WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Norton detecting Boot.Cidox, Spybot detecting Mayachok.B [Closed]

Started by Robbulator , Nov 15 2014 05:30 PM

This topic is locked

22 replies to this topic

#1 Robbulator

New Member

Authentic Member
13 posts

Posted 15 November 2014 - 05:30 PM

So I've run these programs multiple times so far,

Norton

Spybot

Microsoft security essentials

Malwarebytes

At first I couldn't get into safe mode, so I restored a registry key that had been deleted from one of these viruses, got into safe mode and started running scans but I still cannot get rid of the Boot.Cidox and Mayachok.B viruses from my computer, Spybot picks up Mayachok only, Norton only picks up Boot.CIdox so I don't know if they are the same. I am running aswMBR as I type this but norton picked up a virus in the Farbar recovery tool and deleted it?

My internet is currently running very slow for some reason so once I have downloaded the latest AVG updates on aswMBR then I will scan and post the log results.

Advertisements

Register to Remove

#2 Robbulator

New Member

Authentic Member
13 posts

Posted 15 November 2014 - 10:05 PM

This is the result of multiple scans as I wasn't sure it was working as it was so quick, I downloaded the AVG definitions also

8:29.106    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:29.109    Disk 0 Vendor: Hitachi_ BB2O Size: 114473MB BusType: 3
19:58:29.296    VM: Disk 0 MBR read successfully
19:58:29.300    Disk 0 MBR scan
19:58:29.512    Disk 0 unknown MBR code
19:58:29.525    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:58:29.561    Disk 0 unknown boot code
19:58:29.668    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       111900 MB offset 206848
19:58:29.764    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         2471 MB offset 229378048
19:58:29.830    Disk 0 statistics 934/0/22 @ 1.67 MB/s
19:58:29.837    Scan finished successfully
19:58:38.669    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:38.675    Disk 0 Vendor: Hitachi_ BB2O Size: 114473MB BusType: 3
19:58:38.822    VM: Disk 0 MBR read successfully
19:58:38.836    Disk 0 MBR scan
19:58:38.851    Disk 0 unknown MBR code
19:58:38.862    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:58:38.873    Disk 0 unknown boot code
19:58:38.895    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       111900 MB offset 206848
19:58:38.935    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         2471 MB offset 229378048
19:58:38.948    Disk 0 statistics 1852/0/44 @ 2.05 MB/s
19:58:38.955    Scan finished successfully
19:58:54.792    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:54.799    Disk 0 Vendor: Hitachi_ BB2O Size: 114473MB BusType: 3
19:58:55.014    VM: Disk 0 MBR read successfully
19:58:55.023    Disk 0 MBR scan
19:58:55.035    Disk 0 unknown MBR code
19:58:55.076    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:58:55.098    Disk 0 unknown boot code
19:58:55.142    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       111900 MB offset 206848
19:58:55.193    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         2471 MB offset 229378048
19:58:55.205    Disk 0 statistics 2770/0/66 @ 1.85 MB/s
19:58:55.212    Scan finished successfully
19:59:11.389    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:59:11.397    Disk 0 Vendor: Hitachi_ BB2O Size: 114473MB BusType: 3
19:59:11.591    VM: Disk 0 MBR read successfully
19:59:11.599    Disk 0 MBR scan
19:59:11.610    Disk 0 unknown MBR code
19:59:11.632    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:59:11.642    Disk 0 unknown boot code
19:59:11.664    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       111900 MB offset 206848
19:59:11.704    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         2471 MB offset 229378048

#3 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 16 November 2014 - 06:42 AM

Hello Robbulator, welcome to WhatTheTech's Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
Ensure you are following this topic. Click at the top of the page.

======================================================

Please run the following diagnostic scans so I can ascertain the state of your computer.

Ensure you attach the log from STEP 2.

STEP 1
Farbar Recovery Scan Tool (FRST) Scan

Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to:
- Loaded Modules
- Detect TDLFS file system
- Verify file digital signatures
Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply.

======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

FRST.txt
Addition.txt
TDSSKiller log (attached)

Would you like to help others with malware removal? Join our Classroom and learn how!

#4 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 12:03 PM

The FRST.exe file has a virus in it that keeps getting removed by Norton when I download it so I can't run that at the moment

here is the log from the TDSSkiller scan

934 0x2154 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
09:55:20.0729 0x2154 ============================================================
09:55:20.0729 0x2154 Current date / time: 2014/11/16 09:55:20.0729
09:55:20.0729 0x2154 SystemInfo:
09:55:20.0729 0x2154
09:55:20.0729 0x2154 OS Version: 6.1.7601 ServicePack: 1.0
09:55:20.0729 0x2154 Product type: Workstation
09:55:20.0729 0x2154 ComputerName: SPENCE
09:55:20.0729 0x2154 UserName: Spence
09:55:20.0729 0x2154 Windows directory: C:\Windows
09:55:20.0729 0x2154 System windows directory: C:\Windows
09:55:20.0729 0x2154 Processor architecture: Intel x86
09:55:20.0729 0x2154 Number of processors: 8
09:55:20.0729 0x2154 Page size: 0x1000
09:55:20.0729 0x2154 Boot type: Normal boot
09:55:20.0729 0x2154 ============================================================
09:55:22.0512 0x2154 KLMD registered as C:\Windows\system32\drivers\52840009.sys
09:55:29.0043 0x2154 System UUID: {ED21B803-CE1A-6994-F19E-3712E02001F3}
09:55:34.0344 0x2154 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:55:34.0344 0x2154 ============================================================
09:55:34.0344 0x2154 \Device\Harddisk0\DR0:
09:55:34.0344 0x2154 MBR partitions:
09:55:34.0344 0x2154 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:55:34.0344 0x2154 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDA8E000
09:55:34.0344 0x2154 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xDAC0800, BlocksNum 0x4D3800
09:55:34.0344 0x2154 ============================================================
09:55:34.0384 0x2154 C: <-> \Device\Harddisk0\DR0\Partition2
09:55:34.0474 0x2154 D: <-> \Device\Harddisk0\DR0\Partition3
09:55:34.0474 0x2154 ============================================================
09:55:34.0474 0x2154 Initialize success
09:55:34.0474 0x2154 ============================================================
09:56:28.0033 0x2368 ============================================================
09:56:28.0033 0x2368 Scan started
09:56:28.0033 0x2368 Mode: Manual; SigCheck; TDLFS;
09:56:28.0033 0x2368 ============================================================
09:56:28.0033 0x2368 KSN ping started
09:56:30.0634 0x2368 KSN ping finished: true
09:56:31.0824 0x2368 ================ Scan system memory ========================
09:56:31.0824 0x2368 System memory - ok
09:56:31.0824 0x2368 ================ Scan services =============================
09:56:32.0134 0x2368 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
09:56:32.0284 0x2368 1394ohci - ok
09:56:32.0354 0x2368 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:56:32.0404 0x2368 ACPI - ok
09:56:32.0454 0x2368 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:56:32.0554 0x2368 AcpiPmi - ok
09:56:32.0654 0x2368 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:32.0744 0x2368 AdobeARMservice - ok
09:56:32.0814 0x2368 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:56:32.0884 0x2368 adp94xx - ok
09:56:32.0934 0x2368 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:56:32.0974 0x2368 adpahci - ok
09:56:33.0004 0x2368 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:56:33.0054 0x2368 adpu320 - ok
09:56:33.0084 0x2368 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:56:33.0194 0x2368 AeLookupSvc - ok
09:56:33.0294 0x2368 [ 9876CB32F95AB3E7B56A86B8465399BE, 93A734D316EFF42AE92C156D934DEC9156C7B562C66ED96B578D58893394CD95 ] AFD             C:\Windows\system32\drivers\afd.sys
09:56:33.0424 0x2368 AFD - ok
09:56:33.0484 0x2368 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:56:33.0514 0x2368 agp440 - ok
09:56:33.0574 0x2368 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:56:33.0604 0x2368 aic78xx - ok
09:56:33.0664 0x2368 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:56:33.0784 0x2368 ALG - ok
09:56:33.0844 0x2368 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:56:33.0874 0x2368 aliide - ok
09:56:33.0924 0x2368 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:56:33.0954 0x2368 amdagp - ok
09:56:33.0974 0x2368 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:56:34.0004 0x2368 amdide - ok
09:56:34.0014 0x2368 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:56:34.0054 0x2368 AmdK8 - ok
09:56:34.0084 0x2368 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:56:34.0134 0x2368 AmdPPM - ok
09:56:34.0174 0x2368 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:56:34.0234 0x2368 amdsata - ok
09:56:34.0254 0x2368 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:56:34.0294 0x2368 amdsbs - ok
09:56:34.0324 0x2368 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:56:34.0354 0x2368 amdxata - ok
09:56:34.0414 0x2368 [ 0AF3961280E854194ED3F57C38B4340A, 8A59626633DF0BBE789A14B82589CDEAD7501ADDE6178A9FF413F141FD514A9D ] AppID           C:\Windows\system32\drivers\appid.sys
09:56:34.0504 0x2368 AppID - ok
09:56:34.0534 0x2368 [ 2BA2A9743002F187C1028E5C59C639EB, 8769BA51911D7F895255115CA96D84E0ED99DA01F2B9185535FDBD38810EE3AE ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:56:34.0574 0x2368 AppIDSvc - ok
09:56:34.0614 0x2368 [ 2C3479170F830503C55FB9ADFDA737A1, FCCFC5C3BB01A0CDA7FF94DED613A2ED492B509141FF75B69E82C4D25ED573AF ] Appinfo         C:\Windows\System32\appinfo.dll
09:56:34.0704 0x2368 Appinfo - ok
09:56:34.0814 0x2368 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:56:34.0934 0x2368 Apple Mobile Device - ok
09:56:34.0974 0x2368 [ 635584D0EBD27BFBCAEFD64347A163CE, B6DF385806C3715F49CBF2D755A4C4F2C634AB6B6C61CBE805A3DFA77A4351C9 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:56:35.0044 0x2368 AppMgmt - ok
09:56:35.0094 0x2368 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
09:56:35.0154 0x2368 arc - ok
09:56:35.0184 0x2368 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:56:35.0214 0x2368 arcsas - ok
09:56:35.0334 0x2368 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:56:35.0484 0x2368 aspnet_state - ok
09:56:35.0524 0x2368 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:35.0734 0x2368 AsyncMac - ok
09:56:35.0794 0x2368 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:56:35.0824 0x2368 atapi - ok
09:56:36.0014 0x2368 [ FA6DE016AEC5DB4C7ED0A3CF35ABE513, C0C42BEF1B239B15EE13610C36384AF4A445E8609E45953C06114E0CA30E7DAD ] athr            C:\Windows\system32\DRIVERS\athr.sys
09:56:36.0254 0x2368 athr - ok
09:56:36.0324 0x2368 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:36.0434 0x2368 AudioEndpointBuilder - ok
09:56:36.0484 0x2368 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:56:36.0524 0x2368 Audiosrv - ok
09:56:36.0644 0x2368 [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
09:56:36.0744 0x2368 Avgdiskx - ok
09:56:37.0094 0x2368 [ 11BE8047AF7016C4D814F40CF4E5F1BD, 6E30843985B169D818BE9B0DDFB1841C271E9F58C119A3082286380933943184 ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
09:56:37.0465 0x2368 AVGIDSAgent - ok
09:56:37.0515 0x2368 [ 5C238CDA802ECA79D7C05EEDDEA7001B, 3B98889C9A65EE9CD7E50DDF9ADF684BA5AA17466B400FBC0306B692523D8903 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:56:37.0645 0x2368 AVGIDSDriver - ok
09:56:37.0695 0x2368 [ 6A019432682A6BD98B1548015CA7A4D4, B9C18B566754A06A0F2A7376885B4EA556F3C9182F2A76957DEDE399277C677E ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
09:56:37.0785 0x2368 AVGIDSHX - ok
09:56:37.0815 0x2368 [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:56:37.0915 0x2368 AVGIDSShim - ok
09:56:37.0985 0x2368 [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
09:56:38.0055 0x2368 Avgldx86 - ok
09:56:38.0195 0x2368 [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
09:56:38.0285 0x2368 Avglogx - ok
09:56:38.0325 0x2368 [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
09:56:38.0365 0x2368 Avgmfx86 - ok
09:56:38.0435 0x2368 [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
09:56:38.0535 0x2368 Avgrkx86 - ok
09:56:38.0615 0x2368 [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
09:56:38.0695 0x2368 Avgtdix - ok
09:56:38.0765 0x2368 [ BA5BEC7FB1EABF3FBD38924AB45C7B3A, DF731DB44CDA24F412E72555A0AEB64E7B182BE22C8283CDEA4397DDBE6AA0EE ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
09:56:38.0835 0x2368 avgwd - ok
09:56:38.0895 0x2368 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:56:39.0005 0x2368 AxInstSV - ok
09:56:39.0065 0x2368 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
09:56:39.0155 0x2368 b06bdrv - ok
09:56:39.0215 0x2368 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:56:39.0295 0x2368 b57nd60x - ok
09:56:39.0325 0x2368 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:56:39.0415 0x2368 BDESVC - ok
09:56:39.0475 0x2368 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:56:39.0515 0x2368 Beep - ok
09:56:39.0625 0x2368 [ CDF46BFB74EC0DAB0849037D91E0DCFC, F5C8EEE34C07F4256A5A8D8C771626691B9C0CAFB850FCA51F9EE7A394E88129 ] BFE             C:\Windows\System32\bfe.dll
09:56:39.0745 0x2368 BFE - ok
09:56:40.0035 0x2368 [ 61FE6EEED1EE7694C1C709661F7136D3, 55D8E46AFAA11519F1FF1AFB4FE565ABF8358D6E62D411D73C15EB72590F3635 ] BHDrvx86        C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20141107.001\BHDrvx86.sys
09:56:40.0145 0x2368 BHDrvx86 - ok
09:56:40.0205 0x2368 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
09:56:40.0275 0x2368 BITS - ok
09:56:40.0305 0x2368 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:40.0375 0x2368 blbdrive - ok
09:56:40.0455 0x2368 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:56:40.0525 0x2368 Bonjour Service - ok
09:56:40.0565 0x2368 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:56:40.0625 0x2368 bowser - ok
09:56:40.0645 0x2368 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:56:40.0745 0x2368 BrFiltLo - ok
09:56:40.0765 0x2368 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:56:40.0865 0x2368 BrFiltUp - ok
09:56:40.0895 0x2368 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:56:41.0005 0x2368 BridgeMP - ok
09:56:41.0055 0x2368 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:56:41.0125 0x2368 Browser - ok
09:56:41.0165 0x2368 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:56:41.0255 0x2368 Brserid - ok
09:56:41.0285 0x2368 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:41.0325 0x2368 BrSerWdm - ok
09:56:41.0345 0x2368 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:41.0385 0x2368 BrUsbMdm - ok
09:56:41.0415 0x2368 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:41.0455 0x2368 BrUsbSer - ok
09:56:41.0515 0x2368 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
09:56:41.0595 0x2368 BthEnum - ok
09:56:41.0605 0x2368 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:56:41.0665 0x2368 BTHMODEM - ok
09:56:41.0685 0x2368 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:56:41.0745 0x2368 BthPan - ok
09:56:41.0805 0x2368 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:56:41.0855 0x2368 BTHPORT - ok
09:56:41.0915 0x2368 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:56:41.0975 0x2368 bthserv - ok
09:56:42.0015 0x2368 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:56:42.0085 0x2368 BTHUSB - ok
09:56:42.0225 0x2368 catchme - ok
09:56:42.0315 0x2368 [ 2D63DABE3805F1C644494913DE285BC7, 87EC4A94F32DCC41EBFB2BDAC26C649A433DA41E42C2B516B08358FA3D341781 ] ccSet_NS        C:\Windows\system32\drivers\NS\1600020.011\ccSetx86.sys
09:56:42.0385 0x2368 ccSet_NS - ok
09:56:42.0415 0x2368 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:56:42.0525 0x2368 cdfs - ok
09:56:42.0565 0x2368 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:56:42.0635 0x2368 cdrom - ok
09:56:42.0675 0x2368 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:56:42.0825 0x2368 CertPropSvc - ok
09:56:42.0865 0x2368 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:56:42.0955 0x2368 circlass - ok
09:56:43.0015 0x2368 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
09:56:43.0065 0x2368 CLFS - ok
09:56:43.0145 0x2368 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:43.0395 0x2368 clr_optimization_v2.0.50727_32 - ok
09:56:43.0465 0x2368 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:43.0515 0x2368 clr_optimization_v4.0.30319_32 - ok
09:56:43.0555 0x2368 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:56:43.0615 0x2368 CmBatt - ok
09:56:43.0665 0x2368 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:56:43.0685 0x2368 cmdide - ok
09:56:43.0795 0x2368 [ FF1F3273DE17F630FCABF165BD7064CB, 29184D547001E2D92D52892CA53682F80C162D2FB6A7BC79149DC964B4BC26FF ] CNG             C:\Windows\system32\Drivers\cng.sys
09:56:43.0855 0x2368 CNG - ok
09:56:43.0885 0x2368 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:56:43.0905 0x2368 Compbatt - ok
09:56:43.0935 0x2368 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:56:43.0985 0x2368 CompositeBus - ok
09:56:43.0995 0x2368 COMSysApp - ok
09:56:44.0015 0x2368 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:56:44.0095 0x2368 crcdisk - ok
09:56:44.0135 0x2368 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:56:44.0215 0x2368 CryptSvc - ok
09:56:44.0255 0x2368 [ 81ADE39958542823B4A1809ED8BEEB23, 757080A03CEAE41DB8D84E8207DF9BE1E3D978AE7D94FE9BBF3EE0ABB4A95E84 ] CSC             C:\Windows\system32\drivers\csc.sys
09:56:44.0355 0x2368 CSC - ok
09:56:44.0415 0x2368 [ 35C5812B10959C89B1736EFCBB516057, 11B2DC53E9204732776A68813D12B1335C0DBB5355650111FB3B7861CD38A9BC ] CscService      C:\Windows\System32\cscsvc.dll
09:56:44.0525 0x2368 CscService - ok
09:56:44.0625 0x2368 [ 46A8388AB8ED91F1974C556AA4C27CEC, 3DD619F9B1829EB12628DECD6722AE63FA6491F6723E07FB8034CAF4C222481C ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:56:44.0755 0x2368 DcomLaunch - ok
09:56:44.0805 0x2368 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:56:44.0895 0x2368 defragsvc - ok
09:56:44.0955 0x2368 [ B44B9746261B23087690BF18821BA187, 0674F4BB15B85C88D47ABEA2659717DC3E880EE619C7D3B89209581564779A45 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:56:45.0045 0x2368 DfsC - ok
09:56:45.0095 0x2368 [ 51F9CFCA22E8FCD86D5C7CBD7C0E5626, D9076B93363196884998ECF3EFC7AA97E2E42507ACE8AE60DF41E5505C3F1B24 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:56:45.0185 0x2368 Dhcp - ok
09:56:45.0215 0x2368 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:56:45.0265 0x2368 discache - ok
09:56:45.0315 0x2368 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
09:56:45.0345 0x2368 Disk - ok
09:56:45.0365 0x2368 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:56:45.0435 0x2368 dmvsc - ok
09:56:45.0465 0x2368 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:56:45.0535 0x2368 Dnscache - ok
09:56:45.0585 0x2368 [ 19C122DDDD142E2167EB1C503996B812, 239191D62025034A681ED3CC0B305837AE72CAC11382DA830FC5B3AD075D5D07 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:56:45.0745 0x2368 dot3svc - ok
09:56:45.0815 0x2368 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:56:45.0885 0x2368 DPS - ok
09:56:45.0945 0x2368 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:56:45.0995 0x2368 drmkaud - ok
09:56:46.0065 0x2368 [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:56:46.0125 0x2368 dtsoftbus01 - ok
09:56:46.0215 0x2368 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:56:46.0275 0x2368 DXGKrnl - ok
09:56:46.0335 0x2368 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:56:46.0415 0x2368 EapHost - ok
09:56:46.0625 0x2368 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
09:56:46.0855 0x2368 ebdrv - ok
09:56:46.0965 0x2368 [ 8CEAC32AD17E06113DB87150C214E237, 2ECEB4216E7874E3240161B26D983B3D1202D30DDD2E524B1FA8A11690B0E239 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:56:47.0055 0x2368 eeCtrl - ok
09:56:47.0095 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] EFS             C:\Windows\System32\lsass.exe
09:56:47.0165 0x2368 EFS - ok
09:56:47.0265 0x2368 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:56:47.0375 0x2368 ehRecvr - ok
09:56:47.0425 0x2368 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:56:47.0475 0x2368 ehSched - ok
09:56:47.0535 0x2368 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:56:47.0605 0x2368 elxstor - ok
09:56:47.0725 0x2368 [ 54BDBCA093814E7002723C424C0FA3F6, 677237F6898D0B96ADBB3C2BEFB6B15DF560005E31DC09799C0948C92497D58B ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:56:47.0835 0x2368 EraserUtilRebootDrv - ok
09:56:47.0875 0x2368 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:56:47.0985 0x2368 ErrDev - ok
09:56:48.0065 0x2368 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:56:48.0135 0x2368 EventSystem - ok
09:56:48.0185 0x2368 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:56:48.0275 0x2368 exfat - ok
09:56:48.0315 0x2368 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:56:48.0385 0x2368 fastfat - ok
09:56:48.0435 0x2368 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
09:56:48.0515 0x2368 fdc - ok
09:56:48.0565 0x2368 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:56:48.0655 0x2368 fdPHost - ok
09:56:48.0675 0x2368 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:56:48.0805 0x2368 FDResPub - ok
09:56:48.0855 0x2368 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:56:48.0905 0x2368 FileInfo - ok
09:56:48.0925 0x2368 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:56:48.0965 0x2368 Filetrace - ok
09:56:49.0005 0x2368 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:56:49.0055 0x2368 flpydisk - ok
09:56:49.0085 0x2368 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:56:49.0125 0x2368 FltMgr - ok
09:56:49.0215 0x2368 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
09:56:49.0346 0x2368 FontCache - ok
09:56:49.0426 0x2368 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:56:49.0506 0x2368 FontCache3.0.0.0 - ok
09:56:49.0526 0x2368 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:56:49.0576 0x2368 FsDepends - ok
09:56:49.0606 0x2368 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:56:49.0636 0x2368 Fs_Rec - ok
09:56:49.0696 0x2368 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:56:49.0746 0x2368 fvevol - ok
09:56:49.0776 0x2368 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:56:49.0816 0x2368 gagp30kx - ok
09:56:50.0006 0x2368 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:56:50.0136 0x2368 GEARAspiWDM - ok
09:56:50.0256 0x2368 [ B7995D6E7ECEB76E9AF5BF5A73752E50, 58243410FB5ED2AC5DBE546BFB29CA36446586ED8003D658B175D7A1F855E16A ] gpsvc           C:\Windows\System32\gpsvc.dll
09:56:50.0376 0x2368 gpsvc - ok
09:56:50.0416 0x2368 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:56:50.0476 0x2368 hcw85cir - ok
09:56:50.0536 0x2368 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:56:50.0606 0x2368 HdAudAddService - ok
09:56:50.0636 0x2368 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:50.0716 0x2368 HDAudBus - ok
09:56:50.0746 0x2368 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:56:50.0796 0x2368 HidBatt - ok
09:56:50.0856 0x2368 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:56:50.0956 0x2368 HidBth - ok
09:56:50.0996 0x2368 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:56:51.0066 0x2368 HidIr - ok
09:56:51.0116 0x2368 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
09:56:51.0196 0x2368 hidserv - ok
09:56:51.0276 0x2368 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:56:51.0336 0x2368 HidUsb - ok
09:56:51.0356 0x2368 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:56:51.0416 0x2368 hkmsvc - ok
09:56:51.0436 0x2368 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:51.0546 0x2368 HomeGroupListener - ok
09:56:51.0586 0x2368 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:51.0646 0x2368 HomeGroupProvider - ok
09:56:51.0686 0x2368 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:56:51.0716 0x2368 HpSAMD - ok
09:56:51.0756 0x2368 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:56:51.0836 0x2368 HTTP - ok
09:56:51.0866 0x2368 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:56:51.0896 0x2368 hwpolicy - ok
09:56:51.0956 0x2368 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:52.0006 0x2368 i8042prt - ok
09:56:52.0086 0x2368 [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:56:52.0196 0x2368 iaStor - ok
09:56:52.0276 0x2368 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:56:52.0326 0x2368 IAStorDataMgrSvc - ok
09:56:52.0386 0x2368 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:56:52.0436 0x2368 iaStorV - ok
09:56:52.0546 0x2368 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:56:52.0786 0x2368 idsvc - ok
09:56:52.0926 0x2368 [ 938CE852BAEB639E61B7D2A077298F9F, A13496BFDDA4ECD0800A44FC47E7E7B526658238FC8D9957849C074A1E92AC48 ] IDSVix86        C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20141114.001\IDSvix86.sys
09:56:52.0986 0x2368 IDSVix86 - ok
09:56:53.0016 0x2368 IEEtwCollectorService - ok
09:56:53.0056 0x2368 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:56:53.0086 0x2368 iirsp - ok
09:56:53.0206 0x2368 [ BCDC3A3706221E62D27DDA50EC251F36, 5CFAB7A8D494E54D9418CE681672A9870555DB67C8638E9DA63C98CA9B1E9031 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:56:53.0316 0x2368 IKEEXT - ok
09:56:53.0356 0x2368 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:56:53.0376 0x2368 intelide - ok
09:56:53.0416 0x2368 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:56:53.0456 0x2368 intelppm - ok
09:56:53.0506 0x2368 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:56:53.0556 0x2368 IPBusEnum - ok
09:56:53.0586 0x2368 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:53.0636 0x2368 IpFilterDriver - ok
09:56:53.0676 0x2368 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:56:53.0836 0x2368 iphlpsvc - ok
09:56:53.0876 0x2368 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:56:53.0926 0x2368 IPMIDRV - ok
09:56:53.0956 0x2368 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:56:54.0006 0x2368 IPNAT - ok
09:56:54.0096 0x2368 [ 33813E4F82AEC696762EAD9EDADC9FE3, D0045D6782523B7B6FCFE4A6C864F081B522E409D9E5F031A7B8584910CEE3F5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:56:54.0206 0x2368 iPod Service - ok
09:56:54.0246 0x2368 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:56:54.0336 0x2368 IRENUM - ok
09:56:54.0376 0x2368 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:56:54.0426 0x2368 isapnp - ok
09:56:54.0456 0x2368 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:56:54.0496 0x2368 iScsiPrt - ok
09:56:54.0516 0x2368 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:54.0556 0x2368 kbdclass - ok
09:56:54.0586 0x2368 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:54.0636 0x2368 kbdhid - ok
09:56:54.0676 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] KeyIso          C:\Windows\system32\lsass.exe
09:56:54.0726 0x2368 KeyIso - ok
09:56:54.0776 0x2368 [ EADF7B02E9D1419984EA4127EDB22D69, 4C95047C57F1DBE9E7AD1D3A7B9A9A286382417CE5E3A37476940A398662AA77 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:56:54.0826 0x2368 KSecDD - ok
09:56:54.0866 0x2368 [ 7B7B6B779F08A2C36A978F409054C1A9, E499E289BBEAE54C8D7DF4364A924E3C10D184EB852BAA0F870005CA764E313B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:56:54.0906 0x2368 KSecPkg - ok
09:56:54.0956 0x2368 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:56:55.0036 0x2368 KtmRm - ok
09:56:55.0116 0x2368 [ F12596B0BE027DFA0906B11135F7CE0C, FAD19B5D551A425A092D910C357BDAB3118AAA543980C92E1AE13900581E8110 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:56:55.0156 0x2368 LanmanServer - ok
09:56:55.0196 0x2368 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:55.0236 0x2368 LanmanWorkstation - ok
09:56:55.0286 0x2368 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:56:55.0356 0x2368 lltdio - ok
09:56:55.0386 0x2368 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:56:55.0446 0x2368 lltdsvc - ok
09:56:55.0456 0x2368 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:56:55.0506 0x2368 lmhosts - ok
09:56:55.0546 0x2368 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:56:55.0606 0x2368 LSI_FC - ok
09:56:55.0646 0x2368 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:56:55.0676 0x2368 LSI_SAS - ok
09:56:55.0706 0x2368 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:56:55.0726 0x2368 LSI_SAS2 - ok
09:56:55.0756 0x2368 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:56:55.0796 0x2368 LSI_SCSI - ok
09:56:55.0816 0x2368 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:56:55.0936 0x2368 luafv - ok
09:56:55.0976 0x2368 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:56:56.0046 0x2368 Mcx2Svc - ok
09:56:56.0076 0x2368 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:56:56.0106 0x2368 megasas - ok
09:56:56.0126 0x2368 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:56:56.0176 0x2368 MegaSR - ok
09:56:56.0296 0x2368 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:56:56.0386 0x2368 Microsoft Office Groove Audit Service - ok
09:56:56.0426 0x2368 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:56:56.0536 0x2368 MMCSS - ok
09:56:56.0566 0x2368 [ C6A81F138F297CC7E653EFC059CCA033, 188B5EF3681CEF68A5DBBFD20D17F5BBCC619DEE8179A8FF8CC5808FC6148F05 ] Modem           C:\Windows\system32\drivers\modem.sys
09:56:56.0606 0x2368 Modem - ok
09:56:56.0656 0x2368 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:56:56.0706 0x2368 monitor - ok
09:56:56.0736 0x2368 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:56:56.0786 0x2368 mouclass - ok
09:56:56.0816 0x2368 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:56:56.0856 0x2368 mouhid - ok
09:56:56.0886 0x2368 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:56:56.0936 0x2368 mountmgr - ok
09:56:57.0016 0x2368 [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:56:57.0106 0x2368 MozillaMaintenance - ok
09:56:57.0196 0x2368 [ 6460D4A5C981567E74A7AC1349DE10F5, 9C16035B9A9BE3D7077851621E9BDED223B4C6A156562076957B49B9FCAB3A05 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:56:57.0276 0x2368 MpFilter - ok
09:56:57.0316 0x2368 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:56:57.0376 0x2368 mpio - ok
09:56:57.0516 0x2368 [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsld174cdaa   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{12384EBE-A552-499B-9D20-EBC9D642963F}\MpKsld174cdaa.sys
09:56:57.0576 0x2368 MpKsld174cdaa - ok
09:56:57.0616 0x2368 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:56:57.0676 0x2368 mpsdrv - ok
09:56:57.0726 0x2368 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:56:57.0796 0x2368 MpsSvc - ok
09:56:57.0816 0x2368 [ A60D04D9F87BDFDD1190D859BFFA973E, 985B6F5A21446E8B1F10DBACA71B40C55DE5C8D0D16C4A868CF0DBB439B56C6A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:56:57.0896 0x2368 MRxDAV - ok
09:56:57.0946 0x2368 [ CE706AA66B6D94DB8892C5FC114E0F85, EF32EC756928CB723B2849C644B910DF93DFDB3E1F5EFDE28361FD1E9DCA1756 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:58.0056 0x2368 mrxsmb - ok
09:56:58.0076 0x2368 [ 876F0811A1FB5BADB63EC54DE0AE0F2E, A3B15C529765C786C5280A530505C5197E80406C812A29C580D2C60C3D6118FC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:58.0126 0x2368 mrxsmb10 - ok
09:56:58.0156 0x2368 [ F450602C329F3E7A828931E7EBBF2F27, 5B23DD879900B4F3A8AF3C80EC0464CDCA6087D682FE1DC17690DAFAA82C28AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:58.0206 0x2368 mrxsmb20 - ok
09:56:58.0237 0x2368 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:56:58.0277 0x2368 msahci - ok
09:56:58.0297 0x2368 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:56:58.0327 0x2368 msdsm - ok
09:56:58.0347 0x2368 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:56:58.0407 0x2368 MSDTC - ok
09:56:58.0447 0x2368 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:56:58.0517 0x2368 Msfs - ok
09:56:58.0557 0x2368 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:56:58.0607 0x2368 mshidkmdf - ok
09:56:58.0637 0x2368 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:56:58.0657 0x2368 msisadrv - ok
09:56:58.0707 0x2368 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:56:58.0767 0x2368 MSiSCSI - ok
09:56:58.0767 0x2368 msiserver - ok
09:56:58.0807 0x2368 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:56:58.0867 0x2368 MSKSSRV - ok
09:56:58.0967 0x2368 [ A4B109D057E15A438CE74E5B71187417, C91568C1AE2863218988D4D7A2B64041AB2C1EE2E9DF3720407FCE513ADA056F ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:56:59.0007 0x2368 MsMpSvc - ok
09:56:59.0027 0x2368 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:56:59.0067 0x2368 MSPCLOCK - ok
09:56:59.0107 0x2368 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:56:59.0157 0x2368 MSPQM - ok
09:56:59.0167 0x2368 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:56:59.0217 0x2368 MsRPC - ok
09:56:59.0227 0x2368 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:56:59.0267 0x2368 mssmbios - ok
09:56:59.0287 0x2368 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:56:59.0337 0x2368 MSTEE - ok
09:56:59.0367 0x2368 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:56:59.0427 0x2368 MTConfig - ok
09:56:59.0467 0x2368 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:56:59.0517 0x2368 Mup - ok
09:56:59.0567 0x2368 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:56:59.0637 0x2368 napagent - ok
09:56:59.0687 0x2368 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:56:59.0727 0x2368 NativeWifiP - ok
09:56:59.0857 0x2368 [ 339D6CD79DFCB48EF125A89949ED54B4, D3C6F56363F0FA9A45C3560816DD7533C7D15D7DCC78346A4A48C29EA86D9439 ] NAVENG          C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141115.001\NAVENG.SYS
09:56:59.0927 0x2368 NAVENG - ok
09:57:00.0047 0x2368 [ 2061D3961C053AA0C55A20F6184DA4CF, 4D50107E7245ED58B943BA536B6B69A6C7465202DCE78135BB0FD5EF2EF02FB3 ] NAVEX15         C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141115.001\NAVEX15.SYS
09:57:00.0147 0x2368 NAVEX15 - ok
09:57:00.0217 0x2368 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:57:00.0257 0x2368 NDIS - ok
09:57:00.0297 0x2368 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:57:00.0357 0x2368 NdisCap - ok
09:57:00.0397 0x2368 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:57:00.0497 0x2368 NdisTapi - ok
09:57:00.0547 0x2368 [ 520B68DD11C0749D5B9A7F736CB6DE5E, 154F68D60994F9CF071263BC96D541CE3C8FB636E90EFE89FA97E2AB36991CB0 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:57:00.0597 0x2368 Ndisuio - ok
09:57:00.0627 0x2368 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:57:00.0677 0x2368 NdisWan - ok
09:57:00.0697 0x2368 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:57:00.0747 0x2368 NDProxy - ok
09:57:00.0777 0x2368 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:57:00.0857 0x2368 NetBIOS - ok
09:57:00.0917 0x2368 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:57:00.0977 0x2368 NetBT - ok
09:57:00.0997 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] Netlogon        C:\Windows\system32\lsass.exe
09:57:01.0027 0x2368 Netlogon - ok
09:57:01.0067 0x2368 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:57:01.0187 0x2368 Netman - ok
09:57:01.0248 0x2368 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:01.0518 0x2368 NetMsmqActivator - ok
09:57:01.0528 0x2368 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:01.0558 0x2368 NetPipeActivator - ok
09:57:01.0588 0x2368 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:57:01.0658 0x2368 netprofm - ok
09:57:01.0798 0x2368 [ C3EED0DEA8CB0CD5A157F7AE07774F78, A8C8268E5276EDE7356E92C49DFC31B8133C604593E1030BDBCE8AC1919E7531 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
09:57:01.0908 0x2368 netr28u - ok
09:57:01.0968 0x2368 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:02.0008 0x2368 NetTcpActivator - ok
09:57:02.0018 0x2368 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:02.0058 0x2368 NetTcpPortSharing - ok
09:57:02.0098 0x2368 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:57:02.0168 0x2368 nfrd960 - ok
09:57:02.0238 0x2368 [ 6A83B8AF342E61DEE353BAA81F67B7DA, F883A69DC57A203CEF4A264ADA3669EFA11149FE479A32FF38A37C86D24D7DE7 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:57:02.0308 0x2368 NisDrv - ok
09:57:02.0368 0x2368 [ 877C975D6FED8B12C445312D1286771E, 2FD5F2FE0414D00B8E4EF389E1AD11356C14F700A906770B0AB88B464D963948 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:57:02.0428 0x2368 NisSrv - ok
09:57:02.0458 0x2368 [ BC1CF6C548DA37140067621C5A66A522, 06013FFDD04EDDFFE22868FE5F02D789CC4F61249824F6E4D86FB3F184D16841 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:57:02.0518 0x2368 NlaSvc - ok
09:57:02.0548 0x2368 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:57:02.0608 0x2368 Npfs - ok
09:57:02.0888 0x2368 [ EC7EAA659B9FEC9719BC8D31202B49AA, EED936F3B336236E5FBB331F16C00DEC579979FABD45B41ADACB806E0DBFB194 ] NS              C:\Program Files\Norton Security\Engine\22.0.2.17\NS.exe
09:57:03.0028 0x2368 NS - ok
09:57:03.0058 0x2368 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:57:03.0098 0x2368 nsi - ok
09:57:03.0128 0x2368 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:57:03.0178 0x2368 nsiproxy - ok
09:57:03.0258 0x2368 [ A543D7FD38F51123CA6B8B4722E4D322, 3CB7CD5080096ECBCA37A695B11BBA5613A46DAD1C4DA5D3ED89C6FF351DB17C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:57:03.0338 0x2368 Ntfs - ok
09:57:03.0358 0x2368 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:57:03.0438 0x2368 Null - ok
09:57:03.0498 0x2368 [ 03AD379554B50FA1802BE4EC2E291E92, DCF2B5DB1C8BDF2473E454F974EA6445C3EEC111252D859EC2EC3F6833390271 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
09:57:03.0568 0x2368 nusb3hub - ok
09:57:03.0618 0x2368 [ 06FE87C9D181AF5F04D192E604E10E6C, 27BBB521C68EAD123117DCD1DEA7436833EC0CFB62F6B6A5AC12E5A2996C7595 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:57:03.0658 0x2368 nusb3xhc - ok
09:57:03.0738 0x2368 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
09:57:03.0808 0x2368 NVHDA - ok
09:57:04.0308 0x2368 [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:57:05.0218 0x2368 nvlddmkm - ok
09:57:05.0398 0x2368 [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
09:57:06.0648 0x2368 NvNetworkService - ok
09:57:06.0688 0x2368 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:57:06.0738 0x2368 nvraid - ok
09:57:06.0798 0x2368 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:57:06.0848 0x2368 nvstor - ok
09:57:06.0968 0x2368 [ 048B39EAAAE3A5FDCD7F3B35868298A0, 11C54A465E85B49D085F47C0210B7FF9298A00C3330339350A240CE6C7E5B4B0 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:57:06.0998 0x2368 NvStreamKms - ok
09:57:08.0920 0x2368 [ CE4EF54DD0B8074AA23F863A720904C6, CFE5B5CA8A523D0CE8678C25ACECE804907E56794311C5C769C16087820BC97F ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
09:57:14.0486 0x2368 NvStreamSvc - ok
09:57:14.0616 0x2368 [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:57:14.0816 0x2368 nvsvc - ok
09:57:14.0876 0x2368 [ FA3B7E6BD974251CE1160A471B497072, 0ABB83CAECAF9F8E9AD8D3FDD2F2F33419B7317B42D3C0AA62C414A6D887AB38 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
09:57:14.0906 0x2368 nvvad_WaveExtensible - ok
09:57:14.0956 0x2368 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:57:14.0996 0x2368 nv_agp - ok
09:57:15.0096 0x2368 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:57:15.0286 0x2368 odserv - ok
09:57:15.0317 0x2368 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:57:15.0387 0x2368 ohci1394 - ok
09:57:15.0487 0x2368 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:57:15.0567 0x2368 ose - ok
09:57:15.0627 0x2368 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:57:15.0707 0x2368 p2pimsvc - ok
09:57:15.0747 0x2368 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:57:15.0797 0x2368 p2psvc - ok
09:57:15.0837 0x2368 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
09:57:15.0887 0x2368 Parport - ok
09:57:15.0907 0x2368 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:57:15.0947 0x2368 partmgr - ok
09:57:15.0967 0x2368 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:57:16.0017 0x2368 Parvdm - ok
09:57:16.0047 0x2368 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:57:16.0187 0x2368 PcaSvc - ok
09:57:16.0247 0x2368 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:57:16.0287 0x2368 pci - ok
09:57:16.0307 0x2368 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:57:16.0337 0x2368 pciide - ok
09:57:16.0357 0x2368 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:57:16.0407 0x2368 pcmcia - ok
09:57:16.0457 0x2368 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:57:16.0487 0x2368 pcw - ok
09:57:16.0537 0x2368 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:57:16.0637 0x2368 PEAUTH - ok
09:57:16.0707 0x2368 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:57:16.0847 0x2368 PeerDistSvc - ok
09:57:16.0957 0x2368 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:57:17.0137 0x2368 pla - ok
09:57:17.0217 0x2368 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:57:17.0287 0x2368 PlugPlay - ok
09:57:17.0317 0x2368 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:57:17.0377 0x2368 PNRPAutoReg - ok
09:57:17.0407 0x2368 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:57:17.0457 0x2368 PNRPsvc - ok
09:57:17.0547 0x2368 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:57:17.0637 0x2368 PolicyAgent - ok
09:57:17.0847 0x2368 [ C9DC634335106C10C0E7F6E120B2C2A8, 9119522EC0540FE94C05E4C6AF3346B1F4E1A2E88A33BB635D536969226E1FE1 ] Power           C:\Windows\system32\umpo.dll
09:57:18.0487 0x2368 Power - ok
09:57:19.0217 0x2368 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:57:22.0057 0x2368 PptpMiniport - ok
09:57:22.0157 0x2368 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
09:57:22.0498 0x2368 Processor - ok
09:57:22.0688 0x2368 [ 39949677BD2C43D9BA9D6049E7784776, 31218C38EE753ADEF5F6171A2A3A583F605B01DEDECBA0BC0AD262697FF095D2 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:57:22.0858 0x2368 ProfSvc - ok
09:57:22.0888 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] ProtectedStorage C:\Windows\system32\lsass.exe
09:57:22.0978 0x2368 ProtectedStorage - ok
09:57:23.0048 0x2368 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:57:23.0248 0x2368 Psched - ok
09:57:24.0028 0x2368 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:57:24.0158 0x2368 ql2300 - ok
09:57:24.0208 0x2368 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:57:24.0278 0x2368 ql40xx - ok
09:57:24.0428 0x2368 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:57:24.0598 0x2368 QWAVE - ok
09:57:24.0648 0x2368 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:57:24.0708 0x2368 QWAVEdrv - ok
09:57:24.0968 0x2368 [ E3D78F6FE54B27DE451E350AC908E8B4, 55F4EC8044E513640867DC9521279FA92D8C753807049D136C9C1D041B99E254 ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RaRegistry.exe
09:57:25.0198 0x2368 RalinkRegistryWriter - ok
09:57:25.0478 0x2368 [ 2977F7750EA2BECB3E623814D2C18800, A2FAE078FC18481C59D7D3B465D4E53756D85C1C49F6471D3840EEF49814EA19 ] RaMediaServer   C:\Program Files\Ralink\Common\RaMediaServer.exe
09:57:25.0808 0x2368 RaMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
09:57:30.0259 0x2368 Detect skipped due to KSN trusted
09:57:30.0260 0x2368 RaMediaServer - ok
09:57:30.0274 0x2368 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:57:30.0357 0x2368 RasAcd - ok
09:57:30.0401 0x2368 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:57:30.0473 0x2368 RasAgileVpn - ok
09:57:30.0514 0x2368 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:57:30.0655 0x2368 RasAuto - ok
09:57:30.0694 0x2368 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:57:30.0785 0x2368 Rasl2tp - ok
09:57:30.0849 0x2368 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:57:31.0024 0x2368 RasMan - ok
09:57:31.0113 0x2368 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:57:31.0173 0x2368 RasPppoe - ok
09:57:31.0234 0x2368 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:57:31.0426 0x2368 RasSstp - ok
09:57:31.0499 0x2368 [ B53320316C5819D711A9ED0DAE379CE8, 176E573D0DEF7D2EE9A62F46742093ABF5F1A80A80F8C2B0D70C76F12E951804 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:57:31.0714 0x2368 rdbss - ok
09:57:31.0798 0x2368 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:57:31.0879 0x2368 rdpbus - ok
09:57:32.0044 0x2368 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:57:32.0273 0x2368 RDPCDD - ok
09:57:32.0330 0x2368 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:57:32.0523 0x2368 RDPDR - ok
09:57:32.0650 0x2368 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:57:32.0768 0x2368 RDPENCDD - ok
09:57:32.0792 0x2368 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:57:32.0907 0x2368 RDPREFMP - ok
09:57:33.0041 0x2368 [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:57:33.0161 0x2368 RdpVideoMiniport - ok
09:57:33.0287 0x2368 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:57:33.0471 0x2368 RDPWD - ok
09:57:33.0563 0x2368 [ 12DB635221AF40AD8ED316F07AC7844B, 70E98E581A67DA5F0679DFB4127E5EBA7CC4569A36FC9EFC89ACD716DA71238F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:57:33.0657 0x2368 rdyboost - ok
09:57:33.0708 0x2368 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:57:33.0936 0x2368 RemoteAccess - ok
09:57:34.0327 0x2368 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:57:34.0455 0x2368 RemoteRegistry - ok
09:57:34.0610 0x2368 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:57:34.0662 0x2368 RFCOMM - ok
09:57:34.0702 0x2368 RimUsb - ok
09:57:34.0842 0x2368 [ E9634D60EF9F8246E74BC5BDBC6AEB03, B7C60B8E5107E2F0A40AA926B8E37490C89EF348D23027509FF7D37B6C98D1CA ] rimvndis        C:\Windows\system32\Drivers\rimvndis6.sys
09:57:34.0901 0x2368 rimvndis - ok
09:57:35.0008 0x2368 [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
09:57:35.0120 0x2368 RimVSerPort - ok
09:57:35.0189 0x2368 [ 906DCFC5EBF4EC0433F8D4FFFB0BA334, B6FD3FD29CE337CD3D50495E4988C49A3BDA4AAF20384C969EA7209611DB20A4 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
09:57:35.0289 0x2368 RMCAST - ok
09:57:35.0366 0x2368 [ 564297827D213F52C7A3A2FF749568CA, B09A78D3B3F0BF47818BBEEDEF73BD6ACB9C5E367592BB90C85FD262BE521876 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
09:57:35.0486 0x2368 ROOTMODEM - ok
09:57:35.0544 0x2368 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:57:35.0663 0x2368 RpcEptMapper - ok
09:57:35.0715 0x2368 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:57:35.0838 0x2368 RpcLocator - ok
09:57:35.0966 0x2368 [ 46A8388AB8ED91F1974C556AA4C27CEC, 3DD619F9B1829EB12628DECD6722AE63FA6491F6723E07FB8034CAF4C222481C ] RpcSs           C:\Windows\System32\rpcss.dll
09:57:36.0120 0x2368 RpcSs - ok
09:57:36.0255 0x2368 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:57:36.0857 0x2368 rspndr - ok
09:57:37.0014 0x2368 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:57:37.0205 0x2368 s3cap - ok
09:57:37.0281 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] SamSs           C:\Windows\system32\lsass.exe
09:57:37.0374 0x2368 SamSs - ok
09:57:37.0743 0x2368 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:57:38.0025 0x2368 sbp2port - ok
09:57:38.0138 0x2368 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:57:38.0398 0x2368 SCardSvr - ok
09:57:38.0578 0x2368 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:57:38.0683 0x2368 scfilter - ok
09:57:39.0050 0x2368 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:57:39.0428 0x2368 Schedule - ok
09:57:39.0511 0x2368 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:57:39.0679 0x2368 SCPolicySvc - ok
09:57:39.0884 0x2368 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:57:40.0081 0x2368 sdbus - ok
09:57:40.0423 0x2368 [ 77B6853F0BDAE72C9D2D504E85C89E7E, 80ECB518EF5C9DECE4CAD604ED03C984CF90BCC346E141CEF4DC17E82110522F ] SDHookDriver    C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys
09:57:40.0480 0x2368 SDHookDriver - ok
09:57:40.0611 0x2368 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:57:40.0932 0x2368 SDRSVC - ok
09:57:41.0495 0x2368 [ 2ED9CD42F4E46EF13073847F8924B60C, 01AD75364DED7596C131FF73300BB910555C6901C826A669ABDA4A01D0DD2178 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
09:57:41.0953 0x2368 SDScannerService - ok
09:57:43.0344 0x2368 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
09:57:44.0591 0x2368 SDUpdateService - ok
09:57:45.0330 0x2368 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
09:57:45.0447 0x2368 SDWSCService - ok
09:57:45.0489 0x2368 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:57:45.0632 0x2368 secdrv - ok
09:57:45.0671 0x2368 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:57:45.0792 0x2368 seclogon - ok
09:57:45.0817 0x2368 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
09:57:45.0936 0x2368 SENS - ok
09:57:45.0991 0x2368 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:57:46.0189 0x2368 SensrSvc - ok
09:57:46.0219 0x2368 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:57:46.0277 0x2368 Serenum - ok
09:57:46.0304 0x2368 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
09:57:46.0480 0x2368 Serial - ok
09:57:46.0509 0x2368 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:57:46.0565 0x2368 sermouse - ok
09:57:46.0619 0x2368 [ AB7409432D1DE62A38E12B4DE54A0DA6, 163B25CDB962851C02B0C914CE1169601A783613A1E9F31698A6272FA26C0400 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:57:46.0738 0x2368 SessionEnv - ok
09:57:46.0799 0x2368 [ 8B7C1768D2CDE2E02E09A66563DDFD16, F46278B914A2FD32575CC7F083BEEA039E15D30061D6B39F22E39DAEEA80DB93 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
09:57:46.0877 0x2368 SFEP - ok
09:57:46.0907 0x2368 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
09:57:46.0963 0x2368 sffdisk - ok
09:57:46.0997 0x2368 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:57:47.0061 0x2368 sffp_mmc - ok
09:57:47.0092 0x2368 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
09:57:47.0142 0x2368 sffp_sd - ok
09:57:47.0177 0x2368 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:57:47.0257 0x2368 sfloppy - ok
09:57:47.0332 0x2368 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:57:47.0632 0x2368 SharedAccess - ok
09:57:47.0760 0x2368 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:57:47.0881 0x2368 ShellHWDetection - ok
09:57:47.0952 0x2368 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:57:48.0007 0x2368 sisagp - ok
09:57:48.0356 0x2368 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:57:48.0717 0x2368 SiSRaid2 - ok
09:57:48.0762 0x2368 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:57:48.0805 0x2368 SiSRaid4 - ok
09:57:48.0849 0x2368 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:57:48.0960 0x2368 Smb - ok
09:57:49.0009 0x2368 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:57:49.0082 0x2368 SNMPTRAP - ok
09:57:49.0123 0x2368 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:57:49.0183 0x2368 spldr - ok
09:57:49.0225 0x2368 [ E13F5091775BC35A844FAFF0DE246016, 0EEF8B9DD7CE0B8330173F7664448DA976B91A737EE1135D5FA94DCED5249B25 ] Spooler         C:\Windows\System32\spoolsv.exe
09:57:49.0278 0x2368 Spooler - ok
09:57:49.0429 0x2368 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:57:49.0797 0x2368 sppsvc - ok
09:57:49.0826 0x2368 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:57:49.0928 0x2368 sppuinotify - ok
09:57:50.0066 0x2368 [ 6233D14B0011759A7F7BA2594FDCD297, 48B70E571A221690FACA90C89F4D3F47DA5B95A0ACF62ADFEF1DA78E9B84DE98 ] SRTSP           C:\Windows\System32\Drivers\NS\1600020.011\SRTSP.SYS
09:57:50.0132 0x2368 SRTSP - ok
09:57:50.0189 0x2368 [ 8360A8AF7AA0FCDC67C82FDEF7C38A4B, 9C74DC0B079C2ECD48D9DAD51269DE1DA3F9967EE2706BB39004B9984C4BB6CA ] SRTSPX          C:\Windows\system32\drivers\NS\1600020.011\SRTSPX.SYS
09:57:50.0258 0x2368 SRTSPX - ok
09:57:50.0318 0x2368 [ 18F3BEE76568CDB5EFC82E8A3FD33E7E, 486A9B5D04E7B56546C4BE5D20ED2A0225844B514DC6955B4B395D68F2B7B2B8 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:57:50.0369 0x2368 srv - ok
09:57:50.0404 0x2368 [ AE3C2D8A41FAC898CEC1C368C0495F98, 94AE8955FE17F5EB60377C736082B22D7BA04FE1F48A1C8F101D2C9A7291F97E ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:57:50.0477 0x2368 srv2 - ok
09:57:50.0509 0x2368 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:57:50.0583 0x2368 srvnet - ok
09:57:50.0643 0x2368 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:57:50.0708 0x2368 SSDPSRV - ok
09:57:50.0748 0x2368 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:57:50.0866 0x2368 SstpSvc - ok
09:57:50.0978 0x2368 [ 3F0826F632F66906CB3ED62202A6BAD7, CA21B038DD1A1BED7293A8DEEBE19D43D1C12378ED5C6B82D36900CD4FFF23B7 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
09:57:51.0786 0x2368 Steam Client Service - ok
09:57:51.0885 0x2368 [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:57:53.0910 0x2368 Stereo Service - ok
09:57:53.0932 0x2368 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:57:53.0967 0x2368 stexstor - ok
09:57:54.0029 0x2368 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:57:54.0108 0x2368 StiSvc - ok
09:57:54.0145 0x2368 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:57:54.0183 0x2368 storflt - ok
09:57:54.0210 0x2368 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:57:54.0244 0x2368 storvsc - ok
09:57:54.0269 0x2368 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:57:54.0321 0x2368 swenum - ok
09:57:54.0378 0x2368 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:57:54.0477 0x2368 swprv - ok
09:57:54.0542 0x2368 [ 5105DFCF6D5077C9F84C26EB7BAB7D4B, FD1CACB836BD0B1ACA571D2D8A45B61E67CE44AAFC809EBBAD2BFAE974C2167D ] SymDS           C:\Windows\system32\drivers\NS\1600020.011\SYMDS.SYS
09:57:54.0670 0x2368 SymDS - ok
09:57:54.0752 0x2368 [ 59508566B29E875F726125D4C2837419, 042454E71B1F372A7E0AA59FF8E8A9E82A99C6D50CA406E99D8C3D410BAE2193 ] SymEFA          C:\Windows\system32\drivers\NS\1600020.011\SYMEFA.SYS
09:57:54.0882 0x2368 SymEFA - ok
09:57:54.0942 0x2368 [ 25D6DD149E8C6724244A474F7E4C25DE, 521CFE2C4BDCCA3CEABB0654A078C404C076D018E50982051D2AD8994FE1B0E1 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
09:57:55.0004 0x2368 SymEvent - ok
09:57:55.0079 0x2368 [ 627A77C80775D3988EFFC61F703640AC, 42FB4E4757E33C1EB9C295273E25A3985C56446117C47EDB61CD8696BF56DD8A ] SymIRON         C:\Windows\system32\drivers\NS\1600020.011\Ironx86.SYS
09:57:55.0171 0x2368 SymIRON - ok
09:57:55.0299 0x2368 [ 229CD76266E2A0264089387097E21881, 9B7F1C32CCDC3A8EA221670DF43CBEC0DDB84698CC0B2CC217A12FD961195D81 ] SymNetS         C:\Windows\System32\Drivers\NS\1600020.011\SYMNETS.SYS
09:57:55.0392 0x2368 SymNetS - ok
09:57:55.0431 0x2368 [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
09:57:55.0518 0x2368 Synth3dVsc - ok
09:57:55.0609 0x2368 [ CB75AC5F4F434E9C1ED3DE09124D7B20, FB795861FE5CE0328C0C408F9AD3F4283C223224D859C7DF00F43C9C3970D7C3 ] SysMain         C:\Windows\system32\sysmain.dll
09:57:55.0792 0x2368 SysMain - ok
09:57:55.0909 0x2368 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:57:56.0036 0x2368 TabletInputService - ok
09:57:56.0191 0x2368 [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
09:57:56.0398 0x2368 tap0901 - ok
09:57:56.0497 0x2368 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:57:56.0604 0x2368 TapiSrv - ok
09:57:57.0034 0x2368 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:57:57.0107 0x2368 TBS - ok
09:57:57.0681 0x2368 [ EA47AB18E289333AB94397D77CA6E3A1, 3DCC320487EA6045B046E332BA751FA43EB45A95F9F61D5A7B7184948DD59E90 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:57:57.0906 0x2368 Tcpip - ok
09:57:58.0438 0x2368 [ EA47AB18E289333AB94397D77CA6E3A1, 3DCC320487EA6045B046E332BA751FA43EB45A95F9F61D5A7B7184948DD59E90 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:57:58.0519 0x2368 TCPIP6 - ok
09:57:58.0547 0x2368 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:57:58.0607 0x2368 tcpipreg - ok
09:57:58.0647 0x2368 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:57:58.0737 0x2368 TDPIPE - ok
09:57:58.0763 0x2368 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:57:58.0804 0x2368 TDTCP - ok
09:57:58.0846 0x2368 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:57:58.0985 0x2368 tdx - ok
09:57:59.0065 0x2368 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:57:59.0144 0x2368 TermDD - ok
09:57:59.0205 0x2368 [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
09:57:59.0353 0x2368 terminpt - ok
09:57:59.0427 0x2368 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
09:57:59.0581 0x2368 TermService - ok
09:57:59.0619 0x2368 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:57:59.0705 0x2368 Themes - ok
09:57:59.0733 0x2368 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:57:59.0831 0x2368 THREADORDER - ok
09:57:59.0908 0x2368 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:58:00.0021 0x2368 TrkWks - ok
09:58:00.0194 0x2368 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:58:00.0332 0x2368 TrustedInstaller - ok
09:58:00.0375 0x2368 [ E10601CF12F9E619BC16A40E962954E9, 7B4697ECC6DDD0A86FEB626B48CAB59BC41B4DDAC7287C8B5F938671DF881D5D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:00.0460 0x2368 tssecsrv - ok
09:58:00.0515 0x2368 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:58:00.0594 0x2368 TsUsbFlt - ok
09:58:00.0629 0x2368 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:58:00.0768 0x2368 TsUsbGD - ok
09:58:00.0804 0x2368 [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
09:58:00.0843 0x2368 tsusbhub - ok
09:58:00.0896 0x2368 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:58:00.0982 0x2368 tunnel - ok
09:58:01.0029 0x2368 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:58:01.0154 0x2368 uagp35 - ok
09:58:01.0203 0x2368 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:58:01.0367 0x2368 udfs - ok
09:58:01.0444 0x2368 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:58:01.0518 0x2368 UI0Detect - ok
09:58:01.0588 0x2368 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:58:01.0717 0x2368 uliagpkx - ok
09:58:01.0771 0x2368 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:58:01.0909 0x2368 umbus - ok
09:58:02.0097 0x2368 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:58:02.0311 0x2368 UmPass - ok
09:58:02.0496 0x2368 [ E610AB0BC72E7CA382E6C0B40A3F18B2, 13114F1C061CFA67F59E2FAFEF2DE6C052ED234DB6423A5C0883E2F6129849D7 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:58:02.0735 0x2368 UmRdpService - ok
09:58:02.0926 0x2368 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:58:03.0222 0x2368 upnphost - ok
09:58:03.0451 0x2368 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:58:03.0612 0x2368 USBAAPL - ok
09:58:03.0721 0x2368 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:58:03.0832 0x2368 usbaudio - ok
09:58:04.0004 0x2368 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:04.0143 0x2368 usbccgp - ok
09:58:04.0309 0x2368 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:58:04.0461 0x2368 usbcir - ok
09:58:04.0546 0x2368 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:58:04.0642 0x2368 usbehci - ok
09:58:04.0766 0x2368 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:58:04.0919 0x2368 usbhub - ok
09:58:05.0000 0x2368 [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:58:05.0178 0x2368 usbohci - ok
09:58:05.0227 0x2368 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:58:05.0269 0x2368 usbprint - ok
09:58:05.0357 0x2368 [ BE444D443F424E3146534BA98978D68A, 6EF9B6121EACE54AB7CA569549F1403A9E14DC33633D6F3A61A13B10878432AC ] usbrndis6       C:\Windows\system32\DRIVERS\usb80236.sys
09:58:05.0477 0x2368 usbrndis6 - ok
09:58:05.0528 0x2368 [ 353FBF4AE9EF467BE8A2FDA7935F63CB, F399B49A72B2A72A4318C1870EE9D504FB8E7FB1C70BAA95374DC7BE457DDD05 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:05.0666 0x2368 USBSTOR - ok
09:58:05.0695 0x2368 [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:58:05.0736 0x2368 usbuhci - ok
09:58:05.0767 0x2368 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:58:06.0122 0x2368 usbvideo - ok
09:58:06.0251 0x2368 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:58:06.0346 0x2368 UxSms - ok
09:58:06.0434 0x2368 [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] VaultSvc        C:\Windows\system32\lsass.exe
09:58:06.0470 0x2368 VaultSvc - ok
09:58:06.0668 0x2368 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:58:06.0708 0x2368 vdrvroot - ok
09:58:06.0930 0x2368 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:58:07.0126 0x2368 vds - ok
09:58:07.0217 0x2368 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:07.0314 0x2368 vga - ok
09:58:07.0345 0x2368 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:58:07.0456 0x2368 VgaSave - ok
09:58:07.0461 0x2368 VGPU - ok
09:58:07.0517 0x2368 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:58:07.0555 0x2368 vhdmp - ok
09:58:07.0663 0x2368 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:58:07.0709 0x2368 viaagp - ok
09:58:07.0776 0x2368 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:58:07.0896 0x2368 ViaC7 - ok
09:58:07.0986 0x2368 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:58:08.0025 0x2368 viaide - ok
09:58:08.0080 0x2368 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:58:08.0141 0x2368 vmbus - ok
09:58:08.0202 0x2368 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:58:08.0360 0x2368 VMBusHID - ok
09:58:08.0447 0x2368 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:58:08.0512 0x2368 volmgr - ok
09:58:08.0579 0x2368 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:58:08.0740 0x2368 volmgrx - ok
09:58:08.0773 0x2368 [ 4EDEF8AB59B089925CF9A6CFC74A4109, EDE29CABDFC3222692B37895994FB4B8EE158BB5718DABA495162EA5686C3E8E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:58:08.0842 0x2368 volsnap - ok
09:58:08.0962 0x2368 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:58:09.0032 0x2368 vsmraid - ok
09:58:09.0224 0x2368 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:58:09.0955 0x2368 VSS - ok
09:58:10.0025 0x2368 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:58:10.0488 0x2368 vwifibus - ok
09:58:10.0572 0x2368 [ 484F0E7A0CF612E5D9DFE2049F582FE3, 8F9804C1B5F14BB29BBA6D96E59B7AAAA03ACFE34E62C9CD4F792A525F835A2A ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:58:10.0789 0x2368 vwififlt - ok
09:58:11.0002 0x2368 [ 701A5A69C25A492F4ED87D422C03BED6, 3C350E03004E0207C392D51B1A524D68F746F09A8A0C712B3D11010AC996D6E9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:58:11.0152 0x2368 vwifimp - ok
09:58:11.0360 0x2368 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:58:11.0669 0x2368 W32Time - ok
09:58:11.0817 0x2368 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:58:12.0101 0x2368 WacomPen - ok
09:58:12.0256 0x2368 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:58:12.0467 0x2368 WANARP - ok
09:58:12.0530 0x2368 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:58:12.0608 0x2368 Wanarpv6 - ok
09:58:12.0765 0x2368 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:58:13.0526 0x2368 wbengine - ok
09:58:13.0567 0x2368 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:58:13.0782 0x2368 WbioSrvc - ok
09:58:13.0968 0x2368 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:58:14.0301 0x2368 wcncsvc - ok
09:58:14.0409 0x2368 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:58:14.0535 0x2368 WcsPlugInService - ok
09:58:14.0650 0x2368 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:58:14.0705 0x2368 Wd - ok
09:58:14.0888 0x2368 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:58:14.0957 0x2368 Wdf01000 - ok
09:58:15.0128 0x2368 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:58:15.0448 0x2368 WdiServiceHost - ok
09:58:15.0571 0x2368 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:58:15.0622 0x2368 WdiSystemHost - ok
09:58:15.0756 0x2368 [ 13DD62EBA78CCEFE3675FB42E94FB53B, EA2F69F85EB197D3BC60C5D820789A4F0705793615802E155ADCD1C9E03E9D29 ] WebClient       C:\Windows\System32\webclnt.dll
09:58:15.0939 0x2368 WebClient - ok
09:58:16.0194 0x2368 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:58:16.0482 0x2368 Wecsvc - ok
09:58:16.0552 0x2368 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:58:16.0764 0x2368 wercplsupport - ok
09:58:17.0199 0x2368 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:58:17.0364 0x2368 WerSvc - ok
09:58:17.0498 0x2368 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:58:17.0572 0x2368 WfpLwf - ok
09:58:17.0596 0x2368 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:58:17.0635 0x2368 WIMMount - ok
09:58:17.0745 0x2368 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:58:17.0939 0x2368 WinDefend - ok
09:58:17.0949 0x2368 WinHttpAutoProxySvc - ok
09:58:18.0170 0x2368 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:58:18.0256 0x2368 Winmgmt - ok
09:58:18.0631 0x2368 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
09:58:18.0788 0x2368 WinRM - ok
09:58:18.0928 0x2368 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:58:18.0999 0x2368 WinUsb - ok
09:58:19.0090 0x2368 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:58:19.0204 0x2368 Wlansvc - ok
09:58:19.0374 0x2368 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:58:19.0577 0x2368 wlidsvc - ok
09:58:19.0609 0x2368 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:58:19.0669 0x2368 WmiAcpi - ok
09:58:19.0722 0x2368 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:58:19.0923 0x2368 wmiApSrv - ok
09:58:20.0044 0x2368 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:58:20.0283 0x2368 WMPNetworkSvc - ok
09:58:20.0312 0x2368 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:58:20.0403 0x2368 WPCSvc - ok
09:58:20.0444 0x2368 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:58:20.0577 0x2368 WPDBusEnum - ok
09:58:20.0604 0x2368 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:58:20.0718 0x2368 ws2ifsl - ok
09:58:20.0755 0x2368 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
09:58:20.0845 0x2368 wscsvc - ok
09:58:20.0851 0x2368 WSearch - ok
09:58:20.0995 0x2368 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
09:58:21.0163 0x2368 wuauserv - ok
09:58:21.0201 0x2368 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:58:21.0284 0x2368 WudfPf - ok
09:58:21.0331 0x2368 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:21.0399 0x2368 WUDFRd - ok
09:58:21.0449 0x2368 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:58:21.0489 0x2368 wudfsvc - ok
09:58:21.0525 0x2368 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:58:21.0596 0x2368 WwanSvc - ok
09:58:21.0646 0x2368 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
09:58:21.0711 0x2368 yukonw7 - ok
09:58:21.0799 0x2368 ================ Scan global ===============================
09:58:21.0862 0x2368 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:58:21.0933 0x2368 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:58:21.0951 0x2368 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:58:22.0005 0x2368 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:58:22.0055 0x2368 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
09:58:22.0067 0x2368 [ Global ] - ok
09:58:22.0068 0x2368 ================ Scan MBR ==================================
09:58:22.0095 0x2368 [ 93CAC202E4460D8C3C119C2AB0FA138D ] \Device\Harddisk0\DR0
09:58:22.0897 0x2368 \Device\Harddisk0\DR0 - ok
09:58:22.0900 0x2368 ================ Scan VBR ==================================
09:58:22.0914 0x2368 [ 53D3B4A771FACA2F2BF5EA17FC959BED ] \Device\Harddisk0\DR0\Partition1
09:58:22.0917 0x2368 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
09:58:22.0917 0x2368 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
09:58:25.0646 0x2368 [ 208775E48BE3EE399785849E28D577D9 ] \Device\Harddisk0\DR0\Partition2
09:58:25.0650 0x2368 \Device\Harddisk0\DR0\Partition2 - ok
09:58:25.0675 0x2368 [ 6FDABCF7219558F204183621A469E029 ] \Device\Harddisk0\DR0\Partition3
09:58:25.0677 0x2368 \Device\Harddisk0\DR0\Partition3 - ok
09:58:25.0679 0x2368 ================ Scan generic autorun ======================
09:58:25.0776 0x2368 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
09:58:25.0885 0x2368 IAStorIcon - ok
09:58:26.0023 0x2368 [ E279E55C0D5F5DA2E1FD268EBD12F268, 06C40AF999881699DD9B73440D2ED48F404864C3FB8FF7B36560759892CAAA12 ] c:\Program Files\Microsoft Security Client\msseces.exe
09:58:26.0111 0x2368 MSC - ok
09:58:26.0269 0x2368 [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
09:58:26.0553 0x2368 NvBackend - ok
09:58:26.0599 0x2368 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
09:58:26.0740 0x2368 ShadowPlay - ok
09:58:26.0840 0x2368 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:58:27.0098 0x2368 Adobe ARM - ok
09:58:27.0191 0x2368 [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\Program Files\iTunes\iTunesHelper.exe
09:58:27.0248 0x2368 iTunesHelper - ok
09:58:27.0334 0x2368 [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
09:58:27.0409 0x2368 GrooveMonitor - ok
09:58:27.0603 0x2368 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
09:58:27.0723 0x2368 SunJavaUpdateSched - ok
09:58:27.0939 0x2368 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
09:58:28.0247 0x2368 SDTray - ok
09:58:28.0370 0x2368 [ 00303B615C748173749C981B6D624225, C77E63D4810E2F6069F95A416B9F1CAA55A353190D0C50373233D66CF0FB4DFC ] C:\Program Files\Appandora\AppandoraDeviceService.exe
09:58:28.0520 0x2368 Appandora device service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:31.0129 0x2368 Detect skipped due to KSN trusted
09:58:31.0129 0x2368 Appandora device service - ok
09:58:31.0443 0x2368 [ 4312B4DD07050FC58146756634058CE8, CD0F85A6C3BAA55F350FAD4523E4F91D94D7B30597BF45E626F608FBF927828D ] C:\Program Files\AVG\AVG2015\avgui.exe
09:58:31.0791 0x2368 AVG_UI - ok
09:58:32.0010 0x2368 [ 19FB619F2E59A1D9FC8FF5661A89977F, D2224F9A181E91C6625FD373CAA0EAA437C3CE1F2673406A212FCBC935402166 ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
09:58:32.0553 0x2368 DAEMON Tools Lite - ok
09:58:32.0800 0x2368 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
09:58:33.0101 0x2368 Spybot-S&D Cleaning - ok
09:58:33.0109 0x2368 Waiting for KSN requests completion. In queue: 3
09:58:34.0110 0x2368 Waiting for KSN requests completion. In queue: 3
09:58:35.0110 0x2368 Waiting for KSN requests completion. In queue: 3
09:58:36.0163 0x2368 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
09:58:36.0289 0x2368 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5577 ), 0x41000 ( enabled : updated )
09:58:36.0291 0x2368 AV detected via SS2: Spybot - Search and Destroy, C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe ( 2.3.39.0 ), 0x61000 ( enabled : updated )
09:58:36.0292 0x2368 AV detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.0.2.17\WSCStub.exe ( 22.0.0.0 ), 0x51000 ( enabled : updated )
09:58:36.0304 0x2368 FW detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.0.2.17\WSCStub.exe ( 22.0.0.0 ), 0x51010 ( enabled )
09:58:38.0856 0x2368 ============================================================
09:58:38.0856 0x2368 Scan finished
09:58:38.0856 0x2368 ============================================================
09:58:38.0867 0x1994 Detected object count: 1
09:58:38.0867 0x1994 Actual detected object count: 1
09:59:04.0084 0x1994 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
09:59:04.0084 0x1994 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip

#5 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 12:10 PM

By the way my name is Matt and I appreciate your help with this Adam

#6 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 16 November 2014 - 12:32 PM

Hi Matt,

FRST is not infected. It's a false-positive by Norton.
After doing the following, please temporarily disable Norton (instructions), then download and run FRST.

-----------------------

Please do not copy/paste your TDSSKiller log. I need you to attach the file please.
Under the text field, click Choose File, locate and select the file, then click Attach This File.

TDSSKiller Fix

Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Ensure a checkmark is placed next to:
- Loaded Modules
- Detect TDLFS file system
- Verify file digital signatures
Click Start Scan. Do not use the computer during the scan.

Upon completion, select Cure for the following items:

\Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b )

Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply.

Would you like to help others with malware removal? Join our Classroom and learn how!

#7 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 03:10 PM

Ok, so I ran the scan according to those instructions and selected cure and these are the before and after reboot scan results...Virus seems to still be in the system according to norton

Running farbar scan now and will attach results in the next log,

Thanks:)

Attached Files

TDSSKiller.3.0.0.41_16.11.2014_12.12.48_log.txt 834.66KB 316 downloads
TDSSKiller.3.0.0.41_16.11.2014_12.52.05_log.txt 4.1KB 165 downloads

#8 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 03:21 PM

Other scans as requested

Attached Files

Addition.txt 26.92KB 248 downloads
FRST.txt 26.75KB 196 downloads

#9 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 03:28 PM

Good news!

I'm clear of the boot.cidox virus now it seems, just ran another on on TD and norton that normally keeps alerting me and it's gone! My only concern now I suppose is that explorer keeps restarting and my system has been running slow as S***, and spybot picking up the mayachok B virus. NO other virus checker is picking this up though. Any further advice?

#10 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 16 November 2014 - 03:55 PM

Yes; please hang fire for further instructions later.

Would you like to help others with malware removal? Join our Classroom and learn how!

Advertisements

Register to Remove

#11 Robbulator

New Member

Authentic Member
13 posts

Posted 16 November 2014 - 07:13 PM

Much appreciated Adam, thank you!

#12 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 16 November 2014 - 08:46 PM

Sorry for the delay, Matt.

Your FRST.txt log is incomplete. Please rerun FRST, place a checkmark next to Addition.txt and click Scan.

Do not use your computer whilst the scan is running. Let it finish uninterrupted, and include FRST.txt and Addition.txt in your next reply.

Would you like to help others with malware removal? Join our Classroom and learn how!

#13 Robbulator

New Member

Authentic Member
13 posts

Posted 17 November 2014 - 03:46 PM

Nothing running this time

Attached Files

Addition.txt 27.35KB 198 downloads
FRST.txt 46.35KB 239 downloads

#14 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 17 November 2014 - 04:54 PM

Hello Matt,

Please consider the following suggestion, and complete the steps below.

Multiple Anti-Virus Software Installed

------------------------------

It is inadvisable to have more than one Anti-Virus installed on your computer at the same time. Doing so may:

Cause conflicts, negatively impacting the effectiveness of each Anti-Virus installed.

Trigger false-positives.

Trigger false-negatives, where neither programme detects malware.

Cause system instability/performance issues. Your system may lock up or slow down due to both software attempting to access the same file at the same time.

Please remove all but one Anti-Virus from your computer. Instructions on how to do so can be found in STEP 1

Do you recognise this programme? Appandora version 2.0.4

STEP 1
Revo Uninstaller

Please download and install Revo Uninstaller Free.
Double-click Revo Uninstaller to run the programme.
From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
Note: Uninstall all but one of the 4 Anti-Virus' listed below.
- Microsoft Security Essentials
- AVG AntiVirus Free Edition 2015
- Spybot - Search and Destroy
- Norton Security
- Media Player Classic - Home Cinema v1.5.2.3456
Double-click the programme.
When prompted if you want to uninstall click Yes.
Ensure the Moderate option is selected and click Next.
The programme uninstaller will run. If prompted again click Yes.
Work your way through the uninstaller, ensuring you read each page thoroughly.
Note: Ensure you decline offers of additional software if applicable.
Once the built-in uninstaller is finished click Next.
Once the programme has searched for leftovers click Next.
Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
When prompted click Yes, followed by Next.
Click Select all, followed by Delete.
When prompted click Yes, followed by Next.
Once done click Finish.

STEP 2
Farbar Recovery Scan Tool (FRST) Script

Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.

Copy the entire contents of the codebox below and paste into the Notepad document.

start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzz0DyCtAyEtAyD0A0FtA0EtN0D0Tzu0SzzyByDtN1L2XzutBtFtBtDtFtCyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyD0F0A0F0BtAtAtGzztBtC0AtGyBzzzyyDtG0A0D0CyEtGtDtB0F0B0ByCyEtCtAyD0Ezz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtC0DyD0EyByEtGyB0F0D0DtGzztCzy0BtG0FtDzyyEtGyDzy0DyD0DyB0FtB0BzztA0C2Q&cr=192019971&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzz0DyCtAyEtAyD0A0FtA0EtN0D0Tzu0SzzyByDtN1L2XzutBtFtBtDtFtCyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyD0F0A0F0BtAtAtGzztBtC0AtGyBzzzyyDtG0A0D0CyEtGtDtB0F0B0ByCyEtCtAyD0Ezz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtC0DyD0EyByEtGyB0F0D0DtGzztCzy0BtG0FtDzyyEtGyDzy0DyD0DyB0FtB0BzztA0C2Q&cr=192019971&ir=
SearchScopes: HKU\S-1-5-21-2870170206-3492351646-2857493554-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzz0DyCtAyEtAyD0A0FtA0EtN0D0Tzu0SzzyByDtN1L2XzutBtFtBtDtFtCyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyD0F0A0F0BtAtAtGzztBtC0AtGyBzzzyyDtG0A0D0CyEtGtDtB0F0B0ByCyEtCtAyD0Ezz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtC0DyD0EyByEtGyB0F0D0DtGzztCzy0BtG0FtDzyyEtGyDzy0DyD0DyB0FtB0BzztA0C2Q&cr=192019971&ir=
SearchScopes: HKU\S-1-5-21-2870170206-3492351646-2857493554-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzz0DyCtAyEtAyD0A0FtA0EtN0D0Tzu0SzzyByDtN1L2XzutBtFtBtDtFtCyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyD0F0A0F0BtAtAtGzztBtC0AtGyBzzzyyDtG0A0D0CyEtGtDtB0F0B0ByCyEtCtAyD0Ezz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtC0DyD0EyByEtGyB0F0D0DtGzztCzy0BtG0FtDzyyEtGyDzy0DyD0DyB0FtB0BzztA0C2Q&cr=192019971&ir=
S1 MpKsl19cf16f3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3F9485AD-D833-4E08-9080-CDEBE31584F1}\MpKsl19cf16f3.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-11-15 20:24 - 2014-11-15 20:24 - 00000320 _____ () C:\Windows\Tasks\1114avUpdateInfo.job
2014-11-14 11:21 - 2014-11-14 11:21 - 00511756 _____ () C:\ProgramData\SMRResults430.dat
2014-11-12 16:49 - 2014-11-12 16:49 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Spence\Downloads\SpyHunter-Installer.exe
2014-11-11 11:09 - 2014-11-11 20:09 - 00000000 ____D () C:\Users\Spence\AppData\Roaming\Uhufbe
2014-11-02 12:01 - 2014-11-10 10:40 - 00000000 ____D () C:\Users\Spence\AppData\Local\YtmgPack
2014-11-02 12:01 - 2014-11-10 10:39 - 00000000 ____D () C:\Users\Spence\AppData\Local\IXDsoft
2014-11-14 11:55 - 2014-11-14 11:55 - 02616320 _____ (Microsoft Corporation) C:\Users\Spence\Downloads\explorer.exe
C:\Users\Spence\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Spence\AppData\Local\temp\SDShelEx-win32.dll
Task: {13DB886B-6C86-4876-90FB-3D91714C28C7} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe [2014-10-08] ()
Task: {5C641EF3-7D1A-413B-98F7-44EFFE9CD5CE} - \Security Center Update - 1289076645 No Task File <==== ATTENTION
Task: {8BC1F779-C6B2-4240-9476-551DBA012F7B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Enigma Software Group
Task: {D1A5A1AB-70FA-4F13-A284-E5702C224D73} - \ProgramUpdateCheck No Task File <==== ATTENTION
Task: {E3DEC543-6EDC-489E-8D75-DDC58DD21301} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()
Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
C:\ProgramData\Avg_Update_1114av
C:\ProgramData\Avg_Update_0214d
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27787630.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\48377091.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27787630.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\48377091.sys => ""="Driver"
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end

Click File, Save As and type fixlist.txt as the File Name.
Important: The file must be saved in the same location as FRST.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

Right-Click FRST.exe and select Run as administrator to run the programme.
Click Fix.
A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

STEP 3
ComboFix

Note: Please read through these instructions before running ComboFix.
Please download ComboFix and save the file to your Desktop. << Important!
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click ComboFix.exe and select Run as administrator to run the programme.
Follow the prompts.
Allow ComboFix to complete it's removal routine (please refer to Important Notes:).
Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.
Re-enable your anti-virus software.

Important Notes:

Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.
Do NOT use your computer whilst ComboFix is running.
Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal.
If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.
ComboFix will disconnect your machine from the Internet as soon as it starts.
Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
If you are unable to access the Internet after running ComboFix, please reboot your computer.

======================================================

STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

Did you uninstall 3 of your Anti-Virus'?
Do you recognise the programme?
Did the programme uninstall OK?
Fixlog.txt
ComboFix.txt

Would you like to help others with malware removal? Join our Classroom and learn how!

#15 Robbulator

New Member

Authentic Member
13 posts

Posted 18 November 2014 - 08:51 PM

OK, so I uninstalled AVG, then deactivated spybot and security essentials leaving Norton to run solo

I am using Appandora for a short time to backup my Ipad

Uninstall went ok

Combofix log

ComboFix 14-11-17.01 - Spence 11/18/2014 18:27:37.3.8 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3309.2125 [GMT -8:00]
Running from: c:\users\Spence\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Norton Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Spybot - Search and Destroy *Disabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
FW: Norton Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Norton Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
Infected copy of c:\windows\system32\samsrv.dll was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7601.17514_none_b3f5c348ff36a76f\samsrv.dll
.
.
(((((((((((((((((((((((((   Files Created from 2014-10-19 to 2014-11-19 )))))))))))))))))))))))))))))))
.
.
2014-11-19 02:36 . 2014-11-19 02:36   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-11-19 02:15 . 2014-11-19 02:41   62576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7CF23F2B-020C-4ADE-987C-701304601D97}\offreg.dll
2014-11-19 01:48 . 2014-11-19 01:48   --------   d-----w-   c:\program files\VS Revo Group
2014-11-19 01:43 . 2014-11-02 04:17   8941456   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7CF23F2B-020C-4ADE-987C-701304601D97}\mpengine.dll
2014-11-17 21:57 . 2014-11-18 01:57   --------   d-----w-   c:\users\Spence\AppData\Roaming\uTorrent
2014-11-17 21:42 . 2014-10-14 20:13   8901368   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-17 01:14 . 2014-11-17 01:14   --------   d-----w-   C:\NVIDIA
2014-11-16 21:46 . 2014-11-16 21:46   --------   d-----w-   c:\users\Spence\AppData\Roaming\AVG
2014-11-16 21:43 . 2014-11-16 21:43   --------   d-----w-   c:\users\Spence\AppData\Local\Avg
2014-11-16 21:42 . 2014-11-16 21:49   --------   d-----w-   c:\programdata\AVG
2014-11-16 21:04 . 2014-11-19 02:10   --------   d-----w-   C:\FRST
2014-11-16 20:43 . 2014-11-16 20:43   --------   d-----w-   C:\TDSSKiller_Quarantine
2014-11-16 20:36 . 2014-09-18 00:01   908840   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39BC9950-0525-4D4A-9880-75B7B265AD06}\gapaengine.dll
2014-11-16 04:10 . 2014-11-17 21:29   --------   d-----w-   c:\program files\AVG
2014-11-13 21:10 . 2014-11-19 02:36   --------   d-----w-   c:\users\Spence\AppData\Local\temp
2014-11-13 05:25 . 2014-11-15 07:56   --------   d-----w-   c:\users\Spence\AppData\Roaming\Appandora
2014-11-13 05:24 . 2014-11-18 02:58   --------   d-----w-   c:\program files\Appandora
2014-11-13 05:22 . 2014-11-13 05:22   --------   d-----w-   c:\users\Spence\AppData\Local\MediaMonkey
2014-11-13 05:21 . 2014-11-15 08:34   --------   d-----w-   c:\users\Spence\AppData\Roaming\MediaMonkey
2014-11-13 05:21 . 2014-11-13 05:21   --------   d-----w-   c:\programdata\MediaMonkey
2014-11-13 05:21 . 2014-11-13 05:21   --------   d-----w-   c:\program files\MediaMonkey
2014-11-13 05:07 . 2014-11-13 05:07   --------   d-----w-   c:\users\Spence\AppData\Roaming\4Media
2014-11-13 01:05 . 2014-11-19 02:09   --------   d-----w-   c:\users\Spence\AppData\Local\CrashDumps
2014-11-13 01:00 . 2014-11-14 06:27   --------   d-----w-   c:\users\Spence\AppData\Local\NPE
2014-11-13 00:49 . 2014-11-13 00:49   94424   ----a-w-   c:\windows\system32\drivers\SYMEVENT.SYS
2014-11-13 00:49 . 2014-11-13 01:06   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2014-11-13 00:47 . 2014-11-13 17:26   --------   d-----w-   c:\windows\system32\drivers\NS
2014-11-13 00:47 . 2014-11-13 00:47   --------   d-----w-   c:\program files\Norton Security
2014-11-13 00:47 . 2014-11-13 01:00   --------   d-----w-   c:\programdata\Norton
2014-11-13 00:46 . 2014-11-13 00:46   --------   d-----w-   c:\program files\NortonInstaller
2014-11-12 03:53 . 2014-08-12 01:36   701440   ----a-w-   c:\windows\system32\IMJP10K.DLL
2014-11-12 03:53 . 2014-08-21 06:26   1237504   ----a-w-   c:\windows\system32\msxml3.dll
2014-11-12 03:53 . 2014-10-25 01:32   67584   ----a-w-   c:\windows\system32\packager.dll
2014-11-12 03:53 . 2014-10-09 06:32   2387968   ----a-w-   c:\windows\system32\win32k.sys
2014-11-12 03:53 . 2014-08-21 06:23   2048   ----a-w-   c:\windows\system32\msxml3r.dll
2014-11-10 20:17 . 2014-11-13 03:56   --------   d-----w-   C:\AdwCleaner
2014-11-10 05:36 . 2014-11-10 05:36   736952   ----a-w-   c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-11-10 05:35 . 2014-11-10 05:35   2876528   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-11-10 05:35 . 2014-11-10 05:35   42168   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-11-10 05:35 . 2014-11-10 05:35   539984   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-11-09 20:16 . 2014-11-09 20:16   --------   d-----w-   c:\programdata\Malwarebytes
2014-10-25 04:05 . 2014-07-17 01:39   3221504   ----a-w-   c:\windows\system32\mstscax.dll
2014-10-25 04:05 . 2014-07-17 01:39   1051136   ----a-w-   c:\windows\system32\mstsc.exe
2014-10-25 04:05 . 2014-07-17 01:39   919552   ----a-w-   c:\windows\system32\rdpcorets.dll
2014-10-25 04:05 . 2014-07-17 01:40   157696   ----a-w-   c:\windows\system32\winsta.dll
2014-10-25 04:05 . 2014-07-17 01:39   130048   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2014-10-25 04:05 . 2014-07-17 01:39   304128   ----a-w-   c:\windows\system32\winlogon.exe
2014-10-25 04:05 . 2014-07-17 01:03   184320   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2014-10-25 04:05 . 2014-07-17 01:39   131584   ----a-w-   c:\windows\system32\aaclient.dll
2014-10-25 04:05 . 2014-07-16 02:56   65536   ----a-w-   c:\windows\system32\TSpkg.dll
2014-10-25 04:05 . 2014-07-16 02:56   17408   ----a-w-   c:\windows\system32\credssp.dll
2014-10-25 04:05 . 2014-07-16 02:16   31232   ----a-w-   c:\windows\system32\drivers\tssecsrv.sys
2014-10-25 04:04 . 2014-09-04 05:04   372736   ----a-w-   c:\windows\system32\rastls.dll
2014-10-25 04:00 . 2014-06-18 22:23   156824   ----a-w-   c:\windows\system32\mscorier.dll
2014-10-25 04:00 . 2014-06-18 22:23   1131664   ----a-w-   c:\windows\system32\dfshim.dll
2014-10-25 04:00 . 2014-06-18 22:23   81560   ----a-w-   c:\windows\system32\mscories.dll
2014-10-23 23:39 . 2013-09-20 17:49   18968   ----a-w-   c:\windows\system32\sdnclean.exe
2014-10-23 23:39 . 2014-11-03 04:21   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2014-10-23 23:37 . 2014-11-17 21:33   --------   d-----w-   c:\program files\Spybot - Search & Destroy 2
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-02 20:00 . 2014-11-02 20:00   1828352   ----a-w-   c:\programdata\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-10-30 11:24 . 2014-04-22 09:40   229000   ------w-   c:\windows\system32\MpSigStub.exe
2014-09-18 00:01 . 2014-05-21 12:09   908840   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-08-23 01:46 . 2014-10-08 05:27   305152   ----a-w-   c:\windows\system32\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 974432]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-04-30 1081112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"Appandora device service"="c:\program files\Appandora\AppandoraDeviceService.exe" [2014-10-25 748032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2014-4-22 15661872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 RaMediaServer;Ralink UPnP Media Server;c:\program files\Ralink\Common\RaMediaServer.exe [2012-07-07 1863680]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-06 102912]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2013-09-07 1635632]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-18 95920]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6.sys [2014-05-07 14336]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-09-03 1740760]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\DRIVERS\usb80236.sys [2013-06-18 15872]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NS\1600020.011\SYMDS.SYS [2014-09-09 364760]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NS\1600020.011\SYMEFA.SYS [2014-09-09 939224]
S1 BHDrvx86;BHDrvx86;c:\program files\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20141107.001\BHDrvx86.sys [2014-11-07 1138392]
S1 ccSet_NS;NS Settings Manager;c:\windows\system32\drivers\NS\1600020.011\ccSetx86.sys [2014-09-09 128728]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-05 242240]
S1 IDSVix86;IDSVix86;c:\program files\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20141114.002\IDSvix86.sys [2014-11-18 479448]
S1 SDHookDriver;Hook Test Driver;c:\program files\Spybot - Search & Destroy 2\SDHookDrv32.sys [2014-04-25 46336]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NS\1600020.011\Ironx86.SYS [2014-09-09 212696]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NS\1600020.011\SYMNETS.SYS [2014-09-09 420056]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NS;Norton Security;c:\program files\Norton Security\Engine\22.0.2.17\NS.exe [2014-10-15 282568]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 19702048]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-12 111408]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 17240]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{15D75A77-8154-4116-ADCF-55CBDFF62DF1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{1B2C7988-AA25-48EF-A8E2-37433436D649}\3547F62716765675962756C6563737: DhcpNameServer = 192.168.1.254 75.153.176.9
TCP: Interfaces\{1B2C7988-AA25-48EF-A8E2-37433436D649}\3547F6271676567596669613: DhcpNameServer = 192.168.1.254 75.153.176.9
TCP: Interfaces\{30C1F240-CF4C-40E1-96FA-2392CD57E379}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{AC3BE074-AA61-4128-BB68-B1C0AFFDE6A0}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{FB9FEF75-3AB7-43FD-887F-AAAD4517DED9}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FF - ProfilePath - c:\users\Spence\AppData\Roaming\Mozilla\Firefox\Profiles\gk7p8ik8.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision - c:\program files\NVIDIA Corporation\Installer2\installer.{69AF862F-0363-43D9-A982-A48AF41EE8BE}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.{69AF862F-0363-43D9-A982-A48AF41EE8BE}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience - c:\program files\NVIDIA Corporation\Installer2\installer.{4697C976-11C8-4353-A00B-8D37C428535D}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX - c:\program files\NVIDIA Corporation\Installer2\installer.{4697C976-11C8-4353-A00B-8D37C428535D}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.{69AF862F-0363-43D9-A982-A48AF41EE8BE}\NVI2.DLL
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NS]
"ImagePath"="\"c:\program files\Norton Security\Engine\22.0.2.17\NS.exe\" /s \"NS\" /m \"c:\program files\Norton Security\Engine\22.0.2.17\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NS\1600020.011\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files\Norton Security\Engine\22.0.2.17"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1372)
c:\windows\system32\authui.dll
c:\windows\System32\gameux.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Ralink\Common\RaUI.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-11-18 18:48:06 - machine was rebooted
ComboFix-quarantined-files.txt 2014-11-19 02:48
ComboFix2.txt 2014-11-13 21:10
ComboFix3.txt 2014-11-13 18:22
.
Pre-Run: 34,002,034,688 bytes free
Post-Run: 33,793,138,688 bytes free
.
- - End Of File - - 25F7035BA909C19692C73DB954E0C8D7
93CAC202E4460D8C3C119C2AB0FA138D

Farbar log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-11-2014
Ran by Spence at 2014-11-18 18:09:24 Run:1
Running from C:\Users\Spence\Downloads
Loaded Profile: Spence (Available profiles: Spence)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/...r=192019971&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/...r=192019971&ir=
SearchScopes: HKU\S-1-5-21-2870170206-3492351646-2857493554-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/...r=192019971&ir=
SearchScopes: HKU\S-1-5-21-2870170206-3492351646-2857493554-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/...r=192019971&ir=
S1 MpKsl19cf16f3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3F9485AD-D833-4E08-9080-CDEBE31584F1}\MpKsl19cf16f3.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-11-15 20:24 - 2014-11-15 20:24 - 00000320 _____ () C:\Windows\Tasks\1114avUpdateInfo.job
2014-11-14 11:21 - 2014-11-14 11:21 - 00511756 _____ () C:\ProgramData\SMRResults430.dat
2014-11-12 16:49 - 2014-11-12 16:49 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Spence\Downloads\SpyHunter-Installer.exe
2014-11-11 11:09 - 2014-11-11 20:09 - 00000000 ____D () C:\Users\Spence\AppData\Roaming\Uhufbe
2014-11-02 12:01 - 2014-11-10 10:40 - 00000000 ____D () C:\Users\Spence\AppData\Local\YtmgPack
2014-11-02 12:01 - 2014-11-10 10:39 - 00000000 ____D () C:\Users\Spence\AppData\Local\IXDsoft
2014-11-14 11:55 - 2014-11-14 11:55 - 02616320 _____ (Microsoft Corporation) C:\Users\Spence\Downloads\explorer.exe
C:\Users\Spence\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Spence\AppData\Local\temp\SDShelEx-win32.dll
Task: {13DB886B-6C86-4876-90FB-3D91714C28C7} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe [2014-10-08] ()
Task: {5C641EF3-7D1A-413B-98F7-44EFFE9CD5CE} - \Security Center Update - 1289076645 No Task File <==== ATTENTION
Task: {8BC1F779-C6B2-4240-9476-551DBA012F7B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Enigma Software Group
Task: {D1A5A1AB-70FA-4F13-A284-E5702C224D73} - \ProgramUpdateCheck No Task File <==== ATTENTION
Task: {E3DEC543-6EDC-489E-8D75-DDC58DD21301} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()
Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
C:\ProgramData\Avg_Update_1114av
C:\ProgramData\Avg_Update_0214d
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27787630.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\48377091.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27787630.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\48377091.sys => ""="Driver"
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKU\S-1-5-21-2870170206-3492351646-2857493554-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2870170206-3492351646-2857493554-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
MpKsl19cf16f3 => Service not found.
RimUsb => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Windows\Tasks\1114avUpdateInfo.job => Moved successfully.
C:\ProgramData\SMRResults430.dat => Moved successfully.
C:\Users\Spence\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\Users\Spence\AppData\Roaming\Uhufbe => Moved successfully.
C:\Users\Spence\AppData\Local\YtmgPack => Moved successfully.
C:\Users\Spence\AppData\Local\IXDsoft => Moved successfully.
C:\Users\Spence\Downloads\explorer.exe => Moved successfully.
C:\Users\Spence\AppData\Local\temp\DseShExt-x86.dll => Moved successfully.
C:\Users\Spence\AppData\Local\temp\SDShelEx-win32.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13DB886B-6C86-4876-90FB-3D91714C28C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13DB886B-6C86-4876-90FB-3D91714C28C7}" => Key deleted successfully.
C:\Windows\System32\Tasks\1114avUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1114avUpdateInfo" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C641EF3-7D1A-413B-98F7-44EFFE9CD5CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C641EF3-7D1A-413B-98F7-44EFFE9CD5CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1289076645" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BC1F779-C6B2-4240-9476-551DBA012F7B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BC1F779-C6B2-4240-9476-551DBA012F7B}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => Key deleted successfully.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1A5A1AB-70FA-4F13-A284-E5702C224D73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1A5A1AB-70FA-4F13-A284-E5702C224D73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProgramUpdateCheck" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3DEC543-6EDC-489E-8D75-DDC58DD21301}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3DEC543-6EDC-489E-8D75-DDC58DD21301}" => Key deleted successfully.
C:\Windows\System32\Tasks\0214dUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0214dUpdateInfo" => Key deleted successfully.
C:\Windows\Tasks\0214dUpdateInfo.job => Moved successfully.
C:\Windows\Tasks\1114avUpdateInfo.job not found.
C:\ProgramData\Avg_Update_1114av => Moved successfully.
C:\ProgramData\Avg_Update_0214d => Moved successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\27787630.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\48377091.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\27787630.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\48377091.sys" => Key deleted successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset all =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ipv4 reset =========

Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

EmptyTemp: => Removed 535.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

Body Background

skin color theme