Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirects


  • Please log in to reply
33 replies to this topic

#1 sgm67

sgm67

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 26 July 2013 - 08:00 AM

I run Windows 7 and am getting some odd redirects when I use Chrome (crackle.com, CBS, political ads!) I use MSE and have run quick scan on a regular basis, with nothing coming up.  Running full scan now.  I am sure I should add more protection, just not sure what and I really want this garbage to go away!  Any help is greatly appreciated!


Edited by hamluis, 26 July 2013 - 11:23 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 26 July 2013 - 09:36 AM

:step1: Install and run MBAM

:step2:  Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step3: ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 26 July 2013 - 01:31 PM

As I run these scans, should I go ahead and remove the threats found?

 

Here is the MalWare Log:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.07.26.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
McDonnell :: LIVINGROOM-HP [administrator]
 
Protection: Enabled
 
7/26/2013 2:14:06 PM
MBAM-log-2013-07-26 (14-30-39).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221916
Time elapsed: 11 minute(s), 51 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 17
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> No action taken.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> No action taken.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> No action taken.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> No action taken.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> No action taken.
HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> No action taken.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (Adware.GameVance) -> No action taken.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (Adware.GameVance) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (Adware.GameVance) -> No action taken.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 2
C:\Users\McDonnell\AppData\Local\TopArcadeHits (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> No action taken.
 
Files Detected: 14
C:\Users\McDonnell\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> No action taken.
C:\Users\McDonnell\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\McDonnell\AppData\Local\Temp\Updater.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\McDonnell\AppData\Local\Temp\Vid-Saver-ppi-US.exe (Adware.GamePlayLabs) -> No action taken.
C:\Users\McDonnell\Downloads\Ginnyh_downloader_by_Fonts101.exe (PUP.Optional.Somoto) -> No action taken.
C:\Users\McDonnell\Downloads\Setup.exe (Adware.Hotbar) -> No action taken.
C:\Users\McDonnell\Downloads\setup.zip (Trojan.Agent) -> No action taken.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
C:\Users\McDonnell\AppData\Local\TopArcadeHits\tah.config (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Local\TopArcadeHits\Toparcadehits.dll (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> No action taken.
C:\Users\McDonnell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> No action taken.
 
(end)


#4 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 26 July 2013 - 01:42 PM

No threats found on TDSSKiller.  Here is the log:

 

14:37:11.0745 16692  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:37:12.0207 16692  ============================================================
14:37:12.0207 16692  Current date / time: 2013/07/26 14:37:12.0207
14:37:12.0207 16692  SystemInfo:
14:37:12.0207 16692  
14:37:12.0207 16692  OS Version: 6.1.7601 ServicePack: 1.0
14:37:12.0207 16692  Product type: Workstation
14:37:12.0207 16692  ComputerName: LIVINGROOM-HP
14:37:12.0207 16692  UserName: McDonnell
14:37:12.0207 16692  Windows directory: C:\Windows
14:37:12.0208 16692  System windows directory: C:\Windows
14:37:12.0208 16692  Running under WOW64
14:37:12.0208 16692  Processor architecture: Intel x64
14:37:12.0208 16692  Number of processors: 2
14:37:12.0208 16692  Page size: 0x1000
14:37:12.0208 16692  Boot type: Normal boot
14:37:12.0208 16692  ============================================================
14:37:13.0700 16692  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:37:13.0709 16692  ============================================================
14:37:13.0709 16692  \Device\Harddisk0\DR0:
14:37:13.0709 16692  MBR partitions:
14:37:13.0709 16692  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:37:13.0709 16692  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55EF2000
14:37:13.0709 16692  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55F24800, BlocksNum 0x1621000
14:37:13.0709 16692  ============================================================
14:37:13.0734 16692  C: <-> \Device\Harddisk0\DR0\Partition2
14:37:13.0813 16692  D: <-> \Device\Harddisk0\DR0\Partition3
14:37:13.0813 16692  ============================================================
14:37:13.0813 16692  Initialize success
14:37:13.0813 16692  ============================================================
14:37:40.0168 21060  ============================================================
14:37:40.0169 21060  Scan started
14:37:40.0169 21060  Mode: Manual; TDLFS; 
14:37:40.0169 21060  ============================================================
14:37:40.0532 21060  ================ Scan system memory ========================
14:37:40.0532 21060  System memory - ok
14:37:40.0533 21060  ================ Scan services =============================
14:37:40.0642 21060  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:37:40.0648 21060  1394ohci - ok
14:37:40.0688 21060  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:37:40.0695 21060  ACPI - ok
14:37:40.0715 21060  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:37:40.0717 21060  AcpiPmi - ok
14:37:40.0820 21060  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:37:40.0822 21060  AdobeARMservice - ok
14:37:40.0931 21060  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:37:40.0937 21060  AdobeFlashPlayerUpdateSvc - ok
14:37:40.0968 21060  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:37:40.0981 21060  adp94xx - ok
14:37:40.0997 21060  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:37:41.0002 21060  adpahci - ok
14:37:41.0022 21060  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:37:41.0024 21060  adpu320 - ok
14:37:41.0052 21060  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:37:41.0053 21060  AeLookupSvc - ok
14:37:41.0104 21060  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:37:41.0110 21060  AFD - ok
14:37:41.0121 21060  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:37:41.0123 21060  agp440 - ok
14:37:41.0137 21060  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:37:41.0139 21060  ALG - ok
14:37:41.0154 21060  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:37:41.0155 21060  aliide - ok
14:37:41.0181 21060  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:37:41.0183 21060  amdide - ok
14:37:41.0190 21060  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:37:41.0192 21060  AmdK8 - ok
14:37:41.0212 21060  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:37:41.0214 21060  AmdPPM - ok
14:37:41.0248 21060  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:37:41.0250 21060  amdsata - ok
14:37:41.0263 21060  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:37:41.0266 21060  amdsbs - ok
14:37:41.0277 21060  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:37:41.0279 21060  amdxata - ok
14:37:41.0300 21060  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:37:41.0303 21060  AppID - ok
14:37:41.0318 21060  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:37:41.0321 21060  AppIDSvc - ok
14:37:41.0352 21060  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:37:41.0354 21060  Appinfo - ok
14:37:41.0457 21060  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:37:41.0459 21060  Apple Mobile Device - ok
14:37:41.0479 21060  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:37:41.0481 21060  arc - ok
14:37:41.0497 21060  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:37:41.0499 21060  arcsas - ok
14:37:41.0580 21060  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:41.0582 21060  aspnet_state - ok
14:37:41.0600 21060  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:41.0602 21060  AsyncMac - ok
14:37:41.0614 21060  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:37:41.0614 21060  atapi - ok
14:37:41.0638 21060  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:41.0645 21060  AudioEndpointBuilder - ok
14:37:41.0655 21060  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:37:41.0658 21060  AudioSrv - ok
14:37:41.0681 21060  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:37:41.0684 21060  AxInstSV - ok
14:37:41.0711 21060  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:37:41.0716 21060  b06bdrv - ok
14:37:41.0739 21060  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:41.0742 21060  b57nd60a - ok
14:37:41.0760 21060  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:37:41.0763 21060  BDESVC - ok
14:37:41.0767 21060  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:37:41.0769 21060  Beep - ok
14:37:41.0800 21060  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:37:41.0807 21060  BFE - ok
14:37:41.0939 21060  [ 9E064B36AC74FB81AD04E0074C17B6BE ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx64.sys
14:37:41.0959 21060  BHDrvx64 - ok
14:37:41.0991 21060  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:37:42.0052 21060  BITS - ok
14:37:42.0059 21060  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:37:42.0064 21060  blbdrive - ok
14:37:42.0109 21060  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:37:42.0113 21060  Bonjour Service - ok
14:37:42.0125 21060  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:37:42.0126 21060  bowser - ok
14:37:42.0140 21060  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:37:42.0141 21060  BrFiltLo - ok
14:37:42.0151 21060  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:37:42.0152 21060  BrFiltUp - ok
14:37:42.0187 21060  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:37:42.0190 21060  Browser - ok
14:37:42.0209 21060  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:37:42.0212 21060  Brserid - ok
14:37:42.0231 21060  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:37:42.0232 21060  BrSerWdm - ok
14:37:42.0238 21060  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:37:42.0240 21060  BrUsbMdm - ok
14:37:42.0258 21060  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:37:42.0259 21060  BrUsbSer - ok
14:37:42.0284 21060  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:37:42.0285 21060  BTHMODEM - ok
14:37:42.0310 21060  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:37:42.0312 21060  bthserv - ok
14:37:42.0339 21060  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:37:42.0341 21060  cdfs - ok
14:37:42.0361 21060  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:37:42.0364 21060  cdrom - ok
14:37:42.0385 21060  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:37:42.0387 21060  CertPropSvc - ok
14:37:42.0413 21060  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:37:42.0414 21060  circlass - ok
14:37:42.0435 21060  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:37:42.0439 21060  CLFS - ok
14:37:42.0482 21060  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:42.0484 21060  clr_optimization_v2.0.50727_32 - ok
14:37:42.0507 21060  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:37:42.0512 21060  clr_optimization_v2.0.50727_64 - ok
14:37:42.0560 21060  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:42.0563 21060  clr_optimization_v4.0.30319_32 - ok
14:37:42.0585 21060  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:37:42.0619 21060  clr_optimization_v4.0.30319_64 - ok
14:37:42.0638 21060  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:37:42.0639 21060  CmBatt - ok
14:37:42.0663 21060  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:37:42.0665 21060  cmdide - ok
14:37:42.0696 21060  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
14:37:42.0702 21060  CNG - ok
14:37:42.0715 21060  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:37:42.0716 21060  Compbatt - ok
14:37:42.0730 21060  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:37:42.0732 21060  CompositeBus - ok
14:37:42.0737 21060  COMSysApp - ok
14:37:42.0774 21060  [ 2285B31039611D509F6120D691CA661F ] CpqDfw          C:\Windows\system32\drivers\CpqDfw.sys
14:37:42.0776 21060  CpqDfw - ok
14:37:42.0822 21060  [ 10FB0FF62AF6262BF88E3607E2AE2A69 ] cqcpu           C:\Windows\system32\drivers\cqcpu.sys
14:37:42.0824 21060  cqcpu - ok
14:37:42.0834 21060  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:37:42.0836 21060  crcdisk - ok
14:37:42.0871 21060  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:37:42.0874 21060  CryptSvc - ok
14:37:42.0909 21060  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:37:42.0915 21060  DcomLaunch - ok
14:37:42.0944 21060  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:37:42.0947 21060  defragsvc - ok
14:37:42.0980 21060  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:37:42.0982 21060  DfsC - ok
14:37:42.0999 21060  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:37:43.0003 21060  Dhcp - ok
14:37:43.0014 21060  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:37:43.0016 21060  discache - ok
14:37:43.0044 21060  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:37:43.0046 21060  Disk - ok
14:37:43.0070 21060  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:37:43.0073 21060  Dnscache - ok
14:37:43.0089 21060  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:37:43.0093 21060  dot3svc - ok
14:37:43.0114 21060  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:37:43.0116 21060  DPS - ok
14:37:43.0135 21060  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:37:43.0137 21060  drmkaud - ok
14:37:43.0187 21060  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:37:43.0203 21060  DXGKrnl - ok
14:37:43.0220 21060  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:37:43.0223 21060  EapHost - ok
14:37:43.0289 21060  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:37:43.0355 21060  ebdrv - ok
14:37:43.0393 21060  [ 5E3A50930447F464C66032E05A4632F5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:37:43.0398 21060  eeCtrl - ok
14:37:43.0432 21060  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:37:43.0434 21060  EFS - ok
14:37:43.0478 21060  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:37:43.0485 21060  ehRecvr - ok
14:37:43.0513 21060  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:37:43.0515 21060  ehSched - ok
14:37:43.0533 21060  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:37:43.0539 21060  elxstor - ok
14:37:43.0563 21060  [ DCB76ECC6B50A266FDC16E1963AB98CE ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:37:43.0565 21060  EraserUtilRebootDrv - ok
14:37:43.0581 21060  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:37:43.0582 21060  ErrDev - ok
14:37:43.0620 21060  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:37:43.0625 21060  EventSystem - ok
14:37:43.0641 21060  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:37:43.0643 21060  exfat - ok
14:37:43.0664 21060  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:37:43.0667 21060  fastfat - ok
14:37:43.0707 21060  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:37:43.0714 21060  Fax - ok
14:37:43.0725 21060  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:37:43.0726 21060  fdc - ok
14:37:43.0744 21060  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:37:43.0745 21060  fdPHost - ok
14:37:43.0757 21060  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:37:43.0759 21060  FDResPub - ok
14:37:43.0768 21060  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:37:43.0770 21060  FileInfo - ok
14:37:43.0780 21060  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:37:43.0782 21060  Filetrace - ok
14:37:43.0787 21060  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:37:43.0789 21060  flpydisk - ok
14:37:43.0812 21060  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:37:43.0846 21060  FltMgr - ok
14:37:43.0926 21060  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:37:43.0938 21060  FontCache - ok
14:37:43.0982 21060  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:37:43.0984 21060  FontCache3.0.0.0 - ok
14:37:44.0000 21060  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:37:44.0003 21060  FsDepends - ok
14:37:44.0024 21060  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:37:44.0026 21060  Fs_Rec - ok
14:37:44.0060 21060  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:37:44.0063 21060  fvevol - ok
14:37:44.0082 21060  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:37:44.0084 21060  gagp30kx - ok
14:37:44.0129 21060  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:37:44.0132 21060  GamesAppService - ok
14:37:44.0173 21060  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:37:44.0175 21060  GEARAspiWDM - ok
14:37:44.0212 21060  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:37:44.0220 21060  gpsvc - ok
14:37:44.0230 21060  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:37:44.0231 21060  hcw85cir - ok
14:37:44.0308 21060  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:37:44.0312 21060  HdAudAddService - ok
14:37:44.0341 21060  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:37:44.0343 21060  HDAudBus - ok
14:37:44.0367 21060  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:37:44.0369 21060  HidBatt - ok
14:37:44.0386 21060  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:37:44.0388 21060  HidBth - ok
14:37:44.0403 21060  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:37:44.0405 21060  HidIr - ok
14:37:44.0415 21060  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:37:44.0416 21060  hidserv - ok
14:37:44.0422 21060  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:37:44.0425 21060  HidUsb - ok
14:37:44.0438 21060  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:37:44.0441 21060  hkmsvc - ok
14:37:44.0456 21060  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:37:44.0460 21060  HomeGroupListener - ok
14:37:44.0489 21060  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:37:44.0493 21060  HomeGroupProvider - ok
14:37:44.0570 21060  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:37:44.0572 21060  HP Support Assistant Service - ok
14:37:44.0602 21060  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:37:44.0606 21060  HPClientSvc - ok
14:37:44.0664 21060  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:37:44.0677 21060  hpqwmiex - ok
14:37:44.0692 21060  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:37:44.0725 21060  HpSAMD - ok
14:37:44.0763 21060  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:37:44.0773 21060  HTTP - ok
14:37:44.0779 21060  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:37:44.0782 21060  hwpolicy - ok
14:37:44.0805 21060  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:37:44.0807 21060  i8042prt - ok
14:37:44.0851 21060  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:37:44.0856 21060  iaStorV - ok
14:37:44.0900 21060  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:37:44.0911 21060  idsvc - ok
14:37:44.0975 21060  [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111001.030\IDSvia64.sys
14:37:44.0983 21060  IDSVia64 - ok
14:37:45.0224 21060  [ D926F1C76A78A69A154187CEB487E863 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:37:45.0391 21060  igfx - ok
14:37:45.0429 21060  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:37:45.0437 21060  iirsp - ok
14:37:45.0501 21060  [ 755519F49906B73C1FE9CBBF75E347EA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:37:45.0503 21060  IJPLMSVC - ok
14:37:45.0539 21060  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:37:45.0547 21060  IKEEXT - ok
14:37:45.0560 21060  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
14:37:45.0563 21060  Impcd - ok
14:37:45.0626 21060  [ 68E799ADC93086EA170D3314DF23BEDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:37:45.0669 21060  IntcAzAudAddService - ok
14:37:45.0677 21060  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:37:45.0678 21060  intelide - ok
14:37:45.0706 21060  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:37:45.0707 21060  intelppm - ok
14:37:45.0727 21060  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:37:45.0729 21060  IPBusEnum - ok
14:37:45.0764 21060  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:37:45.0766 21060  IpFilterDriver - ok
14:37:45.0799 21060  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:37:45.0806 21060  iphlpsvc - ok
14:37:45.0821 21060  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:37:45.0823 21060  IPMIDRV - ok
14:37:45.0836 21060  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:37:45.0839 21060  IPNAT - ok
14:37:45.0907 21060  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:37:45.0916 21060  iPod Service - ok
14:37:45.0931 21060  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:37:45.0933 21060  IRENUM - ok
14:37:45.0945 21060  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:37:45.0948 21060  isapnp - ok
14:37:45.0968 21060  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:37:45.0971 21060  iScsiPrt - ok
14:37:45.0992 21060  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:37:45.0994 21060  kbdclass - ok
14:37:46.0007 21060  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:37:46.0009 21060  kbdhid - ok
14:37:46.0013 21060  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:37:46.0015 21060  KeyIso - ok
14:37:46.0046 21060  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:37:46.0048 21060  KSecDD - ok
14:37:46.0058 21060  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:37:46.0061 21060  KSecPkg - ok
14:37:46.0071 21060  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:37:46.0073 21060  ksthunk - ok
14:37:46.0105 21060  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:37:46.0111 21060  KtmRm - ok
14:37:46.0138 21060  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:37:46.0141 21060  LanmanServer - ok
14:37:46.0162 21060  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:37:46.0165 21060  LanmanWorkstation - ok
14:37:46.0349 21060  [ 3C17225800828DA4FD8F86984D44E7FE ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
14:37:46.0458 21060  LeapFrog Connect Device Service - ok
14:37:46.0504 21060  [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:37:46.0508 21060  LightScribeService - ok
14:37:46.0548 21060  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:37:46.0550 21060  lltdio - ok
14:37:46.0581 21060  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:37:46.0588 21060  lltdsvc - ok
14:37:46.0607 21060  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:37:46.0610 21060  lmhosts - ok
14:37:46.0638 21060  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:37:46.0640 21060  LSI_FC - ok
14:37:46.0659 21060  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:37:46.0661 21060  LSI_SAS - ok
14:37:46.0677 21060  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:37:46.0679 21060  LSI_SAS2 - ok
14:37:46.0699 21060  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:37:46.0703 21060  LSI_SCSI - ok
14:37:46.0718 21060  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:37:46.0721 21060  luafv - ok
14:37:46.0773 21060  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:37:46.0791 21060  MBAMProtector - ok
14:37:46.0819 21060  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:37:46.0823 21060  MBAMScheduler - ok
14:37:46.0844 21060  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:37:46.0852 21060  MBAMService - ok
14:37:46.0943 21060  [ C58F15CD4EF79210455512CF0C449F39 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe
14:37:46.0949 21060  McComponentHostService - ok
14:37:46.0968 21060  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:37:46.0972 21060  Mcx2Svc - ok
14:37:46.0999 21060  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:37:47.0001 21060  megasas - ok
14:37:47.0026 21060  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:37:47.0030 21060  MegaSR - ok
14:37:47.0054 21060  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:37:47.0057 21060  MMCSS - ok
14:37:47.0073 21060  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:37:47.0074 21060  Modem - ok
14:37:47.0094 21060  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:37:47.0096 21060  monitor - ok
14:37:47.0114 21060  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:37:47.0116 21060  mouclass - ok
14:37:47.0130 21060  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:37:47.0132 21060  mouhid - ok
14:37:47.0145 21060  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:37:47.0147 21060  mountmgr - ok
14:37:47.0193 21060  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:37:47.0196 21060  MpFilter - ok
14:37:47.0213 21060  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:37:47.0216 21060  mpio - ok
14:37:47.0233 21060  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:37:47.0235 21060  mpsdrv - ok
14:37:47.0253 21060  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:37:47.0261 21060  MpsSvc - ok
14:37:47.0278 21060  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:37:47.0281 21060  MRxDAV - ok
14:37:47.0313 21060  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:37:47.0317 21060  mrxsmb - ok
14:37:47.0358 21060  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:37:47.0376 21060  mrxsmb10 - ok
14:37:47.0387 21060  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:37:47.0391 21060  mrxsmb20 - ok
14:37:47.0409 21060  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:37:47.0435 21060  msahci - ok
14:37:47.0452 21060  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:37:47.0454 21060  msdsm - ok
14:37:47.0469 21060  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:37:47.0473 21060  MSDTC - ok
14:37:47.0485 21060  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:37:47.0494 21060  Msfs - ok
14:37:47.0526 21060  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:37:47.0528 21060  mshidkmdf - ok
14:37:47.0546 21060  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:37:47.0548 21060  msisadrv - ok
14:37:47.0576 21060  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:37:47.0580 21060  MSiSCSI - ok
14:37:47.0586 21060  msiserver - ok
14:37:47.0611 21060  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:37:47.0613 21060  MSKSSRV - ok
14:37:47.0660 21060  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:37:47.0662 21060  MsMpSvc - ok
14:37:47.0677 21060  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:37:47.0679 21060  MSPCLOCK - ok
14:37:47.0696 21060  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:37:47.0697 21060  MSPQM - ok
14:37:47.0718 21060  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:37:47.0722 21060  MsRPC - ok
14:37:47.0739 21060  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:37:47.0740 21060  mssmbios - ok
14:37:47.0745 21060  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:37:47.0746 21060  MSTEE - ok
14:37:47.0765 21060  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:37:47.0766 21060  MTConfig - ok
14:37:47.0782 21060  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:37:47.0784 21060  Mup - ok
14:37:47.0825 21060  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:37:47.0831 21060  napagent - ok
14:37:47.0855 21060  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:37:47.0859 21060  NativeWifiP - ok
14:37:47.0912 21060  [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111003.019\ENG64.SYS
14:37:47.0915 21060  NAVENG - ok
14:37:47.0959 21060  [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111003.019\EX64.SYS
14:37:47.0993 21060  NAVEX15 - ok
14:37:48.0040 21060  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:37:48.0049 21060  NDIS - ok
14:37:48.0064 21060  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:37:48.0065 21060  NdisCap - ok
14:37:48.0079 21060  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:37:48.0080 21060  NdisTapi - ok
14:37:48.0094 21060  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:37:48.0095 21060  Ndisuio - ok
14:37:48.0114 21060  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:37:48.0117 21060  NdisWan - ok
14:37:48.0130 21060  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:37:48.0131 21060  NDProxy - ok
14:37:48.0145 21060  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:37:48.0147 21060  NetBIOS - ok
14:37:48.0160 21060  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:37:48.0164 21060  NetBT - ok
14:37:48.0177 21060  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:37:48.0178 21060  Netlogon - ok
14:37:48.0214 21060  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:37:48.0219 21060  Netman - ok
14:37:48.0242 21060  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:48.0268 21060  NetMsmqActivator - ok
14:37:48.0272 21060  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:48.0273 21060  NetPipeActivator - ok
14:37:48.0288 21060  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:37:48.0293 21060  netprofm - ok
14:37:48.0298 21060  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:48.0300 21060  NetTcpActivator - ok
14:37:48.0304 21060  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:48.0306 21060  NetTcpPortSharing - ok
14:37:48.0329 21060  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:37:48.0330 21060  nfrd960 - ok
14:37:48.0397 21060  [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
14:37:48.0400 21060  NIS - ok
14:37:48.0453 21060  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:37:48.0457 21060  NisDrv - ok
14:37:48.0486 21060  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:37:48.0492 21060  NisSrv - ok
14:37:48.0522 21060  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:37:48.0527 21060  NlaSvc - ok
14:37:48.0602 21060  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:37:48.0646 21060  NOBU - ok
14:37:48.0673 21060  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:37:48.0675 21060  Npfs - ok
14:37:48.0681 21060  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:37:48.0686 21060  nsi - ok
14:37:48.0696 21060  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:37:48.0719 21060  nsiproxy - ok
14:37:48.0781 21060  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:37:48.0822 21060  Ntfs - ok
14:37:48.0833 21060  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:37:48.0835 21060  Null - ok
14:37:48.0877 21060  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:37:48.0879 21060  nvraid - ok
14:37:48.0901 21060  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:37:48.0905 21060  nvstor - ok
14:37:48.0920 21060  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:37:48.0922 21060  nv_agp - ok
14:37:49.0009 21060  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:37:49.0015 21060  odserv - ok
14:37:49.0049 21060  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:37:49.0052 21060  ohci1394 - ok
14:37:49.0071 21060  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:37:49.0073 21060  ose - ok
14:37:49.0180 21060  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:37:49.0270 21060  osppsvc - ok
14:37:49.0301 21060  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:37:49.0306 21060  p2pimsvc - ok
14:37:49.0328 21060  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:37:49.0335 21060  p2psvc - ok
14:37:49.0360 21060  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
14:37:49.0362 21060  Parport - ok
14:37:49.0396 21060  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:37:49.0399 21060  partmgr - ok
14:37:49.0417 21060  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:37:49.0420 21060  PcaSvc - ok
14:37:49.0432 21060  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:37:49.0435 21060  pci - ok
14:37:49.0452 21060  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:37:49.0467 21060  pciide - ok
14:37:49.0498 21060  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:37:49.0527 21060  pcmcia - ok
14:37:49.0546 21060  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:37:49.0548 21060  pcw - ok
14:37:49.0567 21060  pdfcDispatcher - ok
14:37:49.0589 21060  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:37:49.0598 21060  PEAUTH - ok
14:37:49.0663 21060  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:37:49.0666 21060  PerfHost - ok
14:37:49.0714 21060  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:37:49.0749 21060  pla - ok
14:37:49.0802 21060  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:37:49.0812 21060  PlugPlay - ok
14:37:49.0831 21060  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:37:49.0840 21060  PNRPAutoReg - ok
14:37:49.0859 21060  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:37:49.0862 21060  PNRPsvc - ok
14:37:49.0897 21060  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:37:49.0904 21060  PolicyAgent - ok
14:37:49.0933 21060  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:37:49.0938 21060  Power - ok
14:37:49.0968 21060  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:37:49.0972 21060  PptpMiniport - ok
14:37:49.0992 21060  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:37:49.0999 21060  Processor - ok
14:37:50.0044 21060  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:37:50.0050 21060  ProfSvc - ok
14:37:50.0067 21060  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:37:50.0069 21060  ProtectedStorage - ok
14:37:50.0086 21060  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:37:50.0089 21060  Psched - ok
14:37:50.0129 21060  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:37:50.0156 21060  ql2300 - ok
14:37:50.0181 21060  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:37:50.0183 21060  ql40xx - ok
14:37:50.0207 21060  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:37:50.0211 21060  QWAVE - ok
14:37:50.0230 21060  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:37:50.0233 21060  QWAVEdrv - ok
14:37:50.0244 21060  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:37:50.0246 21060  RasAcd - ok
14:37:50.0267 21060  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:37:50.0269 21060  RasAgileVpn - ok
14:37:50.0288 21060  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:37:50.0292 21060  RasAuto - ok
14:37:50.0309 21060  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:37:50.0313 21060  Rasl2tp - ok
14:37:50.0339 21060  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:37:50.0347 21060  RasMan - ok
14:37:50.0361 21060  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:37:50.0365 21060  RasPppoe - ok
14:37:50.0379 21060  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:37:50.0383 21060  RasSstp - ok
14:37:50.0412 21060  [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror        C:\Windows\system32\DRIVERS\rcmirror.sys
14:37:50.0413 21060  rcmirror - ok
14:37:50.0434 21060  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:37:50.0442 21060  rdbss - ok
14:37:50.0465 21060  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:37:50.0468 21060  rdpbus - ok
14:37:50.0486 21060  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:37:50.0489 21060  RDPCDD - ok
14:37:50.0502 21060  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:37:50.0504 21060  RDPENCDD - ok
14:37:50.0520 21060  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:37:50.0521 21060  RDPREFMP - ok
14:37:50.0569 21060  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:37:50.0570 21060  RdpVideoMiniport - ok
14:37:50.0595 21060  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:37:50.0599 21060  RDPWD - ok
14:37:50.0619 21060  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:37:50.0623 21060  rdyboost - ok
14:37:50.0647 21060  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:37:50.0650 21060  RemoteAccess - ok
14:37:50.0681 21060  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:37:50.0685 21060  RemoteRegistry - ok
14:37:50.0741 21060  [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
14:37:50.0747 21060  RoxioNow Service - ok
14:37:50.0753 21060  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:37:50.0757 21060  RpcEptMapper - ok
14:37:50.0779 21060  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:37:50.0782 21060  RpcLocator - ok
14:37:50.0801 21060  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:37:50.0807 21060  RpcSs - ok
14:37:50.0815 21060  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:37:50.0818 21060  rspndr - ok
14:37:50.0853 21060  [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:37:50.0858 21060  RTL8167 - ok
14:37:50.0867 21060  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:37:50.0868 21060  SamSs - ok
14:37:50.0889 21060  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:37:50.0892 21060  sbp2port - ok
14:37:50.0907 21060  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:37:50.0914 21060  SCardSvr - ok
14:37:50.0928 21060  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:37:50.0930 21060  scfilter - ok
14:37:50.0959 21060  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:37:50.0985 21060  Schedule - ok
14:37:51.0010 21060  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:37:51.0011 21060  SCPolicySvc - ok
14:37:51.0063 21060  [ ED9C5CF6CC611EC8AC4A77C3F58F0601 ] ScsiAccess      C:\Windows\SysWOW64\ScsiAccess.EXE
14:37:51.0068 21060  ScsiAccess - ok
14:37:51.0085 21060  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:37:51.0095 21060  SDRSVC - ok
14:37:51.0118 21060  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:37:51.0120 21060  secdrv - ok
14:37:51.0130 21060  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:37:51.0133 21060  seclogon - ok
14:37:51.0148 21060  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:37:51.0152 21060  SENS - ok
14:37:51.0164 21060  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:37:51.0169 21060  SensrSvc - ok
14:37:51.0187 21060  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:37:51.0190 21060  Serenum - ok
14:37:51.0207 21060  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
14:37:51.0214 21060  Serial - ok
14:37:51.0240 21060  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:37:51.0244 21060  sermouse - ok
14:37:51.0270 21060  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:37:51.0280 21060  SessionEnv - ok
14:37:51.0311 21060  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:37:51.0313 21060  sffdisk - ok
14:37:51.0329 21060  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:37:51.0331 21060  sffp_mmc - ok
14:37:51.0348 21060  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:37:51.0352 21060  sffp_sd - ok
14:37:51.0363 21060  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:37:51.0365 21060  sfloppy - ok
14:37:51.0393 21060  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:37:51.0398 21060  SharedAccess - ok
14:37:51.0431 21060  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:37:51.0437 21060  ShellHWDetection - ok
14:37:51.0458 21060  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:37:51.0461 21060  SiSRaid2 - ok
14:37:51.0472 21060  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:37:51.0475 21060  SiSRaid4 - ok
14:37:51.0489 21060  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:37:51.0492 21060  Smb - ok
14:37:51.0514 21060  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:37:51.0517 21060  SNMPTRAP - ok
14:37:51.0525 21060  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:37:51.0528 21060  spldr - ok
14:37:51.0572 21060  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:37:51.0579 21060  Spooler - ok
14:37:51.0640 21060  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:37:51.0709 21060  sppsvc - ok
14:37:51.0746 21060  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:37:51.0752 21060  sppuinotify - ok
14:37:51.0823 21060  [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP           C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
14:37:51.0834 21060  SRTSP - ok
14:37:51.0846 21060  [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX          C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
14:37:51.0847 21060  SRTSPX - ok
14:37:51.0922 21060  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:37:51.0927 21060  srv - ok
14:37:51.0950 21060  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:37:51.0954 21060  srv2 - ok
14:37:51.0964 21060  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:37:51.0967 21060  srvnet - ok
14:37:51.0995 21060  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:37:52.0000 21060  SSDPSRV - ok
14:37:52.0014 21060  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:37:52.0017 21060  SstpSvc - ok
14:37:52.0031 21060  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:37:52.0032 21060  stexstor - ok
14:37:52.0061 21060  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:37:52.0069 21060  stisvc - ok
14:37:52.0084 21060  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:37:52.0086 21060  swenum - ok
14:37:52.0102 21060  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:37:52.0109 21060  swprv - ok
14:37:52.0127 21060  [ 6160145C7A87FC7672E8E3B886888176 ] SymDS           C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
14:37:52.0133 21060  SymDS - ok
14:37:52.0169 21060  [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA          C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
14:37:52.0180 21060  SymEFA - ok
14:37:52.0192 21060  [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:37:52.0207 21060  SymEvent - ok
14:37:52.0219 21060  [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON         C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
14:37:52.0227 21060  SymIRON - ok
14:37:52.0242 21060  [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS         C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
14:37:52.0248 21060  SymNetS - ok
14:37:52.0286 21060  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:37:52.0312 21060  SysMain - ok
14:37:52.0333 21060  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:37:52.0336 21060  TabletInputService - ok
14:37:52.0355 21060  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:37:52.0361 21060  TapiSrv - ok
14:37:52.0376 21060  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:37:52.0380 21060  TBS - ok
14:37:52.0440 21060  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:37:52.0474 21060  Tcpip - ok
14:37:52.0523 21060  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:37:52.0546 21060  TCPIP6 - ok
14:37:52.0578 21060  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:37:52.0581 21060  tcpipreg - ok
14:37:52.0604 21060  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:37:52.0606 21060  TDPIPE - ok
14:37:52.0640 21060  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:37:52.0642 21060  TDTCP - ok
14:37:52.0659 21060  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:37:52.0661 21060  tdx - ok
14:37:52.0666 21060  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:37:52.0669 21060  TermDD - ok
14:37:52.0697 21060  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:37:52.0706 21060  TermService - ok
14:37:52.0720 21060  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:37:52.0725 21060  Themes - ok
14:37:52.0750 21060  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:37:52.0752 21060  THREADORDER - ok
14:37:52.0763 21060  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:37:52.0766 21060  TrkWks - ok
14:37:52.0810 21060  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:37:52.0813 21060  TrustedInstaller - ok
14:37:52.0830 21060  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:37:52.0831 21060  tssecsrv - ok
14:37:52.0863 21060  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:37:52.0865 21060  TsUsbFlt - ok
14:37:52.0892 21060  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:37:52.0893 21060  TsUsbGD - ok
14:37:52.0909 21060  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:37:52.0911 21060  tunnel - ok
14:37:52.0931 21060  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:37:52.0933 21060  uagp35 - ok
14:37:52.0950 21060  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:37:52.0954 21060  udfs - ok
14:37:52.0977 21060  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:37:52.0980 21060  UI0Detect - ok
14:37:53.0002 21060  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:37:53.0004 21060  uliagpkx - ok
14:37:53.0015 21060  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:37:53.0018 21060  umbus - ok
14:37:53.0029 21060  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:37:53.0031 21060  UmPass - ok
14:37:53.0045 21060  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:37:53.0052 21060  upnphost - ok
14:37:53.0087 21060  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:37:53.0088 21060  USBAAPL64 - ok
14:37:53.0114 21060  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:37:53.0116 21060  usbccgp - ok
14:37:53.0140 21060  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:37:53.0142 21060  usbcir - ok
14:37:53.0156 21060  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:37:53.0159 21060  usbehci - ok
14:37:53.0191 21060  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:37:53.0208 21060  usbhub - ok
14:37:53.0239 21060  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:37:53.0245 21060  usbohci - ok
14:37:53.0304 21060  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:37:53.0305 21060  usbprint - ok
14:37:53.0346 21060  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:37:53.0348 21060  usbscan - ok
14:37:53.0356 21060  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:37:53.0358 21060  USBSTOR - ok
14:37:53.0370 21060  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:37:53.0372 21060  usbuhci - ok
14:37:53.0382 21060  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:37:53.0385 21060  UxSms - ok
14:37:53.0397 21060  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:37:53.0400 21060  VaultSvc - ok
14:37:53.0413 21060  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:37:53.0415 21060  vdrvroot - ok
14:37:53.0440 21060  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:37:53.0448 21060  vds - ok
14:37:53.0468 21060  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:37:53.0470 21060  vga - ok
14:37:53.0486 21060  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:37:53.0487 21060  VgaSave - ok
14:37:53.0509 21060  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:37:53.0512 21060  vhdmp - ok
14:37:53.0526 21060  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:37:53.0528 21060  viaide - ok
14:37:53.0544 21060  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:37:53.0546 21060  volmgr - ok
14:37:53.0565 21060  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:37:53.0571 21060  volmgrx - ok
14:37:53.0585 21060  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:37:53.0590 21060  volsnap - ok
14:37:53.0610 21060  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:37:53.0613 21060  vsmraid - ok
14:37:53.0652 21060  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:37:53.0679 21060  VSS - ok
14:37:53.0717 21060  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:37:53.0719 21060  vwifibus - ok
14:37:53.0735 21060  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:37:53.0741 21060  W32Time - ok
14:37:53.0759 21060  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:37:53.0760 21060  WacomPen - ok
14:37:53.0776 21060  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:37:53.0778 21060  WANARP - ok
14:37:53.0782 21060  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:37:53.0784 21060  Wanarpv6 - ok
14:37:53.0841 21060  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:37:53.0867 21060  WatAdminSvc - ok
14:37:53.0898 21060  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:37:53.0924 21060  wbengine - ok
14:37:53.0936 21060  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:37:53.0940 21060  WbioSrvc - ok
14:37:53.0958 21060  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:37:53.0962 21060  wcncsvc - ok
14:37:53.0981 21060  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:37:53.0984 21060  WcsPlugInService - ok
14:37:53.0995 21060  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:37:53.0997 21060  Wd - ok
14:37:54.0041 21060  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:37:54.0049 21060  Wdf01000 - ok
14:37:54.0065 21060  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:37:54.0068 21060  WdiServiceHost - ok
14:37:54.0072 21060  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:37:54.0074 21060  WdiSystemHost - ok
14:37:54.0096 21060  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:37:54.0103 21060  WebClient - ok
14:37:54.0119 21060  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:37:54.0123 21060  Wecsvc - ok
14:37:54.0145 21060  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:37:54.0148 21060  wercplsupport - ok
14:37:54.0175 21060  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:37:54.0177 21060  WerSvc - ok
14:37:54.0189 21060  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:37:54.0191 21060  WfpLwf - ok
14:37:54.0206 21060  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:37:54.0208 21060  WIMMount - ok
14:37:54.0223 21060  WinDefend - ok
14:37:54.0237 21060  WinHttpAutoProxySvc - ok
14:37:54.0294 21060  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:37:54.0300 21060  Winmgmt - ok
14:37:54.0357 21060  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:37:54.0413 21060  WinRM - ok
14:37:54.0461 21060  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:37:54.0463 21060  WinUsb - ok
14:37:54.0503 21060  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:37:54.0515 21060  Wlansvc - ok
14:37:54.0559 21060  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:37:54.0561 21060  wlcrasvc - ok
14:37:54.0649 21060  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:37:54.0683 21060  wlidsvc - ok
14:37:54.0693 21060  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:37:54.0694 21060  WmiAcpi - ok
14:37:54.0729 21060  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:37:54.0733 21060  wmiApSrv - ok
14:37:54.0748 21060  WMPNetworkSvc - ok
14:37:54.0763 21060  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:37:54.0767 21060  WPCSvc - ok
14:37:54.0783 21060  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:37:54.0787 21060  WPDBusEnum - ok
14:37:54.0801 21060  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:37:54.0802 21060  ws2ifsl - ok
14:37:54.0817 21060  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:37:54.0820 21060  wscsvc - ok
14:37:54.0825 21060  WSearch - ok
14:37:54.0899 21060  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:37:54.0944 21060  wuauserv - ok
14:37:54.0986 21060  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:37:54.0989 21060  WudfPf - ok
14:37:55.0006 21060  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:37:55.0009 21060  WUDFRd - ok
14:37:55.0022 21060  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:37:55.0026 21060  wudfsvc - ok
14:37:55.0060 21060  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:37:55.0068 21060  WwanSvc - ok
14:37:55.0073 21060  ================ Scan global ===============================
14:37:55.0087 21060  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:37:55.0125 21060  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:37:55.0136 21060  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:37:55.0161 21060  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:37:55.0197 21060  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:37:55.0203 21060  [Global] - ok
14:37:55.0203 21060  ================ Scan MBR ==================================
14:37:55.0218 21060  [ F9D1837CB71229F7023CC66BBFD8101F ] \Device\Harddisk0\DR0
14:37:55.0436 21060  \Device\Harddisk0\DR0 - ok
14:37:55.0439 21060  ================ Scan VBR ==================================
14:37:55.0466 21060  [ 1560974E4A7E9572DD6B32C2894D57DD ] \Device\Harddisk0\DR0\Partition1
14:37:55.0468 21060  \Device\Harddisk0\DR0\Partition1 - ok
14:37:55.0473 21060  [ BCA601DEF04874F0C4E062DE50085072 ] \Device\Harddisk0\DR0\Partition2
14:37:55.0475 21060  \Device\Harddisk0\DR0\Partition2 - ok
14:37:55.0503 21060  [ E7B594CEC3F957A87C77875CFA43F1F2 ] \Device\Harddisk0\DR0\Partition3
14:37:55.0505 21060  \Device\Harddisk0\DR0\Partition3 - ok
14:37:55.0505 21060  ============================================================
14:37:55.0505 21060  Scan finished
14:37:55.0505 21060  ============================================================
14:37:55.0523 9608  Detected object count: 0
14:37:55.0523 9608  Actual detected object count: 0

Edited by sgm67, 26 July 2013 - 01:46 PM.


#5 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 26 July 2013 - 01:45 PM

Rerun MBAM and this time -> No action taken. ==> Quarantine the infected files. 

 

Then proceed with Eset. (Don't worry, if you have already continued no a problem at all)


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#6 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 26 July 2013 - 02:18 PM

I've still got the first mbam open, should I close it before removing the malicious software?  Eset is running now.



#7 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 26 July 2013 - 02:37 PM

If Eset is running, let Eset run and close MBAM. Then after Eset is done, then do again the scan with MBAM and then remove the malicious software.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#8 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 26 July 2013 - 07:21 PM

Eset has been running FOREVER (5+ hours) and is only at 46%.  Is something wrong?! I just realized that I should have disabled MSE etc and have done that now, but am afraid to start Eset over!



#9 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 27 July 2013 - 02:25 AM

Eset can take a long time, 5 hours is not really long. Just let it continue, if it's running longer then 24 hours, then, there is something not right. It depends from the hard drive capacity. 


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#10 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 27 July 2013 - 06:05 AM

I ended up starting over and leaving it overnight. It's been running 9 + hours.  Still at 46% but has searched WAY more files.



#11 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 27 July 2013 - 06:09 AM

If it's stuck at something, terminate the scan. We'll change our tack tick. 


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 27 July 2013 - 06:12 AM

:step1: Download Emsisoft Emergency Kit

  • Open EmsisoftEmergencyKit by  double-click Start.exe.
  • A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
  • When asked to run an online update, click Yes.
  • When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
  • Select the Deep Scan option and click the SCAN button.
  • When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
  • Copy/paste the report contents in your next reply

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#13 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 27 July 2013 - 06:40 AM

This one seems stuck too!  Sailed though 300000 objects and has now stopped! :(



#14 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:53 PM

Posted 27 July 2013 - 07:52 AM

:step1:  Reboot the computer to safe mode.

 

:step2: Preform same instructions as http://www.bleepingcomputer.com/forums/t/502299/redirects/#entry3114607


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#15 sgm67

sgm67
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Virginia Beach, VA
  • Local time:12:53 PM

Posted 27 July 2013 - 08:21 AM

That didn't work either.  Got stuck at almost the exact same spot.  Should I try a full scan with MSE, or maybe run the TDSDKiller and remove what it finds?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users