 0x1258  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
12:13:15.0454 0x1258  Detect skipped due to KSN trusted
12:13:15.0454 0x1258  LightScribe Control Panel - ok
12:13:15.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:16.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:17.0455 0x1258  Waiting for KSN requests completion. In queue: 155
12:13:18.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:19.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:20.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:21.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:22.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:23.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:24.0455 0x1258  Waiting for KSN requests completion. In queue: 132
12:13:25.0481 0x1258  AV detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51000 ( enabled : updated )
12:13:25.0485 0x1258  FW detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51010 ( enabled )
12:13:28.0015 0x1258  ============================================================
12:13:28.0015 0x1258  Scan finished
12:13:28.0015 0x1258  ============================================================
12:13:28.0032 0x17ac  Detected object count: 2
12:13:28.0032 0x17ac  Actual detected object count: 2
12:14:43.0145 0x17ac  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:14:43.0145 0x17ac  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:14:43.0194 0x17ac  \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:14:43.0238 0x17ac  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:14:43.0246 0x17ac  \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:14:43.0532 0x17ac  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:14:43.0535 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:14:43.0539 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:14:43.0543 0x17ac  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:14:43.0551 0x17ac  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:14:43.0554 0x17ac  \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
12:14:43.0556 0x17ac  \Device\Harddisk0\DR0\TDLFS - deleted
12:14:43.0556 0x17ac  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 
12:26:49.0839 0x1654  Deinitialize success
 

  • 1
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP